DSA 1915-1: New Linux 2.6.26 packages fix several vulnerabilities  

Posted by Daniela Mehler

"-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ----------------------------------------------------------------------
Debian Security Advisory DSA-1915-1 security@debian.org
http://www.debian.org/security/ dann frazier
October 22, 2009 http://www.debian.org/security/faq
- ----------------------------------------------------------------------

Package : linux-2.6
Vulnerability : privilege escalation/denial of service/sensitive memory leak
Problem type : local/remote
Debian-specific: no
CVE Id(s) : CVE-2009-2695 CVE-2009-2903 CVE-2009-2908 CVE-2009-2909
CVE-2009-2910 CVE-2009-3001 CVE-2009-3002 CVE-2009-3286
CVE-2009-3290 CVE-2009-3613

Notice: Debian 5.0.4, the next point release of Debian 'lenny',
will include a new default value for the mmap_min_addr tunable.
This change will add an additional safeguard against a class of security
vulnerabilities known as "NULL pointer dereference" vulnerabilities, but
it will need to be overridden when using certain applications.
Additional information about this change, including instructions for
making this change locally in advance of 5.0.4 (recommended), can be
found at:
http://wiki.debian.org/mmap_min_addr

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service, sensitive memory leak or privilege escalation.
The Common Vulnerabilities and Exposures project identifies the following
problems:

CVE-2009-2695

Eric Paris provided several fixes to increase the protection
provided by the mmap_min_addr tunable against NULL pointer
dereference vulnerabilities.

CVE-2009-2903

Mark Smith discovered a memory leak in the appletalk
implementation. When the appletalk and ipddp modules are loaded,
but no ipddp"N" device is found, remote attackers can cause a
denial of service by consuming large amounts of system memory.

CVE-2009-2908

Loic Minier discovered an issue in the eCryptfs filesystem. A
local user can cause a denial of service (kernel oops) by causing
a dentry value to go negative.

CVE-2009-2909

Arjan van de Ven discovered an issue in the AX.25 protocol
implementation. A specially crafted call to setsockopt() can
result in a denial of service (kernel oops).

CVE-2009-2910

Jan Beulich discovered the existence of a sensitive kernel memory
leak. Systems running the 'amd64' kernel do not properly sanitize
registers for 32-bit processes.

CVE-2009-3001

Jiri Slaby fixed a sensitive memory leak issue in the ANSI/IEEE
802.2 LLC implementation. This is not exploitable in the Debian
lenny kernel as root privileges are required to exploit this
issue.

CVE-2009-3002

Eric Dumazet fixed several sensitive memory leaks in the IrDA,
X.25 PLP (Rose), NET/ROM, Acorn Econet/AUN, and Controller Area
Network (CAN) implementations. Local users can exploit these
issues to gain access to kernel memory.

CVE-2009-3286

Eric Paris discovered an issue with the NFSv4 server
implementation. When an O_EXCL create fails, files may be left
with corrupted permissions, possibly granting unintentional
privileges to other local users.

CVE-2009-3290

Jan Kiszka noticed that the kvm_emulate_hypercall function in KVM
does not prevent access to MMU hypercalls from ring 0, which
allows local guest OS users to cause a denial of service (guest
kernel crash) and read or write guest kernel memory.

CVE-2009-3613

Alistair Strachan reported an issue in the r8169 driver. Remote
users can cause a denial of service (IOMMU space exhaustion and
system crash) by transmitting a large amount of jumbo frames.

For the stable distribution (lenny), this problem has been fixed in
version 2.6.26-19lenny1.

For the oldstable distribution (etch), these problems, where
applicable, will be fixed in updates to linux-2.6 and linux-2.6.24.

We recommend that you upgrade your linux-2.6 and user-mode-linux
packages.

Note: Debian carefully tracks all known security issues across every
linux kernel package in all releases under active security support.
However, given the high frequency at which low-severity security
issues are discovered in the kernel and the resource requirements of
doing an update, updates for lower priority issues will normally not
be released for all kernels at the same time. Rather, they will be
released in a staggered or "leap-frog" fashion.

The following matrix lists additional source packages that were rebuilt for
compatibility with or to take advantage of this update:

Debian 5.0 (lenny)
user-mode-linux 2.6.26-1um-2+19lenny1

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-19lenny1.diff.gz
Size/MD5 checksum: 7643838 b6b5d896bbc02eea1516acefb752b028
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26.orig.tar.gz
Size/MD5 checksum: 61818969 85e039c2588d5bf3cb781d1c9218bbcb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-19lenny1.dsc
Size/MD5 checksum: 5778 87d44ca47bc435ab72f03620a8cbcc6a

Architecture independent packages:

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.26_2.6.26-19lenny1_all.deb
Size/MD5 checksum: 48675122 160e198488576fc5207a0f4f16454051
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.26_2.6.26-19lenny1_all.deb
Size/MD5 checksum: 1767094 4157e016e1c4de75246ec5b13a0b10ef
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.26_2.6.26-19lenny1_all.deb
Size/MD5 checksum: 2555882 942a0fcf654d6c2aaa8ba343a87752f8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.26-2_2.6.26-19lenny1_all.deb
Size/MD5 checksum: 122028 28a7345af55f74689d73190015b00dbc
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.26_2.6.26-19lenny1_all.deb
Size/MD5 checksum: 4627708 59a9cbb3478d6f0d0ad5e7e0704e1bb8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.26_2.6.26-19lenny1_all.deb
Size/MD5 checksum: 106722 37017679870c0c9b48eebe9a1dcc42a3

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-smp_2.6.26-19lenny1_alpha.deb
Size/MD5 checksum: 365202 81902d247bda62ede01b8e611bd8e112
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-legacy_2.6.26-19lenny1_alpha.deb
Size/MD5 checksum: 364258 821619686e248614508b333c79b3ae9c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-smp_2.6.26-19lenny1_alpha.deb
Size/MD5 checksum: 29177010 f1695dc7a5d9da563226e7e79f948757
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-generic_2.6.26-19lenny1_alpha.deb
Size/MD5 checksum: 28487206 9764065c78953a81e53e9e55c13d7197
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-generic_2.6.26-19lenny1_alpha.deb
Size/MD5 checksum: 363878 ce28435c1b749d412394f4ba9c37ae7e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-legacy_2.6.26-19lenny1_alpha.deb
Size/MD5 checksum: 28471056 fe46b2cf35234e04792eef4e8b5ecba3
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny1_alpha.deb
Size/MD5 checksum: 106226 8f323cda74dc42f3619127fc999b8c79
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-alpha_2.6.26-19lenny1_alpha.deb
Size/MD5 checksum: 106244 40e9431f0224f8f293babbc08201b266
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny1_alpha.deb
Size/MD5 checksum: 3543660 84db694b4039ea42cbd59d685420cd08
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny1_alpha.deb
Size/MD5 checksum: 741068 c3ac6c44e6dc90eb97a598a364e58417

