Nabble - Debian Security Announce

[SECURITY] [DSA 1945-1] New gforge packages fix denial of service

2009-12-03T04:46:30Z

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1945-1 security@...
http://www.debian.org/security/ Steffen Joeris
December 03, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : gforge
Vulnerability : symlink attack
Problem type : local
Debian-specific: no
CVE ID : CVE-2009-3304

Sylvain Beucler discovered that gforge, a collaborative development
tool, is prone to a symlink attack, which allows local users to perform
a denial of service attack by overwriting arbitrary files.

For the stable distribution (lenny), this problem has been fixed in
version 4.7~rc2-7lenny3.

The oldstable distribution (etch), this problem has been fixed in
version 4.5.14-22etch13.

For the testing distribution (squeeze), this problem will be fixed soon.

For the unstable distribution (sid), this problem has been fixed in
version 4.8.2-1.

We recommend that you upgrade your gforge packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch
- -------------------------------

Debian (oldstable)
- ------------------

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/g/gforge/gforge_4.5.14-22etch13.dsc
Size/MD5 checksum: 953 a170b517b1d68ca0ad53a1b8b03c3317
http://security.debian.org/pool/updates/main/g/gforge/gforge_4.5.14.orig.tar.gz
Size/MD5 checksum: 2161141 e85f82eff84ee073f80a2a52dd32c8a5
http://security.debian.org/pool/updates/main/g/gforge/gforge_4.5.14-22etch13.diff.gz
Size/MD5 checksum: 204328 33081d2f6a0056b31091360db3002a9f

Architecture independent packages:

http://security.debian.org/pool/updates/main/g/gforge/gforge-shell-ldap_4.5.14-22etch13_all.deb
Size/MD5 checksum: 86628 c6b62116a819fa9033335acae8df867d
http://security.debian.org/pool/updates/main/g/gforge/gforge-common_4.5.14-22etch13_all.deb
Size/MD5 checksum: 1012268 78dfb2931853c3f89d233cc9510199f2
http://security.debian.org/pool/updates/main/g/gforge/gforge-db-postgresql_4.5.14-22etch13_all.deb
Size/MD5 checksum: 212786 1bc973b449b07020fbef4519fc8e074e
http://security.debian.org/pool/updates/main/g/gforge/gforge-web-apache_4.5.14-22etch13_all.deb
Size/MD5 checksum: 705446 286aba34673375cb8763765fd241d791
http://security.debian.org/pool/updates/main/g/gforge/gforge-ftp-proftpd_4.5.14-22etch13_all.deb
Size/MD5 checksum: 86344 394f14f010e9de88145cc3251e7e8982
http://security.debian.org/pool/updates/main/g/gforge/gforge_4.5.14-22etch13_all.deb
Size/MD5 checksum: 80562 52133da4596347d8c05e37643a959435
http://security.debian.org/pool/updates/main/g/gforge/gforge-mta-postfix_4.5.14-22etch13_all.deb
Size/MD5 checksum: 88808 72ad3b9f7d9d1f8732551a99b5e74471
http://security.debian.org/pool/updates/main/g/gforge/gforge-mta-courier_4.5.14-22etch13_all.deb
Size/MD5 checksum: 76368 c7ba219bac6560994c07dfb639801c99
http://security.debian.org/pool/updates/main/g/gforge/gforge-mta-exim4_4.5.14-22etch13_all.deb
Size/MD5 checksum: 89414 095ca81a4671193cd5d822e967d36684
http://security.debian.org/pool/updates/main/g/gforge/gforge-shell-postgresql_4.5.14-22etch13_all.deb
Size/MD5 checksum: 87434 8d960c7671eac2a480a43cd948a98d7d
http://security.debian.org/pool/updates/main/g/gforge/gforge-mta-exim_4.5.14-22etch13_all.deb
Size/MD5 checksum: 88904 8d3692ecc555ca40558d50333bf543a9
http://security.debian.org/pool/updates/main/g/gforge/gforge-lists-mailman_4.5.14-22etch13_all.deb
Size/MD5 checksum: 82386 3bc6d055f6eb74edfd23ca8dbfb8fa3e
http://security.debian.org/pool/updates/main/g/gforge/gforge-ldap-openldap_4.5.14-22etch13_all.deb
Size/MD5 checksum: 95738 beee5393efe02def8071a78a3707244c
http://security.debian.org/pool/updates/main/g/gforge/gforge-dns-bind9_4.5.14-22etch13_all.deb
Size/MD5 checksum: 104062 a70e01f8055201519b14718555023abb

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Debian (stable)
- ---------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/g/gforge/gforge_4.7~rc2-7lenny3.diff.gz
Size/MD5 checksum: 106204 cd0b909a3d31bc9a0649a6f16bd54478
http://security.debian.org/pool/updates/main/g/gforge/gforge_4.7~rc2-7lenny3.dsc
Size/MD5 checksum: 1487 24e0ca65d2b17abd34328dd21994dd9a
http://security.debian.org/pool/updates/main/g/gforge/gforge_4.7~rc2.orig.tar.gz
Size/MD5 checksum: 10225404 bd24808ce79363d4c7c529778f6f5324

Architecture independent packages:

http://security.debian.org/pool/updates/main/g/gforge/gforge-plugin-mediawiki_4.7~rc2-7lenny3_all.deb
Size/MD5 checksum: 213590 e252b1c97bda1c020e89c30e5faacac8
http://security.debian.org/pool/updates/main/g/gforge/gforge-dns-bind9_4.7~rc2-7lenny3_all.deb
Size/MD5 checksum: 106960 acdbec4148e84ccfaf6993cbbddf9dd2
http://security.debian.org/pool/updates/main/g/gforge/gforge-mta-courier_4.7~rc2-7lenny3_all.deb
Size/MD5 checksum: 88822 cbc85f52ffca569001a0bb7b0ec8d3dc
http://security.debian.org/pool/updates/main/g/gforge/gforge-shell-postgresql_4.7~rc2-7lenny3_all.deb
Size/MD5 checksum: 95136 452be3de57f17866b0de3d3f19c0072f
http://security.debian.org/pool/updates/main/g/gforge/gforge-common_4.7~rc2-7lenny3_all.deb
Size/MD5 checksum: 1112248 25679e24ad18e5a910a8d43808ebac13
http://security.debian.org/pool/updates/main/g/gforge/gforge-db-postgresql_4.7~rc2-7lenny3_all.deb
Size/MD5 checksum: 231056 3523089618564cec5703a4f8bf8eaa6e
http://security.debian.org/pool/updates/main/g/gforge/gforge-mta-postfix_4.7~rc2-7lenny3_all.deb
Size/MD5 checksum: 101588 30efdc5330cf09bf91afb2fe12c58db3
http://security.debian.org/pool/updates/main/g/gforge/gforge-mta-exim4_4.7~rc2-7lenny3_all.deb
Size/MD5 checksum: 100824 8dcc63a9768d2dd192566dccf3c07a9e
http://security.debian.org/pool/updates/main/g/gforge/gforge-web-apache_4.7~rc2-7lenny3_all.deb
Size/MD5 checksum: 88550 b62b84da2aff9e56860667ce193f3351
http://security.debian.org/pool/updates/main/g/gforge/gforge-plugin-scmsvn_4.7~rc2-7lenny3_all.deb
Size/MD5 checksum: 122072 bdd9b60445fdf1e1af9a943d9250af7b
http://security.debian.org/pool/updates/main/g/gforge/gforge-web-apache2_4.7~rc2-7lenny3_all.deb
Size/MD5 checksum: 1397376 6bd8964fea18f429267972ee471d8d06
http://security.debian.org/pool/updates/main/g/gforge/gforge_4.7~rc2-7lenny3_all.deb
Size/MD5 checksum: 92884 9c1029863905773f982f524d5394b934
http://security.debian.org/pool/updates/main/g/gforge/gforge-lists-mailman_4.7~rc2-7lenny3_all.deb
Size/MD5 checksum: 94654 dfb3d71e7ebdee27ec7bcf8a536477c4
http://security.debian.org/pool/updates/main/g/gforge/gforge-ftp-proftpd_4.7~rc2-7lenny3_all.deb
Size/MD5 checksum: 97388 aee4295339ef21d98e8f067ab6625aea
http://security.debian.org/pool/updates/main/g/gforge/gforge-plugin-scmcvs_4.7~rc2-7lenny3_all.deb
Size/MD5 checksum: 129550 65f1fd24bda024f8ff2e4d87ca68c605

These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@...
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAksXspEACgkQ62zWxYk/rQe+LwCffe3DoBLTw8TwKNSPw6fDwkHS
bG0An2CcZ9u3QpF2GdYUEoDglrh2WVSQ
=F3JX
-----END PGP SIGNATURE-----

--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@...
with a subject of "unsubscribe". Trouble? Contact listmaster@...

[SECURITY] [DSA 1944-1] New request-tracker packages fix session hijack vulnerability

2009-12-03T03:04:51Z

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1944-1 security@...
http://www.debian.org/security/ Steffen Joeris
December 03, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : request-tracker3.4/request-tracker3.6
Vulnerability : session hijack
Problem type : remote
Debian-specific: no
CVE Id : CVE-2009-3585

Mikal Gule discovered that request-tracker, an extensible trouble-ticket
tracking system, is prone to an attack, where an attacker with access
to the same domain can hijack a user's RT session.

For the stable distribution (lenny), this problem has been fixed in
version 3.6.7-5+lenny3.

For the oldstable distribution (etch), this problem has been fixed in
version 3.6.1-4+etch1 of request-tracker3.6 and version 3.4.5-2+etch1
of request-tracker3.4.

For the testing distribution (squeeze), this problem will be fixed soon.

For the unstable distribution (sid), this problem has been fixed in
version 3.6.9-2.

We recommend that you upgrade your request-tracker packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch
- -------------------------------

Debian (oldstable)
- ------------------

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/r/request-tracker3.4/request-tracker3.4_3.4.5-2+etch1.diff.gz
Size/MD5 checksum: 24450 41891b8a012e671b706facdf4ece3402
http://security.debian.org/pool/updates/main/r/request-tracker3.6/request-tracker3.6_3.6.1-4+etch1.diff.gz
Size/MD5 checksum: 23488 3c3914d16ad3e719cd502e2490561cc0
http://security.debian.org/pool/updates/main/r/request-tracker3.6/request-tracker3.6_3.6.1-4+etch1.dsc
Size/MD5 checksum: 916 c03c1972b5ccab3574f9dfdd3fec0bee
http://security.debian.org/pool/updates/main/r/request-tracker3.4/request-tracker3.4_3.4.5-2+etch1.dsc
Size/MD5 checksum: 876 5a18cf29db217c6fd2265f6923a938cb
http://security.debian.org/pool/updates/main/r/request-tracker3.4/request-tracker3.4_3.4.5.orig.tar.gz
Size/MD5 checksum: 1410154 16c8007cba54669e6c9de95cfc680b2a
http://security.debian.org/pool/updates/main/r/request-tracker3.6/request-tracker3.6_3.6.1.orig.tar.gz
Size/MD5 checksum: 1545708 40c5a828fadaeef9e150255a517d0b17

Architecture independent packages:

http://security.debian.org/pool/updates/main/r/request-tracker3.6/rt3.6-apache2_3.6.1-4+etch1_all.deb
Size/MD5 checksum: 118264 318517b3d5539a84dee1639710048d92
http://security.debian.org/pool/updates/main/r/request-tracker3.6/rt3.6-apache_3.6.1-4+etch1_all.deb
Size/MD5 checksum: 117786 6f3da07edc9499cc282ceed8e71cf26d
http://security.debian.org/pool/updates/main/r/request-tracker3.4/rt3.4-clients_3.4.5-2+etch1_all.deb
Size/MD5 checksum: 120578 e404452bd2f9128255550644b26c72de
http://security.debian.org/pool/updates/main/r/request-tracker3.4/request-tracker3.4_3.4.5-2+etch1_all.deb
Size/MD5 checksum: 1198788 9af1648e53a722155dfd9acaaaf364cd
http://security.debian.org/pool/updates/main/r/request-tracker3.4/rt3.4-apache_3.4.5-2+etch1_all.deb
Size/MD5 checksum: 92002 009fe1090c6142409210f3304f63240d
http://security.debian.org/pool/updates/main/r/request-tracker3.6/request-tracker3.6_3.6.1-4+etch1_all.deb
Size/MD5 checksum: 1315556 9a06544261bd4b7800ae89065d4f4317
http://security.debian.org/pool/updates/main/r/request-tracker3.6/rt3.6-clients_3.6.1-4+etch1_all.deb
Size/MD5 checksum: 146902 8c4a83429ef704025849373a24cf06d5
http://security.debian.org/pool/updates/main/r/request-tracker3.4/rt3.4-apache2_3.4.5-2+etch1_all.deb
Size/MD5 checksum: 92402 2737f376b27e6c3087dd355e5977edb5

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Debian (stable)
- ---------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/r/request-tracker3.6/request-tracker3.6_3.6.7.orig.tar.gz
Size/MD5 checksum: 1764471 46c0b29cd14010ee6a3f181743aeb6ef
http://security.debian.org/pool/updates/main/r/request-tracker3.6/request-tracker3.6_3.6.7-5+lenny3.dsc
Size/MD5 checksum: 1623 b8a904d8fa89cf4ea78fce2d95d95701
http://security.debian.org/pool/updates/main/r/request-tracker3.6/request-tracker3.6_3.6.7-5+lenny3.diff.gz
Size/MD5 checksum: 51485 7b588a81fe9cbaa4bd9ac7d07b76d8f8

Architecture independent packages:

http://security.debian.org/pool/updates/main/r/request-tracker3.6/rt3.6-db-mysql_3.6.7-5+lenny3_all.deb
Size/MD5 checksum: 185574 f71cdd55d18a69d908eea7f35434098c
http://security.debian.org/pool/updates/main/r/request-tracker3.6/rt3.6-db-sqlite_3.6.7-5+lenny3_all.deb
Size/MD5 checksum: 185676 82fe2682e028c113f469117937649636
http://security.debian.org/pool/updates/main/r/request-tracker3.6/rt3.6-apache2_3.6.7-5+lenny3_all.deb
Size/MD5 checksum: 187274 15328ffc1f76bd4e864c9c0faf4a4724
http://security.debian.org/pool/updates/main/r/request-tracker3.6/rt3.6-db-postgresql_3.6.7-5+lenny3_all.deb
Size/MD5 checksum: 185576 6c40b8a471370911da6e12cdc6b85727
http://security.debian.org/pool/updates/main/r/request-tracker3.6/request-tracker3.6_3.6.7-5+lenny3_all.deb
Size/MD5 checksum: 1540476 9d2cff7aca09a68a7b2707f91a6272ca
http://security.debian.org/pool/updates/main/r/request-tracker3.6/rt3.6-clients_3.6.7-5+lenny3_all.deb
Size/MD5 checksum: 215800 5052e370d018a81b9b786eb539b7cb05

These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@...
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAksXmlIACgkQ62zWxYk/rQe7CwCffi6lD3X3MxWHeaRR4DcBZsnK
ApQAoILoVRZB9DlEMUGfVn8mQv803rrB
=Ywu+
-----END PGP SIGNATURE-----

--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@...
with a subject of "unsubscribe". Trouble? Contact listmaster@...

[SECURITY] [DSA 1943-1] New openldap2.3/openldap packages fix SSL certificate verification weakness

2009-12-02T13:45:40Z

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1943 security@...
http://www.debian.org/security/ Giuseppe Iuculano
December 02, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Packages : openldap openldap2.3
Vulnerability : insufficient input validation
Problem type : remote
Debian-specific: no
Debian bug : 553432
CVE ID : CVE-2009-3767

It was discovered that OpenLDAP, a free implementation of the Lightweight
Directory Access Protocol, when OpenSSL is used, does not properly handle a '\0'
character in a domain name in the subject's Common Name (CN) field of an X.509
certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL
servers via a crafted certificate issued by a legitimate Certification Authority.

For the oldstable distribution (etch), this problem has been fixed in version
2.3.30-5+etch3 for openldap2.3.

For the stable distribution (lenny), this problem has been fixed in version
2.4.11-1+lenny1 for openldap.

For the testing distribution (squeeze), and the unstable distribution (sid),
this problem has been fixed in version 2.4.17-2.1 for openldap.

We recommend that you upgrade your openldap2.3/openldap packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch
- -------------------------------

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips,
mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/o/openldap2.3/openldap2.3_2.3.30.orig.tar.gz
Size/MD5 checksum: 2971126 c40bcc23fa65908b8d7a86a4a6061251

http://security.debian.org/pool/updates/main/o/openldap2.3/openldap2.3_2.3.30-5+etch3.dsc
Size/MD5 checksum: 1214 36efc1cf2a98c54d4b1da0910e273843

http://security.debian.org/pool/updates/main/o/openldap2.3/openldap2.3_2.3.30-5+etch3.diff.gz
Size/MD5 checksum: 315058 310ce752b78ff3227d78dcd8c1bd60a5

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_alpha.deb
Size/MD5 checksum: 293108 2172048d5f8b8b7f379b3414fc5c2e37

http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_alpha.deb
Size/MD5 checksum: 1280772 ab65f162a40607c1787f9b03783a7563

http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_alpha.deb
Size/MD5 checksum: 193768 602a6da790648dd8b0af7d9f386b5c6e

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_amd64.deb
Size/MD5 checksum: 285554 42480b47018eb1d70b9e62d05b925a5b

http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_amd64.deb
Size/MD5 checksum: 1244570 b88256f8259516b09c51f166ff6b4aea

http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_amd64.deb
Size/MD5 checksum: 184652 716cc53985a031d1fe03fede778d6ae5

arm architecture (ARM)

http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_arm.deb
Size/MD5 checksum: 1190314 8686c6a9a9240e6113f92c8bb20d7e1a

http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_arm.deb
Size/MD5 checksum: 254828 49d9c9a250fb4a5a828de5791ee92380

http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_arm.deb
Size/MD5 checksum: 155876 bb45d3104fe4b9811fdb3063da42d3b1

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_hppa.deb
Size/MD5 checksum: 1307146 698d7416e4cc544522ce2e25ac9c0fce

http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_hppa.deb
Size/MD5 checksum: 292798 eb9d6d19560a1153cc58ccae3f354a4e

http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_hppa.deb
Size/MD5 checksum: 182568 caade74265ee9d7b8ac77c844c23b413

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_i386.deb
Size/MD5 checksum: 1177552 f3ccf11b82474593af5e30a272f9edb9

http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_i386.deb
Size/MD5 checksum: 148744 168e58797e74f9b3b6d3c337b6369ca7

http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_i386.deb
Size/MD5 checksum: 266538 3be52b8402d06913624a3e808be58ecb

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_ia64.deb
Size/MD5 checksum: 239248 78d1537b3a106824ff5d076e828a0312

http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_ia64.deb
Size/MD5 checksum: 379904 dbc96e1a44dce4bb5f79b9c043823293

http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_ia64.deb
Size/MD5 checksum: 1660854 fcc2873ffd50e45c956d9bcc81d83c51

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_mips.deb
Size/MD5 checksum: 258210 298f5a83a1efd8c035644fd58df21f2c

http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_mips.deb
Size/MD5 checksum: 185598 b6c67ee072f2de03820e7ce11edb39c3

http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_mips.deb
Size/MD5 checksum: 1205768 3f312958af5ea129384513e5fab72208

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_mipsel.deb
Size/MD5 checksum: 258852 d7ba57787989e3fb5035fce34b04965d

http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_mipsel.deb
Size/MD5 checksum: 187100 46910e3923926ac060c13a7a53f8cac4

http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_mipsel.deb
Size/MD5 checksum: 1188878 5698884b42d7206c2b0c134602861354

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_powerpc.deb
Size/MD5 checksum: 188914 e03855167b8e13bdb72e47baa9644f86

http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_powerpc.deb
Size/MD5 checksum: 272378 f5741b7ac8f4172e7481f5c2e699231b

http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_powerpc.deb
Size/MD5 checksum: 1243754 2a8b933e956e5ac4bc29028688bb09ec

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_s390.deb
Size/MD5 checksum: 291822 6b47ac5b7fbc269c1973c494d5dadbc2

http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_s390.deb
Size/MD5 checksum: 168716 f72b023d98d61565c624f7acbf953baf

http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_s390.deb
Size/MD5 checksum: 1241532 0167eb506b063de5435181f40c6cf809

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_sparc.deb
Size/MD5 checksum: 1177712 770a58d0c60ad11e5ca4cf25159fe2c7

http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_sparc.deb
Size/MD5 checksum: 153682 d8bf20f2a94456451d4ea29d3237d280

http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_sparc.deb
Size/MD5 checksum: 258560 4bfd77d56852608813f158ecfd91b42b

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64,
mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/o/openldap/openldap_2.4.11-1+lenny1.diff.gz
Size/MD5 checksum: 148075 024b717169f42734ee5650ebe2978631

http://security.debian.org/pool/updates/main/o/openldap/openldap_2.4.11-1+lenny1.dsc
Size/MD5 checksum: 1831 ca4cb86b4847a59f95275ff2f4d0e173

http://security.debian.org/pool/updates/main/o/openldap/openldap_2.4.11.orig.tar.gz
Size/MD5 checksum: 4193523 d4e8669e2c9b8d981e371e97e3cf92d9

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny1_alpha.deb
Size/MD5 checksum: 3624752 5b4e467360ecd8cc897b03b5aca57dad

http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny1_alpha.deb
Size/MD5 checksum: 205526 3b083869976ab4d8d8df69d27fe9480e

http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny1_alpha.deb
Size/MD5 checksum: 280526 4ed333757fef7e98d89c5edda6589b04

http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny1_alpha.deb
Size/MD5 checksum: 1537448 98d6aeab748560a491e0b526d930fc0c

http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny1_alpha.deb
Size/MD5 checksum: 1013148 cc656603f7ae0eacc2b3c22dd1fae967

http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny1_alpha.deb
Size/MD5 checksum: 285128 e526e547a4af2c13bf3ae90dfdf023a2

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny1_amd64.deb
Size/MD5 checksum: 1493300 31c077d63cc2ff159927939cadb29808

http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny1_amd64.deb
Size/MD5 checksum: 299612 e148216f77a9136adb19acd8df026d6d

http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny1_amd64.deb
Size/MD5 checksum: 267470 f903f46433faa1d2b6b203e50aaed3d8

http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny1_amd64.deb
Size/MD5 checksum: 881074 de337737dd93af0b81bd90e3c6f23377

http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny1_amd64.deb
Size/MD5 checksum: 3664994 8ad4581bd54e1ed7a8f3c1c8bf210c17

http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny1_amd64.deb
Size/MD5 checksum: 204896 c0dba3b62aa14392d29f831d6c87206d

arm architecture (ARM)

http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny1_arm.deb
Size/MD5 checksum: 280140 ccaed923684d35304f50f27fc6b868b3

http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny1_arm.deb
Size/MD5 checksum: 248918 a08cf9fd18ce8806be437c364179c2b3

http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny1_arm.deb
Size/MD5 checksum: 877400 614df898211cc5311a62159f6ee21b93

http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny1_arm.deb
Size/MD5 checksum: 1405962 5e1e62d6f0a5984486fa2eaa478eab38

http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny1_arm.deb
Size/MD5 checksum: 180520 96b5fe5d50b9a1d59eb5ab03489a1b90

http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny1_arm.deb
Size/MD5 checksum: 3572646 a8e804a9e966a57306a9229acd11ff80

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny1_hppa.deb
Size/MD5 checksum: 1533292 8d5c2d83596b10c9d3ee7a4dcb692026

http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny1_hppa.deb
Size/MD5 checksum: 3619256 2ad8452962291b553fadc8bb6398f834

http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny1_hppa.deb
Size/MD5 checksum: 200874 27205d8a86701cb133f7507eeef5e76a

http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny1_hppa.deb
Size/MD5 checksum: 283816 1163f67e39b08c10cf492b24bd526f24

http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny1_hppa.deb
Size/MD5 checksum: 264158 905749f1e385f9d93c2358b05dc42dfb

http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny1_hppa.deb
Size/MD5 checksum: 999386 6a071952604a9c30483fca7f3a3754ec

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny1_i386.deb
Size/MD5 checksum: 189442 879dac84b581979646c49bde9743c630

http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny1_i386.deb
Size/MD5 checksum: 286808 2dcb4f8e5514d9e4d9072b4853da322d

http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny1_i386.deb
Size/MD5 checksum: 892068 449ba5d6037617e4e93dfd6bcb093549

http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny1_i386.deb
Size/MD5 checksum: 3560322 c6a6fbc66944bd05585c1065ab012c93

http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny1_i386.deb
Size/MD5 checksum: 244952 5a5b31ebb9098059e62eb57d209a6846

http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny1_i386.deb
Size/MD5 checksum: 1404266 a3bffb93ec3b0d0d130a6a7e29091a9b

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny1_ia64.deb
Size/MD5 checksum: 3589108 d34afb06a3b21ad7267ef5d31b6ad322

http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny1_ia64.deb
Size/MD5 checksum: 932026 1194a002673f8a73cf382c2333c7882b

http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny1_ia64.deb
Size/MD5 checksum: 352020 e40c570396514fee0c6eee3920be2607

http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny1_ia64.deb
Size/MD5 checksum: 269084 1720388cc8102f33122375034a703a05

http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny1_ia64.deb
Size/MD5 checksum: 259018 658248f4329555e81896800709302575

http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny1_ia64.deb
Size/MD5 checksum: 2006532 6ad20563d8999759f32445576fd69856

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny1_mips.deb
Size/MD5 checksum: 3712752 8d48a2797c1f4e6b5dea203698e4b31c

http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny1_mips.deb
Size/MD5 checksum: 180956 88613b463fcdba79539048ce681d4f5e

http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny1_mips.deb
Size/MD5 checksum: 260240 f6fa5402a6fc03aef4b87735030969c5

http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny1_mips.deb
Size/MD5 checksum: 854756 76ad64ab6fe85c5bfc654266101e024a

http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny1_mips.deb
Size/MD5 checksum: 1394436 4930b2b56c642182c8ccd69d5bc53685

http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny1_mips.deb
Size/MD5 checksum: 302106 3672bab4d2c0c037a1d9c0a61fa16139

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny1_powerpc.deb
Size/MD5 checksum: 3718584 7b120292ce66e7ea85b3ad623da0bb4e

http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny1_powerpc.deb
Size/MD5 checksum: 295146 f131ea5cdbab25c2416ff06f6697bc08

http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny1_powerpc.deb
Size/MD5 checksum: 199248 c683d506deb5fadabea906c9dec36c9f

http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny1_powerpc.deb
Size/MD5 checksum: 1536614 b5c37ae6f72127bdf6910100edeb06e5

http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny1_powerpc.deb
Size/MD5 checksum: 907106 6af4614c092e6ccda8580e6a73cb8728

http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny1_powerpc.deb
Size/MD5 checksum: 284952 b75e2ddab46ddab036ef40b21cec63ee

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny1_sparc.deb
Size/MD5 checksum: 872178 a7739e034d0df26a69e0cb569802d594

http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny1_sparc.deb
Size/MD5 checksum: 249022 334ecf73608e20ec6cff79716cf10fde

http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny1_sparc.deb
Size/MD5 checksum: 1387990 4935db487abd61e04adb3a846ed7aadc

http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny1_sparc.deb
Size/MD5 checksum: 260980 006fdd6b90293fdf1331442ccabde568

http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny1_sparc.deb
Size/MD5 checksum: 182822 73c3edfab6b52e772ed36c990c13f210

http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny1_sparc.deb
Size/MD5 checksum: 3502906 c19b8875ae915cec344bb74a5e462e44

These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@...
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAksW4AQACgkQNxpp46476aqFDwCfZRJ0eCTLZ7Wvra3eWlaVIVsK
mWIAniapjMkolimxTFStHJO6vlEk4Fnj
=WbVZ
-----END PGP SIGNATURE-----

--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@...
with a subject of "unsubscribe". Trouble? Contact listmaster@...

[SECURITY] [DSA 1942-1] New wireshark packages fix several vulnerabilities

2009-11-29T10:47:59Z

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1942-1 security@...
http://www.debian.org/security/ Moritz Muehlenhoff
November 29, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : wireshark
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2009-1268 CVE-2008-1829 CVE-2009-2560 CVE-2009-2562 CVE-2009-3241 CVE-2009-3550 CVE-2009-3829

Several remote vulnerabilities have been discovered in the Wireshark
network traffic analyzer, which may lead to the execution of arbitrary
code or denial of service. The Common Vulnerabilities and Exposures
project identifies the following problems:

CVE-2009-2560

A NULL pointer dereference was found in the RADIUS dissector.

CVE-2009-3550

A NULL pointer dereference was found in the DCERP/NT dissector.

CVE-2009-3829

An integer overflow was discovered in the ERF parser.

This update also includes fixes for three minor issues, which were
scheduled for the next stable point update. (CVE-2008-1829,
CVE-2009-2562, CVE-2009-3241). Also CVE-2009-1268 was fixed for Etch.
Since this security update was issued prior to the release of the
point update, the fixes were included.

For the old stable distribution (etch), this problem has been fixed in
version 0.99.4-5.etch.4.

For the stable distribution (lenny), this problem has been fixed in
version 1.0.2-3+lenny7.

