[guru] Debian biztonsagi frissitesek
DATE: Fri, 30 Jul 2010 15:16:41 +0200
A mahara csomag több XSS, CSRF (Cross-Site Request Forgery), illetve
jogosulatlan hozzáférési hibát is tartalmaz.
Buffer overflow hibát találtak a python cjson moduljában.
NULL deref miatti DoS lehetőséget találtak a znc IRC bouncer-ben.
Több kód futtatást is eredményező biztonsági hibát találtak a freetype
csomagban.
Buffer overflow hibát találtak a mikmod rutinkönyvtárban.
Buffer overflow és memleak hibákat is találtak a libpng rutinkönyvtárban.
Directory traversal hibát találtak az mlmmj levelező lista kezelő webes
admin felületén.
Integer overflow hibát találtak az ncompress tömörítő kicsomagoló kódjában.
Több biztonsági hibát is találtak a xulrunner csomagban.
A gnupg2 több Subject Alternate Name mezőt tartalmazó certificate-ek
feldolgozásakor a felszabadítás után is használni kívánja a memóriaterületet,
ami kód futtatási hibát eredményez.
Az openldap szerver nem ellenőrzi a helyes UTF-8 formátumot modrdn
hívás esetén, ez a támadónak kód futtatási lehetőséget nyújt. Amennyiben
a modrdn cél szingje üres, úgy a daemon DoS-olható.
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------
Debian Security Advisory DSA-2067-1 security@debian.org
http://www.debian.org/security/ Raphael Geissert
Jul 02, 2010 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : mahara
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2010-1667 CVE-2010-1668 CVE-2010-1670 CVE-2010-2479
Several vulnerabilities were discovered in mahara, an electronic portfolio,
weblog, and resume builder. The following Common Vulnerabilities and
Exposures project ids identify them:
CVE-2010-1667
Multiple pages performed insufficient input sanitising, making them
vulnerable to cross-site scripting attacks.
CVE-2010-1668
Multiple forms lacked protection against cross-site request forgery
attacks, therefore making them vulnerable.
CVE-2010-1670
Gregor Anzelj discovered that it was possible to accidentally
configure an installation of mahara that allows access to another
user's account without a password.
CVE-2010-2479
Certain Internet Explorer-specific cross-site scripting
vulnerabilities were discovered in HTML Purifier, of which a copy
is included in the mahara package.
For the stable distribution (lenny), the problems have been fixed in
version 1.0.4-4+lenny6.
For the testing distribution (squeeze), the problems will be fixed soon.
For the unstable distribution (sid), the problems have been fixed in
version 1.2.5.
We recommend that you upgrade your mahara packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 5.0 (stable) alias lenny
- --------------------------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/m/mahara/mahara_1.0.4-4+lenny6.diff.gz
Size/MD5 checksum: 46220 9baa14e3e23118a908bb2beec8b4fd7f
http://security.debian.org/pool/updates/main/m/mahara/mahara_1.0.4.orig.tar.gz
Size/MD5 checksum: 2383079 cf1158e4fe3cdba14fb1b71657bf8cc9
http://security.debian.org/pool/updates/main/m/mahara/mahara_1.0.4-4+lenny6.dsc
Size/MD5 checksum: 1943 79d1fbafd665c9bfd5b9cf66a5831d4c
Architecture independent packages:
http://security.debian.org/pool/updates/main/m/mahara/mahara-apache2_1.0.4-4+lenny6_all.deb
Size/MD5 checksum: 8274 ad3af96747d75ddc6fdff4a3c4472845
http://security.debian.org/pool/updates/main/m/mahara/mahara_1.0.4-4+lenny6_all.deb
Size/MD5 checksum: 1639192 838dd2d7f726af2ff773f6e01ee1b330
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkwuEOgACgkQYy49rUbZzloR+gCcDNaQ8olvsw5OZC3u/LqrR9gD
EHoAoJlLR8AiSrpFF59Je3WLL/4OLefI
=k9Cn
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------
Debian Security Advisory DSA-2068-1 security@debian.org
http://www.debian.org/security/ Giuseppe Iuculano
July 11, 2010 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : python-cjson
Vulnerability : buffer overflow
Problem type : remote
Debian-specific: no
CVE Id : CVE-2010-1666
Debian Bug : 587700
Matt Giuca discovered a buffer overflow in python-cjson, a fast JSON
encoder/decoder for Python.
This allows a remote attacker to cause a denial of service (application crash)
through a specially-crafted Python script.
For the stable distribution (lenny), this problem has been fixed in
version 1.0.5-1+lenny1
For the testing (squeeze) and the unstable (sid) distribution, this problem
has been fixed in version 1.0.5-3
We recommend that you upgrade your python-cjson package.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Debian (stable)
- ---------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/p/python-cjson/python-cjson_1.0.5.orig.tar.gz
Size/MD5 checksum: 10978 4d55b66ecdf0300313af9d030d9644a3
http://security.debian.org/pool/updates/main/p/python-cjson/python-cjson_1.0.5-1+lenny1.diff.gz
Size/MD5 checksum: 3892 106f2da130d255e076a7bf8f5c58a593
http://security.debian.org/pool/updates/main/p/python-cjson/python-cjson_1.0.5-1+lenny1.dsc
Size/MD5 checksum: 1222 64a01e8f53b2ede46a66bca6ac19b693
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/p/python-cjson/python-cjson-dbg_1.0.5-1+lenny1_alpha.deb
Size/MD5 checksum: 73356 543d592991961edf70ba9b1dcd8e581c
http://security.debian.org/pool/updates/main/p/python-cjson/python-cjson_1.0.5-1+lenny1_alpha.deb
Size/MD5 checksum: 16624 c3e3a1e12ca21be520f4695938b7e6df
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/p/python-cjson/python-cjson-dbg_1.0.5-1+lenny1_amd64.deb
Size/MD5 checksum: 73264 058c96847871f8a1850c2e6b785b38d5
http://security.debian.org/pool/updates/main/p/python-cjson/python-cjson_1.0.5-1+lenny1_amd64.deb
Size/MD5 checksum: 16882 7fca836c1f1ddaf1a3cb689ab18e9ed7
arm architecture (ARM)
http://security.debian.org/pool/updates/main/p/python-cjson/python-cjson-dbg_1.0.5-1+lenny1_arm.deb
Size/MD5 checksum: 64148 eddbd4ab8ed83a0c71407b64b85c939d
http://security.debian.org/pool/updates/main/p/python-cjson/python-cjson_1.0.5-1+lenny1_arm.deb
Size/MD5 checksum: 14316 321156989fc68dccd2b2fd636fca9f47
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/p/python-cjson/python-cjson-dbg_1.0.5-1+lenny1_armel.deb
Size/MD5 checksum: 65278 25fa488695e376a0b09c56817466c584
http://security.debian.org/pool/updates/main/p/python-cjson/python-cjson_1.0.5-1+lenny1_armel.deb
Size/MD5 checksum: 14914 bf0c565b9145ac5d461064d834e463b1
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/p/python-cjson/python-cjson-dbg_1.0.5-1+lenny1_hppa.deb
Size/MD5 checksum: 65442 6f296a2884b0a7851d3f8f665fd9a2b5
http://security.debian.org/pool/updates/main/p/python-cjson/python-cjson_1.0.5-1+lenny1_hppa.deb
Size/MD5 checksum: 15522 09617cae5456886281fe98861e908c05
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/p/python-cjson/python-cjson_1.0.5-1+lenny1_i386.deb
Size/MD5 checksum: 14446 ee7ebf4760e7332d810cbc75899f077f
http://security.debian.org/pool/updates/main/p/python-cjson/python-cjson-dbg_1.0.5-1+lenny1_i386.deb
Size/MD5 checksum: 61442 6e0b7db1b436d7cf95d9b2c160fabefa
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/p/python-cjson/python-cjson-dbg_1.0.5-1+lenny1_ia64.deb
Size/MD5 checksum: 81688 b41279a42693faf74bcaec4db6e3e4bd
http://security.debian.org/pool/updates/main/p/python-cjson/python-cjson_1.0.5-1+lenny1_ia64.deb
Size/MD5 checksum: 26956 820381374705502062ead4a26b0867e1
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/p/python-cjson/python-cjson-dbg_1.0.5-1+lenny1_mips.deb
Size/MD5 checksum: 66044 b6425d327583fcd7d259683f0256800c
http://security.debian.org/pool/updates/main/p/python-cjson/python-cjson_1.0.5-1+lenny1_mips.deb
Size/MD5 checksum: 14618 d5ca589e8f259bd13592e61a7a80ec22
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/p/python-cjson/python-cjson-dbg_1.0.5-1+lenny1_mipsel.deb
Size/MD5 checksum: 65290 74f63444c91ecd17056f5dfda603496f
http://security.debian.org/pool/updates/main/p/python-cjson/python-cjson_1.0.5-1+lenny1_mipsel.deb
Size/MD5 checksum: 14592 715e866822dc71ccca1791ad0c7709c3
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/p/python-cjson/python-cjson_1.0.5-1+lenny1_powerpc.deb
Size/MD5 checksum: 18926 8711a13d0f5b309598b3e6e408d3cd5d
http://security.debian.org/pool/updates/main/p/python-cjson/python-cjson-dbg_1.0.5-1+lenny1_powerpc.deb
Size/MD5 checksum: 81490 f9b9489b6fbb66d90fe63e566874a7a0
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/p/python-cjson/python-cjson-dbg_1.0.5-1+lenny1_s390.deb
Size/MD5 checksum: 63572 43ef034d108fc60a394fa48622706f10
http://security.debian.org/pool/updates/main/p/python-cjson/python-cjson_1.0.5-1+lenny1_s390.deb
Size/MD5 checksum: 14494 c1ab81a9d467d56f137439717cae2fde
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/p/python-cjson/python-cjson_1.0.5-1+lenny1_sparc.deb
Size/MD5 checksum: 14158 26d07f1edd3caa21ac055ad9d6c98bcf
http://security.debian.org/pool/updates/main/p/python-cjson/python-cjson-dbg_1.0.5-1+lenny1_sparc.deb
Size/MD5 checksum: 60610 260ee7d6e76937dca05b40aba15bd1c5
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkw5f4UACgkQNxpp46476arDcwCfZmU/0p6HpRZVFYCDTRIQ6Wpu
LVAAoJMcU7DU3kar2CmskHvJBRsFVDJy
=kXPj
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------
Debian Security Advisory DSA-2069-1 security@debian.org
http://www.debian.org/security/ Raphael Geissert
Jul 11, 2010 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : znc
Vulnerability : denial of service
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2010-2448
Debian Bug : 584929
It was discovered that znc, an IRC bouncer, is vulnerable to denial
of service attacks via a NULL pointer dereference when traffic
statistics are requested while there is an unauthenticated connection.
