DSA 1845-1: New Linux 2.6.26 packages fix several vulnerabilities  

Posted by Daniela Mehler

"-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ----------------------------------------------------------------------
Debian Security Advisory DSA-1845-1 security@debian.org
http://www.debian.org/security/ dann frazier
Jun 28, 2009 http://www.debian.org/security/faq
- ----------------------------------------------------------------------

Package : linux-2.6
Vulnerability : denial of service, privilege escalation
Problem type : local
Debian-specific: no
CVE Id(s) : CVE-2009-1895 CVE-2009-2287 CVE-2009-2406 CVE-2009-2407

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service, or privilege escalation. The Common
Vulnerabilities and Exposures project identifies the following
problems:

CVE-2009-1895

Julien Tinnes and Tavis Ormandy reported an issue in the Linux
personality code. Local users can take advantage of a setuid
binary that can either be made to dereference a NULL pointer or
drop privileges and return control to the user. This allows a
user to bypass mmap_min_addr restrictions which can be exploited
to execute arbitrary code.

CVE-2009-2287

Matt T. Yourst discovered an issue in the kvm subsystem. Local
users with permission to manipulate /dev/kvm can cause a denial
of service (hang) by providing an invalid cr3 value to the
KVM_SET_SREGS call.

CVE-2009-2406
CVE-2009-2407

Ramon de Carvalho Valle discovered two issues with the eCryptfs
layered filesystem using the fsfuzzer utility. A local user with
permissions to perform an eCryptfs mount may modify the contents
of a eCryptfs file, overflowing the stack and potentially gaining
elevated privileges.

For the stable distribution (lenny), these problems have been fixed in
version 2.6.26-17lenny1.

For the oldstable distribution (etch), these problems, where
applicable, will be fixed in updates to linux-2.6 and linux-2.6.24.

We recommend that you upgrade your linux-2.6 and user-mode-linux
packages.

Note: Debian carefully tracks all known security issues across every
linux kernel package in all releases under active security support.
However, given the high frequency at which low-severity security
issues are discovered in the kernel and the resource requirements of
doing an update, updates for lower priority issues will normally not
be released for all kernels at the same time. Rather, they will be
released in a staggered or "leap-frog" fashion.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

The following matrix lists additional source packages that were rebuilt for
compatibility with or to take advantage of this update:

Debian 5.0 (lenny)
user-mode-linux 2.6.26-1um-2+17lenny1

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-17lenny1.diff.gz
Size/MD5 checksum: 7379386 e39e1610a5bf0ecf7213c7d0cdf2d2b8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26.orig.tar.gz
Size/MD5 checksum: 61818969 85e039c2588d5bf3cb781d1c9218bbcb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-17lenny1.dsc
Size/MD5 checksum: 5777 af1732ba4824c10f33f9f9d47646b71e

Architecture independent packages:

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.26_2.6.26-17lenny1_all.deb
Size/MD5 checksum: 1796746 513b2bc4b33984b4b8aee8fe5eba0eb6
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.26-2_2.6.26-17lenny1_all.deb
Size/MD5 checksum: 121474 6a5b4b1258d5413a289c622f53618048
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.26_2.6.26-17lenny1_all.deb
Size/MD5 checksum: 49364258 a711fe6f43baac15f31ec8410cca0208
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.26_2.6.26-17lenny1_all.deb
Size/MD5 checksum: 2306752 c927a4be24692ff4ba314437ad3cb858
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.26_2.6.26-17lenny1_all.deb
Size/MD5 checksum: 4846320 eed4194a6f0c2622b89d0f4f22bce41f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.26_2.6.26-17lenny1_all.deb
Size/MD5 checksum: 105386 b363ddaddee39208f28189904b441135

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-generic_2.6.26-17lenny1_alpha.deb
Size/MD5 checksum: 28339784 20ad51628add3cb2c07fb8998e311ceb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-smp_2.6.26-17lenny1_alpha.deb
Size/MD5 checksum: 365102 8da1c0d879b2bc4262782c80daf4748e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-smp_2.6.26-17lenny1_alpha.deb
Size/MD5 checksum: 29031684 906c285dc4d53632bf4a5e66259183b0
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-17lenny1_alpha.deb
Size/MD5 checksum: 104956 840b14d789cc4ba914f967e7c9570951
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-legacy_2.6.26-17lenny1_alpha.deb
Size/MD5 checksum: 362972 f950f072ef0f7fc0e756c9c29a9108ad
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-legacy_2.6.26-17lenny1_alpha.deb
Size/MD5 checksum: 28317390 1cb8ed6ae8dcbac77691399363ba94e6
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-17lenny1_alpha.deb
Size/MD5 checksum: 3541642 602567f93cdd4ddebc261d819b26aab7
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-17lenny1_alpha.deb
Size/MD5 checksum: 739432 5407584de49ed3fc4ff22d17b32c9364
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-alpha_2.6.26-17lenny1_alpha.deb
Size/MD5 checksum: 104976 787c3541cb967daca5ee7f8fa12dd315
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-generic_2.6.26-17lenny1_alpha.deb
Size/MD5 checksum: 362518 370d72552c3218fa3f9daa536605c755

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-xen_2.6.26-17lenny1_amd64.deb
Size/MD5 checksum: 3849250 806c662910b6e5f8358224a95517491a
http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.26-2-xen-amd64_2.6.26-17lenny1_amd64.deb
Size/MD5 checksum: 104940 8724f579e8cb7109e2f39c2d0efc01f6
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-amd64_2.6.26-17lenny1_amd64.deb
Size/MD5 checksum: 20782346 4af003031aa49ae2c9e527fc20110be5
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-openvz-amd64_2.6.26-17lenny1_amd64.deb
Size/MD5 checksum: 393984 3c444229a2e762a0d259abf01e4516d9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-xen-amd64_2.6.26-17lenny1_amd64.deb
Size/MD5 checksum: 381464 7147fa4f0c4d898d842c7e4bb1833aee
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-17lenny1_amd64.deb
Size/MD5 checksum: 3716672 5cf2cdf2efa1d32344ba3504c9fabf75
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-17lenny1_amd64.deb
Size/MD5 checksum: 747876 e5cdaad585e698cabf367e333c52e8a7
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-amd64_2.6.26-17lenny1_amd64.deb
Size/MD5 checksum: 387590 a4e1214d84b8882c9ec5963c9b4b04b2
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-xen-amd64_2.6.26-17lenny1_amd64.deb
Size/MD5 checksum: 1801534 6e44a9381919c0b1361e294f74ec1a6b
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-17lenny1_amd64.deb
Size/MD5 checksum: 3749374 f7d73d3aa4afdcd8f9c305d9fc617455
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-amd64_2.6.26-17lenny1_amd64.deb
Size/MD5 checksum: 20802058 4f60e31d4f3c208a484160ebf90602c3
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-17lenny1_amd64.deb
Size/MD5 checksum: 104946 d909937c63e4d9080164d41869b0d4db
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-amd64_2.6.26-17lenny1_amd64.deb
Size/MD5 checksum: 104982 068d117daf5fd54cc56d226371b430f0
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.26-2-xen-amd64_2.6.26-17lenny1_amd64.deb
Size/MD5 checksum: 19175182 56f1360dfafd92b7e7243beb1c7491ab
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-openvz_2.6.26-17lenny1_amd64.deb
Size/MD5 checksum: 3772298 2928e075ee70a25b55545d203f79adcc
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-openvz-amd64_2.6.26-17lenny1_amd64.deb
Size/MD5 checksum: 20951548 8fb28c17ea59b609b8fa14ede127508c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-amd64_2.6.26-17lenny1_amd64.deb
Size/MD5 checksum: 386650 01a4c39f554be935b16ade92e0d0fa59

arm architecture (ARM)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-17lenny1_arm.deb
Size/MD5 checksum: 744878 9c250cb6fe1d7d84d7f773b9ec219766
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-iop32x_2.6.26-17lenny1_arm.deb
Size/MD5 checksum: 12430418 79e0da6e286b30f02278855c59ad21f9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-17lenny1_arm.deb
Size/MD5 checksum: 4137286 4fe364eb5aa17e2f7b3407a1d9abc266
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-orion5x_2.6.26-17lenny1_arm.deb
Size/MD5 checksum: 359528 e7374c28cb78ada54e4fbd96b79d588e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-17lenny1_arm.deb
Size/MD5 checksum: 104908 0f19820cade592260120ca755c6deca1
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-orion5x_2.6.26-17lenny1_arm.deb
Size/MD5 checksum: 11409620 b3e129e9e88a55776812aa11e08df4f0
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-footbridge_2.6.26-17lenny1_arm.deb
Size/MD5 checksum: 348034 7499d074c0558ec958cbe622e41242d9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-footbridge_2.6.26-17lenny1_arm.deb
Size/MD5 checksum: 10231284 6da1c6c02dfc34141ce0f220c116e468
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-iop32x_2.6.26-17lenny1_arm.deb
Size/MD5 checksum: 364464 1ffe9f6ea5256078bd1b7f10744311b2
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-ixp4xx_2.6.26-17lenny1_arm.deb
Size/MD5 checksum: 362694 aada27cb84d53a36643d0c2058c5cee6
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-ixp4xx_2.6.26-17lenny1_arm.deb
Size/MD5 checksum: 11715894 7b0861f2ca62c57e0581ab11854e1076
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-arm_2.6.26-17lenny1_arm.deb
Size/MD5 checksum: 104950 b75e7b96cb6bd06a1ab4aeddba7cd2d0

armel architecture (ARM EABI)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-versatile_2.6.26-17lenny1_armel.deb
Size/MD5 checksum: 9570900 96d80e107dbc42b0bde446faa7fa0ce6
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-17lenny1_armel.deb
Size/MD5 checksum: 104958 c4c0d6fa513f065ab955b4d2d0be3c68
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-orion5x_2.6.26-17lenny1_armel.deb
Size/MD5 checksum: 359970 7a3ff45a0cc61722d12957f7732a1529
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-ixp4xx_2.6.26-17lenny1_armel.deb
Size/MD5 checksum: 363560 2e9f6c9c81f2e23cf08b9e5d1c4101b2
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-iop32x_2.6.26-17lenny1_armel.deb
Size/MD5 checksum: 12394444 850cd46b7a329802e8288c5da86c9973
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-ixp4xx_2.6.26-17lenny1_armel.deb
Size/MD5 checksum: 11682814 1d0a0b2dda4ddc38f78d8bb127a536c3
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-iop32x_2.6.26-17lenny1_armel.deb
Size/MD5 checksum: 365874 56a9946a3e11dc26e31aaf2d6213eafa
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-17lenny1_armel.deb
Size/MD5 checksum: 745466 669720212857c6307b9b52df8c5df536
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-orion5x_2.6.26-17lenny1_armel.deb
Size/MD5 checksum: 11372192 aeb7f482de47719fef3cbe2b21a4bec4
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-versatile_2.6.26-17lenny1_armel.deb
Size/MD5 checksum: 335782 df019358a01151a224e430649851bde6
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-armel_2.6.26-17lenny1_armel.deb
Size/MD5 checksum: 104994 46fcfff6c56be8fdfd8a73fbc9355e9c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-17lenny1_armel.deb
Size/MD5 checksum: 4129080 eab6db71cf4761df64f89751ab8d1652