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-amd64_2.6.26-19lenny1_amd64.deb
Size/MD5 checksum: 20885120 adddf8c6a8bc505ce04adbab3ae445ad
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-amd64_2.6.26-19lenny1_amd64.deb
Size/MD5 checksum: 389638 3dded36588d23c3f813bc002a08b251b
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-amd64_2.6.26-19lenny1_amd64.deb
Size/MD5 checksum: 106250 bf416250c7b93a4c101cc361d1d276ce
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-amd64_2.6.26-19lenny1_amd64.deb
Size/MD5 checksum: 20900916 55607c0b0e1c91ab8977f19dbf428621
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-xen-amd64_2.6.26-19lenny1_amd64.deb
Size/MD5 checksum: 1804620 9d1925ed82b0fd6efa7656cfd9616c2f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-19lenny1_amd64.deb
Size/MD5 checksum: 3751628 a35f2c71dc3a83c02a801d60538d9456
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny1_amd64.deb
Size/MD5 checksum: 749444 63bee4147b5785272c3db232b58f1041
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-openvz_2.6.26-19lenny1_amd64.deb
Size/MD5 checksum: 3774616 5c9c9f7e6ea78808a671863b98bb6f3b
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.26-2-xen-amd64_2.6.26-19lenny1_amd64.deb
Size/MD5 checksum: 19274338 c777c63ef88330789295746976ea88b5
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-openvz-amd64_2.6.26-19lenny1_amd64.deb
Size/MD5 checksum: 21053458 43ce00c33d321cdc37e3b752cad2135e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-amd64_2.6.26-19lenny1_amd64.deb
Size/MD5 checksum: 387228 18fdefca4f553fe4af15a9986a8558a7
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny1_amd64.deb
Size/MD5 checksum: 106218 c287f196bc2ee66f483befcbbfa9e56c
http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.26-2-xen-amd64_2.6.26-19lenny1_amd64.deb
Size/MD5 checksum: 106202 b9f37a797a8dcd1ca3f3e4c50a1bff30
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-openvz-amd64_2.6.26-19lenny1_amd64.deb
Size/MD5 checksum: 394126 08cb6584482c74cf69cbf74a7a35330d
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-xen_2.6.26-19lenny1_amd64.deb
Size/MD5 checksum: 3851376 635e1133f9136a67a33d4802096aa384
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-xen-amd64_2.6.26-19lenny1_amd64.deb
Size/MD5 checksum: 383088 fc282fffa1021514e7337d360ca4b091
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny1_amd64.deb
Size/MD5 checksum: 3719026 c7ee8698dad587f0dc32fab1af61d6d9

arm architecture (ARM)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-ixp4xx_2.6.26-19lenny1_arm.deb
Size/MD5 checksum: 11718230 d143acbbce645433c28112d94f716a8c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-arm_2.6.26-19lenny1_arm.deb
Size/MD5 checksum: 106232 1b5c94c3cad061c304acdc4b093737a3
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-footbridge_2.6.26-19lenny1_arm.deb
Size/MD5 checksum: 348688 3aee9049eb40c1c23e699240e0bb40c1
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-ixp4xx_2.6.26-19lenny1_arm.deb
Size/MD5 checksum: 364544 d3c6b2f3f5e1b9ff73a118fdc65c246e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny1_arm.deb
Size/MD5 checksum: 106192 98864b78224331ba35b26f80a4cfbb81
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-footbridge_2.6.26-19lenny1_arm.deb
Size/MD5 checksum: 10239548 1346c5b1ac226022cf4cadc51123041f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-iop32x_2.6.26-19lenny1_arm.deb
Size/MD5 checksum: 366580 c3e3862542a31f0fdba610543a9162d3
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-orion5x_2.6.26-19lenny1_arm.deb
Size/MD5 checksum: 11411874 c3787349a5fb0dbae157c4d8ec80985a
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny1_arm.deb
Size/MD5 checksum: 746752 5bbea7fb7c579d96cc2adfd04bca44ef
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny1_arm.deb
Size/MD5 checksum: 4139798 35f72cebaab83eef03b69e6834b0fb7f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-iop32x_2.6.26-19lenny1_arm.deb
Size/MD5 checksum: 12440096 4f0053f165052b407595a04d79e73e61
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-orion5x_2.6.26-19lenny1_arm.deb
Size/MD5 checksum: 361536 29b7f9cbcfdf5760062c39d4b28b339d

armel architecture (ARM EABI)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny1_armel.deb
Size/MD5 checksum: 4136688 02d5b1ffedd621cfffb0d80af4cbd57b
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-ixp4xx_2.6.26-19lenny1_armel.deb
Size/MD5 checksum: 11680306 6c951dd5782cd23939ed3cbdd04fc878
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-iop32x_2.6.26-19lenny1_armel.deb
Size/MD5 checksum: 12396020 fc1aa7847d9bae51bf59923ddc0ad1f8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-versatile_2.6.26-19lenny1_armel.deb
Size/MD5 checksum: 9574892 ce86554f814f2b42a55bc6ea2e6a7106
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-armel_2.6.26-19lenny1_armel.deb
Size/MD5 checksum: 106234 091b7751443c9277ea02883093747703
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-versatile_2.6.26-19lenny1_armel.deb
Size/MD5 checksum: 334564 484e3df9ee4a450bbe5163926ac8e3fc
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-orion5x_2.6.26-19lenny1_armel.deb
Size/MD5 checksum: 11371036 7a9a4f1e9f0d8995294053fe0ceb7ccd
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-iop32x_2.6.26-19lenny1_armel.deb
Size/MD5 checksum: 366124 338117a039481e2a13fc26c0aeddd790
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny1_armel.deb
Size/MD5 checksum: 747644 a55986dca639bc80d008d23f213284bb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-ixp4xx_2.6.26-19lenny1_armel.deb
Size/MD5 checksum: 362964 3e0a6b4a298c6fefdc50de8092bbde04
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-orion5x_2.6.26-19lenny1_armel.deb
Size/MD5 checksum: 359664 9d5fee325f322725775b5487741be647
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny1_armel.deb
Size/MD5 checksum: 106194 68b88c1687cfbc3410ef247a1766da2c