For the stable distribution (lenny), the problem has been fixed in
version 0.058-2+lenny4.
For the testing distribution (squeeze) and the unstable distribution (sid),
the problem has been fixed in version 0.090-2.
We recommend that you upgrade your znc packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 5.0 (stable) alias lenny
- --------------------------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64,
mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny4.dsc
Size/MD5 checksum: 1038 46f176d6370f395b9166832d839f667c
http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny4.diff.gz
Size/MD5 checksum: 9957 f83f0daa62de96ddd125a57e355997f7
http://security.debian.org/pool/updates/main/z/znc/znc_0.058.orig.tar.gz
Size/MD5 checksum: 340741 c02fd740c55d5b3a7912f7584344103e
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny4_alpha.deb
Size/MD5 checksum: 1097004 aad70b861a881acc07b62fba1828a987
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny4_amd64.deb
Size/MD5 checksum: 1028912 73e5648afac01653d63993c78f814166
arm architecture (ARM)
http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny4_arm.deb
Size/MD5 checksum: 1151388 a75400496739ef59b8f04369c11adae1
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny4_armel.deb
Size/MD5 checksum: 964152 db8f9e2dd72860c5fc113cdf2d9ffa23
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny4_hppa.deb
Size/MD5 checksum: 1164930 833ebba997cafa8d98de64f02af58257
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny4_i386.deb
Size/MD5 checksum: 1012740 8e9428972501db9a05d6f8012a1b58c2
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny4_ia64.deb
Size/MD5 checksum: 1183340 5ec39e62dde31f9198db0f34ec12b95d
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny4_mips.deb
Size/MD5 checksum: 916252 c19f7c926422278d2fc29dc3999d837a
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny4_mipsel.deb
Size/MD5 checksum: 907810 14096b5353a78f6966577c23773d218a
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny4_powerpc.deb
Size/MD5 checksum: 1036902 dbd1e736e3fe1d8f5e9dddba22166279
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny4_s390.deb
Size/MD5 checksum: 972040 2ea3615c32521cd15cc5eae7516f85f8
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny4_sparc.deb
Size/MD5 checksum: 1000438 8838f85e71e4d0057b21505c8fcb0b39
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security
dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkw6d90ACgkQYy49rUbZzlofHwCdGWUbDUQbagGycwqolpNV/lMa
if8An2ptwioT/tBrZjBRN28UQi1BE2Os
=ulRd
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------
Debian Security Advisory DSA-2070-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
July 14, 2010 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : freetype
Vulnerability : several
Problem type : local(remote)
Debian-specific: no
CVE Id(s) : CVE-2010-2497 CVE-2010-2498 CVE-2010-2499 CVE-2010-2500 CVE-2010-2519 CVE-2010-2520 CVE-2010-2527
Robert Swiecki discovered several vulnerabilities in the FreeType font
library, which could lead to the execution of arbitrary code if a
malformed font file is processed.
Also, several buffer overflows were found in the included demo programs.
For the stable distribution (lenny), these problems have been fixed in
version 2.3.7-2+lenny2.
For the unstable distribution (sid), these problems have been fixed in
version 2.4.0-1.
We recommend that you upgrade your freetype packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7-2+lenny2.dsc
Size/MD5 checksum: 1219 a5930e5dfa3757bed045a67b7ef0e3e2
http://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7.orig.tar.gz
Size/MD5 checksum: 1567540 c1a9f44fde316470176fd6d66af3a0e8
http://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7-2+lenny2.diff.gz
Size/MD5 checksum: 36156 f1cb13247588b40f8f6c9d232df7efde
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny2_alpha.deb
Size/MD5 checksum: 775180 d9d1a2680550113aab5a5aa23998458e
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny2_alpha.deb
Size/MD5 checksum: 411954 63d800f83bd77f18b9307cd77b5cfd1d
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny2_alpha.deb
Size/MD5 checksum: 253784 b95be0af80d58e4e0818dd9b66447d9e
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny2_alpha.udeb
Size/MD5 checksum: 296564 6e080492ee03692588c5953b36bade6d
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny2_amd64.udeb
Size/MD5 checksum: 269680 4c9e6efc6c36f0867c74dde033b97ac8
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny2_amd64.deb
Size/MD5 checksum: 223010 5b9c55fc8ef35251ccdc3c1d22b13edd
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny2_amd64.deb
Size/MD5 checksum: 713084 b5933f78399f7d690f786fb7f04d1eca
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny2_amd64.deb
Size/MD5 checksum: 385600 741877f101eef1dd6f77aead47ddbba1
arm architecture (ARM)
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny2_arm.deb
Size/MD5 checksum: 205134 624b8b38b6cea2d569c70a18a5f78934
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny2_arm.udeb
Size/MD5 checksum: 242180 d7c5020f9cb5417378b80571bc2eccd4
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny2_arm.deb
Size/MD5 checksum: 686080 a12f9cb0b5f76071ed204cfdcc571cd5
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny2_arm.deb
Size/MD5 checksum: 356996 ff79207089cce445fa6d0514156f12cf
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny2_armel.deb
Size/MD5 checksum: 684278 7654ae1ba45138f11c53da2acce6055c
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny2_armel.deb
Size/MD5 checksum: 210040 2d05fa53273572a89c81c9085a291fee
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny2_armel.udeb
Size/MD5 checksum: 236524 727d731977efad369b51fdc28d42bade
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny2_armel.deb
Size/MD5 checksum: 353412 0bd84857e81e20c777cfaa5cf75532f2
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny2_hppa.deb
Size/MD5 checksum: 390130 633e25d7f8c8c618d9bae093ccb82ce3
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny2_hppa.deb
Size/MD5 checksum: 226818 cddac3930a33e08d60652f33c9a74951
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny2_hppa.deb
Size/MD5 checksum: 724826 9b77d359086e5379ded04c10e2acd20e
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny2_hppa.udeb
Size/MD5 checksum: 273756 4e144120db5dcbf29368b95a783e55ca
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny2_i386.deb
Size/MD5 checksum: 198154 db88552ea82caf3939e7b0cf50aaacd6
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny2_i386.deb
Size/MD5 checksum: 369100 303fa098f2a6ae9b96dda6911f0bd7fb
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny2_i386.deb
Size/MD5 checksum: 681856 df21b1a3835e262d844f60f9da27b279
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny2_i386.udeb
Size/MD5 checksum: 254120 bfb155340e5d588d06f09901b508661b
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny2_ia64.deb
Size/MD5 checksum: 530172 3eb3af7df07000f3f77046c21476d336
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny2_ia64.udeb
Size/MD5 checksum: 415500 a7790020bc8e89e29d22ba21de275386
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny2_ia64.deb
Size/MD5 checksum: 331586 c0c579a4f47c6239c33cf1b139850d1c
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny2_ia64.deb
Size/MD5 checksum: 876158 52006540c63793635d2dcac9f8179dbf
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny2_mips.deb
Size/MD5 checksum: 716244 e62cde7460caa83b189326abbe6a5347
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny2_mips.deb
Size/MD5 checksum: 370118 606f0b24f3694f40eb5331e8d74c4f3b
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny2_mips.deb
Size/MD5 checksum: 215180 33b08b6b36a20501276e657c3613701e
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny2_mips.udeb
Size/MD5 checksum: 253874 fe4977d926f17b3cbc338ea9926fec40
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny2_mipsel.udeb
Size/MD5 checksum: 254212 58be71c203785b01889176e8b028afac
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny2_mipsel.deb
Size/MD5 checksum: 215322 f376b04c5b8450a03b7299a86cc4a586
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny2_mipsel.deb
Size/MD5 checksum: 369756 412a79e35817f664f76dcaab0df63a59
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny2_mipsel.deb
Size/MD5 checksum: 716552 3bc89b0f776eaaf3fcd5ec8f6373b599
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny2_powerpc.deb
Size/MD5 checksum: 379634 a6f5c6e8ff755639559e55973ec1074d
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny2_powerpc.deb
Size/MD5 checksum: 708420 6596bcb33887463503ad0507b216e4ed
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny2_powerpc.deb
Size/MD5 checksum: 233050 40ee5ec08547be283b808d3afd5f97ba
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny2_powerpc.udeb
Size/MD5 checksum: 262690 ed1fff07f9e2f763ca481b2f8599e4af
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny2_s390.deb
Size/MD5 checksum: 383824 3fbd3dc038b0ac35b961a964cb1147e6
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny2_s390.deb
Size/MD5 checksum: 225144 04291aff7589607427d175721aafe8c3
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny2_s390.udeb
Size/MD5 checksum: 268070 d565627ddbf45d36920a27b8f42c1f55
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny2_s390.deb
Size/MD5 checksum: 698596 f161a20932cbdbb2ccf4d3a30a555231
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny2_sparc.deb
Size/MD5 checksum: 351162 9f308ff70921739fffbbfe9fca486a87
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny2_sparc.deb
Size/MD5 checksum: 679330 4bee549927cdfc3b52fc62a5f16b3d49
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny2_sparc.udeb
Size/MD5 checksum: 235344 ed806b039d7d8868ae9f7c89fe794629
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny2_sparc.deb
Size/MD5 checksum: 200794 49a26fa64c57498279481a4786919055
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkw+GCUACgkQXm3vHE4uylrkywCgy9GpS2XDmy5Y+pj3JOVAwpFs
mWwAn1lQsDqPntOyBssbJ901IHmL8FW/
=Y+AX
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------
Debian Security Advisory DSA-2071-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
July 14, 2010 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : libmikmod
Vulnerability : buffer overflows
Problem type : local(remote)
Debian-specific: no
CVE Id(s) : CVE-2009-3995 CVE-2009-3996
Dyon Balding discovered buffer overflows in the MikMod sound library,
which could lead to the execution of arbitrary code if a user is
tricked into opening malformed Impulse Tracker or Ultratracker sound
files.
