[guru] Debian biztonsagi frissitesek
DATE: Wed, 26 Jul 2006 23:03:30 +0200
Az rssh (egy korlátozott shell) nem ellenőrzi kellőképp a bejövő
parancsokat, ami a korlátozások kikerülését teszi lehetővé.
Debian is kiadta a samba (smbd DoS), Zope (programozási hiba), libgd2 (gif
image érvényességének elégtelen ellenőrzése), GnuPG2 (nagy user ID-k okozta
integer overflow (a GnuPG javítás már korabban kijött)), hashcash (buffer
overflow), gimp (buffer overflow az XCF betöltésnél), Mozilla, Mozilla
Firefox (több hiba), csomagok javítását.
Új, 2.6.8-as kernelet adtak ki, ami a /proc race condition-re orvosság.
Ha upgrade-re nincs lehetőség, workaround-ként a proc file-rendszer
nosuid, noexec-kel való csatlakoztatása javasolt.
Több hibát találtak a mysql 4.1-ben.
o Debian is kijött az str_to_date() függvény javításával (DoS-t tett
lehetővé).
o a szerver összeomolhat egy fortélyos date_format() függvényhívástól.
A sid-ben lévő MySQL 5.0 nem érintett.
Biztinsági hibát találtak a Hiki Wiki-ben (Ruby-ban írt Wiki motor).
Nagy és fortélyos wiki lapok diff-elésével magas CPU használtságot lehet
elérni, ami DoS-hoz vezethet.
Format string hibát találtak a postgrey greylist kezelőben,
Hibát találtak az fbi frame buffer image viewer-ben.
Az fbgs framebuffer postscript/PDF viewer hibát tartalmaz, ami
megakadályozza a rosszindulatú postscript parancsok kiszűrését.
Kihasználásával felhasználói adat törölhető, postscript file
megjelenítésével.
A stable (sarge) ágban javították a hibát, az unstable-ben (sid) hamarosan
javítják.
Biztinsági hibát találtak a libdumb függvénykönyvtárban. IT music file-ok
parzolásánal nem ellenőrzi kellőképpen a kinyert értékeket, ami buffer
overflowhoz, majd tetszőleges kód futtatásához vezethet.
Format string hibát találtak a Net::Server (libnet-server-perl) perl
függvénygyüjteményben.
Debian kiadta a csomagok javítsáokat.
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Debian Security Advisory DSA 1109-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
July 16th, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : rssh
Vulnerability : programming error
Problem-Type : remote
Debian-specific: no
CVE ID : CVE-2006-1320
Debian Bug : 346322
Russ Allbery discovered that rssh, a restricted shell, performs
insufficient checking of incoming commands, which might lead to a bypass
of access restrictions.
For the stable distribution (sarge) this problem has been fixed in
version 2.2.3-1.sarge.2.
For the unstable distribution (sid) this problem has been fixed in
version 2.3.0-1.1.
We recommend that you upgrade your rssh package.
Upgrade Instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/r/rssh/rssh_2.2.3-1.sarge.2.dsc
Size/MD5 checksum: 589 a8ccbaa1d14d0aa30b3eb0bb1aefd4e5
http://security.debian.org/pool/updates/main/r/rssh/rssh_2.2.3-1.sarge.2.diff.gz
Size/MD5 checksum: 52207 00e3ad8c7944ed55e1316e414ab3d388
http://security.debian.org/pool/updates/main/r/rssh/rssh_2.2.3.orig.tar.gz
Size/MD5 checksum: 107216 74f40a4fd5d2b097af34a817e21a33cf
Alpha architecture:
http://security.debian.org/pool/updates/main/r/rssh/rssh_2.2.3-1.sarge.2_alpha.deb
Size/MD5 checksum: 48782 0388514b947030f42219c9a615527dd9
AMD64 architecture:
http://security.debian.org/pool/updates/main/r/rssh/rssh_2.2.3-1.sarge.2_amd64.deb
Size/MD5 checksum: 44472 021a58e5c2591e2a15e4f1804816aa7b
ARM architecture:
http://security.debian.org/pool/updates/main/r/rssh/rssh_2.2.3-1.sarge.2_arm.deb
Size/MD5 checksum: 41974 98eb40b5011e7868b02edfc07591f005
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/r/rssh/rssh_2.2.3-1.sarge.2_i386.deb
Size/MD5 checksum: 42596 7236c31d25f8b4cbbb8894112aa585aa
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/r/rssh/rssh_2.2.3-1.sarge.2_ia64.deb
Size/MD5 checksum: 55530 9c61a904a78c4c6d93763cdb73f9c009
HP Precision architecture:
http://security.debian.org/pool/updates/main/r/rssh/rssh_2.2.3-1.sarge.2_hppa.deb
Size/MD5 checksum: 44098 334ae1019286051be323bf6994d51c99
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/r/rssh/rssh_2.2.3-1.sarge.2_m68k.deb
Size/MD5 checksum: 41522 0efafd5a441d6d392d1a2490bfb2dcc4
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/r/rssh/rssh_2.2.3-1.sarge.2_mips.deb
Size/MD5 checksum: 49520 7126170731d1b5ad12d7afb6d68c16b7
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/r/rssh/rssh_2.2.3-1.sarge.2_mipsel.deb
Size/MD5 checksum: 49546 7d8859c87eeb09f3b2502cfbed3c3f66
PowerPC architecture:
http://security.debian.org/pool/updates/main/r/rssh/rssh_2.2.3-1.sarge.2_powerpc.deb
Size/MD5 checksum: 42936 f68184985e1ec6c27518ac74404afbec
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/r/rssh/rssh_2.2.3-1.sarge.2_s390.deb
Size/MD5 checksum: 42596 29243bae45e1dca2c07ca609617c0bfa
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/r/rssh/rssh_2.2.3-1.sarge.2_sparc.deb
Size/MD5 checksum: 42532 59db16aa282bc182f79418fdd99341c0
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFEumB3Xm3vHE4uyloRAuQXAJ9koWyjXYOpZ1T4NsCLHQV7j0DXRgCglchW
m9Kfb85HK9yepAe6ZOLwMzs=
=7cKm
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Debian Security Advisory DSA 1110-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
July 16th, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : samba
Vulnerability : missing input sanitising
Problem-Type : remote
Debian-specific: no
CVE ID : CVE-2006-3403
Gerald Carter discovered that the smbd daemon from Samba, a free
implementation of the SMB/CIFS protocol, imposes insufficient limits
in the code to handle shared connections, which can be exploited to
exhaust system memory by sending maliciously crafted requests, leading
to denial of service.
For the stable distribution (sarge) this problem has been fixed in
version 3.0.14a-3sarge2.
For the unstable distribution (sid) this problem will be fixed soon.
We recommend that you upgrade your samba package.
Upgrade Instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge2.dsc
Size/MD5 checksum: 1081 228209482ce7dcac4555cf01ad5accd8
http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge2.diff.gz
Size/MD5 checksum: 113550 e67c59189e5392bf968a09b3e63aa43f
http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a.orig.tar.gz
Size/MD5 checksum: 15605851 ebee37e66a8b5f6fd328967dc09088e8
Architecture independent components:
http://security.debian.org/pool/updates/main/s/samba/samba-doc_3.0.14a-3sarge2_all.deb
Size/MD5 checksum: 12116952 608638d037d8a05c239f3c70895859cb
Alpha architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge2_alpha.deb
Size/MD5 checksum: 400918 852fc85f08e4ff63839d1b4bd0008fd4
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge2_alpha.deb
Size/MD5 checksum: 658976 a2f7e86a86ebe74c54b6bb727db9b3e4
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge2_alpha.deb
Size/MD5 checksum: 1013504 6afc19c9e57b590fb09dea414cafe08a
http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge2_alpha.deb
Size/MD5 checksum: 5231692 888f7bd021e8a21f726c2c3fe01adb47
http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge2_alpha.deb
Size/MD5 checksum: 3125638 71a82dbbb4ef5029bd82be7a13788f92
http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge2_alpha.deb
Size/MD5 checksum: 2407250 acd9a61f6870885319c8adda0e79c1f5
http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge2_alpha.deb
Size/MD5 checksum: 20255462 3b681c348c574fc10acc32dcc5a6bb43
http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge2_alpha.deb
Size/MD5 checksum: 3249320 97c3ecf25d8e9842015d76609375bd9e
http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge2_alpha.deb
Size/MD5 checksum: 458262 ce8892211dea63f3818eef16a6249695
http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge2_alpha.deb
Size/MD5 checksum: 4208926 f404643bcd0e7bebe0b97f95dbcf11d7
http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge2_alpha.deb
Size/MD5 checksum: 1821200 9d04569a90d1fa3f57b4f4e58dbb6eb8
AMD64 architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge2_amd64.deb
Size/MD5 checksum: 380658 6089628ccb0a8f91b2e54d40e82a2f1e
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge2_amd64.deb
Size/MD5 checksum: 599178 a0a004d08f13cc346d627c24a308fd12
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge2_amd64.deb
Size/MD5 checksum: 794994 fafa89b19c13207c331994c307e4df60
http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge2_amd64.deb
Size/MD5 checksum: 5197634 a8df0f079437b988a4e7c1118e355e40
http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge2_amd64.deb
Size/MD5 checksum: 2806504 dece478b364af2f17976d8300a7d1f7b
http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge2_amd64.deb
Size/MD5 checksum: 2192376 a76155737241f77529b52befc234f191
http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge2_amd64.deb
Size/MD5 checksum: 6480526 b78909efe789289753d28b78bea98df2
http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge2_amd64.deb
Size/MD5 checksum: 2864878 dea1791f6efe210df3001576d1464138
http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge2_amd64.deb
Size/MD5 checksum: 410010 58a1f1bd47877454883dfe8cec9ec926
http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge2_amd64.deb
Size/MD5 checksum: 4121796 4161904fa80702158be375497bb66ba1
http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge2_amd64.deb
Size/MD5 checksum: 1649614 52d62c2c0b5b6de97d4371e0b8847e81
ARM architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge2_arm.deb
Size/MD5 checksum: 340852 eb775ed696d71bf2a864e08ae8386c9a
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge2_arm.deb
Size/MD5 checksum: 544220 03ca4bef2fe35ccfae1c79db0591bc18
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge2_arm.deb
Size/MD5 checksum: 822150 04e9f32488696bd89d766074128f5fb7
http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge2_arm.deb
Size/MD5 checksum: 4644590 75b69ac60a0ba851c1c5fb424cb1985b
http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge2_arm.deb
Size/MD5 checksum: 2556172 13f91637bcb3213f27df469fefe221b5
http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge2_arm.deb
Size/MD5 checksum: 2008514 d662f9b3dde4fe359dd8ea9fde868e82
http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge2_arm.deb
Size/MD5 checksum: 6654354 72907a5842606569499ed0d2b407822a
http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge2_arm.deb
Size/MD5 checksum: 2595458 995dffb36fe7f70d86cbc0b8cf290e1b
http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge2_arm.deb
Size/MD5 checksum: 375374 9849b230af610bc2248a064be6b062de
http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge2_arm.deb
Size/MD5 checksum: 4063548 4286264d2d9abe9d2449ad3d881d16b1
http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge2_arm.deb
Size/MD5 checksum: 1482218 00834fa3ed6a8ec2907231bb86ebfd5b
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge2_i386.deb
Size/MD5 checksum: 346572 31e84bc9bfed19228ac0099579573c1d
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge2_i386.deb
Size/MD5 checksum: 548542 afce1f6147b0b292c0686c02af7c9836
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge2_i386.deb
Size/MD5 checksum: 736496 25f6c6fc37e0751e2ca600a8b714b5b3
http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge2_i386.deb
Size/MD5 checksum: 4740562 b27084883241b9993ebe7082800f6ab2
http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge2_i386.deb
Size/MD5 checksum: 2514472 ad60a2b42e93202d5d0581be63a32b9f
http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge2_i386.deb
Size/MD5 checksum: 1983672 0d48f6cdf53e74bf890d764c4bc5198c
http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge2_i386.deb
Size/MD5 checksum: 6590700 1431e3b3d8226ec1d0eb047ec6935e98
http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge2_i386.deb
Size/MD5 checksum: 2528838 158b542984366361d0c37642820a04bb
http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge2_i386.deb
Size/MD5 checksum: 370000 0f46a22668a6d18a9af7c9b8fa70ee51
http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge2_i386.deb
Size/MD5 checksum: 4052526 588824ddf752d13c994ff18df54380bd
http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge2_i386.deb
Size/MD5 checksum: 1459782 a1ea9a665172a6fd7b76aef952ebf8fb
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge2_ia64.deb
Size/MD5 checksum: 472318 385a165554819c05836d64c8176158fb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge2_ia64.deb
Size/MD5 checksum: 753816 227368ecb40bda106944a488c814fbcb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge2_ia64.deb
Size/MD5 checksum: 1034568 9141077269b90c88d0dbe8cec6406b77
http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge2_ia64.deb
Size/MD5 checksum: 6619312 6aa4f763d5b4671f816efc1ca8370f23
http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge2_ia64.deb
Size/MD5 checksum: 3813420 153637549fb1df5d4d8e68e9a1113225
http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge2_ia64.deb
Size/MD5 checksum: 2850344 183db0d9c68a98bb48fbb3df547c8b9b
http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge2_ia64.deb
Size/MD5 checksum: 674256 2e832a72821e496658a8428267e4511d
http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge2_ia64.deb
Size/MD5 checksum: 3920730 3e9c83ed8f819060e673ce88fadf0cb1
http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge2_ia64.deb
Size/MD5 checksum: 547032 2b253de1c2576b645aadd5558af59718
http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge2_ia64.deb
Size/MD5 checksum: 4361378 b249ad148caef201e0c79b87927d805b
http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge2_ia64.deb
Size/MD5 checksum: 2210656 b42d5e11c34f8508d754c879a1bcae3f
HP Precision architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge2_hppa.deb
Size/MD5 checksum: 403318 d35dbec6170147cfcd97ff2d6c34fda6
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge2_hppa.deb
Size/MD5 checksum: 643206 15563a27917582002e5d833fa1c88c33
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge2_hppa.deb
Size/MD5 checksum: 893816 c601f379423e1b5427a7e33805a50850
http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge2_hppa.deb
Size/MD5 checksum: 5548592 695e1660029bc16c85625c5424a4b975
http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge2_hppa.deb
Size/MD5 checksum: 2862386 bf140bc989b0dc315e59f3e5ece5c695
http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge2_hppa.deb
Size/MD5 checksum: 2213078 2327685dedfc7e6af4e750d6132c8e3d
http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge2_hppa.deb
Size/MD5 checksum: 6461584 4df39667311665026081a3495aaa7ef9
http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge2_hppa.deb
Size/MD5 checksum: 2913000 5b71911c495a4221f60264a8b669d837
http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge2_hppa.deb
Size/MD5 checksum: 416272 6317995f536010b98d2ad22c25e4c2c6
http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge2_hppa.deb
Size/MD5 checksum: 4133896 d9948e4dbaf3c9d0ec6a8e941ad2be2c
http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge2_hppa.deb
Size/MD5 checksum: 1689264 687056df597c39cd9047c5d49994a663
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge2_m68k.deb
Size/MD5 checksum: 328958 a0ec99f5e41fe16cd37b94dc387fd9f4
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge2_m68k.deb
Size/MD5 checksum: 519064 a3f71819baa191083e26346db7dcf4b5
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge2_m68k.deb
Size/MD5 checksum: 655030 5f2437b8f5009757e74b0ca77d0af82e
http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge2_m68k.deb
Size/MD5 checksum: 4533394 23196b797b2fd65f447078e0d5eddab0
http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge2_m68k.deb
Size/MD5 checksum: 2212368 6ff6be53825b382fd07ea39c4c2991ea
http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge2_m68k.deb
Size/MD5 checksum: 1778020 da382dfa9a4c170650f26b6322305a5e
http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge2_m68k.deb
Size/MD5 checksum: 6223478 103f34a372074f99b29cb6583cdcb6be
http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge2_m68k.deb
Size/MD5 checksum: 2228662 0d91206dba0ea500614fc73521d85195
http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge2_m68k.deb
Size/MD5 checksum: 333468 d6035ca16b5b20d732847340f6b4a8a7
http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge2_m68k.deb
Size/MD5 checksum: 3970444 4d443f6ee9ba2c592bcc3d306dab079c
http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge2_m68k.deb
Size/MD5 checksum: 1310298 7bc4ab658988648b1c1cc2c5368124c2