For the unstable distribution (sid) these problems have been fixed in
version 1.2.3-1.

We recommend that you upgrade your Wireshark packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch
- -------------------------------

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4.orig.tar.gz
Size/MD5 checksum: 13306790 2556a31d0d770dd1990bd67b98bd2f9b
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.4.dsc
Size/MD5 checksum: 1075 2ff729c1b7aae033dd3e79fb29a63d68
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.4.diff.gz
Size/MD5 checksum: 55126 25d98bc41c567ebc537f05ce2b36aa31

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.4_alpha.deb
Size/MD5 checksum: 22916 9264867811ed85406dc802359dffe812
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.4_alpha.deb
Size/MD5 checksum: 182750 844f036a9ea0914ad12d4c98ed12b3ed
http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.4_alpha.deb
Size/MD5 checksum: 22552 6c949e6c7a92734b9887096ff78bed52
http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.4_alpha.deb
Size/MD5 checksum: 117444 643a41c38a8438d451cb1c38148f7ebb
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.4_alpha.deb
Size/MD5 checksum: 9320680 b3421e4559d56c59818f449f050e81eb
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.4_alpha.deb
Size/MD5 checksum: 673918 f958912a6d20834c00cb11ae11fc7e61
http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.4_alpha.deb
Size/MD5 checksum: 22572 cfc4c2a166b66d11323ba7005a9ec458
http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.4_alpha.deb
Size/MD5 checksum: 22564 9068787bffebdbaddd82dc9f1a351a11

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.4_amd64.deb
Size/MD5 checksum: 619974 36ff84eb0469a0fc58fa4d74a4dc2d94
http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.4_amd64.deb
Size/MD5 checksum: 112510 210d916bf2fd3e62ee786038d0baf8e0
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.4_amd64.deb
Size/MD5 checksum: 9120186 27328e93c02088bf3651ff91478ffdb0
http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.4_amd64.deb
Size/MD5 checksum: 22596 bb66aced30828d44a7391d34a79c47de
http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.4_amd64.deb
Size/MD5 checksum: 22972 80ee26e1a6c2bdaa6b59c6fc7f523788
http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.4_amd64.deb
Size/MD5 checksum: 22580 24fbe526a3b1f89270ac7487dd1a2449
http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.4_amd64.deb
Size/MD5 checksum: 22588 cc4698a2e130908886800a44fee7a430
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.4_amd64.deb
Size/MD5 checksum: 181778 aeb3324cb404333d00d073ae5626c85b

arm architecture (ARM)

http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.4_arm.deb
Size/MD5 checksum: 21906 63ad883dd41145fbe730954c9e853388
http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.4_arm.deb
Size/MD5 checksum: 21894 4b84544460f1fb35ea30b6a14c669ef4
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.4_arm.deb
Size/MD5 checksum: 182202 6fb71186a9da6540c1d85630ab24cd1c
http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.4_arm.deb
Size/MD5 checksum: 107214 a5e3093fef0133b17f538b65b8d87342
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.4_arm.deb
Size/MD5 checksum: 7737436 9b38f9f70345db66a4cd251c78584074
http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.4_arm.deb
Size/MD5 checksum: 22170 592174ccf980e88b00bfeb0bc6fadff8
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.4_arm.deb
Size/MD5 checksum: 600704 96858438e740b509da8701ebc4dd56b8
http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.4_arm.deb
Size/MD5 checksum: 21908 a283e65475356d9e945da09890b0427a

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.4_hppa.deb
Size/MD5 checksum: 109752 78730ace71c084bf3e65e5c968485687
http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.4_hppa.deb
Size/MD5 checksum: 22576 ee65584380fe41b4eff538d1261971c3
http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.4_hppa.deb
Size/MD5 checksum: 22950 a44e59b3879ae0a71bcd300c53786bf5
http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.4_hppa.deb
Size/MD5 checksum: 22572 806d4541a0a6fedc98708a98b3150c2a
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.4_hppa.deb
Size/MD5 checksum: 182156 049ea6eb94efd5a3dfa5ae9dc30614b1
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.4_hppa.deb
Size/MD5 checksum: 635026 71adda51739be4aaaa22eb3d851877e9
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.4_hppa.deb
Size/MD5 checksum: 9854940 40cd33e4cff6e4150c0f1a455356efde
http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.4_hppa.deb
Size/MD5 checksum: 22584 9785e5fa7e4560488ad8ae0dc9ca30e9

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.4_i386.deb
Size/MD5 checksum: 21900 7ac4f600c97bf045debdd6d3beb17c63
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.4_i386.deb
Size/MD5 checksum: 181616 4ba5807945434988b11614e5c51fcad4
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.4_i386.deb
Size/MD5 checksum: 565182 34dd0aa961fbe70b0ed0d09a811a70b4
http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.4_i386.deb
Size/MD5 checksum: 21894 99830ad6fc6c8e6009e68e6fc1122500
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.4_i386.deb
Size/MD5 checksum: 7499524 4d49ade6925540936649c9272fb4389d
http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.4_i386.deb
Size/MD5 checksum: 22166 2cf78a9cfbe7e5571adead12aa9042e2
http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.4_i386.deb
Size/MD5 checksum: 102254 cd10b44ecca11449e9e04dd183eefd3f
http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.4_i386.deb
Size/MD5 checksum: 21906 0b31fd8f824915bcad7b5d91a98367a0

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.4_ia64.deb
Size/MD5 checksum: 22566 0aa3c204facfbf284f11871187a0eb7c
http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.4_ia64.deb
Size/MD5 checksum: 22910 38378c14e8cdc6c24ed656352b21a34d
http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.4_ia64.deb
Size/MD5 checksum: 145810 d3e7be3aaaa760ba81c05eacbf4aa44b
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.4_ia64.deb
Size/MD5 checksum: 10648322 7c47fad99b8b9fa55327825ee9cc447f
http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.4_ia64.deb
Size/MD5 checksum: 22560 9f24c28d59dc3f0f5e896333d3d9bdf4
http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.4_ia64.deb
Size/MD5 checksum: 22552 60aad869b41bbf52d287fcab648457bc
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.4_ia64.deb
Size/MD5 checksum: 827672 0bf989273e3b5a6044dc5cae5771859f
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.4_ia64.deb
Size/MD5 checksum: 182720 5fc96026980d5348dda2a52d107c54b6

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.4_mips.deb
Size/MD5 checksum: 22160 d8290ac7830ef34ec4b7c0dc0c6d736d
http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.4_mips.deb
Size/MD5 checksum: 104886 3c9ef63521f5487537c003fd414caa1e
http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.4_mips.deb
Size/MD5 checksum: 21900 5e0d86e61c76e2c5e8757b018a422784
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.4_mips.deb
Size/MD5 checksum: 588894 dbe0163151865a2ebc0de7dc15115cb4
http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.4_mips.deb
Size/MD5 checksum: 21904 c60608c00b86e6a9179f336f4d7c298b
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.4_mips.deb
Size/MD5 checksum: 181616 2a34792935505310fa697872ea18ce23
http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.4_mips.deb
Size/MD5 checksum: 21890 86d703936559a664f9fecf9b874cc7be
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.4_mips.deb
Size/MD5 checksum: 8017732 42c7bbc57b980cafa4684927159545bd

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.4_mipsel.deb
Size/MD5 checksum: 7405334 a65008d2ff4d5ad004870805554bc3e7
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.4_mipsel.deb
Size/MD5 checksum: 575950 a24c28544c0a7c90c91567fbe1cc1ebd
http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.4_mipsel.deb
Size/MD5 checksum: 104576 b32a2cbcdf02d4cc48c7ebec6c6630b3
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.4_mipsel.deb
Size/MD5 checksum: 182756 cb2276effe227636a7f0261b34d50642
http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.4_mipsel.deb
Size/MD5 checksum: 22572 50a34025145b9c68619536836137bbb3
http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.4_mipsel.deb
Size/MD5 checksum: 22564 a6bf0c153e84a88219f4ea41a420886b
http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.4_mipsel.deb
Size/MD5 checksum: 22910 ffccf61f6478f35c91ffe9573f9efb25
http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.4_mipsel.deb
Size/MD5 checksum: 22556 e854c72d464872867e22681111fd3229

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.4_powerpc.deb
Size/MD5 checksum: 182764 d6e8d0457c6680fb71e53d012593532e
http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.4_powerpc.deb
Size/MD5 checksum: 22562 ee928728d4aeeecf45ff03b3ffbe66db
http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.4_powerpc.deb
Size/MD5 checksum: 104318 62b6fdb42fc8b828feaebe68b94d10d8
http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.4_powerpc.deb
Size/MD5 checksum: 22578 499505e0c67287e9e4bddd2c520f911c
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.4_powerpc.deb
Size/MD5 checksum: 8603008 0734d75f6c5edaaaa6ab90cdca36f4b9
http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.4_powerpc.deb
Size/MD5 checksum: 22920 90f46d5c142354d40d0d5e134e07bc2b
http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.4_powerpc.deb
Size/MD5 checksum: 22572 3577d9aca2b8372a04483b2b881a4290
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.4_powerpc.deb
Size/MD5 checksum: 583630 7c027623b17eed73130d0c851239a3b6

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.4_s390.deb
Size/MD5 checksum: 22914 bd4eebd01f47b771d46feb10cd370e68
http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.4_s390.deb
Size/MD5 checksum: 22574 ae0f0e473a8b4d1393d42db4f8c8ce2a
http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.4_s390.deb
Size/MD5 checksum: 115668 0ad97c94342ac14d4acebe5969ef7379
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.4_s390.deb
Size/MD5 checksum: 9752846 f122226986acd89968a30710348205c6
http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.4_s390.deb
Size/MD5 checksum: 22560 079c886952f5258ed59f6d1573890140
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.4_s390.deb
Size/MD5 checksum: 641020 3fd0f64fcaea16198e9533084cd0b567
http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.4_s390.deb
Size/MD5 checksum: 22566 a4db075ff6f6877289c6333e55a791ab
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.4_s390.deb
Size/MD5 checksum: 182782 b1f4a269dd14fab055fed4a60dcb5c12

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.4_sparc.deb
Size/MD5 checksum: 22562 cfbe034d2fb71b9aadf903c8d4a55439
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.4_sparc.deb
Size/MD5 checksum: 586600 a2816359a42e5cb03dc36775a82c7ea3
http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.4_sparc.deb
Size/MD5 checksum: 104180 376bd28f3a920a0ee62927004c09a8d4
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.4_sparc.deb
Size/MD5 checksum: 182148 6c3522ad4e94a8904789cb2ba8e8ece8
http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.4_sparc.deb
Size/MD5 checksum: 22934 4594c2c680b000253f6fa301e7b4e6c6
http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.4_sparc.deb
Size/MD5 checksum: 22570 d7ee740d72ce48b2f5d41e9532308fa7
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.4_sparc.deb
Size/MD5 checksum: 8679472 4815608bf180edcbdc56e08d728a520a
http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.4_sparc.deb
Size/MD5 checksum: 22554 6e0336bf14d034653999ce50fe83c267

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny7.diff.gz
Size/MD5 checksum: 110161 250e28a303aa2313bf9c8c92e938b543
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2.orig.tar.gz
Size/MD5 checksum: 16935492 1834437f7c6dbed02082e7757133047d
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny7.dsc
Size/MD5 checksum: 1502 70bc384e5c51e5b1c05817b5404ec0c6

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny7_alpha.deb
Size/MD5 checksum: 126172 5b2e9b063121cd415647515718aa1f90
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny7_alpha.deb
Size/MD5 checksum: 731338 7691c8c717923ad7f11755393c67ed4b
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny7_alpha.deb
Size/MD5 checksum: 12096806 f7a7e542ab24455fde2d62258e35dfe6
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny7_alpha.deb
Size/MD5 checksum: 583592 2dc280bc416e8a8eba573f10bd9a4c61

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny7_amd64.deb
Size/MD5 checksum: 583890 2dc231341d713172bff1e122b5c1ed53
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny7_amd64.deb
Size/MD5 checksum: 659554 f4d744de8dc70ff988e2c625505545cb
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny7_amd64.deb
Size/MD5 checksum: 119016 f6c6d48c2f7cc0f47d112df9c74302b4
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny7_amd64.deb
Size/MD5 checksum: 11869634 c33d47f0ba58f5b476a3038aa54e10ca

arm architecture (ARM)

http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny7_arm.deb
Size/MD5 checksum: 584248 eda8fbd1f0706d58b7d25ed6f2646e6b
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny7_arm.deb
Size/MD5 checksum: 614108 fd591bbf2469527ea552e0dbbb4eed26
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny7_arm.deb
Size/MD5 checksum: 111024 6800249d87bb21dceb604527ec92b654
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny7_arm.deb
Size/MD5 checksum: 10215708 a33f1fa02617480ed3321d552a5b2e08

armel architecture (ARM EABI)

http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny7_armel.deb
Size/MD5 checksum: 584856 3dd565d67eb4c6e18b21623292c4551f
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny7_armel.deb
Size/MD5 checksum: 619918 06683265eff3c5ca0853a9b3c053af48
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny7_armel.deb
Size/MD5 checksum: 113466 14b53be93f55eb1430a25264361cb87d
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny7_armel.deb
Size/MD5 checksum: 10216784 6c1f84c62053658adcc6c14822f4a64a

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny7_hppa.deb
Size/MD5 checksum: 13271300 55580fd284ab37e4bae7fcc9b1ee4669
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny7_hppa.deb
Size/MD5 checksum: 694714 6cae9b82e13e3c812ea0e3286955a35e
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny7_hppa.deb
Size/MD5 checksum: 584266 7c55dcbb1727e575ed3a99f5e22ba9f2
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny7_hppa.deb
Size/MD5 checksum: 120924 734b01b1cebfa52fac30578a22104902

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny7_i386.deb
Size/MD5 checksum: 10108360 5157ee3d041ccbb2931e13a8551706ff
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny7_i386.deb
Size/MD5 checksum: 582516 2621c64b953d5f87b0f80ba8614637f9
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny7_i386.deb
Size/MD5 checksum: 619208 4a34e3203d08488ac5df37bdfde269a6
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny7_i386.deb
Size/MD5 checksum: 111392 aac2e88f950cbf280786af3449a952f8

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny7_ia64.deb
Size/MD5 checksum: 13688788 0b6e89ff7c538a86479e2cc72e98d048
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny7_ia64.deb
Size/MD5 checksum: 153864 d49889a0de70d2a4ae08397b43e16d59
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny7_ia64.deb
Size/MD5 checksum: 569656 690330248a894259db9caef7d032627a
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny7_ia64.deb
Size/MD5 checksum: 930064 b697cd603d6769efaa24975f41038a87

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny7_mips.deb
Size/MD5 checksum: 112318 4fcb6546e6d121413976df774bcb4e0a
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny7_mips.deb
Size/MD5 checksum: 583750 2bdf2ecef90acdc4cd450aebeba1d8b3
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny7_mips.deb
Size/MD5 checksum: 636448 7bcf284817662a74d8c00bb7b7d3156b
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny7_mips.deb
Size/MD5 checksum: 10417404 cfd63f84d47af76a912b86ef5b58b3d7

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny7_mipsel.deb
Size/MD5 checksum: 569688 d0219a56c1ef0b9bab390cb785670dcf
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny7_mipsel.deb
Size/MD5 checksum: 9730674 4ec33f0b1ab577373d3d65226edd48cb
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny7_mipsel.deb
Size/MD5 checksum: 113170 e17b2b66a26cd2b86b878b1bb6927fb1
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny7_mipsel.deb
Size/MD5 checksum: 626942 938890f711e3cd6f84f504d8874372b9

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny7_powerpc.deb
Size/MD5 checksum: 11227316 dbcd7366171cec00edf706699b91399f
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny7_powerpc.deb
Size/MD5 checksum: 122336 672aedc7957f3ae9f18e5e6ce33da56f
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny7_powerpc.deb
Size/MD5 checksum: 677424 06cdd9eef16be333ccb60b94e3309d16
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny7_powerpc.deb
Size/MD5 checksum: 584610 cc6c9ad46b6e371764cb7193d6a18214

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny7_s390.deb
Size/MD5 checksum: 121886 9f312812e02428d07075d543b99d41ba
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny7_s390.deb
Size/MD5 checksum: 12488896 55d3da11d6a7a5af75d549b08e0dd59f
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny7_s390.deb
Size/MD5 checksum: 671222 331a3c79fd70ea249cab31263686d678
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny7_s390.deb
Size/MD5 checksum: 569648 08e4ba2371daeb6fcf724d7bf85d64be

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny7_sparc.deb
Size/MD5 checksum: 11290100 d57f0c2b031b2721e1298cfe7f4881ff
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny7_sparc.deb
Size/MD5 checksum: 629584 83b68e8b43bdf971116fdafc9fc885a5
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny7_sparc.deb
Size/MD5 checksum: 569692 e006fc660e26f034936184464d2f540b
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny7_sparc.deb
Size/MD5 checksum: 113466 85d3fa0b0e7baf6b1679394cffea5948

These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@...
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAksSwZ0ACgkQXm3vHE4uylowlACg0A+Ht64yIVxPcpnb+zrKvKJy
ye4An0XWpeRT5aX3R3QR8hoxR1rE51vB
=RCnv
-----END PGP SIGNATURE-----

--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@...
with a subject of "unsubscribe". Trouble? Contact listmaster@...

[SECURITY] [DSA 1941-1] New poppler packages fix several vulnerabilities

2009-11-25T14:37:47Z

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1941-1 security@...
http://www.debian.org/security/ Moritz Muehlenhoff
November 25, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : poppler
Vulnerability : several
Problem type : local(remote)
Debian-specific: no
CVE Id(s) : CVE-2009-0755 CVE-2009-3903 CVE-2009-3904 CVE-2009-3905 CVE-2009-3906 CVE-2009-3907 CVE-2009-3908 CVE-2009-3909 CVE-2009-3938

Several integer overflows, buffer overflows and memory allocation
errors were discovered in the Poppler PDF rendering library, which may
lead to denial of service or the execution of arbitrary code if a user
is tricked into opening a malformed PDF document.

For the stable distribution (lenny), these problems have been fixed in
version 0.8.7-3.

An update for the old stable distribution (etch) will be issued soon as
version 0.4.5-5.1etch4.

For the unstable distribution (sid), these problems will be fixed soon.

We recommend that you upgrade your poppler packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/p/poppler/poppler_0.8.7.orig.tar.gz
Size/MD5 checksum: 1469587 9af81429d6f8639c357a5eed25583365
http://security.debian.org/pool/updates/main/p/poppler/poppler_0.8.7-3.diff.gz
Size/MD5 checksum: 23304 55a0a858e65401534120b10b08c62256
http://security.debian.org/pool/updates/main/p/poppler/poppler_0.8.7-3.dsc
Size/MD5 checksum: 1481 4e0f8c954b0f7072d868b03da79799c7

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.8.7-3_alpha.deb
Size/MD5 checksum: 1334790 adc6ceeb368e0d4feebdf8163e2281e4
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.8.7-3_alpha.deb
Size/MD5 checksum: 196974 20d4df914f08ed2ccef0859dadcff863
http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.8.7-3_alpha.deb
Size/MD5 checksum: 234664 f330cdb0bf1ee9001edb92677ff2d94d
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt2_0.8.7-3_alpha.deb
Size/MD5 checksum: 180372 701c9f92558359ec676ac7ed8c402abc
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib3_0.8.7-3_alpha.deb
Size/MD5 checksum: 220194 74703001f5c2588a415a53e0e61db107
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-dev_0.8.7-3_alpha.deb
Size/MD5 checksum: 452496 45ec03d58a9b33c941625d29ea726514
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-3_0.8.7-3_alpha.deb
Size/MD5 checksum: 329740 9b5b796f66136fccdd68ee2fb4410239
http://security.debian.org/pool/updates/main/p/poppler/libpoppler3_0.8.7-3_alpha.deb
Size/MD5 checksum: 891178 06d13d1837a263952327b5e1910bb049
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.8.7-3_alpha.deb
Size/MD5 checksum: 302962 343524216b65fad03cf7292183ad4760
http://security.debian.org/pool/updates/main/p/poppler/poppler-dbg_0.8.7-3_alpha.deb
Size/MD5 checksum: 3204196 077162dc4649e5e4e8e049e72ab2421c

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.8.7-3_amd64.deb
Size/MD5 checksum: 232070 24aa1dea8c17e539aacc23f5ca2ff683
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-dev_0.8.7-3_amd64.deb
Size/MD5 checksum: 358464 8b52ef334b17065d7355c1f944407e3f
http://security.debian.org/pool/updates/main/p/poppler/poppler-dbg_0.8.7-3_amd64.deb
Size/MD5 checksum: 3148528 fdaa186b15cd2ff806d3e69f9924b792
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt2_0.8.7-3_amd64.deb
Size/MD5 checksum: 178226 4b9ae48661be12327e3dc8f79f6cbd5f
http://security.debian.org/pool/updates/main/p/poppler/libpoppler3_0.8.7-3_amd64.deb
Size/MD5 checksum: 840192 690949b3a40aa59f1b2952cd48dea805
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.8.7-3_amd64.deb
Size/MD5 checksum: 1118416 34453c3ec346cc34b4ef94774d9bd975
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.8.7-3_amd64.deb
Size/MD5 checksum: 184820 3fc994f62c6e4f5c5615e48b5591574c
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-3_0.8.7-3_amd64.deb
Size/MD5 checksum: 313712 2f16ec788446b18a6ce0313ff233552b
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib3_0.8.7-3_amd64.deb
Size/MD5 checksum: 217370 51b12c5a9b716bef3cd8a5d29b4ac652
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.8.7-3_amd64.deb
Size/MD5 checksum: 274990 0f168bd7e2f0f201c4f1b5436c252987

arm architecture (ARM)

http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.8.7-3_arm.deb
Size/MD5 checksum: 1096672 01910f32db12361cf60f109f986f1324
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-3_0.8.7-3_arm.deb
Size/MD5 checksum: 341724 4795d7bae33531c80bb14fc51e8c9952
http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.8.7-3_arm.deb
Size/MD5 checksum: 226514 2d2f7ab236403d3a7040aa09e7832b1c
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-dev_0.8.7-3_arm.deb
Size/MD5 checksum: 389880 8a6b100417108055bf4dc1d40d77fa8b
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib3_0.8.7-3_arm.deb
Size/MD5 checksum: 208128 7fad0af4bd923fc218c4ed6a9aee0a48
http://security.debian.org/pool/updates/main/p/poppler/libpoppler3_0.8.7-3_arm.deb
Size/MD5 checksum: 807458 2e631c2cdbf34f7847d9106adca8d6c6
http://security.debian.org/pool/updates/main/p/poppler/poppler-dbg_0.8.7-3_arm.deb
Size/MD5 checksum: 3115760 99c003b02687fe4caeae077cc58cc00d
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt2_0.8.7-3_arm.deb
Size/MD5 checksum: 178000 6e68b3d42d47efabb7f1712862103d20
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.8.7-3_arm.deb
Size/MD5 checksum: 184604 1066c02c90002b2b69350619738963c3
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.8.7-3_arm.deb
Size/MD5 checksum: 270488 703a85948bb11c02d0e3b86237e7455d

armel architecture (ARM EABI)

http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib3_0.8.7-3_armel.deb
Size/MD5 checksum: 207820 8098dd11c17d88a38f02eb38a7e48df8
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-dev_0.8.7-3_armel.deb
Size/MD5 checksum: 376028 ff27722643819e5693823193cc6749ea
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.8.7-3_armel.deb
Size/MD5 checksum: 273904 8077b3f075149e533852a8c24467def9
http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.8.7-3_armel.deb
Size/MD5 checksum: 222166 0864461cfc76015274da63192778e1f2
http://security.debian.org/pool/updates/main/p/poppler/libpoppler3_0.8.7-3_armel.deb
Size/MD5 checksum: 776950 f34caa24fb31c36ab32162315d706a17
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.8.7-3_armel.deb
Size/MD5 checksum: 1108574 de0fe0a522dc1eb18db681b9a96ee089
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.8.7-3_armel.deb
Size/MD5 checksum: 181564 a6d91d3f6ae1f43e450264bdad083e04
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt2_0.8.7-3_armel.deb
Size/MD5 checksum: 174198 d1bd20388d59831b8aa6b0a9dfe9a537
http://security.debian.org/pool/updates/main/p/poppler/poppler-dbg_0.8.7-3_armel.deb
Size/MD5 checksum: 3157178 52340e4305b95a6b6f8e07cef9c94647
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-3_0.8.7-3_armel.deb
Size/MD5 checksum: 310682 ff8775a24d86a006b4bdee549095a543

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.8.7-3_hppa.deb
Size/MD5 checksum: 291400 18dc7b5a55715f920734a0c9080bb8e4
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.8.7-3_hppa.deb
Size/MD5 checksum: 188042 3c054ee2136540e9c378d03f032900e2
http://security.debian.org/pool/updates/main/p/poppler/libpoppler3_0.8.7-3_hppa.deb
Size/MD5 checksum: 929630 70bfae8d06c8b9654a09d1cd8ffb442c
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-3_0.8.7-3_hppa.deb
Size/MD5 checksum: 335326 32e7009057d2213232e4eab347ad6082
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt2_0.8.7-3_hppa.deb
Size/MD5 checksum: 180650 5756cb5df58f9bded9ddd34fe17fb6a0
http://security.debian.org/pool/updates/main/p/poppler/poppler-dbg_0.8.7-3_hppa.deb
Size/MD5 checksum: 3140906 8f80e2f2f99c1021d1167ed432480914
http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.8.7-3_hppa.deb
Size/MD5 checksum: 234754 42029ce3bfc33844b96140c438358993
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-dev_0.8.7-3_hppa.deb
Size/MD5 checksum: 390020 984a6eb8add88e15cf1b0b749ffb5686
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.8.7-3_hppa.deb
Size/MD5 checksum: 1260894 092507febedac1f845b542b5da11820c
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib3_0.8.7-3_hppa.deb
Size/MD5 checksum: 225948 da2eabf0c906824a1ae02b95cdc97a8f

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.8.7-3_i386.deb
Size/MD5 checksum: 270290 c8e64a55fbeae9dec7382d7ffc4860d7
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.8.7-3_i386.deb
Size/MD5 checksum: 181818 7790ec0d1b045bac5ad8acf5b273d322
http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.8.7-3_i386.deb
Size/MD5 checksum: 226530 012aaf45768ca8ca22a6d13073b0011c
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-3_0.8.7-3_i386.deb
Size/MD5 checksum: 312708 0858c85c7bb2627f97e312caa7ac080b
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-dev_0.8.7-3_i386.deb
Size/MD5 checksum: 344388 d5146377e2679555858662b0ee9a904b
http://security.debian.org/pool/updates/main/p/poppler/poppler-dbg_0.8.7-3_i386.deb
Size/MD5 checksum: 3061938 2ec5991343c3b279641beee69d0253e3
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt2_0.8.7-3_i386.deb
Size/MD5 checksum: 177704 d31a5e3e4df9c41e52619e134a75d4af
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.8.7-3_i386.deb
Size/MD5 checksum: 1053900 da7cc53970b606d599e5f02e0d068cc9
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib3_0.8.7-3_i386.deb
Size/MD5 checksum: 214612 bd5a6265f16cd51d4901692cfcaa655b
http://security.debian.org/pool/updates/main/p/poppler/libpoppler3_0.8.7-3_i386.deb
Size/MD5 checksum: 813824 a4744ae2b084c5a15485f4f3ec82342f

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib3_0.8.7-3_ia64.deb
Size/MD5 checksum: 232988 3eb095121469ddad24dfbb347d65bda7
http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.8.7-3_ia64.deb
Size/MD5 checksum: 257208 eb1bfcf546e7a7ddc9071a8f7749ec7d
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.8.7-3_ia64.deb
Size/MD5 checksum: 195248 6c0d4510170d24342bee6732e416e497
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt2_0.8.7-3_ia64.deb
Size/MD5 checksum: 184620 ffa1bf57a03e82db9d76a177c539f1b4
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.8.7-3_ia64.deb
Size/MD5 checksum: 302272 bc12525cd130ccce7f6858b459352a7e
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-3_0.8.7-3_ia64.deb
Size/MD5 checksum: 353056 e9797db4c7161a44ee19b0b9904a93b6
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.8.7-3_ia64.deb
Size/MD5 checksum: 1421660 9de0b7b911c9e45a64755a00b8efe56f
http://security.debian.org/pool/updates/main/p/poppler/libpoppler3_0.8.7-3_ia64.deb
Size/MD5 checksum: 1073678 a7105ee7b1a5e1320fa0bd337a9c071b
http://security.debian.org/pool/updates/main/p/poppler/poppler-dbg_0.8.7-3_ia64.deb
Size/MD5 checksum: 3105780 4c18b21c30873abc144cfbdbda3afa2a
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-dev_0.8.7-3_ia64.deb
Size/MD5 checksum: 424280 754097ccdf1e2018c27cc23e77611025