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc-smp_2.6.26-19lenny1_hppa.deb
Size/MD5 checksum: 296914 d74f0573e197572b6ae4824bed753ba9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny1_hppa.deb
Size/MD5 checksum: 758510 92a123eca1e1ab4b55908eac04a49d3e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny1_hppa.deb
Size/MD5 checksum: 106192 7a13af4e96ed892dbcd14c31c6e3fec9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc64-smp_2.6.26-19lenny1_hppa.deb
Size/MD5 checksum: 17600786 0da91a9e353e46954656849d90f80404
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc64_2.6.26-19lenny1_hppa.deb
Size/MD5 checksum: 17055794 bf351e3cfd31c5d340820faecd657957
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc-smp_2.6.26-19lenny1_hppa.deb
Size/MD5 checksum: 16317844 3863891a64ea935b49132deaf7d28b82
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny1_hppa.deb
Size/MD5 checksum: 3600074 9549ee7c67d7cb01e18ebd4bd45217fb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc_2.6.26-19lenny1_hppa.deb
Size/MD5 checksum: 15724906 a6842f75a3e0363b5813c98ba8fdd93b
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-hppa_2.6.26-19lenny1_hppa.deb
Size/MD5 checksum: 106222 1690af7c5e0b89a5ccc7ba58668e9efa
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc64_2.6.26-19lenny1_hppa.deb
Size/MD5 checksum: 296178 3272eeb9db69337c3fe24214858ad133
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc_2.6.26-19lenny1_hppa.deb
Size/MD5 checksum: 295104 337f765c6bc792a3c34697ee0ef6cead
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc64-smp_2.6.26-19lenny1_hppa.deb
Size/MD5 checksum: 298994 4d57561b3d6eecbc4416b903d041f1e1

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-686_2.6.26-19lenny1_i386.deb
Size/MD5 checksum: 20235758 965766bb7bca54211d0bcc4461698822
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-686_2.6.26-19lenny1_i386.deb
Size/MD5 checksum: 397928 ac8105d3d31eb659802e0e3f4dbb3dd1
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-486_2.6.26-19lenny1_i386.deb
Size/MD5 checksum: 20174784 8744b68d2f257fdbd8b78c54437ce902
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-686-bigmem_2.6.26-19lenny1_i386.deb
Size/MD5 checksum: 20326334 7748ca82861e1bb924c0536488efeb51
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-xen-686_2.6.26-19lenny1_i386.deb
Size/MD5 checksum: 385312 c53fba14c80d813d2510060241b17401
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-openvz-686_2.6.26-19lenny1_i386.deb
Size/MD5 checksum: 20501792 719ab20afef9cd103b234c74d203384d
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-486_2.6.26-19lenny1_i386.deb
Size/MD5 checksum: 398036 8ccc26cafb37c3ed3ccd9e45c58a7bcd
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-xen-686_2.6.26-19lenny1_i386.deb
Size/MD5 checksum: 1592000 66c26539c73138df200265ea67e9127e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-686_2.6.26-19lenny1_i386.deb
Size/MD5 checksum: 20207632 2a43dc386ea5a94baf178b170a0a72a5
http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.26-2-xen-686_2.6.26-19lenny1_i386.deb
Size/MD5 checksum: 106212 fbf271a7acfe162ebcb78c88e68ed8e5
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-i386_2.6.26-19lenny1_i386.deb
Size/MD5 checksum: 106262 46194207eeebbddeba75b4c093600638
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny1_i386.deb
Size/MD5 checksum: 3719038 0f84f28217631d02e48dd8df52056be7
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-xen_2.6.26-19lenny1_i386.deb
Size/MD5 checksum: 3851496 a9596a304602f4448a9b5c529a7ff9a1
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.26-2-xen-686_2.6.26-19lenny1_i386.deb
Size/MD5 checksum: 18035674 6525a6e6d2328f0393a45b3f9048c44c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-686-bigmem_2.6.26-19lenny1_i386.deb
Size/MD5 checksum: 20353346 d51dbb2de178ba2e1589794e7fe850b7
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-amd64_2.6.26-19lenny1_i386.deb
Size/MD5 checksum: 20864554 4291dfb20626cc00561a15292734cd4f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-amd64_2.6.26-19lenny1_i386.deb
Size/MD5 checksum: 387194 63e644bc512a0265e07a4c0183b40532
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-686_2.6.26-19lenny1_i386.deb
Size/MD5 checksum: 399186 2bce11e03c0f3718624911f6d9025fe5
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-686-bigmem_2.6.26-19lenny1_i386.deb
Size/MD5 checksum: 399024 38088f6a52c0d8e00429fcdd8e51f5e2
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-19lenny1_i386.deb
Size/MD5 checksum: 3751794 7dab7fa65d5d48fa21ae2d5b680b4feb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny1_i386.deb
Size/MD5 checksum: 106212 9e51786fdf948efe3df0c9ebf91505f4
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-openvz-686_2.6.26-19lenny1_i386.deb
Size/MD5 checksum: 403610 cdebf3cd645851c8e1c6343d13bc20ae
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny1_i386.deb
Size/MD5 checksum: 749454 d4dbde4b155673ac110c7e9fd37123d6
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-686-bigmem_2.6.26-19lenny1_i386.deb
Size/MD5 checksum: 398430 bc279d033cf43918d0bd446feeeedffa
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-openvz_2.6.26-19lenny1_i386.deb
Size/MD5 checksum: 3774804 fffaa64df94bc43269519da987510a06