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge2_mips.deb
Size/MD5 checksum: 356048 0ec87e6a38c9840bb4acb2f8389f6c60
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge2_mips.deb
Size/MD5 checksum: 555362 341b70c7c189833f65b47e00b52f1c1c
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge2_mips.deb
Size/MD5 checksum: 820632 bfcdfb3efefb72e849ea9df194615bef
http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge2_mips.deb
Size/MD5 checksum: 4665250 e035f6790f43246f36c56894b4f40176
http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge2_mips.deb
Size/MD5 checksum: 2775088 c9fba09f74a5e4b7e10801489551c337
http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge2_mips.deb
Size/MD5 checksum: 2154964 72153064df634500804a71e85c880d75
http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge2_mips.deb
Size/MD5 checksum: 6759884 a0c1a2969d67aa9e9b752c8ebef8e40d
http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge2_mips.deb
Size/MD5 checksum: 2821300 f6bb5f9d7fb968e9148bf05abfdb2290
http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge2_mips.deb
Size/MD5 checksum: 411716 5e2f768ed006c91568ecf9d4d38d5f0a
http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge2_mips.deb
Size/MD5 checksum: 4104042 30ae5abceadfbb2ef8db9fe2d09f5a29
http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge2_mips.deb
Size/MD5 checksum: 1603590 cd8d2bd174f3e0fc3a1375469ab822cf
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge2_mipsel.deb
Size/MD5 checksum: 354928 d9684a30bb451bd7263ffa35854e85b6
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge2_mipsel.deb
Size/MD5 checksum: 553110 6cb3f8342d60314ff7844bee5d96b321
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge2_mipsel.deb
Size/MD5 checksum: 812272 8c34889caffb4798aad6737cb5744e82
http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge2_mipsel.deb
Size/MD5 checksum: 4650594 c2b0a934db7ee76398c58b8033a3d253
http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge2_mipsel.deb
Size/MD5 checksum: 2776104 a849991d021bae04ab147fbea1480ec3
http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge2_mipsel.deb
Size/MD5 checksum: 2151798 688269491d565d7b3ab6aee567e44439
http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge2_mipsel.deb
Size/MD5 checksum: 6573420 3c54698380e16e7516f0bd461eb08570
http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge2_mipsel.deb
Size/MD5 checksum: 2816450 66eb1db3216073ebeff64e94c6dcb346
http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge2_mipsel.deb
Size/MD5 checksum: 410558 bbf090442aafbc3992037737ab89a831
http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge2_mipsel.deb
Size/MD5 checksum: 4102530 82baabe604497a82bfb4e977fb4e2e01
http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge2_mipsel.deb
Size/MD5 checksum: 1601286 e09d23096cb468d88f1f496e31aa429b
PowerPC architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge2_powerpc.deb
Size/MD5 checksum: 367664 1e40365846fada575689d99562cb0184
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge2_powerpc.deb
Size/MD5 checksum: 590810 9b1bb98709bfb747c5e9197c523df90f
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge2_powerpc.deb
Size/MD5 checksum: 736464 1d8effb449d41e6d806665bc2c3f4819
http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge2_powerpc.deb
Size/MD5 checksum: 5009294 dc691e5fbf2bbce1aaa695f252babec4
http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge2_powerpc.deb
Size/MD5 checksum: 2771790 7e50dd86689342c16e3f37bcb8aa4901
http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge2_powerpc.deb
Size/MD5 checksum: 2153632 4f09423d91f89c2c3cee11dd2ab04d73
http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge2_powerpc.deb
Size/MD5 checksum: 6855374 a10c211192a4a4b36344ce847edf7a46
http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge2_powerpc.deb
Size/MD5 checksum: 2824120 80d93c353292c3844823319a412d7ace
http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge2_powerpc.deb
Size/MD5 checksum: 406166 8b1f63a9e51b78e6640398aa481acbab
http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge2_powerpc.deb
Size/MD5 checksum: 4112048 2b8da6d7c63c292490e87ca824da279a
http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge2_powerpc.deb
Size/MD5 checksum: 1612260 efc37671c3b75ef897643af0325e7b2f
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge2_s390.deb
Size/MD5 checksum: 385426 f41fa70a53200bcf1a17458a3ae931f4
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge2_s390.deb
Size/MD5 checksum: 603514 b3e04e873310500477539a1b10c582a7
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge2_s390.deb
Size/MD5 checksum: 796152 0c2531601f57aa5f8c0e14488edf5612
http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge2_s390.deb
Size/MD5 checksum: 5282522 30153dc5a798094bedec8d9fe18a4feb
http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge2_s390.deb
Size/MD5 checksum: 2723168 e85981c8fed6e80d62330fa97681c49f
http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge2_s390.deb
Size/MD5 checksum: 2122320 0746503c40729997c7a8fcb00a4cf593
http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge2_s390.deb
Size/MD5 checksum: 6831912 917d1ab96f5f831eda20bb395ee37988
http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge2_s390.deb
Size/MD5 checksum: 2773008 7b282a8a1cbf13099462e2dc14ce4ed5
http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge2_s390.deb
Size/MD5 checksum: 404050 edd870452f9494c1d7b19da727a519e8
http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge2_s390.deb
Size/MD5 checksum: 4091850 7614eeddcbbef8aa708b5f77ea6f5e7e
http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge2_s390.deb
Size/MD5 checksum: 1613004 1fd09e96a3f44302d1572eb0caaca69d
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge2_sparc.deb
Size/MD5 checksum: 355346 89428c09223531e7f8cc945dc9c13a07
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge2_sparc.deb
Size/MD5 checksum: 560772 56c2c1805517d821f7f085fca0c5c06a
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge2_sparc.deb
Size/MD5 checksum: 795102 6e19608711d27da59e209f48e5240e4c
http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge2_sparc.deb
Size/MD5 checksum: 4861812 19771c3fcb5a325a01261c6ea8963a68
http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge2_sparc.deb
Size/MD5 checksum: 2520738 4cc2394804add7461418cc24c391b6cd
http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge2_sparc.deb
Size/MD5 checksum: 1977870 71f3d37dc7e3f6945d45f412ce459127
http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge2_sparc.deb
Size/MD5 checksum: 6344016 a2c8ea58a1f0f0787df1271bb7e6b5f6
http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge2_sparc.deb
Size/MD5 checksum: 2539690 bb26c65d740909f845f6b13e8877d748
http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge2_sparc.deb
Size/MD5 checksum: 371346 e2d95f4244e8f93f676a271fa4be0e06
http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge2_sparc.deb
Size/MD5 checksum: 4049368 7dd1458831ab65925550e37a42ce7bd7
http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge2_sparc.deb
Size/MD5 checksum: 1475928 4ba1e79eb6793abcce51f68efd43db17
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFEumZ1Xm3vHE4uyloRAl2uAJ97HTRd9VRCHRQLlS/FK/GEym9aiQCg13BE
ruWveoYFOoEv/du8qCi0u/Y=
=LmsL
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Debian Security Advisory DSA 1111-1 security@debian.org
http://www.debian.org/security/ Dann Frazier
Jul 16th, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : kernel-source-2.6.8 et. al.
Vulnerability : race condition
Problem-Type : local
Debian-specific: no
CVE ID : CVE-2006-3625
It was discovered that a race condition in the process filesystem can lead
to privilege escalation.
The following matrix explains which kernel version for which architecture
fixes the problem mentioned above:
Debian 3.1 (sarge)
Source 2.6.8-16sarge4
Alpha architecture 2.6.8-16sarge4
AMD64 architecture 2.6.8-16sarge4
Intel IA-32 architecture 2.6.8-16sarge4
Intel IA-64 architecture 2.6.8-14sarge4
PowerPC architecture 2.6.8-12sarge4
Sun Sparc architecture 2.6.8-15sarge4
As an exploit for this issue in the wild, this advisory was sent out without
builds for the IBM S/390, Motorola 680x0 and HP Precision architectures being
available. They will be released in a followup-advisory as soon as they
are available. Also, the kernels for the FAI installer haven't been updated
yet. As a workaround we recommend to mount proc with the nosuid and noexec
options.
We recommend that you upgrade your kernel package immediately and reboot
the machine. If you have built a custom kernel from the kernel source
package, you will need to rebuild to take advantage of these fixes.
Upgrade Instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-alpha_2.6.8-16sarge4.dsc
Size/MD5 checksum: 812 ff4792fd28cadb6774ae4310ce38e301
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-alpha_2.6.8-16sarge4.tar.gz
Size/MD5 checksum: 38839 e4d527c319269df165cc23fd6fb54a68
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-amd64_2.6.8-16sarge4.dsc
Size/MD5 checksum: 1103 7dc33f6d9079af9d79b05d6ece3dfdc5
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-amd64_2.6.8-16sarge4.tar.gz
Size/MD5 checksum: 75714 264ee72864b022045cc4b0820fe062db
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-14sarge4.dsc
Size/MD5 checksum: 1191 0fb79cfacfc5581263710440357ed5ce
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-14sarge4.tar.gz
Size/MD5 checksum: 64204 02b5b536eebb207995ef3a754de1c87e
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-i386_2.6.8-16sarge4.dsc
Size/MD5 checksum: 1047 62f42ea9f118d911a8f215af2f3e586d
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-i386_2.6.8-16sarge4.tar.gz
Size/MD5 checksum: 90861 885cb72bd69153dcd6512db147caa173
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-sparc_2.6.8-15sarge4.dsc
Size/MD5 checksum: 1036 00d330ff015d713c4652ea05c5555f91
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-sparc_2.6.8-15sarge4.tar.gz
Size/MD5 checksum: 24447 393b640388a78dd98c727a08f972214c
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge4.dsc
Size/MD5 checksum: 1002 bca4e80e8a10ba3c0884e3fab032772b
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge4.diff.gz
Size/MD5 checksum: 1044761 b6675f6ac09f5d31f780650798c5609c
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8.orig.tar.gz
Size/MD5 checksum: 43929719 0393c05ffa4770c3c5178b74dc7a4282
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-12sarge4.dsc
Size/MD5 checksum: 1071 4bb132bef3f8f2a220ad9e74ab76500e
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-12sarge4.tar.gz
Size/MD5 checksum: 27031 59fb7f129abc85794829e1e777b540a0
Architecture independent components:
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-doc-2.6.8_2.6.8-16sarge4_all.deb
Size/MD5 checksum: 6183402 a4efe296e5fd14d33c6b1ae1f40265c3
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-patch-debian-2.6.8_2.6.8-16sarge4_all.deb
Size/MD5 checksum: 1081512 562d408fa5cd936f557eceb74621bff2
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge4_all.deb
Size/MD5 checksum: 34943124 7b65a57ca6a2376d8042143244b8f5ab
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-tree-2.6.8_2.6.8-16sarge4_all.deb
Size/MD5 checksum: 35134 80f1a94b1542bf3f89bd77d0a69c67c4
Alpha architecture:
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-3_2.6.8-16sarge4_alpha.deb
Size/MD5 checksum: 2759858 310b0ddfee56412d0fdf827fbb53ad04
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-3-generic_2.6.8-16sarge4_alpha.deb
Size/MD5 checksum: 232256 264fb1d8c9107950918e02b3c8d1b2c5
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-3-smp_2.6.8-16sarge4_alpha.deb
Size/MD5 checksum: 227366 3c43da6bd0a369e67be02af8e3498d60
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-3-generic_2.6.8-16sarge4_alpha.deb
Size/MD5 checksum: 20220764 714e37e85c5387ef44ef8ca96608934a
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-3-smp_2.6.8-16sarge4_alpha.deb
Size/MD5 checksum: 20073926 24005f33bb551a3dec6cdbbdae45efdf
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-12_2.6.8-16sarge4_i386.deb
Size/MD5 checksum: 2722664 c435fecd5d9cbda8f337c3cd86fc0dca
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-12-amd64-generic_2.6.8-16sarge4_i386.deb
Size/MD5 checksum: 226110 94d5814aed329864cad5d1584a5d44e2
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-12-amd64-k8_2.6.8-16sarge4_i386.deb
Size/MD5 checksum: 225244 d8128cc1a753402d41ce2b7ddcee875a
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-12-amd64-k8-smp_2.6.8-16sarge4_i386.deb
Size/MD5 checksum: 221102 76161094b4af81690b489010912ad94d
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-12-em64t-p4_2.6.8-16sarge4_i386.deb
Size/MD5 checksum: 223202 89d8a6a610eccf151bdbd38f7467731c
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-12-em64t-p4-smp_2.6.8-16sarge4_i386.deb
Size/MD5 checksum: 219462 9eb4bace25ae262ac51c45617661f3be
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-12-amd64-generic_2.6.8-16sarge4_i386.deb
Size/MD5 checksum: 12561704 c3ffffed8671d53630c176618d12fbc9
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-12-amd64-k8_2.6.8-16sarge4_i386.deb
Size/MD5 checksum: 13257210 a4d1fac79a380edbe4284659428f7623
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-12-amd64-k8-smp_2.6.8-16sarge4_i386.deb
Size/MD5 checksum: 13219086 a578d5400499044678959c16e8839153
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-12-em64t-p4_2.6.8-16sarge4_i386.deb
Size/MD5 checksum: 13217374 1b4965fe7b97de4e24075ea3541a21fd
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-12-em64t-p4-smp_2.6.8-16sarge4_i386.deb
Size/MD5 checksum: 13190288 417cafc0fc4dd74032fc9f184ecb8659
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-3_2.6.8-16sarge4_i386.deb
Size/MD5 checksum: 2779472 3c3d561576b2bbcae74806518f2d526f
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-3-386_2.6.8-16sarge4_i386.deb
Size/MD5 checksum: 258572 b6ef0ead4cbbd2f4700613fae13ecad6
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-3-686_2.6.8-16sarge4_i386.deb
Size/MD5 checksum: 256372 3bcb4f79630757e495377f140c055c5a
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-3-686-smp_2.6.8-16sarge4_i386.deb
Size/MD5 checksum: 253422 fd1d4a2ff14ea852098b41435a8dd8f2
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-3-k7_2.6.8-16sarge4_i386.deb
Size/MD5 checksum: 256716 9369c6b0c81fe61fe0640fbbb5d295a3
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-3-k7-smp_2.6.8-16sarge4_i386.deb
Size/MD5 checksum: 253512 027cb58c47a72a2fb0303d98988e5ec0
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-3-386_2.6.8-16sarge4_i386.deb
Size/MD5 checksum: 14063498 847b68ff55485cd1cfdef9b951a27639
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-3-686_2.6.8-16sarge4_i386.deb
Size/MD5 checksum: 15536232 d3974ee45e891069362eed6af842bcfd
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-3-686-smp_2.6.8-16sarge4_i386.deb
Size/MD5 checksum: 15346658 a52d56df265fe38bb822e3a09ce627e4
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-3-k7_2.6.8-16sarge4_i386.deb
Size/MD5 checksum: 15261024 8e67b0d239fc9ca47db18ed49b42a083
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-3-k7-smp_2.6.8-16sarge4_i386.deb
Size/MD5 checksum: 15124402 16d13d0ef23a03258fdca8dffeae8cc6
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-itanium_2.6.8-14sarge4_ia64.deb
Size/MD5 checksum: 6678 75fdf84848419b73b504cf440bb89030
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-itanium-smp_2.6.8-14sarge4_ia64.deb
Size/MD5 checksum: 6750 0583066225780439bc152d5067de73fd
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-mckinley_2.6.8-14sarge4_ia64.deb
Size/MD5 checksum: 6706 b9daa129196ea166ccfdd1bfc5528aae
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-mckinley-smp_2.6.8-14sarge4_ia64.deb
Size/MD5 checksum: 6776 816a81ea2af11666807310e001413ca2
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-3_2.6.8-14sarge4_ia64.deb
Size/MD5 checksum: 3098892 53c416f0b21d13d97b9cafdaf53335fe
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-3-itanium_2.6.8-14sarge4_ia64.deb
Size/MD5 checksum: 200088 a13df28d82aea874f7f2f7624964a180
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-3-itanium-smp_2.6.8-14sarge4_ia64.deb
Size/MD5 checksum: 199418 0c89142d3f9bd9dc9bc0945c2c5a5252
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-3-mckinley_2.6.8-14sarge4_ia64.deb