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.8.7-3_mips.deb
Size/MD5 checksum: 187976 77a7d378772b5b06e0246bed481f9d5f
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt2_0.8.7-3_mips.deb
Size/MD5 checksum: 177002 4c199ed2c3122490bdb3187690cb8e74
http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.8.7-3_mips.deb
Size/MD5 checksum: 231638 4f1630307637dd91b4b81eb770801689
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib3_0.8.7-3_mips.deb
Size/MD5 checksum: 215024 774f9149da9f2b1c8f19f645add40b8b
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-dev_0.8.7-3_mips.deb
Size/MD5 checksum: 390492 7f387232dc7aef639211309e8e0182d0
http://security.debian.org/pool/updates/main/p/poppler/libpoppler3_0.8.7-3_mips.deb
Size/MD5 checksum: 826354 04377b34bb9389e94942d4a7fc7e021c
http://security.debian.org/pool/updates/main/p/poppler/poppler-dbg_0.8.7-3_mips.deb
Size/MD5 checksum: 3230814 cccbe96a091ce019d54653bf0e41c69a
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-3_0.8.7-3_mips.deb
Size/MD5 checksum: 302368 e7152a0a6618bd05d124c0ce6ee42c53
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.8.7-3_mips.deb
Size/MD5 checksum: 287688 c8711627da0a79d362d90ee8f681f091
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.8.7-3_mips.deb
Size/MD5 checksum: 1219124 755a505cef94d51b148568310e5871fc

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.8.7-3_mipsel.deb
Size/MD5 checksum: 187086 3dd27225aff82082503d8cacd72a0ec2
http://security.debian.org/pool/updates/main/p/poppler/libpoppler3_0.8.7-3_mipsel.deb
Size/MD5 checksum: 804582 f97409504883b64db0f4b0238800fd5a
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.8.7-3_mipsel.deb
Size/MD5 checksum: 1200616 122b5b413a0579e6fa4bd868a0c38ba9
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-dev_0.8.7-3_mipsel.deb
Size/MD5 checksum: 386556 695b7729cfe1fb62cd6d4f37d60f8df0
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib3_0.8.7-3_mipsel.deb
Size/MD5 checksum: 214066 505a894995efb5624e7226d578c6984c
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.8.7-3_mipsel.deb
Size/MD5 checksum: 287962 e2330f7095902dbcb6eea90f7fec5c0e
http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.8.7-3_mipsel.deb
Size/MD5 checksum: 231700 931ad6728924a8511ec0bb193be0f4a9
http://security.debian.org/pool/updates/main/p/poppler/poppler-dbg_0.8.7-3_mipsel.deb
Size/MD5 checksum: 3123054 a8a5ff5547608a095ce709227fe70bee
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-3_0.8.7-3_mipsel.deb
Size/MD5 checksum: 300122 a52f2f9d10e0cef69551e2e533109467
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt2_0.8.7-3_mipsel.deb
Size/MD5 checksum: 176902 29ecd0b702c9bb11404efde67cdd5b7b

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.8.7-3_powerpc.deb
Size/MD5 checksum: 185164 550684aab0a186e611e4360b6624cdd8
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.8.7-3_powerpc.deb
Size/MD5 checksum: 285208 7988738bbc015bb16fcab13bbbbcc20b
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-dev_0.8.7-3_powerpc.deb
Size/MD5 checksum: 360804 42cab8e240b4a7de9e62202b83039360
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.8.7-3_powerpc.deb
Size/MD5 checksum: 1183416 789101eaaafe977e949827750872da66
http://security.debian.org/pool/updates/main/p/poppler/libpoppler3_0.8.7-3_powerpc.deb
Size/MD5 checksum: 882860 8bc2784a8663b1d077dfc5d9866d40e9
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt2_0.8.7-3_powerpc.deb
Size/MD5 checksum: 181116 f9f78a295a924ead21ad588a7949e9d2
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib3_0.8.7-3_powerpc.deb
Size/MD5 checksum: 222218 4f8ac7559664c3e9a31f6b31e88a65ce
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-3_0.8.7-3_powerpc.deb
Size/MD5 checksum: 317990 66b3b30f8baf1ab964f0437f551621e5
http://security.debian.org/pool/updates/main/p/poppler/poppler-dbg_0.8.7-3_powerpc.deb
Size/MD5 checksum: 3226062 6c3cc30f6a0c2bdac5ec06e1b928338a
http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.8.7-3_powerpc.deb
Size/MD5 checksum: 247222 c0c68194014f269724c999e5b16f9eba

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib3_0.8.7-3_s390.deb
Size/MD5 checksum: 218252 e41d127f260ba15a56dc7b42611146bd
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.8.7-3_s390.deb
Size/MD5 checksum: 182512 de685e8065837a6ea411d8a84abaffd0
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-3_0.8.7-3_s390.deb
Size/MD5 checksum: 312702 8d45e17d8ac29291704765d523b7179e
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt2_0.8.7-3_s390.deb
Size/MD5 checksum: 177556 f5ce014d7fe7defeb8dc76af8ca1b885
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-dev_0.8.7-3_s390.deb
Size/MD5 checksum: 349670 a2b956fc22a75710329117ddcf824ea4
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.8.7-3_s390.deb
Size/MD5 checksum: 279260 89bf9399206e169eee1bc521c4d38386
http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.8.7-3_s390.deb
Size/MD5 checksum: 229604 e5c36cd62c71b7238e37802f05688df7
http://security.debian.org/pool/updates/main/p/poppler/poppler-dbg_0.8.7-3_s390.deb
Size/MD5 checksum: 3246660 622484103366a278451786b563c017fc
http://security.debian.org/pool/updates/main/p/poppler/libpoppler3_0.8.7-3_s390.deb
Size/MD5 checksum: 841254 e03aa30315c8a933f165acb45d4fe846
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.8.7-3_s390.deb
Size/MD5 checksum: 1122140 54d336a0cb8dc7f022e2960e4c393a3f

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-3_0.8.7-3_sparc.deb
Size/MD5 checksum: 310956 2ad62b41966206abf6a5e51abdc76310
http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.8.7-3_sparc.deb
Size/MD5 checksum: 226786 68b42902f07c3a4542d7b7c71aee481d
http://security.debian.org/pool/updates/main/p/poppler/poppler-dbg_0.8.7-3_sparc.deb
Size/MD5 checksum: 3009938 0390643723092537919e6d2c62f5f4cb
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib3_0.8.7-3_sparc.deb
Size/MD5 checksum: 214264 10a5fa450895a7d4f2340472b034dfb2
http://security.debian.org/pool/updates/main/p/poppler/libpoppler3_0.8.7-3_sparc.deb
Size/MD5 checksum: 823062 6565194cdd9987d092b427e164ff68cc
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-dev_0.8.7-3_sparc.deb
Size/MD5 checksum: 348108 950535a89f3e90c8c1f49176835dfe6a
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.8.7-3_sparc.deb
Size/MD5 checksum: 272798 eabf47fa697c8beadaf5ea07f7b8a892
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt2_0.8.7-3_sparc.deb
Size/MD5 checksum: 176666 8d35ce9b58c1bc0aafa14c90bc5b4726
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.8.7-3_sparc.deb
Size/MD5 checksum: 181458 50b63df965e98f463af9bab524685d88
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.8.7-3_sparc.deb
Size/MD5 checksum: 1077822 fd0a234b61e3b1e55d6c2dd7751453da

These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@...
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAksNsXoACgkQXm3vHE4uylq1NwCdFxYeEzaG0HqGbcJ0zx9fTZWY
EhUAoMSKqMuwGCOBOa6+zb3+coWC7kjp
=Mefd
-----END PGP SIGNATURE-----

--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@...
with a subject of "unsubscribe". Trouble? Contact listmaster@...

[SECURITY] [DSA-1940-1] New php5 packages fix several issues

2009-11-25T13:48:09Z

[SECURITY] [DSA 1939-1] New libvorbis packages fix several vulnerabilities

2009-11-24T14:41:13Z

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1939-1 security@...
http://www.debian.org/security/ Giuseppe Iuculano
November 24, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : libvorbis
Vulnerability : several
Problem type : local(remote)
Debian-specific: no
Debian bug : 540958
CVE Ids : CVE-2009-2663 CVE-2009-3379

Lucas Adamski, Matthew Gregan, David Keeler, and Dan Kaminsky discovered
that libvorbis, a library for the Vorbis general-purpose compressed
audio codec, did not correctly handle certain malformed ogg files. An
attacher could cause a denial of service (memory corruption and
application crash) or possibly execute arbitrary code via a crafted .ogg
file.

For the oldstable distribution (etch), these problems have been fixed in
version 1.1.2.dfsg-1.4+etch1.

For the stable distribution (lenny), these problems have been fixed in
version 1.2.0.dfsg-3.1+lenny1.

For the testing distribution (squeeze) and the unstable distribution
(sid), these problems have been fixed in version 1.2.3-1

We recommend that you upgrade your libvorbis packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch
- -------------------------------

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis_1.1.2.dfsg-1.4+etch1.diff.gz
Size/MD5 checksum: 17870 2e11d2c0176fd0a8e796e80667a681d8
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis_1.1.2.dfsg.orig.tar.gz
Size/MD5 checksum: 1312540 44cf09fef7f78e7c6ba7dd63b6137412
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis_1.1.2.dfsg-1.4+etch1.dsc
Size/MD5 checksum: 808 2a9e6b4dcd72e8bc8cf956404a1fb7ca

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.4+etch1_alpha.deb
Size/MD5 checksum: 94682 9c20663d4f36265241830b388d90a455
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.4+etch1_alpha.deb
Size/MD5 checksum: 19440 7caafa303b7fa32f0a6192d6b75b9874
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.4+etch1_alpha.deb
Size/MD5 checksum: 110988 8751f9d236abbacaf14c7f5e5a57a078
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.4+etch1_alpha.deb
Size/MD5 checksum: 495658 681d35e8b06a6d0d8c37f7c9fb5325c8

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.4+etch1_amd64.deb
Size/MD5 checksum: 93808 ee1c37e468df9f96aa86ecf11a9c3050
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.4+etch1_amd64.deb
Size/MD5 checksum: 18018 767aa39de969e302a62a8b1968aa8c39
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.4+etch1_amd64.deb
Size/MD5 checksum: 102012 91d4ff0b056c721041ec925adb956623
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.4+etch1_amd64.deb
Size/MD5 checksum: 463556 431c01bc7bc69936fdc4d4c1d32c12eb

arm architecture (ARM)

http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.4+etch1_arm.deb
Size/MD5 checksum: 459034 52d059837ff4ec37205c65c952d10dfd
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.4+etch1_arm.deb
Size/MD5 checksum: 75992 33f262fdec3a52f4d6e5cebd3238f600
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.4+etch1_arm.deb
Size/MD5 checksum: 98776 7c24697b474af64e5a85625777d0bc8d
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.4+etch1_arm.deb
Size/MD5 checksum: 18776 c00e2fcb4e65aa26d8a9d2fda4a86c0c

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.4+etch1_hppa.deb
Size/MD5 checksum: 486808 97cee8dfb056da78638884749a4cd3bb
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.4+etch1_hppa.deb
Size/MD5 checksum: 22180 97e127da32402398f9d3d073917aaf30
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.4+etch1_hppa.deb
Size/MD5 checksum: 108614 9e7b5f226060f6d492aa5a37830e8382
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.4+etch1_hppa.deb
Size/MD5 checksum: 92586 d768d0011d425413b5513cc6077c90cc

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.4+etch1_i386.deb
Size/MD5 checksum: 19096 ddf590ab7c51f75015815e7500c73c02
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.4+etch1_i386.deb
Size/MD5 checksum: 98656 d84b4ff35636254f8b79c4a1817a9f1b
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.4+etch1_i386.deb
Size/MD5 checksum: 455630 419e92bd2278385d2332485bfb5ec1c4
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.4+etch1_i386.deb
Size/MD5 checksum: 75688 8162e49e13fdd5f4f90b5e04737aef5b

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.4+etch1_ia64.deb
Size/MD5 checksum: 24924 8d0212e706fc747d46a3975aecab7216
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.4+etch1_ia64.deb
Size/MD5 checksum: 136680 c1c52b4d20178d8f2cce5201965bdfd9
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.4+etch1_ia64.deb
Size/MD5 checksum: 510898 b6c1d63e991ad6ac200b84a2ef2c7778
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.4+etch1_ia64.deb
Size/MD5 checksum: 98322 3fabeea5ac4bccea511c9896e9348bd4

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.4+etch1_mips.deb
Size/MD5 checksum: 479806 3d49befd4f109864db338470ca55cfc7
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.4+etch1_mips.deb
Size/MD5 checksum: 81862 6d767ac118ce0a06283d21bb324769f4
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.4+etch1_mips.deb
Size/MD5 checksum: 105506 b11a6faac0f84f7a39cd0926de7663d4
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.4+etch1_mips.deb
Size/MD5 checksum: 21196 0d5bab8e1549e3de1800c81d3103cef5

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.4+etch1_mipsel.deb
Size/MD5 checksum: 21184 4217f461a2c1d30891835bae475a4821
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.4+etch1_mipsel.deb
Size/MD5 checksum: 105478 f3465e3a92fc170d74fbb0506e4680ad
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.4+etch1_mipsel.deb
Size/MD5 checksum: 469818 126dd26c5dcde5fe3d600e0d40a9ceba
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.4+etch1_mipsel.deb
Size/MD5 checksum: 77222 b9441d25e697dcc50d524f1877cfca5e

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.4+etch1_powerpc.deb
Size/MD5 checksum: 105636 a61d57534c62b311e960335f238c0470
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.4+etch1_powerpc.deb
Size/MD5 checksum: 21596 cf321ab0979c9515553214fdbb4e133e
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.4+etch1_powerpc.deb
Size/MD5 checksum: 481752 593995999d19a5d57c3478675e98c420
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.4+etch1_powerpc.deb
Size/MD5 checksum: 82404 fd07873df7789ab093013b1baaee0edc

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.4+etch1_s390.deb
Size/MD5 checksum: 90790 4408b9fbd5a4f7f942b65db63784e7a7
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.4+etch1_s390.deb
Size/MD5 checksum: 103024 f3ea14da7a63f1cfbc44dc1339c40262
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.4+etch1_s390.deb
Size/MD5 checksum: 453202 d0ba253a2d00eb5d250be7d0b99bb727
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.4+etch1_s390.deb
Size/MD5 checksum: 21148 104ecad6b00ae020821510a23cdfa8b7

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.4+etch1_sparc.deb
Size/MD5 checksum: 460314 dac04732917ced67c8a81f708db6cfd4
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.4+etch1_sparc.deb
Size/MD5 checksum: 98978 e83cbcf90ca35296f02f01d57b3e915e
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.4+etch1_sparc.deb
Size/MD5 checksum: 79810 12328b2d6338996b25aeac8877331400
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.4+etch1_sparc.deb
Size/MD5 checksum: 18084 46c1fef587328abad16f2fb4f47add8d

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis_1.2.0.dfsg-3.1+lenny1.diff.gz
Size/MD5 checksum: 10323 8a3c02bfdb7c2e6edc1a6ba952f4706e
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis_1.2.0.dfsg-3.1+lenny1.dsc
Size/MD5 checksum: 1280 0e4285bf0fc44a182f35b15b3bef92af
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis_1.2.0.dfsg.orig.tar.gz
Size/MD5 checksum: 1477935 3c7fff70c0989ab3c1c85366bf670818

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.2.0.dfsg-3.1+lenny1_alpha.deb
Size/MD5 checksum: 21514 54f57d2e85a0be5e1acad07ce954a168
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg-3.1+lenny1_alpha.deb
Size/MD5 checksum: 115208 f6dc710dafeffbec73e13170d9105829
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.2.0.dfsg-3.1+lenny1_alpha.deb
Size/MD5 checksum: 506716 140e414c05e73eab318a51f7d4aa2b8d
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.2.0.dfsg-3.1+lenny1_alpha.deb
Size/MD5 checksum: 96064 73db866b777df1909563190182640945

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.2.0.dfsg-3.1+lenny1_amd64.deb
Size/MD5 checksum: 478134 8ebe1257d8e115a5af1058f8a61d50bd
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.2.0.dfsg-3.1+lenny1_amd64.deb
Size/MD5 checksum: 20274 a89e0200bbd700c8ed5661493534f02b
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg-3.1+lenny1_amd64.deb
Size/MD5 checksum: 109190 f6ff320aee0bd6866e801206af4484f1
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.2.0.dfsg-3.1+lenny1_amd64.deb
Size/MD5 checksum: 95610 cea6849521bd398355ca1532577d331d

arm architecture (ARM)

http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.2.0.dfsg-3.1+lenny1_arm.deb
Size/MD5 checksum: 20652 66ffe73d9861dcd3232dbd436f8dcc6b
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg-3.1+lenny1_arm.deb
Size/MD5 checksum: 102034 cd5000ef6cacd9233d085ae95ea23d2b
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.2.0.dfsg-3.1+lenny1_arm.deb
Size/MD5 checksum: 468072 30b862d2990829dcc6e981216367f969
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.2.0.dfsg-3.1+lenny1_arm.deb
Size/MD5 checksum: 78076 37db0e079e0d0fd143ef3ec24346d007

armel architecture (ARM EABI)

http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.2.0.dfsg-3.1+lenny1_armel.deb
Size/MD5 checksum: 81476 5ab9275754100c446347e657240e875f
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg-3.1+lenny1_armel.deb
Size/MD5 checksum: 111004 823aec12ac3297a641b2dea659618a1a
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.2.0.dfsg-3.1+lenny1_armel.deb
Size/MD5 checksum: 23996 753c36a998841c8f8aefa4d934d5823b
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.2.0.dfsg-3.1+lenny1_armel.deb
Size/MD5 checksum: 480568 2d544a79b74d22a2e680b521236ac4e7

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.2.0.dfsg-3.1+lenny1_hppa.deb
Size/MD5 checksum: 24294 f2ef7f0f4a071a61756b244a1c2f8fdd
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.2.0.dfsg-3.1+lenny1_hppa.deb
Size/MD5 checksum: 498788 cc869f79c972f23a0d0a4fba7257f67b
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg-3.1+lenny1_hppa.deb
Size/MD5 checksum: 114236 161bd0d31cdc44d0dce14f68af75d2bf
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.2.0.dfsg-3.1+lenny1_hppa.deb
Size/MD5 checksum: 93650 2120a920860dbf8b027ab3d0f53e35c3

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg-3.1+lenny1_i386.deb
Size/MD5 checksum: 101822 b35241103ae3b649b37082c75bb6c349
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.2.0.dfsg-3.1+lenny1_i386.deb
Size/MD5 checksum: 77266 e6272466696d9b1307c446495933904a
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.2.0.dfsg-3.1+lenny1_i386.deb
Size/MD5 checksum: 21228 5c64197678bc8102cac8d5e24ebf30f4
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.2.0.dfsg-3.1+lenny1_i386.deb
Size/MD5 checksum: 465548 3b5e01cb7ed617ceef7cfac672c42061

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.2.0.dfsg-3.1+lenny1_ia64.deb
Size/MD5 checksum: 27076 b10ab2d103d2c360fe8d865592170fed
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg-3.1+lenny1_ia64.deb
Size/MD5 checksum: 145298 1a48bdf218f2ad34e214edbdb74d3017
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.2.0.dfsg-3.1+lenny1_ia64.deb
Size/MD5 checksum: 100386 815eea5cd2cdd1f5c880d027e9d0d047
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.2.0.dfsg-3.1+lenny1_ia64.deb
Size/MD5 checksum: 529794 243a7c8dc4d8005141b722709e00fefd

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.2.0.dfsg-3.1+lenny1_mips.deb
Size/MD5 checksum: 23034 862ec33f1cdc5de0fe9d70a1dddabddc
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.2.0.dfsg-3.1+lenny1_mips.deb
Size/MD5 checksum: 489974 335f4276e4ace9e795a708bb378293ed
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.2.0.dfsg-3.1+lenny1_mips.deb
Size/MD5 checksum: 83664 5ebfbe684ab67af2070d7ebd78e920b6
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg-3.1+lenny1_mips.deb
Size/MD5 checksum: 109642 9088464063081cf3db925abbd77f95ab

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.2.0.dfsg-3.1+lenny1_mipsel.deb
Size/MD5 checksum: 78800 cbf9d026a528889229ede2fbbf07f9b1
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg-3.1+lenny1_mipsel.deb
Size/MD5 checksum: 110172 56df9de194208745f918c2489fd07dc4
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.2.0.dfsg-3.1+lenny1_mipsel.deb
Size/MD5 checksum: 23038 ebafe740326f2b2477e4a2932e0b1f20
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.2.0.dfsg-3.1+lenny1_mipsel.deb
Size/MD5 checksum: 480462 354c01ff4d127cfbd90b5d2bbf115124

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.2.0.dfsg-3.1+lenny1_powerpc.deb
Size/MD5 checksum: 84936 a8e159dfb4a7947ab21d03e42743f273
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.2.0.dfsg-3.1+lenny1_powerpc.deb
Size/MD5 checksum: 489602 055f226558649f3824c77ccf8710b3ff
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.2.0.dfsg-3.1+lenny1_powerpc.deb
Size/MD5 checksum: 25112 cbc19a2f5b18a39027a5f4796c328d38
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg-3.1+lenny1_powerpc.deb
Size/MD5 checksum: 115288 69dcb48991d54cb44f440951453819be

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.2.0.dfsg-3.1+lenny1_s390.deb
Size/MD5 checksum: 92652 332abcfbc21fde03527f98394d430589
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.2.0.dfsg-3.1+lenny1_s390.deb
Size/MD5 checksum: 23374 459565d5bf6fb2423bb966585050f76e
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg-3.1+lenny1_s390.deb
Size/MD5 checksum: 108572 d18b6585b3ac105589cbd85149f6dbf2
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.2.0.dfsg-3.1+lenny1_s390.deb
Size/MD5 checksum: 464128 54fd2ed9b7f46e98c61717df93623179

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg-3.1+lenny1_sparc.deb
Size/MD5 checksum: 104330 4c01729046cf263045262dbac19cf380
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.2.0.dfsg-3.1+lenny1_sparc.deb
Size/MD5 checksum: 20572 737481d4662074e10faaec373056d761
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.2.0.dfsg-3.1+lenny1_sparc.deb
Size/MD5 checksum: 81536 6ac89e9942629ddbf7e1bbf21226fda1
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.2.0.dfsg-3.1+lenny1_sparc.deb
Size/MD5 checksum: 472582 bb723b7a07db184b259c28d757d1e271

These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@...
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAksMYHkACgkQXm3vHE4uylqW1wCfafO6HW+9M4d2d2bMOHB/7bFv
CjIAn0S6sKzN3XYdLgar9zLlxbKSFFRx
=oVpm
-----END PGP SIGNATURE-----

--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@...
with a subject of "unsubscribe". Trouble? Contact listmaster@...

[SECURITY] [DSA 1938-1] New php-mail packages fix insufficient input sanitising

2009-11-22T23:40:19Z

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1938-1 security@...
http://www.debian.org/security/ Steffen Joeris
November 23, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : php-mail
Vulnerability : programming error
Problem type : remote
Debian-specific: no
CVE Id : No CVE id yet

It was discovered that php-mail, a PHP PEAR module for sending email,
has insufficient input sanitising, which might be used to obtain
sensitive data from the system that uses php-mail.

For the stable distribution (lenny), this problem has been fixed in
version 1.1.14-1+lenny1.

For the oldstable distribution (etch), this problem has been fixed in
version 1.1.6-2+etch1.

For the testing distribution (squeeze), this problem will be fixed soon.

For the unstable distribution (sid), this problem has been fixed in
version 1.1.14-2.

We recommend that you upgrade your php-mail packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch
- -------------------------------

Debian (oldstable)
- ------------------

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/p/php-mail/php-mail_1.1.6.orig.tar.gz
Size/MD5 checksum: 13702 47b38a06acdec73c4d8c01f9d7e5e8e2
http://security.debian.org/pool/updates/main/p/php-mail/php-mail_1.1.6-2+etch1.diff.gz
Size/MD5 checksum: 3310 64425237844fed79a4b71aa34ccb0cee
http://security.debian.org/pool/updates/main/p/php-mail/php-mail_1.1.6-2+etch1.dsc
Size/MD5 checksum: 689 93c32b0cb655191ac6edb48013d18921

Architecture independent packages:

http://security.debian.org/pool/updates/main/p/php-mail/php-mail_1.1.6-2+etch1_all.deb
Size/MD5 checksum: 17884 a2abda15da9ddab5f1590198cc852b3f

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Debian (stable)
- ---------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/p/php-mail/php-mail_1.1.14-1+lenny1.dsc
Size/MD5 checksum: 1258 6d361bf9406e9195813b4396bb7d5c13
http://security.debian.org/pool/updates/main/p/php-mail/php-mail_1.1.14.orig.tar.gz
Size/MD5 checksum: 17537 e50da58b6b787b3903ce4d07dc791bb2
http://security.debian.org/pool/updates/main/p/php-mail/php-mail_1.1.14-1+lenny1.diff.gz
Size/MD5 checksum: 4105 a8154d9e86e98a591dfc9e84210ce163

Architecture independent packages:

http://security.debian.org/pool/updates/main/p/php-mail/php-mail_1.1.14-1+lenny1_all.deb
Size/MD5 checksum: 21904 d5184514df44b348582071748e855c32

These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@...
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAksKPD4ACgkQ62zWxYk/rQelCQCfSj7eMrmJHQfKyjU3uQ3RVH89
8EwAnjtlML3vVJ0bh4icip/4NQWuRZHK
=u2Qx
-----END PGP SIGNATURE-----

--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@...
with a subject of "unsubscribe". Trouble? Contact listmaster@...

[SECURITY] [DSA 1937-1] New gforge packages fix cross-site scripting

2009-11-20T21:30:22Z

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1937-1 security@...
http://www.debian.org/security/ Steffen Joeris
November 21, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : gforge
Vulnerability : insufficient input sanitising
Problem type : remote
Debian-specific: no
CVE ID : CVE-2009-3303

It was discovered that gforge, collaborative development tool, is prone
to a cross-site scripting attack via the helpname parameter. Beside
fixing this issue, the update also introduces some additional input
sanitising. However, there are no known attack vectors.

For the stable distribution (lenny), these problem have been fixed in
version 4.7~rc2-7lenny2.

The oldstable distribution (etch), these problems have been fixed in
version 4.5.14-22etch12.

For the testing distribution (squeeze) and the unstable distribution
(sid), these problems have been fixed in version 4.8.1-3.