For the stable distribution (lenny), these problems have been fixed in
version 3.1.11-6+lenny1.
For the unstable distribution (sid), these problems have been fixed in
version 3.1.11-6.2.
We recommend that you upgrade your libmikmod packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod_3.1.11-6+lenny1.dsc
Size/MD5 checksum: 1038 9741350a41a54261dbf242f02aa325fd
http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod_3.1.11.orig.tar.gz
Size/MD5 checksum: 611590 705106da305e8de191549f1e7393185c
http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod_3.1.11-6+lenny1.diff.gz
Size/MD5 checksum: 336630 4e4d04d2c9b5bcdd3edb3b04e683ea86
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6+lenny1_alpha.deb
Size/MD5 checksum: 221696 e01fb2f9c7e693ae7b0727a552da31a1
http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_alpha.deb
Size/MD5 checksum: 378570 dd8abb7da4195af53aed1e57750d2f1f
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6+lenny1_amd64.deb
Size/MD5 checksum: 157216 b3836423b8875f21d5ae01d5f9b533c5
http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_amd64.deb
Size/MD5 checksum: 265776 935b94d522dd814337b06acd07184fb7
arm architecture (ARM)
http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6+lenny1_arm.deb
Size/MD5 checksum: 164040 f2fdc8c7f4c7f54ec75ffd179c98ddca
http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_arm.deb
Size/MD5 checksum: 264064 2eba8b4037ca117fc8920563d2b05ca3
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6+lenny1_armel.deb
Size/MD5 checksum: 155766 916c6a467219ed4a5e0da68168c1e591
http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_armel.deb
Size/MD5 checksum: 254664 77c56898614f92c30e0ad5ef2de7c0cc
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6+lenny1_hppa.deb
Size/MD5 checksum: 185910 6b044e5ce0fb2de4fc37a8ddbbd037a0
http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_hppa.deb
Size/MD5 checksum: 299236 40db7231bf6258319f45412c1d46df50
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_i386.deb
Size/MD5 checksum: 244570 c4363c834307008b053bb1899a13013f
http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6+lenny1_i386.deb
Size/MD5 checksum: 147266 3d8adb8a243afb7a614052ba7494e01e
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6+lenny1_ia64.deb
Size/MD5 checksum: 264426 c2d6c1a0d1b32ff27030ec2f1cd3ebe4
http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_ia64.deb
Size/MD5 checksum: 391590 39c904baed7a4462ccbf10805cae88c0
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6+lenny1_mips.deb
Size/MD5 checksum: 167728 708a04685879d374730d4b94dd87a7d8
http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_mips.deb
Size/MD5 checksum: 292908 f52fce4500f59af99befc30fab46d48d
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_mipsel.deb
Size/MD5 checksum: 291132 c1c7fa74ce5a2d4e580aae5f5db21b8d
http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6+lenny1_mipsel.deb
Size/MD5 checksum: 167172 65bd1438a4cac985a0dc555f9b0eb54f
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_powerpc.deb
Size/MD5 checksum: 284010 0d98c66f1cbc9c34f87d1c9721fa7681
http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6+lenny1_powerpc.deb
Size/MD5 checksum: 173082 a953d970966c47adc2d55d2c5959835b
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6+lenny1_s390.deb
Size/MD5 checksum: 172646 e10ca9b6552459194a6d6d46799103dd
http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_s390.deb
Size/MD5 checksum: 268534 98768623fa899a4e2835dfced3b90d10
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6+lenny1_sparc.deb
Size/MD5 checksum: 150056 ed9837041b097d69e887eacce18917df
http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_sparc.deb
Size/MD5 checksum: 256132 bb7c09b265c54f42447199100d626c32
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkw+GlgACgkQXm3vHE4uylpF1wCgnoUZyAIGhuqyqNcQNS/Z+pX0
mIAAoJxvgaWRIU4KpgKAjAJWSah65M4+
=eDyM
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------
Debian Security Advisory DSA-2072-1 security@debian.org
http://www.debian.org/security/ Giuseppe Iuculano
July 19, 2010 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : libpng
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2010-1205 CVE-2010-2249
Debian Bugs : 533676 572308
Several vulnerabilities have been discovered in libpng, a library for
reading and writing PNG files. The Common Vulnerabilities and
Exposures project identifies the following problems:
CVE-2010-1205
It was discovered a buffer overflow in libpng which allows remote
attackers to execute arbitrary code via a PNG image that triggers
an additional data row.
CVE-2010-2249
It was discovered a memory leak in libpng which allows remote
attackers to cause a denial of service (memory consumption and
application crash) via a PNG image containing malformed Physical
Scale (aka sCAL) chunks
For the stable distribution (lenny), these problems have been fixed in
version 1.2.27-2+lenny4.