Size/MD5 checksum: 199864 1627d34ecce889ab7feeb079e5e786a5
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-3-mckinley-smp_2.6.8-14sarge4_ia64.deb
Size/MD5 checksum: 199352 1f8fbb0f499928da9afad963240a2a5a
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-itanium_2.6.8-14sarge4_ia64.deb
Size/MD5 checksum: 6676 863e6dbb301810732ca5b967d1348b1d
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-itanium-smp_2.6.8-14sarge4_ia64.deb
Size/MD5 checksum: 6750 a0be1dbee3890815491446c70292af6b
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-mckinley_2.6.8-14sarge4_ia64.deb
Size/MD5 checksum: 6702 55fe56f2f3de36221c8c00826e6eca6c
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-mckinley-smp_2.6.8-14sarge4_ia64.deb
Size/MD5 checksum: 6774 b00877ca52331c964323b12056cd1f70
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-3-itanium_2.6.8-14sarge4_ia64.deb
Size/MD5 checksum: 21476370 c9a52f35220d0e3bc61b1f507b7dc716
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-3-itanium-smp_2.6.8-14sarge4_ia64.deb
Size/MD5 checksum: 22136612 9d6f06b3203fec64ef280bb2147b60ae
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-3-mckinley_2.6.8-14sarge4_ia64.deb
Size/MD5 checksum: 21409268 2a5e1b20baa1a668304e4c6c0ee96f77
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-3-mckinley-smp_2.6.8-14sarge4_ia64.deb
Size/MD5 checksum: 22154522 dd8e2bab100e8447434428d8c3d0cd33
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-build-2.6.8-3_2.6.8-15sarge4_sparc.deb
Size/MD5 checksum: 5270 d9d8a08c7d95af660ddb27b2bdf3edb2
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-3_2.6.8-15sarge4_sparc.deb
Size/MD5 checksum: 2890614 25a5f93a494d583f533d8a8b6afc5811
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-3-sparc32_2.6.8-15sarge4_sparc.deb
Size/MD5 checksum: 110050 ef8055368116c6de685e2e5fb3eb7bc9
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-3-sparc64_2.6.8-15sarge4_sparc.deb
Size/MD5 checksum: 144772 3c49e410afa9020cfb0ed6e7daa1197a
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-3-sparc64-smp_2.6.8-15sarge4_sparc.deb
Size/MD5 checksum: 145386 b5f7c0add8b7f5709235a9a3108b0752
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-3-sparc32_2.6.8-15sarge4_sparc.deb
Size/MD5 checksum: 4551130 87c9d50a7693e0f049ee47e32e1b07ff
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-3-sparc64_2.6.8-15sarge4_sparc.deb
Size/MD5 checksum: 7430922 eceb79d6f7dd483ce5188e7934d1c506
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-3-sparc64-smp_2.6.8-15sarge4_sparc.deb
Size/MD5 checksum: 7628714 3a3dddddba19f112f7b3b93ba5d44642
PowerPC architecture:
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-3-power3_2.6.8-12sarge4_powerpc.deb
Size/MD5 checksum: 407398 e05e6f4cc9db78fb380752ffbdeb5da8
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-3-power3-smp_2.6.8-12sarge4_powerpc.deb
Size/MD5 checksum: 407328 e8a001c81e071b8e20ae1c231a4c6995
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-3-power4_2.6.8-12sarge4_powerpc.deb
Size/MD5 checksum: 406710 77a65238ea24808cffd01963a1fc1f63
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-3-power4-smp_2.6.8-12sarge4_powerpc.deb
Size/MD5 checksum: 406636 bbc4a48430c0b9b8e65adb9acb8d7898
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-3-powerpc_2.6.8-12sarge4_powerpc.deb
Size/MD5 checksum: 407600 1369ada43ac7d75f21463e4d2f1c2f24
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-3-powerpc-smp_2.6.8-12sarge4_powerpc.deb
Size/MD5 checksum: 406756 958b261e91d96f980704c0f3f82b8e6a
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-headers-2.6.8-3_2.6.8-12sarge4_powerpc.deb
Size/MD5 checksum: 5147646 bf6d33036a5a150d791b09e021154206
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-3-power3_2.6.8-12sarge4_powerpc.deb
Size/MD5 checksum: 13576992 151c64d944a5ba0f812596ec3c0d87c2
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-3-power3-smp_2.6.8-12sarge4_powerpc.deb
Size/MD5 checksum: 13929732 a53f72b2554445b5753b905b5306bb90
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-3-power4_2.6.8-12sarge4_powerpc.deb
Size/MD5 checksum: 13560758 ba215f514c5707a0eade2cc11f2bb0ff
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-3-power4-smp_2.6.8-12sarge4_powerpc.deb
Size/MD5 checksum: 13921224 0fab2af9083ebfc6d70d09c1d35affc2
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-3-powerpc_2.6.8-12sarge4_powerpc.deb
Size/MD5 checksum: 13595362 6dc1b4542ce1738258d3529900c16b5d
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-3-powerpc-smp_2.6.8-12sarge4_powerpc.deb
Size/MD5 checksum: 13847816 9f0c9b62f6ef32fc3c16263db5a6c988
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFEum1EXm3vHE4uyloRApHyAKCp9LgtpiukqBzKpTJ+tWWM+zmnyQCfQCR3
YAR0nNQc8tz2iCDD5zeG4F8=
=JzJA
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Debian Security Advisory DSA 1112-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
July 18th, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : mysql-dfsg-4.1
Vulnerability : several
Problem-Type : local
Debian-specific: no
CVE ID : CVE-2006-3081 CVE-2006-3469
Debian Bug : 373913 375694
Several local vulnerabilities have been discovered in the MySQL database
server, which may lead to denial of service. The Common
Vulnerabilities and Exposures project identifies the following problems:
CVE-2006-3081
"Kanatoko" discovered that the server can be crashed with feeding
NULL values to the str_to_date() function.
CVE-2006-3469
Jean-David Maillefer discovered that the server can be crashed with
specially crafted date_format() function calls.
For the stable distribution (sarge) these problems have been fixed in
version 4.1.11a-4sarge5.
For the unstable distribution (sid) does no longer contain MySQL 4.1
packages. MySQL 5.0 from sid is not affected.
We recommend that you upgrade your mysql-dfsg-4.1 packages.
Upgrade Instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.11a-4sarge5.dsc
Size/MD5 checksum: 1021 9cd4f7df9345856d06846e0ddb50b9ee
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.11a-4sarge5.diff.gz
Size/MD5 checksum: 168442 e45db0b01b3adaf09500d54090f3a1e1
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.11a.orig.tar.gz
Size/MD5 checksum: 15771855 3c0582606a8903e758c2014c2481c7c3
Architecture independent components:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-common-4.1_4.1.11a-4sarge5_all.deb
Size/MD5 checksum: 36520 e8115191126dc0b373a53024e5c78733
Alpha architecture:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge5_alpha.deb
Size/MD5 checksum: 1590788 297b4444903885a19c76a1217e83477d
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge5_alpha.deb
Size/MD5 checksum: 7965184 8df4e20d157517541228fa52e4c60dbc
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge5_alpha.deb
Size/MD5 checksum: 1000952 4d62bca949f80c09f043a78b9e701ca5
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge5_alpha.deb
Size/MD5 checksum: 17487070 b357fcab1b57764e1ee8a341dd30def3
AMD64 architecture:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge5_amd64.deb
Size/MD5 checksum: 1452034 a22b66b8e00b2409bf1428834af1073b
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge5_amd64.deb
Size/MD5 checksum: 5551704 731f50735026de2b95d9e9d9e19a7717
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge5_amd64.deb
Size/MD5 checksum: 849526 a0a5d944db8261044bcdddbe55ab03d6
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge5_amd64.deb
Size/MD5 checksum: 14711282 bf471f8b19fe0aa14bf04209c0eac975
ARM architecture:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge5_arm.deb
Size/MD5 checksum: 1388864 1ed00eac905063c7caa7702bb6a4dcda
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge5_arm.deb
Size/MD5 checksum: 5558854 46fac3302d6e4677bb1dbce5f5aa1387
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge5_arm.deb
Size/MD5 checksum: 836766 5487191a4af54786066ac720456b5b68
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge5_arm.deb
Size/MD5 checksum: 14557630 1369e1f83fad8dfcbea1618e0acd821e
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge5_i386.deb
Size/MD5 checksum: 1418036 ab5768abe67a1d21c714a078f2ec86f0
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge5_i386.deb
Size/MD5 checksum: 5643732 bf891e68e488947fd28a940a367d722f
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge5_i386.deb
Size/MD5 checksum: 830724 f5d4a9e5b289d895ba021190f907829f
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge5_i386.deb
Size/MD5 checksum: 14558034 b580eeaf7a3806b95a07435acbe48e27
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge5_ia64.deb
Size/MD5 checksum: 1713308 0067b2b9c41a412defde52f366e3c897
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge5_ia64.deb
Size/MD5 checksum: 7782486 3aabc5d9cf4bd642de338d58bdaf06f5
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge5_ia64.deb
Size/MD5 checksum: 1050616 d23aac0cd8ee2af56e54dfb5bac2f330
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge5_ia64.deb
Size/MD5 checksum: 18475936 9ddfe01a4b31abfed11b9bde23fac76f
HP Precision architecture:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge5_hppa.deb
Size/MD5 checksum: 1551202 77244af3e0edbeaf716764fe9ac81e6f
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge5_hppa.deb
Size/MD5 checksum: 6250286 fd9cb45d760605ee2a89f70af5cb9af3
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge5_hppa.deb
Size/MD5 checksum: 910046 38698cebd4b9f438fd09d9bbb9dcd92c
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge5_hppa.deb
Size/MD5 checksum: 15791130 8517866821789c2ac7343f9db6f59d3f
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge5_m68k.deb
Size/MD5 checksum: 1397964 e5166b54d56236e0bcbd677ae0b0612f
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge5_m68k.deb
Size/MD5 checksum: 5284080 48f187b76145ed53de71074d1e19bd6a
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge5_m68k.deb
Size/MD5 checksum: 803870 699c9078240853a353fbd70504285d51
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge5_m68k.deb
Size/MD5 checksum: 14072018 f2837081c2ff82f8510234e174db38b4
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge5_mips.deb
Size/MD5 checksum: 1478938 f6865d5d185ecc5b20dac7d0d7e129da
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge5_mips.deb
Size/MD5 checksum: 6053046 43b3f77618248df20870c85301465095
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge5_mips.deb
Size/MD5 checksum: 904490 351bde467510be873c1a2cdc57048523
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge5_mips.deb
Size/MD5 checksum: 15409966 a0332059581d3de6922e9313d6eef676
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge5_mipsel.deb
Size/MD5 checksum: 1446348 46a4c7d996016a4adcf56440b05fef21
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge5_mipsel.deb
Size/MD5 checksum: 5971326 6467ab19215d4e0e45084d3530929683
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge5_mipsel.deb
Size/MD5 checksum: 890130 52b93510c81b7d296074fc4c36a6d847
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge5_mipsel.deb
Size/MD5 checksum: 15105474 1ffe09b6dc5b370067bf337109188a25
PowerPC architecture:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge5_powerpc.deb
Size/MD5 checksum: 1476860 3b5a3a41dcb3744a289e78e3310d1df1
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge5_powerpc.deb
Size/MD5 checksum: 6027448 99a562b660721bc4dacd8997de8aab1f
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge5_powerpc.deb
Size/MD5 checksum: 907410 9893e547ddfe66215e6bc3da4bf69724
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge5_powerpc.deb
Size/MD5 checksum: 15403210 25c8ae97be006ad171df2f3bdedc72a2
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge5_s390.deb
Size/MD5 checksum: 1538550 b105d416c3bcd7875984cecac926d076
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge5_s390.deb
Size/MD5 checksum: 5461556 00100b922054d9b9c3fc22b3a92b60c7
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge5_s390.deb
Size/MD5 checksum: 884294 37fe2778f39871852f9fa53677cffe2c
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge5_s390.deb
Size/MD5 checksum: 15055516 c22496ba5559e2fbb1f0a37cd889ee0b
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge5_sparc.deb
Size/MD5 checksum: 1460576 f4a2d46769a708b1ef70aa85e2b09277
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge5_sparc.deb
Size/MD5 checksum: 6208040 3dc2de911cc6cbcb4f637bfccbce988a
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge5_sparc.deb
Size/MD5 checksum: 868258 1671384fa14d81404e3af7ffb555073e
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge5_sparc.deb
Size/MD5 checksum: 15392304 6d9b9d762aa6088e416c1b987f853e96
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFEvBoaXm3vHE4uyloRAjNHAKDYCyylFbJzy7B6HNonbBeY6hQdzACfZvwM
StoPTSj1GPfq6J9j5qveWTs=
=JCBl
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Debian Security Advisory DSA 1113-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
July 18th, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : zope2.7
Vulnerability : programming error
Problem-Type : remote
Debian-specific: no
CVE ID : CVE-2006-3458
Debian Bug : 377277
It was discovered that the Zope web application server allows read access
to arbitrary pages on the server, if a user has the privilege to edit
"restructured text" pages.
For the stable distribution (sarge) this problem has been fixed in
version 2.7.5-2sarge2.
The unstable distribution (sid) does no longer contain Zope 2.7 packages.
We recommend that you upgrade your zope2.7 package.
Upgrade Instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge2.dsc
Size/MD5 checksum: 906 e23c6dc88c7af48940e86fa41f97d536
http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge2.diff.gz
Size/MD5 checksum: 51266 a30c65b102a2ae75eb8e953826ec397b
http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5.orig.tar.gz
Size/MD5 checksum: 2885871 5b5c5823c62370d9f7325c6014a49d8b
Alpha architecture:
http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge2_alpha.deb
Size/MD5 checksum: 2669594 3012b1b7c60fbaa2a4e28270d8524993
AMD64 architecture:
http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge2_amd64.deb
Size/MD5 checksum: 2661200 a2396ea45bdee6684526e50bbd91d407
ARM architecture:
http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge2_arm.deb
Size/MD5 checksum: 2615998 94eba92b3e764b1409d9f204752c145d
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge2_i386.deb
Size/MD5 checksum: 2608476 0d2255ee8404c285df5d218ff1720ca1
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge2_ia64.deb
Size/MD5 checksum: 2959536 3f930a43af8b566f3ea791d7dd37b5cd
HP Precision architecture:
http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge2_hppa.deb
Size/MD5 checksum: 2736776 55734b807c8b20f65e6e0df0e2e27820
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge2_m68k.deb
Size/MD5 checksum: 2601508 29c0606574cb83e54d8df984e0a45b25
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge2_mips.deb
Size/MD5 checksum: 2675708 d48d0ef186ac908b5ab29c930e12dcb7
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge2_mipsel.deb
Size/MD5 checksum: 2678350 2f8078005091cea22255944c8f5d0953
PowerPC architecture:
http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge2_powerpc.deb
Size/MD5 checksum: 2724040 ea43d949c6e6d8970d58088dc112bc78
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge2_s390.deb
Size/MD5 checksum: 2663274 140d55d68fdcbe8397f3d0ec13087f7e
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge2_sparc.deb
Size/MD5 checksum: 2670674 cbdb9f302896fd372cd583be41a8ec2a
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFEvVCnXm3vHE4uyloRAlQ2AJ9jb+33gTkXw9uR2dpWFbjY6vPU2QCfUNQ9
httpW0iB9j8ethB8nAad83w=
=P+hr
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Debian Security Advisory DSA 1117-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
July 21st, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : libgd2
Vulnerability : insufficient input sanitising
Problem-Type : local(remote)
Debian-specific: no
CVE ID : CVE-2006-2906
Debian Bug : 372912
It was discoverd that the GD graphics library performs insufficient checks
of the validity of GIF images, which might lead to denial of service by
tricking the application into an infinite loop.
For the stable distribution (sarge) this problem has been fixed in
version 2.0.33-1.1sarge1.
For the unstable distribution (sid) this problem has been fixed in
version 2.0.33-5.
We recommend that you upgrade your libgd2 packages.
