"Gentoo Linux Security Advisory GLSA 200911-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: dstat: Untrusted search path
Date: November 25, 2009
Bugs: #293497
ID: 200911-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
An untrusted search path vulnerability in the dstat might result in the
execution of arbitrary code.
Background
==========
dstat is a versatile system resource monitor written in Python.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 sys-apps/dstat = 0.6.9-r1
Description
===========
Robert Buchholz of the Gentoo Security Team reported that dstat
includes the current working directory and subdirectories in the Python
module search path (sys.path) before calling "import".
Impact
======
A local attacker could entice a user to run "dstat" from a directory
containing a specially crafted Python module, resulting in the
execution of arbitrary code with the privileges of the user running the
application.
Workaround
==========
Do not run "dstat" from untrusted working directories.
Resolution
==========
All dstat users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=sys-apps/dstat-0.6.9-r1"
References
==========
[ 1 ] CVE-2009-3894
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3894
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200911-04.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2009 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
"
"Gentoo Linux Security Advisory GLSA 200911-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: PEAR Net_Traceroute: Command injection
Date: November 26, 2009
Bugs: #294264
ID: 200911-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
An input sanitation error in PEAR Net_Traceroute might allow remote
attackers to execute arbitrary commands.
Background
==========
PEAR Net_Traceroute is an OS independent wrapper class for executing
traceroute calls from PHP.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-php/PEAR-Net_Traceroute = 0.21.2
Description
===========
Pasquale Imperato reported that the $host parameter to the traceroute()
function in Traceroute.php is not properly sanitized before being
passed to exec().
Impact
======
A remote attacker could exploit this vulnerability when user input is
passed directly to PEAR Net_Traceroute in a PHP script, possibly
resulting in the remote execution of arbitrary shell commands with the
privileges of the user running the affected PHP script.
Workaround
==========
Ensure that all data that is passed to the traceroute() function is
properly shell escaped (for instance using the escapeshellcmd()
function).
Resolution
==========
All PEAR Net_Traceroute users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose
">=dev-php/PEAR-Net_Traceroute-0.21.2"
References
==========
[ 1 ] CVE-2009-4025
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4025
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200911-06.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2009 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
"
"-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------
Debian Security Advisory DSA-1939-1 security@debian.org
http://www.debian.org/security/ Giuseppe Iuculano
November 24, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : libvorbis
Vulnerability : several
Problem type : local(remote)
Debian-specific: no
Debian bug : 540958
CVE Ids : CVE-2009-2663 CVE-2009-3379
Lucas Adamski, Matthew Gregan, David Keeler, and Dan Kaminsky discovered
that libvorbis, a library for the Vorbis general-purpose compressed
audio codec, did not correctly handle certain malformed ogg files. An
attacher could cause a denial of service (memory corruption and
application crash) or possibly execute arbitrary code via a crafted .ogg
file.
For the oldstable distribution (etch), these problems have been fixed in
version 1.1.2.dfsg-1.4+etch1.
For the stable distribution (lenny), these problems have been fixed in
version 1.2.0.dfsg-3.1+lenny1.
For the testing distribution (squeeze) and the unstable distribution
(sid), these problems have been fixed in version 1.2.3-1
We recommend that you upgrade your libvorbis packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- -------------------------------
Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis_1.1.2.dfsg-1.4+etch1.diff.gz
Size/MD5 checksum: 17870 2e11d2c0176fd0a8e796e80667a681d8
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis_1.1.2.dfsg.orig.tar.gz
Size/MD5 checksum: 1312540 44cf09fef7f78e7c6ba7dd63b6137412
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis_1.1.2.dfsg-1.4+etch1.dsc
Size/MD5 checksum: 808 2a9e6b4dcd72e8bc8cf956404a1fb7ca
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.4+etch1_alpha.deb
Size/MD5 checksum: 94682 9c20663d4f36265241830b388d90a455
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.4+etch1_alpha.deb
Size/MD5 checksum: 19440 7caafa303b7fa32f0a6192d6b75b9874
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.4+etch1_alpha.deb
Size/MD5 checksum: 110988 8751f9d236abbacaf14c7f5e5a57a078
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.4+etch1_alpha.deb
Size/MD5 checksum: 495658 681d35e8b06a6d0d8c37f7c9fb5325c8
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.4+etch1_amd64.deb
Size/MD5 checksum: 93808 ee1c37e468df9f96aa86ecf11a9c3050
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.4+etch1_amd64.deb
Size/MD5 checksum: 18018 767aa39de969e302a62a8b1968aa8c39
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.4+etch1_amd64.deb
Size/MD5 checksum: 102012 91d4ff0b056c721041ec925adb956623
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.4+etch1_amd64.deb
Size/MD5 checksum: 463556 431c01bc7bc69936fdc4d4c1d32c12eb
arm architecture (ARM)
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.4+etch1_arm.deb
Size/MD5 checksum: 459034 52d059837ff4ec37205c65c952d10dfd
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.4+etch1_arm.deb
Size/MD5 checksum: 75992 33f262fdec3a52f4d6e5cebd3238f600
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.4+etch1_arm.deb
Size/MD5 checksum: 98776 7c24697b474af64e5a85625777d0bc8d
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.4+etch1_arm.deb
Size/MD5 checksum: 18776 c00e2fcb4e65aa26d8a9d2fda4a86c0c
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.4+etch1_hppa.deb
Size/MD5 checksum: 486808 97cee8dfb056da78638884749a4cd3bb
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.4+etch1_hppa.deb
Size/MD5 checksum: 22180 97e127da32402398f9d3d073917aaf30
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.4+etch1_hppa.deb
Size/MD5 checksum: 108614 9e7b5f226060f6d492aa5a37830e8382
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.4+etch1_hppa.deb
Size/MD5 checksum: 92586 d768d0011d425413b5513cc6077c90cc
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.4+etch1_i386.deb
Size/MD5 checksum: 19096 ddf590ab7c51f75015815e7500c73c02
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.4+etch1_i386.deb
Size/MD5 checksum: 98656 d84b4ff35636254f8b79c4a1817a9f1b
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.4+etch1_i386.deb
Size/MD5 checksum: 455630 419e92bd2278385d2332485bfb5ec1c4
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.4+etch1_i386.deb
Size/MD5 checksum: 75688 8162e49e13fdd5f4f90b5e04737aef5b
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.4+etch1_ia64.deb
Size/MD5 checksum: 24924 8d0212e706fc747d46a3975aecab7216
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.4+etch1_ia64.deb
Size/MD5 checksum: 136680 c1c52b4d20178d8f2cce5201965bdfd9
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.4+etch1_ia64.deb
Size/MD5 checksum: 510898 b6c1d63e991ad6ac200b84a2ef2c7778
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.4+etch1_ia64.deb
Size/MD5 checksum: 98322 3fabeea5ac4bccea511c9896e9348bd4
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.4+etch1_mips.deb
Size/MD5 checksum: 479806 3d49befd4f109864db338470ca55cfc7
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.4+etch1_mips.deb
Size/MD5 checksum: 81862 6d767ac118ce0a06283d21bb324769f4
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.4+etch1_mips.deb
Size/MD5 checksum: 105506 b11a6faac0f84f7a39cd0926de7663d4
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.4+etch1_mips.deb
Size/MD5 checksum: 21196 0d5bab8e1549e3de1800c81d3103cef5
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.4+etch1_mipsel.deb
Size/MD5 checksum: 21184 4217f461a2c1d30891835bae475a4821
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.4+etch1_mipsel.deb
Size/MD5 checksum: 105478 f3465e3a92fc170d74fbb0506e4680ad
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.4+etch1_mipsel.deb
Size/MD5 checksum: 469818 126dd26c5dcde5fe3d600e0d40a9ceba
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.4+etch1_mipsel.deb
Size/MD5 checksum: 77222 b9441d25e697dcc50d524f1877cfca5e
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.4+etch1_powerpc.deb
Size/MD5 checksum: 105636 a61d57534c62b311e960335f238c0470
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.4+etch1_powerpc.deb
Size/MD5 checksum: 21596 cf321ab0979c9515553214fdbb4e133e
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.4+etch1_powerpc.deb
Size/MD5 checksum: 481752 593995999d19a5d57c3478675e98c420
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.4+etch1_powerpc.deb
