"-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Debian Security Advisory DSA-1807-1 security@debian.org
http://www.debian.org/security/ Nico Golde
June 1st, 2009 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : cyrus-sasl2, cyrus-sasl2-heimdal
Vulnerability : buffer overflow
Problem type : remote
Debian-specific: no
Debian bug : 528749
CERT advisory : VU#238019
CVE ID : CVE-2009-0688
James Ralston discovered that the sasl_encode64() function of cyrus-sasl2,
a free library implementing the Simple Authentication and Security Layer,
suffers from a missing null termination in certain situations. This causes
several buffer overflows in situations where cyrus-sasl2 itself requires
the string to be null terminated which can lead to denial of service or
arbitrary code execution.
Important notice (Quoting from US-CERT):
While this patch will fix currently vulnerable code, it can cause
non-vulnerable existing code to break. Here's a function prototype from
include/saslutil.h to clarify my explanation:
/* base64 encode
* in -- input data
* inlen -- input data length
* out -- output buffer (will be NUL terminated)
* outmax -- max size of output buffer
* result:
* outlen -- gets actual length of output buffer (optional)
*
* Returns SASL_OK on success, SASL_BUFOVER if result won't fit
*/
LIBSASL_API int sasl_encode64(const char *in, unsigned inlen,
char *out, unsigned outmax,
unsigned *outlen);
Assume a scenario where calling code has been written in such a way that it
calculates the exact size required for base64 encoding in advance, then
allocates a buffer of that exact size, passing a pointer to the buffer into
sasl_encode64() as *out. As long as this code does not anticipate that the
buffer is NUL-terminated (does not call any string-handling functions like
strlen(), for example) the code will work and it will not be vulnerable.
Once this patch is applied, that same code will break because sasl_encode64()
will begin to return SASL_BUFOVER.
For the oldstable distribution (etch), this problem will be fixed soon.
For the stable distribution (lenny), this problem has been fixed in
version 2.1.22.dfsg1-23+lenny1 of cyrus-sasl2 and cyrus-sasl2-heimdal.
For the testing distribution (squeeze), this problem will be fixed soon.
For the unstable distribution (sid), this problem has been fixed in
version 2.1.23.dfsg1-1 of cyrus-sasl2 and cyrus-sasl2-heimdal.
We recommend that you upgrade your cyrus-sasl2/cyrus-sasl2-heimdal packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Debian (stable)
- ---------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/cyrus-sasl2-heimdal_2.1.22.dfsg1-23+lenny1.dsc
Size/MD5 checksum: 1775 510a3befa02a034758711c4bf329082e
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2_2.1.22.dfsg1-23+lenny1.diff.gz
Size/MD5 checksum: 76458 85b876ee4b8d33a804f1164d727a5281
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2_2.1.22.dfsg1-23+lenny1.dsc
Size/MD5 checksum: 1930 6939422cb0ce3455ce5a1a494692fd68
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2_2.1.22.dfsg1.orig.tar.gz
Size/MD5 checksum: 1370731 f196299b2c07f822c8c56db71b7dc7db
http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/cyrus-sasl2-heimdal_2.1.22.dfsg1.orig.tar.gz
Size/MD5 checksum: 1370731 f196299b2c07f822c8c56db71b7dc7db
http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/cyrus-sasl2-heimdal_2.1.22.dfsg1-23+lenny1.diff.gz
Size/MD5 checksum: 27834 dae4de4ce221e8d5f9ca9fbc8376f1ba
Architecture independent packages:
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2-doc_2.1.22.dfsg1-23+lenny1_all.deb
Size/MD5 checksum: 104228 c5b2a9dac2683208cbc7fe0aeaf9e276
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-otp_2.1.22.dfsg1-23+lenny1_alpha.deb
Size/MD5 checksum: 84954 9d18b6afabcdb581ba692b0de7abc489
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2-dbg_2.1.22.dfsg1-23+lenny1_alpha.deb
Size/MD5 checksum: 603214 764f256abbe3cfc91a4c0392d79a8262