Upgrade Instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.33-1.1sarge1.dsc
Size/MD5 checksum: 885 e389163781898504ec6e8e0018cd1fdd
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.33-1.1sarge1.diff.gz
Size/MD5 checksum: 260955 50e0aa54bda19f06041d78a5771c7fd1
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.33.orig.tar.gz
Size/MD5 checksum: 587617 be0a6d326cd8567e736fbc75df0a5c45
Architecture independent components:
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-dev_2.0.33-1.1sarge1_all.deb
Size/MD5 checksum: 128526 bcaaacf60733a35002b999f8851ce3a7
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.33-1.1sarge1_all.deb
Size/MD5 checksum: 128500 4ef28350291c173754332cc61cb54ba1
Alpha architecture:
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.33-1.1sarge1_alpha.deb
Size/MD5 checksum: 144914 65aa478f07315cb7e62ac6d91177b96d
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.33-1.1sarge1_alpha.deb
Size/MD5 checksum: 206668 8cded1b036579ebc7c62f1ac37824ac6
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.33-1.1sarge1_alpha.deb
Size/MD5 checksum: 357800 cc21def16f0e514da5d34c2f513b3daf
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.33-1.1sarge1_alpha.deb
Size/MD5 checksum: 208490 fa17839a6953dbd709eda8783be6ead1
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.33-1.1sarge1_alpha.deb
Size/MD5 checksum: 362160 0be347a2217d06fe7ef36b002ea7c9ca
AMD64 architecture:
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.33-1.1sarge1_amd64.deb
Size/MD5 checksum: 141774 1f54d14b016a5ad132998ff669226244
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.33-1.1sarge1_amd64.deb
Size/MD5 checksum: 196436 6ff8e6d85237e34ddd12c9aea85bd314
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.33-1.1sarge1_amd64.deb
Size/MD5 checksum: 337310 bfd77a6cdc6aaa1c64d6c4be1a8acea8
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.33-1.1sarge1_amd64.deb
Size/MD5 checksum: 198932 a084415f7c3dfc684569d626dd80aacb
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.33-1.1sarge1_amd64.deb
Size/MD5 checksum: 340294 8fdc6f33e6253346c4f853db61501a21
ARM architecture:
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.33-1.1sarge1_arm.deb
Size/MD5 checksum: 141374 b157ca4d44fffd20740c162535ca9e3f
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.33-1.1sarge1_arm.deb
Size/MD5 checksum: 188664 5b3a0e8dcb02e3fa83cb8a618a57c456
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.33-1.1sarge1_arm.deb
Size/MD5 checksum: 334316 74999431b3008c7f4820d0405a236c0f
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.33-1.1sarge1_arm.deb
Size/MD5 checksum: 191308 b29466e1a38e863dce0b1cdb535e3cfc
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.33-1.1sarge1_arm.deb
Size/MD5 checksum: 337536 761e0550e4d9343d2056dba350c1cd1f
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.33-1.1sarge1_i386.deb
Size/MD5 checksum: 141786 1cc957c1d1cb93e2d80c85d0c84dcfd1
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.33-1.1sarge1_i386.deb
Size/MD5 checksum: 191932 f66bc591f047503e80d107458e938416
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.33-1.1sarge1_i386.deb
Size/MD5 checksum: 328576 27953838b048aab48d4eee40fc630f6f
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.33-1.1sarge1_i386.deb
Size/MD5 checksum: 193690 580d72764e8b331f9be599b45894497d
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.33-1.1sarge1_i386.deb
Size/MD5 checksum: 330848 0c980ae4c5a0e93725175e69c7d8176f
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.33-1.1sarge1_ia64.deb
Size/MD5 checksum: 146290 a07f3ae8f234ca3e3b5e81eebf3c446d
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.33-1.1sarge1_ia64.deb
Size/MD5 checksum: 224272 c057fe07156af1945b9eab8909a28bec
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.33-1.1sarge1_ia64.deb
Size/MD5 checksum: 370376 6f8485a4f4d916d75dc21b20a113ad98
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.33-1.1sarge1_ia64.deb
Size/MD5 checksum: 227040 4983686be756f0fdd7ab03cf1cc9c195
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.33-1.1sarge1_ia64.deb
Size/MD5 checksum: 373400 896aaaaec2747772779073c837fe2d84
HP Precision architecture:
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.33-1.1sarge1_hppa.deb
Size/MD5 checksum: 143562 c4223c693e1a24336ddab5a92e3d019b
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.33-1.1sarge1_hppa.deb
Size/MD5 checksum: 204504 371343c96979ae3b6688a9471333dd20
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.33-1.1sarge1_hppa.deb
Size/MD5 checksum: 345608 267ea3ea2dedc6b7d1b991821eff0327
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.33-1.1sarge1_hppa.deb
Size/MD5 checksum: 207026 ad942c88f11286a44e9aac850fb10a3a
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.33-1.1sarge1_hppa.deb
Size/MD5 checksum: 348272 926ac97ade522d92be98fd0035536c45
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.33-1.1sarge1_m68k.deb
Size/MD5 checksum: 141456 1477bf288e99fa9bdf1640c828d7f1a5
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.33-1.1sarge1_m68k.deb
Size/MD5 checksum: 184864 9cde2fe10257ecaf581300e024dd7f0c
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.33-1.1sarge1_m68k.deb
Size/MD5 checksum: 323520 634a13523c02c7b831228c128fe320c8
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.33-1.1sarge1_m68k.deb
Size/MD5 checksum: 187018 b6fcadf304e52fa9e57ceb168e495156
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.33-1.1sarge1_m68k.deb
Size/MD5 checksum: 325634 44468789f4014425c7c84c62fdb07914
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.33-1.1sarge1_mips.deb
Size/MD5 checksum: 155774 5af80762b00f46f1f9fdc46a78941191
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.33-1.1sarge1_mips.deb
Size/MD5 checksum: 195396 c10d28c9f999639745c04889c0581516
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.33-1.1sarge1_mips.deb
Size/MD5 checksum: 344960 0b3bc47908a4f25ebb58b27c5e6fa730
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.33-1.1sarge1_mips.deb
Size/MD5 checksum: 198016 9fe5be1930a8f9ff4ab15b09aff626fb
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.33-1.1sarge1_mips.deb
Size/MD5 checksum: 347410 da9fb9aeb4c9891cb5dec62ca9263aaa
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.33-1.1sarge1_mipsel.deb
Size/MD5 checksum: 155772 58c478bc430bd49cece6e748218e6200
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.33-1.1sarge1_mipsel.deb
Size/MD5 checksum: 195330 ca975af25d3362ce4a4c9e19b1d27b50
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.33-1.1sarge1_mipsel.deb
Size/MD5 checksum: 344992 096e665346647e297e943684e7222e5f
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.33-1.1sarge1_mipsel.deb
Size/MD5 checksum: 197846 660f0ba2f884e249d5ffd7302f398a01
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.33-1.1sarge1_mipsel.deb
Size/MD5 checksum: 347270 69c4a6744e74455997a8228566a47f00
PowerPC architecture:
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.33-1.1sarge1_powerpc.deb
Size/MD5 checksum: 150276 46c99b85b1faf609147cc111b747841d
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.33-1.1sarge1_powerpc.deb
Size/MD5 checksum: 198830 c8168aa92f4008e2943893fa5ccae820
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.33-1.1sarge1_powerpc.deb
Size/MD5 checksum: 341538 505e633e80f425c8b9422e83997ac07c
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.33-1.1sarge1_powerpc.deb
Size/MD5 checksum: 200916 16d8a96a3fc3b28a7355680fedaef3e8
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.33-1.1sarge1_powerpc.deb
Size/MD5 checksum: 344206 47c92a9a5bbc22637f5fee0223034a97
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.33-1.1sarge1_s390.deb
Size/MD5 checksum: 142414 a30ad94d6ca809d519a088771b31fc1d
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.33-1.1sarge1_s390.deb
Size/MD5 checksum: 199456 c99ca505a026d2b7b01dea1eaeebc4a5
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.33-1.1sarge1_s390.deb
Size/MD5 checksum: 337702 c45bca23bef2f03a03a6e07e37757281
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.33-1.1sarge1_s390.deb
Size/MD5 checksum: 202030 34639f38ecfed22b1b1887a918516dce
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.33-1.1sarge1_s390.deb
Size/MD5 checksum: 341264 c510662e0889b70e73b8e76c568009e6
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.33-1.1sarge1_sparc.deb
Size/MD5 checksum: 141382 71ccad065f8a4a21ee8337537e732b90
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.33-1.1sarge1_sparc.deb
Size/MD5 checksum: 191428 aa0a6d650fb2eb6322d2582f7489ed73
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm-dev_2.0.33-1.1sarge1_sparc.deb
Size/MD5 checksum: 332436 26d15a5c68f2a47a5eccf4ba3b4980fb
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm_2.0.33-1.1sarge1_sparc.deb
Size/MD5 checksum: 194072 95aa9e357d5dd4f0105e1f7888b9bb4f
http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-xpm-dev_2.0.33-1.1sarge1_sparc.deb
Size/MD5 checksum: 334118 a6d05fae692cd60c72b231a78230a38a
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFEwP4VXm3vHE4uyloRAmsZAKDNNtLkk8pu74ItZ+FiwvNBCh8XtgCgodBY
aDbnxJJl5wHK/XslepqaJa0=
=vPD4
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Debian Security Advisory DSA 1115-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
July 21st, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : gnupg2
Vulnerability : integer overflow
Problem type : local (remote)
Debian-specific: no
CVE ID : CVE-2006-3082
Evgeny Legerov discovered that gnupg, the GNU privacy guard, a free
PGP replacement contains an integer overflow that can cause a
segmentation fault and possibly overwrite memory via a large user ID
strings.
For the stable distribution (sarge) this problem has been fixed in
version 1.4.1-1.sarge4 of GnuPG and in version 1.9.15-6sarge1 of GnuPG2.
For the unstable distribution (sid) this problem has been fixed in
version 1.4.3-2 of GnuPG, a fix for GnuPG2 is pending.
We recommend that you upgrade your gnupg package.
Upgrade Instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1.dsc
Size/MD5 checksum: 854 d7f54b50b8c569566cfe0b865ec20323
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1.diff.gz
Size/MD5 checksum: 1859944 fbb56cbacfb82fb5666646bed3dd2944
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15.orig.tar.gz
Size/MD5 checksum: 5454978 ee3885e2c74a9c1ae539d6f12091c30b
Alpha architecture:
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_alpha.deb
Size/MD5 checksum: 112318 e806b0cedb8ed0914e6e035d042acdd0
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_alpha.deb
Size/MD5 checksum: 886212 1763f96899b22f286232871b9b085ed6
http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_alpha.deb
Size/MD5 checksum: 453430 6dfaaea879aa17fc0dd623889a983507
AMD64 architecture:
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_amd64.deb
Size/MD5 checksum: 98464 cafa5d36dbcb21d795b6372c8293d6f8
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_amd64.deb
Size/MD5 checksum: 774560 96bf1b958e560fe17d632c26c38d9efc
http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_amd64.deb
Size/MD5 checksum: 385700 4b2b4ddc50eaf51b5701d7d47e1c9b3c
ARM architecture:
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_arm.deb
Size/MD5 checksum: 87318 d72f15b0cef0d127af34819d3ca5f14a
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_arm.deb
Size/MD5 checksum: 712814 22e92a7324e81906493140954172d5bf
http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_arm.deb
Size/MD5 checksum: 339666 1d23cfebbe8e6c7396aeff77eb9c8820
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_i386.deb
Size/MD5 checksum: 90042 0e930e3cdcb129f1a442299f4d0540e3
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_i386.deb
Size/MD5 checksum: 731422 9a9f643a1dbc83c6b3f3dd9bfffe0a52
http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_i386.deb
Size/MD5 checksum: 351906 8282625e16ac625f67e38f39ff107652
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_ia64.deb
Size/MD5 checksum: 130298 2eedf4cf8372007857433ca639524d9b
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_ia64.deb
Size/MD5 checksum: 1026226 e782e4b34a5b92e8096d2654b2cc5a4c
http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_ia64.deb
Size/MD5 checksum: 539910 20467693f439c077a70084dc3a97013c
HP Precision architecture:
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_hppa.deb
Size/MD5 checksum: 100568 8196f49a542cafff2df799dcf01aec82
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_hppa.deb
Size/MD5 checksum: 794658 51ccc9c508247dd4f420f6cf6573aac2
http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_hppa.deb
Size/MD5 checksum: 393956 18059987ad743bf9af518acc89657417
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_m68k.deb
Size/MD5 checksum: 82140 1fba5cdda78f5f5deca9627a85c04c57
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_m68k.deb
Size/MD5 checksum: 669532 92a8750d7d53e87a6400dc0dbb3d09d6
http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_m68k.deb
Size/MD5 checksum: 311950 f1a33648d91e20d5b844f5c7f7da57a9
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_mips.deb
Size/MD5 checksum: 100504 7d791fe14e51c77d2332f56a381cf271
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_mips.deb
Size/MD5 checksum: 788588 bdec126011eee7c8d8d72eca6cfdcdc4
http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_mips.deb
Size/MD5 checksum: 395058 655dc54c72b2c0179d10c47b2f5860dd
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_mipsel.deb
Size/MD5 checksum: 100978 56b72587ce25c10b5dcc088a15909fe0
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_mipsel.deb
Size/MD5 checksum: 790238 e607d5e8afa7a8302f53445617d0c8b8
http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_mipsel.deb
Size/MD5 checksum: 396254 470e2d93f2648e2cf6608324c1500d22
PowerPC architecture:
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_powerpc.deb
Size/MD5 checksum: 95574 d69613b8feaec3e719a6d41e01c6bbb0
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_powerpc.deb
Size/MD5 checksum: 769188 bb1d47b585a6ba73ec3ab5733c2bd9e5
http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_powerpc.deb
Size/MD5 checksum: 377318 62c7a186f295f33911233ecbe59df6b3
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_s390.deb
Size/MD5 checksum: 98696 d105f1f4f8b7f622b2353e01bccf8f60
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_s390.deb
Size/MD5 checksum: 766416 b697db437ddd9c6d66c18244b0730ef7
http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_s390.deb
Size/MD5 checksum: 384736 956245edec30fd206a7e63f58139937b
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_sparc.deb
Size/MD5 checksum: 89540 cbcc2a2dcc603baf6632446fcee75f6a
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_sparc.deb
Size/MD5 checksum: 720868 97a6fd87caaf94c0d1ff3eb87f35b7cf
http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_sparc.deb
Size/MD5 checksum: 345146 51a1a825f01eff2085b2fddaa4394432
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFEwKOpW5ql+IAeqTIRAiLTAJ0a8FOKbD3hcaex0+g+Gp4Vuii6wQCfT5xu
gOIIm+WxL58JENjuO0Jy2nU=
=ug37
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Debian Security Advisory DSA 1114-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
July 21st, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : hashcash
Vulnerability : buffer overflow
Problem type : local (remote)
Debian-specific: no
CVE ID : CVE-2006-3251
BugTraq ID : 18659
Debian Bug : 376444
Andreas Seltenreich discovered a buffer overflow in hashcash, a
postage payment scheme for email that is based on hash calculations,
which could allow attackers to execute arbitrary code via specially
crafted entries.
For the stable distribution (sarge) this problem has been fixed in
version 1.17-1sarge1.
For the unstable distribution (sid) this problem has been fixed in
version 1.21-1.
We recommend that you upgrade your hashcash package.
Upgrade Instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/h/hashcash/hashcash_1.17-1sarge1.dsc
Size/MD5 checksum: 571 0e6e1272eaec884fa66ae84e962f51cc
http://security.debian.org/pool/updates/main/h/hashcash/hashcash_1.17-1sarge1.diff.gz
Size/MD5 checksum: 3604 bb43fcc72e1c40cfd7e8a337902c7c89
http://security.debian.org/pool/updates/main/h/hashcash/hashcash_1.17.orig.tar.gz
Size/MD5 checksum: 185522 9e5a8a35941c0cdccac93f41bd943593
Alpha architecture:
http://security.debian.org/pool/updates/main/h/hashcash/hashcash_1.17-1sarge1_alpha.deb
Size/MD5 checksum: 168504 b0ee6dc37c1fbcc9d9084cecfbb9f5e6
AMD64 architecture:
http://security.debian.org/pool/updates/main/h/hashcash/hashcash_1.17-1sarge1_amd64.deb
Size/MD5 checksum: 131586 34e12310aa9e4c8016df21af7c5ee4f0
ARM architecture:
http://security.debian.org/pool/updates/main/h/hashcash/hashcash_1.17-1sarge1_arm.deb
Size/MD5 checksum: 129036 8ef6ad2e6f6ce729893381aa72a6af77
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/h/hashcash/hashcash_1.17-1sarge1_i386.deb
Size/MD5 checksum: 125388 f478094512ce7fbcc0ea7f43c7942cda
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/h/hashcash/hashcash_1.17-1sarge1_ia64.deb
Size/MD5 checksum: 180272 aa2465a8d3209bc7f60966c8077fba2f
HP Precision architecture:
http://security.debian.org/pool/updates/main/h/hashcash/hashcash_1.17-1sarge1_hppa.deb
Size/MD5 checksum: 148194 2bf6d28a30e6f287b9f92ff7aad958db
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/h/hashcash/hashcash_1.17-1sarge1_m68k.deb
Size/MD5 checksum: 113598 09d1c3002b95945e66464de441bd6875
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/h/hashcash/hashcash_1.17-1sarge1_mips.deb
Size/MD5 checksum: 153776 fbd29b41912a027feec7cf0c10c858c9
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/h/hashcash/hashcash_1.17-1sarge1_mipsel.deb
Size/MD5 checksum: 153382 2d231cd9aecdd9751c0dc1981c77b652
PowerPC architecture:
http://security.debian.org/pool/updates/main/h/hashcash/hashcash_1.17-1sarge1_powerpc.deb
Size/MD5 checksum: 140396 1e2bf003d9165dc91558d9a4109c48b3
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/h/hashcash/hashcash_1.17-1sarge1_s390.deb
Size/MD5 checksum: 139680 57adea417e98c12c7e1512b00e40148c
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/h/hashcash/hashcash_1.17-1sarge1_sparc.deb
Size/MD5 checksum: 156978 1fd5a5647dfb17bb223b783561f1e95e
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFEwHcHW5ql+IAeqTIRAmqLAJ49YWqUmYOxF2a8CX9QBl18h6VUqACgiCop
zgROFIHhcFSw5m6XcPv13Qg=
=y65P
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Debian Security Advisory DSA 1116-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
July 21st, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : gimp
Vulnerability : buffer overflow
Problem-Type : local(remote)
Debian-specific: no
CVE ID : CVE-2006-3404
Debian Bug : 377049
Henning Makholm discovered a buffer overflow in the XCF loading code
of Gimp, an image editing program. Opening a specially crafted XCF
image might cause the application to execute arbitrary code.