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny1_ia64.deb
Size/MD5 checksum: 106222 ef8fef5f51e7a356be26920c3de433fb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny1_ia64.deb
Size/MD5 checksum: 748116 72bc17a29b0bc8c2d33ef49721bf793d
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny1_ia64.deb
Size/MD5 checksum: 3654682 45c6a140c6eb393b90cc879aa6305047
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-itanium_2.6.26-19lenny1_ia64.deb
Size/MD5 checksum: 34165154 a735a8c9b69ee109d5dac565a777464f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-itanium_2.6.26-19lenny1_ia64.deb
Size/MD5 checksum: 354954 d1f92b5082550676d0532e0a65143f46
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-itanium_2.6.26-19lenny1_ia64.deb
Size/MD5 checksum: 34103002 2458d02fc3943a0b60bee03455e4134f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-mckinley_2.6.26-19lenny1_ia64.deb
Size/MD5 checksum: 34290130 657b00cb9120283655bc349e242c8790
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-19lenny1_ia64.deb
Size/MD5 checksum: 3687274 7b3202292c6f8da793f13c08899f4eb4
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-ia64_2.6.26-19lenny1_ia64.deb
Size/MD5 checksum: 106254 fe4b7d22cbbeade4d9b38c21bf51025e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-mckinley_2.6.26-19lenny1_ia64.deb
Size/MD5 checksum: 34348684 a83ec40a2adca957575954e2747a52f9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-mckinley_2.6.26-19lenny1_ia64.deb
Size/MD5 checksum: 354840 248e53bf67eefc4299bf36005fb38e91
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-itanium_2.6.26-19lenny1_ia64.deb
Size/MD5 checksum: 355486 e5c82246e58861912eeb1389248a9582
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-mckinley_2.6.26-19lenny1_ia64.deb
Size/MD5 checksum: 355536 8aac568adfb655a87b2ef00e3bdb9e56

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-r5k-ip32_2.6.26-19lenny1_mips.deb
Size/MD5 checksum: 15646714 b7225d6485168324e780cea3d6f2d59d
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-mips_2.6.26-19lenny1_mips.deb
Size/MD5 checksum: 106278 67c2358f394f32ff2fb0af1030c52533
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sb1a-bcm91480b_2.6.26-19lenny1_mips.deb
Size/MD5 checksum: 20122360 febab78c12a6a3268f833087c0c56486
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny1_mips.deb
Size/MD5 checksum: 742200 70097bfb5c777d3920d570b52ae432ec
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-r5k-ip32_2.6.26-19lenny1_mips.deb
Size/MD5 checksum: 277818 95a0c1559d24890aea2e3b01f84548e1
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-4kc-malta_2.6.26-19lenny1_mips.deb
Size/MD5 checksum: 23353804 bb8a2410d92de6e6ee4b095d0079a304
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sb1-bcm91250a_2.6.26-19lenny1_mips.deb
Size/MD5 checksum: 20134016 bd1b6e42923dc7ecbf1db589f2e050dc
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sb1-bcm91250a_2.6.26-19lenny1_mips.deb
Size/MD5 checksum: 293936 b038878251981b0f5a14c75f8d500e72
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-5kc-malta_2.6.26-19lenny1_mips.deb
Size/MD5 checksum: 29270186 075bc506b69238577b3075ecce90cea8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-5kc-malta_2.6.26-19lenny1_mips.deb
Size/MD5 checksum: 347496 9876d8b35bad48cdcb8f1048d2047e9f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sb1a-bcm91480b_2.6.26-19lenny1_mips.deb
Size/MD5 checksum: 293606 a1244b2a4a2651b6efb807b0076d0769
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny1_mips.deb
Size/MD5 checksum: 106228 d5d7bf8693fb6f136b3d7f9fff17868e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-r4k-ip22_2.6.26-19lenny1_mips.deb
Size/MD5 checksum: 11494216 a913c8d6b075c92143aefab793e49802
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-4kc-malta_2.6.26-19lenny1_mips.deb
Size/MD5 checksum: 348530 cc0a18212c2ffff502496c88db7353f8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-r4k-ip22_2.6.26-19lenny1_mips.deb
Size/MD5 checksum: 252140 303f35d568e062c7c64e1ea77e1acfca
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny1_mips.deb
Size/MD5 checksum: 3890708 2af87f7f68d961f38631fe9419433cb3

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny1_mipsel.deb
Size/MD5 checksum: 3890674 c698e6416d662e4bdcd5f2b65f519bf5
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sb1-bcm91250a_2.6.26-19lenny1_mipsel.deb
Size/MD5 checksum: 293840 56463b5f21cba8a85ef4ec09dfb71a2c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-4kc-malta_2.6.26-19lenny1_mipsel.deb
Size/MD5 checksum: 22903630 2b2d51b9d2c60a0220f19b03f31b0fb1
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sb1-bcm91250a_2.6.26-19lenny1_mipsel.deb
Size/MD5 checksum: 19553840 04dbd70ded4f1785f2a546c48139e8a4
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny1_mipsel.deb
Size/MD5 checksum: 742188 3bc21117e76e5437436e74c83af2f85c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-mipsel_2.6.26-19lenny1_mipsel.deb
Size/MD5 checksum: 106278 ec8c866be9034ae2b0235fea0aab8826
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sb1a-bcm91480b_2.6.26-19lenny1_mipsel.deb
Size/MD5 checksum: 19544116 385a18ff83f183008d39a324ca3a7a64
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny1_mipsel.deb
Size/MD5 checksum: 106226 11e40d22e32408ad7e6bc5d5b798341c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-4kc-malta_2.6.26-19lenny1_mipsel.deb
Size/MD5 checksum: 348886 b9d076bbc0c1c05fee6a8bc701c5246b
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-r5k-cobalt_2.6.26-19lenny1_mipsel.deb
Size/MD5 checksum: 290150 953eede106a61750466539c470fccff3
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sb1a-bcm91480b_2.6.26-19lenny1_mipsel.deb
Size/MD5 checksum: 293520 9c365550f490f08ed4d1179ea869a2ab
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-5kc-malta_2.6.26-19lenny1_mipsel.deb
Size/MD5 checksum: 28414750 8958c2bbf25575ad3da01810465c68b0
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-r5k-cobalt_2.6.26-19lenny1_mipsel.deb
Size/MD5 checksum: 14946986 70aa93fb00bac137d0830d5a3d0ae175
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-5kc-malta_2.6.26-19lenny1_mipsel.deb
Size/MD5 checksum: 347492 3bca2b807dfb73dc9cb723b1acad1c4b