Size/MD5 checksum: 82404 fd07873df7789ab093013b1baaee0edc
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.4+etch1_s390.deb
Size/MD5 checksum: 90790 4408b9fbd5a4f7f942b65db63784e7a7
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.4+etch1_s390.deb
Size/MD5 checksum: 103024 f3ea14da7a63f1cfbc44dc1339c40262
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.4+etch1_s390.deb
Size/MD5 checksum: 453202 d0ba253a2d00eb5d250be7d0b99bb727
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.4+etch1_s390.deb
Size/MD5 checksum: 21148 104ecad6b00ae020821510a23cdfa8b7
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.4+etch1_sparc.deb
Size/MD5 checksum: 460314 dac04732917ced67c8a81f708db6cfd4
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.4+etch1_sparc.deb
Size/MD5 checksum: 98978 e83cbcf90ca35296f02f01d57b3e915e
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.4+etch1_sparc.deb
Size/MD5 checksum: 79810 12328b2d6338996b25aeac8877331400
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.4+etch1_sparc.deb
Size/MD5 checksum: 18084 46c1fef587328abad16f2fb4f47add8d
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis_1.2.0.dfsg-3.1+lenny1.diff.gz
Size/MD5 checksum: 10323 8a3c02bfdb7c2e6edc1a6ba952f4706e
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis_1.2.0.dfsg-3.1+lenny1.dsc
Size/MD5 checksum: 1280 0e4285bf0fc44a182f35b15b3bef92af
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis_1.2.0.dfsg.orig.tar.gz
Size/MD5 checksum: 1477935 3c7fff70c0989ab3c1c85366bf670818
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.2.0.dfsg-3.1+lenny1_alpha.deb
Size/MD5 checksum: 21514 54f57d2e85a0be5e1acad07ce954a168
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg-3.1+lenny1_alpha.deb
Size/MD5 checksum: 115208 f6dc710dafeffbec73e13170d9105829
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.2.0.dfsg-3.1+lenny1_alpha.deb
Size/MD5 checksum: 506716 140e414c05e73eab318a51f7d4aa2b8d
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.2.0.dfsg-3.1+lenny1_alpha.deb
Size/MD5 checksum: 96064 73db866b777df1909563190182640945
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.2.0.dfsg-3.1+lenny1_amd64.deb
Size/MD5 checksum: 478134 8ebe1257d8e115a5af1058f8a61d50bd
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.2.0.dfsg-3.1+lenny1_amd64.deb
Size/MD5 checksum: 20274 a89e0200bbd700c8ed5661493534f02b
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg-3.1+lenny1_amd64.deb
Size/MD5 checksum: 109190 f6ff320aee0bd6866e801206af4484f1
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.2.0.dfsg-3.1+lenny1_amd64.deb
Size/MD5 checksum: 95610 cea6849521bd398355ca1532577d331d
arm architecture (ARM)
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.2.0.dfsg-3.1+lenny1_arm.deb
Size/MD5 checksum: 20652 66ffe73d9861dcd3232dbd436f8dcc6b
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg-3.1+lenny1_arm.deb
Size/MD5 checksum: 102034 cd5000ef6cacd9233d085ae95ea23d2b
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.2.0.dfsg-3.1+lenny1_arm.deb
Size/MD5 checksum: 468072 30b862d2990829dcc6e981216367f969
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.2.0.dfsg-3.1+lenny1_arm.deb
Size/MD5 checksum: 78076 37db0e079e0d0fd143ef3ec24346d007
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.2.0.dfsg-3.1+lenny1_armel.deb
Size/MD5 checksum: 81476 5ab9275754100c446347e657240e875f
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg-3.1+lenny1_armel.deb
Size/MD5 checksum: 111004 823aec12ac3297a641b2dea659618a1a
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.2.0.dfsg-3.1+lenny1_armel.deb
Size/MD5 checksum: 23996 753c36a998841c8f8aefa4d934d5823b
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.2.0.dfsg-3.1+lenny1_armel.deb
Size/MD5 checksum: 480568 2d544a79b74d22a2e680b521236ac4e7
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.2.0.dfsg-3.1+lenny1_hppa.deb
Size/MD5 checksum: 24294 f2ef7f0f4a071a61756b244a1c2f8fdd
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.2.0.dfsg-3.1+lenny1_hppa.deb
Size/MD5 checksum: 498788 cc869f79c972f23a0d0a4fba7257f67b
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg-3.1+lenny1_hppa.deb
Size/MD5 checksum: 114236 161bd0d31cdc44d0dce14f68af75d2bf
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.2.0.dfsg-3.1+lenny1_hppa.deb
Size/MD5 checksum: 93650 2120a920860dbf8b027ab3d0f53e35c3
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg-3.1+lenny1_i386.deb
Size/MD5 checksum: 101822 b35241103ae3b649b37082c75bb6c349
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.2.0.dfsg-3.1+lenny1_i386.deb
Size/MD5 checksum: 77266 e6272466696d9b1307c446495933904a
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.2.0.dfsg-3.1+lenny1_i386.deb
Size/MD5 checksum: 21228 5c64197678bc8102cac8d5e24ebf30f4
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.2.0.dfsg-3.1+lenny1_i386.deb
Size/MD5 checksum: 465548 3b5e01cb7ed617ceef7cfac672c42061
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.2.0.dfsg-3.1+lenny1_ia64.deb
Size/MD5 checksum: 27076 b10ab2d103d2c360fe8d865592170fed
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg-3.1+lenny1_ia64.deb
Size/MD5 checksum: 145298 1a48bdf218f2ad34e214edbdb74d3017
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.2.0.dfsg-3.1+lenny1_ia64.deb
Size/MD5 checksum: 100386 815eea5cd2cdd1f5c880d027e9d0d047
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.2.0.dfsg-3.1+lenny1_ia64.deb
Size/MD5 checksum: 529794 243a7c8dc4d8005141b722709e00fefd
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.2.0.dfsg-3.1+lenny1_mips.deb
Size/MD5 checksum: 23034 862ec33f1cdc5de0fe9d70a1dddabddc
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.2.0.dfsg-3.1+lenny1_mips.deb
Size/MD5 checksum: 489974 335f4276e4ace9e795a708bb378293ed
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.2.0.dfsg-3.1+lenny1_mips.deb
Size/MD5 checksum: 83664 5ebfbe684ab67af2070d7ebd78e920b6
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg-3.1+lenny1_mips.deb
Size/MD5 checksum: 109642 9088464063081cf3db925abbd77f95ab
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.2.0.dfsg-3.1+lenny1_mipsel.deb
Size/MD5 checksum: 78800 cbf9d026a528889229ede2fbbf07f9b1
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg-3.1+lenny1_mipsel.deb
Size/MD5 checksum: 110172 56df9de194208745f918c2489fd07dc4
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.2.0.dfsg-3.1+lenny1_mipsel.deb
Size/MD5 checksum: 23038 ebafe740326f2b2477e4a2932e0b1f20
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.2.0.dfsg-3.1+lenny1_mipsel.deb
Size/MD5 checksum: 480462 354c01ff4d127cfbd90b5d2bbf115124
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.2.0.dfsg-3.1+lenny1_powerpc.deb
Size/MD5 checksum: 84936 a8e159dfb4a7947ab21d03e42743f273
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.2.0.dfsg-3.1+lenny1_powerpc.deb
Size/MD5 checksum: 489602 055f226558649f3824c77ccf8710b3ff
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.2.0.dfsg-3.1+lenny1_powerpc.deb
Size/MD5 checksum: 25112 cbc19a2f5b18a39027a5f4796c328d38
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg-3.1+lenny1_powerpc.deb
Size/MD5 checksum: 115288 69dcb48991d54cb44f440951453819be
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.2.0.dfsg-3.1+lenny1_s390.deb
Size/MD5 checksum: 92652 332abcfbc21fde03527f98394d430589
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.2.0.dfsg-3.1+lenny1_s390.deb
Size/MD5 checksum: 23374 459565d5bf6fb2423bb966585050f76e
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg-3.1+lenny1_s390.deb
Size/MD5 checksum: 108572 d18b6585b3ac105589cbd85149f6dbf2
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.2.0.dfsg-3.1+lenny1_s390.deb
Size/MD5 checksum: 464128 54fd2ed9b7f46e98c61717df93623179
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg-3.1+lenny1_sparc.deb
Size/MD5 checksum: 104330 4c01729046cf263045262dbac19cf380
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.2.0.dfsg-3.1+lenny1_sparc.deb
Size/MD5 checksum: 20572 737481d4662074e10faaec373056d761
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.2.0.dfsg-3.1+lenny1_sparc.deb
Size/MD5 checksum: 81536 6ac89e9942629ddbf7e1bbf21226fda1
http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.2.0.dfsg-3.1+lenny1_sparc.deb
Size/MD5 checksum: 472582 bb723b7a07db184b259c28d757d1e271
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAksMYHkACgkQXm3vHE4uylqW1wCfafO6HW+9M4d2d2bMOHB/7bFv
CjIAn0S6sKzN3XYdLgar9zLlxbKSFFRx
=oVpm
-----END PGP SIGNATURE-----
"
DSA 1938-1: New php-mail packages fix insufficient input sanitisingThe Big Reunion Festival gets ready to party
"-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------
Debian Security Advisory DSA-1941-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
November 25, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : poppler
Vulnerability : several
Problem type : local(remote)
Debian-specific: no
CVE Id(s) : CVE-2009-0755 CVE-2009-3903 CVE-2009-3904 CVE-2009-3905 CVE-2009-3906 CVE-2009-3907 CVE-2009-3908 CVE-2009-3909 CVE-2009-3938
Several integer overflows, buffer overflows and memory allocation
errors were discovered in the Poppler PDF rendering library, which may
lead to denial of service or the execution of arbitrary code if a user
is tricked into opening a malformed PDF document.