For the testing (squeeze) and unstable (sid) distribution, these
problems have been fixed in version 1.2.44-1
We recommend that you upgrade your libpng package.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Debian (stable)
- ---------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.dsc
Size/MD5 checksum: 1201 518a1f5c30a115dcb732e7499a2cef96
http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27.orig.tar.gz
Size/MD5 checksum: 783204 13a0de401db1972a8e68f47d5bdadd13
http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.diff.gz
Size/MD5 checksum: 21437 43e68a174233314cf49bb204abdd29b6
Architecture independent packages:
http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.27-2+lenny4_all.deb
Size/MD5 checksum: 886 94643952b104a6f231ed7d710e2ae95d
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_alpha.deb
Size/MD5 checksum: 182808 27b109278c41f9354d529ce0cfa2fe70
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_alpha.deb
Size/MD5 checksum: 287316 b05d9032dca244cfbb1773e17eb8fbf3
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_alpha.udeb
Size/MD5 checksum: 86558 2082c8b1458c53860b8243c184909d99
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_amd64.udeb
Size/MD5 checksum: 71944 a3992e7b18a2897879863fbf70f3e44f
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_amd64.deb
Size/MD5 checksum: 167620 b654901994d4666d2918869ef59aef38
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_amd64.deb
Size/MD5 checksum: 254780 dfb0d24bf329b004ccea98b3a94186be
arm architecture (ARM)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_arm.udeb
Size/MD5 checksum: 64570 f8b22165ed7daf5c40ecff5e03b7c724
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_arm.deb
Size/MD5 checksum: 159684 b64a7d362ef23b72d4af94bd48c89e33
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_arm.deb
Size/MD5 checksum: 245526 a55f8943e244796a2dbf4b244673d9ab
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_armel.udeb
Size/MD5 checksum: 67034 4d6f0fbce281723de483067ae4226f18
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_armel.deb
Size/MD5 checksum: 162570 fb1927ecf7521ce2de4c3c2d3d9ba679
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_armel.deb
Size/MD5 checksum: 245964 38148590fd5c421c6e7649767ce23556
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_hppa.deb
Size/MD5 checksum: 170090 1a9ad8514fb3dd6111090f321553452b
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_hppa.deb
Size/MD5 checksum: 260414 b1ada2a28da472703f953547dc2947e2
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_hppa.udeb
Size/MD5 checksum: 73894 eb6714f86f8085811a3dc1a1218a75a3
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_i386.deb
Size/MD5 checksum: 245468 8b6e9b5424a8991c05734f90b00182a2
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_i386.deb
Size/MD5 checksum: 166290 70c41d2feb2aff02be6154cea7cec1f4
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_i386.udeb
Size/MD5 checksum: 70118 e7c845ff2e87dc1dc2849ecac4428aa4
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_ia64.udeb
Size/MD5 checksum: 111752 9b3c6f30c1d59df47d8f1736cffb5f74
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_ia64.deb
Size/MD5 checksum: 207554 ca076c99f9d64729eab9a58632ab2b9e
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_ia64.deb
Size/MD5 checksum: 305536 0446686bb25783804121efced246e59d
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mips.deb
Size/MD5 checksum: 164086 e615a6007aa89ccd38a1afc482c6c51e
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mips.udeb
Size/MD5 checksum: 68180 beec6961eba764cd9186f4ba1e116949
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mips.deb
Size/MD5 checksum: 262216 937b2f2c26200b4a53f0bd8293b80af3
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mipsel.udeb
Size/MD5 checksum: 68464 c0e4a6cf4cbb2d6cda04ae5c0c572dd5
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mipsel.deb
Size/MD5 checksum: 164312 48ec081a3f25a7863fe689a212d37b07
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mipsel.deb
Size/MD5 checksum: 262482 560287e9b0c79a7d51ff4fd37e0a8da4
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_powerpc.deb
Size/MD5 checksum: 253154 caa93c1b0d9460d93d7b81241dcd25fb
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_powerpc.udeb
Size/MD5 checksum: 70748 59534d8fcb740fdfd681a173a85d72fe
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_powerpc.deb
Size/MD5 checksum: 166354 3d521ce5930a7707bb3afc61f7c48ccc
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_s390.udeb
Size/MD5 checksum: 73500 bceb1dab986adc60adde49c6bb267e7d
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_s390.deb
Size/MD5 checksum: 253036 85ebb3e8ac1749f20e0c45f489f348a6
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_s390.deb
Size/MD5 checksum: 169330 aa9808b63b2301f8be657a3c2d6797d2
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_sparc.deb
Size/MD5 checksum: 161688 5f12a2df5cea9e05bdad35a18e07f864
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_sparc.udeb
Size/MD5 checksum: 66084 bc6933daf2143bcc3f3b8c96e7bc29bb
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_sparc.deb
Size/MD5 checksum: 247360 ad0ae85eb3806d0263b985139c3c54ed
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkxERKsACgkQNxpp46476aoUaACfYi2PADzMaJIroblppIlGCidv
L1MAnjFrreXHBA9NUEbUtam1aXFuFGxe
=BLbf
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------
Debian Security Advisory DSA-2073-1 security@debian.org
http://www.debian.org/security/ Thijs Kinkhorst
July 20, 2010 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : mlmmj
Vulnerability : insufficient input sanitising
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2009-4896
Florian Streibelt reported a a directory traversal flaw in the way the
Mailing List Managing Made Joyful mailing list manager processed
users' requests originating from the administrator web interface
without enough input validation. A remote, authenticated attacker could
use these flaws to write and / or delete arbitrary files.
For the stable distribution (lenny), these problems have been fixed in
version 1.2.15-1.1+lenny1.
For the unstable distribution (sid), these problems have been fixed in
version 1.2.17-1.1.
We recommend that you upgrade your mlmmj package.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/m/mlmmj/mlmmj_1.2.15.orig.tar.gz
Size/MD5 checksum: 211880 da0c43e8767fa9c5460305489f3a2337
http://security.debian.org/pool/updates/main/m/mlmmj/mlmmj_1.2.15-1.1+lenny1.dsc
Size/MD5 checksum: 1027 8b375467bc41396da40532a6d96ddc1f
http://security.debian.org/pool/updates/main/m/mlmmj/mlmmj_1.2.15-1.1+lenny1.diff.gz
Size/MD5 checksum: 89834 e6f785cf58c2c6c1705724558a8020a3
Architecture independent packages:
http://security.debian.org/pool/updates/main/m/mlmmj/mlmmj-php-web_1.2.15-1.1+lenny1_all.deb
Size/MD5 checksum: 27310 57e04f940837fa2d7dfdb8f245f21e84
http://security.debian.org/pool/updates/main/m/mlmmj/mlmmj-php-web-admin_1.2.15-1.1+lenny1_all.deb
Size/MD5 checksum: 34508 c11ff6b4a1b288ed348918324485cc43
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/m/mlmmj/mlmmj_1.2.15-1.1+lenny1_alpha.deb
Size/MD5 checksum: 188630 17bbe79b5b0c5a3b17ef9239f5fc3c30
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/m/mlmmj/mlmmj_1.2.15-1.1+lenny1_amd64.deb
Size/MD5 checksum: 170808 aa14efc2c2ef5df5a40f4e6484f59d17
arm architecture (ARM)
http://security.debian.org/pool/updates/main/m/mlmmj/mlmmj_1.2.15-1.1+lenny1_arm.deb
Size/MD5 checksum: 150598 89ab40e66d784d31dd63920a2e08cc77
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/m/mlmmj/mlmmj_1.2.15-1.1+lenny1_armel.deb
Size/MD5 checksum: 147308 fb611e200ac1bbc923fc7c3919120bd6
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/m/mlmmj/mlmmj_1.2.15-1.1+lenny1_hppa.deb
Size/MD5 checksum: 170840 e9d3799fac5f0e739e5d0185484ab2b9
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/m/mlmmj/mlmmj_1.2.15-1.1+lenny1_i386.deb
Size/MD5 checksum: 155770 06fe77aa846e3e274736fe8ad463089d
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/m/mlmmj/mlmmj_1.2.15-1.1+lenny1_ia64.deb
Size/MD5 checksum: 230230 ba7dc0277dc1cbcb16977089eed50871
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/m/mlmmj/mlmmj_1.2.15-1.1+lenny1_mips.deb
Size/MD5 checksum: 172190 bf2717f8d066410149ce09cbf2e20112
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/m/mlmmj/mlmmj_1.2.15-1.1+lenny1_mipsel.deb
Size/MD5 checksum: 169064 089d638146a56e12db415bc0d3ee499d
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/m/mlmmj/mlmmj_1.2.15-1.1+lenny1_powerpc.deb
Size/MD5 checksum: 165234 b6f97aca0deadf53e487b86480162e11
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/m/mlmmj/mlmmj_1.2.15-1.1+lenny1_s390.deb
Size/MD5 checksum: 156462 c0b2f321cb32e51d0c9a7d565f9d0549
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/m/mlmmj/mlmmj_1.2.15-1.1+lenny1_sparc.deb
Size/MD5 checksum: 155724 da07375aafb78c34e37817551deef50b
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQEcBAEBAgAGBQJMRfknAAoJEOxfUAG2iX57U9sIAKLFUwjCKUB6qxpXpH75ptxa
hurbJhzUPKhhM4thfQ++Z6xFhip1Qju0QekTC8cqjPdjs7C4mY1dNcll55ERyo1j
WnPzLX9iI/8LmbXQO16Sr1VJrE3e/f0og8w7+k4sLG2a2cBq+3ln8UjA5SmZqNmi
ZvCITNaJSZ/lGavChLJ6xY1k0IHZ+nG+HlJMJHGOYClDUXKxaooEfUYG3UEIDfLo
1yy1ZTRpwzbU4X9OdyNdsQQ1gLuquCoMav591bZZ55f5qEcOKKctu6mXhJVGujfI
bB/XTpYjdaNgseUQxpkj0v6ImYWXDUadWeuuaPFT/yYaIzCxAIaEhdB3QP7u2zM=
=aUaz
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------
Debian Security Advisory DSA-2074-1 security@debian.org
http://www.debian.org/security/ Giuseppe Iuculano
July 21, 2010 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : ncompress
Vulnerability : integer underflow
Problem type : local
Debian-specific: no
CVE Id : CVE-2010-0001
Aki Helin discovered an integer underflow in ncompress, the original
Lempel-Ziv compress/uncompress programs.
This could lead to the execution of arbitrary code when trying to decompress
a crafted LZW compressed gzip archive.
For the stable distribution (lenny), this problem has been fixed in
version 4.2.4.2-1+lenny1.
For the testing (squeeze) and unstable (sid) distribution, this
problem has been fixed in version 4.2.4.3-1.