For the stable distribution (sarge) this problem has been fixed in
version 2.2.6-1sarge1.
For the unstable distribution (sid) this problem has been fixed in
version 2.2.11-3.1.
We recommend that you upgrade your gimp package.
Upgrade Instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6-1sarge1.dsc
Size/MD5 checksum: 1089 979559b33614105fa58413378d7c204b
http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6-1sarge1.diff.gz
Size/MD5 checksum: 26122 c56e7ce33568fa577bb965d91a5c9e1c
http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6.orig.tar.gz
Size/MD5 checksum: 20496404 a6450200858c59bb46ace6987f1fc6ee
Architecture independent components:
http://security.debian.org/pool/updates/main/g/gimp/gimp-data_2.2.6-1sarge1_all.deb
Size/MD5 checksum: 6276584 013c82da61ca8f0c34e7b02995f9a2dc
http://security.debian.org/pool/updates/main/g/gimp/gimp1.2_2.2.6-1sarge1_all.deb
Size/MD5 checksum: 31674 f5bf9b1c4d272b6d6a293da92ff1b4cc
http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0-doc_2.2.6-1sarge1_all.deb
Size/MD5 checksum: 514958 5dcc11d084fd4e79e055493205cded03
Alpha architecture:
http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6-1sarge1_alpha.deb
Size/MD5 checksum: 3872520 f14c5800c1bb4da15eef57a6c9122c61
http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_alpha.deb
Size/MD5 checksum: 44970 2476f295f24498674678c8f21b35f26f
http://security.debian.org/pool/updates/main/g/gimp/gimp-python_2.2.6-1sarge1_alpha.deb
Size/MD5 checksum: 126646 244ae4e14a57803e0e04eed254ee845b
http://security.debian.org/pool/updates/main/g/gimp/gimp-svg_2.2.6-1sarge1_alpha.deb
Size/MD5 checksum: 44794 5cc2a15a835d6649bbebdd068beaf5d3
http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0_2.2.6-1sarge1_alpha.deb
Size/MD5 checksum: 576492 bf73a2b8130cc7a945cdcccb0546ce0b
http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0-dev_2.2.6-1sarge1_alpha.deb
Size/MD5 checksum: 98262 7ff13a929c089f127fd29836f780dd38
AMD64 architecture:
http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6-1sarge1_amd64.deb
Size/MD5 checksum: 3266104 17d46a5010fb7451f6dfbd783caf73e6
http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_amd64.deb
Size/MD5 checksum: 43722 0956d860d60ff4394ca0c9b9aac2957f
http://security.debian.org/pool/updates/main/g/gimp/gimp-python_2.2.6-1sarge1_amd64.deb
Size/MD5 checksum: 122012 61a1ca703333bfad94692943c0e6ba86
http://security.debian.org/pool/updates/main/g/gimp/gimp-svg_2.2.6-1sarge1_amd64.deb
Size/MD5 checksum: 43464 496e21eff61fedf892eb2f8a52e92857
http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0_2.2.6-1sarge1_amd64.deb
Size/MD5 checksum: 543840 224ea85332d7e525aafa14cb1a639614
http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0-dev_2.2.6-1sarge1_amd64.deb
Size/MD5 checksum: 98234 a9f687bb252e9adbc91f81b67e42d3d9
ARM architecture:
http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6-1sarge1_arm.deb
Size/MD5 checksum: 2938416 b0901f13d679d1bb41e91c56f22c41d8
http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_arm.deb
Size/MD5 checksum: 41934 042f39449706ba1362676520935d98a0
http://security.debian.org/pool/updates/main/g/gimp/gimp-python_2.2.6-1sarge1_arm.deb
Size/MD5 checksum: 114028 d3adb0e677eee5f8484674f1ec29ef11
http://security.debian.org/pool/updates/main/g/gimp/gimp-svg_2.2.6-1sarge1_arm.deb
Size/MD5 checksum: 42280 2300ed4a4de2537e30ad4f4df2cf540d
http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0_2.2.6-1sarge1_arm.deb
Size/MD5 checksum: 507710 0592a4510f85ebb8c03e74cb2d410d95
http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0-dev_2.2.6-1sarge1_arm.deb
Size/MD5 checksum: 98332 57de081bea0749832e5c82e6cbdb28e9
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6-1sarge1_i386.deb
Size/MD5 checksum: 3087556 d4a3d583f932d75e1c49f72a32e9de56
http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_i386.deb
Size/MD5 checksum: 42692 35dedb9373d46897709de62a6ba56f22
http://security.debian.org/pool/updates/main/g/gimp/gimp-python_2.2.6-1sarge1_i386.deb
Size/MD5 checksum: 117012 0a76a982e406a236658882f2dabdf464
http://security.debian.org/pool/updates/main/g/gimp/gimp-svg_2.2.6-1sarge1_i386.deb
Size/MD5 checksum: 43238 4e585d74f341874b8a31aad60d246caf
http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0_2.2.6-1sarge1_i386.deb
Size/MD5 checksum: 521758 bc33f00f99995ffd91ff9bb84c83c4c1
http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0-dev_2.2.6-1sarge1_i386.deb
Size/MD5 checksum: 98248 a7d5db0fdf8401bdaef4a9266db6c705
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6-1sarge1_ia64.deb
Size/MD5 checksum: 4581614 af2d82f8c7d4373286f6872709d8bca4
http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_ia64.deb
Size/MD5 checksum: 46600 9186a0e6efb81e461d725fa761694f07
http://security.debian.org/pool/updates/main/g/gimp/gimp-python_2.2.6-1sarge1_ia64.deb
Size/MD5 checksum: 135808 7fa53fef4e3772b8f3087e9c5e37e5a0
http://security.debian.org/pool/updates/main/g/gimp/gimp-svg_2.2.6-1sarge1_ia64.deb
Size/MD5 checksum: 46852 24434b0212a6792901bc9e2fbbd2bb1f
http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0_2.2.6-1sarge1_ia64.deb
Size/MD5 checksum: 632324 c4335842b443c43c0dbe68797264d943
http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0-dev_2.2.6-1sarge1_ia64.deb
Size/MD5 checksum: 98240 f07c6a9cd8f7941ff7fd4a93589f7973
HP Precision architecture:
http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6-1sarge1_hppa.deb
Size/MD5 checksum: 3468190 e9a04a87c97ee78815a3e332dbcccff8
http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_hppa.deb
Size/MD5 checksum: 43394 fed2f6e699416c5a03c1d3a130554418
http://security.debian.org/pool/updates/main/g/gimp/gimp-python_2.2.6-1sarge1_hppa.deb
Size/MD5 checksum: 125686 19e8ee051e193546d55788c7b3fb1e7d
http://security.debian.org/pool/updates/main/g/gimp/gimp-svg_2.2.6-1sarge1_hppa.deb
Size/MD5 checksum: 43720 b4c52c60b267751689bc57fe7f1e3ded
http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0_2.2.6-1sarge1_hppa.deb
Size/MD5 checksum: 583078 bda2acb1a3b23edcd435730ea9c6cd0c
http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0-dev_2.2.6-1sarge1_hppa.deb
Size/MD5 checksum: 98302 618bf48bcfe82ee886ad1ec2c9da8746
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6-1sarge1_m68k.deb
Size/MD5 checksum: 2697910 e90af18d0136fbf8d60e2089bac3dbc0
http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_m68k.deb
Size/MD5 checksum: 42302 6cffc71d58aa261293428323840eadfa
http://security.debian.org/pool/updates/main/g/gimp/gimp-python_2.2.6-1sarge1_m68k.deb
Size/MD5 checksum: 118392 e533fe00cf69d53713fea16f7c3c351b
http://security.debian.org/pool/updates/main/g/gimp/gimp-svg_2.2.6-1sarge1_m68k.deb
Size/MD5 checksum: 42140 b77201f3a42f7be876c13ce803833891
http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0_2.2.6-1sarge1_m68k.deb
Size/MD5 checksum: 520078 29e62d2417f9d4bd266e81a65e4d5201
http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0-dev_2.2.6-1sarge1_m68k.deb
Size/MD5 checksum: 98478 fe3705144e976a25c49330f2d0f958ab
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6-1sarge1_mips.deb
Size/MD5 checksum: 3448914 3236ee1f78e5d6a30cece944ea1c149e
http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_mips.deb
Size/MD5 checksum: 42690 e3a903955904332f1d6e14341de5c55d
http://security.debian.org/pool/updates/main/g/gimp/gimp-python_2.2.6-1sarge1_mips.deb
Size/MD5 checksum: 116280 4e4425ac5ccf0f7923aaa33817f4d3a9
http://security.debian.org/pool/updates/main/g/gimp/gimp-svg_2.2.6-1sarge1_mips.deb
Size/MD5 checksum: 42960 8b6f4e92ed5b881e74fca99c4eac478f
http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0_2.2.6-1sarge1_mips.deb
Size/MD5 checksum: 524600 978e3ab35f44bd1e516ded87d0fa1a11
http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0-dev_2.2.6-1sarge1_mips.deb
Size/MD5 checksum: 98256 b34836f926dea9bc7855c4fec1313db2
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6-1sarge1_mipsel.deb
Size/MD5 checksum: 3445558 fa88e0923517217e1ebc47dcc9e13e91
http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_mipsel.deb
Size/MD5 checksum: 42626 7df6dd0e0bcf0fd800b603ff62b088e4
http://security.debian.org/pool/updates/main/g/gimp/gimp-python_2.2.6-1sarge1_mipsel.deb
Size/MD5 checksum: 115598 f5e2fa780ab32a0e8d192209f42cf22c
http://security.debian.org/pool/updates/main/g/gimp/gimp-svg_2.2.6-1sarge1_mipsel.deb
Size/MD5 checksum: 42882 8f2c5ead0311336fe8f9d5f73840bd66
http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0_2.2.6-1sarge1_mipsel.deb
Size/MD5 checksum: 522138 172dad30e71dacab1aaedfbe2b9ab404
http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0-dev_2.2.6-1sarge1_mipsel.deb
Size/MD5 checksum: 98268 b7ad697195e7a622d584caef468bf24b
PowerPC architecture:
http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6-1sarge1_powerpc.deb
Size/MD5 checksum: 3341118 c3bd01a81f343030030f7285fd35a9a2
http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_powerpc.deb
Size/MD5 checksum: 43938 66f8bf50052e465ab6306c0f93441fc1
http://security.debian.org/pool/updates/main/g/gimp/gimp-python_2.2.6-1sarge1_powerpc.deb
Size/MD5 checksum: 118214 7b22438747c7d7eb3ff1112607f36942
http://security.debian.org/pool/updates/main/g/gimp/gimp-svg_2.2.6-1sarge1_powerpc.deb
Size/MD5 checksum: 44314 1452917365ca44d0849fd8783d5dc2b9
http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0_2.2.6-1sarge1_powerpc.deb
Size/MD5 checksum: 539510 17896bbe9f778c125eed47e96f2582b0
http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0-dev_2.2.6-1sarge1_powerpc.deb
Size/MD5 checksum: 98282 c0c35190756c7bc71306d9e32e20770e
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6-1sarge1_s390.deb
Size/MD5 checksum: 3134704 5e3ee587e3af969dbe6b2acf8add98a6
http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_s390.deb
Size/MD5 checksum: 43896 17adcff9df203fcee2a2eccb4a7a78f6
http://security.debian.org/pool/updates/main/g/gimp/gimp-python_2.2.6-1sarge1_s390.deb
Size/MD5 checksum: 123904 b0f18ce58f5eb93fa64033b82b64f192
http://security.debian.org/pool/updates/main/g/gimp/gimp-svg_2.2.6-1sarge1_s390.deb
Size/MD5 checksum: 43512 5ec341436fcf87c883a7bdff50eba154
http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0_2.2.6-1sarge1_s390.deb
Size/MD5 checksum: 555508 eb2c9b65d19b333113a216499ca5b429
http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0-dev_2.2.6-1sarge1_s390.deb
Size/MD5 checksum: 98226 1883143a487595484af2def276b08017
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6-1sarge1_sparc.deb
Size/MD5 checksum: 2929592 ab276607e00e8159b855d2d3ddbd7f49
http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_sparc.deb
Size/MD5 checksum: 42236 0a2217eeb70903e12052b4111aac2c1d
http://security.debian.org/pool/updates/main/g/gimp/gimp-python_2.2.6-1sarge1_sparc.deb
Size/MD5 checksum: 116426 3eac44e9e3e28330e075385b1197a984
http://security.debian.org/pool/updates/main/g/gimp/gimp-svg_2.2.6-1sarge1_sparc.deb
Size/MD5 checksum: 42440 464fe9823e9544cce55688ed1840bd38
http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0_2.2.6-1sarge1_sparc.deb
Size/MD5 checksum: 527522 ea220cad0822aaf7f580c0ad76f44cb2
http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0-dev_2.2.6-1sarge1_sparc.deb
Size/MD5 checksum: 98290 b543cfe8b332246e3e33c4d785fa8957
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFEwP3pXm3vHE4uyloRAhpFAKCCOZdjTM6ucq4eMsCnjuwL9NLBkgCcCkzh
Fb/SjYzkUD0JG41kcwYFgGM=
=MFLL
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Debian Security Advisory DSA 1118-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
July 22nd, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : mozilla
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE IDs : CVE-2006-1942 CVE-2006-2775 CVE-2006-2776 CVE-2006-2777
CVE-2006-2778 CVE-2006-2779 CVE-2006-2780 CVE-2006-2781
CVE-2006-2782 CVE-2006-2783 CVE-2006-2784 CVE-2006-2785
CVE-2006-2786 CVE-2006-2787
CERT advisories: VU#237257 VU#243153 VU#421529 VU#466673 VU#575969
BugTraq ID : 18228
Several security related problems have been discovered in Mozilla.
The Common Vulnerabilities and Exposures project identifies the
following vulnerabilities:
CVE-2006-1942
Eric Foley discovered that a user can be tricked to expose a local
file to a remote attacker by displaying a local file as image in
connection with other vulnerabilities. [MFSA-2006-39]
CVE-2006-2775
XUL attributes are associated with the wrong URL under certain
circumstances, which might allow remote attackers to bypass
restrictions. [MFSA-2006-35]
CVE-2006-2776
Paul Nickerson discovered that content-defined setters on an
object prototype were getting called by privileged user interface
code, and "moz_bug_r_a4" demonstrated that the higher privilege
level could be passed along to the content-defined attack code.
[MFSA-2006-37]
CVE-2006-2777
A vulnerability allows remote attackers to execute arbitrary code
and create notifications that are executed in a privileged
context. [MFSA-2006-43]
CVE-2006-2778
Mikolaj Habryn a buffer overflow in the crypto.signText function
that allows remote attackers to execute arbitrary code via certain
optional Certificate Authority name arguments. [MFSA-2006-38]
CVE-2006-2779
Mozilla team members discovered several crashes during testing of
the browser engine showing evidence of memory corruption which may
also lead to the execution of arbitrary code. This problem has
only partially been corrected. [MFSA-2006-32]
CVE-2006-2780
An integer overflow allows remote attackers to cause a denial of
service and may permit the execution of arbitrary code.