We recommend that you upgrade your gforge packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch
- -------------------------------

Debian (oldstable)
- ------------------

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/g/gforge/gforge_4.5.14-22etch12.diff.gz
Size/MD5 checksum: 203139 67406308953934e8d68ca1cd97154023
http://security.debian.org/pool/updates/main/g/gforge/gforge_4.5.14-22etch12.dsc
Size/MD5 checksum: 953 2176dd5939538d180d60637d77260f19
http://security.debian.org/pool/updates/main/g/gforge/gforge_4.5.14.orig.tar.gz
Size/MD5 checksum: 2161141 e85f82eff84ee073f80a2a52dd32c8a5

Architecture independent packages:

http://security.debian.org/pool/updates/main/g/gforge/gforge-web-apache_4.5.14-22etch12_all.deb
Size/MD5 checksum: 705438 d40c97c6f0d0823b966b48b9b1b7eb6f
http://security.debian.org/pool/updates/main/g/gforge/gforge_4.5.14-22etch12_all.deb
Size/MD5 checksum: 80534 c86b0696f707df2df400ef46838a2505
http://security.debian.org/pool/updates/main/g/gforge/gforge-common_4.5.14-22etch12_all.deb
Size/MD5 checksum: 1011566 644f57ac3a902d69369806763b29e484
http://security.debian.org/pool/updates/main/g/gforge/gforge-dns-bind9_4.5.14-22etch12_all.deb
Size/MD5 checksum: 104034 43bb51625ea030e4bca2a1753720acd0
http://security.debian.org/pool/updates/main/g/gforge/gforge-shell-ldap_4.5.14-22etch12_all.deb
Size/MD5 checksum: 86598 801eb1462e783877698f8181e93c7d37
http://security.debian.org/pool/updates/main/g/gforge/gforge-shell-postgresql_4.5.14-22etch12_all.deb
Size/MD5 checksum: 87402 9601350198b4a1c4946b26cbfc0089f0
http://security.debian.org/pool/updates/main/g/gforge/gforge-mta-exim_4.5.14-22etch12_all.deb
Size/MD5 checksum: 88868 9c73567d60ede088fe7c952c0d575a22
http://security.debian.org/pool/updates/main/g/gforge/gforge-lists-mailman_4.5.14-22etch12_all.deb
Size/MD5 checksum: 82348 ad231cb698733f3c3ce6cb65357aacee
http://security.debian.org/pool/updates/main/g/gforge/gforge-ftp-proftpd_4.5.14-22etch12_all.deb
Size/MD5 checksum: 86318 448d7f114da5ef2188aa56f8dcd130f4
http://security.debian.org/pool/updates/main/g/gforge/gforge-ldap-openldap_4.5.14-22etch12_all.deb
Size/MD5 checksum: 95726 d6557e0016666a5e9c53f38fed49c322
http://security.debian.org/pool/updates/main/g/gforge/gforge-mta-postfix_4.5.14-22etch12_all.deb
Size/MD5 checksum: 88766 c78075b8eab9c9b3ead54716d10cf370
http://security.debian.org/pool/updates/main/g/gforge/gforge-mta-exim4_4.5.14-22etch12_all.deb
Size/MD5 checksum: 89386 2837d3a26850e5622294eb44aa49f3e2
http://security.debian.org/pool/updates/main/g/gforge/gforge-db-postgresql_4.5.14-22etch12_all.deb
Size/MD5 checksum: 212746 1c48e12e5e61d5f56edd0de46884af52
http://security.debian.org/pool/updates/main/g/gforge/gforge-mta-courier_4.5.14-22etch12_all.deb
Size/MD5 checksum: 76334 4e63c7735c92764d82dfdf4f742be2cb

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Debian (stable)
- ---------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/g/gforge/gforge_4.7~rc2-7lenny2.dsc
Size/MD5 checksum: 1487 0b1ce8a3757f45818006361e1eeb8140
http://security.debian.org/pool/updates/main/g/gforge/gforge_4.7~rc2-7lenny2.diff.gz
Size/MD5 checksum: 104727 3ce01d7387d05990a61a28e831a62f7b
http://security.debian.org/pool/updates/main/g/gforge/gforge_4.7~rc2.orig.tar.gz
Size/MD5 checksum: 10225404 bd24808ce79363d4c7c529778f6f5324

Architecture independent packages:

http://security.debian.org/pool/updates/main/g/gforge/gforge-mta-exim4_4.7~rc2-7lenny2_all.deb
Size/MD5 checksum: 100794 9e7c73b64c1929858089717fc32585b2
http://security.debian.org/pool/updates/main/g/gforge/gforge_4.7~rc2-7lenny2_all.deb
Size/MD5 checksum: 92854 e9c5d38f5fc5a51fe417b38b6c359702
http://security.debian.org/pool/updates/main/g/gforge/gforge-plugin-scmcvs_4.7~rc2-7lenny2_all.deb
Size/MD5 checksum: 129406 053272d5f4440d75825890ddd6bf5169
http://security.debian.org/pool/updates/main/g/gforge/gforge-common_4.7~rc2-7lenny2_all.deb
Size/MD5 checksum: 1112528 77f4e8dc932777a36cf941a1bd5b10a8
http://security.debian.org/pool/updates/main/g/gforge/gforge-plugin-mediawiki_4.7~rc2-7lenny2_all.deb
Size/MD5 checksum: 213574 14405a0cb843748ba77c691eaa60d4b6
http://security.debian.org/pool/updates/main/g/gforge/gforge-mta-postfix_4.7~rc2-7lenny2_all.deb
Size/MD5 checksum: 101554 3aa3bb38dfc4a8bb3834f3397b03c688
http://security.debian.org/pool/updates/main/g/gforge/gforge-ftp-proftpd_4.7~rc2-7lenny2_all.deb
Size/MD5 checksum: 97364 7a73fb6cd3af0addda1076f68b4ceaa7
http://security.debian.org/pool/updates/main/g/gforge/gforge-shell-postgresql_4.7~rc2-7lenny2_all.deb
Size/MD5 checksum: 95108 3dac1b4c78f967488693d3efb8b9f1b0
http://security.debian.org/pool/updates/main/g/gforge/gforge-web-apache_4.7~rc2-7lenny2_all.deb
Size/MD5 checksum: 88522 ffb28f911b5b5a638376cfaa598dc443
http://security.debian.org/pool/updates/main/g/gforge/gforge-plugin-scmsvn_4.7~rc2-7lenny2_all.deb
Size/MD5 checksum: 122034 565dcc6c8acccfa4c6ae12121b774fa6
http://security.debian.org/pool/updates/main/g/gforge/gforge-web-apache2_4.7~rc2-7lenny2_all.deb
Size/MD5 checksum: 1397340 47fdfdfda7355f12fe807d9f01e79d5c
http://security.debian.org/pool/updates/main/g/gforge/gforge-db-postgresql_4.7~rc2-7lenny2_all.deb
Size/MD5 checksum: 231012 3a6ff0778f890ca32ec7c8fae97ef996
http://security.debian.org/pool/updates/main/g/gforge/gforge-lists-mailman_4.7~rc2-7lenny2_all.deb
Size/MD5 checksum: 94622 b533f09eedfd0b9f29dd07d4f9e64e06
http://security.debian.org/pool/updates/main/g/gforge/gforge-dns-bind9_4.7~rc2-7lenny2_all.deb
Size/MD5 checksum: 106930 fcd1127a7c6c19ccf3c2a4a4931eb598
http://security.debian.org/pool/updates/main/g/gforge/gforge-mta-courier_4.7~rc2-7lenny2_all.deb
Size/MD5 checksum: 88790 428a7b29217a916f004c085507128f88

These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@...
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAksHem4ACgkQ62zWxYk/rQc8OwCeL/MYC9AWieVtnpBrtzn8Z79L
EqQAnjfyotsvfsH2Y6qJ1aC4g9+K1xTU
=UVaP
-----END PGP SIGNATURE-----

--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@...
with a subject of "unsubscribe". Trouble? Contact listmaster@...

[SECURITY] [DSA 1936-1] New libgd2 packages fix several vulnerabilities

2009-11-17T12:52:01Z

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1936-1 security@...
http://www.debian.org/security/ Giuseppe Iuculano
November 17, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : libgd2
Vulnerability : several
Problem type : local (remote)
Debian-specific: no
CVE Id : CVE-2007-0455 CVE-2009-3546
Debian Bug : 408982 552534

Several vulnerabilities have been discovered in libgd2, a library for
programmatic graphics creation and manipulation. The Common
Vulnerabilities and Exposures project identifies the following problems:

CVE-2007-0455

Kees Cook discovered a buffer overflow in libgd2's font renderer. An
attacker could cause denial of service (application crash) and
possibly execute arbitrary code via a crafted string with a JIS
encoded font. This issue only affects the oldstable distribution
(etch).

CVE-2009-3546

Tomas Hoger discovered a boundary error in the "_gdGetColors()"
function. An attacker could conduct a buffer overflow or buffer
over-read attacks via a crafted GD file.

For the oldstable distribution (etch), these problems have been fixed in
version 2.0.33-5.2etch2.

For the stable distribution (lenny), these problems have been fixed in
version 2.0.36~rc1~dfsg-3+lenny1.

For the upcoming stable distribution (squeeze) and the unstable
distribution ion (sid), these problems have been fixed in version
2.0.36~rc1~dfsg-3.1.

We recommend that you upgrade your libgd2 packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch
- -------------------------------

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.33-5.2etch2.diff.gz
Size/MD5 checksum: 301479 d2f4b2221cb0e05063f85157711638c7
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.33.orig.tar.gz
Size/MD5 checksum: 587617 be0a6d326cd8567e736fbc75df0a5c45
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.33-5.2etch2.dsc
Size/MD5 checksum: 988 c143f788dec8bc93ba7d80532600e09c

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.33-5.2etch2_alpha.deb
Size/MD5 checksum: 209706 350a29caa97e9308417968f4374fe4cb
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.33-5.2etch2_alpha.deb
Size/MD5 checksum: 211442 ac64343bcbd2196196af6b942a603dab
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.33-5.2etch2_alpha.deb
Size/MD5 checksum: 147620 9948cdf39afe83183bc1603cd90dd114
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.33-5.2etch2_alpha.deb
Size/MD5 checksum: 366996 c0f31c20c69d49d3cb5dadfa95bbf605
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.33-5.2etch2_alpha.deb
Size/MD5 checksum: 363262 76cc7a8c6e046be17f44b3dc6bfc6510

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.33-5.2etch2_amd64.deb
Size/MD5 checksum: 203508 9ee2e8faf2371ffd8893b6d9d2ec021b
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.33-5.2etch2_amd64.deb
Size/MD5 checksum: 341038 820d12d0f7f578add42fb3d13269d7f5
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.33-5.2etch2_amd64.deb
Size/MD5 checksum: 200610 cdf81aad23ab53b1d28723c1e50895c9
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.33-5.2etch2_amd64.deb
Size/MD5 checksum: 145376 1f20c829f68b560492c5f6cac3c0326d
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.33-5.2etch2_amd64.deb
Size/MD5 checksum: 342970 a8574f1ddb902aad8ebc4fab107d2210

arm architecture (ARM)

http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.33-5.2etch2_arm.deb
Size/MD5 checksum: 194452 9933342f1462e2fb3a91572fe81d6d08
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.33-5.2etch2_arm.deb
Size/MD5 checksum: 196524 291e331443613462a389a939f9c927ae
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.33-5.2etch2_arm.deb
Size/MD5 checksum: 144878 a232085eb902a52df464b7aba1aa2b30
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.33-5.2etch2_arm.deb
Size/MD5 checksum: 335830 a443f2cc96cb8c2e8ede402b6c7d70ff
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.33-5.2etch2_arm.deb
Size/MD5 checksum: 333636 827656208c3803187e0e8284dbdb2c85

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.33-5.2etch2_hppa.deb
Size/MD5 checksum: 206542 aaedbb6f18a46a19caa0b2af5622de1b
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.33-5.2etch2_hppa.deb
Size/MD5 checksum: 351368 95f241fab6f416957fb3a3545a132f6d
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.33-5.2etch2_hppa.deb
Size/MD5 checksum: 348440 b8b8601eaff99fe3fb01ba88452be1b6
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.33-5.2etch2_hppa.deb
Size/MD5 checksum: 148142 3ee9af605af8ca186f89e0669bfbacc8
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.33-5.2etch2_hppa.deb
Size/MD5 checksum: 209106 d2a75cf4dfc766239a8244cd5b3c671f

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.33-5.2etch2_i386.deb
Size/MD5 checksum: 198922 faa4e27f258d87a2d6716a1c7522ae96
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.33-5.2etch2_i386.deb
Size/MD5 checksum: 335496 c6374428f8f2fc3c56cca141fda12267
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.33-5.2etch2_i386.deb
Size/MD5 checksum: 197048 70de99f091a5ca73c3a9e14735a7f715
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.33-5.2etch2_i386.deb
Size/MD5 checksum: 143160 be7a5db664baec27428b8092acd942a9
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.33-5.2etch2_i386.deb
Size/MD5 checksum: 333956 16b228575857c08de542a1679bcde839

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.33-5.2etch2_ia64.deb
Size/MD5 checksum: 233854 59e84a2661507953240d01554d2f6801
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.33-5.2etch2_ia64.deb
Size/MD5 checksum: 149910 22f9401b0d41c4448d9165710575b639
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.33-5.2etch2_ia64.deb
Size/MD5 checksum: 381880 6f5d11e2181e4f32422000e30bb485fa
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.33-5.2etch2_ia64.deb
Size/MD5 checksum: 236402 d20da0972b2ce931db29ba0ef33c0227
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.33-5.2etch2_ia64.deb
Size/MD5 checksum: 379828 dcb320bbe14e14912c43e4ce6a87406c

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.33-5.2etch2_mips.deb
Size/MD5 checksum: 144530 29c23e7cf94df2dcce42da823ee2bac3
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.33-5.2etch2_mips.deb
Size/MD5 checksum: 199980 8e7890aabf93010d64d573e97e7b6325
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.33-5.2etch2_mips.deb
Size/MD5 checksum: 351366 fb84770d2b15b3d242af1ff9371cc004
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.33-5.2etch2_mips.deb
Size/MD5 checksum: 349002 83a8e560b2a0832fa3f7bd845b028888
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.33-5.2etch2_mips.deb
Size/MD5 checksum: 202576 4b614223b83ff9281d6abf0c96b95e84

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.33-5.2etch2_mipsel.deb
Size/MD5 checksum: 351598 8eb9fcda56c076e97b6b5ae4c3a5c684
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.33-5.2etch2_mipsel.deb
Size/MD5 checksum: 144656 d62007352274ddea4268b8daec3dfe06
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.33-5.2etch2_mipsel.deb
Size/MD5 checksum: 200114 a7acda3f2c85d11229ca80716708b292
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.33-5.2etch2_mipsel.deb
Size/MD5 checksum: 202610 6aba76b1fa6bf61e4f19b2c185caef40
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.33-5.2etch2_mipsel.deb
Size/MD5 checksum: 348938 446b111039f2abc5f18c0da2909dc6d2

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.33-5.2etch2_powerpc.deb
Size/MD5 checksum: 344170 99cb36b3f7e76c1611bc558da1f0b69f
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.33-5.2etch2_powerpc.deb
Size/MD5 checksum: 153630 bd6b37df3c6f865add4a7544ce6a3ed8
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.33-5.2etch2_powerpc.deb
Size/MD5 checksum: 346678 85768ccf84d18a46ec71b98de88d883a
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.33-5.2etch2_powerpc.deb
Size/MD5 checksum: 201156 02559a9d66a4ba052fdbdb8865fb1178
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.33-5.2etch2_powerpc.deb
Size/MD5 checksum: 203254 697ec05f2c82870f3571de48ee1d4931

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.33-5.2etch2_s390.deb
Size/MD5 checksum: 203820 2c0e1b8da57169cc27c68c02749e7fce
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.33-5.2etch2_s390.deb
Size/MD5 checksum: 145288 e586279ab34b40581df878e8d54a5d00
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.33-5.2etch2_s390.deb
Size/MD5 checksum: 206304 81286d7ef378f995064bda8985405176
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.33-5.2etch2_s390.deb
Size/MD5 checksum: 344916 2b7dc027100094bcdfac3973ae42ec8a
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.33-5.2etch2_s390.deb
Size/MD5 checksum: 341596 48fb7fd9410a6c56c7348ee58e44c0db

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.33-5.2etch2_sparc.deb
Size/MD5 checksum: 337040 3e570757ccbed59f81cc9635908dcf52
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.33-5.2etch2_sparc.deb
Size/MD5 checksum: 195478 5394f4b16849e0324bf8604cd96855fe
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.33-5.2etch2_sparc.deb
Size/MD5 checksum: 339032 c33f2dd72b9c4d9e0d9d296b2d76c8ae
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.33-5.2etch2_sparc.deb
Size/MD5 checksum: 144496 ed5d416ed606a7512fd23b640ef0d48f
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.33-5.2etch2_sparc.deb
Size/MD5 checksum: 197346 472999df848cf226b765a36f10cb01ae

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.36~rc1~dfsg-3+lenny1.dsc
Size/MD5 checksum: 1612 861ee81768001cad3679f7e6b4c16268
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.36~rc1~dfsg-3+lenny1.diff.gz
Size/MD5 checksum: 29122 ba98bcc559da7cfaf6af0269e6d6c973
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.36~rc1~dfsg.orig.tar.gz
Size/MD5 checksum: 761899 0f4d2fa45627af0e87fcb74f653b66dd

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.36~rc1~dfsg-3+lenny1_alpha.deb
Size/MD5 checksum: 236996 97687d52155c579eac4694129a3036b0
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.36~rc1~dfsg-3+lenny1_alpha.deb
Size/MD5 checksum: 234324 888ccfbe94b37d807e520d17ba555373
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.36~rc1~dfsg-3+lenny1_alpha.deb
Size/MD5 checksum: 389038 68e57a70ac9deeb88c32ded9f4d35db5
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.36~rc1~dfsg-3+lenny1_alpha.deb
Size/MD5 checksum: 386062 d08f7a705d3b7853accb539322d93404
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.36~rc1~dfsg-3+lenny1_alpha.deb
Size/MD5 checksum: 169056 0d8325242d90e9be315eceb4f4c3b2ce

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.36~rc1~dfsg-3+lenny1_amd64.deb
Size/MD5 checksum: 226128 a341c0823799c1a17c57f3ab641ed9fc
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.36~rc1~dfsg-3+lenny1_amd64.deb
Size/MD5 checksum: 363824 9f5ee16778aae72857045d83c24aa0a0
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.36~rc1~dfsg-3+lenny1_amd64.deb
Size/MD5 checksum: 367104 c5d257e24617236b8a66ffebe49bc998
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.36~rc1~dfsg-3+lenny1_amd64.deb
Size/MD5 checksum: 165016 35a7308138a071c9790b3c68071e67eb
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.36~rc1~dfsg-3+lenny1_amd64.deb
Size/MD5 checksum: 228642 a923422ad1c829794894220d66e31ad8

arm architecture (ARM)

http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.36~rc1~dfsg-3+lenny1_arm.deb
Size/MD5 checksum: 218166 d01652ad19f739742c9ecd8bb4356c2e
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.36~rc1~dfsg-3+lenny1_arm.deb
Size/MD5 checksum: 360062 31b1b9c12e2e30d2a6da2bef039fac19
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.36~rc1~dfsg-3+lenny1_arm.deb
Size/MD5 checksum: 357534 69ba937ded46718124339895569eae97
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.36~rc1~dfsg-3+lenny1_arm.deb
Size/MD5 checksum: 165706 0017b28a56a67957aba834671b4ed04a
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.36~rc1~dfsg-3+lenny1_arm.deb
Size/MD5 checksum: 220304 d5a95205b1d4d63ef7910e1c66cc5064

armel architecture (ARM EABI)

http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.36~rc1~dfsg-3+lenny1_armel.deb
Size/MD5 checksum: 220534 13e41fb531753eac4425352e489ac204
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.36~rc1~dfsg-3+lenny1_armel.deb
Size/MD5 checksum: 359206 f16a9f312a1661e6be8c2aef94d699df
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.36~rc1~dfsg-3+lenny1_armel.deb
Size/MD5 checksum: 361246 1d18d7e113b95b5f780fcbbc9e7fe801
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.36~rc1~dfsg-3+lenny1_armel.deb
Size/MD5 checksum: 222682 0f1b597856bd6c52fbb60ed0649f485a
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.36~rc1~dfsg-3+lenny1_armel.deb
Size/MD5 checksum: 166342 096ac81396b8664a2ed0280ea142a7d7

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.36~rc1~dfsg-3+lenny1_hppa.deb
Size/MD5 checksum: 228220 094ed936f86c346642bae66be78fe4a5
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.36~rc1~dfsg-3+lenny1_hppa.deb
Size/MD5 checksum: 230744 b96bb2333dcd2c415d7a6cdfa5c5c85c
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.36~rc1~dfsg-3+lenny1_hppa.deb
Size/MD5 checksum: 371374 6f2e96e693804722d51efe17a7384c0a
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.36~rc1~dfsg-3+lenny1_hppa.deb
Size/MD5 checksum: 167492 ac52ea686398bbe6bb0050d7f23380c7
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.36~rc1~dfsg-3+lenny1_hppa.deb
Size/MD5 checksum: 374120 8280bee041cda85b2d7590485668d4d7

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.36~rc1~dfsg-3+lenny1_i386.deb
Size/MD5 checksum: 358974 797889cfec6a71fbc8dea99014a22d5d
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.36~rc1~dfsg-3+lenny1_i386.deb
Size/MD5 checksum: 356634 8687049dc7503710e7b9798818ec10a0
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.36~rc1~dfsg-3+lenny1_i386.deb
Size/MD5 checksum: 222606 640114552f4d79220a99ed754bc8b149
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.36~rc1~dfsg-3+lenny1_i386.deb
Size/MD5 checksum: 220836 7fe4a8f4404f923bb3c2753c8801b945
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.36~rc1~dfsg-3+lenny1_i386.deb
Size/MD5 checksum: 164292 877bc158847f598be3175fcf1caca555

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.36~rc1~dfsg-3+lenny1_ia64.deb
Size/MD5 checksum: 262616 384ba9e56c2243fbf678cbd2066c421a
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.36~rc1~dfsg-3+lenny1_ia64.deb
Size/MD5 checksum: 407462 a281c696e7df4c6b28fb1d00d889ad4e
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.36~rc1~dfsg-3+lenny1_ia64.deb
Size/MD5 checksum: 170536 91e3b8b3bdec6437e586ecad76448d7b
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.36~rc1~dfsg-3+lenny1_ia64.deb
Size/MD5 checksum: 259726 a1419ac46090a5b3ac6fadc031c94361
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.36~rc1~dfsg-3+lenny1_ia64.deb
Size/MD5 checksum: 404324 beaf8d3f61ac17a3e1f9f8ec0fb98f83

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.36~rc1~dfsg-3+lenny1_mips.deb
Size/MD5 checksum: 368870 3f8abbc6d77a5aad3fb30b47a5a159ca
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.36~rc1~dfsg-3+lenny1_mips.deb
Size/MD5 checksum: 222342 1e65ebf2348b44765b21fc2d50760d40
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.36~rc1~dfsg-3+lenny1_mips.deb
Size/MD5 checksum: 224514 b852f45244d7fc1da80ad7baf7faa7a3
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.36~rc1~dfsg-3+lenny1_mips.deb
Size/MD5 checksum: 166492 4209fb354092ffe728ad6c877bf5b53a
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.36~rc1~dfsg-3+lenny1_mips.deb
Size/MD5 checksum: 371392 cbd8852931c6b0e5217982e215f688f7

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.36~rc1~dfsg-3+lenny1_mipsel.deb
Size/MD5 checksum: 223660 0eff65fc6483e460c4e6c21ebaae951a
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.36~rc1~dfsg-3+lenny1_mipsel.deb
Size/MD5 checksum: 373182 20190a16e9c743fe16f8a169e159ec8a
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.36~rc1~dfsg-3+lenny1_mipsel.deb
Size/MD5 checksum: 167336 fec0121ea4ddb045fb9aed273ebe3bbf
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.36~rc1~dfsg-3+lenny1_mipsel.deb
Size/MD5 checksum: 225550 f9bf5ad9cb2974b32d183e6f204f206d
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.36~rc1~dfsg-3+lenny1_mipsel.deb
Size/MD5 checksum: 370838 e0959c73988a9c10fad4a9325d6332d6

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.36~rc1~dfsg-3+lenny1_powerpc.deb
Size/MD5 checksum: 177126 319718191c09c50f6fba336f043277b1
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.36~rc1~dfsg-3+lenny1_powerpc.deb
Size/MD5 checksum: 232182 740ccf088ae1cc6473b088dfa3afd897
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.36~rc1~dfsg-3+lenny1_powerpc.deb
Size/MD5 checksum: 367906 1c217aa962a581c638736677eb18d640
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.36~rc1~dfsg-3+lenny1_powerpc.deb
Size/MD5 checksum: 229860 bef4bcd55e5f91278ea889e782a08772
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.36~rc1~dfsg-3+lenny1_powerpc.deb
Size/MD5 checksum: 370242 5eb51419b12f3d0a9e95cc1257256ed5

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.36~rc1~dfsg-3+lenny1_s390.deb
Size/MD5 checksum: 230344 e90c8c56df7081e36153be0c51d0596c
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.36~rc1~dfsg-3+lenny1_s390.deb
Size/MD5 checksum: 365176 5bfb3d0987d0cddcdb72a453fd7acd58
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.36~rc1~dfsg-3+lenny1_s390.deb
Size/MD5 checksum: 228024 4b902fd21e351d5ba17bfb3d90cb7289
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.36~rc1~dfsg-3+lenny1_s390.deb
Size/MD5 checksum: 167880 676ed67187ddfddb50c8d8779df61571
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.36~rc1~dfsg-3+lenny1_s390.deb
Size/MD5 checksum: 367886 06b0e25ee20930b4043c5496f2aab0e3

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.36~rc1~dfsg-3+lenny1_sparc.deb
Size/MD5 checksum: 221040 d745bb60f8419d7079a2886865f89ca7
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.36~rc1~dfsg-3+lenny1_sparc.deb
Size/MD5 checksum: 358368 f4190378385c02f7d6c339969d607e49
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.36~rc1~dfsg-3+lenny1_sparc.deb
Size/MD5 checksum: 219262 ba91b74900bf16efc42d805d818d47dd
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.36~rc1~dfsg-3+lenny1_sparc.deb
Size/MD5 checksum: 167142 ec45c768f5fc3b0d1994f6302e939e42
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.36~rc1~dfsg-3+lenny1_sparc.deb
Size/MD5 checksum: 360622 00d362606ec08c5b7633e5358a7a805c

These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@...
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAksDDKIACgkQXm3vHE4uylpFZgCgyP5ZjWxHpU6JuTZJwdEZefiT
+PIAoKWivkoCfdCPdRUqwi9Jk2SPZPZ7
=60Ep
-----END PGP SIGNATURE-----

--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@...
with a subject of "unsubscribe". Trouble? Contact listmaster@...

[SECURITY] [DSA 1935-1] New gnutls23/gnutls26 packages fix SSL certificate verification weakness

2009-11-17T05:46:36Z

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA-1935-1 security@...
http://www.debian.org/security/ Giuseppe Iuculano
November 17th, 2009 http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Packages : gnutls13 gnutls26
Vulnerability : several vulnerabilities
Problem type : remote
Debian-specific: no
Debian bug : 541439
CVE Ids : CVE-2009-2409 CVE-2009-2730

Dan Kaminsky and Moxie Marlinspike discovered that gnutls, an implementation of
the TLS/SSL protocol, does not properly handle a '\0' character in a domain name
in the subject's Common Name or Subject Alternative Name (SAN) field of an X.509
certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL
servers via a crafted certificate issued by a legitimate Certification
Authority. (CVE-2009-2730)

In addition, with this update, certificates with MD2 hash signatures are no
longer accepted since they're no longer considered cryptograhically secure. It
only affects the oldstable distribution (etch).(CVE-2009-2409)

For the oldstable distribution (etch), these problems have been fixed in version
1.4.4-3+etch5 for gnutls13.

For the stable distribution (lenny), these problems have been fixed in version
2.4.2-6+lenny2 for gnutls26.

For the testing distribution (squeeze), and the unstable distribution (sid),
these problems have been fixed in version 2.8.3-1 for gnutls26.