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-2_2.1.22.dfsg1-23+lenny1_alpha.deb
Size/MD5 checksum: 123794 e2d71664b9f4dbf586366a1ed21e8c23
http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/libsasl2-modules-gssapi-heimdal_2.1.22.dfsg1-23+lenny1_alpha.deb
Size/MD5 checksum: 76294 4e15f169d2b45fa179cdf4a919ab4316
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.22.dfsg1-23+lenny1_alpha.deb
Size/MD5 checksum: 198230 2b8a7bf7981b5f5d999a0a5d671ea401
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.22.dfsg1-23+lenny1_alpha.deb
Size/MD5 checksum: 75114 0da83acb9fbf8b7dc51989cd2c1f3e78
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-ldap_2.1.22.dfsg1-23+lenny1_alpha.deb
Size/MD5 checksum: 61754 6291c4405e6cbd3507737f866d6a53ee
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.22.dfsg1-23+lenny1_alpha.deb
Size/MD5 checksum: 165322 72628edb29a049c66a31d3ec9678ad89
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-mit_2.1.22.dfsg1-23+lenny1_alpha.deb
Size/MD5 checksum: 77222 d68fe70130dd0e59ae91a98d6718d6d7
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.22.dfsg1-23+lenny1_alpha.deb
Size/MD5 checksum: 319558 9c80d311d0c16df5f368708e5a32c6e0
http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/cyrus-sasl2-heimdal-dbg_2.1.22.dfsg1-23+lenny1_alpha.deb
Size/MD5 checksum: 69300 2c83c31dac6f051c8a9879effd293aa8
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-otp_2.1.22.dfsg1-23+lenny1_amd64.deb
Size/MD5 checksum: 78176 04d539c8841bd7d1307d74cd2c0189f9
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-2_2.1.22.dfsg1-23+lenny1_amd64.deb
Size/MD5 checksum: 114804 110e9007dc74123976337a86e856eaf0
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-mit_2.1.22.dfsg1-23+lenny1_amd64.deb
Size/MD5 checksum: 68878 7db9847a4723d6826f7920ae1993906e
http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/cyrus-sasl2-heimdal-dbg_2.1.22.dfsg1-23+lenny1_amd64.deb
Size/MD5 checksum: 69052 84be4bf75f96bae025d2b92735670dfc
http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/libsasl2-modules-gssapi-heimdal_2.1.22.dfsg1-23+lenny1_amd64.deb
Size/MD5 checksum: 67958 d47d4ee189346d1bdf4b00be9cc8dcfb
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-ldap_2.1.22.dfsg1-23+lenny1_amd64.deb
Size/MD5 checksum: 58050 ea914b6bf177e468c156fe61bd869d41
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.22.dfsg1-23+lenny1_amd64.deb
Size/MD5 checksum: 276504 eaa42b2f795f8fe85ebb5f84d529071c
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2-dbg_2.1.22.dfsg1-23+lenny1_amd64.deb
Size/MD5 checksum: 609428 91d51cc190a79b50b1b5f96d5d5e6b80
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.22.dfsg1-23+lenny1_amd64.deb
Size/MD5 checksum: 156374 48d94aab8c3f98eacebea35824e726e8
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.22.dfsg1-23+lenny1_amd64.deb
Size/MD5 checksum: 163456 05b37316e0811ecbfbda111e5628f2b1
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.22.dfsg1-23+lenny1_amd64.deb
Size/MD5 checksum: 67342 5633875f4f067e8a92860f80fd57d312
arm architecture (ARM)
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.22.dfsg1-23+lenny1_arm.deb
Size/MD5 checksum: 63788 fe7bd8332cbef2c77cf3dbfd377d878d
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.22.dfsg1-23+lenny1_arm.deb
Size/MD5 checksum: 265720 fdb983efb59dcba138d20b08d04d9760
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-2_2.1.22.dfsg1-23+lenny1_arm.deb
Size/MD5 checksum: 106112 a6b6abccd297cab3e5d0bb8af0c7bdc1
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2-dbg_2.1.22.dfsg1-23+lenny1_arm.deb
Size/MD5 checksum: 573898 24f922a08943d1036ef11c292de130c8
http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/libsasl2-modules-gssapi-heimdal_2.1.22.dfsg1-23+lenny1_arm.deb
Size/MD5 checksum: 64598 a0e5097fac9b08096848ba18d602a9e6
http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/cyrus-sasl2-heimdal-dbg_2.1.22.dfsg1-23+lenny1_arm.deb
Size/MD5 checksum: 67706 423ceff082b95c8d355a46d82e0c8b96