[MFSA-2006-32]
CVE-2006-2781
Masatoshi Kimura discovered a double-free vulnerability that
allows remote attackers to cause a denial of service and possibly
execute arbitrary code via a VCard. [MFSA-2006-40]
CVE-2006-2782
Chuck McAuley discovered that a text input box can be pre-filled
with a filename and then turned into a file-upload control,
allowing a malicious website to steal any local file whose name
they can guess. [MFSA-2006-41, MFSA-2006-23, CVE-2006-1729]
CVE-2006-2783
Masatoshi Kimura discovered that the Unicode Byte-order-Mark (BOM)
is stripped from UTF-8 pages during the conversion to Unicode
before the parser sees the web page, which allows remote attackers
to conduct cross-site scripting (XSS) attacks. [MFSA-2006-42]
CVE-2006-2784
Paul Nickerson discovered that the fix for CAN-2005-0752 can be
bypassed using nested javascript: URLs, allowing the attacker to
execute privileged code. [MFSA-2005-34, MFSA-2006-36]
CVE-2006-2785
Paul Nickerson demonstrated that if an attacker could convince a
user to right-click on a broken image and choose "View Image" from
the context menu then he could get JavaScript to
run. [MFSA-2006-34]
CVE-2006-2786
Kazuho Oku discovered that Mozilla's lenient handling of HTTP
header syntax may allow remote attackers to trick the browser to
interpret certain responses as if they were responses from two
different sites. [MFSA-2006-33]
CVE-2006-2787
The Mozilla researcher "moz_bug_r_a4" discovered that JavaScript
run via EvalInSandbox can escape the sandbox and gain elevated
privilege. [MFSA-2006-31]
For the stable distribution (sarge) these problems have been fixed in
version 1.7.8-1sarge7.1
For the unstable distribution (sid) these problems have been fixed in
version 1.7.13-0.3.
We recommend that you upgrade your Mozilla packages.
Upgrade Instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.1.dsc
Size/MD5 checksum: 1127 473562c669e27793809fd76034b5e9de
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.1.diff.gz
Size/MD5 checksum: 498361 6d4f73fb299451760cbf05974d36753a
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8.orig.tar.gz
Size/MD5 checksum: 30589520 13c0f0331617748426679e8f2e9f537a
Alpha architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.1_alpha.deb
Size/MD5 checksum: 168076 9478bc76f4c4dac2cfa1adc51c599e71
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.1_alpha.deb
Size/MD5 checksum: 147050 34ab8e06aeb3d46f150b0099a29b8c2b
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.1_alpha.deb
Size/MD5 checksum: 184960 ec9526c058ec2a9629fa16a2c7b0f286
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.1_alpha.deb
Size/MD5 checksum: 856618 515d873622c67d0cf1b155f85187935c
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.1_alpha.deb
Size/MD5 checksum: 1040 a12e4c5754cf581aa6aab5dd4a1388ec
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.1_alpha.deb
Size/MD5 checksum: 11481282 52de66676dea443b4426cb0e24703a57
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.1_alpha.deb
Size/MD5 checksum: 403306 efe2822cd3109126a096e4c19bb61f6e
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.1_alpha.deb
Size/MD5 checksum: 158336 490cc71ffff457bd6f600ef3d7ab9b4b
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.1_alpha.deb
Size/MD5 checksum: 3358246 5bf68f7988b64ef4175768d92829dccc
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.1_alpha.deb
Size/MD5 checksum: 122294 6c36e2cec285b6ec28b3115aaa8cfdb1
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.1_alpha.deb
Size/MD5 checksum: 204170 d02d474bf40b4a0adc41e58cbb0f71aa
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.1_alpha.deb
Size/MD5 checksum: 1937112 be8a8005f99506a3e9188672c3f70e57
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.1_alpha.deb
Size/MD5 checksum: 212298 96d4c738772a42501805fd1cfb2a6336
AMD64 architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.1_amd64.deb
Size/MD5 checksum: 168070 841b4f6d14d55a8e37ea9fe2d4b8508b
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.1_amd64.deb
Size/MD5 checksum: 146154 b17bbe57b0a30c4698f5c883984d552e
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.1_amd64.deb
Size/MD5 checksum: 184950 342427477e9db97c2d663a3b7620c1ea
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.1_amd64.deb
Size/MD5 checksum: 714978 bbf6e26c728df94a6bdb8e19b22dae5b
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.1_amd64.deb
Size/MD5 checksum: 1036 4f0379f9ae6b0edf6eb5fbf4977f9d6e
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.1_amd64.deb
Size/MD5 checksum: 10946160 f7e344cd5bbcc6f1d06b314be572ffd2
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.1_amd64.deb
Size/MD5 checksum: 403294 675c774981cadd3d695cc7fa498d2046
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.1_amd64.deb
Size/MD5 checksum: 158330 387195d0b8a6fd9acf4b1a2c8d0d70d8
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.1_amd64.deb
Size/MD5 checksum: 3352180 f896a49299904f8082ccc96ff85ac40e
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.1_amd64.deb
Size/MD5 checksum: 121192 df4ef46b4940ecd65ae9cdc140cca1bf
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.1_amd64.deb
Size/MD5 checksum: 204170 cdd080115be04ac72473181ce622caf1
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.1_amd64.deb
Size/MD5 checksum: 1936006 002755bffa9cbb1a943a4a81d04f362b
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.1_amd64.deb
Size/MD5 checksum: 204400 61fe98f12d92139d157dd672ca6513c8
ARM architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.1_arm.deb
Size/MD5 checksum: 168074 1de16d4b8435fe420a7883dc7d51c910
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.1_arm.deb
Size/MD5 checksum: 124492 d138a37a746f6fa32bd574f34fdaaefe
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.1_arm.deb
Size/MD5 checksum: 184960 30851d8827b6061465d370ba42d4ccff
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.1_arm.deb
Size/MD5 checksum: 632198 79ce23ade76fcc6cb789053d801c904f
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.1_arm.deb
Size/MD5 checksum: 1036 e0a0373f1cdf7ecf8f176bbbc4e23d18
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.1_arm.deb
Size/MD5 checksum: 9212808 1dbb7f756a25a96e9057ef8f96d05805
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.1_arm.deb
Size/MD5 checksum: 403314 07dad23f621d6e3be785ba0fb5a29763
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.1_arm.deb
Size/MD5 checksum: 158366 176eede20a70a9ac2a61282b7bc45b01
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.1_arm.deb
Size/MD5 checksum: 3341712 0904389fef700da0f4664d4bceb28717
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.1_arm.deb
Size/MD5 checksum: 112672 8797efa5f068220b587eaac7818cccdc
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.1_arm.deb
Size/MD5 checksum: 204178 75382868b592a542b00e6b6441591a3b
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.1_arm.deb
Size/MD5 checksum: 1604452 34e908e017cf40549741c227acc78b50
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.1_arm.deb
Size/MD5 checksum: 168866 ed9894b18f51f745750ad28fa47aba1f
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.1_i386.deb
Size/MD5 checksum: 170346 5956d005059fd107818f8035fa9ffbf2
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.1_i386.deb
Size/MD5 checksum: 136984 5a5c0d8e7e0614ee02c182983e8d8656
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.1_i386.deb
Size/MD5 checksum: 187138 74f8739619d8ae81b1fe30d0668b8a58
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.1_i386.deb
Size/MD5 checksum: 661744 74ebef87c001e89d4a2e8d45c9910e13
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.1_i386.deb
Size/MD5 checksum: 1032 8f01d06ab6028c5b908dd5594e1d1c14
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.1_i386.deb
Size/MD5 checksum: 10336772 e281b8fb2b04eb6f788654557efb8f94
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.1_i386.deb
Size/MD5 checksum: 403504 5db7402ffdb5b6523fa43d1c89944907
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.1_i386.deb
Size/MD5 checksum: 158352 a8a7f9c96a21287704a76ff3e5455335
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.1_i386.deb
Size/MD5 checksum: 3594164 db6a4633ec5db81ce6e0bd1d9bf95193
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.1_i386.deb
Size/MD5 checksum: 116702 fade783b8720425b0f05004c6d9632ef
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.1_i386.deb
Size/MD5 checksum: 204170 e173db0beb2598ea64ac80262b8043e4
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.1_i386.deb
Size/MD5 checksum: 1816096 10fd0769547b8342fcf833182c66f7cd
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.1_i386.deb
Size/MD5 checksum: 192634 9f757a02bfa0e741b4d131191ac3bed1
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.1_ia64.deb
Size/MD5 checksum: 168076 7caf0acd02827f3259cc523d24882267
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.1_ia64.deb
Size/MD5 checksum: 174472 c8fbf63229bf8f13e1e51419a917da78
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.1_ia64.deb
Size/MD5 checksum: 184950 8305ace7fb5c15b17da7cbd94ac114be
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.1_ia64.deb
Size/MD5 checksum: 966902 6f09c27be295615d6724ec4e82c8682c
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.1_ia64.deb
Size/MD5 checksum: 1036 8d0589021091a859a4fe1a8784cf2b84
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.1_ia64.deb
Size/MD5 checksum: 12948914 25e2e3b61f3212b5e69fb8db376dea1c
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.1_ia64.deb
Size/MD5 checksum: 403298 00cd58b07f32fb9b33cdf3f9138ff48d
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.1_ia64.deb
Size/MD5 checksum: 158334 c03b2a84ab5db4574bce186a934bb61c
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.1_ia64.deb
Size/MD5 checksum: 3377948 0ae22412a7c6766cc74b84578f029da0
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.1_ia64.deb
Size/MD5 checksum: 125598 a853f9be2fef52df2b7537a56a4762ca
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.1_ia64.deb
Size/MD5 checksum: 204160 d6c4e9801cb584fa974ec2843d4e7dde
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.1_ia64.deb
Size/MD5 checksum: 2302302 8d6e65e606882e9a9f29eae5ecdc0505
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.1_ia64.deb
Size/MD5 checksum: 242684 1c59d2b14cf73625549222c27feec305
HP Precision architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.1_hppa.deb
Size/MD5 checksum: 168076 5626cf0a12a7d9993ab65840ac71b2e4
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.1_hppa.deb
Size/MD5 checksum: 157080 ae8769ba33d1f7b1c55db5af74322108
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.1_hppa.deb
Size/MD5 checksum: 184966 653cf87074a4392f1103f333b8f385a4
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.1_hppa.deb
Size/MD5 checksum: 754910 5c54ed3f028d4fca725c43f17aac7472
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.1_hppa.deb
Size/MD5 checksum: 1038 b21e02e210697770a13094757afdb343
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.1_hppa.deb
Size/MD5 checksum: 12164938 0710346051d9d6217a938faf1a6c3a5e
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.1_hppa.deb
Size/MD5 checksum: 403280 dec179a4a47c40e21b74e1015655a47a
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.1_hppa.deb
Size/MD5 checksum: 158346 0fbead0b5adfaf58475f3308ad5c7825
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.1_hppa.deb
Size/MD5 checksum: 3358624 8c0cbf705f20e694222dc2a2e558bf25
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.1_hppa.deb
Size/MD5 checksum: 123514 7d29aa30c3c525bfb3674200d0853f60
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.1_hppa.deb
Size/MD5 checksum: 204152 5f27c072d2b0cf7a88362b0ca86aa91f
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.1_hppa.deb
Size/MD5 checksum: 2135198 ca8cf38363e6fa41e3c58e0f6813bcec
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.1_hppa.deb
Size/MD5 checksum: 216176 dbf6f4e0538358e675fafb2215215ddb
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.1_m68k.deb
Size/MD5 checksum: 168090 2f9923cada81ee2792194134d5c8766c
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.1_m68k.deb
Size/MD5 checksum: 126174 a2d29b886d583dfeaecaf9140a98cbb1
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.1_m68k.deb
Size/MD5 checksum: 184976 07788d7940bceb772ee38b639fa06c90
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.1_m68k.deb
Size/MD5 checksum: 600262 57d23c1825ce20d9fdc7ed3c935e4822
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.1_m68k.deb
Size/MD5 checksum: 1044 6865b570c621d2715d90d55e72c18686
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.1_m68k.deb
Size/MD5 checksum: 9707812 039664d92d6585080245e56b31a495bc
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.1_m68k.deb
Size/MD5 checksum: 403372 80f8ea392f13f4a8615281ad17b45345
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.1_m68k.deb
Size/MD5 checksum: 158396 e11aa75979022c10ff540e9cca7da37e
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.1_m68k.deb
Size/MD5 checksum: 3336888 253879215a28c9c1611e1eab36739c69
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.1_m68k.deb
Size/MD5 checksum: 114490 e32e9948e3e8df554e2314c7e7851c86
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.1_m68k.deb
Size/MD5 checksum: 204220 56d85ed9b0439792035300fe5c3745e9
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.1_m68k.deb
Size/MD5 checksum: 1683110 5392bc875f07ce277f17a08558223d76
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.1_m68k.deb
Size/MD5 checksum: 174758 bd3bb602538e94bb672b67c80056aa51
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.1_mips.deb
Size/MD5 checksum: 168078 b716653d10d25308e460c0d15ce8c249
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.1_mips.deb
Size/MD5 checksum: 141006 e192f8087b16f7e17257aa63394def8f
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.1_mips.deb
Size/MD5 checksum: 184962 d2d6aaad54ee894ed00c678a856cd292
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.1_mips.deb
Size/MD5 checksum: 725986 e57f99d19cc017d3273eaa632cef1359
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.1_mips.deb
Size/MD5 checksum: 1040 2574a4694290c9c0b66900214389d13a
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.1_mips.deb
Size/MD5 checksum: 10729826 577b9c004ce4078826f9085cfef3f1b7
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.1_mips.deb
Size/MD5 checksum: 403284 e32ea6716c0102cbd6e7c2c738239555
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.1_mips.deb
Size/MD5 checksum: 158342 ac17f1b907adddaae579376411860fe6
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.1_mips.deb
Size/MD5 checksum: 3358078 c03e05906c6da5b7f06c8adfb9bf1bb5
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.1_mips.deb
Size/MD5 checksum: 117626 027b87aceadf873cadd52f5b5a6cdad2
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.1_mips.deb
Size/MD5 checksum: 204166 04db7ee6b1bcc0a7e286bd7aed2a46af
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.1_mips.deb
Size/MD5 checksum: 1795496 43c24c3da475b571baee65e6f97b3b72
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.1_mips.deb
Size/MD5 checksum: 189876 4515f5447d4d74104bac1b98a21741a9
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.1_mipsel.deb
Size/MD5 checksum: 168080 6b20701ae2005724d525421407997b34
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.1_mipsel.deb
Size/MD5 checksum: 140964 20d773802c88e422796b2b0d8657f269
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.1_mipsel.deb
Size/MD5 checksum: 184956 e696e6afa300237c1fe8bf9d24c25341
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.1_mipsel.deb
Size/MD5 checksum: 715454 ba7d908f470f0fe10912263bd88ffe27
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.1_mipsel.deb
Size/MD5 checksum: 1042 e660b635921248505a19c5bc4ad57698
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.1_mipsel.deb
Size/MD5 checksum: 10606956 9c45e8272bec9b1e40d18a577283d270
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.1_mipsel.deb
Size/MD5 checksum: 403302 fc7449f1c1aca3e3beb41743d5ddce15
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.1_mipsel.deb
Size/MD5 checksum: 158342 b357c21424e98e72a150cdc7ef285f36
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.1_mipsel.deb
Size/MD5 checksum: 3358814 9384ee1ae88d0ce5bfb9cf7419cf1fc4
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.1_mipsel.deb
Size/MD5 checksum: 117192 6cee62bb29d207039072c1f66b15693d
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.1_mipsel.deb
Size/MD5 checksum: 204166 02d9a75229f18b8222cbde0809763968
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.1_mipsel.deb
Size/MD5 checksum: 1777564 812da33649005f3e9c602b92e5198d0f
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.1_mipsel.deb
Size/MD5 checksum: 187450 50a81db8d3f8fb747b9641ebab1e44c2
PowerPC architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.1_powerpc.deb
Size/MD5 checksum: 168076 3ec22b357709447796939d749ee01918
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.1_powerpc.deb
Size/MD5 checksum: 131506 b23d3cb1d96dd102ea8e1a317611d9cf
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.1_powerpc.deb
Size/MD5 checksum: 184962 47e118b6e43ab5dd68edaaebb61a14a5
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.1_powerpc.deb
Size/MD5 checksum: 719212 2eb46acfdb0984316af95544d2a26586
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.1_powerpc.deb
Size/MD5 checksum: 1040 da38d40720821ab284ff921f8d14ac7b
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.1_powerpc.deb
Size/MD5 checksum: 9706108 c273d7531e0510262497b2b665025009
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.1_powerpc.deb
Size/MD5 checksum: 403278 909516b0d9bfbc46f3c0dd438bb02c29
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.1_powerpc.deb
Size/MD5 checksum: 158338 2de3e64ff4391b9db98838fac617dbf6
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.1_powerpc.deb
Size/MD5 checksum: 3340554 4253026847bdceca40ba1f7f8a77150a
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.1_powerpc.deb
Size/MD5 checksum: 114590 cf73e13daee899efb5d6cefb3e85c461
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.1_powerpc.deb
Size/MD5 checksum: 204148 3de97db7ab79ee5b688b62dc1132859c
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.1_powerpc.deb
Size/MD5 checksum: 1643042 52b9f55a9507da86f34ebda24e25ec12
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.1_powerpc.deb
Size/MD5 checksum: 175652 d7538c95e4ea1efaf76737a24b5e0388
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.1_s390.deb
Size/MD5 checksum: 168070 97ce8fcc52d581aa9608dbc327abbe8b
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.1_s390.deb
Size/MD5 checksum: 156822 008799a0d79ca556d878a20b96028354
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.1_s390.deb
Size/MD5 checksum: 184962 a3241679a42c7f8fe899e34ae7516981
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.1_s390.deb
Size/MD5 checksum: 799202 fbbf02a9624d975a1eaafdfaf025f885
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.1_s390.deb
Size/MD5 checksum: 1042 12f767e93775437d702d9ea31bed575c
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.1_s390.deb
Size/MD5 checksum: 11330344 442b98dd32a88fd33efa22d5d13bdd3e
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.1_s390.deb
Size/MD5 checksum: 403320 aa21f60bfc070223d8a6f5c78c4b0faf
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.1_s390.deb
Size/MD5 checksum: 158350 b0981f49d6b5639a4712e2a115599d6b
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.1_s390.deb
Size/MD5 checksum: 3353136 4576af9688c6fc5b4e7fe64deb11aead
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.1_s390.deb
Size/MD5 checksum: 121352 1c1672d0d0f3752a0195ee1ff33d8ec4
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.1_s390.deb
Size/MD5 checksum: 204158 a0a82c9fa992b839aaf60f9484fd9bc8
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.1_s390.deb
Size/MD5 checksum: 1944746 432f3f0fb2e1a429a51ddda422cc21cc
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.1_s390.deb
Size/MD5 checksum: 213482 f8bc5f9fa1e79b26ba22bb891e5b9b46
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.1_sparc.deb
Size/MD5 checksum: 168082 98bec9b3ad75652b9fa7f0c425a2deb2
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.1_sparc.deb
Size/MD5 checksum: 128722 9947038f2936e62834bfdd1b2672d497
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.1_sparc.deb
Size/MD5 checksum: 184962 4ffe137e0baebd3335718ac6936ca52b
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.1_sparc.deb
Size/MD5 checksum: 673000 696296101aefad3cdc6e41c39320f85a
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.1_sparc.deb
Size/MD5 checksum: 1038 e1e482e36d09311de2fb0416e068e070
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.1_sparc.deb
Size/MD5 checksum: 9376650 7b791062063db30e3a2f25436f410c01
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.1_sparc.deb
Size/MD5 checksum: 403280 15a8a8616423b988387abcf2a3089b93
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.1_sparc.deb
Size/MD5 checksum: 158336 2481b4d5956c4219f33a5c29d3125ed3
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.1_sparc.deb
Size/MD5 checksum: 3341556 4765e3947b3045730fb35f128ec8b30c
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.1_sparc.deb
Size/MD5 checksum: 112532 8b9d8d6fb0469b333837653684508c68
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.1_sparc.deb
Size/MD5 checksum: 204158 a46509b3f314a48cf5d0365dd999688a
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.1_sparc.deb
Size/MD5 checksum: 1583728 57ca973e877b3a718e5534537c94e468
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.1_sparc.deb
Size/MD5 checksum: 168012 2a402caa207ced1ede92416141a37ab9
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFEwibVW5ql+IAeqTIRAgCjAKCTna7EXWnfCae8ORnFtPat+ZZZjQCgqMIj
JsY39Lz2s/UBFnxveD7ud+8=
=ySjN
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Debian Security Advisory DSA 1119-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
July 22nd, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : hiki
Vulnerability : design flaw
Problem type : remote
Debian-specific: no
CVE ID : CVE-2006-3379
BugTraq ID : 18785
Debian Bug : 378059
Akira Tanaka discovered a vulnerability in Hiki Wiki, a Wiki engine
written in Ruby that allows remote attackers to cause a denial of
service via high CPU consumption using by performing a diff between
large and specially crafted Wiki pages.