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-19lenny1_powerpc.deb
Size/MD5 checksum: 3810456 0ad5422f7d8e35aa299823d706665589
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny1_powerpc.deb
Size/MD5 checksum: 743018 bc6ee250e35446a9fa4c966f6d700a4c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc_2.6.26-19lenny1_powerpc.deb
Size/MD5 checksum: 360690 934c382889881ed11c3a4d80f46029b5
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc-smp_2.6.26-19lenny1_powerpc.deb
Size/MD5 checksum: 361350 5ba992ffb657686b695d91142e47c917
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-powerpc_2.6.26-19lenny1_powerpc.deb
Size/MD5 checksum: 106260 8c9b825ece80ee03756deac85fc7ae85
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-powerpc_2.6.26-19lenny1_powerpc.deb
Size/MD5 checksum: 23534632 d6cce8ca5ed2f04e67fe6c675989728c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny1_powerpc.deb
Size/MD5 checksum: 3778166 8ecf326900c7e0a9e0843ff38543e9bf
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc-smp_2.6.26-19lenny1_powerpc.deb
Size/MD5 checksum: 23492570 54700bcd87a591d77f04ed3d943f14cc
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc64_2.6.26-19lenny1_powerpc.deb
Size/MD5 checksum: 23361112 38fb485837f4e2d2e663276e620b631b
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-powerpc_2.6.26-19lenny1_powerpc.deb
Size/MD5 checksum: 362688 ac80a97076af560d07f2c10ddbcb51b6
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny1_powerpc.deb
Size/MD5 checksum: 106226 008ff2b0a6c9dc7647c4ad764711d8f0
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc64_2.6.26-19lenny1_powerpc.deb
Size/MD5 checksum: 367612 481b3062c2c8184bea2004519424341f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-powerpc64_2.6.26-19lenny1_powerpc.deb
Size/MD5 checksum: 23415202 bd5e54388543b1ce52e7b159c7e55f13
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc_2.6.26-19lenny1_powerpc.deb
Size/MD5 checksum: 23099378 8b66b3fef4f3824b1153c2ff9f84fe27
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-powerpc64_2.6.26-19lenny1_powerpc.deb
Size/MD5 checksum: 368056 ae63da437c1c50e250866f9376481f68

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-s390-tape_2.6.26-19lenny1_s390.deb
Size/MD5 checksum: 1628674 2a43d3cc92ec5169f76f00a734b93553
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny1_s390.deb
Size/MD5 checksum: 106214 4f8c19d44015c514129457f90d4c6977
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-s390_2.6.26-19lenny1_s390.deb
Size/MD5 checksum: 7486570 2582845c5a0e72efbd370fb510098a71
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-s390x_2.6.26-19lenny1_s390.deb
Size/MD5 checksum: 7839470 e494833d75eb5d275528ff13810f9a96
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny1_s390.deb
Size/MD5 checksum: 741408 d75cabed135fc4cf6aa11de352de8c4c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-s390_2.6.26-19lenny1_s390.deb
Size/MD5 checksum: 106230 c7b39f728c2e34fcf209d2e67354c29b
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-s390x_2.6.26-19lenny1_s390.deb
Size/MD5 checksum: 229672 15bdcc4b04cb7045b0ff2b316e9e7106
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny1_s390.deb
Size/MD5 checksum: 3530364 0fa6e1ff59144e507927384c8dfb8bd1
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-19lenny1_s390.deb
Size/MD5 checksum: 3562860 17bbd7e48cfade0d92f1613269163b16
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-s390_2.6.26-19lenny1_s390.deb
Size/MD5 checksum: 228968 70d216d9e8b0c5a93be5104e0b1191ec
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-s390x_2.6.26-19lenny1_s390.deb
Size/MD5 checksum: 230892 0b4c88be49ec6d67ff26a60e99af0063
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-s390x_2.6.26-19lenny1_s390.deb
Size/MD5 checksum: 7777622 18ded8a40e6d304b1330d6195973f9f8

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-sparc64_2.6.26-19lenny1_sparc.deb
Size/MD5 checksum: 301122 402b3fee53280fecb1edde00aa5769c4
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-19lenny1_sparc.deb
Size/MD5 checksum: 3813874 1ac8f50ddf17aed04896538831f5e308
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-sparc_2.6.26-19lenny1_sparc.deb
Size/MD5 checksum: 106216 579c2acaad9bea288586483b75bb4d1c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sparc64-smp_2.6.26-19lenny1_sparc.deb
Size/MD5 checksum: 301342 7fc642c64a458417fe84bbc07c81bea3
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-sparc64_2.6.26-19lenny1_sparc.deb
Size/MD5 checksum: 14583642 4a87fbb9193fa19b29b25bd4a6def613
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny1_sparc.deb
Size/MD5 checksum: 106194 6979522ab7c32fc91b4be1fd9b4aa7be
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sparc64-smp_2.6.26-19lenny1_sparc.deb
Size/MD5 checksum: 14564250 e497d698009887bb97cf1b52f4a7184a
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sparc64_2.6.26-19lenny1_sparc.deb
Size/MD5 checksum: 14236988 d2c7767f74d10c6c2ae35ca4dba08f8e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sparc64_2.6.26-19lenny1_sparc.deb
Size/MD5 checksum: 299712 3693bb4f02e5c8d5d65cba62e69ae847
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny1_sparc.deb
Size/MD5 checksum: 3778456 089335196a9344fa81df64bee44232fc
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny1_sparc.deb
Size/MD5 checksum: 797952 9bce00f7843ffaedbe41ca6c9671c398


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iD8DBQFK4dGOhuANDBmkLRkRAsz9AJ9hz77XsBL6DO6RmIOq+rRuJLoyWQCbBh1B
7xp5wds+BgrwXt2CHpR9JIQ=
=zP1A
-----END PGP SIGNATURE-----
"

Ska Legends launch Liverpool Music WeekDSA 1902-1: New elinks packages fix arbitrary code execution

RHSA-2009:1529-01 Moderate: samba security update  

Posted by Daniela Mehler

"-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
Red Hat Security Advisory

Synopsis: Moderate: samba security update
Advisory ID: RHSA-2009:1529-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1529.html
Issue date: 2009-10-27
CVE Names: CVE-2009-1888 CVE-2009-2813 CVE-2009-2906
CVE-2009-2948
=====================================================================

1. Summary:

Updated samba packages that fix multiple security issues are now available
for Red Hat Enterprise Linux 4 and 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Description:

Samba is a suite of programs used by machines to share files, printers, and
other information.