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-otp_2.1.22.dfsg1-23+lenny1_arm.deb
Size/MD5 checksum: 73592 3d20e751e51ce1001ecdf74e55756458
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-mit_2.1.22.dfsg1-23+lenny1_arm.deb
Size/MD5 checksum: 65062 3b82a869de27691439188148cd4ce84d
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.22.dfsg1-23+lenny1_arm.deb
Size/MD5 checksum: 147070 52d2c37432bea8aae2ba23f8f3c4b90c
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.22.dfsg1-23+lenny1_arm.deb
Size/MD5 checksum: 136654 f11faeafb7502f5eb36361f8c877223d
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-ldap_2.1.22.dfsg1-23+lenny1_arm.deb
Size/MD5 checksum: 56716 d2048db8e57059c1c9f2ade3b92ebc1f
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-ldap_2.1.22.dfsg1-23+lenny1_armel.deb
Size/MD5 checksum: 56706 ccbe00612c14d8cb7c46ceec1a523f93
http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/cyrus-sasl2-heimdal-dbg_2.1.22.dfsg1-23+lenny1_armel.deb
Size/MD5 checksum: 67902 c8f859a00df9b06e08e0e3f405fb5b7f
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2-dbg_2.1.22.dfsg1-23+lenny1_armel.deb
Size/MD5 checksum: 575992 15d54bf1d6026698c453b8c3995742e3
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-otp_2.1.22.dfsg1-23+lenny1_armel.deb
Size/MD5 checksum: 74912 47b6aac13a77bdb5fbe7d9c6585d5036
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.22.dfsg1-23+lenny1_armel.deb
Size/MD5 checksum: 144840 fa380ab748a1ffe5975b97b78b2c0416
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.22.dfsg1-23+lenny1_armel.deb
Size/MD5 checksum: 63884 00ff7248bca7acf9b704baaf90d0689e
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-mit_2.1.22.dfsg1-23+lenny1_armel.deb
Size/MD5 checksum: 64708 92616d18849b68029919d313679b1c82
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.22.dfsg1-23+lenny1_armel.deb
Size/MD5 checksum: 263854 263639282e6004454c5b33c71b9647d4
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-2_2.1.22.dfsg1-23+lenny1_armel.deb
Size/MD5 checksum: 104616 a276680084df232510cc4bc617055a18
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.22.dfsg1-23+lenny1_armel.deb
Size/MD5 checksum: 143942 57e4a79481797f0c32f60401ee1237de
http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/libsasl2-modules-gssapi-heimdal_2.1.22.dfsg1-23+lenny1_armel.deb
Size/MD5 checksum: 63678 2eda7c4085a8f6877ce8061f907b2ad1
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-otp_2.1.22.dfsg1-23+lenny1_hppa.deb
Size/MD5 checksum: 80276 d024aad3a3d2d790b0ab5f826af132eb
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-mit_2.1.22.dfsg1-23+lenny1_hppa.deb
Size/MD5 checksum: 71646 00212830b9715ceda5eb01d1aaa57402
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.22.dfsg1-23+lenny1_hppa.deb
Size/MD5 checksum: 159494 fd9c8f622178e39834bcadfef091c736
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.22.dfsg1-23+lenny1_hppa.deb
Size/MD5 checksum: 71444 b93c7dae5ae9405b35cd2c41e7253c07
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.22.dfsg1-23+lenny1_hppa.deb
Size/MD5 checksum: 172492 207dc3d84027fc346d90d7810e588a64
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.22.dfsg1-23+lenny1_hppa.deb
Size/MD5 checksum: 294572 9be25532614ae62163e2b635061fe628
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-ldap_2.1.22.dfsg1-23+lenny1_hppa.deb
Size/MD5 checksum: 61040 25d4df1f36f401f985bf931f46b64781
http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/libsasl2-modules-gssapi-heimdal_2.1.22.dfsg1-23+lenny1_hppa.deb
Size/MD5 checksum: 70710 eb2a5d507bf152da6c36322fc70f449c
http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/cyrus-sasl2-heimdal-dbg_2.1.22.dfsg1-23+lenny1_hppa.deb
Size/MD5 checksum: 68282 f4e90c409355887a3c1fdae2471e386b
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2-dbg_2.1.22.dfsg1-23+lenny1_hppa.deb
Size/MD5 checksum: 588948 4a74364ca6307b066927f26525ff0fdb
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-2_2.1.22.dfsg1-23+lenny1_hppa.deb