For the stable distribution (lenny), these problems have been fixed in
version 0.8.7-3.
An update for the old stable distribution (etch) will be issued soon as
version 0.4.5-5.1etch4.
For the unstable distribution (sid), these problems will be fixed soon.
We recommend that you upgrade your poppler packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/p/poppler/poppler_0.8.7.orig.tar.gz
Size/MD5 checksum: 1469587 9af81429d6f8639c357a5eed25583365
http://security.debian.org/pool/updates/main/p/poppler/poppler_0.8.7-3.diff.gz
Size/MD5 checksum: 23304 55a0a858e65401534120b10b08c62256
http://security.debian.org/pool/updates/main/p/poppler/poppler_0.8.7-3.dsc
Size/MD5 checksum: 1481 4e0f8c954b0f7072d868b03da79799c7
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.8.7-3_alpha.deb
Size/MD5 checksum: 1334790 adc6ceeb368e0d4feebdf8163e2281e4
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.8.7-3_alpha.deb
Size/MD5 checksum: 196974 20d4df914f08ed2ccef0859dadcff863
http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.8.7-3_alpha.deb
Size/MD5 checksum: 234664 f330cdb0bf1ee9001edb92677ff2d94d
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt2_0.8.7-3_alpha.deb
Size/MD5 checksum: 180372 701c9f92558359ec676ac7ed8c402abc
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib3_0.8.7-3_alpha.deb
Size/MD5 checksum: 220194 74703001f5c2588a415a53e0e61db107
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-dev_0.8.7-3_alpha.deb
Size/MD5 checksum: 452496 45ec03d58a9b33c941625d29ea726514
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-3_0.8.7-3_alpha.deb
Size/MD5 checksum: 329740 9b5b796f66136fccdd68ee2fb4410239
http://security.debian.org/pool/updates/main/p/poppler/libpoppler3_0.8.7-3_alpha.deb
Size/MD5 checksum: 891178 06d13d1837a263952327b5e1910bb049
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.8.7-3_alpha.deb
Size/MD5 checksum: 302962 343524216b65fad03cf7292183ad4760
http://security.debian.org/pool/updates/main/p/poppler/poppler-dbg_0.8.7-3_alpha.deb
Size/MD5 checksum: 3204196 077162dc4649e5e4e8e049e72ab2421c
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.8.7-3_amd64.deb
Size/MD5 checksum: 232070 24aa1dea8c17e539aacc23f5ca2ff683
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-dev_0.8.7-3_amd64.deb
Size/MD5 checksum: 358464 8b52ef334b17065d7355c1f944407e3f
http://security.debian.org/pool/updates/main/p/poppler/poppler-dbg_0.8.7-3_amd64.deb
Size/MD5 checksum: 3148528 fdaa186b15cd2ff806d3e69f9924b792
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt2_0.8.7-3_amd64.deb
Size/MD5 checksum: 178226 4b9ae48661be12327e3dc8f79f6cbd5f
http://security.debian.org/pool/updates/main/p/poppler/libpoppler3_0.8.7-3_amd64.deb
Size/MD5 checksum: 840192 690949b3a40aa59f1b2952cd48dea805
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.8.7-3_amd64.deb
Size/MD5 checksum: 1118416 34453c3ec346cc34b4ef94774d9bd975
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.8.7-3_amd64.deb
Size/MD5 checksum: 184820 3fc994f62c6e4f5c5615e48b5591574c
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-3_0.8.7-3_amd64.deb
Size/MD5 checksum: 313712 2f16ec788446b18a6ce0313ff233552b
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib3_0.8.7-3_amd64.deb
Size/MD5 checksum: 217370 51b12c5a9b716bef3cd8a5d29b4ac652
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.8.7-3_amd64.deb
Size/MD5 checksum: 274990 0f168bd7e2f0f201c4f1b5436c252987
arm architecture (ARM)
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.8.7-3_arm.deb
Size/MD5 checksum: 1096672 01910f32db12361cf60f109f986f1324
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-3_0.8.7-3_arm.deb
Size/MD5 checksum: 341724 4795d7bae33531c80bb14fc51e8c9952
http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.8.7-3_arm.deb
Size/MD5 checksum: 226514 2d2f7ab236403d3a7040aa09e7832b1c
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-dev_0.8.7-3_arm.deb
Size/MD5 checksum: 389880 8a6b100417108055bf4dc1d40d77fa8b
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib3_0.8.7-3_arm.deb
Size/MD5 checksum: 208128 7fad0af4bd923fc218c4ed6a9aee0a48
http://security.debian.org/pool/updates/main/p/poppler/libpoppler3_0.8.7-3_arm.deb
Size/MD5 checksum: 807458 2e631c2cdbf34f7847d9106adca8d6c6
http://security.debian.org/pool/updates/main/p/poppler/poppler-dbg_0.8.7-3_arm.deb
Size/MD5 checksum: 3115760 99c003b02687fe4caeae077cc58cc00d
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt2_0.8.7-3_arm.deb
Size/MD5 checksum: 178000 6e68b3d42d47efabb7f1712862103d20
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.8.7-3_arm.deb
Size/MD5 checksum: 184604 1066c02c90002b2b69350619738963c3
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.8.7-3_arm.deb
Size/MD5 checksum: 270488 703a85948bb11c02d0e3b86237e7455d
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib3_0.8.7-3_armel.deb
Size/MD5 checksum: 207820 8098dd11c17d88a38f02eb38a7e48df8
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-dev_0.8.7-3_armel.deb
Size/MD5 checksum: 376028 ff27722643819e5693823193cc6749ea
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.8.7-3_armel.deb
Size/MD5 checksum: 273904 8077b3f075149e533852a8c24467def9
http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.8.7-3_armel.deb
Size/MD5 checksum: 222166 0864461cfc76015274da63192778e1f2
http://security.debian.org/pool/updates/main/p/poppler/libpoppler3_0.8.7-3_armel.deb
Size/MD5 checksum: 776950 f34caa24fb31c36ab32162315d706a17
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.8.7-3_armel.deb
Size/MD5 checksum: 1108574 de0fe0a522dc1eb18db681b9a96ee089
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.8.7-3_armel.deb
Size/MD5 checksum: 181564 a6d91d3f6ae1f43e450264bdad083e04
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt2_0.8.7-3_armel.deb
Size/MD5 checksum: 174198 d1bd20388d59831b8aa6b0a9dfe9a537
http://security.debian.org/pool/updates/main/p/poppler/poppler-dbg_0.8.7-3_armel.deb
Size/MD5 checksum: 3157178 52340e4305b95a6b6f8e07cef9c94647
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-3_0.8.7-3_armel.deb
Size/MD5 checksum: 310682 ff8775a24d86a006b4bdee549095a543
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.8.7-3_hppa.deb
Size/MD5 checksum: 291400 18dc7b5a55715f920734a0c9080bb8e4
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.8.7-3_hppa.deb
Size/MD5 checksum: 188042 3c054ee2136540e9c378d03f032900e2
http://security.debian.org/pool/updates/main/p/poppler/libpoppler3_0.8.7-3_hppa.deb
Size/MD5 checksum: 929630 70bfae8d06c8b9654a09d1cd8ffb442c
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-3_0.8.7-3_hppa.deb
Size/MD5 checksum: 335326 32e7009057d2213232e4eab347ad6082
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt2_0.8.7-3_hppa.deb
Size/MD5 checksum: 180650 5756cb5df58f9bded9ddd34fe17fb6a0
http://security.debian.org/pool/updates/main/p/poppler/poppler-dbg_0.8.7-3_hppa.deb
Size/MD5 checksum: 3140906 8f80e2f2f99c1021d1167ed432480914
http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.8.7-3_hppa.deb
Size/MD5 checksum: 234754 42029ce3bfc33844b96140c438358993
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-dev_0.8.7-3_hppa.deb
Size/MD5 checksum: 390020 984a6eb8add88e15cf1b0b749ffb5686
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.8.7-3_hppa.deb
Size/MD5 checksum: 1260894 092507febedac1f845b542b5da11820c
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib3_0.8.7-3_hppa.deb
Size/MD5 checksum: 225948 da2eabf0c906824a1ae02b95cdc97a8f
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.8.7-3_i386.deb
Size/MD5 checksum: 270290 c8e64a55fbeae9dec7382d7ffc4860d7
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.8.7-3_i386.deb
Size/MD5 checksum: 181818 7790ec0d1b045bac5ad8acf5b273d322
http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.8.7-3_i386.deb
Size/MD5 checksum: 226530 012aaf45768ca8ca22a6d13073b0011c
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-3_0.8.7-3_i386.deb
Size/MD5 checksum: 312708 0858c85c7bb2627f97e312caa7ac080b
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-dev_0.8.7-3_i386.deb
Size/MD5 checksum: 344388 d5146377e2679555858662b0ee9a904b
http://security.debian.org/pool/updates/main/p/poppler/poppler-dbg_0.8.7-3_i386.deb
Size/MD5 checksum: 3061938 2ec5991343c3b279641beee69d0253e3
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt2_0.8.7-3_i386.deb
Size/MD5 checksum: 177704 d31a5e3e4df9c41e52619e134a75d4af
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.8.7-3_i386.deb
Size/MD5 checksum: 1053900 da7cc53970b606d599e5f02e0d068cc9
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib3_0.8.7-3_i386.deb
Size/MD5 checksum: 214612 bd5a6265f16cd51d4901692cfcaa655b
http://security.debian.org/pool/updates/main/p/poppler/libpoppler3_0.8.7-3_i386.deb
Size/MD5 checksum: 813824 a4744ae2b084c5a15485f4f3ec82342f
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib3_0.8.7-3_ia64.deb