A denial of service flaw was found in the Samba smbd daemon. An
authenticated, remote user could send a specially-crafted response that
would cause an smbd child process to enter an infinite loop. An
authenticated, remote user could use this flaw to exhaust system resources
by opening multiple CIFS sessions. (CVE-2009-2906)

An uninitialized data access flaw was discovered in the smbd daemon when
using the non-default "dos filemode" configuration option in "smb.conf". An
authenticated, remote user with write access to a file could possibly use
this flaw to change an access control list for that file, even when such
access should have been denied. (CVE-2009-1888)

A flaw was discovered in the way Samba handled users without a home
directory set in the back-end password database (e.g. "/etc/passwd"). If a
share for the home directory of such a user was created (e.g. using the
automated "[homes]" share), any user able to access that share could see
the whole file system, possibly bypassing intended access restrictions.
(CVE-2009-2813)

The mount.cifs program printed CIFS passwords as part of its debug output
when running in verbose mode. When mount.cifs had the setuid bit set, a
local, unprivileged user could use this flaw to disclose passwords from a
file that would otherwise be inaccessible to that user. Note: mount.cifs
from the samba packages distributed by Red Hat does not have the setuid bit
set. This flaw only affected systems where the setuid bit was manually set
by an administrator. (CVE-2009-2948)

Users of Samba should upgrade to these updated packages, which contain
backported patches to correct these issues. After installing this update,
the smb service will be restarted automatically.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

506996 - CVE-2009-1888 Samba improper file access
523752 - CVE-2009-2813 Samba: Share restriction bypass via home-less directory user account(s)
526074 - CVE-2009-2948 samba: information disclosure in suid mount.cifs
526645 - CVE-2009-2906 samba: infinite loop flaw in smbd on unexpected oplock break notification reply

6. Package List:

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/samba-3.0.33-0.18.el4_8.src.rpm

i386:
samba-3.0.33-0.18.el4_8.i386.rpm
samba-client-3.0.33-0.18.el4_8.i386.rpm
samba-common-3.0.33-0.18.el4_8.i386.rpm
samba-debuginfo-3.0.33-0.18.el4_8.i386.rpm
samba-swat-3.0.33-0.18.el4_8.i386.rpm

ia64:
samba-3.0.33-0.18.el4_8.ia64.rpm
samba-client-3.0.33-0.18.el4_8.ia64.rpm
samba-common-3.0.33-0.18.el4_8.i386.rpm
samba-common-3.0.33-0.18.el4_8.ia64.rpm
samba-debuginfo-3.0.33-0.18.el4_8.i386.rpm
samba-debuginfo-3.0.33-0.18.el4_8.ia64.rpm
samba-swat-3.0.33-0.18.el4_8.ia64.rpm

ppc:
samba-3.0.33-0.18.el4_8.ppc.rpm
samba-client-3.0.33-0.18.el4_8.ppc.rpm
samba-common-3.0.33-0.18.el4_8.ppc.rpm
samba-common-3.0.33-0.18.el4_8.ppc64.rpm
samba-debuginfo-3.0.33-0.18.el4_8.ppc.rpm
samba-debuginfo-3.0.33-0.18.el4_8.ppc64.rpm
samba-swat-3.0.33-0.18.el4_8.ppc.rpm

s390:
samba-3.0.33-0.18.el4_8.s390.rpm
samba-client-3.0.33-0.18.el4_8.s390.rpm
samba-common-3.0.33-0.18.el4_8.s390.rpm
samba-debuginfo-3.0.33-0.18.el4_8.s390.rpm
samba-swat-3.0.33-0.18.el4_8.s390.rpm

s390x:
samba-3.0.33-0.18.el4_8.s390x.rpm
samba-client-3.0.33-0.18.el4_8.s390x.rpm
samba-common-3.0.33-0.18.el4_8.s390.rpm
samba-common-3.0.33-0.18.el4_8.s390x.rpm
samba-debuginfo-3.0.33-0.18.el4_8.s390.rpm
samba-debuginfo-3.0.33-0.18.el4_8.s390x.rpm
samba-swat-3.0.33-0.18.el4_8.s390x.rpm

x86_64:
samba-3.0.33-0.18.el4_8.x86_64.rpm
samba-client-3.0.33-0.18.el4_8.x86_64.rpm
samba-common-3.0.33-0.18.el4_8.i386.rpm
samba-common-3.0.33-0.18.el4_8.x86_64.rpm
samba-debuginfo-3.0.33-0.18.el4_8.i386.rpm
samba-debuginfo-3.0.33-0.18.el4_8.x86_64.rpm
samba-swat-3.0.33-0.18.el4_8.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/samba-3.0.33-0.18.el4_8.src.rpm

i386:
samba-3.0.33-0.18.el4_8.i386.rpm
samba-client-3.0.33-0.18.el4_8.i386.rpm
samba-common-3.0.33-0.18.el4_8.i386.rpm
samba-debuginfo-3.0.33-0.18.el4_8.i386.rpm
samba-swat-3.0.33-0.18.el4_8.i386.rpm

x86_64:
samba-3.0.33-0.18.el4_8.x86_64.rpm
samba-client-3.0.33-0.18.el4_8.x86_64.rpm
samba-common-3.0.33-0.18.el4_8.i386.rpm
samba-common-3.0.33-0.18.el4_8.x86_64.rpm
samba-debuginfo-3.0.33-0.18.el4_8.i386.rpm
samba-debuginfo-3.0.33-0.18.el4_8.x86_64.rpm
samba-swat-3.0.33-0.18.el4_8.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/samba-3.0.33-0.18.el4_8.src.rpm