For the stable distribution (sarge) this problem has been fixed in
version 0.6.5-2.
For the unstable distribution (sid) this problem has been fixed in
version 0.8.6-1.
We recommend that you upgrade your hiki package.
Upgrade Instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/h/hiki/hiki_0.6.5-2.dsc
Size/MD5 checksum: 561 fa72e16d4c5eb8108ccd603b3396bd76
http://security.debian.org/pool/updates/main/h/hiki/hiki_0.6.5-2.diff.gz
Size/MD5 checksum: 1573 46c81d7c9e5f52115df2fd91b6cc0bf4
http://security.debian.org/pool/updates/main/h/hiki/hiki_0.6.5.orig.tar.gz
Size/MD5 checksum: 143468 11c97fe604d70fc42f6c198ec64018e9
Architecture independent components:
http://security.debian.org/pool/updates/main/h/hiki/hiki_0.6.5-2_all.deb
Size/MD5 checksum: 108780 b1e689405cc70854ad77f5be95a86606
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFEwkZEW5ql+IAeqTIRArxBAJ9kAbxVSVXoT7BR+/2F/fvCJzZDFACgpEIt
V0PTCC5iMeTDBhKpW8fkNqk=
=Kv7d
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Debian Security Advisory DSA 1120-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
July 23rd, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : mozilla-firefox
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE IDs : CVE-2006-1942 CVE-2006-2775 CVE-2006-2776 CVE-2006-2777
CVE-2006-2778 CVE-2006-2779 CVE-2006-2780 CVE-2006-2782
CVE-2006-2783 CVE-2006-2784 CVE-2006-2785 CVE-2006-2786
CVE-2006-2787
CERT advisories: VU#237257 VU#243153 VU#421529 VU#466673 VU#575969
BugTraq ID : 18228
Several security related problems have been discovered in Mozilla.
The Common Vulnerabilities and Exposures project identifies the
following vulnerabilities:
CVE-2006-1942
Eric Foley discovered that a user can be tricked to expose a local
file to a remote attacker by displaying a local file as image in
connection with other vulnerabilities. [MFSA-2006-39]
CVE-2006-2775
XUL attributes are associated with the wrong URL under certain
circumstances, which might allow remote attackers to bypass
restrictions. [MFSA-2006-35]
CVE-2006-2776
Paul Nickerson discovered that content-defined setters on an
object prototype were getting called by privileged user interface
code, and "moz_bug_r_a4" demonstrated that the higher privilege
level could be passed along to the content-defined attack code.
[MFSA-2006-37]
CVE-2006-2777
A vulnerability allows remote attackers to execute arbitrary code
and create notifications that are executed in a privileged
context. [MFSA-2006-43]
CVE-2006-2778
Mikolaj Habryn a buffer overflow in the crypto.signText function
that allows remote attackers to execute arbitrary code via certain
optional Certificate Authority name arguments. [MFSA-2006-38]
CVE-2006-2779
Mozilla team members discovered several crashes during testing of
the browser engine showing evidence of memory corruption which may
also lead to the execution of arbitrary code. This problem has
only partially been corrected. [MFSA-2006-32]
CVE-2006-2780
An integer overflow allows remote attackers to cause a denial of
service and may permit the execution of arbitrary code.
[MFSA-2006-32]
CVE-2006-2782
Chuck McAuley discovered that a text input box can be pre-filled
with a filename and then turned into a file-upload control,
allowing a malicious website to steal any local file whose name
they can guess. [MFSA-2006-41, MFSA-2006-23, CVE-2006-1729]
CVE-2006-2783
Masatoshi Kimura discovered that the Unicode Byte-order-Mark (BOM)
is stripped from UTF-8 pages during the conversion to Unicode
before the parser sees the web page, which allows remote attackers
to conduct cross-site scripting (XSS) attacks. [MFSA-2006-42]
CVE-2006-2784
Paul Nickerson discovered that the fix for CAN-2005-0752 can be
bypassed using nested javascript: URLs, allowing the attacker to
execute privileged code. [MFSA-2005-34, MFSA-2006-36]
CVE-2006-2785
Paul Nickerson demonstrated that if an attacker could convince a
user to right-click on a broken image and choose "View Image" from
the context menu then he could get JavaScript to
run. [MFSA-2006-34]
CVE-2006-2786
Kazuho Oku discovered that Mozilla's lenient handling of HTTP
header syntax may allow remote attackers to trick the browser to
interpret certain responses as if they were responses from two
different sites. [MFSA-2006-33]
CVE-2006-2787
The Mozilla researcher "moz_bug_r_a4" discovered that JavaScript
run via EvalInSandbox can escape the sandbox and gain elevated
privilege. [MFSA-2006-31]
For the stable distribution (sarge) these problems have been fixed in
version 1.0.4-2sarge9.
For the unstable distribution (sid) these problems have been fixed in
version 1.5.dfsg+1.5.0.4-1.
We recommend that you upgrade your Mozilla Firefox packages.
Upgrade Instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9.dsc
Size/MD5 checksum: 1001 21424c5ba440f16f6abea37711d66aa9
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9.diff.gz
Size/MD5 checksum: 398646 2eff76a21650ad05f52b5fdf73bd3f7e
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4.orig.tar.gz
Size/MD5 checksum: 40212297 8e4ba81ad02c7986446d4e54e978409d
Alpha architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_alpha.deb
Size/MD5 checksum: 11173304 3a940907dc9761c8f509bb4c985db436
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_alpha.deb
Size/MD5 checksum: 169032 05d7a00140abdf880b41c4fa28114068
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_alpha.deb
Size/MD5 checksum: 60866 de85fa33566f2fbfcc86501ee62b2a1b
AMD64 architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_amd64.deb
Size/MD5 checksum: 9401816 963bc07e9bad81b56674d2e87fcc2074
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_amd64.deb
Size/MD5 checksum: 163774 782e55322d790e206be62b7c973cf4ee
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_amd64.deb
Size/MD5 checksum: 59390 62063c4dc7dfb9dd977b2a019bd37946
ARM architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_arm.deb
Size/MD5 checksum: 8223298 0a3854d01bb66b8251a6fd0f6f6acf1d
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_arm.deb
Size/MD5 checksum: 155248 04b4755e60835717a7b5ed0025f00f0c
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_arm.deb
Size/MD5 checksum: 54702 93f66e628ad9327de4ed14acdfec4395
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_i386.deb
Size/MD5 checksum: 8899786 395567e782da4a1d6e0ef10367ba57cc
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_i386.deb
Size/MD5 checksum: 159032 5225bca73b84ed3e8a1c4e06bdd6cd69
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_i386.deb
Size/MD5 checksum: 56250 f8baa460416bd34c28e347b371c2ac72
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_ia64.deb
Size/MD5 checksum: 11632562 3fc46e9c4a4575594c610c7ff85146ce
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_ia64.deb
Size/MD5 checksum: 169362 aad3f6f89760080eca86f9988c690532
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_ia64.deb
Size/MD5 checksum: 64062 0973673b6e56cc6d26db14a0170c4a1a
HP Precision architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_hppa.deb
Size/MD5 checksum: 10275134 dbdcf7d07ead3c046ec5a604922bd853
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_hppa.deb
Size/MD5 checksum: 166732 ff51c0f78f3bb6ee011c85e850e67230
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_hppa.deb
Size/MD5 checksum: 59840 856193bc316aecbcce4f88aae4404240
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_m68k.deb
Size/MD5 checksum: 8175302 d60841a0292077f4635ca9b68c45cd8a
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_m68k.deb
Size/MD5 checksum: 157932 5559512572a0493c336f46e67dc6163d
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_m68k.deb
Size/MD5 checksum: 55524 f04387c9e24e76965342227983327a03
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_mips.deb
Size/MD5 checksum: 9932150 56eefc3ec8a8832645ec1316929f4411
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_mips.deb
Size/MD5 checksum: 156774 696dca1ed57d6c13fd80bcd6fc4364cd
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_mips.deb
Size/MD5 checksum: 56506 af7303ff23599cf25224df22f5b92e05
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_mipsel.deb
Size/MD5 checksum: 9810314 3673c61e049c42c7ea21ed58e06b2acc
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_mipsel.deb
Size/MD5 checksum: 156350 9d3f411c8372b54775ab5ba90c10d0da
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_mipsel.deb
Size/MD5 checksum: 56336 ccc11bdf50a4b0809fe7ed2dbdf44006
PowerPC architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_powerpc.deb
Size/MD5 checksum: 8571660 cf198d98db5695e5c423c567ebfdba38
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_powerpc.deb
Size/MD5 checksum: 157448 d96866bfc3e74f73d6cf4a3f71aa50cb
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_powerpc.deb
Size/MD5 checksum: 58628 e3a6722463006bb379c9548318784af8
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_s390.deb
Size/MD5 checksum: 9641400 c935ca331cf22eab9f311fc65c69e227
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_s390.deb
Size/MD5 checksum: 164392 342aeb1f6362565bac9cd8f9a34e6711
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_s390.deb
Size/MD5 checksum: 58816 3199d08b5c64c05d4c9f3600fd1a9927
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_sparc.deb
Size/MD5 checksum: 8662210 a25db0f4ce57b47898d633b2512cd0b4
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_sparc.deb
Size/MD5 checksum: 157632 5d0f66746bcbb48269e1e4e0efa71067
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_sparc.deb
Size/MD5 checksum: 55062 99d09b78f6efa23c02d1e9076185f105
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD4DBQFEwxuaW5ql+IAeqTIRAph6AJigs7vAqUX4Kff4L09LciD7GjfGAJ9oSjEi
YKqqcIwtb4nh4LCbn5fKcw==
=zfrY
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Debian Security Advisory DSA 1121-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
July 24th, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : postgrey
Vulnerability : format string
Problem type : remote
Debian-specific: no
CVE ID : CVE-2005-1127
Peter Bieringer discovered that postgrey, an greylisting
implementation for Postfix, is vulnerable to a format string attack
that allows remote attackers to the daemon.
For the stable distribution (sarge) this problem has been fixed in
version 1.21-1sarge1.
For the stable distribution (sarge) this problem has also been fixed
in version 1.21-1volatile4 in the volatile archive.
For the unstable distribution (sid) this problem has been fixed in
version 1.22-1.
We recommend that you upgrade your postgrey package.
Upgrade Instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/p/postgrey/postgrey_1.21-1sarge1.dsc
Size/MD5 checksum: 628 2a0d8c903c9f47b374a9fa871056b5df
http://security.debian.org/pool/updates/main/p/postgrey/postgrey_1.21-1sarge1.diff.gz
Size/MD5 checksum: 13354 96eefd0e11745edf1cce5fa833d83396
http://security.debian.org/pool/updates/main/p/postgrey/postgrey_1.21.orig.tar.gz
Size/MD5 checksum: 25934 1274e073be5178445e0892a9dcc6fe98
Architecture independent components:
http://security.debian.org/pool/updates/main/p/postgrey/postgrey_1.21-1sarge1_all.deb
Size/MD5 checksum: 41526 43de6a5366b7df928212489a84ec127f
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFExHBPW5ql+IAeqTIRAvR1AJ9QlEU3EkHZ/qMZFR8lGOa2GfqiFgCfQtz2
QHWLKraLGZILLXPCG20Eoq0=
=X3l3
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Debian Security Advisory DSA 1124-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
July 24th, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : fbi
Vulnerability : typo
Problem-Type : local
Debian-specific: no
CVE ID : CVE-2006-3119
Toth Andras discovered that the fbgs framebuffer postscript/PDF viewer
contains a typo, which prevents the intended filter against malicious
postscript commands from working correctly. This might lead to the
deletion of user data when displaying a postscript file.
For the stable distribution (sarge) this problem has been fixed in
version 2.01-1.2sarge2.
For the unstable distribution (sid) this problem will be fixed soon.
We recommend that you upgrade your fbi package.