Size/MD5 checksum: 232988 3eb095121469ddad24dfbb347d65bda7
http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.8.7-3_ia64.deb
Size/MD5 checksum: 257208 eb1bfcf546e7a7ddc9071a8f7749ec7d
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.8.7-3_ia64.deb
Size/MD5 checksum: 195248 6c0d4510170d24342bee6732e416e497
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt2_0.8.7-3_ia64.deb
Size/MD5 checksum: 184620 ffa1bf57a03e82db9d76a177c539f1b4
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.8.7-3_ia64.deb
Size/MD5 checksum: 302272 bc12525cd130ccce7f6858b459352a7e
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-3_0.8.7-3_ia64.deb
Size/MD5 checksum: 353056 e9797db4c7161a44ee19b0b9904a93b6
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.8.7-3_ia64.deb
Size/MD5 checksum: 1421660 9de0b7b911c9e45a64755a00b8efe56f
http://security.debian.org/pool/updates/main/p/poppler/libpoppler3_0.8.7-3_ia64.deb
Size/MD5 checksum: 1073678 a7105ee7b1a5e1320fa0bd337a9c071b
http://security.debian.org/pool/updates/main/p/poppler/poppler-dbg_0.8.7-3_ia64.deb
Size/MD5 checksum: 3105780 4c18b21c30873abc144cfbdbda3afa2a
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-dev_0.8.7-3_ia64.deb
Size/MD5 checksum: 424280 754097ccdf1e2018c27cc23e77611025
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.8.7-3_mips.deb
Size/MD5 checksum: 187976 77a7d378772b5b06e0246bed481f9d5f
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt2_0.8.7-3_mips.deb
Size/MD5 checksum: 177002 4c199ed2c3122490bdb3187690cb8e74
http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.8.7-3_mips.deb
Size/MD5 checksum: 231638 4f1630307637dd91b4b81eb770801689
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib3_0.8.7-3_mips.deb
Size/MD5 checksum: 215024 774f9149da9f2b1c8f19f645add40b8b
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-dev_0.8.7-3_mips.deb
Size/MD5 checksum: 390492 7f387232dc7aef639211309e8e0182d0
http://security.debian.org/pool/updates/main/p/poppler/libpoppler3_0.8.7-3_mips.deb
Size/MD5 checksum: 826354 04377b34bb9389e94942d4a7fc7e021c
http://security.debian.org/pool/updates/main/p/poppler/poppler-dbg_0.8.7-3_mips.deb
Size/MD5 checksum: 3230814 cccbe96a091ce019d54653bf0e41c69a
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-3_0.8.7-3_mips.deb
Size/MD5 checksum: 302368 e7152a0a6618bd05d124c0ce6ee42c53
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.8.7-3_mips.deb
Size/MD5 checksum: 287688 c8711627da0a79d362d90ee8f681f091
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.8.7-3_mips.deb
Size/MD5 checksum: 1219124 755a505cef94d51b148568310e5871fc
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.8.7-3_mipsel.deb
Size/MD5 checksum: 187086 3dd27225aff82082503d8cacd72a0ec2
http://security.debian.org/pool/updates/main/p/poppler/libpoppler3_0.8.7-3_mipsel.deb
Size/MD5 checksum: 804582 f97409504883b64db0f4b0238800fd5a
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.8.7-3_mipsel.deb
Size/MD5 checksum: 1200616 122b5b413a0579e6fa4bd868a0c38ba9
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-dev_0.8.7-3_mipsel.deb
Size/MD5 checksum: 386556 695b7729cfe1fb62cd6d4f37d60f8df0
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib3_0.8.7-3_mipsel.deb
Size/MD5 checksum: 214066 505a894995efb5624e7226d578c6984c
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.8.7-3_mipsel.deb
Size/MD5 checksum: 287962 e2330f7095902dbcb6eea90f7fec5c0e
http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.8.7-3_mipsel.deb
Size/MD5 checksum: 231700 931ad6728924a8511ec0bb193be0f4a9
http://security.debian.org/pool/updates/main/p/poppler/poppler-dbg_0.8.7-3_mipsel.deb
Size/MD5 checksum: 3123054 a8a5ff5547608a095ce709227fe70bee
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-3_0.8.7-3_mipsel.deb
Size/MD5 checksum: 300122 a52f2f9d10e0cef69551e2e533109467
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt2_0.8.7-3_mipsel.deb
Size/MD5 checksum: 176902 29ecd0b702c9bb11404efde67cdd5b7b
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.8.7-3_powerpc.deb
Size/MD5 checksum: 185164 550684aab0a186e611e4360b6624cdd8
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.8.7-3_powerpc.deb
Size/MD5 checksum: 285208 7988738bbc015bb16fcab13bbbbcc20b
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-dev_0.8.7-3_powerpc.deb
Size/MD5 checksum: 360804 42cab8e240b4a7de9e62202b83039360
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.8.7-3_powerpc.deb
Size/MD5 checksum: 1183416 789101eaaafe977e949827750872da66
http://security.debian.org/pool/updates/main/p/poppler/libpoppler3_0.8.7-3_powerpc.deb
Size/MD5 checksum: 882860 8bc2784a8663b1d077dfc5d9866d40e9
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt2_0.8.7-3_powerpc.deb
Size/MD5 checksum: 181116 f9f78a295a924ead21ad588a7949e9d2
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib3_0.8.7-3_powerpc.deb
Size/MD5 checksum: 222218 4f8ac7559664c3e9a31f6b31e88a65ce
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-3_0.8.7-3_powerpc.deb
Size/MD5 checksum: 317990 66b3b30f8baf1ab964f0437f551621e5
http://security.debian.org/pool/updates/main/p/poppler/poppler-dbg_0.8.7-3_powerpc.deb
Size/MD5 checksum: 3226062 6c3cc30f6a0c2bdac5ec06e1b928338a
http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.8.7-3_powerpc.deb
Size/MD5 checksum: 247222 c0c68194014f269724c999e5b16f9eba
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib3_0.8.7-3_s390.deb
Size/MD5 checksum: 218252 e41d127f260ba15a56dc7b42611146bd
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.8.7-3_s390.deb
Size/MD5 checksum: 182512 de685e8065837a6ea411d8a84abaffd0
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-3_0.8.7-3_s390.deb
Size/MD5 checksum: 312702 8d45e17d8ac29291704765d523b7179e
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt2_0.8.7-3_s390.deb
Size/MD5 checksum: 177556 f5ce014d7fe7defeb8dc76af8ca1b885
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-dev_0.8.7-3_s390.deb
Size/MD5 checksum: 349670 a2b956fc22a75710329117ddcf824ea4
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.8.7-3_s390.deb
Size/MD5 checksum: 279260 89bf9399206e169eee1bc521c4d38386
http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.8.7-3_s390.deb
Size/MD5 checksum: 229604 e5c36cd62c71b7238e37802f05688df7
http://security.debian.org/pool/updates/main/p/poppler/poppler-dbg_0.8.7-3_s390.deb
Size/MD5 checksum: 3246660 622484103366a278451786b563c017fc
http://security.debian.org/pool/updates/main/p/poppler/libpoppler3_0.8.7-3_s390.deb
Size/MD5 checksum: 841254 e03aa30315c8a933f165acb45d4fe846
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.8.7-3_s390.deb
Size/MD5 checksum: 1122140 54d336a0cb8dc7f022e2960e4c393a3f
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-3_0.8.7-3_sparc.deb
Size/MD5 checksum: 310956 2ad62b41966206abf6a5e51abdc76310
http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.8.7-3_sparc.deb
Size/MD5 checksum: 226786 68b42902f07c3a4542d7b7c71aee481d
http://security.debian.org/pool/updates/main/p/poppler/poppler-dbg_0.8.7-3_sparc.deb
Size/MD5 checksum: 3009938 0390643723092537919e6d2c62f5f4cb
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib3_0.8.7-3_sparc.deb
Size/MD5 checksum: 214264 10a5fa450895a7d4f2340472b034dfb2
http://security.debian.org/pool/updates/main/p/poppler/libpoppler3_0.8.7-3_sparc.deb
Size/MD5 checksum: 823062 6565194cdd9987d092b427e164ff68cc
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-dev_0.8.7-3_sparc.deb
Size/MD5 checksum: 348108 950535a89f3e90c8c1f49176835dfe6a
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.8.7-3_sparc.deb
Size/MD5 checksum: 272798 eabf47fa697c8beadaf5ea07f7b8a892
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt2_0.8.7-3_sparc.deb
Size/MD5 checksum: 176666 8d35ce9b58c1bc0aafa14c90bc5b4726
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.8.7-3_sparc.deb
Size/MD5 checksum: 181458 50b63df965e98f463af9bab524685d88
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.8.7-3_sparc.deb
Size/MD5 checksum: 1077822 fd0a234b61e3b1e55d6c2dd7751453da
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAksNsXoACgkQXm3vHE4uylq1NwCdFxYeEzaG0HqGbcJ0zx9fTZWY
EhUAoMSKqMuwGCOBOa6+zb3+coWC7kjp
=Mefd
-----END PGP SIGNATURE-----
"
USN-850-3: poppler vulnerabilitiesThe Big Reunion Festival gets ready to party
"-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: kdelibs security update
Advisory ID: RHSA-2009:1601-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1601.html
Issue date: 2009-11-24
CVE Names: CVE-2009-0689
=====================================================================
1. Summary:
Updated kdelibs packages that fix one security issue are now available for
Red Hat Enterprise Linux 4 and 5.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
2. Relevant releases/architectures:
RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
3. Description:
The kdelibs packages provide libraries for the K Desktop Environment (KDE).