Size/MD5 checksum: 118338 f0a1c2c0dd52f0a4d26f3abd4d5309ad
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-ldap_2.1.22.dfsg1-23+lenny1_i386.deb
Size/MD5 checksum: 57462 5ebb116b052de64d4c7014c1ae14e267
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.22.dfsg1-23+lenny1_i386.deb
Size/MD5 checksum: 259252 ae246a06589d3e2779627c6d3a39eb78
http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/libsasl2-modules-gssapi-heimdal_2.1.22.dfsg1-23+lenny1_i386.deb
Size/MD5 checksum: 64212 e3f9fe64851978336fe8ef915ec7b826
http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/cyrus-sasl2-heimdal-dbg_2.1.22.dfsg1-23+lenny1_i386.deb
Size/MD5 checksum: 67634 8ad13d8d15d19d1dba507e4db3026c54
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.22.dfsg1-23+lenny1_i386.deb
Size/MD5 checksum: 145828 dd6dc6e38f07c36d8c0bbdac20f9eee5
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2-dbg_2.1.22.dfsg1-23+lenny1_i386.deb
Size/MD5 checksum: 575092 fa8a679ad9aa118404834e3c46a6acbf
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-otp_2.1.22.dfsg1-23+lenny1_i386.deb
Size/MD5 checksum: 75366 cc8dc458e34dda7c3de4f70279a3105c
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.22.dfsg1-23+lenny1_i386.deb
Size/MD5 checksum: 64160 51d92ff406fde2abd21e6080be6bf3a3
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-2_2.1.22.dfsg1-23+lenny1_i386.deb
Size/MD5 checksum: 105514 36ce7fca9761b6f4dd8b94fa5a67b396
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.22.dfsg1-23+lenny1_i386.deb
Size/MD5 checksum: 146610 f1447794b61c530605a2da75829f62ba
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-mit_2.1.22.dfsg1-23+lenny1_i386.deb
Size/MD5 checksum: 65456 ecd58a3ccf79672c2ce00fe7a7b161c7
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/cyrus-sasl2-heimdal-dbg_2.1.22.dfsg1-23+lenny1_ia64.deb
Size/MD5 checksum: 67580 ece86227d7eace47ab16237e915b3fec
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-otp_2.1.22.dfsg1-23+lenny1_ia64.deb
Size/MD5 checksum: 91958 6536d489a5b387070c87fda3d6a928a3
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-ldap_2.1.22.dfsg1-23+lenny1_ia64.deb
Size/MD5 checksum: 68352 b8532fb79679952018fc9e46fb3ae9e9
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.22.dfsg1-23+lenny1_ia64.deb
Size/MD5 checksum: 341402 8424c2421afe1140c7c2a0ee472ad8a5
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-mit_2.1.22.dfsg1-23+lenny1_ia64.deb
Size/MD5 checksum: 83024 4aacfaec8c8f15081db9655ef1050832
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-2_2.1.22.dfsg1-23+lenny1_ia64.deb
Size/MD5 checksum: 149060 90993f31514099790278be32aa5e6614
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.22.dfsg1-23+lenny1_ia64.deb
Size/MD5 checksum: 187396 2fcf8a48bfe03ec3aff87cd75f232ff3
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.22.dfsg1-23+lenny1_ia64.deb
Size/MD5 checksum: 243462 264bddaa5766aeb444d03b40eb4d7fa1
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2-dbg_2.1.22.dfsg1-23+lenny1_ia64.deb
Size/MD5 checksum: 568004 e5fc8d3bdb48f173cf1586e6d55e5bf6
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.22.dfsg1-23+lenny1_ia64.deb
Size/MD5 checksum: 79706 8e11ab18902532dfd516fdeb35093312
http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/libsasl2-modules-gssapi-heimdal_2.1.22.dfsg1-23+lenny1_ia64.deb
Size/MD5 checksum: 82078 0a29e217ca95d171305ed53615b7aeb7
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-2_2.1.22.dfsg1-23+lenny1_mips.deb
Size/MD5 checksum: 104880 5863587f4ebdfc8d2accb92c43975770
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.22.dfsg1-23+lenny1_mips.deb
Size/MD5 checksum: 155770 46cc9b8f9907b607d2029b25a2d5176b
http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/cyrus-sasl2-heimdal-dbg_2.1.22.dfsg1-23+lenny1_mips.deb
Size/MD5 checksum: 68930 52fbafb17a0b36cd4f4ced0257963d00
http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/libsasl2-modules-gssapi-heimdal_2.1.22.dfsg1-23+lenny1_mips.deb
Size/MD5 checksum: 67240 0c00396d4af872fbd68435ce37f5b91f