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc64_2.6.26-17lenny1_hppa.deb
Size/MD5 checksum: 16925328 80a6af47aae8e8ded7f947e448edd5b6
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc_2.6.26-17lenny1_hppa.deb
Size/MD5 checksum: 15615228 e5f33ccb5d4f97a929edc358959762d8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc-smp_2.6.26-17lenny1_hppa.deb
Size/MD5 checksum: 295484 55290542f69a9ebf10db7ca5c7116999
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-17lenny1_hppa.deb
Size/MD5 checksum: 3597960 406a170179a7e024a3c8ec1d6cad3e83
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-17lenny1_hppa.deb
Size/MD5 checksum: 104908 d310bceae5eb38d22a233a5e7c3cb5b6
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-hppa_2.6.26-17lenny1_hppa.deb
Size/MD5 checksum: 104942 ea8b1d0a77f89f0b8083c6ca706e8382
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc_2.6.26-17lenny1_hppa.deb
Size/MD5 checksum: 294106 5725c28f5c553f21df54e096c4be8d31
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc64-smp_2.6.26-17lenny1_hppa.deb
Size/MD5 checksum: 296666 93c636ab6db65a75d398810a3ba5dcc0
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-17lenny1_hppa.deb
Size/MD5 checksum: 756918 c79bea2dca9922d535f2369206234d35
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc64_2.6.26-17lenny1_hppa.deb
Size/MD5 checksum: 294936 504bee122fa2dab9bc288a49caea66e4
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc64-smp_2.6.26-17lenny1_hppa.deb
Size/MD5 checksum: 17470156 86fb47ed82e1418423aca47b93d734f7
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc-smp_2.6.26-17lenny1_hppa.deb
Size/MD5 checksum: 16203598 6caadd853fb812b8a157b4156abac638

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.26-2-xen-686_2.6.26-17lenny1_i386.deb
Size/MD5 checksum: 18067424 4af73d71bd55c38cd241a94f1d417bf9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-686-bigmem_2.6.26-17lenny1_i386.deb
Size/MD5 checksum: 402032 20f8ad1b60f90cc354ed0723871c04d4
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-17lenny1_i386.deb
Size/MD5 checksum: 3797646 9deaf2a91ad8bb665099e20823ffdf55
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-openvz_2.6.26-17lenny1_i386.deb
Size/MD5 checksum: 3856254 8fdf5df6660165acb13216f382cfbfdb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-686-bigmem_2.6.26-17lenny1_i386.deb
Size/MD5 checksum: 20368920 2215db3313611748074728b26513a575
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-amd64_2.6.26-17lenny1_i386.deb
Size/MD5 checksum: 20883488 95599a54f3e14ac9cd338f25655e2eaa
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-17lenny1_i386.deb
Size/MD5 checksum: 3832372 8a87ced9a3c0c36f26d89f953698384c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-17lenny1_i386.deb
Size/MD5 checksum: 761582 c7d9abe4bdc016ecc470021cac5989fb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-686_2.6.26-17lenny1_i386.deb
Size/MD5 checksum: 403070 8da87c42b4c55b9d890dd94cf6ac620d
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-686-bigmem_2.6.26-17lenny1_i386.deb
Size/MD5 checksum: 20395434 3bc5d02d03b6277f37bd2f2b0e797646
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-amd64_2.6.26-17lenny1_i386.deb
Size/MD5 checksum: 393426 78e9da0b41880b79b0e413a7f1508850
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-686_2.6.26-17lenny1_i386.deb
Size/MD5 checksum: 20278236 42c6a1b6274da250b32fbe07501b394f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-xen-686_2.6.26-17lenny1_i386.deb
Size/MD5 checksum: 389916 e46fc06bfc15cb0e04f60eff19e5165c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-486_2.6.26-17lenny1_i386.deb
Size/MD5 checksum: 20220400 0786c07b87876936aa202b0701be1dd4
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-i386_2.6.26-17lenny1_i386.deb
Size/MD5 checksum: 104954 1c5d35cf4a3cb48eab1180acbcba4f25
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-686_2.6.26-17lenny1_i386.deb
Size/MD5 checksum: 401526 a890f3f5715a897a9036120309cb1ebd
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-486_2.6.26-17lenny1_i386.deb
Size/MD5 checksum: 401880 97c2da7de8bc012ed284edb52c7abb11
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-openvz-686_2.6.26-17lenny1_i386.deb
Size/MD5 checksum: 20549656 c755cd12f96f7a72265d52357058cb6f
http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.26-2-xen-686_2.6.26-17lenny1_i386.deb
Size/MD5 checksum: 104896 e544d148e74189cab781988501f6d0e7
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-xen-686_2.6.26-17lenny1_i386.deb
Size/MD5 checksum: 1590668 5441c6506d82dc8f36e3c94c4440be4a
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-686_2.6.26-17lenny1_i386.deb
Size/MD5 checksum: 20259056 3fba0ccdb20b378d25338ee153f7715c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-17lenny1_i386.deb
Size/MD5 checksum: 104900 8704a6aa10e0e3165badd3e89356a0d1
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-686-bigmem_2.6.26-17lenny1_i386.deb
Size/MD5 checksum: 403486 8f85c89d15ebe40a1c8a8c1869d3a767
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-xen_2.6.26-17lenny1_i386.deb
Size/MD5 checksum: 3937928 fa7c56c0a64e1180b96b26045039105f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-openvz-686_2.6.26-17lenny1_i386.deb
Size/MD5 checksum: 407760 034d708d4ca1fecc2ddbefcea7034c12

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-itanium_2.6.26-17lenny1_ia64.deb
Size/MD5 checksum: 359806 c6dbad4f3e543bfab0ed79ae02f3be61
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-mckinley_2.6.26-17lenny1_ia64.deb
Size/MD5 checksum: 34212812 e5d10d8c82d56b0cd85967a9eef4bf8a
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-mckinley_2.6.26-17lenny1_ia64.deb
Size/MD5 checksum: 359158 63a70f6562d5de32d3e9889cf7bbbe56
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-17lenny1_ia64.deb
Size/MD5 checksum: 3722000 56a4fe165cc2967cfca976f508287933
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-mckinley_2.6.26-17lenny1_ia64.deb
Size/MD5 checksum: 359890 c0014d738db0b6090fdb244614d3522c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-17lenny1_ia64.deb
Size/MD5 checksum: 3757876 cc432914c44f40fca243b29f02e7b0a3
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-17lenny1_ia64.deb
Size/MD5 checksum: 761018 aac2772f35833552e7b58008aceb3cf6
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-mckinley_2.6.26-17lenny1_ia64.deb
Size/MD5 checksum: 34275236 363b3e2271b28b74114505bcd5513a2d
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-itanium_2.6.26-17lenny1_ia64.deb
Size/MD5 checksum: 34039094 d27389454aa6dbb11c4ae2ecd4937e21
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-17lenny1_ia64.deb
Size/MD5 checksum: 104902 e22703a7bb2493ce1a59fcd190edc740
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-itanium_2.6.26-17lenny1_ia64.deb
Size/MD5 checksum: 34101932 9763b03a4d68080293010f3454bdc41a
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-ia64_2.6.26-17lenny1_ia64.deb
Size/MD5 checksum: 104942 79575f37ebdbddbd73af88917996d034
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-itanium_2.6.26-17lenny1_ia64.deb
Size/MD5 checksum: 359206 957622b7fb4abcb08f07e43e84832b62

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-17lenny1_mips.deb
Size/MD5 checksum: 756260 be3ebb79edeaeaa65b920272a988d0ee
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-4kc-malta_2.6.26-17lenny1_mips.deb
Size/MD5 checksum: 353154 2ec17c2dab5c5b1e648bb9e0a9becdf3
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sb1-bcm91250a_2.6.26-17lenny1_mips.deb
Size/MD5 checksum: 296424 97f9fc917999e582dac2be6245aeb21d
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-17lenny1_mips.deb
Size/MD5 checksum: 104910 76dddb5ea406ba48ae4c7eef8d4b16c7
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-r4k-ip22_2.6.26-17lenny1_mips.deb
Size/MD5 checksum: 11530694 c026184a1b4fd1d123f37b7e16fdb1cd
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-17lenny1_mips.deb
Size/MD5 checksum: 3960608 9364b6a0c1779261b0dba48d3a45afaa
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sb1-bcm91250a_2.6.26-17lenny1_mips.deb
Size/MD5 checksum: 20000412 45b56e5b4acd8127551b6c223b95d644
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sb1a-bcm91480b_2.6.26-17lenny1_mips.deb
Size/MD5 checksum: 296610 a795480c770984bf96416f8dfa0ab7de
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-r4k-ip22_2.6.26-17lenny1_mips.deb
Size/MD5 checksum: 257544 ee7be23bb19161efc336f7aa9e3f18fc
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-5kc-malta_2.6.26-17lenny1_mips.deb
Size/MD5 checksum: 29184190 759cff9946b882952ab888dd0ec4299d
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sb1a-bcm91480b_2.6.26-17lenny1_mips.deb
Size/MD5 checksum: 19987880 941f283861b8d15e47ae3f38c5d6e9b4
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-mips_2.6.26-17lenny1_mips.deb
Size/MD5 checksum: 104962 4553d7ecf28187649d656b3846f22830
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-r5k-ip32_2.6.26-17lenny1_mips.deb
Size/MD5 checksum: 281922 3da1d5827cd217f7fb3ebc1e91d39712
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-r5k-ip32_2.6.26-17lenny1_mips.deb
Size/MD5 checksum: 15683752 e3df86684db6ebc1cf147ac503509ad4
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-5kc-malta_2.6.26-17lenny1_mips.deb
Size/MD5 checksum: 351602 2517f216db80256fc9861a038d10ba52
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-4kc-malta_2.6.26-17lenny1_mips.deb
Size/MD5 checksum: 23318574 5322cba51946c40999bb98c85c6d1fa5