A buffer overflow flaw was found in the kdelibs string to floating point
conversion routines. A web page containing malicious JavaScript could crash
Konqueror or, potentially, execute arbitrary code with the privileges of
the user running Konqueror. (CVE-2009-0689)
Users should upgrade to these updated packages, which contain a backported
patch to correct this issue. The desktop must be restarted (log out, then
log back in) for this update to take effect.
4. Solution:
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259
5. Bugs fixed (http://bugzilla.redhat.com/):
539784 - CVE-2009-0689 kdelibs remote array overrun
6. Package List:
Red Hat Enterprise Linux AS version 4:
Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kdelibs-3.3.1-17.el4_8.1.src.rpm
i386:
kdelibs-3.3.1-17.el4_8.1.i386.rpm
kdelibs-debuginfo-3.3.1-17.el4_8.1.i386.rpm
kdelibs-devel-3.3.1-17.el4_8.1.i386.rpm
ia64:
kdelibs-3.3.1-17.el4_8.1.i386.rpm
kdelibs-3.3.1-17.el4_8.1.ia64.rpm
kdelibs-debuginfo-3.3.1-17.el4_8.1.i386.rpm
kdelibs-debuginfo-3.3.1-17.el4_8.1.ia64.rpm
kdelibs-devel-3.3.1-17.el4_8.1.ia64.rpm
ppc:
kdelibs-3.3.1-17.el4_8.1.ppc.rpm
kdelibs-3.3.1-17.el4_8.1.ppc64.rpm
kdelibs-debuginfo-3.3.1-17.el4_8.1.ppc.rpm
kdelibs-debuginfo-3.3.1-17.el4_8.1.ppc64.rpm
kdelibs-devel-3.3.1-17.el4_8.1.ppc.rpm
s390:
kdelibs-3.3.1-17.el4_8.1.s390.rpm
kdelibs-debuginfo-3.3.1-17.el4_8.1.s390.rpm
kdelibs-devel-3.3.1-17.el4_8.1.s390.rpm
s390x:
kdelibs-3.3.1-17.el4_8.1.s390.rpm
kdelibs-3.3.1-17.el4_8.1.s390x.rpm
kdelibs-debuginfo-3.3.1-17.el4_8.1.s390.rpm
kdelibs-debuginfo-3.3.1-17.el4_8.1.s390x.rpm
kdelibs-devel-3.3.1-17.el4_8.1.s390x.rpm
x86_64:
kdelibs-3.3.1-17.el4_8.1.i386.rpm
kdelibs-3.3.1-17.el4_8.1.x86_64.rpm
kdelibs-debuginfo-3.3.1-17.el4_8.1.i386.rpm
kdelibs-debuginfo-3.3.1-17.el4_8.1.x86_64.rpm
kdelibs-devel-3.3.1-17.el4_8.1.x86_64.rpm
Red Hat Enterprise Linux Desktop version 4:
Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kdelibs-3.3.1-17.el4_8.1.src.rpm
i386:
kdelibs-3.3.1-17.el4_8.1.i386.rpm
kdelibs-debuginfo-3.3.1-17.el4_8.1.i386.rpm
kdelibs-devel-3.3.1-17.el4_8.1.i386.rpm
x86_64:
kdelibs-3.3.1-17.el4_8.1.i386.rpm
kdelibs-3.3.1-17.el4_8.1.x86_64.rpm
kdelibs-debuginfo-3.3.1-17.el4_8.1.i386.rpm
kdelibs-debuginfo-3.3.1-17.el4_8.1.x86_64.rpm
kdelibs-devel-3.3.1-17.el4_8.1.x86_64.rpm
Red Hat Enterprise Linux ES version 4:
Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kdelibs-3.3.1-17.el4_8.1.src.rpm
i386:
kdelibs-3.3.1-17.el4_8.1.i386.rpm
kdelibs-debuginfo-3.3.1-17.el4_8.1.i386.rpm
kdelibs-devel-3.3.1-17.el4_8.1.i386.rpm
ia64:
kdelibs-3.3.1-17.el4_8.1.i386.rpm
kdelibs-3.3.1-17.el4_8.1.ia64.rpm
kdelibs-debuginfo-3.3.1-17.el4_8.1.i386.rpm
kdelibs-debuginfo-3.3.1-17.el4_8.1.ia64.rpm
kdelibs-devel-3.3.1-17.el4_8.1.ia64.rpm
x86_64:
kdelibs-3.3.1-17.el4_8.1.i386.rpm
kdelibs-3.3.1-17.el4_8.1.x86_64.rpm
kdelibs-debuginfo-3.3.1-17.el4_8.1.i386.rpm
kdelibs-debuginfo-3.3.1-17.el4_8.1.x86_64.rpm
kdelibs-devel-3.3.1-17.el4_8.1.x86_64.rpm
Red Hat Enterprise Linux WS version 4:
Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kdelibs-3.3.1-17.el4_8.1.src.rpm
i386:
kdelibs-3.3.1-17.el4_8.1.i386.rpm
kdelibs-debuginfo-3.3.1-17.el4_8.1.i386.rpm
kdelibs-devel-3.3.1-17.el4_8.1.i386.rpm
ia64:
kdelibs-3.3.1-17.el4_8.1.i386.rpm
kdelibs-3.3.1-17.el4_8.1.ia64.rpm
kdelibs-debuginfo-3.3.1-17.el4_8.1.i386.rpm
kdelibs-debuginfo-3.3.1-17.el4_8.1.ia64.rpm
kdelibs-devel-3.3.1-17.el4_8.1.ia64.rpm
x86_64:
kdelibs-3.3.1-17.el4_8.1.i386.rpm
kdelibs-3.3.1-17.el4_8.1.x86_64.rpm
kdelibs-debuginfo-3.3.1-17.el4_8.1.i386.rpm
kdelibs-debuginfo-3.3.1-17.el4_8.1.x86_64.rpm
kdelibs-devel-3.3.1-17.el4_8.1.x86_64.rpm
Red Hat Enterprise Linux Desktop (v. 5 client):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kdelibs-3.5.4-25.el5_4.1.src.rpm
i386:
kdelibs-3.5.4-25.el5_4.1.i386.rpm
kdelibs-apidocs-3.5.4-25.el5_4.1.i386.rpm
kdelibs-debuginfo-3.5.4-25.el5_4.1.i386.rpm
x86_64:
kdelibs-3.5.4-25.el5_4.1.i386.rpm
kdelibs-3.5.4-25.el5_4.1.x86_64.rpm
kdelibs-apidocs-3.5.4-25.el5_4.1.x86_64.rpm
kdelibs-debuginfo-3.5.4-25.el5_4.1.i386.rpm
kdelibs-debuginfo-3.5.4-25.el5_4.1.x86_64.rpm
RHEL Desktop Workstation (v. 5 client):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kdelibs-3.5.4-25.el5_4.1.src.rpm
i386:
kdelibs-debuginfo-3.5.4-25.el5_4.1.i386.rpm
kdelibs-devel-3.5.4-25.el5_4.1.i386.rpm
x86_64:
kdelibs-debuginfo-3.5.4-25.el5_4.1.i386.rpm
kdelibs-debuginfo-3.5.4-25.el5_4.1.x86_64.rpm
kdelibs-devel-3.5.4-25.el5_4.1.i386.rpm
kdelibs-devel-3.5.4-25.el5_4.1.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kdelibs-3.5.4-25.el5_4.1.src.rpm
i386:
kdelibs-3.5.4-25.el5_4.1.i386.rpm
kdelibs-apidocs-3.5.4-25.el5_4.1.i386.rpm
kdelibs-debuginfo-3.5.4-25.el5_4.1.i386.rpm
kdelibs-devel-3.5.4-25.el5_4.1.i386.rpm
ia64:
kdelibs-3.5.4-25.el5_4.1.ia64.rpm
kdelibs-apidocs-3.5.4-25.el5_4.1.ia64.rpm
kdelibs-debuginfo-3.5.4-25.el5_4.1.ia64.rpm
kdelibs-devel-3.5.4-25.el5_4.1.ia64.rpm
ppc:
kdelibs-3.5.4-25.el5_4.1.ppc.rpm
kdelibs-3.5.4-25.el5_4.1.ppc64.rpm
kdelibs-apidocs-3.5.4-25.el5_4.1.ppc.rpm
kdelibs-debuginfo-3.5.4-25.el5_4.1.ppc.rpm
kdelibs-debuginfo-3.5.4-25.el5_4.1.ppc64.rpm