i386:
samba-3.0.33-0.18.el4_8.i386.rpm
samba-client-3.0.33-0.18.el4_8.i386.rpm
samba-common-3.0.33-0.18.el4_8.i386.rpm
samba-debuginfo-3.0.33-0.18.el4_8.i386.rpm
samba-swat-3.0.33-0.18.el4_8.i386.rpm

ia64:
samba-3.0.33-0.18.el4_8.ia64.rpm
samba-client-3.0.33-0.18.el4_8.ia64.rpm
samba-common-3.0.33-0.18.el4_8.i386.rpm
samba-common-3.0.33-0.18.el4_8.ia64.rpm
samba-debuginfo-3.0.33-0.18.el4_8.i386.rpm
samba-debuginfo-3.0.33-0.18.el4_8.ia64.rpm
samba-swat-3.0.33-0.18.el4_8.ia64.rpm

x86_64:
samba-3.0.33-0.18.el4_8.x86_64.rpm
samba-client-3.0.33-0.18.el4_8.x86_64.rpm
samba-common-3.0.33-0.18.el4_8.i386.rpm
samba-common-3.0.33-0.18.el4_8.x86_64.rpm
samba-debuginfo-3.0.33-0.18.el4_8.i386.rpm
samba-debuginfo-3.0.33-0.18.el4_8.x86_64.rpm
samba-swat-3.0.33-0.18.el4_8.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/samba-3.0.33-0.18.el4_8.src.rpm

i386:
samba-3.0.33-0.18.el4_8.i386.rpm
samba-client-3.0.33-0.18.el4_8.i386.rpm
samba-common-3.0.33-0.18.el4_8.i386.rpm
samba-debuginfo-3.0.33-0.18.el4_8.i386.rpm
samba-swat-3.0.33-0.18.el4_8.i386.rpm

ia64:
samba-3.0.33-0.18.el4_8.ia64.rpm
samba-client-3.0.33-0.18.el4_8.ia64.rpm
samba-common-3.0.33-0.18.el4_8.i386.rpm
samba-common-3.0.33-0.18.el4_8.ia64.rpm
samba-debuginfo-3.0.33-0.18.el4_8.i386.rpm
samba-debuginfo-3.0.33-0.18.el4_8.ia64.rpm
samba-swat-3.0.33-0.18.el4_8.ia64.rpm

x86_64:
samba-3.0.33-0.18.el4_8.x86_64.rpm
samba-client-3.0.33-0.18.el4_8.x86_64.rpm
samba-common-3.0.33-0.18.el4_8.i386.rpm
samba-common-3.0.33-0.18.el4_8.x86_64.rpm
samba-debuginfo-3.0.33-0.18.el4_8.i386.rpm
samba-debuginfo-3.0.33-0.18.el4_8.x86_64.rpm
samba-swat-3.0.33-0.18.el4_8.x86_64.rpm

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/samba-3.0.33-3.15.el5_4.src.rpm

i386:
samba-3.0.33-3.15.el5_4.i386.rpm
samba-client-3.0.33-3.15.el5_4.i386.rpm
samba-common-3.0.33-3.15.el5_4.i386.rpm
samba-debuginfo-3.0.33-3.15.el5_4.i386.rpm
samba-swat-3.0.33-3.15.el5_4.i386.rpm

x86_64:
samba-3.0.33-3.15.el5_4.x86_64.rpm
samba-client-3.0.33-3.15.el5_4.x86_64.rpm
samba-common-3.0.33-3.15.el5_4.i386.rpm
samba-common-3.0.33-3.15.el5_4.x86_64.rpm
samba-debuginfo-3.0.33-3.15.el5_4.i386.rpm
samba-debuginfo-3.0.33-3.15.el5_4.x86_64.rpm
samba-swat-3.0.33-3.15.el5_4.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/samba-3.0.33-3.15.el5_4.src.rpm

i386:
samba-3.0.33-3.15.el5_4.i386.rpm
samba-client-3.0.33-3.15.el5_4.i386.rpm
samba-common-3.0.33-3.15.el5_4.i386.rpm
samba-debuginfo-3.0.33-3.15.el5_4.i386.rpm
samba-swat-3.0.33-3.15.el5_4.i386.rpm

ia64:
samba-3.0.33-3.15.el5_4.ia64.rpm
samba-client-3.0.33-3.15.el5_4.ia64.rpm
samba-common-3.0.33-3.15.el5_4.ia64.rpm
samba-debuginfo-3.0.33-3.15.el5_4.ia64.rpm
samba-swat-3.0.33-3.15.el5_4.ia64.rpm

ppc:
samba-3.0.33-3.15.el5_4.ppc.rpm
samba-client-3.0.33-3.15.el5_4.ppc.rpm
samba-common-3.0.33-3.15.el5_4.ppc.rpm
samba-common-3.0.33-3.15.el5_4.ppc64.rpm
samba-debuginfo-3.0.33-3.15.el5_4.ppc.rpm
samba-debuginfo-3.0.33-3.15.el5_4.ppc64.rpm
samba-swat-3.0.33-3.15.el5_4.ppc.rpm

s390x:
samba-3.0.33-3.15.el5_4.s390x.rpm
samba-client-3.0.33-3.15.el5_4.s390x.rpm
samba-common-3.0.33-3.15.el5_4.s390.rpm
samba-common-3.0.33-3.15.el5_4.s390x.rpm
samba-debuginfo-3.0.33-3.15.el5_4.s390.rpm
samba-debuginfo-3.0.33-3.15.el5_4.s390x.rpm
samba-swat-3.0.33-3.15.el5_4.s390x.rpm

x86_64:
samba-3.0.33-3.15.el5_4.x86_64.rpm
samba-client-3.0.33-3.15.el5_4.x86_64.rpm
samba-common-3.0.33-3.15.el5_4.i386.rpm
samba-common-3.0.33-3.15.el5_4.x86_64.rpm
samba-debuginfo-3.0.33-3.15.el5_4.i386.rpm
samba-debuginfo-3.0.33-3.15.el5_4.x86_64.rpm
samba-swat-3.0.33-3.15.el5_4.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1888
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2813
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2906
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2948
http://www.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is . More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2009 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFK5yqNXlSAg2UNWIIRArKeAKCP4b0pp5jq/TbWutsTJXVX5u3AjQCghbk3
L6tEQONMJJdLfNRqsK5buT8=
=BPXa
-----END PGP SIGNATURE-----
"