We recommend that you upgrade your gnutls13/gnutls26 packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch
- -------------------------------

Debian (oldstable)
- ------------------

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/g/gnutls13/gnutls13_1.4.4.orig.tar.gz
Size/MD5 checksum: 4752009 c06ada020e2b69caa51833175d59f8b2
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls13_1.4.4-3+etch5.dsc
Size/MD5 checksum: 968 0d1e0d44616d6f6a53b6c1f567849f56
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls13_1.4.4-3+etch5.diff.gz
Size/MD5 checksum: 22775 f6ddd230b956dec89fccf43ea9f64c20

Architecture independent packages:

http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-doc_1.4.4-3+etch5_all.deb
Size/MD5 checksum: 2320326 d29321b23395f3bd314b9eee58f351e3

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch5_alpha.deb
Size/MD5 checksum: 524412 3cec75cb5cc88eb5232c4f29690daf9c
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch5_alpha.deb
Size/MD5 checksum: 196642 9c9f57aad568b9a401d6c1d01d2d7b8d
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch5_alpha.deb
Size/MD5 checksum: 328464 e5323045e55edea08408bfb9b47d31bc
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch5_alpha.deb
Size/MD5 checksum: 547790 454e9579fc03822ba624f1b95a2233db

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch5_amd64.deb
Size/MD5 checksum: 389592 c223bf87fc20485989fac3d45781479e
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch5_amd64.deb
Size/MD5 checksum: 539538 aa4f2394318c69cfb830b0b9ff60910f
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch5_amd64.deb
Size/MD5 checksum: 183748 179c1000c3fb9eb03ccc4e4d13be31b7
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch5_amd64.deb
Size/MD5 checksum: 314988 147a2771b4a5ec7f0d96b261568876a9

arm architecture (ARM)

http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch5_arm.deb
Size/MD5 checksum: 511366 a4d8c9026f1796c25cb2b7c52ef2a3ed
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch5_arm.deb
Size/MD5 checksum: 170044 b6bde115c495dce839a52c7429f0dbf2
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch5_arm.deb
Size/MD5 checksum: 355394 dd804a20100e1ea6e952822f10f7439b
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch5_arm.deb
Size/MD5 checksum: 283498 d1812b33b152335943b56b27766b06b1

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch5_hppa.deb
Size/MD5 checksum: 184760 2c91694636ada0deaf3d6bf5282b2e39
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch5_hppa.deb
Size/MD5 checksum: 435846 9aca168f530875a37e2f642e4eedf8d7
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch5_hppa.deb
Size/MD5 checksum: 522290 0c7d5b25764b7417614b060bfd75ba0b
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch5_hppa.deb
Size/MD5 checksum: 313032 8ce1083248396d54bfa7e5e48d8d539f

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch5_i386.deb
Size/MD5 checksum: 361204 cebc5c072963706a77e1de7a4e3007ff
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch5_i386.deb
Size/MD5 checksum: 526762 fc875479e7073f653d1861466b161c4f
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch5_i386.deb
Size/MD5 checksum: 283234 e631928f6b98dfb87101c95a3ef05d5b
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch5_i386.deb
Size/MD5 checksum: 173680 3452c95f32e6385391700792ad29f178

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch5_ia64.deb
Size/MD5 checksum: 528676 fc9737d4f76e4f100d49369640c14410
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch5_ia64.deb
Size/MD5 checksum: 229464 bbc0fa1b84059efe0bb237bee57a813a
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch5_ia64.deb
Size/MD5 checksum: 395210 d2939943712f32f8a2ece29c5b8997e6
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch5_ia64.deb
Size/MD5 checksum: 550718 e47c23d4c04d653b1b17f21eff5fe995

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch5_mips.deb
Size/MD5 checksum: 279672 3eca03ed4ee8700a0fb7c4a290c02035
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch5_mips.deb
Size/MD5 checksum: 183084 8d8218914a3b18501f727b7d2423e7bd
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch5_mips.deb
Size/MD5 checksum: 418826 a38125c2aa8353e0db7628f58c48501d
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch5_mips.deb
Size/MD5 checksum: 554026 999ec1b017db3b9b01f992482e34e834

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch5_mipsel.deb
Size/MD5 checksum: 182966 f74f61b271ef2dacc697da994de63c6e
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch5_mipsel.deb
Size/MD5 checksum: 542526 8d5d1b10a2b699baec693032bd7c8220
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch5_mipsel.deb
Size/MD5 checksum: 278144 fefb167c9b703c941a74b31cc1e57386
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch5_mipsel.deb
Size/MD5 checksum: 417548 295cac79e17bb91af79994dd42beff12

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch5_powerpc.deb
Size/MD5 checksum: 539140 f5c6093941de4bad63a9358937d9e9bf
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch5_powerpc.deb
Size/MD5 checksum: 289256 a6ba2fe745aefb77298904838dbe89c3
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch5_powerpc.deb
Size/MD5 checksum: 389278 6b95f79d0ab35bfead0aba6d264fadf6
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch5_powerpc.deb
Size/MD5 checksum: 184878 93e1dfdab5f4aefc0441efbc8b3629e3

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch5_s390.deb
Size/MD5 checksum: 311948 f12b41557a868704cc4b0c3d523d7152
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch5_s390.deb
Size/MD5 checksum: 380612 22613e21463f904382ee8396d7bcb560
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch5_s390.deb
Size/MD5 checksum: 537998 7433adff9256f314176abde8a8f5189f
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch5_s390.deb
Size/MD5 checksum: 184766 b1c26cac411fdf46bc70110c5d63bda1

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch5_sparc.deb
Size/MD5 checksum: 380326 edb042b81a29e7ebb1f6e76012344721
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch5_sparc.deb
Size/MD5 checksum: 491774 0006fe36e413ac3d043261d3ea255f54
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch5_sparc.deb
Size/MD5 checksum: 169592 a64346f82d82c65663eb5a7c841575e0
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch5_sparc.deb
Size/MD5 checksum: 271534 0a2ae15d598949739a8cac53cfd1a686

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Debian (stable)
- ---------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/g/gnutls26/gnutls26_2.4.2-6+lenny2.diff.gz
Size/MD5 checksum: 22541 cf40d750533c71674457d06009bb0782
http://security.debian.org/pool/updates/main/g/gnutls26/gnutls26_2.4.2-6+lenny2.dsc
Size/MD5 checksum: 1613 11f849268b5a2eaa380f9ead0adfb115
http://security.debian.org/pool/updates/main/g/gnutls26/gnutls26_2.4.2.orig.tar.gz
Size/MD5 checksum: 5984345 8fea7c57f4badcafcd31eb0f981f169a

Architecture independent packages:

http://security.debian.org/pool/updates/main/g/gnutls26/gnutls-doc_2.4.2-6+lenny2_all.deb
Size/MD5 checksum: 2761832 515f3fe721d0ff35dd94d213f6a63c1d

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/g/gnutls26/guile-gnutls_2.4.2-6+lenny2_alpha.deb
Size/MD5 checksum: 218632 e9bfc365dd3e67e7d2fa3f1e2abe69d9
http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls-dev_2.4.2-6+lenny2_alpha.deb
Size/MD5 checksum: 748238 20538636930652560875eb2cbad30db5
http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls26_2.4.2-6+lenny2_alpha.deb
Size/MD5 checksum: 515934 f6deaa1519b88b14a7d49cfb52239a6d
http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls26-dbg_2.4.2-6+lenny2_alpha.deb
Size/MD5 checksum: 1143310 c72c8cc75bb5872c3ee76d9741015ebf
http://security.debian.org/pool/updates/main/g/gnutls26/gnutls-bin_2.4.2-6+lenny2_alpha.deb
Size/MD5 checksum: 298230 1c4f2fcffc99ccfb4df1c66b82d7a28d

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/g/gnutls26/gnutls-bin_2.4.2-6+lenny2_amd64.deb
Size/MD5 checksum: 285466 2771d1bd8e7bd6e3aabed272fe978ee8
http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls-dev_2.4.2-6+lenny2_amd64.deb
Size/MD5 checksum: 587384 2ad87b2c3d54aceaf3e4f7c54f8fed98
http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls26-dbg_2.4.2-6+lenny2_amd64.deb
Size/MD5 checksum: 1137154 dee3ab7e6a5f614841dcb54ab18c2d87
http://security.debian.org/pool/updates/main/g/gnutls26/guile-gnutls_2.4.2-6+lenny2_amd64.deb
Size/MD5 checksum: 216556 3ef162abcab4745ed09e7d23c5e65967
http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls26_2.4.2-6+lenny2_amd64.deb
Size/MD5 checksum: 506906 6a4ef62028952937923c6708bab643e4

arm architecture (ARM)

http://security.debian.org/pool/updates/main/g/gnutls26/guile-gnutls_2.4.2-6+lenny2_arm.deb
Size/MD5 checksum: 206572 ebda0a0cebf25d34c08536c3333e8107
http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls26_2.4.2-6+lenny2_arm.deb
Size/MD5 checksum: 446094 8618d03f2815c756e249752d43c21e94
http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls26-dbg_2.4.2-6+lenny2_arm.deb
Size/MD5 checksum: 1071036 95ca4f0094561941ec4eb5ae64b9aa92
http://security.debian.org/pool/updates/main/g/gnutls26/gnutls-bin_2.4.2-6+lenny2_arm.deb
Size/MD5 checksum: 269802 c755c7a41a44cbf43c0de503d72a346c
http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls-dev_2.4.2-6+lenny2_arm.deb
Size/MD5 checksum: 528212 609e43315302a8f69c94b611565309bb

armel architecture (ARM EABI)

http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls-dev_2.4.2-6+lenny2_armel.deb
Size/MD5 checksum: 530970 47450c2aa5500ac11c20ea97da9a39a5
http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls26-dbg_2.4.2-6+lenny2_armel.deb
Size/MD5 checksum: 1076498 013949caf00bb4c09c6a938cc9e1663f
http://security.debian.org/pool/updates/main/g/gnutls26/gnutls-bin_2.4.2-6+lenny2_armel.deb
Size/MD5 checksum: 266782 11690d1391b24583f46e5d4c5e52c496
http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls26_2.4.2-6+lenny2_armel.deb
Size/MD5 checksum: 453366 650e7db38325c50b6b6400d41fab6e3e
http://security.debian.org/pool/updates/main/g/gnutls26/guile-gnutls_2.4.2-6+lenny2_armel.deb
Size/MD5 checksum: 206556 8ef962910e5e42d012333145a7bc5605

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls-dev_2.4.2-6+lenny2_hppa.deb
Size/MD5 checksum: 623332 a71ae72f1b083de29e38be2377e5f801
http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls26-dbg_2.4.2-6+lenny2_hppa.deb
Size/MD5 checksum: 1092220 0ee7714f23bc078deb4b06e1902143a2
http://security.debian.org/pool/updates/main/g/gnutls26/gnutls-bin_2.4.2-6+lenny2_hppa.deb
Size/MD5 checksum: 288222 5265c4a75dc4ccf047d6618977c347b5
http://security.debian.org/pool/updates/main/g/gnutls26/guile-gnutls_2.4.2-6+lenny2_hppa.deb
Size/MD5 checksum: 216368 0a70676d3d6438687f8e0ad7bc60e46e
http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls26_2.4.2-6+lenny2_hppa.deb
Size/MD5 checksum: 490244 948e9671cbdf50eed5a0c8381855c312

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls26_2.4.2-6+lenny2_i386.deb
Size/MD5 checksum: 464294 e7c49812fe0f7e30ef2b161586afcb9e
http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls26-dbg_2.4.2-6+lenny2_i386.deb
Size/MD5 checksum: 1091520 5d34ba25dbce51d201bd5a59e1a7be1d
http://security.debian.org/pool/updates/main/g/gnutls26/gnutls-bin_2.4.2-6+lenny2_i386.deb
Size/MD5 checksum: 269416 f6131b2bb1ed2cfda08e12a5d2ff7924
http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls-dev_2.4.2-6+lenny2_i386.deb
Size/MD5 checksum: 538716 afe8584d673272b885a933aeb474b57a
http://security.debian.org/pool/updates/main/g/gnutls26/guile-gnutls_2.4.2-6+lenny2_i386.deb
Size/MD5 checksum: 211260 d66a4b3d2c9b16ae10e22e187f6f49d4

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls-dev_2.4.2-6+lenny2_ia64.deb
Size/MD5 checksum: 783302 c84f0b7f414238a52a308c5c25408745
http://security.debian.org/pool/updates/main/g/gnutls26/gnutls-bin_2.4.2-6+lenny2_ia64.deb
Size/MD5 checksum: 341950 8376cd61be6ed247cac0ed841956b3bf
http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls26-dbg_2.4.2-6+lenny2_ia64.deb
Size/MD5 checksum: 933244 4720f477f77f2ed23a7d3d8664e29dfb
http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls26_2.4.2-6+lenny2_ia64.deb
Size/MD5 checksum: 608048 612e75ae6b520813f37c3061a6d93115

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls-dev_2.4.2-6+lenny2_mips.deb
Size/MD5 checksum: 612326 0a3fd65aab1aebece219144928875655
http://security.debian.org/pool/updates/main/g/gnutls26/guile-gnutls_2.4.2-6+lenny2_mips.deb
Size/MD5 checksum: 204168 481c3f5b56f66a5d3329121aab270e35
http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls26-dbg_2.4.2-6+lenny2_mips.deb
Size/MD5 checksum: 1156518 6207ed31c70b935dcbc9947b7f932413
http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls26_2.4.2-6+lenny2_mips.deb
Size/MD5 checksum: 450508 d84e9b08891328982adbfb715d5661d8
http://security.debian.org/pool/updates/main/g/gnutls26/gnutls-bin_2.4.2-6+lenny2_mips.deb
Size/MD5 checksum: 277200 86d9f508062854355749ce61f08454f3

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls26_2.4.2-6+lenny2_mipsel.deb
Size/MD5 checksum: 447986 941adce495faf0246f500cad682eecf9
http://security.debian.org/pool/updates/main/g/gnutls26/gnutls-bin_2.4.2-6+lenny2_mipsel.deb
Size/MD5 checksum: 276896 e202c2e264c68e517f5adf6e8c1754da
http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls26-dbg_2.4.2-6+lenny2_mipsel.deb
Size/MD5 checksum: 1135302 63c1c0f1d0fd295ca2ff404cc1d26d4d
http://security.debian.org/pool/updates/main/g/gnutls26/guile-gnutls_2.4.2-6+lenny2_mipsel.deb
Size/MD5 checksum: 203662 3ab214e0b28c9e58cf8a0055610bf941
http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls-dev_2.4.2-6+lenny2_mipsel.deb
Size/MD5 checksum: 608742 89860b25c70999416ecf1d55e8349633

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/g/gnutls26/guile-gnutls_2.4.2-6+lenny2_s390.deb
Size/MD5 checksum: 216318 d5f5f6f3a1e9890442cbaa95add449c7
http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls26-dbg_2.4.2-6+lenny2_s390.deb
Size/MD5 checksum: 1130814 126787b5691cd8301b26d785a4612509
http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls-dev_2.4.2-6+lenny2_s390.deb
Size/MD5 checksum: 566688 b9098ac0484dbc9788d6305a4cb042b4
http://security.debian.org/pool/updates/main/g/gnutls26/gnutls-bin_2.4.2-6+lenny2_s390.deb
Size/MD5 checksum: 289924 58f71ff0b729d1d4656db37a39e09468
http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls26_2.4.2-6+lenny2_s390.deb
Size/MD5 checksum: 496000 6bc48e6d342fd1226ba2e3b649ce80bd

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls26_2.4.2-6+lenny2_sparc.deb
Size/MD5 checksum: 438672 262013091fcac289b5fcc6420e25b287
http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls26-dbg_2.4.2-6+lenny2_sparc.deb
Size/MD5 checksum: 1023036 2157723b3f9cf676a80cbcedc892cad1
http://security.debian.org/pool/updates/main/g/gnutls26/libgnutls-dev_2.4.2-6+lenny2_sparc.deb
Size/MD5 checksum: 556984 079e6f596226d14e673bad1cefd487fc
http://security.debian.org/pool/updates/main/g/gnutls26/guile-gnutls_2.4.2-6+lenny2_sparc.deb
Size/MD5 checksum: 209502 c01e31234b9a6dcd4ade38354a1cc4ef
http://security.debian.org/pool/updates/main/g/gnutls26/gnutls-bin_2.4.2-6+lenny2_sparc.deb
Size/MD5 checksum: 276656 f0a16e2061a5bf67e58db0ff2b1a570a

These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@...
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAksCqTwACgkQHYflSXNkfP9qmACdEy7+wOGrR6IOoY6Xq/aANRo2
61QAn3kZr4APE34L1qsgGc5/bFijAykh
=Qi+6
-----END PGP SIGNATURE-----

--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@...
with a subject of "unsubscribe". Trouble? Contact listmaster@...

[SECURITY] [DSA-1934-1] New apache2 packages fix several issues

2009-11-16T11:30:33Z

[SECURITY] [DSA 1933-1] New cups packages fix cross-site scripting

2009-11-09T18:41:26Z

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1933-1 security@...
http://www.debian.org/security/ Steffen Joeris
November 10, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : cups
Vulnerability : missing input sanitising
Problem type : remote
Debian-specific: no
CVE Id : CVE-2009-2820

Aaron Siegel discovered that the web interface of cups, the Common UNIX
Printing System, is prone to cross-site scripting attacks.

For the stable distribution (lenny), this problem has been fixed in
version 1.3.8-1+lenny7.

For the oldstable distribution (etch), this problem has been fixed in
version 1.2.7-4+etch9.

For the testing distribution (squeeze) and the unstable distribution
(sid), this problem will be fixed soon.

We recommend that you upgrade your cups packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch
- -------------------------------

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Debian (oldstable)
- ------------------

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7.orig.tar.gz
Size/MD5 checksum: 4214272 c9ba33356e5bb93efbcf77b6e142e498
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9.diff.gz
Size/MD5 checksum: 112995 fe3566daa6615bcd625288ce98e9384f
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9.dsc
Size/MD5 checksum: 1095 804241054cda1301d183492ea5969649

Architecture independent packages:

http://security.debian.org/pool/updates/main/c/cupsys/cupsys-common_1.2.7-4+etch9_all.deb
Size/MD5 checksum: 917720 bc97c75dacbd345dfd07e9397c91c38f
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.2.7-4+etch9_all.deb
Size/MD5 checksum: 46524 4f95c2485efda6dc7fc306162a5b1641

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_alpha.deb
Size/MD5 checksum: 72990 bf27b53404f44fcea401f8ff88de8aa2
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_alpha.deb
Size/MD5 checksum: 1095268 d25ffb1cdb0d32cb3d80d6a551b355c7
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_alpha.deb
Size/MD5 checksum: 184818 00aa5f531b8c3a30c6c77b926be722d2
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_alpha.deb
Size/MD5 checksum: 175652 d52f9ee130bbf84d5436a71bb526f56c
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_alpha.deb
Size/MD5 checksum: 95922 8d80f7b83c755b59401fa7dd0b2ca81e
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_alpha.deb
Size/MD5 checksum: 1605614 26620cc74617e392217a198fbde74860
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_alpha.deb
Size/MD5 checksum: 86404 5cebb372c4230f6ec95f89be9183293c
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_alpha.deb
Size/MD5 checksum: 39290 429780ee5c35d47504291877979b6a15

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_amd64.deb
Size/MD5 checksum: 162858 1efc0ec7be9fc17ec25aab13eeb6e169
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_amd64.deb
Size/MD5 checksum: 80712 2f639382f1e7767254a39358e7a79aed
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_amd64.deb
Size/MD5 checksum: 1090142 e33720ca87a04a87fe9a23b281c1bac0
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_amd64.deb
Size/MD5 checksum: 86648 7eacddf27156689a52fe3b620392f734
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_amd64.deb
Size/MD5 checksum: 1578128 1726cfeb573c14d325bd7d3c6ec29188
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_amd64.deb
Size/MD5 checksum: 53050 342387c9d81a32530263493d8a11eb86
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_amd64.deb
Size/MD5 checksum: 142540 66ff1c8c7c2bae7320d208e1ac6748c5
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_amd64.deb
Size/MD5 checksum: 36356 a752bf52d8c59b7e7b16a44e6265da78

arm architecture (ARM)

http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_arm.deb
Size/MD5 checksum: 78688 9ee5e250e8db317459cf64f0f4d2b9e9
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_arm.deb
Size/MD5 checksum: 155024 2e0ba671643828c8a208647ffc267b64
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_arm.deb
Size/MD5 checksum: 85562 05a0e3e5bbcc37c3a22e5e5343bbc44d
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_arm.deb
Size/MD5 checksum: 1569288 8871122b1793c0e6f24e10fb781e0cb9
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_arm.deb
Size/MD5 checksum: 48948 9c51ba4c36e7fc6c4dbd2da98be31557
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_arm.deb
Size/MD5 checksum: 1024098 d942cccf63a8013a157f6cd8b8091a77
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_arm.deb
Size/MD5 checksum: 36760 f4f9b00a6516aaad65423afdb7cc15c3
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_arm.deb
Size/MD5 checksum: 131680 8ae7ad06a988b72ec037bd8576a5401b

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_hppa.deb
Size/MD5 checksum: 57248 6ce4ddf236ef42bd67a8cbdfcd433a22
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_hppa.deb
Size/MD5 checksum: 91630 2351fe0384a9aacfe47d2917fad5c373
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_hppa.deb
Size/MD5 checksum: 86788 4f32c2829c4e067c47d2d403a7ce4f41
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_hppa.deb
Size/MD5 checksum: 1038730 ae7853cba7ba8f46eb0b8f02b32afc01
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_hppa.deb
Size/MD5 checksum: 1630072 270330a3a787ab952bb8c315bff4dea3
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_hppa.deb
Size/MD5 checksum: 154678 0b97726ccaf51ff69b8f29159f3def07
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_hppa.deb
Size/MD5 checksum: 172288 f62575c4d075147cdab3e2b3912a28d2
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_hppa.deb
Size/MD5 checksum: 40378 7dfc68f3a0de6c6a0027cf3f82f28100

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_i386.deb
Size/MD5 checksum: 1558554 20697fd1df339dfe66645e41f8fdab62
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_i386.deb
Size/MD5 checksum: 53226 ed047b982bccef707582c5239e6c4529
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_i386.deb
Size/MD5 checksum: 79704 defeadc51fe3b8e70c248e7f7cd78eeb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_i386.deb
Size/MD5 checksum: 87582 82b5f9adc2612c3d3818d9ee619e98c2
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_i386.deb
Size/MD5 checksum: 161536 cc750090dea44733d5bfa4859768fd50
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_i386.deb
Size/MD5 checksum: 137800 ced35b0270e6f9576a084a848097e56c
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_i386.deb
Size/MD5 checksum: 998886 599796e90c29f4adfd032f7eced8dbd6
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_i386.deb
Size/MD5 checksum: 36234 47bd2806f7fa212153053cf58bfa7f1b

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_ia64.deb
Size/MD5 checksum: 192380 fac2ee8208cc62269d660293987722c4
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_ia64.deb
Size/MD5 checksum: 46336 537bf35bd49b91a743511ae655ea98fa
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_ia64.deb
Size/MD5 checksum: 106222 41d7dfbd5f5f8989c491dd7c6256d23c
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_ia64.deb
Size/MD5 checksum: 1773934 ed2f57b9532dfdd17a487cc794674254
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_ia64.deb
Size/MD5 checksum: 204566 e0b3ae3cb6dcf554600cd8a6282f31c3
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_ia64.deb
Size/MD5 checksum: 1109732 dc2117102927617da49909c68a4c010d
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_ia64.deb
Size/MD5 checksum: 107490 e755ddc16e79d95f5e717cdda6b8b66a
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_ia64.deb
Size/MD5 checksum: 74382 2625f53f6a81c275e6b3600b6f83e40e

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_mips.deb
Size/MD5 checksum: 158354 8c52640f70fd6bd724e48bf3aa5ddaf6
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_mips.deb
Size/MD5 checksum: 1569908 6e4b324f3d4ef8630c4a8a1d8d373a10
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_mips.deb
Size/MD5 checksum: 1100238 265ebdea306b57efaa192601902c6152
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_mips.deb
Size/MD5 checksum: 76154 a2b996d1dced2ccf1d0b325e403ad76e
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_mips.deb
Size/MD5 checksum: 57670 e7496d3c9ff40b21841004011d984ab0
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_mips.deb
Size/MD5 checksum: 36110 2e6233c94a391e3c12a42fb242b90c0d
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_mips.deb
Size/MD5 checksum: 150984 c4b5d5c3e84d1558a3a9779f8a44880e
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_mips.deb
Size/MD5 checksum: 87150 252b222f10710ac818eaa39d0e62d1d0

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_mipsel.deb
Size/MD5 checksum: 158900 8fef7b67a8b23b8410cad13581d3c87f
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_mipsel.deb
Size/MD5 checksum: 1089172 4026204ebe8cd1e3aca31fabd5c4751d
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_mipsel.deb
Size/MD5 checksum: 36056 72c3532a5db151edc04ddcf5230d10ae
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_mipsel.deb
Size/MD5 checksum: 1555346 7d1c3413c07ce587bcbc6b0825b27aa1
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_mipsel.deb
Size/MD5 checksum: 57798 e38bc41a4cee06be91e5ca90eaa834d6
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_mipsel.deb
Size/MD5 checksum: 150896 010940ad9b6f216f58055dee0c05720e
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_mipsel.deb
Size/MD5 checksum: 77452 1bf693a139ca808f0ddfde50daeb3951
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_mipsel.deb
Size/MD5 checksum: 87318 e6aadf01613a8363e9a77dabda1cc7b0

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_powerpc.deb
Size/MD5 checksum: 89456 ce774884f9f2d60d53b9738087b1997c
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_powerpc.deb
Size/MD5 checksum: 41338 6470a2c554400bf5d76df57a10c59b1a
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_powerpc.deb
Size/MD5 checksum: 163538 f312c95edac480e335383282e658afa4
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_powerpc.deb
Size/MD5 checksum: 1148886 2867ed7850c711eb45802ee198667b6c
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_powerpc.deb
Size/MD5 checksum: 136252 ead19e10b92e029542cf17b378a567fc
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_powerpc.deb
Size/MD5 checksum: 89566 03ad548ff0f04c960eb4f242dc46251d
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_powerpc.deb
Size/MD5 checksum: 51924 f25670cf80cd3d7558da75c315305725
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_powerpc.deb
Size/MD5 checksum: 1584292 238dcd774ade788f8bd22094c45a1330

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_s390.deb
Size/MD5 checksum: 37416 996dfcb6fb6f65d8f13b7dae44e19dcf
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_s390.deb
Size/MD5 checksum: 144934 ce53888a5d6fb6546cea3a29554dc617
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_s390.deb
Size/MD5 checksum: 1039580 aa0880a0c055113199e8f7c7bbdb2478
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_s390.deb
Size/MD5 checksum: 167056 4a769af5c2d19121705021fa93f50754
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_s390.deb
Size/MD5 checksum: 1589794 9dfd00c1deacfda509f538cee7713da4
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_s390.deb
Size/MD5 checksum: 88248 1d05ee6ddb20e514e6c99fe31399f2d5
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_s390.deb
Size/MD5 checksum: 52516 fb5a46492d2a20e430af75e816924b35
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_s390.deb
Size/MD5 checksum: 82330 16608e47717961ab5ae7a00d73bed368

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_sparc.deb
Size/MD5 checksum: 78514 690e8cc7cc8cec06cfbff7bce25484c5
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_sparc.deb
Size/MD5 checksum: 994252 5085b682f7e0c7ec22be63843cd3f015
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_sparc.deb
Size/MD5 checksum: 51784 9bd7bf8d93316b8a59d98541101cbc73
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_sparc.deb
Size/MD5 checksum: 139562 c783267048e5410b6ab38dadf6b92fd7
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_sparc.deb
Size/MD5 checksum: 36024 29fbb1ae8a6be5647d0d1eae4dbe35aa
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_sparc.deb
Size/MD5 checksum: 159428 42067c27bab2c7e5dc0da63f92ce073b
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_sparc.deb
Size/MD5 checksum: 1564572 83de8732694d0cc2aa0cd70636c89917
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_sparc.deb
Size/MD5 checksum: 85628 a06afa2268b22d071eec37a6a0f558ad

Debian (stable)
- ---------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7.diff.gz
Size/MD5 checksum: 188585 2f134119c9ab17213747ad55cd3abdf5
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8.orig.tar.gz
Size/MD5 checksum: 4796827 10efe9825c1a1dcd325be47a6cc21faf
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7.dsc
Size/MD5 checksum: 1838 598e0194241cb4b10e6ea6264c620f11

Architecture independent packages:

http://security.debian.org/pool/updates/main/c/cups/cupsys-client_1.3.8-1+lenny7_all.deb
Size/MD5 checksum: 52150 fcd78609b6330b7cac8eebf77d90551b
http://security.debian.org/pool/updates/main/c/cups/libcupsys2_1.3.8-1+lenny7_all.deb
Size/MD5 checksum: 52148 64539574b4ba2f2bdde5cfe8a5bb404a
http://security.debian.org/pool/updates/main/c/cups/cupsys-dbg_1.3.8-1+lenny7_all.deb
Size/MD5 checksum: 52146 899bfa5316f20775298b3d05e2e66ce9
http://security.debian.org/pool/updates/main/c/cups/cupsys-bsd_1.3.8-1+lenny7_all.deb
Size/MD5 checksum: 52148 7cf6e014adbf027f70c5be49eb8ca71d
http://security.debian.org/pool/updates/main/c/cups/cupsys-common_1.3.8-1+lenny7_all.deb
Size/MD5 checksum: 52150 0d536e8ea0f7bdbebe13163779e3d4f4
http://security.debian.org/pool/updates/main/c/cups/libcupsys2-dev_1.3.8-1+lenny7_all.deb
Size/MD5 checksum: 52158 7876f928d67e4f50f752a1af537d5d96
http://security.debian.org/pool/updates/main/c/cups/cupsys_1.3.8-1+lenny7_all.deb
Size/MD5 checksum: 52132 b55b302d127310628d5e5969828c90ba
http://security.debian.org/pool/updates/main/c/cups/cups-common_1.3.8-1+lenny7_all.deb
Size/MD5 checksum: 1174986 c6fed6d41ec1e486fc11ee5a632d4fb0

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_alpha.deb
Size/MD5 checksum: 2100558 63e7858512acf957df56b998c2890862
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_alpha.deb
Size/MD5 checksum: 179252 8c451eb372aab1a00e5ab852bbb16aa1
http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_alpha.deb
Size/MD5 checksum: 118462 891f827943c1fcd54a427bd69a5907f1
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_alpha.deb
Size/MD5 checksum: 37994 ce1a404f568126985fc9480e8f4d5d34
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_alpha.deb
Size/MD5 checksum: 1144620 3c164140815a4c6df3ddfc6ae93950b9
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_alpha.deb
Size/MD5 checksum: 108568 eaaf105093f5f2ec429ccdc1064b6721
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_alpha.deb
Size/MD5 checksum: 81502 b5437c0bf2576174a46fea03ea11a446
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_alpha.deb
Size/MD5 checksum: 446024 53ff55379c20c80ae0a63e70f43edf7a

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_amd64.deb
Size/MD5 checksum: 398418 80f6b9037d8d40264bdd353c717bf316
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_amd64.deb
Size/MD5 checksum: 2053110 f64a171669c6f0fa931ef50a409771f0
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_amd64.deb
Size/MD5 checksum: 168524 713d8df4f1c3946bb40b604f49656d55
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_amd64.deb
Size/MD5 checksum: 61044 0aa9904819ab2da5339a5b4e28ffe59a
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_amd64.deb
Size/MD5 checksum: 1196946 978ae6594fb203b6d507220725854f98
http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_amd64.deb
Size/MD5 checksum: 117084 1b712fc7ceaa991aec6066d17c3d8a03
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_amd64.deb
Size/MD5 checksum: 99838 13e57d407ac2bac36c7077ebb5259748
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_amd64.deb
Size/MD5 checksum: 37148 9f2d8c0ca7a37a225d7ce1723eba3829

arm architecture (ARM)

http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_arm.deb
Size/MD5 checksum: 386376 57fc5eb1b60843db37cc1560b34657ba
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_arm.deb
Size/MD5 checksum: 154852 cdfe93b0117b4d7ad86e097848f56a72
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_arm.deb
Size/MD5 checksum: 2059778 bc505f53c123e86f61e0208bd0a5d361
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_arm.deb
Size/MD5 checksum: 1119820 b567be834797c76ffb5a664e398bc34e
http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_arm.deb
Size/MD5 checksum: 112910 6f17df41cbb09df50155199f9be963a6
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_arm.deb
Size/MD5 checksum: 55578 f4b763671e94082fbf85803d45ecd392
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_arm.deb
Size/MD5 checksum: 96992 051d9fb6750b876d06191fb7e355e9ac
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_arm.deb
Size/MD5 checksum: 36312 166cc83ac06c835703410efd4765deab

armel architecture (ARM EABI)

http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_armel.deb
Size/MD5 checksum: 37670 81910b769bfbc1349c0b153ad9164d92
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_armel.deb
Size/MD5 checksum: 157710 aca520902431f9719aa580f098a03628
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_armel.deb
Size/MD5 checksum: 386566 d977a3c0fda5314a6c71484987949f73
http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_armel.deb
Size/MD5 checksum: 117932 ba1d3d8a1858053b0183961d82a09ebe
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_armel.deb
Size/MD5 checksum: 1132990 bb1d93250d6fca508cfff4997e605040
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_armel.deb
Size/MD5 checksum: 55010 447b83ce0df1e08e3cbe914981ea413d
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_armel.deb
Size/MD5 checksum: 2085014 f55b91ec749afcb1379aeca406b16f8f
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_armel.deb
Size/MD5 checksum: 98412 b7cc38ea409402878d9b2e78fd627a42