Upgrade Instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge2.dsc
Size/MD5 checksum: 735 36d0568b3c180e41cb1f6df809ff5e5b
http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge2.diff.gz
Size/MD5 checksum: 5088 3b4e9623e4aa9d333c3aee47c42f3422
http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01.orig.tar.gz
Size/MD5 checksum: 205822 7bf21eae612fd457155533a83ab075c2
Alpha architecture:
http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sarge2_alpha.deb
Size/MD5 checksum: 29542 b0a4b4a73a93bda7243fea211f5ead9f
http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge2_alpha.deb
Size/MD5 checksum: 67686 303fed22421dda6d18e541425c6a945f
AMD64 architecture:
http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sarge2_amd64.deb
Size/MD5 checksum: 24528 359cf3eadf6294c39b4fe2b185aa1167
http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge2_amd64.deb
Size/MD5 checksum: 57384 cb5af6bbe2bd5ea99966eab903f220bf
ARM architecture:
http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sarge2_arm.deb
Size/MD5 checksum: 22494 4a750437cdd4fcb2049e8c33b5231b64
http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge2_arm.deb
Size/MD5 checksum: 51232 240a6f9509c00477bcbefe80a0fb7e70
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sarge2_i386.deb
Size/MD5 checksum: 22712 809f7d0fcfce407e5679305b07b69967
http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge2_i386.deb
Size/MD5 checksum: 52200 e2b4fdc29c3787d0a843415c5e62bcc1
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sarge2_ia64.deb
Size/MD5 checksum: 33896 a60373a4938640174dc80b34c65dadc4
http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge2_ia64.deb
Size/MD5 checksum: 79814 6b6bfc5816ca014e4d290b05834eceac
HP Precision architecture:
http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sarge2_hppa.deb
Size/MD5 checksum: 26914 164ccc167aa0fda01d9535c65db000cc
http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge2_hppa.deb
Size/MD5 checksum: 60222 c215390ee5bef416b5a9eb9ad0b16a2e
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sarge2_m68k.deb
Size/MD5 checksum: 20754 006ed3c7e982e08d14860282ac312fad
http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge2_m68k.deb
Size/MD5 checksum: 47324 63732b97562e3b2e8f801128faf8b8b4
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sarge2_mips.deb
Size/MD5 checksum: 26048 211c8a4c5398e403b7d7f4a1a4bb3c4f
http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge2_mips.deb
Size/MD5 checksum: 59498 6e68121650840d81e04b1bec82156f5c
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sarge2_mipsel.deb
Size/MD5 checksum: 26122 74ffc8475a2acf27af99b83b7cd0cbc6
http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge2_mipsel.deb
Size/MD5 checksum: 59234 6b976898ad8c23b7da53449d6af2c3e0
PowerPC architecture:
http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sarge2_powerpc.deb
Size/MD5 checksum: 25978 ec0d5e88f5e7c908ce7c053485ca415a
http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge2_powerpc.deb
Size/MD5 checksum: 57298 996b2e6523767b439583dad7c511df83
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sarge2_s390.deb
Size/MD5 checksum: 24472 8c030047c8d631a6a1c01079e7d352e7
http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge2_s390.deb
Size/MD5 checksum: 58050 e5bebfa9b1c7ab4a0cfac3bc8f5f4541
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sarge2_sparc.deb
Size/MD5 checksum: 23074 5c0854fb34e3c6da7c12991dedae0910
http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge2_sparc.deb
Size/MD5 checksum: 52484 72496fbe05968cfb7bd185414629033f
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFExQaRXm3vHE4uyloRAiQgAJ4qPeQ93sCM0w86nEIW1z7QsRx4ywCgu+ez
4jdvLmA2K7QbRl205/2QqdI=
=79Oc
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Debian Security Advisory DSA 1123-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
July 24th, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : libdumb
Vulnerability : buffer overflow
Problem-Type : local(remote)
Debian-specific: no
CVE ID : CVE-2006-3668
Debian Bug : 379064
Luigi Auriemma discovered that DUMB, a tracker music library, performs
insufficient sanitising of values parsed from IT music files, which might
lead to a buffer overflow and execution of arbitrary code if manipulated
files are read.
For the stable distribution (sarge) this problem has been fixed in
version 0.9.2-6.
For the unstable distribution (sid) this problem has been fixed in
version 0.9.3-5.
We recommend that you upgrade your libdumb packages.
Upgrade Instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/libd/libdumb/libdumb_0.9.2-6.dsc
Size/MD5 checksum: 634 32242f365a1433e66ca9e46a004523df
http://security.debian.org/pool/updates/main/libd/libdumb/libdumb_0.9.2-6.diff.gz
Size/MD5 checksum: 3914 65aa4b7596e81c622e830bbe1d32ff22
http://security.debian.org/pool/updates/main/libd/libdumb/libdumb_0.9.2.orig.tar.gz
Size/MD5 checksum: 145722 0ce45f64934e6d5d7b82a55108596680
Alpha architecture:
http://security.debian.org/pool/updates/main/libd/libdumb/libaldmb0_0.9.2-6_alpha.deb
Size/MD5 checksum: 75276 b7f57922166c536f19b965d3ab0d88fe
http://security.debian.org/pool/updates/main/libd/libdumb/libaldmb0-dev_0.9.2-6_alpha.deb
Size/MD5 checksum: 6090 06c293edff58a482fcf6084c4b5d934a
http://security.debian.org/pool/updates/main/libd/libdumb/libdumb0_0.9.2-6_alpha.deb
Size/MD5 checksum: 121546 715574ff400819fd703793d4ecf75fad
http://security.debian.org/pool/updates/main/libd/libdumb/libdumb0-dev_0.9.2-6_alpha.deb
Size/MD5 checksum: 72390 31d5b7901bc0812b9348eb876cc15b8d
AMD64 architecture:
http://security.debian.org/pool/updates/main/libd/libdumb/libaldmb0_0.9.2-6_amd64.deb
Size/MD5 checksum: 74780 04d899dbf1e150f1f9568457d34b6fdd
http://security.debian.org/pool/updates/main/libd/libdumb/libaldmb0-dev_0.9.2-6_amd64.deb
Size/MD5 checksum: 5244 d0bdb1d783d860280176b190677a4052
http://security.debian.org/pool/updates/main/libd/libdumb/libdumb0_0.9.2-6_amd64.deb
Size/MD5 checksum: 109360 712603865afd1d04e536c453bf1ae373
http://security.debian.org/pool/updates/main/libd/libdumb/libdumb0-dev_0.9.2-6_amd64.deb
Size/MD5 checksum: 52534 87514a167dc9e6a00ee98c496721b2ae
ARM architecture:
http://security.debian.org/pool/updates/main/libd/libdumb/libaldmb0_0.9.2-6_arm.deb
Size/MD5 checksum: 73954 edb9623bfb0753b9ac8adf7fba5acfd1
http://security.debian.org/pool/updates/main/libd/libdumb/libaldmb0-dev_0.9.2-6_arm.deb
Size/MD5 checksum: 4738 f5afa9198afce1f16e625e7e41618f71
http://security.debian.org/pool/updates/main/libd/libdumb/libdumb0_0.9.2-6_arm.deb
Size/MD5 checksum: 110002 542706c4b04ca773be469d066cce125b
http://security.debian.org/pool/updates/main/libd/libdumb/libdumb0-dev_0.9.2-6_arm.deb
Size/MD5 checksum: 54256 6f59fabcf506f6508e86b42ae6ae78ad
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/libd/libdumb/libaldmb0_0.9.2-6_i386.deb
Size/MD5 checksum: 74484 1c721ae454752d3a252f1cfc9a773d41
http://security.debian.org/pool/updates/main/libd/libdumb/libaldmb0-dev_0.9.2-6_i386.deb
Size/MD5 checksum: 4738 e4b77e2545480a205f675e39017efc58
http://security.debian.org/pool/updates/main/libd/libdumb/libdumb0_0.9.2-6_i386.deb
Size/MD5 checksum: 108496 ead6a0b39172a059491c864b9985101f
http://security.debian.org/pool/updates/main/libd/libdumb/libdumb0-dev_0.9.2-6_i386.deb
Size/MD5 checksum: 47478 a0d02ff38ef6791845756ca2394a4bc5
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/libd/libdumb/libaldmb0_0.9.2-6_ia64.deb
Size/MD5 checksum: 76358 88a9e82bf0c85d8f0b6db2a718c40a9a
http://security.debian.org/pool/updates/main/libd/libdumb/libaldmb0-dev_0.9.2-6_ia64.deb
Size/MD5 checksum: 6312 953f7b5387e0d99715cf0c7b047bef9a
http://security.debian.org/pool/updates/main/libd/libdumb/libdumb0_0.9.2-6_ia64.deb
Size/MD5 checksum: 134560 53dae1f7002cd4c795c8d42990470973
http://security.debian.org/pool/updates/main/libd/libdumb/libdumb0-dev_0.9.2-6_ia64.deb
Size/MD5 checksum: 78760 0b70e7b9b4e67399e0e7cdfb94c2122d
HP Precision architecture:
http://security.debian.org/pool/updates/main/libd/libdumb/libaldmb0_0.9.2-6_hppa.deb
Size/MD5 checksum: 75286 7817acef6001881bcea7611ffd538b7d
http://security.debian.org/pool/updates/main/libd/libdumb/libaldmb0-dev_0.9.2-6_hppa.deb
Size/MD5 checksum: 5414 b399bd5949caccf4cb02ada6a4b7d4f3
http://security.debian.org/pool/updates/main/libd/libdumb/libdumb0_0.9.2-6_hppa.deb
Size/MD5 checksum: 116320 a69a36e0c23670499781c2a77611bfae
http://security.debian.org/pool/updates/main/libd/libdumb/libdumb0-dev_0.9.2-6_hppa.deb
Size/MD5 checksum: 57774 032d891a6aeda5932fcc8ad6fa64d372
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/libd/libdumb/libaldmb0_0.9.2-6_m68k.deb
Size/MD5 checksum: 74204 43c5cd2ae45c7871e27bcb0fc948b17e
http://security.debian.org/pool/updates/main/libd/libdumb/libaldmb0-dev_0.9.2-6_m68k.deb
Size/MD5 checksum: 4596 560f752f7433cf6a743a18d4b7636e1d
http://security.debian.org/pool/updates/main/libd/libdumb/libdumb0_0.9.2-6_m68k.deb
Size/MD5 checksum: 105372 785d07eaebf837f71a5ad3b017100f88
http://security.debian.org/pool/updates/main/libd/libdumb/libdumb0-dev_0.9.2-6_m68k.deb
Size/MD5 checksum: 44940 606b5f441e61305b304f58a3bdd1ab5b
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/libd/libdumb/libaldmb0_0.9.2-6_mips.deb
Size/MD5 checksum: 74418 d88ed88421fd473176eda13e168b2ae5
http://security.debian.org/pool/updates/main/libd/libdumb/libaldmb0-dev_0.9.2-6_mips.deb
Size/MD5 checksum: 5484 fcdfa364a97466a423aa8bf9646fe904
http://security.debian.org/pool/updates/main/libd/libdumb/libdumb0_0.9.2-6_mips.deb
Size/MD5 checksum: 111414 01edc258404ab63fe164fea1930476f2
http://security.debian.org/pool/updates/main/libd/libdumb/libdumb0-dev_0.9.2-6_mips.deb
Size/MD5 checksum: 56954 99e88c70e885558040177fb634c0a027
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/libd/libdumb/libaldmb0_0.9.2-6_mipsel.deb
Size/MD5 checksum: 74416 0eda36c34e3962aa3dd84c1a0092372a
http://security.debian.org/pool/updates/main/libd/libdumb/libaldmb0-dev_0.9.2-6_mipsel.deb
Size/MD5 checksum: 5468 13f0d69dda9223f444a94ea0ca1d6843
http://security.debian.org/pool/updates/main/libd/libdumb/libdumb0_0.9.2-6_mipsel.deb
Size/MD5 checksum: 111572 f82a7f553c8e1fe5b40bb6d676e7af77
http://security.debian.org/pool/updates/main/libd/libdumb/libdumb0-dev_0.9.2-6_mipsel.deb
Size/MD5 checksum: 57134 c41f1608565019146d563859d8df849f
PowerPC architecture:
http://security.debian.org/pool/updates/main/libd/libdumb/libaldmb0_0.9.2-6_powerpc.deb
Size/MD5 checksum: 75934 15e1e9c231b1fa79002285249aa1868f
http://security.debian.org/pool/updates/main/libd/libdumb/libaldmb0-dev_0.9.2-6_powerpc.deb
Size/MD5 checksum: 4932 bda0bd686f1711f9ba4d9fefb6cd1df4
http://security.debian.org/pool/updates/main/libd/libdumb/libdumb0_0.9.2-6_powerpc.deb
Size/MD5 checksum: 112666 450a7cc5c2c6134dda51bbe17bedade0
http://security.debian.org/pool/updates/main/libd/libdumb/libdumb0-dev_0.9.2-6_powerpc.deb
Size/MD5 checksum: 53122 8c7ef44c26a5eb803456b1484e86780b
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/libd/libdumb/libaldmb0_0.9.2-6_s390.deb
Size/MD5 checksum: 75080 69120a96775c9ce4da1005e88285bfc7
http://security.debian.org/pool/updates/main/libd/libdumb/libaldmb0-dev_0.9.2-6_s390.deb
Size/MD5 checksum: 5118 c80b9f07677b5cd0efef90d75e4f2226
http://security.debian.org/pool/updates/main/libd/libdumb/libdumb0_0.9.2-6_s390.deb
Size/MD5 checksum: 114394 171899c4214e870b72c0be62113d866b
http://security.debian.org/pool/updates/main/libd/libdumb/libdumb0-dev_0.9.2-6_s390.deb
Size/MD5 checksum: 53434 b0d7b9822aae29da009fbe70602992c6
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/libd/libdumb/libaldmb0_0.9.2-6_sparc.deb
Size/MD5 checksum: 74112 dfeda909f974a6ca36404bbe87887d5a
http://security.debian.org/pool/updates/main/libd/libdumb/libaldmb0-dev_0.9.2-6_sparc.deb
Size/MD5 checksum: 4782 9dcd795ae35d0136d30e36634278a44f
http://security.debian.org/pool/updates/main/libd/libdumb/libdumb0_0.9.2-6_sparc.deb
Size/MD5 checksum: 111376 9e364aa1a08ef44ee0b1704158f9649a
http://security.debian.org/pool/updates/main/libd/libdumb/libdumb0-dev_0.9.2-6_sparc.deb
Size/MD5 checksum: 51554 c2d5966066dd655303b3f431bd09de4d
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFExQW4Xm3vHE4uyloRAouZAJ96R9dDMVIHXcgUAWF7p8aBIY/hrQCgiPe6
FpXhO7XJb0I3qa6ppARmmNc=
=Ms9D
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Debian Security Advisory DSA 1122-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
July 24th, 2005 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : libnet-server-perl
Vulnerability : format string
Problem type : remote
Debian-specific: no
CVE ID : CVE-2005-1127
Debian Bug : 378640
Peter Bieringer discovered that the "log" function in the Net::Server
Perl module, an extensible, general perl server engine, is not safe
against format string exploits.
The old stable distribution (woody) does not contain this package.
For the stable distribution (sarge) this problem has been fixed in
version 0.87-3sarge1.
For the unstable distribution (sid) this problem has been fixed in
version 0.89-1.
We recommend that you upgrade your libnet-server-perl package.
Upgrade Instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/libn/libnet-server-perl/libnet-server-perl_0.87-3sarge1.dsc
Size/MD5 checksum: 692 9790e3935bc81150adb54a5d5a3fa692
http://security.debian.org/pool/updates/main/libn/libnet-server-perl/libnet-server-perl_0.87-3sarge1.diff.gz
Size/MD5 checksum: 8220 59438319c03603473e174c61009b0d7c
http://security.debian.org/pool/updates/main/libn/libnet-server-perl/libnet-server-perl_0.87.orig.tar.gz
Size/MD5 checksum: 69235 0b8553db414dac4c43b9f9282f8e149c
Architecture independent components:
http://security.debian.org/pool/updates/main/libn/libnet-server-perl/libnet-server-perl_0.87-3sarge1_all.deb
Size/MD5 checksum: 126808 5f8a62959bae9000ec8e64a23263d072
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFExOJbW5ql+IAeqTIRAiy2AJ9Xbi7cRq7+VtTl1sZYnzKR5yMdlQCgrwGe
RRVbqy68ksVHqr9tF6vf1ig=
=9BkT
-----END PGP SIGNATURE-----
--- End Message ---