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sb1a-bcm91480b_2.6.26-17lenny1_mipsel.deb
Size/MD5 checksum: 292562 176071d4d5eb7d78a808570a389fa678
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-4kc-malta_2.6.26-17lenny1_mipsel.deb
Size/MD5 checksum: 22772944 eb571dbbfb692297d9dde8eecc743eea
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sb1a-bcm91480b_2.6.26-17lenny1_mipsel.deb
Size/MD5 checksum: 19383282 6deb657ec460702c52e89f321b20e328
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-17lenny1_mipsel.deb
Size/MD5 checksum: 740524 a48dcebe12fa791d83945a021394f8b1
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-17lenny1_mipsel.deb
Size/MD5 checksum: 3888698 e585dbe8562e778b1042556a921854f3
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sb1-bcm91250a_2.6.26-17lenny1_mipsel.deb
Size/MD5 checksum: 19390424 f490af5439a2427c2d11f84db79373ea
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sb1-bcm91250a_2.6.26-17lenny1_mipsel.deb
Size/MD5 checksum: 292922 bcad310140da06c19c209939753b1b5f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-mipsel_2.6.26-17lenny1_mipsel.deb
Size/MD5 checksum: 105004 3022ab6316273d6958b95e7051217a6b
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-r5k-cobalt_2.6.26-17lenny1_mipsel.deb
Size/MD5 checksum: 288904 0b7edf69ac75ec97004d6d2950d4624e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-4kc-malta_2.6.26-17lenny1_mipsel.deb
Size/MD5 checksum: 347152 10f954f3d64ac8064be99e17a747ed1b
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-17lenny1_mipsel.deb
Size/MD5 checksum: 104956 5267c3a85825e73fb7e6bddeb4b08c5f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-5kc-malta_2.6.26-17lenny1_mipsel.deb
Size/MD5 checksum: 28245242 24bcab744e8a42f4f2d7119146d64fb3
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-r5k-cobalt_2.6.26-17lenny1_mipsel.deb
Size/MD5 checksum: 14935572 75c634d4445c917800ba937a883f7cb9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-5kc-malta_2.6.26-17lenny1_mipsel.deb
Size/MD5 checksum: 346492 1abec1dc4614f2f694d7df4ba644de10

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-powerpc_2.6.26-17lenny1_powerpc.deb
Size/MD5 checksum: 366758 206e8d3e7884ee9ac45f072bebc135d9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-powerpc_2.6.26-17lenny1_powerpc.deb
Size/MD5 checksum: 104990 3580003dc0735ce1bc568a796a26c381
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc_2.6.26-17lenny1_powerpc.deb
Size/MD5 checksum: 23113020 60eda031d38600cba9988cd7338a3d6f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-powerpc_2.6.26-17lenny1_powerpc.deb
Size/MD5 checksum: 23550004 26aab88dee67e0e112e8ac434d94039f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc_2.6.26-17lenny1_powerpc.deb
Size/MD5 checksum: 364028 30f1e0d36f6d80cf75853f2d2f288687
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc64_2.6.26-17lenny1_powerpc.deb
Size/MD5 checksum: 23342248 0b1e45c77b7d27929e0c7f6b31c6d4de
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc64_2.6.26-17lenny1_powerpc.deb
Size/MD5 checksum: 371412 4b865c8865758c8cf2d50ad3f00d7967
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc-smp_2.6.26-17lenny1_powerpc.deb
Size/MD5 checksum: 365552 b3c11e8008aacca19c86e7cbb2c313f1
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-17lenny1_powerpc.deb
Size/MD5 checksum: 3853554 1715e740bd802a8963622d60e0c0c506
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-17lenny1_powerpc.deb
Size/MD5 checksum: 3888302 9ba782b0ee75dfe9ec5c487ca46ad6c4
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc-smp_2.6.26-17lenny1_powerpc.deb
Size/MD5 checksum: 23515280 e2e4709ceca184ca84201e9b07dbecbd
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-17lenny1_powerpc.deb
Size/MD5 checksum: 104954 cf83ded30563ce74f5339f9f1bc4cf14
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-powerpc64_2.6.26-17lenny1_powerpc.deb
Size/MD5 checksum: 372304 eb0e2eec22d492a9b070965bd72d77a0
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-17lenny1_powerpc.deb
Size/MD5 checksum: 754256 73f7d659d6389f7d8ba0fc22f870cf0a
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-powerpc64_2.6.26-17lenny1_powerpc.deb
Size/MD5 checksum: 23393424 4f63e3364879376aca8ad4db95d4d8a9

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-s390-tape_2.6.26-17lenny1_s390.deb
Size/MD5 checksum: 1627134 6fa7ffb7fe8099415a06075f22dda4e0
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-s390_2.6.26-17lenny1_s390.deb
Size/MD5 checksum: 227574 82447614253fb4f98c5b5b49a54ca466
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-s390x_2.6.26-17lenny1_s390.deb
Size/MD5 checksum: 229566 1ca9637beb45ae5fda06a2e89b4f8925
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-s390x_2.6.26-17lenny1_s390.deb
Size/MD5 checksum: 7770112 4bf5ddbed1f47b4cedf6d1c78ec584f2
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-17lenny1_s390.deb
Size/MD5 checksum: 104944 70b85b0607eee05e0ed6ced8fc24f6e9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-s390x_2.6.26-17lenny1_s390.deb
Size/MD5 checksum: 7830812 ec32d591cee9dd30697242ef43afb6d5
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-17lenny1_s390.deb
Size/MD5 checksum: 3560554 51d9c535649f030fa987d11b31625c5b
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-17lenny1_s390.deb
Size/MD5 checksum: 3528064 8769db0db0689c528cee2d2dd725426f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-s390x_2.6.26-17lenny1_s390.deb
Size/MD5 checksum: 228298 1a183065702aade43c83f6f3cbf72304
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-17lenny1_s390.deb
Size/MD5 checksum: 739772 a7540acfb429f27ea93ac46d8dae9642
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-s390_2.6.26-17lenny1_s390.deb
Size/MD5 checksum: 104966 af691fc33c508f97e6491d90157f8643
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-s390_2.6.26-17lenny1_s390.deb
Size/MD5 checksum: 7482794 396d57ead9e8c0064a2146616ec8e024

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-17lenny1_sparc.deb
Size/MD5 checksum: 3778796 0d606ef3866260bbd5a8d90606f937b0
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-sparc64_2.6.26-17lenny1_sparc.deb
Size/MD5 checksum: 300912 47cca783fd541d312665b7411c55ffc6
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sparc64-smp_2.6.26-17lenny1_sparc.deb
Size/MD5 checksum: 301288 c2af7b6bc32dbf712ec906b958503b96
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sparc64-smp_2.6.26-17lenny1_sparc.deb
Size/MD5 checksum: 14461622 82e13857cdb03377cfd89aa464c9253a
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sparc64_2.6.26-17lenny1_sparc.deb
Size/MD5 checksum: 14136886 c93282b2471cb705f015f74a30ef3e0f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-17lenny1_sparc.deb
Size/MD5 checksum: 797080 7c958f70578d326b948180a689d1c433
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sparc64_2.6.26-17lenny1_sparc.deb
Size/MD5 checksum: 298790 ab89eedb7788f47b6dfe1be0bb641435
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-sparc64_2.6.26-17lenny1_sparc.deb
Size/MD5 checksum: 14481530 b05391d359198c60721160330478e495
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-sparc_2.6.26-17lenny1_sparc.deb
Size/MD5 checksum: 104932 d20a6ef754f1fa20293aa599c744368b
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-17lenny1_sparc.deb
Size/MD5 checksum: 3813960 d9092366add55e1c7d0dec8e7c52f8da
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-17lenny1_sparc.deb
Size/MD5 checksum: 104908 28a931d4e1171899aaced4cbc989acc1

These changes will probably be included in the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFKb9gAhuANDBmkLRkRAn1hAJ48bysNDdfY96NRFZI/mTnhB2AndgCfbjti
o2pO4Pqi8o6BC50Xz31p2+s=
=p971
-----END PGP SIGNATURE-----
"

Robbie distracted by Jay KayDSA 1836-1: New fckeditor packages fix arbitrary code execution

RHSA-2009:1185-01 Critical: seamonkey security update  

Posted by Daniela Mehler

"-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
Red Hat Security Advisory

Synopsis: Critical: seamonkey security update
Advisory ID: RHSA-2009:1185-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1185.html
Issue date: 2009-07-30
CVE Names: CVE-2009-2404
=====================================================================

1. Summary:

Updated seamonkey packages that fix a security issue are now available for
Red Hat Enterprise Linux 3.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

3. Description:

SeaMonkey is an open source Web browser, email and newsgroup client, IRC
chat client, and HTML editor.

Moxie Marlinspike reported a heap overflow flaw in a regular expression
parser in the NSS library (provided by SeaMonkey) used to match common
names in certificates. A malicious website could present a
carefully-crafted certificate in such a way as to trigger the heap
overflow, leading to a crash or, possibly, arbitrary code execution with
the permissions of the user running SeaMonkey. (CVE-2009-2404)

Note: in order to exploit this issue without further user interaction, the
carefully-crafted certificate would need to be signed by a Certificate
Authority trusted by SeaMonkey, otherwise SeaMonkey presents the victim
with a warning that the certificate is untrusted. Only if the user then
accepts the certificate will the overflow take place.