We recommend that you upgrade your ncompress package.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Debian (stable)
- ---------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/n/ncompress/ncompress_4.2.4.2-1+lenny1.dsc
Size/MD5 checksum: 1001 540971822f1077df924611a0795d708c
http://security.debian.org/pool/updates/main/n/ncompress/ncompress_4.2.4.2-1+lenny1.diff.gz
Size/MD5 checksum: 7958 9e1082cc4b82240e9cd76b09f93adebb
http://security.debian.org/pool/updates/main/n/ncompress/ncompress_4.2.4.2.orig.tar.gz
Size/MD5 checksum: 32978 53421df78cc9ff311ce0392e3a729920
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/n/ncompress/ncompress_4.2.4.2-1+lenny1_alpha.deb
Size/MD5 checksum: 25032 97104b799ed18dda40a495af691097e7
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/n/ncompress/ncompress_4.2.4.2-1+lenny1_amd64.deb
Size/MD5 checksum: 24058 ff6531d0a69fd6cffaeb66ef05bc5d53
arm architecture (ARM)
http://security.debian.org/pool/updates/main/n/ncompress/ncompress_4.2.4.2-1+lenny1_arm.deb
Size/MD5 checksum: 23852 7157e843f9066f7d20e07a83cba0b2e1
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/n/ncompress/ncompress_4.2.4.2-1+lenny1_armel.deb
Size/MD5 checksum: 23740 d4323cbb9d5938850b71514f1edd5ca0
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/n/ncompress/ncompress_4.2.4.2-1+lenny1_hppa.deb
Size/MD5 checksum: 25466 b276a1839ad20d5dc675a119c76e66e5
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/n/ncompress/ncompress_4.2.4.2-1+lenny1_i386.deb
Size/MD5 checksum: 23076 a53008254138090e760ec7a51d551bee
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/n/ncompress/ncompress_4.2.4.2-1+lenny1_ia64.deb
Size/MD5 checksum: 28200 a2736fb1efd14e676ac6a2cb1ec3da46
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/n/ncompress/ncompress_4.2.4.2-1+lenny1_mips.deb
Size/MD5 checksum: 24106 0b3cf882744400648ddefa54111ae540
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/n/ncompress/ncompress_4.2.4.2-1+lenny1_mipsel.deb
Size/MD5 checksum: 24204 8c85696714487268c4bf0adb0a9d31b9
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/n/ncompress/ncompress_4.2.4.2-1+lenny1_powerpc.deb
Size/MD5 checksum: 24476 98db6645c581ccd5cf35a8ca0ea28966
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/n/ncompress/ncompress_4.2.4.2-1+lenny1_s390.deb
Size/MD5 checksum: 23944 9e40760b9cfbe73ceb6180da37175892
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/n/ncompress/ncompress_4.2.4.2-1+lenny1_sparc.deb
Size/MD5 checksum: 23860 a422335c694163587222691d9fa728ac
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkxGr/YACgkQNxpp46476apbdACeJxe0qn+JeHDCWlx7qLF9azyU
VUQAn00FoHm9er7S+BT1khhBFGpLLwQR
=lXiM
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------
Debian Security Advisory DSA-2075-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
July 27, 2010 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : xulrunner
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2010-0182 CVE-2010-0654 CVE-2010-1205 CVE-2010-1208 CVE-2010-1211 CVE-2010-1214 CVE-2010-2751 CVE-2010-2753 CVE-2010-2754
Several remote vulnerabilities have been discovered in Xulrunner, a
runtime environment for XUL applications. The Common Vulnerabilities
and Exposures project identifies the following problems:
CVE-2010-0182
Wladimir Palant discovered that security checks in XML processing
were insufficiently enforced.
CVE-2010-0654
Chris Evans discovered that insecure CSS handling could lead to
reading data across domain boundaries.
CVE-2010-1205
Aki Helin discovered a buffer overflow in the internal copy of
libpng, which could lead to the execution of arbitrary code.
CVE-2010-1208
"regenrecht" discovered that incorrect memory handling in DOM
parsing could lead to the execution of arbitrary code.
CVE-2010-1211
Jesse Ruderman, Ehsan Akhgari, Mats Palmgren, Igor Bukanov, Gary
Kwong, Tobias Markus and Daniel Holbert discovered crashes in the
layout engine, which might allow the execution of arbitrary code.
CVE-2010-1214
"JS3" discovered an integer overflow in the plugin code, which
could lead to the execution of arbitrary code.
CVE-2010-2751
Jordi Chancel discovered that the location could be spoofed to
appear like a secured page.
CVE-2010-2753
"regenrecht" discovered that incorrect memory handling in XUL
parsing could lead to the execution of arbitrary code.
CVE-2010-2754
Soroush Dalili discovered an information leak in script processing.
For the stable distribution (lenny), these problems have been fixed in
version 1.9.0.19-3.
For the unstable distribution (sid), these problems have been fixed in
version 1.9.1.11-1.
For the experimental distribution, these problems have been fixed in
version 1.9.2.7-1.
We recommend that you upgrade your xulrunner packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19-3.diff.gz
Size/MD5 checksum: 149955 e6ec4540373a8dfbea5c1e63f5b628b2
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19-3.dsc
Size/MD5 checksum: 1755 59f9033377f2450ad114d9ee4367f9c7
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19.orig.tar.gz
Size/MD5 checksum: 44174623 83667df1e46399960593fdd8832e958e
Architecture independent packages:
http://security.debian.org/pool/updates/main/x/xulrunner/libmozillainterfaces-java_1.9.0.19-3_all.deb
Size/MD5 checksum: 1466246 a3b5c8b34df7e2077a5e3c5c0d911b85
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_alpha.deb
Size/MD5 checksum: 165496 ad7c134eeadc1a2aa751c289052d32f1
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_alpha.deb
Size/MD5 checksum: 433152 57f7a88c05eece5c0ea17517646267bb
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_alpha.deb
Size/MD5 checksum: 72550 b581302383396b57f7e07aa4564245b3
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_alpha.deb
Size/MD5 checksum: 51155444 37595efd28303ec3a88d294b58c1e7aa
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_alpha.deb
Size/MD5 checksum: 9487312 452f2c3b26bb249711720ade76e77c3f
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_alpha.deb
Size/MD5 checksum: 223422 9ce6e6f35412321405c27618a3550763
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_alpha.deb
Size/MD5 checksum: 113478 f4946488381af317acb3bd27da3e372e
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_alpha.deb
Size/MD5 checksum: 940250 abb2d020d4cce2e5547d17dd94323cee
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_alpha.deb
Size/MD5 checksum: 3357434 a26b339fee481f1ae5494ee0983e3e75
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_amd64.deb
Size/MD5 checksum: 50381710 4e6df9133e326ca7fe1d91adab87609b
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_amd64.deb
Size/MD5 checksum: 3291324 01a75923a6b796c2e1f3c02e4584072f
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_amd64.deb
Size/MD5 checksum: 152266 0a9e05d5e36920cf9cb6c9e39357679b
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_amd64.deb
Size/MD5 checksum: 7735106 eedecb0183cd911bf7416be5f61cf88e
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_amd64.deb
Size/MD5 checksum: 374604 7a71d4ce527727f43225fc1cdc6b3915
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_amd64.deb
Size/MD5 checksum: 70226 f8860e988f030333c59f893582e17da0
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_amd64.deb
Size/MD5 checksum: 890738 0db2e5b458ae1495dce575688a27ef2a
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_amd64.deb
Size/MD5 checksum: 223326 1d128ae917c5dab4e977ffb018cb704c
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_amd64.deb
Size/MD5 checksum: 101830 2bb9a62d6454d0b7ef6da98cc07b4013
arm architecture (ARM)
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_arm.deb
Size/MD5 checksum: 140950 d9044d5f823661f4a1ef11c47971d6e2
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_arm.deb
Size/MD5 checksum: 3584768 6ff8221347684a334d6f358d2c8f2dcc
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_arm.deb
Size/MD5 checksum: 6802070 e489c87976c243d040f568a8e04a7466
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_arm.deb
Size/MD5 checksum: 351056 dd61fc5b425e296ef00120b4cfbc5604
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_arm.deb
Size/MD5 checksum: 68552 819703fc0550ee6473572ea3655ab1f5
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_arm.deb
Size/MD5 checksum: 84224 f3915220a86a6a31e48b845d2af7f249
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_arm.deb
Size/MD5 checksum: 222376 cb0563f3e5220ceb6f42b8e6471eb883
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_arm.deb
Size/MD5 checksum: 49349776 4037a4ab7eeb964c24c95fbb905edbe6
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_arm.deb
Size/MD5 checksum: 815334 c055e242c82b7643c67712602e4f3215
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_armel.deb
Size/MD5 checksum: 822978 f8609edb961b6c71732c17575393644a
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_armel.deb
Size/MD5 checksum: 6962470 fc143ac75279405ef99a3e045439adeb
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_armel.deb
Size/MD5 checksum: 3583846 db81fc2e4c8a30fbaf0b176f6d7e77a5
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_armel.deb
Size/MD5 checksum: 142446 016a6aa2efa9e49788c97bc925d90bbb
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_armel.deb
Size/MD5 checksum: 353294 65f40d8a434c6b430685ef1a54246888
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_armel.deb
Size/MD5 checksum: 50182030 97009b62c3d65b5e715f363d7a5a2e0c
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_armel.deb
Size/MD5 checksum: 223380 30fd707dea85e43894c84036115920a3
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_armel.deb
Size/MD5 checksum: 70694 e5892c32e9850d86138ebf15ad317b63