kdelibs-devel-3.5.4-25.el5_4.1.ppc.rpm
kdelibs-devel-3.5.4-25.el5_4.1.ppc64.rpm
s390x:
kdelibs-3.5.4-25.el5_4.1.s390.rpm
kdelibs-3.5.4-25.el5_4.1.s390x.rpm
kdelibs-apidocs-3.5.4-25.el5_4.1.s390x.rpm
kdelibs-debuginfo-3.5.4-25.el5_4.1.s390.rpm
kdelibs-debuginfo-3.5.4-25.el5_4.1.s390x.rpm
kdelibs-devel-3.5.4-25.el5_4.1.s390.rpm
kdelibs-devel-3.5.4-25.el5_4.1.s390x.rpm
x86_64:
kdelibs-3.5.4-25.el5_4.1.i386.rpm
kdelibs-3.5.4-25.el5_4.1.x86_64.rpm
kdelibs-apidocs-3.5.4-25.el5_4.1.x86_64.rpm
kdelibs-debuginfo-3.5.4-25.el5_4.1.i386.rpm
kdelibs-debuginfo-3.5.4-25.el5_4.1.x86_64.rpm
kdelibs-devel-3.5.4-25.el5_4.1.i386.rpm
kdelibs-devel-3.5.4-25.el5_4.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package
7. References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689
http://www.redhat.com/security/updates/classification/#critical
8. Contact:
The Red Hat security contact is . More contact
details at https://www.redhat.com/security/team/contact/
Copyright 2009 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFLDHQUXlSAg2UNWIIRApbsAKCkJt9H3OLAK7ijC4KYpKRdEtx5HQCgwlwV
PCy3KpXsQxQkZHtJ0x0oViI=
=KdlG
-----END PGP SIGNATURE-----
"
RHSA-2009:1561-01 Important: libvorbis security update
"Gentoo Linux Security Advisory GLSA 200911-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Wireshark: Multiple vulnerabilities
Date: November 25, 2009
Bugs: #285280, #290710
ID: 200911-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been discovered in Wireshark, allowing
for the remote execution of arbitrary code, or Denial of Service.
Background
==========
Wireshark is a versatile network protocol analyzer.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-analyzer/wireshark = 1.2.3
Description
===========
Multiple vulnerabilities have been discovered in Wireshark:
* Ryan Giobbi reported an integer overflow in wiretap/erf.c
(CVE-2009-3829).
* The vendor reported multiple unspecified vulnerabilities in the
Bluetooth L2CAP, RADIUS, and MIOP dissectors (CVE-2009-2560), in the
OpcUa dissector (CVE-2009-3241), in packet.c in the GSM A RR
dissector (CVE-2009-3242), in the TLS dissector (CVE-2009-3243), in
the Paltalk dissector (CVE-2009-3549), in the DCERPC/NT dissector
(CVE-2009-3550), and in the dissect_negprot_response() function in
packet-smb.c in the SMB dissector (CVE-2009-3551).
Impact
======
A remote attacker could entice a user to open a specially crafted "erf"
file using Wireshark, possibly resulting in the execution of arbitrary
code with the privileges of the user running the application. A remote
attacker could furthermore send specially crafted packets on a network
being monitored by Wireshark or entice a user to open a malformed
packet trace file using Wireshark, possibly resulting in a Denial of
Service.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Wireshark users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-analyzer/wireshark-1.2.3"
References
==========
[ 1 ] CVE-2009-2560
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2560
[ 2 ] CVE-2009-3241
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3241
[ 3 ] CVE-2009-3242
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3242
[ 4 ] CVE-2009-3243
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3243
[ 5 ] CVE-2009-3549
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3549
[ 6 ] CVE-2009-3550
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3550
[ 7 ] CVE-2009-3551
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3551
[ 8 ] CVE-2009-3829
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3829
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200911-05.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2009 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
"
Celine Dion to keep trying for another babyGLSA 200910-03 Adobe Reader: Multiple vulnerabilities
"Ubuntu Security Notice USN-861-1 November 24, 2009
libvorbis vulnerabilities
CVE-2008-2009, CVE-2009-3379
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D
A security issue affects the following Ubuntu releases:
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04
Ubuntu 9.10
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 8.04 LTS:
libvorbis0a 1.2.0.dfsg-2ubuntu0.3
Ubuntu 8.10:
libvorbis0a 1.2.0.dfsg-3.1ubuntu0.8.10.2
Ubuntu 9.04:
libvorbis0a 1.2.0.dfsg-3.1ubuntu0.9.04.2
Ubuntu 9.10:
libvorbis0a 1.2.0.dfsg-6ubuntu0.1
After a standard system upgrade you need to restart any applications that
use libvorbis, such as Totem and gtkpod, to effect the necessary changes.
Details follow:
It was discovered that libvorbis did not correctly handle ogg files with
underpopulated Huffman trees. If a user were tricked into opening a
specially crafted ogg file with an application that uses libvorbis, an
attacker could cause a denial of service. (CVE-2008-2009)
It was discovered that libvorbis did not correctly handle certain malformed
ogg files. If a user were tricked into opening a specially crafted ogg file
with an application that uses libvorbis, an attacker could cause a denial
of service or possibly execute arbitrary code with the user's privileges.