All SeaMonkey users should upgrade to these updated packages, which contain
a backported patch to correct this issue. After installing the updated
packages, SeaMonkey must be restarted for the update to take effect.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

512912 - CVE-2009-2404 nss regexp heap overflow

6. Package List:

Red Hat Enterprise Linux AS version 3:

Source:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/seamonkey-1.0.9-0.41.el3.src.rpm

i386:
seamonkey-1.0.9-0.41.el3.i386.rpm
seamonkey-chat-1.0.9-0.41.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.41.el3.i386.rpm
seamonkey-devel-1.0.9-0.41.el3.i386.rpm
seamonkey-dom-inspector-1.0.9-0.41.el3.i386.rpm
seamonkey-js-debugger-1.0.9-0.41.el3.i386.rpm
seamonkey-mail-1.0.9-0.41.el3.i386.rpm
seamonkey-nspr-1.0.9-0.41.el3.i386.rpm
seamonkey-nspr-devel-1.0.9-0.41.el3.i386.rpm
seamonkey-nss-1.0.9-0.41.el3.i386.rpm
seamonkey-nss-devel-1.0.9-0.41.el3.i386.rpm

ia64:
seamonkey-1.0.9-0.41.el3.ia64.rpm
seamonkey-chat-1.0.9-0.41.el3.ia64.rpm
seamonkey-debuginfo-1.0.9-0.41.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.41.el3.ia64.rpm
seamonkey-devel-1.0.9-0.41.el3.ia64.rpm
seamonkey-dom-inspector-1.0.9-0.41.el3.ia64.rpm
seamonkey-js-debugger-1.0.9-0.41.el3.ia64.rpm
seamonkey-mail-1.0.9-0.41.el3.ia64.rpm
seamonkey-nspr-1.0.9-0.41.el3.i386.rpm
seamonkey-nspr-1.0.9-0.41.el3.ia64.rpm
seamonkey-nspr-devel-1.0.9-0.41.el3.ia64.rpm
seamonkey-nss-1.0.9-0.41.el3.i386.rpm
seamonkey-nss-1.0.9-0.41.el3.ia64.rpm
seamonkey-nss-devel-1.0.9-0.41.el3.ia64.rpm

ppc:
seamonkey-1.0.9-0.41.el3.ppc.rpm
seamonkey-chat-1.0.9-0.41.el3.ppc.rpm
seamonkey-debuginfo-1.0.9-0.41.el3.ppc.rpm
seamonkey-devel-1.0.9-0.41.el3.ppc.rpm
seamonkey-dom-inspector-1.0.9-0.41.el3.ppc.rpm
seamonkey-js-debugger-1.0.9-0.41.el3.ppc.rpm
seamonkey-mail-1.0.9-0.41.el3.ppc.rpm
seamonkey-nspr-1.0.9-0.41.el3.ppc.rpm
seamonkey-nspr-devel-1.0.9-0.41.el3.ppc.rpm
seamonkey-nss-1.0.9-0.41.el3.ppc.rpm
seamonkey-nss-devel-1.0.9-0.41.el3.ppc.rpm

s390:
seamonkey-1.0.9-0.41.el3.s390.rpm
seamonkey-chat-1.0.9-0.41.el3.s390.rpm
seamonkey-debuginfo-1.0.9-0.41.el3.s390.rpm
seamonkey-devel-1.0.9-0.41.el3.s390.rpm
seamonkey-dom-inspector-1.0.9-0.41.el3.s390.rpm
seamonkey-js-debugger-1.0.9-0.41.el3.s390.rpm
seamonkey-mail-1.0.9-0.41.el3.s390.rpm
seamonkey-nspr-1.0.9-0.41.el3.s390.rpm
seamonkey-nspr-devel-1.0.9-0.41.el3.s390.rpm
seamonkey-nss-1.0.9-0.41.el3.s390.rpm
seamonkey-nss-devel-1.0.9-0.41.el3.s390.rpm

s390x:
seamonkey-1.0.9-0.41.el3.s390x.rpm
seamonkey-chat-1.0.9-0.41.el3.s390x.rpm
seamonkey-debuginfo-1.0.9-0.41.el3.s390.rpm
seamonkey-debuginfo-1.0.9-0.41.el3.s390x.rpm
seamonkey-devel-1.0.9-0.41.el3.s390x.rpm
seamonkey-dom-inspector-1.0.9-0.41.el3.s390x.rpm
seamonkey-js-debugger-1.0.9-0.41.el3.s390x.rpm
seamonkey-mail-1.0.9-0.41.el3.s390x.rpm
seamonkey-nspr-1.0.9-0.41.el3.s390.rpm
seamonkey-nspr-1.0.9-0.41.el3.s390x.rpm
seamonkey-nspr-devel-1.0.9-0.41.el3.s390x.rpm
seamonkey-nss-1.0.9-0.41.el3.s390.rpm
seamonkey-nss-1.0.9-0.41.el3.s390x.rpm
seamonkey-nss-devel-1.0.9-0.41.el3.s390x.rpm

x86_64:
seamonkey-1.0.9-0.41.el3.i386.rpm
seamonkey-1.0.9-0.41.el3.x86_64.rpm
seamonkey-chat-1.0.9-0.41.el3.x86_64.rpm
seamonkey-debuginfo-1.0.9-0.41.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.41.el3.x86_64.rpm
seamonkey-devel-1.0.9-0.41.el3.x86_64.rpm
seamonkey-dom-inspector-1.0.9-0.41.el3.x86_64.rpm
seamonkey-js-debugger-1.0.9-0.41.el3.x86_64.rpm
seamonkey-mail-1.0.9-0.41.el3.x86_64.rpm
seamonkey-nspr-1.0.9-0.41.el3.i386.rpm
seamonkey-nspr-1.0.9-0.41.el3.x86_64.rpm
seamonkey-nspr-devel-1.0.9-0.41.el3.x86_64.rpm
seamonkey-nss-1.0.9-0.41.el3.i386.rpm
seamonkey-nss-1.0.9-0.41.el3.x86_64.rpm
seamonkey-nss-devel-1.0.9-0.41.el3.x86_64.rpm

Red Hat Desktop version 3:

Source:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/seamonkey-1.0.9-0.41.el3.src.rpm

i386:
seamonkey-1.0.9-0.41.el3.i386.rpm
seamonkey-chat-1.0.9-0.41.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.41.el3.i386.rpm
seamonkey-devel-1.0.9-0.41.el3.i386.rpm
seamonkey-dom-inspector-1.0.9-0.41.el3.i386.rpm
seamonkey-js-debugger-1.0.9-0.41.el3.i386.rpm
seamonkey-mail-1.0.9-0.41.el3.i386.rpm
seamonkey-nspr-1.0.9-0.41.el3.i386.rpm
seamonkey-nspr-devel-1.0.9-0.41.el3.i386.rpm
seamonkey-nss-1.0.9-0.41.el3.i386.rpm
seamonkey-nss-devel-1.0.9-0.41.el3.i386.rpm

x86_64:
seamonkey-1.0.9-0.41.el3.i386.rpm
seamonkey-1.0.9-0.41.el3.x86_64.rpm
seamonkey-chat-1.0.9-0.41.el3.x86_64.rpm
seamonkey-debuginfo-1.0.9-0.41.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.41.el3.x86_64.rpm
seamonkey-devel-1.0.9-0.41.el3.x86_64.rpm
seamonkey-dom-inspector-1.0.9-0.41.el3.x86_64.rpm
seamonkey-js-debugger-1.0.9-0.41.el3.x86_64.rpm
seamonkey-mail-1.0.9-0.41.el3.x86_64.rpm
seamonkey-nspr-1.0.9-0.41.el3.i386.rpm
seamonkey-nspr-1.0.9-0.41.el3.x86_64.rpm
seamonkey-nspr-devel-1.0.9-0.41.el3.x86_64.rpm
seamonkey-nss-1.0.9-0.41.el3.i386.rpm
seamonkey-nss-1.0.9-0.41.el3.x86_64.rpm
seamonkey-nss-devel-1.0.9-0.41.el3.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

Source:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/seamonkey-1.0.9-0.41.el3.src.rpm

i386:
seamonkey-1.0.9-0.41.el3.i386.rpm
seamonkey-chat-1.0.9-0.41.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.41.el3.i386.rpm
seamonkey-devel-1.0.9-0.41.el3.i386.rpm
seamonkey-dom-inspector-1.0.9-0.41.el3.i386.rpm
seamonkey-js-debugger-1.0.9-0.41.el3.i386.rpm
seamonkey-mail-1.0.9-0.41.el3.i386.rpm
seamonkey-nspr-1.0.9-0.41.el3.i386.rpm
seamonkey-nspr-devel-1.0.9-0.41.el3.i386.rpm
seamonkey-nss-1.0.9-0.41.el3.i386.rpm
seamonkey-nss-devel-1.0.9-0.41.el3.i386.rpm

ia64:
seamonkey-1.0.9-0.41.el3.ia64.rpm
seamonkey-chat-1.0.9-0.41.el3.ia64.rpm
seamonkey-debuginfo-1.0.9-0.41.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.41.el3.ia64.rpm
seamonkey-devel-1.0.9-0.41.el3.ia64.rpm
seamonkey-dom-inspector-1.0.9-0.41.el3.ia64.rpm
seamonkey-js-debugger-1.0.9-0.41.el3.ia64.rpm
seamonkey-mail-1.0.9-0.41.el3.ia64.rpm
seamonkey-nspr-1.0.9-0.41.el3.i386.rpm
seamonkey-nspr-1.0.9-0.41.el3.ia64.rpm
seamonkey-nspr-devel-1.0.9-0.41.el3.ia64.rpm
seamonkey-nss-1.0.9-0.41.el3.i386.rpm
seamonkey-nss-1.0.9-0.41.el3.ia64.rpm
seamonkey-nss-devel-1.0.9-0.41.el3.ia64.rpm

x86_64:
seamonkey-1.0.9-0.41.el3.i386.rpm
seamonkey-1.0.9-0.41.el3.x86_64.rpm
seamonkey-chat-1.0.9-0.41.el3.x86_64.rpm
seamonkey-debuginfo-1.0.9-0.41.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.41.el3.x86_64.rpm
seamonkey-devel-1.0.9-0.41.el3.x86_64.rpm
seamonkey-dom-inspector-1.0.9-0.41.el3.x86_64.rpm
seamonkey-js-debugger-1.0.9-0.41.el3.x86_64.rpm
seamonkey-mail-1.0.9-0.41.el3.x86_64.rpm
seamonkey-nspr-1.0.9-0.41.el3.i386.rpm
seamonkey-nspr-1.0.9-0.41.el3.x86_64.rpm
seamonkey-nspr-devel-1.0.9-0.41.el3.x86_64.rpm
seamonkey-nss-1.0.9-0.41.el3.i386.rpm
seamonkey-nss-1.0.9-0.41.el3.x86_64.rpm
seamonkey-nss-devel-1.0.9-0.41.el3.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