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_hppa.deb
Size/MD5 checksum: 119870 a9351e7030124a64654c5dbf2d748b57
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_hppa.deb
Size/MD5 checksum: 38172 02d9783ce625e884a7ffb5a6ea4fbdc2
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_hppa.deb
Size/MD5 checksum: 103156 8d7ae253b7155cc5d230f0ac7d3c88e6
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_hppa.deb
Size/MD5 checksum: 1138966 b46cff43879618898839dc38f8c276de
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_hppa.deb
Size/MD5 checksum: 63126 264faa52eb7b76b7ba3af3854f3ab6cc
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_hppa.deb
Size/MD5 checksum: 172700 34bf188a372a5101789842c4b2bbd5c8
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_hppa.deb
Size/MD5 checksum: 2119306 a5b452236f9e35cb754c76105158114b
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_hppa.deb
Size/MD5 checksum: 409118 0b899d323223726af53c0ac7f51fb98e

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_i386.deb
Size/MD5 checksum: 396398 a0b5f18275849bf02dbdc626cf805c1d
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_i386.deb
Size/MD5 checksum: 60438 59a35fa422c60d5adc9dff540706337a
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_i386.deb
Size/MD5 checksum: 1095692 fc5f6cc06799f5c00c943f9379db64be
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_i386.deb
Size/MD5 checksum: 99362 39bcf5f4db639ccd311870d9e90e7545
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_i386.deb
Size/MD5 checksum: 36492 febb3dc6f35605754664c84f0681cdd1
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_i386.deb
Size/MD5 checksum: 165512 f063ca52a622599e17be45bfda802830
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_i386.deb
Size/MD5 checksum: 2057466 86304106605edfb61db25d14a74429ea
http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_i386.deb
Size/MD5 checksum: 114902 954a28c392b37ded2ffc21bab16efaab

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_ia64.deb
Size/MD5 checksum: 139092 9d9f826faf7a99009aafb25c7deb637e
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_ia64.deb
Size/MD5 checksum: 123498 9377b05d42466021c1420362d3bb0157
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_ia64.deb
Size/MD5 checksum: 447534 783bb7f09f0dd7ebb82b168285ed3d2c
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_ia64.deb
Size/MD5 checksum: 2283614 8c700df25e12cb4ac24d5884a77e8cef
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_ia64.deb
Size/MD5 checksum: 1150652 e89ea87fa2fa750cf7385ef3f8efc9e5
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_ia64.deb
Size/MD5 checksum: 86010 db2d06c843ddfdc86d75eaa6c8f07248
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_ia64.deb
Size/MD5 checksum: 209138 4fbbef77787d20f8c7f828a02a504757
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_ia64.deb
Size/MD5 checksum: 41290 854227929b82c27f1645f401ddd2ea08

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_mips.deb
Size/MD5 checksum: 2049028 ba814726491cf18adc33b978cdf41ebf
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_mips.deb
Size/MD5 checksum: 157944 2f2a6f1e03a329dd9bfe66aefc042e78
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_mips.deb
Size/MD5 checksum: 405610 0d67a4c1476444a5bb7da06f04b0fe1a
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_mips.deb
Size/MD5 checksum: 1172578 d4329dafd5542e0128668a590898fb2e
http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_mips.deb
Size/MD5 checksum: 108484 9a4fcffe8fdaf374474c5ea0c8d7c8f5
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_mips.deb
Size/MD5 checksum: 98750 51447de9ba4558914df798f65058b6c9
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_mips.deb
Size/MD5 checksum: 65290 7879c6993282cc2cc1efb3d5872b06b8
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_mips.deb
Size/MD5 checksum: 36010 d670bc2bd607cc2625d4011fc8af900e

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_mipsel.deb
Size/MD5 checksum: 1158288 d8b64c43ee3f0e59cc31660873f1834e
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_mipsel.deb
Size/MD5 checksum: 158360 8197e028f08047fda6557b6b6fc9d3f3
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_mipsel.deb
Size/MD5 checksum: 65214 715dcb4022b19252c1eea1b784884310
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_mipsel.deb
Size/MD5 checksum: 36160 c94fe31c9b1e23e5753806cf033bf34f
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_mipsel.deb
Size/MD5 checksum: 98910 2da6b027dc7b588830d98e798f784f0b
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_mipsel.deb
Size/MD5 checksum: 2030054 28c9e99b851466e97e50c5712fe3342f
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_mipsel.deb
Size/MD5 checksum: 403242 f8b494cf670baee9b65c8e6cc39080d4
http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_mipsel.deb
Size/MD5 checksum: 109970 bf6fc87864ec7230506e5fd7c7abcd8b

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_powerpc.deb
Size/MD5 checksum: 136082 318d392ca604759afb280639cac8b03c
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_powerpc.deb
Size/MD5 checksum: 61152 985c626435a88fd3446dc88a447d2c9b
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_powerpc.deb
Size/MD5 checksum: 174320 57e2e7b2e6fd39ad63a1ba17e7194f40
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_powerpc.deb
Size/MD5 checksum: 394250 fde0e239f7e24e2ba4ee42e6596c60ba
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_powerpc.deb
Size/MD5 checksum: 104862 51a12f1bb7a775ddca43c10945639dfb
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_powerpc.deb
Size/MD5 checksum: 44204 f285bf023a4680b7da64118d586e1d5e
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_powerpc.deb
Size/MD5 checksum: 2124674 d8c9de7eef052dd764d66188837d86c9
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_powerpc.deb
Size/MD5 checksum: 1191028 1b4729142f6cdda734027dda48752afd

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_s390.deb
Size/MD5 checksum: 171654 0d53ed748c513498f55341ba19cfde32
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_s390.deb
Size/MD5 checksum: 2092930 7aef582c65b9873a66cd3e632acbec6e
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_s390.deb
Size/MD5 checksum: 1190710 884a98297180cc5c5bace0204ac48148
http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_s390.deb
Size/MD5 checksum: 118578 9ec07d8c2bdc5a9645d6d32c460357e7
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_s390.deb
Size/MD5 checksum: 60714 a37d661adbf755636f2b1f9340d4a96a
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_s390.deb
Size/MD5 checksum: 101620 bb3e1691cf3fa70e880823db340aa835
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_s390.deb
Size/MD5 checksum: 37804 5d817c9fa3eb1ebea486d0f0244384a5
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_s390.deb
Size/MD5 checksum: 399768 b1bdeedfe5bfe453de5ee9f065f169bf

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_sparc.deb
Size/MD5 checksum: 2067200 1b832d51127c5a3cdf1d2f9f15fbbc9f
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_sparc.deb
Size/MD5 checksum: 57760 9be4f682c78cce9c7d0e80a5d6ed3f61
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_sparc.deb
Size/MD5 checksum: 1049966 1c15bf61b0f26558c8d3eb49a8aaf682
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_sparc.deb
Size/MD5 checksum: 160982 6eda428d97d49e0b90d143599ac019f5
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_sparc.deb
Size/MD5 checksum: 97212 d57b0db0765d63f354d44a3aa4799f56
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_sparc.deb
Size/MD5 checksum: 392614 124cc14e2eeceea46a513424d40860f5
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_sparc.deb
Size/MD5 checksum: 38826 ae41ac61dab018ddb25f84f517076d3e
http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_sparc.deb
Size/MD5 checksum: 116488 a91a68f4eaaf11f8666f0d07da26bf23

These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@...
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkr40h0ACgkQ62zWxYk/rQcmrQCfT/1a/+FSdezaW1pc/iHM/jLN
jrgAoI1qnCASB/CO/zVZea8yTWpEXuc+
=mK8e
-----END PGP SIGNATURE-----

--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@...
with a subject of "unsubscribe". Trouble? Contact listmaster@...

[SECURITY] [DSA 1932-1] New pidgin packages fix arbitrary code execution

2009-11-08T11:47:33Z

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1932-1 security@...
http://www.debian.org/security/ Moritz Muehlenhoff
November 08, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : pidgin
Vulnerability : programming error
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2009-3615

It was discovered that incorrect pointer handling in the purple library,
an internal component of the multi-protocol instant messaging client
Pidgin, could lead to denial of service or the execution of arbitrary
code through malformed contact requests.

For the stable distribution (lenny), this problem has been fixed in
version 2.4.3-4lenny5.

For the unstable distribution (sid), this problem has been fixed in
version 2.6.3-1.

We recommend that you upgrade your pidgin package.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3.orig.tar.gz
Size/MD5 checksum: 13123610 d0e0bd218fbc67df8b2eca2f21fcd427
http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny5.diff.gz
Size/MD5 checksum: 69490 bdf5958352a704f7585d3028cd5e1fec
http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny5.dsc
Size/MD5 checksum: 1779 43de978c046520a4919f0d5a12a20726

Architecture independent packages:

http://security.debian.org/pool/updates/main/p/pidgin/finch-dev_2.4.3-4lenny5_all.deb
Size/MD5 checksum: 158216 5ed3ffcd4e334fc0a111b4009ab833de
http://security.debian.org/pool/updates/main/p/pidgin/pidgin-data_2.4.3-4lenny5_all.deb
Size/MD5 checksum: 7009600 17672a402481c235f6a2b783b791e746
http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dev_2.4.3-4lenny5_all.deb
Size/MD5 checksum: 193484 3d39086701ad91a11702a2a7c152c6cf
http://security.debian.org/pool/updates/main/p/pidgin/libpurple-dev_2.4.3-4lenny5_all.deb
Size/MD5 checksum: 275870 2f98b47825be3bdd427c0431c62b39be
http://security.debian.org/pool/updates/main/p/pidgin/libpurple-bin_2.4.3-4lenny5_all.deb
Size/MD5 checksum: 133752 0902b80babf5cc2ece1b7768c219535e

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny5_alpha.deb
Size/MD5 checksum: 1803418 9ca1dbc9edbc3593f73e24f6585ae6c6
http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny5_alpha.deb
Size/MD5 checksum: 369764 86fba3374b45f8c47f9a1dbd043858b6
http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny5_alpha.deb
Size/MD5 checksum: 5546018 6b07e1aec08681d8d215fb1058380079
http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny5_alpha.deb
Size/MD5 checksum: 779324 98b7af086407f89594598b0862b68129

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny5_amd64.deb
Size/MD5 checksum: 5678040 dc9abd0e234ce486e977cf507a1a0748
http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny5_amd64.deb
Size/MD5 checksum: 350246 9bd0d316c59474a803d860d36ffaa677
http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny5_amd64.deb
Size/MD5 checksum: 1715330 03ce4eee9e2d9ca1065e7ec84d941e86
http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny5_amd64.deb
Size/MD5 checksum: 729406 c277522dd8c8213fdc79906c37d6247b

arm architecture (ARM)

http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny5_arm.deb
Size/MD5 checksum: 5348566 58df4a37d31b6506a456bd8dd86b3ef2
http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny5_arm.deb
Size/MD5 checksum: 655256 c469023b397f017ebd0433ea85acee24
http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny5_arm.deb
Size/MD5 checksum: 1490668 aa8d7c91e49530619312394071fc9fc9
http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny5_arm.deb
Size/MD5 checksum: 315340 934e28a580a3f9596f04cb3a90a8013c

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny5_hppa.deb
Size/MD5 checksum: 361310 7918ac74caafb3dda22a4266020e86c5
http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny5_hppa.deb
Size/MD5 checksum: 5490030 a27a1c817f2895b036fb717f613d6f34
http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny5_hppa.deb
Size/MD5 checksum: 753982 efda55e1cdadee65f026d96ab4503171
http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny5_hppa.deb
Size/MD5 checksum: 1827992 64bb7e52aaf538c954039c2456f36d8f

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny5_i386.deb
Size/MD5 checksum: 5374580 2961a636b7706cacd45fb36f3dea6bd4
http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny5_i386.deb
Size/MD5 checksum: 326802 9025d6ea09b7f9a02c83749473aa229c
http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny5_i386.deb
Size/MD5 checksum: 681090 79a25b879aae2ac07db502e42618c88f
http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny5_i386.deb
Size/MD5 checksum: 1584434 d29f583b78f101d87ed2066385c40599

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny5_ia64.deb
Size/MD5 checksum: 2194762 4f259a76294be6db4e2bed1a9273766e
http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny5_ia64.deb
Size/MD5 checksum: 948280 ab48fbb1d647eec48267a69c143a44f3
http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny5_ia64.deb
Size/MD5 checksum: 434844 c6d12bbb68ff7e09e344407d54ce948f
http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny5_ia64.deb
Size/MD5 checksum: 5223762 d492670cd8231a7de5a5ab2825c0a48b

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny5_mips.deb
Size/MD5 checksum: 1373342 ebc93647a9ec9747375431c4ba19ded6
http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny5_mips.deb
Size/MD5 checksum: 654102 92429c957d304b156d3d28c5d25805aa
http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny5_mips.deb
Size/MD5 checksum: 318434 ac3e2c5ad70e495bdae41c658ef622dd
http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny5_mips.deb
Size/MD5 checksum: 5656198 7ca75b68fdfb8f8787e48e7427dc4530

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny5_mipsel.deb
Size/MD5 checksum: 651076 7ce55a8603d33c35373dc4dfb1d14f56
http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny5_mipsel.deb
Size/MD5 checksum: 1358570 58e263173578cb1f3a9875191e202e52
http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny5_mipsel.deb
Size/MD5 checksum: 318378 9fbc28d9902e6a51f0f6b2d2de7e0395
http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny5_mipsel.deb
Size/MD5 checksum: 5546160 a99d654f53d20fa2fab9066c8fa5a8f7

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny5_s390.deb
Size/MD5 checksum: 717584 6badbed0aba6b9d0fbfa039bacd1af79
http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny5_s390.deb
Size/MD5 checksum: 1646224 7df3d4471515c43083309ab7e1d3547d
http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny5_s390.deb
Size/MD5 checksum: 358972 29aca9346b345fe3a87f8b952668a7fc
http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny5_s390.deb
Size/MD5 checksum: 5568182 1e7762fc7d93585ba0e4cfd1c12ae4ff

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny5_sparc.deb
Size/MD5 checksum: 683166 da381d9384ba652955ac8029edeec6bb
http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny5_sparc.deb
Size/MD5 checksum: 5140422 0eaada1c6c85b8287ce2df775b154ac1
http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny5_sparc.deb
Size/MD5 checksum: 327798 87a0de96929927f64a66582f8eacd5e0
http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny5_sparc.deb
Size/MD5 checksum: 1588172 647ca5e52e7bcb927430b7cceb798b1f

These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@...
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkr3H+8ACgkQXm3vHE4uylrUwACgsh7B5PDcw5KrfeM5wD6STeWz
HUoAoI7/R7a9a15eXVKylm3lG8syhpBV
=ClyS
-----END PGP SIGNATURE-----

--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@...
with a subject of "unsubscribe". Trouble? Contact listmaster@...

[SECURITY] [DSA 1931-1] New NSPR packages fix several vulnerabilities

2009-11-08T02:07:37Z

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1931-1 security@...
http://www.debian.org/security/ Moritz Muehlenhoff
November 08, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : nspr
Vulnerability : several
Problem type : local(remote)
Debian-specific: no
CVE Id(s) : CVE-2009-1563 CVE-2009-2463

Several vulnerabilities have been discovered in the NetScape Portable
Runtime Library, which may lead to the execution of arbitrary code. The
Common Vulnerabilities and Exposures project identifies the following
problems:

CVE-2009-1563

A programming error in the string handling code may lead to the
execution of arbitrary code.

CVE-2009-2463

An integer overflow in the Base64 decoding functions may lead to
the execution of arbitrary code.

The old stable distribution (etch) doesn't contain nspr.

For the stable distribution (lenny), these problems have been fixed in
version 4.7.1-5.

For the unstable distribution (sid) these problems have been fixed in
version 4.8.2-1.

We recommend that you upgrade your NSPR packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/n/nspr/nspr_4.7.1.orig.tar.gz
Size/MD5 checksum: 1258177 55c62ede0e510c6df9bfcc8ac9cffd0c
http://security.debian.org/pool/updates/main/n/nspr/nspr_4.7.1-5.dsc
Size/MD5 checksum: 1133 a0ba001408f4751f3c80f02334e188b1
http://security.debian.org/pool/updates/main/n/nspr/nspr_4.7.1-5.diff.gz
Size/MD5 checksum: 28285 a3240caf8899d497312ae5f915dd353d

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d_4.7.1-5_alpha.deb
Size/MD5 checksum: 145524 a953d83466dc08e5c64f3fac93dcc8c6
http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d-dbg_4.7.1-5_alpha.deb
Size/MD5 checksum: 284688 29fdeff7a43ac466efd2ddec8497dcde
http://security.debian.org/pool/updates/main/n/nspr/libnspr4-dev_4.7.1-5_alpha.deb
Size/MD5 checksum: 313328 60eff12d86eef930d01b16ca9bcee432

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d_4.7.1-5_amd64.deb
Size/MD5 checksum: 134452 e8362f7bfb9ad25178fc3b58c8888794
http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d-dbg_4.7.1-5_amd64.deb
Size/MD5 checksum: 290938 1bda17f94f3e960dcdad04772329ad14
http://security.debian.org/pool/updates/main/n/nspr/libnspr4-dev_4.7.1-5_amd64.deb
Size/MD5 checksum: 271976 fa0750a3a8762075901a8f06fbf21495

arm architecture (ARM)

http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d-dbg_4.7.1-5_arm.deb
Size/MD5 checksum: 276952 6a072a062f7e9c2db1b43338a3955bdc
http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d_4.7.1-5_arm.deb
Size/MD5 checksum: 119436 89f1a236d10d78229627fd762bc67a3e
http://security.debian.org/pool/updates/main/n/nspr/libnspr4-dev_4.7.1-5_arm.deb
Size/MD5 checksum: 255602 9da2dc9c312cf7901f7aeb1f710e507f

armel architecture (ARM EABI)

http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d_4.7.1-5_armel.deb
Size/MD5 checksum: 120734 b71745bf5877be82a349885592037d78
http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d-dbg_4.7.1-5_armel.deb
Size/MD5 checksum: 282114 cc3def69b457c54f2e13bd6c57090477
http://security.debian.org/pool/updates/main/n/nspr/libnspr4-dev_4.7.1-5_armel.deb
Size/MD5 checksum: 258072 62328078c188bc87f5039c2e5a9b5674

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d_4.7.1-5_hppa.deb
Size/MD5 checksum: 141442 eec30b4a587f8f93eda26b9376bb34e3
http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d-dbg_4.7.1-5_hppa.deb
Size/MD5 checksum: 285916 43fac9fb0eaa79036d9b302db5521781
http://security.debian.org/pool/updates/main/n/nspr/libnspr4-dev_4.7.1-5_hppa.deb
Size/MD5 checksum: 279668 db56b3a1adbdedc308936e6ef50f5260

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/n/nspr/libnspr4-dev_4.7.1-5_i386.deb
Size/MD5 checksum: 259796 f36c9a52738ee56aedd05e18461e0c1f
http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d_4.7.1-5_i386.deb
Size/MD5 checksum: 124188 adff22c50d9a64ed8bf7b6e2c2edc992
http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d-dbg_4.7.1-5_i386.deb
Size/MD5 checksum: 281648 9896df215653b33de9ce1f8529c1daea

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/n/nspr/libnspr4-dev_4.7.1-5_ia64.deb
Size/MD5 checksum: 331678 5055f6bcbcbb72a48b9c15f21149fee9
http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d-dbg_4.7.1-5_ia64.deb
Size/MD5 checksum: 271188 3e12dcca1457d95601c2d4991e9981f9
http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d_4.7.1-5_ia64.deb
Size/MD5 checksum: 184152 3575ec187b5219f9c71c6eee5a5474a0

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d-dbg_4.7.1-5_mips.deb
Size/MD5 checksum: 296890 5f45b168d496b884c79bfb5c46462d5f
http://security.debian.org/pool/updates/main/n/nspr/libnspr4-dev_4.7.1-5_mips.deb
Size/MD5 checksum: 279162 0b5e93aabae4bfc387c7093153abbec2
http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d_4.7.1-5_mips.deb
Size/MD5 checksum: 126054 5e484999ac3044b87656dd46115f63a1

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d-dbg_4.7.1-5_mipsel.deb
Size/MD5 checksum: 291178 fd5a7aded6225e30eedf987f44a16fea
http://security.debian.org/pool/updates/main/n/nspr/libnspr4-dev_4.7.1-5_mipsel.deb
Size/MD5 checksum: 277004 a4f26928866934db999796be4012a7a2
http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d_4.7.1-5_mipsel.deb
Size/MD5 checksum: 125256 71836594904db6f154ac3eb89cbbfddb

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/n/nspr/libnspr4-dev_4.7.1-5_powerpc.deb
Size/MD5 checksum: 268738 5daed1f2d5921e736c7f15d6727b8959
http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d_4.7.1-5_powerpc.deb
Size/MD5 checksum: 139154 34b602d43792afbf7f2ccde07d0687bf
http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d-dbg_4.7.1-5_powerpc.deb
Size/MD5 checksum: 292090 e6a310b883c7aa5b6f72bf0cc0683305

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/n/nspr/libnspr4-dev_4.7.1-5_s390.deb
Size/MD5 checksum: 275458 50b5bf15fe31a8d6668fe018d7062ad8
http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d_4.7.1-5_s390.deb
Size/MD5 checksum: 142530 b9a983def8be1e116f9736564e49162f
http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d-dbg_4.7.1-5_s390.deb
Size/MD5 checksum: 295420 f3c3352862c2390f8c03724f77cf1158

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d_4.7.1-5_sparc.deb
Size/MD5 checksum: 119318 cc152c3f1a1f625bfcbc72ea92cdd953
http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d-dbg_4.7.1-5_sparc.deb
Size/MD5 checksum: 266168 55a3913c9d30a8b0c1639e999e4c3582
http://security.debian.org/pool/updates/main/n/nspr/libnspr4-dev_4.7.1-5_sparc.deb
Size/MD5 checksum: 253360 d8969537d73b20300591d3d956b5b301

These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@...
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkr2mCoACgkQXm3vHE4uylrFTwCg6nymwrKwSimPGLn8ez207HND
SJIAn3RWaUVn8pgihlPV24nsTumJtFrX
=TWkT
-----END PGP SIGNATURE-----

--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@...
with a subject of "unsubscribe". Trouble? Contact listmaster@...

[SECURITY] [DSA 1930-1] New drupal6 packages fix several vulnerabilities

2009-11-06T16:46:57Z

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1930-1 security@...
http://www.debian.org/security/ Steffen Joeris
November 07, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : drupal6
Vulnerability : several vulnerabilities
Problem type : remote
Debian-specific: no
CVE IDs : CVE-2009-2372 CVE-2009-2373 CVE-2009-2374
Debian Bug : 535435 547140

Several vulnerabilities have been found in drupal6, a fully-featured
content management framework. The Common Vulnerabilities and Exposures
project identifies the following problems:

CVE-2009-2372

Gerhard Killesreiter discovered a flaw in the way user signatures are
handled. It is possible for a user to inject arbitrary code via a
crafted user signature. (SA-CORE-2009-007)

CVE-2009-2373

Mark Piper, Sven Herrmann and Brandon Knight discovered a cross-site
scripting issue in the forum module, which could be exploited via the
tid parameter. (SA-CORE-2009-007)

CVE-2009-2374

Sumit Datta discovered that certain drupal6 pages leak sensible
information such as user credentials. (SA-CORE-2009-007)

Several design flaws in the OpenID module have been fixed, which could
lead to cross-site request forgeries or privilege escalations. Also, the
file upload function does not process all extensions properly leading
to the possible execution of arbitrary code.
(SA-CORE-2009-008)

For the stable distribution (lenny), these problems have been fixed in
version 6.6-3lenny3.

The oldstable distribution (etch) does not contain drupal6.

For the testing distribution (squeeze) and the unstable distribution
(sid), these problems have been fixed in version 6.14-1.

We recommend that you upgrade your drupal6 packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Debian (stable)
- ---------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/d/drupal6/drupal6_6.6-3lenny3.dsc
Size/MD5 checksum: 1130 489d56336053311b1ee24aaf17f41ffb
http://security.debian.org/pool/updates/main/d/drupal6/drupal6_6.6-3lenny3.diff.gz
Size/MD5 checksum: 24870 d70dfad8a6f211cb9dd62e071e5ddfd9
http://security.debian.org/pool/updates/main/d/drupal6/drupal6_6.6.orig.tar.gz
Size/MD5 checksum: 1071507 caaa55d1990b34dee48f5047ce98e2bb

Architecture independent packages:

http://security.debian.org/pool/updates/main/d/drupal6/drupal6_6.6-3lenny3_all.deb
Size/MD5 checksum: 1088258 6162b6933d636065c6a07e6f6199c7df

These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@...
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkr0wzIACgkQ62zWxYk/rQegCACfaCVMO8lrhfH/57iPLCgFOkp5
5ykAnifSZR4vet+YNDY3Z6vOiTSgUe/0
=o5XE
-----END PGP SIGNATURE-----

--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@...
with a subject of "unsubscribe". Trouble? Contact listmaster@...

[SECURITY] [DSA 1929-1] New Linux 2.6.18 packages fix several vulnerabilities

2009-11-05T16:51:43Z

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ----------------------------------------------------------------------
Debian Security Advisory DSA-1929-1 security@...
http://www.debian.org/security/ Dann Frazier
November 5, 2009 http://www.debian.org/security/faq
- ----------------------------------------------------------------------

Package : linux-2.6
Vulnerability : privilege escalation/denial of service/sensitive memory leak
Problem type : local
Debian-specific: no
CVE Id(s) : CVE-2009-1883 CVE-2009-2909 CVE-2009-3001 CVE-2009-3002
CVE-2009-3228 CVE-2009-3238 CVE-2009-3286 CVE-2009-3547
CVE-2009-3612 CVE-2009-3621

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service, sensitive memory leak or privilege
escalation. The Common Vulnerabilities and Exposures project
identifies the following problems:

CVE-2009-1883

Solar Designer discovered a missing capability check in the
z90crypt driver or s390 systems. This vulnerability may allow
a local user to gain elevated privileges.

CVE-2009-2909

Arjan van de Ven discovered an issue in the AX.25 protocol
implementation. A specially crafted call to setsockopt() can
result in a denial of service (kernel oops).

CVE-2009-3001

Jiri Slaby fixed a sensitive memory leak issue in the ANSI/IEEE
802.2 LLC implementation. This is not exploitable in the Debian
lenny kernel as root privileges are required to exploit this
issue.

CVE-2009-3002

Eric Dumazet fixed several sensitive memory leaks in the IrDA,
X.25 PLP (Rose), NET/ROM, Acorn Econet/AUN, and Controller Area
Network (CAN) implementations. Local users can exploit these
issues to gain access to kernel memory.

CVE-2009-3228

Eric Dumazet reported an instance of uninitialized kernel memory
in the network packet scheduler. Local users may be able to
exploit this issue to read the contents of sensitive kernel
memory.

CVE-2009-3238

Linus Torvalds provided a change to the get_random_int() function
to increase its randomness.

CVE-2009-3286

Eric Paris discovered an issue with the NFSv4 server
implementation. When an O_EXCL create fails, files may be left
with corrupted permissions, possibly granting unintentional
privileges to other local users.

CVE-2009-3547

Earl Chew discovered a NULL pointer dereference issue in the
pipe_rdwr_open function which can be used by local users to gain
elevated privileges.

CVE-2009-3612

Jiri Pirko discovered a typo in the initialization of a structure
in the netlink subsystem that may allow local users to gain access
to sensitive kernel memory.

CVE-2009-3621

Tomoki Sekiyama discovered a deadlock condition in the UNIX domain
socket implementation. Local users can exploit this vulnerability
to cause a denial of service (system hang).

For the oldstable distribution (etch), this problem has been fixed in
version 2.6.18.dfsg.1-26etch1.

We recommend that you upgrade your linux-2.6, fai-kernels, and
user-mode-linux packages.

Note: Debian 'etch' includes linux kernel packages based upon both the
2.6.18 and 2.6.24 linux releases. All known security issues are
carefully tracked against both packages and both packages will receive
security updates until security support for Debian 'etch'
concludes. However, given the high frequency at which low-severity
security issues are discovered in the kernel and the resource
requirements of doing an update, lower severity 2.6.18 and 2.6.24
updates will typically release in a staggered or "leap-frog" fashion.

The following matrix lists additional source packages that were rebuilt for
compatability with or to take advantage of this update:

Debian 4.0 (etch)
fai-kernels 1.17+etch.26etch1
user-mode-linux 2.6.18-1um-2etch.26etch1

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch
- -------------------------------

Oldstable updates are available for alpha, amd64, hppa, i386,
ia64, powerpc and s390 architectures. Updates for other
architectures will be released as the they become available.