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_armel.deb
Size/MD5 checksum: 84758 a94402fed374f82a1ffeb338cb2a4cbb
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_hppa.deb
Size/MD5 checksum: 223614 ea284c98cc97b10b879d6174b81cb486
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_hppa.deb
Size/MD5 checksum: 899460 290c89b8835d773b8fd240f5610dc63c
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_hppa.deb
Size/MD5 checksum: 72280 1d32724f444212696e28d15dc22386af
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_hppa.deb
Size/MD5 checksum: 413386 e78a2aabb581f3f7f8da9cb531d6a883
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_hppa.deb
Size/MD5 checksum: 158762 89855347fdf8833df8fd643cfd6a2f10
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_hppa.deb
Size/MD5 checksum: 51267722 b51b03ef591a26a4bb72fb0c58e610c0
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_hppa.deb
Size/MD5 checksum: 3632562 2d9a207f01319a7bd8f3eb72b3762c77
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_hppa.deb
Size/MD5 checksum: 9523510 0f38b76b0074881d4b12823eedc40846
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_hppa.deb
Size/MD5 checksum: 106998 32d701f55bd4cc6e0f7160c3b5db43aa
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_i386.deb
Size/MD5 checksum: 49553140 cd9fb750075df895e2ad46a8fe4c8bdf
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_i386.deb
Size/MD5 checksum: 852228 f04ee6f2c26e9bda77477d64a13f3c53
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_i386.deb
Size/MD5 checksum: 79554 e69019a20fc3e8750faf73961cae8a38
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_i386.deb
Size/MD5 checksum: 224454 c7e441828615fa66d9907b6407a2b1ad
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_i386.deb
Size/MD5 checksum: 351828 85e4711445491850841c2f05102f2bd2
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_i386.deb
Size/MD5 checksum: 6609818 b99e5d5f75686adcea1c3570fb82ead5
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_i386.deb
Size/MD5 checksum: 3573826 2869c274453928b8b110d8aee7dcba96
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_i386.deb
Size/MD5 checksum: 142966 847a37421b7980378c81c5e818c2df3d
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_i386.deb
Size/MD5 checksum: 68968 1eee7343caee6a8a23a141bf6b653fa4
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_ia64.deb
Size/MD5 checksum: 224078 a9dc6949ac6ef39884d1cb58929e20fc
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_ia64.deb
Size/MD5 checksum: 3693822 602f37b927bc425803730a66d17e8bec
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_ia64.deb
Size/MD5 checksum: 542370 6015bef0d96154f73c32b2031c8bbf70
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_ia64.deb
Size/MD5 checksum: 77166 1a94ec379b6e210cf35c1116939fc5f7
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_ia64.deb
Size/MD5 checksum: 813100 d0cdc640bf4a68973942cf563b7f7d7b
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_ia64.deb
Size/MD5 checksum: 181192 54ef9505c0b0a0b62539dc3d983a8f83
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_ia64.deb
Size/MD5 checksum: 11340432 b833d183a5337231c512aba60e733213
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_ia64.deb
Size/MD5 checksum: 49734538 21b8086eb33e228f4a3800307a721558
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_ia64.deb
Size/MD5 checksum: 121688 1e8f51c8c5d1097d5c0e4b8fd6743ec7
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_mips.deb
Size/MD5 checksum: 3611102 8f2980b314f14ff7cf1c244ed11ee638
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_mips.deb
Size/MD5 checksum: 145574 f38aa4d16323e517d075d1de833a7a35
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_mips.deb
Size/MD5 checksum: 380888 73bf50fdf8fd49a2251f3c13db9e0a2c
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_mips.deb
Size/MD5 checksum: 7677088 d034f72357eb3276850bea226dfc3489
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_mips.deb
Size/MD5 checksum: 96932 9c55e0f731b1a507e77abb54ea7c2b08
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_mips.deb
Size/MD5 checksum: 223126 cc6d3e47d51d4a15cd05ef6af47560c2
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_mips.deb
Size/MD5 checksum: 51902590 b9cafda15eba1ae28b5b054bd82e9d62
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_mips.deb
Size/MD5 checksum: 919306 764f458b99647036fbdb1b36768e9b99
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_mips.deb
Size/MD5 checksum: 70412 c674d096e73e7f353733e502bbc9cd05
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_mipsel.deb
Size/MD5 checksum: 378984 c66e5ff8815e2386755ece9c9a34b820
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_mipsel.deb
Size/MD5 checksum: 50034074 88479753fa54a417df183b78d0bb6ed1
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_mipsel.deb
Size/MD5 checksum: 145324 a801aeefc7fbf555ab407eaeb4c35295
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_mipsel.deb
Size/MD5 checksum: 70170 3145be02d89d6e205de5d89b269b9d8d
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_mipsel.deb
Size/MD5 checksum: 3311114 4dac1eff7f53b49976d984606e76afe6
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_mipsel.deb
Size/MD5 checksum: 900836 6727b545324904a39f31261db59f516b
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_mipsel.deb
Size/MD5 checksum: 97046 2953be8b2d4df3994abd68d6f95de215
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_mipsel.deb
Size/MD5 checksum: 7384772 6666f68f98fa2cc81d9e3106c958360b
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_mipsel.deb
Size/MD5 checksum: 223416 a3ad25d92dc8f8e09352bc1fbce07989
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_powerpc.deb
Size/MD5 checksum: 95068 18f76fe7d470194c6320df8b42e7b09b
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_powerpc.deb
Size/MD5 checksum: 888120 b426372622e1ac0164db3f25589a5447
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_powerpc.deb
Size/MD5 checksum: 152544 e3b9205b45b66a3fcf4937c44897a7d8
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_powerpc.deb
Size/MD5 checksum: 3285670 a63c4ce33c3f482584b32cfe50488700
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_powerpc.deb
Size/MD5 checksum: 7287440 f9d042196ccedd4dfb4da6d3e45ca2b1
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_powerpc.deb
Size/MD5 checksum: 51458688 a669258d296192b6bd48b68006f9b618
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_powerpc.deb
Size/MD5 checksum: 223412 b900b19a182c059590bfcdb9495851ef
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_powerpc.deb
Size/MD5 checksum: 73306 94fdad8b176e63c0c791d19a026ce4b0
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_powerpc.deb
Size/MD5 checksum: 362778 79f1ea4633cf0147da60871533750312
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_s390.deb
Size/MD5 checksum: 156410 6e986f5714d7052295a32253daea02a9
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_s390.deb
Size/MD5 checksum: 73182 f3b9b343586f554ac37e5c7c8970a28a
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_s390.deb
Size/MD5 checksum: 407006 5919961e64253609b9eacc6a31a19b87
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_s390.deb
Size/MD5 checksum: 8401766 a23f6d0b7ac0b83997635feff3977ac2
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_s390.deb
Size/MD5 checksum: 223402 f08c12d85314436f6331b75e2e18b1c7
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_s390.deb
Size/MD5 checksum: 909824 8c8c3aa62be4c19e97351562dcbe1694
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_s390.deb
Size/MD5 checksum: 3308768 50226e505e97362404ffbe3e770775fe
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_s390.deb
Size/MD5 checksum: 105828 1e5fc5d7be3c5ab803dd71e8391c06bb
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_s390.deb
Size/MD5 checksum: 51242096 ebae3e5b1eb3fd2d9470cbe117b8ced9
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_sparc.deb
Size/MD5 checksum: 49406432 caf251c788fe4f76679f600bd1d7b1c0
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_sparc.deb
Size/MD5 checksum: 70192 33434a3b887ac076d88c0a4e425b3c29
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_sparc.deb
Size/MD5 checksum: 144136 359a3cac1ee340f79eb9a53ac65f62ed
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_sparc.deb
Size/MD5 checksum: 7181582 4b0f8aaf9a51e7c76073afbb7ea33c6e
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_sparc.deb
Size/MD5 checksum: 3583844 11cb9b988b9eac3564f11ed310a8d77e
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_sparc.deb
Size/MD5 checksum: 84544 0646f157f384a6a1ffcc3052035d1789
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_sparc.deb
Size/MD5 checksum: 350470 1c643effc57e45c6afc964f2284cda7e
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_sparc.deb
Size/MD5 checksum: 223260 77281a13fcc78aacd93cf479621ccf74
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_sparc.deb
Size/MD5 checksum: 821854 32eba751571daa1dcd4db30e7a3b7b2c
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkxPN5cACgkQXm3vHE4uylq8sgCaA9nZu+PmOVHCB1fjggWp7M+b
taQAoMeedetXwpjivc8hMuRU+bW69OWI
=9uah
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------
Debian Security Advisory DSA-2076-1 security@debian.org
http://www.debian.org/security/ Florian Weimer
July 27, 2010 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : gnupg2
Vulnerability : use-after-free
Problem type : local (remote)
Debian-specific: no
CVE Id(s) : CVE-2010-2547
Debian Bug : 590122
It was discovered that GnuPG 2 uses a freed pointer when verify a
signature or importing a certificate with many Subject Alternate Names,
potentially leading to arbitrary code execution.