Source:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/seamonkey-1.0.9-0.41.el3.src.rpm

i386:
seamonkey-1.0.9-0.41.el3.i386.rpm
seamonkey-chat-1.0.9-0.41.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.41.el3.i386.rpm
seamonkey-devel-1.0.9-0.41.el3.i386.rpm
seamonkey-dom-inspector-1.0.9-0.41.el3.i386.rpm
seamonkey-js-debugger-1.0.9-0.41.el3.i386.rpm
seamonkey-mail-1.0.9-0.41.el3.i386.rpm
seamonkey-nspr-1.0.9-0.41.el3.i386.rpm
seamonkey-nspr-devel-1.0.9-0.41.el3.i386.rpm
seamonkey-nss-1.0.9-0.41.el3.i386.rpm
seamonkey-nss-devel-1.0.9-0.41.el3.i386.rpm

ia64:
seamonkey-1.0.9-0.41.el3.ia64.rpm
seamonkey-chat-1.0.9-0.41.el3.ia64.rpm
seamonkey-debuginfo-1.0.9-0.41.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.41.el3.ia64.rpm
seamonkey-devel-1.0.9-0.41.el3.ia64.rpm
seamonkey-dom-inspector-1.0.9-0.41.el3.ia64.rpm
seamonkey-js-debugger-1.0.9-0.41.el3.ia64.rpm
seamonkey-mail-1.0.9-0.41.el3.ia64.rpm
seamonkey-nspr-1.0.9-0.41.el3.i386.rpm
seamonkey-nspr-1.0.9-0.41.el3.ia64.rpm
seamonkey-nspr-devel-1.0.9-0.41.el3.ia64.rpm
seamonkey-nss-1.0.9-0.41.el3.i386.rpm
seamonkey-nss-1.0.9-0.41.el3.ia64.rpm
seamonkey-nss-devel-1.0.9-0.41.el3.ia64.rpm

x86_64:
seamonkey-1.0.9-0.41.el3.i386.rpm
seamonkey-1.0.9-0.41.el3.x86_64.rpm
seamonkey-chat-1.0.9-0.41.el3.x86_64.rpm
seamonkey-debuginfo-1.0.9-0.41.el3.i386.rpm
seamonkey-debuginfo-1.0.9-0.41.el3.x86_64.rpm
seamonkey-devel-1.0.9-0.41.el3.x86_64.rpm
seamonkey-dom-inspector-1.0.9-0.41.el3.x86_64.rpm
seamonkey-js-debugger-1.0.9-0.41.el3.x86_64.rpm
seamonkey-mail-1.0.9-0.41.el3.x86_64.rpm
seamonkey-nspr-1.0.9-0.41.el3.i386.rpm
seamonkey-nspr-1.0.9-0.41.el3.x86_64.rpm
seamonkey-nspr-devel-1.0.9-0.41.el3.x86_64.rpm
seamonkey-nss-1.0.9-0.41.el3.i386.rpm
seamonkey-nss-1.0.9-0.41.el3.x86_64.rpm
seamonkey-nss-devel-1.0.9-0.41.el3.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2404
http://www.redhat.com/security/updates/classification/#critical

8. Contact:

The Red Hat security contact is . More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2009 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFKchxtXlSAg2UNWIIRAjtnAKCTn6vCqT/K6fjna0B1v9/eqhMVBgCgoXOD
vPaeGlcz5WQAWhhjPgeD478=
=Fw0+
-----END PGP SIGNATURE-----
"

RHSA-2009:1136-01 Critical: dhcp security update

DSA 1839-1: New gst-plugins-good0.10 packages fix arbitrary code execution  

Posted by Daniela Mehler

"-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1839-1 security@debian.org
http://www.debian.org/security/ Steffen Joeris
July 19, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : gst-plugins-good0.10
Vulnerability : integer overflow
Problem type : local (remote)
Debian-specific: no
CVE Id(s) : CVE-2009-1932
Debian Bugs : 531631 532352


It has been discovered that gst-plugins-good0.10, the GStreamer plugins
from the "good" set, are prone to an integer overflow, when processing
a large PNG file. This could lead to the execution of arbitrary code.


For the stable distribution (lenny), this problem has been fixed in
version 0.10.8-4.1~lenny2.

For the oldstable distribution (etch), this problem has been fixed in
version 0.10.4-4+etch1.

Packages for the s390 and hppa architectures will be released once they
are available.

For the testing distribution (squeeze) and the unstable distribution
(sid), this problem has been fixed in version 0.10.15-2.


We recommend that you upgrade your gst-plugins-good0.10 packages.


Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch
- -------------------------------

Debian (oldstable)
- ------------------

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gst-plugins-good0.10_0.10.4.orig.tar.gz
Size/MD5 checksum: 1894794 88aa3c31909ed467605ed04434474c4d
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gst-plugins-good0.10_0.10.4-4+etch1.dsc
Size/MD5 checksum: 1576 4369a23f0e8576377918d7d07d6328dd
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gst-plugins-good0.10_0.10.4-4+etch1.diff.gz
Size/MD5 checksum: 24338 e5b085ae2275c9da0af25175f65c7baf

Architecture independent packages:

http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good-doc_0.10.4-4+etch1_all.deb
Size/MD5 checksum: 95182 11e977d541258f5bb44fcfa9725544be

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-esd_0.10.4-4+etch1_alpha.deb
Size/MD5 checksum: 36152 824c86b12c45a27350e4aa619e032152
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good_0.10.4-4+etch1_alpha.deb
Size/MD5 checksum: 701616 03d794c04e432e88e63d46fae06280a1
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good-dbg_0.10.4-4+etch1_alpha.deb
Size/MD5 checksum: 1724576 290c5da8efa9ca0fb8d891e972dd0d3a

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good-dbg_0.10.4-4+etch1_amd64.deb
Size/MD5 checksum: 1732384 18059f6e0ad6e22d30cd37f67e805242
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good_0.10.4-4+etch1_amd64.deb
Size/MD5 checksum: 657520 38e793fe7760a4c0ff377c2334312672
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-esd_0.10.4-4+etch1_amd64.deb
Size/MD5 checksum: 35932 07678ef5b78b7d92e558432780249b53

arm architecture (ARM)

http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good-dbg_0.10.4-4+etch1_arm.deb
Size/MD5 checksum: 1682156 eae4e709d2092212c332a38584a0b02b
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-esd_0.10.4-4+etch1_arm.deb
Size/MD5 checksum: 36330 c66b476327a3a8af4ff2007df3195ad9
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good_0.10.4-4+etch1_arm.deb
Size/MD5 checksum: 648606 7eaca1b32d4f041fd8a470b4d2cde52d

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good-dbg_0.10.4-4+etch1_i386.deb
Size/MD5 checksum: 1663280 57029198e3d83aa970ab33d6ca350b39
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-esd_0.10.4-4+etch1_i386.deb
Size/MD5 checksum: 35760 5edf5708f77639289fe677ed7ca2e420
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good_0.10.4-4+etch1_i386.deb
Size/MD5 checksum: 627152 617ca7ae96554e009c38c2a5034f1990

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-esd_0.10.4-4+etch1_ia64.deb
Size/MD5 checksum: 38402 aad2afd4ffa648f3dfc1f7ae906dae7a
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good_0.10.4-4+etch1_ia64.deb
Size/MD5 checksum: 921426 8ca6d1599475312129e5d53d2a76bbb7
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good-dbg_0.10.4-4+etch1_ia64.deb
Size/MD5 checksum: 1699382 f4f07a7d7d090ba029b39f5593bd1506

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good_0.10.4-4+etch1_mips.deb
Size/MD5 checksum: 651366 81bc05502bf076091433986eedcddac3
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-esd_0.10.4-4+etch1_mips.deb
Size/MD5 checksum: 36372 6a948078c72d522d6bbea18c8d6c8605
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good-dbg_0.10.4-4+etch1_mips.deb
Size/MD5 checksum: 1757020 019dd9d275ac509ef12fec25e1b1927a

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good-dbg_0.10.4-4+etch1_mipsel.deb
Size/MD5 checksum: 1736574 5fb491e85fdc9e30ec00a1785bf592ab
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-esd_0.10.4-4+etch1_mipsel.deb
Size/MD5 checksum: 36388 a938fc1e339b3ab8df7261e75a9711cb
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good_0.10.4-4+etch1_mipsel.deb
Size/MD5 checksum: 647074 5c63e0acec9f0acb2bfa8dfd4ba9ba0c

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good_0.10.4-4+etch1_powerpc.deb
Size/MD5 checksum: 718846 23a52f9af7082a81c8ab0f34b253feef
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-esd_0.10.4-4+etch1_powerpc.deb
Size/MD5 checksum: 37784 ce7cefbf74bbf303313ada78c81229fb
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good-dbg_0.10.4-4+etch1_powerpc.deb
Size/MD5 checksum: 1782098 969ed616b5ab16ae09166b0e7370f67e

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good-dbg_0.10.4-4+etch1_sparc.deb
Size/MD5 checksum: 1645906 2c53a10e752461a3580a56319f2a0f0c
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good_0.10.4-4+etch1_sparc.deb
Size/MD5 checksum: 636014 52bb79329a93ba8e4ab1690c69845882
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-esd_0.10.4-4+etch1_sparc.deb
Size/MD5 checksum: 35678 d9c01bd16c1ce54000b16d8385e4ef98


Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Debian (stable)
- ---------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gst-plugins-good0.10_0.10.8-4.1~lenny2.diff.gz
Size/MD5 checksum: 30321 2f1494f7a2f648f84dd853f95fbc036b
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gst-plugins-good0.10_0.10.8-4.1~lenny2.dsc
Size/MD5 checksum: 2568 bb8e690805dfc8d9eb8595cf9f8738cb
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gst-plugins-good0.10_0.10.8.orig.tar.gz
Size/MD5 checksum: 2923109 467295921ca225aaa05afe9381f4b424

Architecture independent packages:

http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good-doc_0.10.8-4.1~lenny2_all.deb
Size/MD5 checksum: 172232 cc5f1d3077e8ab179a99e7b00952e4e3

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good_0.10.8-4.1~lenny2_alpha.deb
Size/MD5 checksum: 1085902 ec69ccbbd739370cd5cdd87097845608
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good-dbg_0.10.8-4.1~lenny2_alpha.deb
Size/MD5 checksum: 2559520 ef84a92578c2a8883cb1f08850bd2503
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-esd_0.10.8-4.1~lenny2_alpha.deb
Size/MD5 checksum: 46504 d20ddb4964025adddb9c8a4c8134194f