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-ldap_2.1.22.dfsg1-23+lenny1_mips.deb
Size/MD5 checksum: 57308 3655fa5d350a36a6e7ac7e15c487c67c
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-otp_2.1.22.dfsg1-23+lenny1_mips.deb
Size/MD5 checksum: 77244 901ab9aa01ee8f36ea0c4ae8b9b01384
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-mit_2.1.22.dfsg1-23+lenny1_mips.deb
Size/MD5 checksum: 68074 6228a649cc3c0af4278709d81a85691f
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.22.dfsg1-23+lenny1_mips.deb
Size/MD5 checksum: 153862 390c96e802a795ac507d8b97d250b9bc
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2-dbg_2.1.22.dfsg1-23+lenny1_mips.deb
Size/MD5 checksum: 603738 bd9e9352b83c7151718a0b28e8f4d58b
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.22.dfsg1-23+lenny1_mips.deb
Size/MD5 checksum: 287770 a810f916805a6c3622eecf55bac38d88
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.22.dfsg1-23+lenny1_mips.deb
Size/MD5 checksum: 67072 b8d4429a81ee151f53417dbf4e2af658
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2-dbg_2.1.22.dfsg1-23+lenny1_mipsel.deb
Size/MD5 checksum: 593356 6610f0434f090ac4da1c9d31141ff5e8
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.22.dfsg1-23+lenny1_mipsel.deb
Size/MD5 checksum: 67462 6139841e9d8c59b4da4ab38c7518a0ca
http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/cyrus-sasl2-heimdal-dbg_2.1.22.dfsg1-23+lenny1_mipsel.deb
Size/MD5 checksum: 68504 69adbead8bd79767a9de0f4b0354306e
http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/libsasl2-modules-gssapi-heimdal_2.1.22.dfsg1-23+lenny1_mipsel.deb
Size/MD5 checksum: 67572 b0dadb218ba13c6fcb2cd9771b392289
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-otp_2.1.22.dfsg1-23+lenny1_mipsel.deb
Size/MD5 checksum: 77924 1426b53e89f0771dd89e0916fa5315b8
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-2_2.1.22.dfsg1-23+lenny1_mipsel.deb
Size/MD5 checksum: 108728 0a5e4d5a5fa93992198c14fa4a018e8d
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-mit_2.1.22.dfsg1-23+lenny1_mipsel.deb
Size/MD5 checksum: 68454 b4d4b2b12789d6c1b9b55547bd23289f
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.22.dfsg1-23+lenny1_mipsel.deb
Size/MD5 checksum: 164172 1b1ceb3737ab04fb22bd4a4d20e5f4c0
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-ldap_2.1.22.dfsg1-23+lenny1_mipsel.deb
Size/MD5 checksum: 57758 b1af996db05522ffe582fc776132fe9f
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.22.dfsg1-23+lenny1_mipsel.deb
Size/MD5 checksum: 287940 fb18899c8acd1a3fb9cfb2950c2a0786
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.22.dfsg1-23+lenny1_mipsel.deb
Size/MD5 checksum: 155390 923b0df689d8546f64d9e94668e1a8c0
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-2_2.1.22.dfsg1-23+lenny1_powerpc.deb
Size/MD5 checksum: 119716 64acba5b3c822aeea5d92acdbe13cdf5
http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/cyrus-sasl2-heimdal-dbg_2.1.22.dfsg1-23+lenny1_powerpc.deb
Size/MD5 checksum: 70260 55506c65fcb75c975d634e72ca57b499
http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/libsasl2-modules-gssapi-heimdal_2.1.22.dfsg1-23+lenny1_powerpc.deb
Size/MD5 checksum: 70536 e2dd4053970203b291fc0064e3fc7e4f
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2-dbg_2.1.22.dfsg1-23+lenny1_powerpc.deb
Size/MD5 checksum: 625910 b49078c416463d3e6fe9e1abaa857ad7
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.22.dfsg1-23+lenny1_powerpc.deb
Size/MD5 checksum: 71772 e73ebc9e9f7b3f957b22dbbed7af487c
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.22.dfsg1-23+lenny1_powerpc.deb
Size/MD5 checksum: 185506 6e31ca4fc06dd38ce754b84f608b0018
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.22.dfsg1-23+lenny1_powerpc.deb
Size/MD5 checksum: 170426 564ade009cd10f03ec390d51a18b1bc6
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-mit_2.1.22.dfsg1-23+lenny1_powerpc.deb
Size/MD5 checksum: 71610 e5db62f80f8a909dec79e7926db1c43a