For the stable distribution (lenny), this problem has been fixed in
version 2.0.9-3.1+lenny1.
For the unstable distribution (sid), this problem has been fixed in
version 2.0.14-2.
GnuPG 1 (in the gnupg package) is not affected by this problem.
We recommend that you upgrade your gnupg2 packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_2.0.9-3.1+lenny1.dsc
Size/MD5 checksum: 1682 405e9811b153ad4251835255e79e50e7
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_2.0.9-3.1+lenny1.diff.gz
Size/MD5 checksum: 40250 48d30d7a03a411929020196f4707e366
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_2.0.9.orig.tar.gz
Size/MD5 checksum: 5198703 3b6b1742509f396d51528e0cd4c76a13
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_2.0.9-3.1+lenny1_alpha.deb
Size/MD5 checksum: 506092 20ddf3657383e5a1c128d7a6bbdb0e74
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_2.0.9-3.1+lenny1_alpha.deb
Size/MD5 checksum: 345320 b1f3ca05b21ef10e8d57ebcee43a1a04
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_2.0.9-3.1+lenny1_alpha.deb
Size/MD5 checksum: 2257726 2fd9ac262c0222a567c6ec26acd9b848
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_2.0.9-3.1+lenny1_amd64.deb
Size/MD5 checksum: 2169660 1228c3ab918511ead561ec5331fbfae8
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_2.0.9-3.1+lenny1_amd64.deb
Size/MD5 checksum: 316116 593be53060752c8873c7ffc4ce26ad92
http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_2.0.9-3.1+lenny1_amd64.deb
Size/MD5 checksum: 462744 f864f696b260080dbee107eff516717b
arm architecture (ARM)
http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_2.0.9-3.1+lenny1_arm.deb
Size/MD5 checksum: 409934 a67874ca01827d29630dc16974b0c934
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_2.0.9-3.1+lenny1_arm.deb
Size/MD5 checksum: 279084 6c2417d8ff637d6ddbfbca69ce5a9332
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_2.0.9-3.1+lenny1_arm.deb
Size/MD5 checksum: 2083314 a8ee45ea904529b71e990f4d98d6fb05
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_2.0.9-3.1+lenny1_armel.deb
Size/MD5 checksum: 413846 d9773981d0b7a17842caf953625af0eb
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_2.0.9-3.1+lenny1_armel.deb
Size/MD5 checksum: 2092526 aae6bba65caad81c1aa62cf2315d847a
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_2.0.9-3.1+lenny1_armel.deb
Size/MD5 checksum: 281204 d3e5b416ca794e665bc107fd2e3981d0
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_2.0.9-3.1+lenny1_hppa.deb
Size/MD5 checksum: 322572 461a593f1fc8f937072b8a6436c6c375
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_2.0.9-3.1+lenny1_hppa.deb
Size/MD5 checksum: 2189366 ef71be75e3cc74735f9df4e8a9f4185c
http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_2.0.9-3.1+lenny1_hppa.deb
Size/MD5 checksum: 467836 2db47e0e38ea653db55cb3a7e67c221f
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_2.0.9-3.1+lenny1_i386.deb
Size/MD5 checksum: 421382 9214c8c956347f5535f8284743ab4a56
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_2.0.9-3.1+lenny1_i386.deb
Size/MD5 checksum: 2111258 216b70c4252703d2b339e83f49fa48b9
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_2.0.9-3.1+lenny1_i386.deb
Size/MD5 checksum: 285638 90d912dabbeb8959e524ac3fe51b62af
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_2.0.9-3.1+lenny1_ia64.deb
Size/MD5 checksum: 2545468 e32e42f67b85850c16b1d9467f83609e
http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_2.0.9-3.1+lenny1_ia64.deb
Size/MD5 checksum: 660374 c3d4f14c6f4a6dfe1a60baf549ff367a
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_2.0.9-3.1+lenny1_ia64.deb
Size/MD5 checksum: 444926 3cfeb45a841e64267e391a9f59bb8c68
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_2.0.9-3.1+lenny1_mips.deb
Size/MD5 checksum: 310928 a937b6b9643afcdc27a49877ab8ce03f
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_2.0.9-3.1+lenny1_mips.deb
Size/MD5 checksum: 2170292 4ecbf964d264bf5a81fc5cc1f8d4e7e1
http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_2.0.9-3.1+lenny1_mips.deb
Size/MD5 checksum: 452494 f4aa041b82ce04f44ea3d48e7c9eea90
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_2.0.9-3.1+lenny1_mipsel.deb
Size/MD5 checksum: 2156394 86a2f0a81e5c1307a79467c697994b10
http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_2.0.9-3.1+lenny1_mipsel.deb
Size/MD5 checksum: 452910 bc88ae07b4f773c2e045959bdcdb088e
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_2.0.9-3.1+lenny1_mipsel.deb
Size/MD5 checksum: 310454 54f0e518e34b13207c67d08d244841c3
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_2.0.9-3.1+lenny1_powerpc.deb
Size/MD5 checksum: 2181760 94eae71a050c44e50612467ee49cd0ff
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_2.0.9-3.1+lenny1_powerpc.deb
Size/MD5 checksum: 321404 5212acf39277399af97165d99e5943a4
http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_2.0.9-3.1+lenny1_powerpc.deb
Size/MD5 checksum: 461700 54253f7d1dc99469d6b4679eaabb1e9a
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_2.0.9-3.1+lenny1_s390.deb
Size/MD5 checksum: 322328 d0d83de5cacfa74ee3bc90a4de1f52b7
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_2.0.9-3.1+lenny1_s390.deb
Size/MD5 checksum: 2183640 c05ab771542dd76f00ba79e2e4a8a195
http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_2.0.9-3.1+lenny1_s390.deb
Size/MD5 checksum: 464600 3142165f77991f60305d555ae7a2845c
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_2.0.9-3.1+lenny1_sparc.deb
Size/MD5 checksum: 280932 fe9900d6e347c6e4aa307d0d4d52cee1
http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_2.0.9-3.1+lenny1_sparc.deb
Size/MD5 checksum: 2100032 0e3d68f24cb12da51f37e8166606595b
http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_2.0.9-3.1+lenny1_sparc.deb
Size/MD5 checksum: 412538 6f3332ffd017f2787c6427a9700a2928
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iQEcBAEBAgAGBQJMTz3KAAoJEL97/wQC1SS+s0cIAJh+sB14g8wNL4W5JyNL7qf/
/NgruhXIiDC9SfSnLVDCRsEsldiz1zwWfYswJm7gypXdNaIN8Axeowdvwynx+4YP
RzB09x/2+6tfozM9eedGkRAloVAVicdePig+/QoPBBvu89+GyFwp+lcGE6s71pDu
cDw5ayAUJQyMeglFVNJ74Fo4NKXo1pQf4QRvlQtLgxQm14gmUFlpzquDeuXQ67+c
rPXECc7z3o5rjlRIQFG+t0fg0zSaJeWDvE7mcbA9MOp4M3CSRT3BjGYdmPRKqAcY
JrGvwss1DG0QXTNq0FYla2qudWKQCz5BgykzZQ+GZB72pEU/bIvb+OLdeKQfoKk=
=eYGC
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------
Debian Security Advisory DSA-2077-1 security@debian.org
http://www.debian.org/security/ Florian Weimer
July 29, 2010 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : openldap
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2010-0211 CVE-2010-0212
Two remote vulnerabilities have been discovered in OpenLDAP. The
Common Vulnerabilities and Exposures project identifies the following
problems:
CVE-2010-0211
The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does
not check the return value of a call to the smr_normalize
function, which allows remote attackers to cause a denial of
service (segmentation fault) and possibly execute arbitrary code
via a modrdn call with an RDN string containing invalid UTF-8
sequences.
CVE-2010-0212
OpenLDAP 2.4.22 allows remote attackers to cause a denial of
service (crash) via a modrdn call with a zero-length RDN
destination string.
For the stable distribution (lenny), this problem has been fixed in
version 2.4.11-1+lenny2. (The missing update for the mips
architecture will be provided soon.)
For the unstable distribution (sid), this problem has been fixed in
version 2.4.23-1.