(CVE-2009-3379)
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis_1.=
2.0.dfsg-2ubuntu0.3.diff.gz
Size/MD5: 12991 d7ac1cea7fd18471b0366844c4f2d434
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis_1.=
2.0.dfsg-2ubuntu0.3.dsc
Size/MD5: 937 b9ab7e79ef09dbe4cc523245a179853c
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis_1.=
2.0.dfsg.orig.tar.gz
Size/MD5: 1477935 3c7fff70c0989ab3c1c85366bf670818
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis-de=
v_1.2.0.dfsg-2ubuntu0.3_amd64.deb
Size/MD5: 476030 a96358bb558f637d96a4354101f9bb2c
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis0a_=
1.2.0.dfsg-2ubuntu0.3_amd64.deb
Size/MD5: 104488 5463be3057e6f7e8db31b1acf3c8502d
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisenc=
2_1.2.0.dfsg-2ubuntu0.3_amd64.deb
Size/MD5: 94894 2c21a6d370070b7d12bed48f96036463
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisfil=
e3_1.2.0.dfsg-2ubuntu0.3_amd64.deb
Size/MD5: 19630 a5a80fc2df2729b88590addfe3982cfb
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis-de=
v_1.2.0.dfsg-2ubuntu0.3_i386.deb
Size/MD5: 456398 9e41b7ea54511a6b6127c5c643eddb1e
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis0a_=
1.2.0.dfsg-2ubuntu0.3_i386.deb
Size/MD5: 99448 ffc9abdb63cc0312fef0566473f4c13d
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisenc=
2_1.2.0.dfsg-2ubuntu0.3_i386.deb
Size/MD5: 76726 8dc17f35d4699557bff77dc8a2673de8
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisfil=
e3_1.2.0.dfsg-2ubuntu0.3_i386.deb
Size/MD5: 20402 cc111d8b13c33c5b03a364b0d1bb95d1
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbis-dev_1.2.0.df=
sg-2ubuntu0.3_lpia.deb
Size/MD5: 458366 c2d4e954201ef68cc3d241a7dda3ea93
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg=
-2ubuntu0.3_lpia.deb
Size/MD5: 100038 b371e7f6d202b427614a656cd618e407
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbisenc2_1.2.0.df=
sg-2ubuntu0.3_lpia.deb
Size/MD5: 76912 b219d40cdaadb9aa368b4e3449a0de0b
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbisfile3_1.2.0.d=
fsg-2ubuntu0.3_lpia.deb
Size/MD5: 20406 cc10625815d7cb3516ad3e2e7325e7f8
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbis-dev_1.2.0.df=
sg-2ubuntu0.3_powerpc.deb
Size/MD5: 485154 86ff174f93f9000e89aa84ae7ba8e702
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg=
-2ubuntu0.3_powerpc.deb
Size/MD5: 109396 5e52e396225668911249ad4840ba89d2
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbisenc2_1.2.0.df=
sg-2ubuntu0.3_powerpc.deb
Size/MD5: 84090 053277cac971a8dd5854b25bc82f1275
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbisfile3_1.2.0.d=
fsg-2ubuntu0.3_powerpc.deb
Size/MD5: 24256 7b644a68479f137d1c31cb7bc6e11239
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbis-dev_1.2.0.df=
sg-2ubuntu0.3_sparc.deb
Size/MD5: 462624 43611553a9ff71736ad1829ee2d48ee6
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg=
-2ubuntu0.3_sparc.deb
Size/MD5: 100454 5d94a781fafacdb33752fbe8c687f4a6
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbisenc2_1.2.0.df=
sg-2ubuntu0.3_sparc.deb
Size/MD5: 81230 e7c3fcb35cd9f255af91fb850fce7718
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbisfile3_1.2.0.d=
fsg-2ubuntu0.3_sparc.deb
Size/MD5: 19678 5c6725ecf7ad2f5697ddd80ec7181d99
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis_1.=
2.0.dfsg-3.1ubuntu0.8.10.2.diff.gz
Size/MD5: 14099 3b381e5b9d4ff995371549d0f4049b17
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis_1.=
2.0.dfsg-3.1ubuntu0.8.10.2.dsc
Size/MD5: 1391 f693d0a5b8d382d11eafee3eeaec74b5
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis_1.=
2.0.dfsg.orig.tar.gz
Size/MD5: 1477935 3c7fff70c0989ab3c1c85366bf670818
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis-de=
v_1.2.0.dfsg-3.1ubuntu0.8.10.2_amd64.deb
Size/MD5: 479892 fa93b658c3490a316a40440d66791937
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis0a_=
1.2.0.dfsg-3.1ubuntu0.8.10.2_amd64.deb
Size/MD5: 109252 ef6627a20fb4892a1069ded79fe379be
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisenc=
2_1.2.0.dfsg-3.1ubuntu0.8.10.2_amd64.deb
Size/MD5: 96200 4fe223431c6c290695ae9c27fac0966a
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisfil=
e3_1.2.0.dfsg-3.1ubuntu0.8.10.2_amd64.deb
Size/MD5: 20768 cb51f1c14be4d5bd735bc2ac74c4084f
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis-de=
v_1.2.0.dfsg-3.1ubuntu0.8.10.2_i386.deb
Size/MD5: 460236 8d03a67ad77c3065462e07bfac250e79
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis0a_=
1.2.0.dfsg-3.1ubuntu0.8.10.2_i386.deb
Size/MD5: 102638 29966392d03df0d2523aa3177434a158
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisenc=
2_1.2.0.dfsg-3.1ubuntu0.8.10.2_i386.deb
Size/MD5: 77906 10ad5e56f23d2b8f4ebb385df163b676
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisfil=
e3_1.2.0.dfsg-3.1ubuntu0.8.10.2_i386.deb
Size/MD5: 21822 877561be88e24e6de4874c393257ba62
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbis-dev_1.2.0.df=
sg-3.1ubuntu0.8.10.2_lpia.deb
Size/MD5: 462006 8e817bd23febab8094cd11e99864bc92
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg=
-3.1ubuntu0.8.10.2_lpia.deb
Size/MD5: 103306 3d377b2b715e457858f7a3afa72e3a34
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbisenc2_1.2.0.df=
sg-3.1ubuntu0.8.10.2_lpia.deb
Size/MD5: 78054 87197ab70eab21d293d06a03b925a30a
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbisfile3_1.2.0.d=
fsg-3.1ubuntu0.8.10.2_lpia.deb
Size/MD5: 21654 916bdeadfed79e9521fc44c10f414f23
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbis-dev_1.2.0.df=
sg-3.1ubuntu0.8.10.2_powerpc.deb
Size/MD5: 491454 62a722a76f9169182787e6646a01549b
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg=
-3.1ubuntu0.8.10.2_powerpc.deb
Size/MD5: 115404 d951d55225968eebf9464d18f6faab2f
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbisenc2_1.2.0.df=
sg-3.1ubuntu0.8.10.2_powerpc.deb
Size/MD5: 85524 cb9fa0eff43344cbcd177c44455ca863
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbisfile3_1.2.0.d=
fsg-3.1ubuntu0.8.10.2_powerpc.deb
Size/MD5: 25540 6252523c4b9cb8e91af913dfa94a4509
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbis-dev_1.2.0.df=
sg-3.1ubuntu0.8.10.2_sparc.deb
Size/MD5: 465890 7bb9b029adab1877f2ae9b66ad650da6
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg=
-3.1ubuntu0.8.10.2_sparc.deb
Size/MD5: 105036 b5efdeab1f1ae5bf0f68032fae4de733
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbisenc2_1.2.0.df=
sg-3.1ubuntu0.8.10.2_sparc.deb
Size/MD5: 82522 217424eb3438493636c8e2e2e947a951
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbisfile3_1.2.0.d=
fsg-3.1ubuntu0.8.10.2_sparc.deb
Size/MD5: 21210 fe7a01c235dcde80427cdc1c4218c650
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis_1.=
2.0.dfsg-3.1ubuntu0.9.04.2.diff.gz
Size/MD5: 14106 806c51558b40e8a0173258e322126dfc
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis_1.=
2.0.dfsg-3.1ubuntu0.9.04.2.dsc
Size/MD5: 1391 8237287820fda9e5caaf1645917012a9
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis_1.=
2.0.dfsg.orig.tar.gz
Size/MD5: 1477935 3c7fff70c0989ab3c1c85366bf670818
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis-de=
v_1.2.0.dfsg-3.1ubuntu0.9.04.2_amd64.deb
Size/MD5: 479954 ed840c38ac73f07d2594485992810cf3
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis0a_=
1.2.0.dfsg-3.1ubuntu0.9.04.2_amd64.deb
Size/MD5: 109254 fa9ecb0116a031ea24c068f7c104a6c5
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisenc=
2_1.2.0.dfsg-3.1ubuntu0.9.04.2_amd64.deb
Size/MD5: 96190 92cce557b7dc8367962bd71f5d2e16ed
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisfil=
e3_1.2.0.dfsg-3.1ubuntu0.9.04.2_amd64.deb
Size/MD5: 20752 b092b5312c1fdc3ca3b68efb67c6d788
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis-de=
v_1.2.0.dfsg-3.1ubuntu0.9.04.2_i386.deb
Size/MD5: 460350 dcab6f09451ee399e6c3718fd7a290b4
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis0a_=
1.2.0.dfsg-3.1ubuntu0.9.04.2_i386.deb
Size/MD5: 102774 c0294bc33be421dc97b5a41f0962a305
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisenc=