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.22.dfsg1-23+lenny1_powerpc.deb
Size/MD5 checksum: 281752 5595cab6b86610d4f41f648584091c24
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-ldap_2.1.22.dfsg1-23+lenny1_powerpc.deb
Size/MD5 checksum: 61528 a4d2292554728724b07549d4e4ba9abd
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-otp_2.1.22.dfsg1-23+lenny1_powerpc.deb
Size/MD5 checksum: 79702 cac4d2488861483529067e5bf3e57cfa
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/libsasl2-modules-gssapi-heimdal_2.1.22.dfsg1-23+lenny1_s390.deb
Size/MD5 checksum: 66690 a52cee912cf1f46018d8ed8c54ccf9b6
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2-dbg_2.1.22.dfsg1-23+lenny1_s390.deb
Size/MD5 checksum: 604082 0f8f8838bc5d8487de8a8b23ecb17329
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-2_2.1.22.dfsg1-23+lenny1_s390.deb
Size/MD5 checksum: 112752 890c4b70503ab1bb94fbc0d43d6c7328
http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/cyrus-sasl2-heimdal-dbg_2.1.22.dfsg1-23+lenny1_s390.deb
Size/MD5 checksum: 68984 ab0d3fc56183cd0ff319cdac869b9251
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-otp_2.1.22.dfsg1-23+lenny1_s390.deb
Size/MD5 checksum: 77658 d7e99571c7bfa56fbf753b1f69a48935
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.22.dfsg1-23+lenny1_s390.deb
Size/MD5 checksum: 67948 e6e7ab2c5fc90b575896e11acdb227b4
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.22.dfsg1-23+lenny1_s390.deb
Size/MD5 checksum: 166632 a98fd5a59024bd1a2bdd1fb60e692d02
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-mit_2.1.22.dfsg1-23+lenny1_s390.deb
Size/MD5 checksum: 67832 31291b7faa6591eb93d8879389a00360
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.22.dfsg1-23+lenny1_s390.deb
Size/MD5 checksum: 157992 66a99b49a60c0e82d0d92d112d381c2e
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-ldap_2.1.22.dfsg1-23+lenny1_s390.deb
Size/MD5 checksum: 58868 a663ebf059cf987c9949878d0efc7dfc
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.22.dfsg1-23+lenny1_s390.deb
Size/MD5 checksum: 273358 2b4557d2cf8f639984a44dfe6a889b2c
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.22.dfsg1-23+lenny1_sparc.deb
Size/MD5 checksum: 144494 08996d7a2ba0f2ff53abd41245b4f352
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.22.dfsg1-23+lenny1_sparc.deb
Size/MD5 checksum: 137850 394ff90e509d13b822d5ed0cddc2ea27
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-2_2.1.22.dfsg1-23+lenny1_sparc.deb
Size/MD5 checksum: 102142 4739d9c336e9f8173147eb222353ff7a
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.22.dfsg1-23+lenny1_sparc.deb
Size/MD5 checksum: 63600 39aa7cbabf1e395d297bc9636402f5a7
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-mit_2.1.22.dfsg1-23+lenny1_sparc.deb
Size/MD5 checksum: 62582 88bd4a20e17255314a5dd788bbb02f86
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.22.dfsg1-23+lenny1_sparc.deb
Size/MD5 checksum: 261038 003e8ca005174a442e1271a04d6c885f
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-ldap_2.1.22.dfsg1-23+lenny1_sparc.deb
Size/MD5 checksum: 55826 1439ea1b2401eefd06cdd608a9559fa6
http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/libsasl2-modules-gssapi-heimdal_2.1.22.dfsg1-23+lenny1_sparc.deb
Size/MD5 checksum: 62976 6c75a70e425e2032975c46634c404591
http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/cyrus-sasl2-heimdal-dbg_2.1.22.dfsg1-23+lenny1_sparc.deb
Size/MD5 checksum: 65428 9b2b3189c39972e611bc180fd5aa6ba1
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2-dbg_2.1.22.dfsg1-23+lenny1_sparc.deb
Size/MD5 checksum: 535118 407f26e926701d7a0008522aa5da27bb
http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-otp_2.1.22.dfsg1-23+lenny1_sparc.deb
Size/MD5 checksum: 74926 f2b2c0957166e2196404efbbf9413bfb
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkojzKIACgkQHYflSXNkfP8X4QCdFIZfAWStsWeHaU/VPvslWafO
cOQAniJfVdsiGmjL2V+VHffEeQJF5j5A
=SHqc
-----END PGP SIGNATURE-----
"
This entry was posted
on 3:43 PM
.