Source archives:

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-26etch1.diff.gz
Size/MD5 checksum: 5514957 b9cb3b1e1ba1196b9020e6d07d48b752
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-26etch1.dsc
Size/MD5 checksum: 5673 4ba2595893287a7b82713ca182aad7be
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1.orig.tar.gz
Size/MD5 checksum: 52225460 6a1ab0948d6b5b453ea0fce0fcc29060

Architecture independent packages:

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.18-6_2.6.18.dfsg.1-26etch1_all.deb
Size/MD5 checksum: 3721660 836e780dd306ee60318d8ac1c28087eb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.18_2.6.18.dfsg.1-26etch1_all.deb
Size/MD5 checksum: 41474520 7457b0e444adb6b31dbcda82768671cd
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.18_2.6.18.dfsg.1-26etch1_all.deb
Size/MD5 checksum: 1852976 ec11d9e2967a87b27fac807f80218d0e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.18_2.6.18.dfsg.1-26etch1_all.deb
Size/MD5 checksum: 58896 e7dc19b1c3f0a22c1764420642117fa8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.18_2.6.18.dfsg.1-26etch1_all.deb
Size/MD5 checksum: 3593482 146e26a9c17bfa1a0a1fa198afdf1c70
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.18_2.6.18.dfsg.1-26etch1_all.deb
Size/MD5 checksum: 1091166 7a089920e547412d07cf1ef44e47bbb1

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-alpha_2.6.18.dfsg.1-26etch1_alpha.deb
Size/MD5 checksum: 58290 7a1661641c432bc5a1e442a71f0584ac
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-26etch1_alpha.deb
Size/MD5 checksum: 58254 223e25b49b1ce3fefe9934ecdda7cec4
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-legacy_2.6.18.dfsg.1-26etch1_alpha.deb
Size/MD5 checksum: 23374558 fc6fad80b66536f0c86fe4a4923057fa
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-generic_2.6.18.dfsg.1-26etch1_alpha.deb
Size/MD5 checksum: 266914 bd1cb44848eb7ed46418783e958046de
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-alpha_2.6.18.dfsg.1-26etch1_alpha.deb
Size/MD5 checksum: 267502 b719376ff7b69b31e59f49010c249d17
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-alpha_2.6.18.dfsg.1-26etch1_alpha.deb
Size/MD5 checksum: 23440762 aace7bef32f7f7f69e1aeed69d191c41
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-smp_2.6.18.dfsg.1-26etch1_alpha.deb
Size/MD5 checksum: 266308 228979a449e897802d4089909eef0326
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-26etch1_alpha.deb
Size/MD5 checksum: 2978226 214923bbb5171e2a3daa23ed31240118
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-legacy_2.6.18.dfsg.1-26etch1_alpha.deb
Size/MD5 checksum: 267100 60048c2f207f0b00b1fab86639f3c276
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-generic_2.6.18.dfsg.1-26etch1_alpha.deb
Size/MD5 checksum: 23393346 1fcae90244756e9b1ed37b08a8e39b99
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-smp_2.6.18.dfsg.1-26etch1_alpha.deb
Size/MD5 checksum: 23752762 c6b5c665617a937c6caee0558daa8b2d
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-26etch1_alpha.deb
Size/MD5 checksum: 3001856 cb672b346cd9b30717e4446ee2545fff

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen_2.6.18.dfsg.1-26etch1_amd64.deb
Size/MD5 checksum: 3339600 83ef8191115cf0c23599b2ad45da661c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-26etch1_amd64.deb
Size/MD5 checksum: 15279100 dba0ecedc142a8f29c08ff3cb35fc9e5
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver_2.6.18.dfsg.1-26etch1_amd64.deb
Size/MD5 checksum: 3362362 7acf6afbec42d7e386e4e99f45e07849
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-amd64_2.6.18.dfsg.1-26etch1_amd64.deb
Size/MD5 checksum: 16822140 04e89e226683aee6fc0f5e2d2751e258
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-26etch1_amd64.deb
Size/MD5 checksum: 277136 04ba98f1750e31f17a52caa0add3e419
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-26etch1_amd64.deb
Size/MD5 checksum: 3196356 37e16a42ebf900a63d15ec1c47bd2a2a
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-amd64_2.6.18.dfsg.1-26etch1_amd64.deb
Size/MD5 checksum: 15266172 647285195e9651e86fc78f47ca3e6aa3
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-26etch1_amd64.deb
Size/MD5 checksum: 1687964 2556db55e5438dc01309d7d461f91ee3
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-26etch1_amd64.deb
Size/MD5 checksum: 3173540 5e0fd0af39da8904a5fc459e00fe1592
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-amd64_2.6.18.dfsg.1-26etch1_amd64.deb
Size/MD5 checksum: 276536 ac228fd76c2a64910f1194c39f5dd9a5
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-amd64_2.6.18.dfsg.1-26etch1_amd64.deb
Size/MD5 checksum: 274660 9817c928baacf675542085e0387cfedc
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-amd64_2.6.18.dfsg.1-26etch1_amd64.deb
Size/MD5 checksum: 16868682 d99a5ffc0a0c88dee5f8c279e3f96f64
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-amd64_2.6.18.dfsg.1-26etch1_amd64.deb
Size/MD5 checksum: 58278 4825706649861dcc9afd8438f961ec6e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-amd64_2.6.18.dfsg.1-26etch1_amd64.deb
Size/MD5 checksum: 1656646 633e8373c64bb27bc283e87300ebe6cf
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-amd64_2.6.18.dfsg.1-26etch1_amd64.deb
Size/MD5 checksum: 276056 60aec7d94ae1a1afa21cc68d5b7d3c53
http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-26etch1_amd64.deb
Size/MD5 checksum: 58254 8bb6069f2f74da9b2bb5603898dc22e3
http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-amd64_2.6.18.dfsg.1-26etch1_amd64.deb
Size/MD5 checksum: 58240 51d240b42f43c2cb30c31f5c4bf2117c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-26etch1_amd64.deb
Size/MD5 checksum: 58254 31e336851095fea2499e594987acea4b

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc_2.6.18.dfsg.1-26etch1_hppa.deb
Size/MD5 checksum: 10563254 4486c3660f904e4bd439c370b7f97c69
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc64-smp_2.6.18.dfsg.1-26etch1_hppa.deb
Size/MD5 checksum: 11814740 f178d4aa3358d09a492436d29dbee5cb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc-smp_2.6.18.dfsg.1-26etch1_hppa.deb
Size/MD5 checksum: 202308 42a4b6b6b9c2f711d4c3b932353457fb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc64_2.6.18.dfsg.1-26etch1_hppa.deb
Size/MD5 checksum: 11404596 9bd75cb26f23cc0c012dbcc1458c547f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc-smp_2.6.18.dfsg.1-26etch1_hppa.deb
Size/MD5 checksum: 11005460 01d3a246f1ffe6f368fa6ca9f4548e97
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-26etch1_hppa.deb
Size/MD5 checksum: 3026810 ef214434dcb13fe3bdd684bf580a6b9b
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc64-smp_2.6.18.dfsg.1-26etch1_hppa.deb
Size/MD5 checksum: 203070 d50c921e10f3dd82ff85287acaf0b14f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc_2.6.18.dfsg.1-26etch1_hppa.deb
Size/MD5 checksum: 201556 da0a211d54dcd3e34fa29514c9934f9d
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-hppa_2.6.18.dfsg.1-26etch1_hppa.deb
Size/MD5 checksum: 58368 9917c0b22afe4c440ec64ff6d2a608e4
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc64_2.6.18.dfsg.1-26etch1_hppa.deb
Size/MD5 checksum: 201912 163590408b3e663b5f8cfae14e3c89a5
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-26etch1_hppa.deb
Size/MD5 checksum: 58338 58f6a43a14a89d67bb46c796e8bde247

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-686-bigmem_2.6.18.dfsg.1-26etch1_i386.deb
Size/MD5 checksum: 290694 8a08177d6d4f46a20086b489ce4decf2
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-26etch1_i386.deb
Size/MD5 checksum: 280544 0ffbb9bc4aee76a067cebcec6f31f62e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-686_2.6.18.dfsg.1-26etch1_i386.deb
Size/MD5 checksum: 287894 831999c67686f31d2346b0fa6b4948aa
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-686-bigmem_2.6.18.dfsg.1-26etch1_i386.deb
Size/MD5 checksum: 16543512 c0b9fdc137151b96ccb8198fab8b5f72
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-amd64_2.6.18.dfsg.1-26etch1_i386.deb
Size/MD5 checksum: 16931792 b73f3867a2efef757fcd111916116105
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-26etch1_i386.deb
Size/MD5 checksum: 14401768 eb0e34a9dfc17344c471b158faeab021
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-i386_2.6.18.dfsg.1-26etch1_i386.deb
Size/MD5 checksum: 58386 9ef707bff12f1cdb495a075c13325564
http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-686_2.6.18.dfsg.1-26etch1_i386.deb
Size/MD5 checksum: 58324 a00b5e3696278aa2d9c59f16267e3d06
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-486_2.6.18.dfsg.1-26etch1_i386.deb
Size/MD5 checksum: 16326580 3ad3c0068e6343b6e5f70f3c44fdb3d5
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-k7_2.6.18.dfsg.1-26etch1_i386.deb
Size/MD5 checksum: 289228 4fcd19b2eb92b4550dc4a7673acc4f62
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-k7_2.6.18.dfsg.1-26etch1_i386.deb
Size/MD5 checksum: 16645286 1b2290466641e1d9ef3ecf942180fe79
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen_2.6.18.dfsg.1-26etch1_i386.deb
Size/MD5 checksum: 3215828 0c99ba0dd4abce66cda2fe6c554ccc03
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-686_2.6.18.dfsg.1-26etch1_i386.deb
Size/MD5 checksum: 16517286 a729d0b07130c615d0d32d7b2ac46852
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-686_2.6.18.dfsg.1-26etch1_i386.deb
Size/MD5 checksum: 289284 183af751e23717e0ac5821f60959e5ad
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-686_2.6.18.dfsg.1-26etch1_i386.deb
Size/MD5 checksum: 14392520 cc51caf6cedda77521b7ee9065478392
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-k7_2.6.18.dfsg.1-26etch1_i386.deb
Size/MD5 checksum: 288014 c4834561b492ff42175353c524e0cbd1
http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-26etch1_i386.deb
Size/MD5 checksum: 58340 7c463341e612b3159e0032aaf62ab5e1
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-686_2.6.18.dfsg.1-26etch1_i386.deb
Size/MD5 checksum: 16477446 5829e6f2dce15ae1f3f74ca4d4180847
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-486_2.6.18.dfsg.1-26etch1_i386.deb
Size/MD5 checksum: 291792 74558945d364674729b71b4d2598d1c8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-686_2.6.18.dfsg.1-26etch1_i386.deb
Size/MD5 checksum: 1304666 d9f7fb52fe8d29a9880ebc697eaae90f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver_2.6.18.dfsg.1-26etch1_i386.deb
Size/MD5 checksum: 3239372 a7e8ba983a1e45176d33b86871e3940e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-26etch1_i386.deb
Size/MD5 checksum: 3117812 36cc1af70a13016e79224a3f90981ac8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-26etch1_i386.deb
Size/MD5 checksum: 1332688 a1c7f6d7435eaeb22c4e7097611602e5
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-amd64_2.6.18.dfsg.1-26etch1_i386.deb
Size/MD5 checksum: 278926 cf2ec90e9c683c7c5904e76145b2b562
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-26etch1_i386.deb
Size/MD5 checksum: 3231506 8e9ff0b708e2e616072f569f0682fa11
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-k7_2.6.18.dfsg.1-26etch1_i386.deb
Size/MD5 checksum: 16604666 4d7eb157fa109072d21ec472bbbb46f1
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-686_2.6.18.dfsg.1-26etch1_i386.deb
Size/MD5 checksum: 280110 d34163dab810a30572c7c1a29b9efdb6
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-26etch1_i386.deb
Size/MD5 checksum: 58326 bd8f5323a48ba297f6f404a4f26fd864

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-26etch1_ia64.deb
Size/MD5 checksum: 58254 d64ce41c696ae0af6e65348111b0e1c2
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-ia64_2.6.18.dfsg.1-26etch1_ia64.deb
Size/MD5 checksum: 58276 509dcd2833bd560ed6dccffc0a448593
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-mckinley_2.6.18.dfsg.1-26etch1_ia64.deb
Size/MD5 checksum: 259696 9e187526ddd2342af180682ab502f302
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-itanium_2.6.18.dfsg.1-26etch1_ia64.deb
Size/MD5 checksum: 259718 b670f97d9bd044492111b7698ed228c3
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-itanium_2.6.18.dfsg.1-26etch1_ia64.deb
Size/MD5 checksum: 28023040 9c2dbc349ec7702f781f978f27987da9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-26etch1_ia64.deb
Size/MD5 checksum: 3087206 3638b390791d5053b67b060e6a124866
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-mckinley_2.6.18.dfsg.1-26etch1_ia64.deb
Size/MD5 checksum: 28194506 228765e996a15ef56fc2cb94e74abeeb

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-26etch1_powerpc.deb
Size/MD5 checksum: 3462292 f3f1c68ba029943c6054421c1ba23059
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc_2.6.18.dfsg.1-26etch1_powerpc.deb
Size/MD5 checksum: 261230 26a45e4c0a77f21af0e5a6ffb0dc2b63
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-26etch1_powerpc.deb
Size/MD5 checksum: 58266 f717cc289546c2037e4ca18aa630ceb9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-26etch1_powerpc.deb
Size/MD5 checksum: 3486460 4c5d5df532d84da56f78e47ce6262d60
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-powerpc_2.6.18.dfsg.1-26etch1_powerpc.deb
Size/MD5 checksum: 262664 e499f6e0e4278f5d4263c9a952877624
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-powerpc64_2.6.18.dfsg.1-26etch1_powerpc.deb
Size/MD5 checksum: 263770 d12d5f3fce934b3db4dd29d5349d84a4
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc-miboot_2.6.18.dfsg.1-26etch1_powerpc.deb
Size/MD5 checksum: 15240084 96adc4183855af04aaeca7db1d37a27e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-powerpc_2.6.18.dfsg.1-26etch1_powerpc.deb
Size/MD5 checksum: 17113852 9db05c81e32ef07f342eb54374c6ac6e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc_2.6.18.dfsg.1-26etch1_powerpc.deb
Size/MD5 checksum: 16727566 dfbc08d63a91ba7bef73dfca238559f7
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-prep_2.6.18.dfsg.1-26etch1_powerpc.deb
Size/MD5 checksum: 16506028 0f65a31aecb306f281348ad410174926
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc-smp_2.6.18.dfsg.1-26etch1_powerpc.deb
Size/MD5 checksum: 17068826 bc0941830a8d7369abaf876837a0c81e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc64_2.6.18.dfsg.1-26etch1_powerpc.deb
Size/MD5 checksum: 262882 d5d2a01011e0a9efea7a7b2c0cbacc41
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-powerpc64_2.6.18.dfsg.1-26etch1_powerpc.deb
Size/MD5 checksum: 18433752 23a6d8183e781a43469daf3cd7769fcb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc-miboot_2.6.18.dfsg.1-26etch1_powerpc.deb
Size/MD5 checksum: 237826 90097f02a1ed0a29b81fe3bc64259696
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-powerpc_2.6.18.dfsg.1-26etch1_powerpc.deb
Size/MD5 checksum: 58312 6330638237601d3ea55b2a80d1c54540
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc64_2.6.18.dfsg.1-26etch1_powerpc.deb
Size/MD5 checksum: 18384182 18eabc40e998896c8f77243e84f99458
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-prep_2.6.18.dfsg.1-26etch1_powerpc.deb
Size/MD5 checksum: 254332 4ac0852bf3ba527f890f828ecd749284
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc-smp_2.6.18.dfsg.1-26etch1_powerpc.deb
Size/MD5 checksum: 262220 a5ee6d47da04555615ad2bab7f646b13

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-s390_2.6.18.dfsg.1-26etch1_s390.deb
Size/MD5 checksum: 148246 96f1a25db3b6aa699af3ad7185a96bd2
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-s390x_2.6.18.dfsg.1-26etch1_s390.deb
Size/MD5 checksum: 149402 44a4ec702fc2410f733aabe494c0f4e4
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-s390x_2.6.18.dfsg.1-26etch1_s390.deb
Size/MD5 checksum: 148624 78919a54c4a93dbf395369a106c76b5b
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-s390_2.6.18.dfsg.1-26etch1_s390.deb
Size/MD5 checksum: 58276 133b1b15cca9cb34e07eae4f3ec4a3db
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390_2.6.18.dfsg.1-26etch1_s390.deb
Size/MD5 checksum: 5410288 dd1b3737c133081f4b512c2a1ecb1cf6
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390x_2.6.18.dfsg.1-26etch1_s390.deb
Size/MD5 checksum: 5626808 5b7dc2c64fac5988d6070a1cddeb19f3
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-s390x_2.6.18.dfsg.1-26etch1_s390.deb
Size/MD5 checksum: 5672368 f31471a55f12bb17eade213d7672cb80
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-26etch1_s390.deb
Size/MD5 checksum: 2971470 e546925e4309b61b6b598de04b6a1e5a
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390-tape_2.6.18.dfsg.1-26etch1_s390.deb
Size/MD5 checksum: 1445974 f80e8929c0406cbae86ba2bdf6c611e2
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-26etch1_s390.deb
Size/MD5 checksum: 58256 3c413237e42a72c9b70f58cb65278ce9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-26etch1_s390.deb
Size/MD5 checksum: 2948300 f57e56f38edd5977cf95012c373f9519

These changes will probably be included in the oldstable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@...
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iD8DBQFK83KvhuANDBmkLRkRArSkAJ9j5GzWPxH7ooBKs8LsNUuHqJX6mACggefc
1yS24k5hkTFNJYNpO7XsGkA=
=qEzS
-----END PGP SIGNATURE-----

--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@...
with a subject of "unsubscribe". Trouble? Contact listmaster@...

[SECURITY] [DSA 1928-1] New Linux 2.6.24 packages fix several vulnerabilities

2009-11-05T14:03:48Z

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ----------------------------------------------------------------------
Debian Security Advisory DSA-1928-1 security@...
http://www.debian.org/security/ Dann Frazier
November 5, 2009 http://www.debian.org/security/faq
- ----------------------------------------------------------------------

Package : linux-2.6.24
Vulnerability : privilege escalation/denial of service/sensitive memory leak
Problem type : local/remote
Debian-specific: no
CVE Id(s) : CVE-2009-2846 CVE-2009-2847 CVE-2009-2848 CVE-2009-2849
CVE-2009-2903 CVE-2009-2908 CVE-2009-2909 CVE-2009-2910
CVE-2009-3001 CVE-2009-3002 CVE-2009-3228 CVE-2009-3238
CVE-2009-3286 CVE-2009-3547 CVE-2009-3612 CVE-2009-3613
CVE-2009-3620 CVE-2009-3621

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service, sensitive memory leak or privilege
escalation. The Common Vulnerabilities and Exposures project
identifies the following problems:

CVE-2009-2846

Michael Buesch noticed a typing issue in the eisa-eeprom driver
for the hppa architecture. Local users could exploit this issue to
gain access to restricted memory.

CVE-2009-2847

Ulrich Drepper noticed an issue in the do_sigalstack routine on
64-bit systems. This issue allows local users to gain access to
potentially sensitive memory on the kernel stack.

CVE-2009-2848

Eric Dumazet discovered an issue in the execve path, where the
clear_child_tid variable was not being properly cleared. Local
users could exploit this issue to cause a denial of service
(memory corruption).

CVE-2009-2849

Neil Brown discovered an issue in the sysfs interface to md
devices. When md arrays are not active, local users can exploit
this vulnerability to cause a denial of service (oops).

CVE-2009-2903

Mark Smith discovered a memory leak in the appletalk
implementation. When the appletalk and ipddp modules are loaded,
but no ipddp"N" device is found, remote attackers can cause a
denial of service by consuming large amounts of system memory.

CVE-2009-2908

Loic Minier discovered an issue in the eCryptfs filesystem. A
local user can cause a denial of service (kernel oops) by causing
a dentry value to go negative.

CVE-2009-2909

Arjan van de Ven discovered an issue in the AX.25 protocol
implementation. A specially crafted call to setsockopt() can
result in a denial of service (kernel oops).

CVE-2009-2910

Jan Beulich discovered the existence of a sensitive kernel memory
leak. Systems running the 'amd64' kernel do not properly sanitize
registers for 32-bit processes.

CVE-2009-3001

Jiri Slaby fixed a sensitive memory leak issue in the ANSI/IEEE
802.2 LLC implementation. This is not exploitable in the Debian
lenny kernel as root privileges are required to exploit this
issue.

CVE-2009-3002

Eric Dumazet fixed several sensitive memory leaks in the IrDA,
X.25 PLP (Rose), NET/ROM, Acorn Econet/AUN, and Controller Area
Network (CAN) implementations. Local users can exploit these
issues to gain access to kernel memory.

CVE-2009-3228

Eric Dumazet reported an instance of uninitialized kernel memory
in the network packet scheduler. Local users may be able to
exploit this issue to read the contents of sensitive kernel
memory.

CVE-2009-3238

Linus Torvalds provided a change to the get_random_int() function
to increase its randomness.

CVE-2009-3286

Eric Paris discovered an issue with the NFSv4 server
implementation. When an O_EXCL create fails, files may be left
with corrupted permissions, possibly granting unintentional
privileges to other local users.

CVE-2009-3547

Earl Chew discovered a NULL pointer dereference issue in the
pipe_rdwr_open function which can be used by local users to gain
elevated privileges.

CVE-2009-3612

Jiri Pirko discovered a typo in the initialization of a structure
in the netlink subsystem that may allow local users to gain access
to sensitive kernel memory.

CVE-2009-3613

Alistair Strachan reported an issue in the r8169 driver. Remote
users can cause a denial of service (IOMMU space exhaustion and
system crash) by transmitting a large amount of jumbo frames.

CVE-2009-3620

Ben Hutchings discovered an issue in the DRM manager for ATI Rage
128 graphics adapters. Local users may be able to exploit this
vulnerability to cause a denial of service (NULL pointer
dereference).

CVE-2009-3621

Tomoki Sekiyama discovered a deadlock condition in the UNIX domain
socket implementation. Local users can exploit this vulnerability
to cause a denial of service (system hang).

For the oldstable distribution (etch), this problem has been fixed in
version 2.6.24-6~etchnhalf.9etch1.

We recommend that you upgrade your linux-2.6.24 packages.

Note: Debian 'etch' includes linux kernel packages based upon both the
2.6.18 and 2.6.24 linux releases. All known security issues are
carefully tracked against both packages and both packages will receive
security updates until security support for Debian 'etch'
concludes. However, given the high frequency at which low-severity
security issues are discovered in the kernel and the resource
requirements of doing an update, lower severity 2.6.18 and 2.6.24
updates will typically release in a staggered or "leap-frog" fashion.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch
- -------------------------------

Oldstable updates are available for alpha, amd64, hppa, i386, ia64, and mipsel.
Updates for other architectures will be released as the they become available.

Source archives:

http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24-6~etchnhalf.9etch1.dsc
Size/MD5 checksum: 5118 11c39e0f0505c5a71453ba177ec2f780
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24-6~etchnhalf.9etch1.diff.gz
Size/MD5 checksum: 4062851 38835b393eaf53915dbee39ef0ef0bce
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24.orig.tar.gz
Size/MD5 checksum: 59630522 6b8751d1eb8e71498ba74bbd346343af

Architecture independent packages:

http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-doc-2.6.24_2.6.24-6~etchnhalf.9etch1_all.deb
Size/MD5 checksum: 4262022 bb1c503dcb847b700814d433cdddb1f9
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-tree-2.6.24_2.6.24-6~etchnhalf.9etch1_all.deb
Size/MD5 checksum: 83302 2a8576eb3003b7ba1ead19ad7ef6ce0c
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-manual-2.6.24_2.6.24-6~etchnhalf.9etch1_all.deb
Size/MD5 checksum: 1548296 3e044fb0d0bb8614f787f78fee86ce04
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-source-2.6.24_2.6.24-6~etchnhalf.9etch1_all.deb
Size/MD5 checksum: 46864328 20c0417498421842a7175074aea06a0f
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-support-2.6.24-etchnhalf.1_2.6.24-6~etchnhalf.9etch1_all.deb
Size/MD5 checksum: 97672 b1aa55ab4464293f5dac5b38e05948bb
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-patch-debian-2.6.24_2.6.24-6~etchnhalf.9etch1_all.deb
Size/MD5 checksum: 964124 a40463a66e93920bdd639d2c70d870cb

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-alpha_2.6.24-6~etchnhalf.9etch1_alpha.deb
Size/MD5 checksum: 82894 819512914da24a2d82d471a17a6126ea
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-legacy_2.6.24-6~etchnhalf.9etch1_alpha.deb
Size/MD5 checksum: 332670 c249c0b58448936c450c26b1340994d0
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-generic_2.6.24-6~etchnhalf.9etch1_alpha.deb
Size/MD5 checksum: 26758158 1a5497e6cd4f62b36f4cfdae9a606e24
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-legacy_2.6.24-6~etchnhalf.9etch1_alpha.deb
Size/MD5 checksum: 26737882 fc949e1dbc0d0c6c7688148babdfd5d1
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch1_alpha.deb
Size/MD5 checksum: 3454880 83a5e26b99def049eec7571242778961
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-generic_2.6.24-6~etchnhalf.9etch1_alpha.deb
Size/MD5 checksum: 332158 8f3a3adf61a6e150763a383d4b566db2
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-smp_2.6.24-6~etchnhalf.9etch1_alpha.deb
Size/MD5 checksum: 330952 0ec11881ba63842e135d3752a765177d
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch1_alpha.deb
Size/MD5 checksum: 82868 b5396790365bab5a2d032d1b3bece1ed
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-smp_2.6.24-6~etchnhalf.9etch1_alpha.deb
Size/MD5 checksum: 27341634 d11f40ed34af0197de7f61ef07d30abb

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.9etch1_amd64.deb
Size/MD5 checksum: 354620 0decd6646f19383f6958e5d90b92e87b
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch1_amd64.deb
Size/MD5 checksum: 82864 2869e673de24c9741042e2bb37f84d58
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch1_amd64.deb
Size/MD5 checksum: 3650612 1b0f205b955558d402611693f783c495
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.9etch1_amd64.deb
Size/MD5 checksum: 19598112 ed3b7a91d93a116a4b175d173ad0f078
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-amd64_2.6.24-6~etchnhalf.9etch1_amd64.deb
Size/MD5 checksum: 82872 c560fbca727844a090f88f9d6569ed0b

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch1_hppa.deb
Size/MD5 checksum: 82992 1604c10382bd677723af0a811fdb466f
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc_2.6.24-6~etchnhalf.9etch1_hppa.deb
Size/MD5 checksum: 258316 90502abd75a09ceed13a5efd22e996c5
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch1_hppa.deb
Size/MD5 checksum: 3445284 32e69244553a870750d771254d1c95bd
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc64_2.6.24-6~etchnhalf.9etch1_hppa.deb
Size/MD5 checksum: 258996 fc63f1ef7e55c899b9ef2d736bc5e648
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc-smp_2.6.24-6~etchnhalf.9etch1_hppa.deb
Size/MD5 checksum: 260542 97df4eda2fbd582dd6951bb1b7f31e85
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc64-smp_2.6.24-6~etchnhalf.9etch1_hppa.deb
Size/MD5 checksum: 14830274 fb45fe9d1b77d908d5adbb353b211994
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc64-smp_2.6.24-6~etchnhalf.9etch1_hppa.deb
Size/MD5 checksum: 261064 f5d2cbb6216c1ffebbd73153a75e75a5
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-hppa_2.6.24-6~etchnhalf.9etch1_hppa.deb
Size/MD5 checksum: 83020 103285de6aad099908a2fedbbca24069
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc-smp_2.6.24-6~etchnhalf.9etch1_hppa.deb
Size/MD5 checksum: 13847626 3c429ea0e61a446b3e7b13b943eafcb5
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc64_2.6.24-6~etchnhalf.9etch1_hppa.deb
Size/MD5 checksum: 14374844 760d7850faff110d14494c86095aa45c
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc_2.6.24-6~etchnhalf.9etch1_hppa.deb
Size/MD5 checksum: 13335298 2b476692a155f3f735f3af76f7170cd8

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-486_2.6.24-6~etchnhalf.9etch1_i386.deb
Size/MD5 checksum: 358770 0778828f3b2061e293f3aabc0aa78315
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-686-bigmem_2.6.24-6~etchnhalf.9etch1_i386.deb
Size/MD5 checksum: 358342 3c8b34971bd6f2b69854328888aa4349
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-686_2.6.24-6~etchnhalf.9etch1_i386.deb
Size/MD5 checksum: 19146708 1818f00a12bc38f393e6d84f71afae73
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-i386_2.6.24-6~etchnhalf.9etch1_i386.deb
Size/MD5 checksum: 82890 318cd7ef9d8b39d02da83a3a982f7c40
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.9etch1_i386.deb
Size/MD5 checksum: 19481866 bb86c9b5a4944b48492a38f81ea38026
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch1_i386.deb
Size/MD5 checksum: 3655456 fb818a8696c619e5c9c7af73eec2b3c3
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-686_2.6.24-6~etchnhalf.9etch1_i386.deb
Size/MD5 checksum: 358104 388750612fda29fb362771823e54993c
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-686-bigmem_2.6.24-6~etchnhalf.9etch1_i386.deb
Size/MD5 checksum: 19213920 bc5f6ef45349d25064125c5c34e78fde
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-486_2.6.24-6~etchnhalf.9etch1_i386.deb
Size/MD5 checksum: 19215890 868b1eb9c46677d9d97d0678b4a21894
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.9etch1_i386.deb
Size/MD5 checksum: 346092 1874a566f494c8fa93946f7cdf71557f
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch1_i386.deb
Size/MD5 checksum: 82864 321874f0f13b6e236c428568a492cb90

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch1_ia64.deb
Size/MD5 checksum: 82866 410b7f438b9b8468e3789058dcb31d63
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-mckinley_2.6.24-6~etchnhalf.9etch1_ia64.deb
Size/MD5 checksum: 32208224 154e3adb6765a43a000dcb9f9256db56
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch1_ia64.deb
Size/MD5 checksum: 3568326 aa15646940c12e9f722d3668cca00270
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-ia64_2.6.24-6~etchnhalf.9etch1_ia64.deb
Size/MD5 checksum: 82888 31354bcffa90ddfd3dd3905f37b53685
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-mckinley_2.6.24-6~etchnhalf.9etch1_ia64.deb
Size/MD5 checksum: 319102 7e62e5eadf5b3b8eecc22ccdfa57b19a
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-itanium_2.6.24-6~etchnhalf.9etch1_ia64.deb
Size/MD5 checksum: 319462 44040aba13eedc65922aa25a05fc8b86
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-itanium_2.6.24-6~etchnhalf.9etch1_ia64.deb
Size/MD5 checksum: 32025040 474e2842ef8f69677380db67882b0fb0

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-r5k-cobalt_2.6.24-6~etchnhalf.9etch1_mipsel.deb
Size/MD5 checksum: 13317670 61df26ad246695fad18f2f76c3c5163f
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch1_mipsel.deb
Size/MD5 checksum: 3804192 393d33cc947f3e091c5858ef9179a70a
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.9etch1_mipsel.deb
Size/MD5 checksum: 308984 157b8af3aa5634f7a516cdf5cc220836
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.9etch1_mipsel.deb
Size/MD5 checksum: 309750 d7ff28e982746494de3626cd747287c5
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.9etch1_mipsel.deb
Size/MD5 checksum: 21737172 78c5c433465bc97c6c16a49fea05b575
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.9etch1_mipsel.deb
Size/MD5 checksum: 246818 884f377e13d22f6633a49d4c0367f848
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch1_mipsel.deb
Size/MD5 checksum: 82870 cacc5fac473c021a7e0c0f7103e1efc0
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-r5k-cobalt_2.6.24-6~etchnhalf.9etch1_mipsel.deb
Size/MD5 checksum: 246614 31c1c45fab75abb6221285c152b23cfd
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.9etch1_mipsel.deb
Size/MD5 checksum: 16567458 f1da961b02a1c60672349c1a9c19c9d1
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-mipsel_2.6.24-6~etchnhalf.9etch1_mipsel.deb
Size/MD5 checksum: 82916 4b4d12b65b14c90ac9dda0c6303f9f5c
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.9etch1_mipsel.deb
Size/MD5 checksum: 16631254 b956adbf57f77bc34f06ca58d0d6a73f
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.9etch1_mipsel.deb
Size/MD5 checksum: 26990038 bd115b24191672415033fb0d077e33e8
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.9etch1_mipsel.deb
Size/MD5 checksum: 247676 99d036e308655b4fb11d460fd50c4dd1

These changes will probably be included in the oldstable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@...
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iD8DBQFK80tBhuANDBmkLRkRAj8vAJ9fKUFHKAQOSNoUzwbDY1ep4gqF0wCfcyxM
YnZRXAn8UGyZzqSA660Vm/o=
=Ey4e
-----END PGP SIGNATURE-----

--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@...
with a subject of "unsubscribe". Trouble? Contact listmaster@...