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good-dbg_0.10.8-4.1~lenny2_amd64.deb
Size/MD5 checksum: 2602660 ed45c89a649bb02e74fd313c1c6ea571
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good_0.10.8-4.1~lenny2_amd64.deb
Size/MD5 checksum: 1024404 e2e2767732a649c650db109e1b654cbc
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-esd_0.10.8-4.1~lenny2_amd64.deb
Size/MD5 checksum: 46620 fb72b9020cfa305b9eac7d9dfb2611c1

arm architecture (ARM)

http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good_0.10.8-4.1~lenny2_arm.deb
Size/MD5 checksum: 1032978 041875758c9abfc88ccd1a4584603986
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-esd_0.10.8-4.1~lenny2_arm.deb
Size/MD5 checksum: 47358 d9ff739a754c29d75bb2ad089c1eeb18
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good-dbg_0.10.8-4.1~lenny2_arm.deb
Size/MD5 checksum: 2552334 c3c6d7c30c97565b0279b439c6d15024

armel architecture (ARM EABI)

http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good-dbg_0.10.8-4.1~lenny2_armel.deb
Size/MD5 checksum: 2575848 48e7c802f6dd71b410b75878731743c3
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-esd_0.10.8-4.1~lenny2_armel.deb
Size/MD5 checksum: 47988 339dbfe5fed9a1b0bb4613592cbfa4c8
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good_0.10.8-4.1~lenny2_armel.deb
Size/MD5 checksum: 1090394 ce9ac0488902b58a8e44a96ff6aeb5c5

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good_0.10.8-4.1~lenny2_hppa.deb
Size/MD5 checksum: 1246866 176058c93063fd428d5eba0e53f4f316
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good-dbg_0.10.8-4.1~lenny2_hppa.deb
Size/MD5 checksum: 2583248 20e5ed5572de7ea2b9fc6eb6da245de3
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-esd_0.10.8-4.1~lenny2_hppa.deb
Size/MD5 checksum: 48926 265697d276c0090ab97870e83393372e

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-esd_0.10.8-4.1~lenny2_i386.deb
Size/MD5 checksum: 46554 6ded8d4176f2d53019907d70813c4b3a
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good_0.10.8-4.1~lenny2_i386.deb
Size/MD5 checksum: 960766 6d091000a4edb70d2c979cfd56529357
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good-dbg_0.10.8-4.1~lenny2_i386.deb
Size/MD5 checksum: 2503536 7a8c1fad3d157cb33e5119afd6a052cc

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good_0.10.8-4.1~lenny2_ia64.deb
Size/MD5 checksum: 1409690 a0ed8bc63531bfbecd97503c68e28f60
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-esd_0.10.8-4.1~lenny2_ia64.deb
Size/MD5 checksum: 48676 a126fb2251d1e18da80aecb8d7325727
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good-dbg_0.10.8-4.1~lenny2_ia64.deb
Size/MD5 checksum: 2549976 9ed6df4d0afd911cf916b4a1afa32b59

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good-dbg_0.10.8-4.1~lenny2_mips.deb
Size/MD5 checksum: 2618126 83f8267b980702b558d177f0d3f88f5d
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good_0.10.8-4.1~lenny2_mips.deb
Size/MD5 checksum: 1010320 bfa7c41cbba3541c9c0986539f8e0e45
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-esd_0.10.8-4.1~lenny2_mips.deb
Size/MD5 checksum: 46880 5dc0f286c77dad40ffc892e2d6decc35

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-esd_0.10.8-4.1~lenny2_mipsel.deb
Size/MD5 checksum: 46914 91c4cb67af4427246fbb3e808bf6a699
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good_0.10.8-4.1~lenny2_mipsel.deb
Size/MD5 checksum: 1002768 4d018f16fdcb9c6a6e38fff976d0943d
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good-dbg_0.10.8-4.1~lenny2_mipsel.deb
Size/MD5 checksum: 2594052 f372eb96a51cf574f73931de4b5dfa51

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good-dbg_0.10.8-4.1~lenny2_powerpc.deb
Size/MD5 checksum: 2643186 73d5591a8aed7d66c726d7b63e53a302
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good_0.10.8-4.1~lenny2_powerpc.deb
Size/MD5 checksum: 1084064 f00985c15b1f4164072af96b2cf69af9
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-esd_0.10.8-4.1~lenny2_powerpc.deb
Size/MD5 checksum: 47370 9139ab03055a0cc0c58b99b6b2936c6c

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good-dbg_0.10.8-4.1~lenny2_sparc.deb
Size/MD5 checksum: 2448238 d9664009d14d10e9e295d66a17a84378
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good_0.10.8-4.1~lenny2_sparc.deb
Size/MD5 checksum: 994402 fc847a1d0cb1721b8c0348a88a272b15
http://security.debian.org/pool/updates/main/g/gst-plugins-good0.10/gstreamer0.10-esd_0.10.8-4.1~lenny2_sparc.deb
Size/MD5 checksum: 45996 ccfb6b7d76be3274405f20775c2d7c9f


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkpixbMACgkQ62zWxYk/rQe4IwCfUo9L78Zi48DdZEFL2908IJMt
+PcAn3U9EVMAJT2grwMoTYrZeW/D1RGd
=SyUl
-----END PGP SIGNATURE-----
"

DSA 1836-1: New fckeditor packages fix arbitrary code executionRobbie distracted by Jay Kay

RHSA-2009:1162-01 Critical: firefox security update  

Posted by Daniela Mehler

"-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
Red Hat Security Advisory

Synopsis: Critical: firefox security update
Advisory ID: RHSA-2009:1162-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1162.html
Issue date: 2009-07-21
CVE Names: CVE-2009-2462 CVE-2009-2463 CVE-2009-2464
CVE-2009-2465 CVE-2009-2466 CVE-2009-2467
CVE-2009-2469 CVE-2009-2471 CVE-2009-2472
=====================================================================

1. Summary:

Updated firefox packages that fix several security issues are now available
for Red Hat Enterprise Linux 4 and 5.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64

3. Description:

Mozilla Firefox is an open source Web browser. XULRunner provides the XUL
Runtime environment for Mozilla Firefox.

Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code as the user running Firefox.
(CVE-2009-2462, CVE-2009-2463, CVE-2009-2464, CVE-2009-2465, CVE-2009-2466,
CVE-2009-2467, CVE-2009-2469, CVE-2009-2471)

Several flaws were found in the way Firefox handles malformed JavaScript
code. A website containing malicious content could launch a cross-site
scripting (XSS) attack or execute arbitrary JavaScript with the permissions
of another website. (CVE-2009-2472)

For technical details regarding these flaws, refer to the Mozilla security
advisories for Firefox 3.0.12. You can find a link to the Mozilla
advisories in the References section of this errata.

All Firefox users should upgrade to these updated packages, which contain
Firefox version 3.0.12, which corrects these issues. After installing the
update, Firefox must be restarted for the changes to take effect.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

512128 - CVE-2009-2462 Mozilla Browser engine crashes
512131 - CVE-2009-2463 Mozilla Base64 decoding crash
512133 - CVE-2009-2464 Mozilla crash with multiple RDFs in XUL tree
512135 - CVE-2009-2465 Mozilla double frame construction crashes
512136 - CVE-2009-2466 Mozilla JavaScript engine crashes
512137 - CVE-2009-2467 Mozilla remote code execution during Flash player unloading
512142 - CVE-2009-2469 Mozilla remote code execution using watch and __defineSetter__ on SVG element
512146 - CVE-2009-2471 Mozilla setTimeout loses XPCNativeWrappers
512147 - CVE-2009-2472 Mozilla multiple cross origin wrapper bypasses

6. Package List:

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/firefox-3.0.12-1.el4.src.rpm

i386:
firefox-3.0.12-1.el4.i386.rpm
firefox-debuginfo-3.0.12-1.el4.i386.rpm

ia64:
firefox-3.0.12-1.el4.ia64.rpm
firefox-debuginfo-3.0.12-1.el4.ia64.rpm

ppc:
firefox-3.0.12-1.el4.ppc.rpm
firefox-debuginfo-3.0.12-1.el4.ppc.rpm

s390:
firefox-3.0.12-1.el4.s390.rpm
firefox-debuginfo-3.0.12-1.el4.s390.rpm

s390x:
firefox-3.0.12-1.el4.s390x.rpm
firefox-debuginfo-3.0.12-1.el4.s390x.rpm

x86_64:
firefox-3.0.12-1.el4.x86_64.rpm
firefox-debuginfo-3.0.12-1.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/firefox-3.0.12-1.el4.src.rpm

i386:
firefox-3.0.12-1.el4.i386.rpm
firefox-debuginfo-3.0.12-1.el4.i386.rpm

x86_64:
firefox-3.0.12-1.el4.x86_64.rpm
firefox-debuginfo-3.0.12-1.el4.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/firefox-3.0.12-1.el4.src.rpm

i386:
firefox-3.0.12-1.el4.i386.rpm
firefox-debuginfo-3.0.12-1.el4.i386.rpm

ia64:
firefox-3.0.12-1.el4.ia64.rpm
firefox-debuginfo-3.0.12-1.el4.ia64.rpm

x86_64:
firefox-3.0.12-1.el4.x86_64.rpm
firefox-debuginfo-3.0.12-1.el4.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/firefox-3.0.12-1.el4.src.rpm

i386:
firefox-3.0.12-1.el4.i386.rpm
firefox-debuginfo-3.0.12-1.el4.i386.rpm

ia64:
firefox-3.0.12-1.el4.ia64.rpm
firefox-debuginfo-3.0.12-1.el4.ia64.rpm

x86_64:
firefox-3.0.12-1.el4.x86_64.rpm
firefox-debuginfo-3.0.12-1.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/firefox-3.0.12-1.el5_3.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/xulrunner-1.9.0.12-1.el5_3.src.rpm

i386:
firefox-3.0.12-1.el5_3.i386.rpm
firefox-debuginfo-3.0.12-1.el5_3.i386.rpm
xulrunner-1.9.0.12-1.el5_3.i386.rpm
xulrunner-debuginfo-1.9.0.12-1.el5_3.i386.rpm

x86_64:
firefox-3.0.12-1.el5_3.i386.rpm
firefox-3.0.12-1.el5_3.x86_64.rpm
firefox-debuginfo-3.0.12-1.el5_3.i386.rpm
firefox-debuginfo-3.0.12-1.el5_3.x86_64.rpm
xulrunner-1.9.0.12-1.el5_3.i386.rpm
xulrunner-1.9.0.12-1.el5_3.x86_64.rpm
xulrunner-debuginfo-1.9.0.12-1.el5_3.i386.rpm
xulrunner-debuginfo-1.9.0.12-1.el5_3.x86_64.rpm