We recommend that you upgrade your openldap packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/o/openldap/openldap_2.4.11-1+lenny2.dsc
Size/MD5 checksum: 1831 afe836285d70b3d51b50d06658b7cc22
http://security.debian.org/pool/updates/main/o/openldap/openldap_2.4.11.orig.tar.gz
Size/MD5 checksum: 4193523 d4e8669e2c9b8d981e371e97e3cf92d9
http://security.debian.org/pool/updates/main/o/openldap/openldap_2.4.11-1+lenny2.diff.gz
Size/MD5 checksum: 149276 e9668ba9648e3e1f306a97c6cc77d5a3
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny2_alpha.deb
Size/MD5 checksum: 1018392 d18b30dd684b7582ba3f5fda7c0ec52d
http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny2_alpha.deb
Size/MD5 checksum: 284794 3d3094d356fa97396dd53701ff8177c1
http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny2_alpha.deb
Size/MD5 checksum: 3625184 8c651f17c240c4222c26783e1333d7b4
http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny2_alpha.deb
Size/MD5 checksum: 281172 d91f060a2e0e9b3f7651913228e33a45
http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny2_alpha.deb
Size/MD5 checksum: 206338 7a268eec31460d56dfa4e51000a0f20e
http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny2_alpha.deb
Size/MD5 checksum: 1534546 70ae45ec33481afbf305544bf9d70cb0
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny2_amd64.deb
Size/MD5 checksum: 205426 c7fecb2287a970a5b06e1dd053413cf6
http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny2_amd64.deb
Size/MD5 checksum: 3665336 a25a01da15aed085d7476043a69c9f43
http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny2_amd64.deb
Size/MD5 checksum: 266508 be5e6b39fb89340139dbde19f09a6777
http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny2_amd64.deb
Size/MD5 checksum: 972300 a73c35b4c7f48427a8fd5fe971c1aac4
http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny2_amd64.deb
Size/MD5 checksum: 299624 b132ed70255863a64e1eb94a5700dbf0
http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny2_amd64.deb
Size/MD5 checksum: 1509162 0e9758a242eb928e9c5287d2801f280b
arm architecture (ARM)
http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny2_arm.deb
Size/MD5 checksum: 1413404 2ff76be2a9be2109b995d2fbb89ba776
http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny2_arm.deb
Size/MD5 checksum: 248960 042b8f1642b8ea512ba4abdf8a60d2b3
http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny2_arm.deb
Size/MD5 checksum: 3576526 6c38ec7d7a9e3a35e043cdb4276b837c
http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny2_arm.deb
Size/MD5 checksum: 869398 5f75a2717d71579905ba1058d530ede0
http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny2_arm.deb
Size/MD5 checksum: 179976 b69cc3f9fd1f4f09eb015e28b60d3b3a
http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny2_arm.deb
Size/MD5 checksum: 279998 0534bb7fb3fc4eaf311bf846dfb3c800
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny2_armel.deb
Size/MD5 checksum: 244982 09dc4f6dc96aab40b399b52cdd440f49
http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny2_armel.deb
Size/MD5 checksum: 281290 ed72c73b8018e02b579af7fc8652ad5a
http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny2_armel.deb
Size/MD5 checksum: 179660 3ca1f0b69016395df01441d2be719acb
http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny2_armel.deb
Size/MD5 checksum: 863030 4382d905de1db012e3197c1b4cbd53f9
http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny2_armel.deb
Size/MD5 checksum: 3583978 00372759861243bb13585f34bf93be4b
http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny2_armel.deb
Size/MD5 checksum: 1407120 b0fa8a6ea8d9b2305967c1f6486fa901
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny2_hppa.deb
Size/MD5 checksum: 998740 a675f6577888e4518b38fe32ed9c0954
http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny2_hppa.deb
Size/MD5 checksum: 1532150 1eaf00efdb3f58b494466c6af919d27b
http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny2_hppa.deb
Size/MD5 checksum: 264082 b88df4740a44865d431b292f0e029475
http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny2_hppa.deb
Size/MD5 checksum: 284888 7ce39229438af13c8220edece4e9c856
http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny2_hppa.deb
Size/MD5 checksum: 3621796 d4307c86696c24a200ac12a310885289
http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny2_hppa.deb
Size/MD5 checksum: 201312 e826b1ca00ff0f50fb9472d5f28551f6
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny2_i386.deb
Size/MD5 checksum: 3562530 a1866b654c74dadd577d7a8322285553
http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny2_i386.deb
Size/MD5 checksum: 189038 039bf2208067cb5899a6c9ae6364a74d
http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny2_i386.deb
Size/MD5 checksum: 286894 0acddd599377272201cd6788a0f19bdc
http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny2_i386.deb
Size/MD5 checksum: 244480 d2ca1f47200257729bfde83e67526527
http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny2_i386.deb
Size/MD5 checksum: 1397792 3740fe46b91fa94690c5cb081b286041
http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny2_i386.deb
Size/MD5 checksum: 870436 f92b3b1928099d93ae35a98e9a75ac65
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny2_ia64.deb
Size/MD5 checksum: 1038332 2a23da950b3354b1027cb991ba2e9bd1
http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny2_ia64.deb
Size/MD5 checksum: 2016204 54caa4d0966584b247bc4cffdac00d94
http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny2_ia64.deb
Size/MD5 checksum: 269460 89ba522a4c15ac0dacb6537edf468bb9
http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny2_ia64.deb
Size/MD5 checksum: 352176 383c904bee22aee1d94d238de24768e0
http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny2_ia64.deb
Size/MD5 checksum: 3590732 49ac7b30b339381b7d01f9d86ac7e54f
http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny2_ia64.deb
Size/MD5 checksum: 258836 36313ee33851fcc77c9a49bb340f30b2
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny2_mipsel.deb
Size/MD5 checksum: 3641930 05338b1bcd1ae4a5d921023ce12baa24
http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny2_mipsel.deb
Size/MD5 checksum: 1388338 045112a49ef59f53286e6ff8dcf56f1c
http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny2_mipsel.deb
Size/MD5 checksum: 181222 e2fc86fb9b0e1ca335aa92bdd9ee8088
http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny2_mipsel.deb
Size/MD5 checksum: 261520 f4317c50476ed380b91546a81753483f
http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny2_mipsel.deb
Size/MD5 checksum: 296334 5c106ddb8aab107366077d8bf6c013e4
http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny2_mipsel.deb
Size/MD5 checksum: 846022 87238f27ad1428d0ae2b2555cc5831c7
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny2_powerpc.deb
Size/MD5 checksum: 295538 7193f88b4fc784f1bc49e16db44bc451
http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny2_powerpc.deb
Size/MD5 checksum: 199352 7cdb792324d09442a7029f768300a830
http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny2_powerpc.deb
Size/MD5 checksum: 1558086 d65f456faf9ac835725a86c3a0c13122
http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny2_powerpc.deb
Size/MD5 checksum: 981510 805f717025ed2e56d241e98987173012
http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny2_powerpc.deb
Size/MD5 checksum: 3721030 85d95b637bcd3de3527cb11554f54d8e
http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny2_powerpc.deb
Size/MD5 checksum: 284672 d49b7a5067b6671933194b849f2f5419
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny2_s390.deb
Size/MD5 checksum: 1045564 a9c32d3b14f6969228def0dab1f7209c
http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny2_s390.deb
Size/MD5 checksum: 298596 07c975378ad71d9d83ba951f71dc4140
http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny2_s390.deb
Size/MD5 checksum: 266258 d6bfe59a7514b370eea5380d30e4d5b2
http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny2_s390.deb
Size/MD5 checksum: 3700520 c032e0d5e2a209597a7c40e3c6aedfb0
http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny2_s390.deb
Size/MD5 checksum: 1497898 6b20aec732079628189c126595676d80
http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny2_s390.deb
Size/MD5 checksum: 204656 ded26b56657fd5db7686c8163aa9ac11
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny2_sparc.deb
Size/MD5 checksum: 1394762 207402a46ff26af86197ea981ea25ab8
http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny2_sparc.deb
Size/MD5 checksum: 248828 013b1d3f070546d2524cbe4d49370810
http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny2_sparc.deb
Size/MD5 checksum: 182914 4e271359df09ba43102089da55778d9a
http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny2_sparc.deb
Size/MD5 checksum: 858646 e5e75c350ab491ad5a90413bc1de84df
http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny2_sparc.deb
Size/MD5 checksum: 261014 37c7cc86a4ae1e84ad9e42b8a302a9e8
http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny2_sparc.deb
Size/MD5 checksum: 3501616 2b2fc3cb381ccf9b10901e90999a7403
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iQEcBAEBAgAGBQJMUdPkAAoJEL97/wQC1SS+UJAH/0ZlUxtpP8xG+zJ/ykQ3qN//
JW0tZIvA+16PMwLbqJ6fb/DFOjxYyYeDaS680X4VaSZLO1SCFcCwnsDiJM7sKd6X
JbnzgaJcIUmK0qlLuB1oEYsWlqY1yYN5fetxhcZNfrXAhP+NbuACcs/X7Gu94uV4
hGioiG4j2dIe4hJS3JO4tMbigmzg4rlAW4PDRtWfAY5JVMzHP3wN+iOPBynWTgGR
Z1hZntJhZw/nRpfSFJBU2EhkMuhkd6aLHtZppwJj1h5Q2slkVt5/a1dyqpplXc0T
014EEKlxSB9kgVILF7gs5RTJrdOYRtV5VashW05QMBNhOL0/GtlnFJxVcZjz/aA=
=1+N0
-----END PGP SIGNATURE-----
--- End Message ---