[SECURITY] [DSA 1927-1] New Linux 2.6.26 packages fix several vulnerabilities

2009-11-05T08:21:03Z

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ----------------------------------------------------------------------
Debian Security Advisory DSA-1927-1 security@...
http://www.debian.org/security/ dann frazier
November 5, 2009 http://www.debian.org/security/faq
- ----------------------------------------------------------------------

Package : linux-2.6
Vulnerability : privilege escalation/denial of service/sensitive memory leak
Problem type : local
Debian-specific: no
CVE Id(s) : CVE-2009-3228 CVE-2009-3238 CVE-2009-3547 CVE-2009-3612
CVE-2009-3620 CVE-2009-3621 CVE-2009-3638

Notice: Debian 5.0.4, the next point release of Debian 'lenny', will
include a new default value for the mmap_min_addr tunable. This
change will add an additional safeguard against a class of security
vulnerabilities known as "NULL pointer dereference" vulnerabilities,
but it will need to be overridden when using certain applications.
Additional information about this change, including instructions for
making this change locally in advance of 5.0.4 (recommended), can be
found at:
http://wiki.debian.org/mmap_min_addr

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service, sensitive memory leak or privilege
escalation. The Common Vulnerabilities and Exposures project
identifies the following problems:

CVE-2009-3228

Eric Dumazet reported an instance of uninitialized kernel memory
in the network packet scheduler. Local users may be able to
exploit this issue to read the contents of sensitive kernel
memory.

CVE-2009-3238

Linus Torvalds provided a change to the get_random_int() function
to increase its randomness.

CVE-2009-3547

Earl Chew discovered a NULL pointer dereference issue in the
pipe_rdwr_open function which can be used by local users to gain
elevated privileges.

CVE-2009-3612

Jiri Pirko discovered a typo in the initialization of a structure
in the netlink subsystem that may allow local users to gain access
to sensitive kernel memory.

CVE-2009-3620

Ben Hutchings discovered an issue in the DRM manager for ATI Rage
128 graphics adapters. Local users may be able to exploit this
vulnerability to cause a denial of service (NULL pointer
dereference).

CVE-2009-3621

Tomoki Sekiyama discovered a deadlock condition in the UNIX domain
socket implementation. Local users can exploit this vulnerability
to cause a denial of service (system hang).

CVE-2009-3638

David Wagner reported an overflow in the KVM subsystem on i386
systems. This issue is exploitable by local users with access to
the /dev/kvm device file.

For the stable distribution (lenny), this problem has been fixed in
version 2.6.26-19lenny2.

For the oldstable distribution (etch), these problems, where
applicable, will be fixed in updates to linux-2.6 and linux-2.6.24.

We recommend that you upgrade your linux-2.6 and user-mode-linux
packages.

Note: Debian carefully tracks all known security issues across every
linux kernel package in all releases under active security support.
However, given the high frequency at which low-severity security
issues are discovered in the kernel and the resource requirements of
doing an update, updates for lower priority issues will normally not
be released for all kernels at the same time. Rather, they will be
released in a staggered or "leap-frog" fashion.

The following matrix lists additional source packages that were
rebuilt for compatibility with or to take advantage of this update:

Debian 5.0 (lenny)
user-mode-linux 2.6.26-1um-2+19lenny2

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Stable updates are available for alpha, amd64, armel, hppa, i386,
ia64, and powerpc. Updates for other architectures will be released
as they become available.

Source archives:

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-19lenny2.dsc
Size/MD5 checksum: 5778 8ea6c47c6f227f855a41deea57d988d8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-19lenny2.diff.gz
Size/MD5 checksum: 7651053 5cf749f9817436c544df97bc0217f125
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26.orig.tar.gz
Size/MD5 checksum: 61818969 85e039c2588d5bf3cb781d1c9218bbcb

Architecture independent packages:

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.26_2.6.26-19lenny2_all.deb
Size/MD5 checksum: 106866 d25eeb65132ec68406d8fdf7ea340274
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.26_2.6.26-19lenny2_all.deb
Size/MD5 checksum: 4627374 196ffe954d4e906638c7eb2bd22e310d
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.26_2.6.26-19lenny2_all.deb
Size/MD5 checksum: 2565284 0682418bd83f755a17a71435e535f91a
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.26_2.6.26-19lenny2_all.deb
Size/MD5 checksum: 48672074 5aa4d0110919b100a772509455b22757
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.26_2.6.26-19lenny2_all.deb
Size/MD5 checksum: 1768032 cb95ea5101339c35d425ac1ba2f0ff02
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.26-2_2.6.26-19lenny2_all.deb
Size/MD5 checksum: 122160 0d3dd77a86989aa6e6bdfbbf548d22a6

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-alpha_2.6.26-19lenny2_alpha.deb
Size/MD5 checksum: 106376 891beea699175e77b6f4cdb1dbbd2377
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-generic_2.6.26-19lenny2_alpha.deb
Size/MD5 checksum: 363880 278fefb639e7029af6d5017dedefb500
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-generic_2.6.26-19lenny2_alpha.deb
Size/MD5 checksum: 28487296 beb21f0f222b507898406b051d161c25
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny2_alpha.deb
Size/MD5 checksum: 106358 b4c10db49252b22e7019746743624712
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny2_alpha.deb
Size/MD5 checksum: 741234 b08b288693ab9d0d3fa1e8141ba4f038
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-legacy_2.6.26-19lenny2_alpha.deb
Size/MD5 checksum: 28471478 f412fb78f0dfac51f6e39a035538fe91
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-smp_2.6.26-19lenny2_alpha.deb
Size/MD5 checksum: 365312 9147bf190b4dce64fb4783b0c0aba8be
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-legacy_2.6.26-19lenny2_alpha.deb
Size/MD5 checksum: 364408 66cd6736f72c0eedabbad596baac8888
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-smp_2.6.26-19lenny2_alpha.deb
Size/MD5 checksum: 29177668 abb9bcc21a5fcb0a7352a30fb7209ca1
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny2_alpha.deb
Size/MD5 checksum: 3543732 d84be29426f1d706617a6ad91d3b6109

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-amd64_2.6.26-19lenny2_amd64.deb
Size/MD5 checksum: 389134 2ac60b6aaece8351c023cecbb4bd41ee
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny2_amd64.deb
Size/MD5 checksum: 749556 c994eeb54dd967b5255448e80fa4911c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-amd64_2.6.26-19lenny2_amd64.deb
Size/MD5 checksum: 389740 8b6b5b10fe023670ca8cf9326d46ccd0
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-openvz-amd64_2.6.26-19lenny2_amd64.deb
Size/MD5 checksum: 394262 8398b2d9ce752ffa39ac55b8f55fa1b7
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny2_amd64.deb
Size/MD5 checksum: 3719144 1fa20cc556fbfecdf0c2335a3c9edeee
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny2_amd64.deb
Size/MD5 checksum: 106352 edb758613531f5c655c8451f1136b62a
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-amd64_2.6.26-19lenny2_amd64.deb
Size/MD5 checksum: 106378 dd749481c75a66f517551c6b21b3bbbb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.26-2-xen-amd64_2.6.26-19lenny2_amd64.deb
Size/MD5 checksum: 19274410 21621e01b880d1f222007e3101d255c6
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-openvz-amd64_2.6.26-19lenny2_amd64.deb
Size/MD5 checksum: 21053742 015990eedbce234dfa4facdf02f6ad60
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-xen_2.6.26-19lenny2_amd64.deb
Size/MD5 checksum: 3851500 355a9cc7757195196006160929313e78
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-amd64_2.6.26-19lenny2_amd64.deb
Size/MD5 checksum: 20902812 3af1d1431ff5674b7aeaf41c784d3ba6
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-19lenny2_amd64.deb
Size/MD5 checksum: 3751848 f5289bf2c22a6112d13a9af6d4291226
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-xen-amd64_2.6.26-19lenny2_amd64.deb
Size/MD5 checksum: 1804900 8ea5afa2f5e29175e92975ef93144b9a
http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.26-2-xen-amd64_2.6.26-19lenny2_amd64.deb
Size/MD5 checksum: 106334 2620974dbbc17bbab4aefe183584a6da
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-openvz_2.6.26-19lenny2_amd64.deb
Size/MD5 checksum: 3774804 8fa1254acec879820c17dd8e2e4eee56
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-amd64_2.6.26-19lenny2_amd64.deb
Size/MD5 checksum: 20886016 71a1f29b66ee30cf7a63b77cddc71ec7
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-xen-amd64_2.6.26-19lenny2_amd64.deb
Size/MD5 checksum: 383280 0d0cad637c14a594b3ae424abf824608

armel architecture (ARM EABI)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-iop32x_2.6.26-19lenny2_armel.deb
Size/MD5 checksum: 365550 f97d5bcae3c5c5957781e6507d730780
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-iop32x_2.6.26-19lenny2_armel.deb
Size/MD5 checksum: 12396344 04df2ffe832cba3ea1e299701069ca96
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-versatile_2.6.26-19lenny2_armel.deb
Size/MD5 checksum: 335184 ff1387cae5afb9c7b2d8b20ab546293f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny2_armel.deb
Size/MD5 checksum: 4136850 e7e7742e3ead70e194f540432bf93ba6
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny2_armel.deb
Size/MD5 checksum: 747792 89242eec0e6f453f37b228ddb49e4e26
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-ixp4xx_2.6.26-19lenny2_armel.deb
Size/MD5 checksum: 11680082 d9133e003cd603924930f1db870c6d46
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny2_armel.deb
Size/MD5 checksum: 106354 fce271c39eaa874f6a570b9298a13836
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-versatile_2.6.26-19lenny2_armel.deb
Size/MD5 checksum: 9575158 d8c6ec6842339c8d8391916c7b4a25c2
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-orion5x_2.6.26-19lenny2_armel.deb
Size/MD5 checksum: 11371016 edc9b10b99e73302ef1853db546ed6bb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-ixp4xx_2.6.26-19lenny2_armel.deb
Size/MD5 checksum: 363118 ca61af313ac3687b042c82e4c56bd078
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-armel_2.6.26-19lenny2_armel.deb
Size/MD5 checksum: 106390 d14317d669c70ea8458b0138105be3e0
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-orion5x_2.6.26-19lenny2_armel.deb
Size/MD5 checksum: 360844 1c7437e1e4de9358f7975feae74501f0

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc64_2.6.26-19lenny2_hppa.deb
Size/MD5 checksum: 17070158 92d872205303ea622d1419d074b54737
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc_2.6.26-19lenny2_hppa.deb
Size/MD5 checksum: 296434 df3ddd0a0dbfa712201ff031bfc109c0
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc-smp_2.6.26-19lenny2_hppa.deb
Size/MD5 checksum: 16323830 9998a4deead3033e07f28a1cd0816136
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc64_2.6.26-19lenny2_hppa.deb
Size/MD5 checksum: 297894 8cace7fc519c562d4b8657c75d230815
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny2_hppa.deb
Size/MD5 checksum: 3594236 8d621635c43fb9540d4a68ef6d891a57
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny2_hppa.deb
Size/MD5 checksum: 106356 f967499d62622f5f0833539c9eaf2359
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-hppa_2.6.26-19lenny2_hppa.deb
Size/MD5 checksum: 106380 f518c1de9ce8dd272db1afa30e38999a
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc_2.6.26-19lenny2_hppa.deb
Size/MD5 checksum: 15731364 d50829b0556bc7fef6e8c505db959ee2
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny2_hppa.deb
Size/MD5 checksum: 759840 faab7849f3cef86fbebc037cbd00fd76
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc64-smp_2.6.26-19lenny2_hppa.deb
Size/MD5 checksum: 17614856 6311929870350217721f7f194b6ff585
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc64-smp_2.6.26-19lenny2_hppa.deb
Size/MD5 checksum: 299160 57fd97b01842bbe74e37f443e346d695
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc-smp_2.6.26-19lenny2_hppa.deb
Size/MD5 checksum: 298110 631076db8957d15ab8b0161a60e31734

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-486_2.6.26-19lenny2_i386.deb
Size/MD5 checksum: 398182 6f93bf37534bcfb9162b9985b83ee38f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-openvz-686_2.6.26-19lenny2_i386.deb
Size/MD5 checksum: 20502134 d39255c90c67fddda4c3cb49ce6c93e1
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-686_2.6.26-19lenny2_i386.deb
Size/MD5 checksum: 20235868 99b3ed110df3b6b2bb6b06feb9d30b72
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny2_i386.deb
Size/MD5 checksum: 106354 835280ec5ad990b0bcebb988953bd5d9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-686-bigmem_2.6.26-19lenny2_i386.deb
Size/MD5 checksum: 20326344 9192cd01f84e7192159aefec2c4f8fb9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-686_2.6.26-19lenny2_i386.deb
Size/MD5 checksum: 20208578 c118b5d6fc4f5007728d1ab804624cd8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-686_2.6.26-19lenny2_i386.deb
Size/MD5 checksum: 398052 88be8c6ce0726c87f3127e1ea8b1a382
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-486_2.6.26-19lenny2_i386.deb
Size/MD5 checksum: 20175038 ee7bf2ce4d4557f9fdfb53790627ebac
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny2_i386.deb
Size/MD5 checksum: 3719206 0d8393bd6245aa3d23ef8938477d5f63
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-686-bigmem_2.6.26-19lenny2_i386.deb
Size/MD5 checksum: 20353680 67f48fcd0835fd230e8583cf2676cf09
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-686-bigmem_2.6.26-19lenny2_i386.deb
Size/MD5 checksum: 398494 bf4ef1c3e9f35ec4dc0bfaeda1ee5516
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-xen_2.6.26-19lenny2_i386.deb
Size/MD5 checksum: 3851592 94a16944e91f5594a6fa02115b680434
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-686-bigmem_2.6.26-19lenny2_i386.deb
Size/MD5 checksum: 400332 d734fb2f035f0a6a041d13f5a3d95c6c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny2_i386.deb
Size/MD5 checksum: 749582 26580da1f40ffeeb17146765bbe241f8
http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.26-2-xen-686_2.6.26-19lenny2_i386.deb
Size/MD5 checksum: 106348 b76709d63441fcc3e285d2a6dc999890
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-amd64_2.6.26-19lenny2_i386.deb
Size/MD5 checksum: 20864938 cc5255ece9764242c63b522abfd8a517
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-686_2.6.26-19lenny2_i386.deb
Size/MD5 checksum: 399328 c929aa19b40e7eea5ea885148c645a17
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-19lenny2_i386.deb
Size/MD5 checksum: 3751908 3b936dbeaf13b730ab8dd56e5ab726f9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-amd64_2.6.26-19lenny2_i386.deb
Size/MD5 checksum: 387338 03fd54819fb7176a176eeb4c2ff0209c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-openvz-686_2.6.26-19lenny2_i386.deb
Size/MD5 checksum: 403790 efa7179643f2f709cace01bb3f4a5580
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-openvz_2.6.26-19lenny2_i386.deb
Size/MD5 checksum: 3774936 088f38a8e9c79bb4ddc67e200ebee754
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-xen-686_2.6.26-19lenny2_i386.deb
Size/MD5 checksum: 1591850 93ad5d17c9e8ac22c3544c8a9ad9eabd
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-xen-686_2.6.26-19lenny2_i386.deb
Size/MD5 checksum: 384698 5cc9137a10772a48628b0014e0dbbc15
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-i386_2.6.26-19lenny2_i386.deb
Size/MD5 checksum: 106404 04d07f928e22a2150a2bb9188c6f1257
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.26-2-xen-686_2.6.26-19lenny2_i386.deb
Size/MD5 checksum: 18035618 641b34424aad0e9291713bd9e2bf96e5

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-itanium_2.6.26-19lenny2_ia64.deb
Size/MD5 checksum: 355640 2bce0c1faefc019460e3eebca333a5fc
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny2_ia64.deb
Size/MD5 checksum: 3654768 d8fb31f9660b7c0ab42c77e89bf82f1f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-itanium_2.6.26-19lenny2_ia64.deb
Size/MD5 checksum: 355064 cfb3eee78e3860b2e650716d5032bf5d
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-19lenny2_ia64.deb
Size/MD5 checksum: 3687386 2980814479dbd08d39bd9f92d3005838
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-mckinley_2.6.26-19lenny2_ia64.deb
Size/MD5 checksum: 355046 62fc734ea7fe9bc4bef1f8d8b65cc027
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-mckinley_2.6.26-19lenny2_ia64.deb
Size/MD5 checksum: 34349456 5cfb3ccf034f0ce13a5861507c4cb758
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-itanium_2.6.26-19lenny2_ia64.deb
Size/MD5 checksum: 34103026 3cee486177d22e2fcd816b536d7ac3d3
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny2_ia64.deb
Size/MD5 checksum: 106350 6265837dd3c0105bcba9d40c5b6966f9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-mckinley_2.6.26-19lenny2_ia64.deb
Size/MD5 checksum: 355698 27152c116ad66c7862f3890d36ac80ab
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-mckinley_2.6.26-19lenny2_ia64.deb
Size/MD5 checksum: 34288678 1540b7be96fbb68e4cc01d858c5ef5a4
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-ia64_2.6.26-19lenny2_ia64.deb
Size/MD5 checksum: 106384 bfb7eeaec3d89587561c56afec1816e9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-itanium_2.6.26-19lenny2_ia64.deb
Size/MD5 checksum: 34165098 7a4fbe457d07807a74e9950a47975d49
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny2_ia64.deb
Size/MD5 checksum: 748220 03f583157c7eef60269042b9a5a6d0bc

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny2_powerpc.deb
Size/MD5 checksum: 106358 5431bb9d2abe49fc1b186f44bf440cba
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny2_powerpc.deb
Size/MD5 checksum: 756032 fb287119a4cf07ef9d6d633ad30f7236
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc64_2.6.26-19lenny2_powerpc.deb
Size/MD5 checksum: 372504 9c0501a81bf32b1d0b8c939830d9789b
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-powerpc_2.6.26-19lenny2_powerpc.deb
Size/MD5 checksum: 23650232 ece0b68e6c9baa2e0f964d2bc7da21a2
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny2_powerpc.deb
Size/MD5 checksum: 3856256 5a6eb8c2fe7930456cf5f3a1c257fed1
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-powerpc64_2.6.26-19lenny2_powerpc.deb
Size/MD5 checksum: 23514630 0aa445df9e479dc6e266a97658c5c675
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc64_2.6.26-19lenny2_powerpc.deb
Size/MD5 checksum: 23453120 7fdf0e57cb3324433e8f5d3e71c5cb7c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc-smp_2.6.26-19lenny2_powerpc.deb
Size/MD5 checksum: 23619598 7eb565a76c6ab3318d32c134f7da26b0
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc-smp_2.6.26-19lenny2_powerpc.deb
Size/MD5 checksum: 366586 3e8f8e0d8d9dc83a3e009bbdcca04d21
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-19lenny2_powerpc.deb
Size/MD5 checksum: 3890668 a75da89a00e2b5118869888ea03580ae
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-powerpc64_2.6.26-19lenny2_powerpc.deb
Size/MD5 checksum: 373766 78d152d9edb14f5d179dde50a0131ea7
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-powerpc_2.6.26-19lenny2_powerpc.deb
Size/MD5 checksum: 366686 4b13a456e727a9259685b74132c5b730
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-powerpc_2.6.26-19lenny2_powerpc.deb
Size/MD5 checksum: 106396 33f493756428189d3acc36bde21631ed
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc_2.6.26-19lenny2_powerpc.deb
Size/MD5 checksum: 365950 4149c4f9e6f3e0dc0fbb639a2f962cf8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc_2.6.26-19lenny2_powerpc.deb
Size/MD5 checksum: 23216978 b0034a3be5877f2edebf6ec71c70a83e

These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@...
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iD8DBQFK8vsShuANDBmkLRkRAuztAKCAAmojb32U5ekaEbI3lWTPLYayHQCfQwhe
vHrSbR3EZNHJzNEAXPK0XqY=
=Synp
-----END PGP SIGNATURE-----

--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@...
with a subject of "unsubscribe". Trouble? Contact listmaster@...

[SECURITY] [DSA 1926-1] New TYPO3 packages fix several vulnerabilities

2009-11-04T11:33:20Z

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1926-1 security@...
http://www.debian.org/security/ Thijs Kinkhorst
November 4, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : typo3-src
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2009-3628 CVE-2009-3629 CVE-2009-3630 CVE-2009-3631
CVE-2009-3632 CVE-2009-3633 CVE-2009-3634 CVE-2009-3635
CVE-2009-3636
Debian Bug : 552020

Several remote vulnerabilities have been discovered in the TYPO3 web
content management framework. The Common Vulnerabilities and Exposures
project identifies the following problems:

CVE-2009-3628

The Backend subcomponent allows remote authenticated users to
determine an encryption key via crafted input to a form field.

CVE-2009-3629

Multiple cross-site scripting (XSS) vulnerabilities in the
Backend subcomponent allow remote authenticated users to inject
arbitrary web script or HTML.

CVE-2009-3630

The Backend subcomponent allows remote authenticated users to
place arbitrary web sites in TYPO3 backend framesets via
crafted parameters.

CVE-2009-3631

The Backend subcomponent, when the DAM extension or ftp upload
is enabled, allows remote authenticated users to execute
arbitrary commands via shell metacharacters in a filename.

CVE-2009-3632

SQL injection vulnerability in the traditional frontend editing
feature in the Frontend Editing subcomponent allows remote
authenticated users to execute arbitrary SQL commands.

CVE-2009-3633

Cross-site scripting (XSS) vulnerability in allows remote
attackers to inject arbitrary web script.

CVE-2009-3634

Cross-site scripting (XSS) vulnerability in the Frontend Login Box
(aka felogin) subcomponent allows remote attackers to inject
arbitrary web script or HTML.

CVE-2009-3635

The Install Tool subcomponent allows remote attackers to gain access
by using only the password's md5 hash as a credential.

CVE-2009-3636

Cross-site scripting (XSS) vulnerability in the Install Tool
subcomponen allows remote attackers to inject arbitrary web script
or HTML.

For the old stable distribution (etch), these problems have been fixed
in version 4.0.2+debian-9.

For the stable distribution (lenny), these problems have been fixed in
version 4.2.5-1+lenny2.

For the unstable distribution (sid), these problems have been fixed in
version 4.2.10-1.

We recommend that you upgrade your typo3-src package.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch
- -------------------------------

Architecture independent packages:

http://security.debian.org/pool/updates/main/t/typo3-src/typo3-src-4.0_4.0.2+debian-9_all.deb
Size/MD5 checksum: 7696110 030c0d0fa407a74b5d48a24d280e2ce5
http://security.debian.org/pool/updates/main/t/typo3-src/typo3_4.0.2+debian-9_all.deb
Size/MD5 checksum: 77256 ba868af9c67e56ba346233e3473b94c6

Source archives:

http://security.debian.org/pool/updates/main/t/typo3-src/typo3-src_4.0.2+debian-9.diff.gz
Size/MD5 checksum: 32793 a0f7dee86225e89e4914633d2401e232
http://security.debian.org/pool/updates/main/t/typo3-src/typo3-src_4.0.2+debian.orig.tar.gz
Size/MD5 checksum: 7683527 be509391b0e4d24278c14100c09dc673
http://security.debian.org/pool/updates/main/t/typo3-src/typo3-src_4.0.2+debian-9.dsc
Size/MD5 checksum: 610 522ed0d81b54572f24b984a8448d594b

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/t/typo3-src/typo3-src_4.2.5.orig.tar.gz
Size/MD5 checksum: 8144727 75b2e5db6ac586fb6176f329be452159
http://security.debian.org/pool/updates/main/t/typo3-src/typo3-src_4.2.5-1+lenny2.diff.gz
Size/MD5 checksum: 122866 d4bce174f2ea2a94834cc0d250b51495
http://security.debian.org/pool/updates/main/t/typo3-src/typo3-src_4.2.5-1+lenny2.dsc
Size/MD5 checksum: 1008 8980c630529cf34c44f491e4ee6e6e07

Architecture independent packages:

http://security.debian.org/pool/updates/main/t/typo3-src/typo3-src-4.2_4.2.5-1+lenny2_all.deb
Size/MD5 checksum: 8201724 ea85991b8e26953d7ff43080458cc766
http://security.debian.org/pool/updates/main/t/typo3-src/typo3_4.2.5-1+lenny2_all.deb
Size/MD5 checksum: 133854 04e43a0b661c56a307a06f282f304e43

These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@...
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iQEcBAEBAgAGBQJK8dbCAAoJECIIoQCMVaAcu6cH/RM9LZkCTXR9kr6i2XjyiD4S
5YyMDoH9634YG6FGy+BawPpC5Bwa+hFNNZylUVu0W1oat5tHSOH1SdaMw++AU1GV
BR4ICxCO7E877JyQNSCBqELrMqCJcpH24Afq5VEbCZJiVOmWAd6M45hnqdMPY63r
p7MCwsw/iaZuwD3BiVutwMxQ9baejxfbRz4iJbd/K2HzV3+mHz5Xz9LSy0BBpC4e
TN5faFnhwl8LdFvnf9gziGp9AVfSI8/RLDVqDRNSBgLB7qZgnQiKSQ+2fO708llA
aJXwGa8WmgIRMVo3oEXKQ/74K9B3RmKppv+szXEiFnhZ6l2J3AzMxUd4sBFZWUI=
=fwRT
-----END PGP SIGNATURE-----

--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@...
with a subject of "unsubscribe". Trouble? Contact listmaster@...