Archives
-
▼
2009
(488)
-
▼
June
(53)
- RHSA-2009:1127-01 Critical: kdelibs security update
- RHSA-2009:1128-01 Important: kdelibs security update
- USN-782-1: Thunderbird vulnerabilities
- RHSA-2009:1125-01 Moderate: thunderbird security u...
- RHSA-2009:1123-01 Moderate: gstreamer-plugins-good...
- USN-791-2: Moodle vulnerability
- RHSA-2009:1130-01 Critical: kdegraphics security u...
- RHSA-2009:1126-01 Moderate: thunderbird security u...
- DSA 1821-1: New amule packages fix insufficient in...
- RHSA-2009:1109-01 Critical: acroread security update
- DSA 1822-1: New mahara packages fix cross-site scr...
- DSA 1817-1: New ctorrent packages fix arbitrary co...
- RHSA-2009:1101-01 Moderate: cscope security update
- USN-788-1: Tomcat vulnerabilities
- DSA 1816-1: New apache2 packages fix privilege esc...
- RHSA-2009:1106-01 Important: kernel security and b...
- RHSA-2009:1102-01 Moderate: cscope security update
- DSA 1818-1: New gforge packages fix insufficient i...
- RHSA-2009:1100-01 Moderate: wireshark security update
- RHSA-2009:1107-01 Moderate: apr-util security update
- USN-775-2: Quagga regression
- DSA 1815-1: New libtorrent-rasterbar packages fix ...
- RHSA-2009:1096-01 Critical: seamonkey security update
- DSA 1814-1: New libsndfile packages fix arbitrary ...
- USN-784-1: ImageMagick vulnerability
- USN-785-1: ipsec-tools vulnerabilities
- RHSA-2009:1087-01 Important: mod_jk security update
- USN-783-1: eCryptfs vulnerability
- USN-781-1: Pidgin vulnerabilities
- RHSA-2009:1081-01 Important: kernel-rt security an...
- DSA 1809-1: New Linux 2.6.26 packages fix several ...
- RHSA-2009:1082-01 Important: cups security update
- USN-780-1: CUPS vulnerability
- USN-780-1: CUPS vulnerability
- DSA 1810-1: New cups/cupsys packages fix denial of...
- DSA 1812-1: New apr-util packages fix several vuln...
- RHSA-2009:1083-01 Important: cups security update
- USN-781-2: Gaim vulnerabilities
- RHSA-2009:1077-01 Important: kernel security and b...
- DSA 1810-1: New libapache-mod-jk packages fix info...
- USN-778-1: cron vulnerability
- RHSA-2009:1076-01 Low: Red Hat Enterprise Linux 2....
- DSA 1807-1: New cyrus-sasl2/cyrus-sasl2-heimdal pa...
- GLSA 200905-06 acpid: Denial of Service
- DSA 1805-1: New pidgin packages fix several vulner...
- GLSA 200905-08 NTP: Remote execution of arbitrary...
- GLSA 200905-07 Pidgin: Multiple vulnerabilities
- RHSA-2009:1067-01 Moderate: Red Hat Application St...
- RHSA-2009:1075-01 Moderate: httpd security update
- GLSA 200905-09 libsndfile: User-assisted executio...
- RHSA-2009:1066-01 Important: squirrelmail security...
- GLSA 200905-03 IPSec Tools: Denial of Service
- GLSA 200905-05 FreeType: Multiple vulnerabilities
-
▼
June
(53)