RHEL Desktop Workstation (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/xulrunner-1.9.0.12-1.el5_3.src.rpm

i386:
xulrunner-debuginfo-1.9.0.12-1.el5_3.i386.rpm
xulrunner-devel-1.9.0.12-1.el5_3.i386.rpm
xulrunner-devel-unstable-1.9.0.12-1.el5_3.i386.rpm

x86_64:
xulrunner-debuginfo-1.9.0.12-1.el5_3.i386.rpm
xulrunner-debuginfo-1.9.0.12-1.el5_3.x86_64.rpm
xulrunner-devel-1.9.0.12-1.el5_3.i386.rpm
xulrunner-devel-1.9.0.12-1.el5_3.x86_64.rpm
xulrunner-devel-unstable-1.9.0.12-1.el5_3.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/firefox-3.0.12-1.el5_3.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/xulrunner-1.9.0.12-1.el5_3.src.rpm

i386:
firefox-3.0.12-1.el5_3.i386.rpm
firefox-debuginfo-3.0.12-1.el5_3.i386.rpm
xulrunner-1.9.0.12-1.el5_3.i386.rpm
xulrunner-debuginfo-1.9.0.12-1.el5_3.i386.rpm
xulrunner-devel-1.9.0.12-1.el5_3.i386.rpm
xulrunner-devel-unstable-1.9.0.12-1.el5_3.i386.rpm

ia64:
firefox-3.0.12-1.el5_3.ia64.rpm
firefox-debuginfo-3.0.12-1.el5_3.ia64.rpm
xulrunner-1.9.0.12-1.el5_3.ia64.rpm
xulrunner-debuginfo-1.9.0.12-1.el5_3.ia64.rpm
xulrunner-devel-1.9.0.12-1.el5_3.ia64.rpm
xulrunner-devel-unstable-1.9.0.12-1.el5_3.ia64.rpm

ppc:
firefox-3.0.12-1.el5_3.ppc.rpm
firefox-debuginfo-3.0.12-1.el5_3.ppc.rpm
xulrunner-1.9.0.12-1.el5_3.ppc.rpm
xulrunner-1.9.0.12-1.el5_3.ppc64.rpm
xulrunner-debuginfo-1.9.0.12-1.el5_3.ppc.rpm
xulrunner-debuginfo-1.9.0.12-1.el5_3.ppc64.rpm
xulrunner-devel-1.9.0.12-1.el5_3.ppc.rpm
xulrunner-devel-1.9.0.12-1.el5_3.ppc64.rpm
xulrunner-devel-unstable-1.9.0.12-1.el5_3.ppc.rpm

s390x:
firefox-3.0.12-1.el5_3.s390.rpm
firefox-3.0.12-1.el5_3.s390x.rpm
firefox-debuginfo-3.0.12-1.el5_3.s390.rpm
firefox-debuginfo-3.0.12-1.el5_3.s390x.rpm
xulrunner-1.9.0.12-1.el5_3.s390.rpm
xulrunner-1.9.0.12-1.el5_3.s390x.rpm
xulrunner-debuginfo-1.9.0.12-1.el5_3.s390.rpm
xulrunner-debuginfo-1.9.0.12-1.el5_3.s390x.rpm
xulrunner-devel-1.9.0.12-1.el5_3.s390.rpm
xulrunner-devel-1.9.0.12-1.el5_3.s390x.rpm
xulrunner-devel-unstable-1.9.0.12-1.el5_3.s390x.rpm

x86_64:
firefox-3.0.12-1.el5_3.i386.rpm
firefox-3.0.12-1.el5_3.x86_64.rpm
firefox-debuginfo-3.0.12-1.el5_3.i386.rpm
firefox-debuginfo-3.0.12-1.el5_3.x86_64.rpm
xulrunner-1.9.0.12-1.el5_3.i386.rpm
xulrunner-1.9.0.12-1.el5_3.x86_64.rpm
xulrunner-debuginfo-1.9.0.12-1.el5_3.i386.rpm
xulrunner-debuginfo-1.9.0.12-1.el5_3.x86_64.rpm
xulrunner-devel-1.9.0.12-1.el5_3.i386.rpm
xulrunner-devel-1.9.0.12-1.el5_3.x86_64.rpm
xulrunner-devel-unstable-1.9.0.12-1.el5_3.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2462
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2463
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2464
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2465
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2466
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2467
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2469
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2471
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2472
http://www.redhat.com/security/updates/classification/#critical
http://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.12

8. Contact:

The Red Hat security contact is . More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2009 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFKZmvsXlSAg2UNWIIRAnxrAJ9loG6Cs6YO8JUVO4TeAw2ssvD6BQCfUQ/X
RF36DJ3H7dch9LwnIkAqk6w=
=dm2P
-----END PGP SIGNATURE-----
"

RHSA-2009:1136-01 Critical: dhcp security update

GLSA 200907-16 Python: Integer overflows  

Posted by Daniela Mehler

"Gentoo Linux Security Advisory GLSA 200907-16
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Python: Integer overflows
Date: July 19, 2009
Bugs: #246991
ID: 200907-16

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple integer overflows in Python have an unspecified impact.

Background
==========

Python is an interpreted, interactive, object-oriented programming
language.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-lang/python = 2.5.4-r2
*>= 2.4.6

Description
===========

Chris Evans reported multiple integer overflows in the expandtabs
method, as implemented by (1) the string_expandtabs function in
Objects/stringobject.c and (2) the unicode_expandtabs function in
Objects/unicodeobject.c.

Impact
======

A remote attacker could exploit these vulnerabilities in Python
applications or daemons that pass user-controlled input to vulnerable
functions. The security impact is currently unknown but may include the
execution of arbitrary code or a Denial of Service.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Python 2.5 users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-lang/python-2.5.4-r2"

All Python 2.4 users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-lang/python-2.4.6"

References
==========

[ 1 ] CVE-2008-5031
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5031

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200907-16.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2009 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5
"

Robbie distracted by Jay KayGLSA 200907-10 Syslog-ng: Chroot escape

DSA 1837-1: New dbus packages fix denial of service  

Posted by Daniela Mehler

"-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1837-1 security@debian.org
http://www.debian.org/security/ Steffen Joeris
July 18, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : dbus
Vulnerability : programming error
Problem type : local
Debian-specific: no
CVE Id : CVE-2009-1189
Debian Bug : 532720


It was discovered that the dbus_signature_validate function in
dbus, a simple interprocess messaging system, is prone to a denial of
service attack. This issue was caused by an incorrect fix for
DSA-1658-1.

For the stable distribution (lenny), this problem has been fixed in
version 1.2.1-5+lenny1.

For the oldstable distribution (etch), this problem has been fixed in
version 1.0.2-1+etch3.

Packages for ia64 and s390 will be released once they are available.

For the testing distribution (squeeze) and the unstable distribution
(sid), this problem has been fixed in version 1.2.14-1.


We recommend that you upgrade your dbus packages.


Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch
- -------------------------------

Debian (oldstable)
- ------------------

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch3.diff.gz
Size/MD5 checksum: 20482 fd114e50577aade0211a25bc05ac064d
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2.orig.tar.gz
Size/MD5 checksum: 1400278 0552a9b54beb4a044951b7cdbc8fc855
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch3.dsc
Size/MD5 checksum: 824 0befb91739de13f92197336b6a3f3f06

Architecture independent packages:

http://security.debian.org/pool/updates/main/d/dbus/dbus-1-doc_1.0.2-1+etch3_all.deb
Size/MD5 checksum: 1622204 67e2242179a8af1f3a7363d0d9728702

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.0.2-1+etch3_alpha.deb
Size/MD5 checksum: 289142 2da5aaed2ca0e1dfe4627f2d51923a1a
http://security.debian.org/pool/updates/main/d/dbus/dbus-1-utils_1.0.2-1+etch3_alpha.deb
Size/MD5 checksum: 184834 a14af28f5651f06cd41f4aa8b264d486
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch3_alpha.deb
Size/MD5 checksum: 378214 95128d7c15be44464dd1a785788fdc3d
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.0.2-1+etch3_alpha.deb
Size/MD5 checksum: 403766 5facc50da806d2f82a1ca839e045035d

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.0.2-1+etch3_amd64.deb
Size/MD5 checksum: 279294 6b0085ce0a01a81a13b068759de269b8
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.0.2-1+etch3_amd64.deb
Size/MD5 checksum: 348654 4d1f1c1d5c074be51b777b93b332eaf7
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch3_amd64.deb
Size/MD5 checksum: 363928 54ed19ba7cbd0dd3475827c6e6df5acf
http://security.debian.org/pool/updates/main/d/dbus/dbus-1-utils_1.0.2-1+etch3_amd64.deb
Size/MD5 checksum: 184200 e5bc33b1e7dbfea9c372a3056e3f1848

arm architecture (ARM)

http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch3_arm.deb
Size/MD5 checksum: 343960 e7c6c2269903d8dbd4422103a9e1edaf
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.0.2-1+etch3_arm.deb
Size/MD5 checksum: 265322 4e7ce3fca8c685e540092e70474e6fbd
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.0.2-1+etch3_arm.deb
Size/MD5 checksum: 330958 cee5e85136606605bd290035d9452f90
http://security.debian.org/pool/updates/main/d/dbus/dbus-1-utils_1.0.2-1+etch3_arm.deb
Size/MD5 checksum: 183240 d7e3c477f4f4fbbc49c04b035e92ff2a

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch3_hppa.deb
Size/MD5 checksum: 374136 7d297f74e9fde26e726f06f321208dae
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.0.2-1+etch3_hppa.deb
Size/MD5 checksum: 286074 0a55d6aa6400d4d5750ebd92e9de7aab
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.0.2-1+etch3_hppa.deb
Size/MD5 checksum: 362166 013680aca7b38c66292a8727855bfc06
http://security.debian.org/pool/updates/main/d/dbus/dbus-1-utils_1.0.2-1+etch3_hppa.deb
Size/MD5 checksum: 184934 061417fe2e791b5bc7abf62398b3a8a8

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.0.2-1+etch3_i386.deb
Size/MD5 checksum: 335758 605f4f911d8445b74cbd46ede0fcfb89
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.0.2-1+etch3_i386.deb
Size/MD5 checksum: 268688 c64ca51e9e04d1e961a8db7132ba4e08
http://security.debian.org/pool/updates/main/d/dbus/dbus-1-utils_1.0.2-1+etch3_i386.deb
Size/MD5 checksum: 184134 58672102a58bca326f4ba09c5bf3666a
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch3_i386.deb
Size/MD5 checksum: 348012 ae8f836c9e5b631eb421f3b86dc78f49