2_1.2.0.dfsg-3.1ubuntu0.9.04.2_i386.deb
Size/MD5: 77908 4f631989517676b33426d8196ce86089
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisfil=
e3_1.2.0.dfsg-3.1ubuntu0.9.04.2_i386.deb
Size/MD5: 21798 fd715839d6a485a560dc4ba3d6bd25f9
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbis-dev_1.2.0.df=
sg-3.1ubuntu0.9.04.2_lpia.deb
Size/MD5: 462086 df504130bd6ba53055514188ae319608
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg=
-3.1ubuntu0.9.04.2_lpia.deb
Size/MD5: 103382 81883010e7f156576925e34ee1bf3650
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbisenc2_1.2.0.df=
sg-3.1ubuntu0.9.04.2_lpia.deb
Size/MD5: 78050 4b0c1e4270759a4ebb0a4a3b3e819921
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbisfile3_1.2.0.d=
fsg-3.1ubuntu0.9.04.2_lpia.deb
Size/MD5: 21628 f598818f8da06a03e82811d325a0d6aa
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbis-dev_1.2.0.df=
sg-3.1ubuntu0.9.04.2_powerpc.deb
Size/MD5: 491462 de9941dcdf7fbcce2ce1771157283b41
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg=
-3.1ubuntu0.9.04.2_powerpc.deb
Size/MD5: 115408 bf40900dd80d91fc9ba0da14079ba8ba
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbisenc2_1.2.0.df=
sg-3.1ubuntu0.9.04.2_powerpc.deb
Size/MD5: 85526 476aadeedd5fe54e094dd754eaf67a1a
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbisfile3_1.2.0.d=
fsg-3.1ubuntu0.9.04.2_powerpc.deb
Size/MD5: 25534 2ce93cbcb6112d91c6b9099cb1f750ce
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbis-dev_1.2.0.df=
sg-3.1ubuntu0.9.04.2_sparc.deb
Size/MD5: 465896 ab3725414d6572e1d7297a9374aa29c7
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg=
-3.1ubuntu0.9.04.2_sparc.deb
Size/MD5: 105040 70accc7b795a5d0871ba555377860b77
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbisenc2_1.2.0.df=
sg-3.1ubuntu0.9.04.2_sparc.deb
Size/MD5: 82470 e9e0d296fac9c00496f07d743c52c7a9
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbisfile3_1.2.0.d=
fsg-3.1ubuntu0.9.04.2_sparc.deb
Size/MD5: 21170 efa8d7e1d2a14f843d14f80dae9c755c
Updated packages for Ubuntu 9.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis_1.=
2.0.dfsg-6ubuntu0.1.diff.gz
Size/MD5: 14077 1472bf5d0d81031673a907939ca5e13f
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis_1.=
2.0.dfsg-6ubuntu0.1.dsc
Size/MD5: 1240 06738b4c14538449ec70061555bd5b95
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis_1.=
2.0.dfsg.orig.tar.gz
Size/MD5: 1477935 3c7fff70c0989ab3c1c85366bf670818
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis-de=
v_1.2.0.dfsg-6ubuntu0.1_amd64.deb
Size/MD5: 481960 03bdebc10b57dff61913983f7e2c6b12
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis0a_=
1.2.0.dfsg-6ubuntu0.1_amd64.deb
Size/MD5: 110800 1cd3c19e86f96a82543f00ecc200e450
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisenc=
2_1.2.0.dfsg-6ubuntu0.1_amd64.deb
Size/MD5: 96410 fd88dda1df522a5e4caa3a51f0af75ea
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisfil=
e3_1.2.0.dfsg-6ubuntu0.1_amd64.deb
Size/MD5: 21064 f0206b2785ab195deddfbe3c551c1d53
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis-de=
v_1.2.0.dfsg-6ubuntu0.1_i386.deb
Size/MD5: 460010 a465712a5dee205bb3572c69882d84b3
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis0a_=
1.2.0.dfsg-6ubuntu0.1_i386.deb
Size/MD5: 102444 335555688456137832536be14bc89c30
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisenc=
2_1.2.0.dfsg-6ubuntu0.1_i386.deb
Size/MD5: 78058 3528e4ca888274ae7c081425238d80f4
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisfil=
e3_1.2.0.dfsg-6ubuntu0.1_i386.deb
Size/MD5: 22528 3e089ed25e17995ad21e0f9e48e2c192
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbis-dev_1.2.0.df=
sg-6ubuntu0.1_lpia.deb
Size/MD5: 461842 ca8cae4e451a3c39c8485d784a762688
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg=
-6ubuntu0.1_lpia.deb
Size/MD5: 103222 3372e8291fe8cbf4fb10ff8cef8daf46
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbisenc2_1.2.0.df=
sg-6ubuntu0.1_lpia.deb
Size/MD5: 78064 67727a08216b600b5a355e1a6c4a2723
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbisfile3_1.2.0.d=
fsg-6ubuntu0.1_lpia.deb
Size/MD5: 22282 f8c2669196b70ae210155d5c49127c8e
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbis-dev_1.2.0.df=
sg-6ubuntu0.1_powerpc.deb
Size/MD5: 491998 f7edf9891a62bdaf437d24c012c0995a
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg=
-6ubuntu0.1_powerpc.deb
Size/MD5: 113120 3d8780b8b7983e7dac75c021a53a6b9d
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbisenc2_1.2.0.df=
sg-6ubuntu0.1_powerpc.deb
Size/MD5: 84114 a03a7b5b903cd91a3f9ac799ea3c8b91
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbisfile3_1.2.0.d=
fsg-6ubuntu0.1_powerpc.deb
Size/MD5: 23840 56dda24b70b6717c7117bbec29d4e3fe
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbis-dev_1.2.0.df=
sg-6ubuntu0.1_sparc.deb
Size/MD5: 466488 2fd2ffcbb529131155b0f05fba03f376
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg=
-6ubuntu0.1_sparc.deb
Size/MD5: 106288 1d69667318f1e5deece70dc1af2dafac
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbisenc2_1.2.0.df=
sg-6ubuntu0.1_sparc.deb
Size/MD5: 82834 0a22a390ed4456a001a5b75db9394916
http://ports.ubuntu.com/pool/main/libv/libvorbis/libvorbisfile3_1.2.0.d=
fsg-6ubuntu0.1_sparc.deb
Size/MD5: 21412 354a11cb80e57366d473c1f490210a26
--=-dEY8f9hwsx7hRL2TEcLO
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEABECAAYFAksL7i0ACgkQLMAs/0C4zNpmjACbBElQz/2hK+eNCbpDKYaRTzeA
5tYAn1rVm2Td+M2jsRaT/q9164DAyrLk
=U1EG
-----END PGP SIGNATURE-----
"
The Big Reunion Festival gets ready to partyUSN-858-1: OpenLDAP vulnerability
Archives
-
▼
2009
(444)
-
▼
November
(46)
- GLSA 200911-04 dstat: Untrusted search path
- GLSA 200911-06 PEAR Net_Traceroute: Command injec...
- DSA 1939-1: New libvorbis packages fix several vul...
- DSA 1941-1: New poppler packages fix several vulne...
- RHSA-2009:1601-01 Critical: kdelibs security updat...
- GLSA 200911-05 Wireshark: Multiple vulnerabilitie...
- USN-861-1: libvorbis vulnerabilities
- DSA 1938-1: New php-mail packages fix insufficient...
- DSA 1937-1: New gforge packages fix cross-site scr...
- DSA-1934-1: New apache2 packages fix several issue...
- USN-859-1: OpenJDK vulnerabilities
- USN-860-1: Apache vulnerabilities
- RHSA-2009:1595-01 Moderate: cups security update
- RHSA-2009:1587-01 Important: kernel security and b...
- GLSA 200911-02 Sun JDK/JRE: Multiple vulnerabilit...
- DSA 1936-1: New libgd2 packages fix several vulner...
- RHSA-2009:1588-02 Important: kernel security updat...
- DSA 1935-1: New gnutls23/gnutls26 packages fix SSL...
- RHSA-2009:1585-01 Moderate: samba3x security and b...
- RHSA-2009:1584-01 Important: java-1.6.0-openjdk se...
- RHSA-2009:1580-02 Moderate: httpd security update
- DSA 1933-1: New cups packages fix cross-site scrip...
- USN-858-1: OpenLDAP vulnerability
- DSA 1932-1: New pidgin packages fix arbitrary code...
- RHSA-2009:1582-01 Critical: java-1.6.0-ibm securit...
- RHSA-2009:1561-01 Important: libvorbis security up...
- RHSA-2009:1562-01 Important: tomcat security updat...
- USN-853-2: Firefox and Xulrunner regression
- USN-854-1: GD library vulnerabilities
- DSA 1928-1: New Linux 2.6.24 packages fix several ...
- RHSA-2009:1540-01 Important: kernel-rt security, b...
- RHSA-2009:1550-01 Important: kernel security and b...
- RHSA-2009:1541-01 Important: kernel security updat...
- USN-850-3: poppler vulnerabilities
- DSA 1927-1: New Linux 2.6.26 packages fix several ...
- USN-855-1: libhtml-parser-perl vulnerability
- RHSA-2009:1548-01 Important: kernel security and b...
- RHSA-2009:1530-01 Critical: firefox security updat...
- DSA 1924-1: New mahara packages fix several vulner...
- USN-853-1: Firefox and Xulrunner vulnerabilities
- RHSA-2009:1528-01 Moderate: samba security and bug...
- RHSA-2009:1531-01 Critical: seamonkey security upd...
- DSA 1922-1: New xulrunner packages fix several vul...
- DSA 1923-1: New libhtml-parser-perl packages fix d...
- RHSA-2009:1535-01 Moderate: pidgin security update...
- DSA 1921-1: New expat packages fix denial of servi...
-
▼
November
(46)