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch3_mips.deb
Size/MD5 checksum: 370052 f8ea51037f985d6b8f2a288b9a813ccd
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.0.2-1+etch3_mips.deb
Size/MD5 checksum: 359844 b0b0956206921cff260c531aa9286f21
http://security.debian.org/pool/updates/main/d/dbus/dbus-1-utils_1.0.2-1+etch3_mips.deb
Size/MD5 checksum: 184240 4dd808980afe395d6909549614fab214
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.0.2-1+etch3_mips.deb
Size/MD5 checksum: 272764 7ceea85232267e0a80f4fd5cb38ddf09

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch3_mipsel.deb
Size/MD5 checksum: 369664 07d0e90fc376acf855563baec0293856
http://security.debian.org/pool/updates/main/d/dbus/dbus-1-utils_1.0.2-1+etch3_mipsel.deb
Size/MD5 checksum: 184260 f81b2223f912a359a4fd7bc1f61ba7e4
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.0.2-1+etch3_mipsel.deb
Size/MD5 checksum: 358830 947820464929873955f7f6a427403838
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.0.2-1+etch3_mipsel.deb
Size/MD5 checksum: 272442 3d19769e8260b3d434e6dd577d72c5c0

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/d/dbus/dbus-1-utils_1.0.2-1+etch3_powerpc.deb
Size/MD5 checksum: 184222 c06ffd6735f13d9f6c9301a0dd487efd
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.0.2-1+etch3_powerpc.deb
Size/MD5 checksum: 335910 9fe78e085108bbacb7f04566247aa51e
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.0.2-1+etch3_powerpc.deb
Size/MD5 checksum: 271718 021c33a25a85bcdc394fc0c5af784256
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch3_powerpc.deb
Size/MD5 checksum: 353656 9e40213397ea8306184da6c8e0bcb070

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/d/dbus/dbus-1-utils_1.0.2-1+etch3_sparc.deb
Size/MD5 checksum: 184266 d82e92039c32386a69e0f1b119820ae8
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.0.2-1+etch3_sparc.deb
Size/MD5 checksum: 265144 d7f6e34015d0adc757942c6d1dae3c56
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch3_sparc.deb
Size/MD5 checksum: 341300 3bb2b297ebd12d562b0185b6b58196a8
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.0.2-1+etch3_sparc.deb
Size/MD5 checksum: 337130 1b9530365393919e15ffce3a695441ea


Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Debian (stable)
- ---------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/d/dbus/dbus_1.2.1-5+lenny1.dsc
Size/MD5 checksum: 1608 e084fe269b41c84cdeaafae2b2633e9f
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.2.1.orig.tar.gz
Size/MD5 checksum: 1406833 b57aa1ba0834cbbb1e7502dc2cbfacc2
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.2.1-5+lenny1.diff.gz
Size/MD5 checksum: 39470 6b875822ae5036ba8bf83f2fae11fbf0

Architecture independent packages:

http://security.debian.org/pool/updates/main/d/dbus/dbus-1-doc_1.2.1-5+lenny1_all.deb
Size/MD5 checksum: 1830232 317e72d84e019f0006d84e9579fa4b66

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/d/dbus/dbus_1.2.1-5+lenny1_alpha.deb
Size/MD5 checksum: 380740 b75e7906989484738737bc2e5e6bf66a
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.2.1-5+lenny1_alpha.deb
Size/MD5 checksum: 290338 fa8f5deeed2593a790283210375bde43
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.2.1-5+lenny1_alpha.deb
Size/MD5 checksum: 170160 810c545ad2bf6212fcb745f10f3d39c9
http://security.debian.org/pool/updates/main/d/dbus/dbus-x11_1.2.1-5+lenny1_alpha.deb
Size/MD5 checksum: 66942 c810abd2e002daefa1f24942367208ce

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.2.1-5+lenny1_amd64.deb
Size/MD5 checksum: 259300 9086503f08d3a4970c966cb1461b8309
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.2.1-5+lenny1_amd64.deb
Size/MD5 checksum: 162880 12a802692ae3d1774a5cb2a55fee7abe
http://security.debian.org/pool/updates/main/d/dbus/dbus-x11_1.2.1-5+lenny1_amd64.deb
Size/MD5 checksum: 64710 62a4fbb57742faed71a853cd7c6d5443
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.2.1-5+lenny1_amd64.deb
Size/MD5 checksum: 249006 966d8f20171594a83abd09251c277dd1

arm architecture (ARM)

http://security.debian.org/pool/updates/main/d/dbus/dbus-x11_1.2.1-5+lenny1_arm.deb
Size/MD5 checksum: 63812 f9acaf50dd1440312f9b3eb9e8ce5665
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.2.1-5+lenny1_arm.deb
Size/MD5 checksum: 223424 20befb04db3b6ae82fb152354be8cf1f
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.2.1-5+lenny1_arm.deb
Size/MD5 checksum: 238514 0369f89685fa04a26ba050b5ae718368
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.2.1-5+lenny1_arm.deb
Size/MD5 checksum: 144958 da65511355a4e4484042fd7377e2f520

armel architecture (ARM EABI)

http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.2.1-5+lenny1_armel.deb
Size/MD5 checksum: 146562 64f4b077e7457a400ad88b8cfd6d9b57
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.2.1-5+lenny1_armel.deb
Size/MD5 checksum: 239468 89ddd32404daff070f43848aad9369c3
http://security.debian.org/pool/updates/main/d/dbus/dbus-x11_1.2.1-5+lenny1_armel.deb
Size/MD5 checksum: 63572 b67421a112b6bf92b47246c2ebd4618d
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.2.1-5+lenny1_armel.deb
Size/MD5 checksum: 228326 096d983dcd56905b8d35a1a109dcd742

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.2.1-5+lenny1_hppa.deb
Size/MD5 checksum: 263164 2a856048b8c09b075f089ae2551c356f
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.2.1-5+lenny1_hppa.deb
Size/MD5 checksum: 163954 dd2a4efdbca917a569d6520be368336c
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.2.1-5+lenny1_hppa.deb
Size/MD5 checksum: 270676 6ada153b9ff39dfd8a75c08a2a186784
http://security.debian.org/pool/updates/main/d/dbus/dbus-x11_1.2.1-5+lenny1_hppa.deb
Size/MD5 checksum: 64868 5a8bc1e82107effab796c04e6c05592d

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/d/dbus/dbus-x11_1.2.1-5+lenny1_i386.deb
Size/MD5 checksum: 64064 64e2b9c17836231e7abc0aff34690001
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.2.1-5+lenny1_i386.deb
Size/MD5 checksum: 235620 ac4307dc10c03340beeb13eefac1f600
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.2.1-5+lenny1_i386.deb
Size/MD5 checksum: 230180 7ca48ece6eb966598f45394fa6f61ecb
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.2.1-5+lenny1_i386.deb
Size/MD5 checksum: 148370 a6fef063aace9660fcd7b518a1658299

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.2.1-5+lenny1_ia64.deb
Size/MD5 checksum: 297824 15211d3862458004a9f10b6968d839e3
http://security.debian.org/pool/updates/main/d/dbus/dbus-x11_1.2.1-5+lenny1_ia64.deb
Size/MD5 checksum: 68598 e8d496cdde34439f3e8545f51b875a1d
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.2.1-5+lenny1_ia64.deb
Size/MD5 checksum: 487536 4b94b66cd09d99250b8d78bab7a51cc3
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.2.1-5+lenny1_ia64.deb
Size/MD5 checksum: 205560 a3943a7fde111a5fad1fb33a0b01471d

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/d/dbus/dbus_1.2.1-5+lenny1_mips.deb
Size/MD5 checksum: 247202 c5b66959665d900dee20b069d205db0a
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.2.1-5+lenny1_mips.deb
Size/MD5 checksum: 257016 ca8b0fc29104a6483f2ce45346d3c2dd
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.2.1-5+lenny1_mips.deb
Size/MD5 checksum: 150832 c89353aaf1ff0acf40379b59c903153c
http://security.debian.org/pool/updates/main/d/dbus/dbus-x11_1.2.1-5+lenny1_mips.deb
Size/MD5 checksum: 64498 8f61fda7a3f7adf0e3069ad4535febf1

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.2.1-5+lenny1_mipsel.deb
Size/MD5 checksum: 256382 7a3757146955ab439ca286aa9fc6dd94
http://security.debian.org/pool/updates/main/d/dbus/dbus-x11_1.2.1-5+lenny1_mipsel.deb
Size/MD5 checksum: 64528 e82065ecb4221b024d0fa0f7716b3a4a
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.2.1-5+lenny1_mipsel.deb
Size/MD5 checksum: 246102 38f40717cb0f202e99067a484ce80848
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.2.1-5+lenny1_mipsel.deb
Size/MD5 checksum: 150130 5658d2cdf77ad75b314f781f9630a8e3

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.2.1-5+lenny1_powerpc.deb
Size/MD5 checksum: 157156 8ce5392e803ce8b824865362c5e7ceaf
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.2.1-5+lenny1_powerpc.deb
Size/MD5 checksum: 243468 31c4739ae2908480d9dadf21f243a76d
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.2.1-5+lenny1_powerpc.deb
Size/MD5 checksum: 252104 af29662c0e472962196a03d9bcac0624
http://security.debian.org/pool/updates/main/d/dbus/dbus-x11_1.2.1-5+lenny1_powerpc.deb
Size/MD5 checksum: 67286 5d871cb882a468fc0d21981024b7bd5e

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.2.1-5+lenny1_sparc.deb
Size/MD5 checksum: 145182 7493ade5ef50256253977a3c708a87dd
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.2.1-5+lenny1_sparc.deb
Size/MD5 checksum: 254556 8f8bc903fe5eb131a75cbfd0f282cc21
http://security.debian.org/pool/updates/main/d/dbus/dbus-x11_1.2.1-5+lenny1_sparc.deb
Size/MD5 checksum: 63946 4e1a64b89ca25775553e7653cf2cb3eb
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.2.1-5+lenny1_sparc.deb
Size/MD5 checksum: 235150 7e6ab5023ad36c713a0eff40e6f60045


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkphji4ACgkQ62zWxYk/rQeUUQCgoAAlzCip8iT8Da1eYQ7VzKVn
uBgAn0FFJcLPYuriEVVJkrlBhSjKwbE+
=UcAL
-----END PGP SIGNATURE-----
"

DSA 1836-1: New fckeditor packages fix arbitrary code executionRobbie distracted by Jay Kay