RHSA-2009:1484-01 Moderate: postgresql security update

USN-850-2: poppler regression  

Posted by Daniela Mehler

"Ubuntu Security Notice USN-850-2 October 22, 2009
poppler regression
https://launchpad.net/bugs/457985
==========================
==========================
=========

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
libpoppler1 0.5.1-0ubuntu7.7
libpoppler1-glib 0.5.1-0ubuntu7.7

Ubuntu 8.04 LTS:
libpoppler-glib2 0.6.4-1ubuntu3.4
libpoppler2 0.6.4-1ubuntu3.4

Ubuntu 8.10:
libpoppler-glib3 0.8.7-1ubuntu0.5
libpoppler3 0.8.7-1ubuntu0.5

Ubuntu 9.04:
libpoppler-glib4 0.10.5-1ubuntu2.5
libpoppler4 0.10.5-1ubuntu2.5

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

USN-850-1 fixed vulnerabilities in poppler. The security fix for
CVE-2009-3605 introduced a regression that would cause certain
applications, such as Okular, to segfault when opening certain PDF files.

This update fixes the problem. We apologize for the inconvenience.

Original advisory details:

It was discovered that poppler contained multiple security issues when
parsing malformed PDF documents. If a user or automated system were tricke=
d
into opening a crafted PDF file, an attacker could cause a denial of
service or execute arbitrary code with privileges of the user invoking the
program.


Updated packages for Ubuntu 6.06 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.5.1-0ub=
untu7.7.diff.gz
Size/MD5: 26199 6feecc35f9564d75278c96409133817b
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.5.1-0ub=
untu7.7.dsc
Size/MD5: 1734 4ad22c56bb2a05c740a89f54ef1862b1
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.5.1.ori=
g.tar.gz
Size/MD5: 954930 a136cd731892f4570933034ba97c8704

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.=
5.1-0ubuntu7.7_amd64.deb
Size/MD5: 729672 c19f19b3351bf0a369a4e0508f945ddf
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-d=
ev_0.5.1-0ubuntu7.7_amd64.deb
Size/MD5: 58124 d46eca5b2dc4f2d4aec46b38ce95a47e
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev=
_0.5.1-0ubuntu7.7_amd64.deb
Size/MD5: 47296 dd1d5b3a630f1af6b2381637819b12db
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-glib_=
0.5.1-0ubuntu7.7_amd64.deb
Size/MD5: 52898 cee75a87894d5dc83e2e909139db315e
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-qt_0.=
5.1-0ubuntu7.7_amd64.deb
Size/MD5: 43526 00df0dcc0709ca27c5cbba3da194321a
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1_0.5.1=
-0ubuntu7.7_amd64.deb
Size/MD5: 546350 5cce2eb3b3f3674dad04e995372aeb39
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.5=
.1-0ubuntu7.7_amd64.deb
Size/MD5: 101268 17b9325b6defb0ffac9fadd32c3bd590

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.=
5.1-0ubuntu7.7_i386.deb
Size/MD5: 661324 0e1f92fa78651f1d416b50ba25cbcad7
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-d=
ev_0.5.1-0ubuntu7.7_i386.deb
Size/MD5: 54830 729d6c93c963af791ddbe2efe6bb0dc1
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev=
_0.5.1-0ubuntu7.7_i386.deb
Size/MD5: 45312 84d1e975fea15221827d3919021f865b
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-glib_=
0.5.1-0ubuntu7.7_i386.deb
Size/MD5: 50820 29f50c58b20d46245bb51f85172dac33
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-qt_0.=
5.1-0ubuntu7.7_i386.deb
Size/MD5: 42490 3504a7bcedb907a5773821278f2fa99c
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1_0.5.1=
-0ubuntu7.7_i386.deb
Size/MD5: 505722 e00778f54d7a4b0e03a7006682739bde
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.5=
.1-0ubuntu7.7_i386.deb
Size/MD5: 94218 41ba8a1a3a0aecacb4173cb600329f45

powerpc architecture (Apple Macintosh G3/G4/G5):

http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.=
5.1-0ubuntu7.7_powerpc.deb
Size/MD5: 769396 62e7b41a068cb93b19bba751f7766350
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-d=
ev_0.5.1-0ubuntu7.7_powerpc.deb
Size/MD5: 60152 4967c043c3aa8e0e91b3329c6cf8a9cb
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev=
_0.5.1-0ubuntu7.7_powerpc.deb
Size/MD5: 47446 436b1ac9af4a93369b3104eee324b3b0
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-glib_=
0.5.1-0ubuntu7.7_powerpc.deb
Size/MD5: 54176 272c02a3fd668d57209487d33153507c
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-qt_0.=
5.1-0ubuntu7.7_powerpc.deb
Size/MD5: 44788 5ec4c73e17f45d928339388d29d59d07
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1_0.5.1=
-0ubuntu7.7_powerpc.deb
Size/MD5: 552616 9add000f1a7377bc6a2459f1b2b98069
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.5=
.1-0ubuntu7.7_powerpc.deb
Size/MD5: 105832 54354c966a4eafafbf9ff753d684a8c8

sparc architecture (Sun SPARC/UltraSPARC):

http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.=
5.1-0ubuntu7.7_sparc.deb
Size/MD5: 690634 b26737e20b78669d5361534c143b7997
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-d=
ev_0.5.1-0ubuntu7.7_sparc.deb
Size/MD5: 56494 fd35acbd43dfafdd7a68530c508ae9eb
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev=
_0.5.1-0ubuntu7.7_sparc.deb
Size/MD5: 45992 8b7ef8290f01a2a952a0461a801f2a33
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-glib_=
0.5.1-0ubuntu7.7_sparc.deb
Size/MD5: 51254 9be7e5b8c01e4d5c9f71955088f81683
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-qt_0.=
5.1-0ubuntu7.7_sparc.deb
Size/MD5: 42250 6df488a98a4420030e78918ede0a62bc
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1_0.5.1=
-0ubuntu7.7_sparc.deb
Size/MD5: 518304 33d11198e364c92a50fa4145acd6b809
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.5=
.1-0ubuntu7.7_sparc.deb
Size/MD5: 93770 2b2f3d1bd52c9d598d93334223b56a20

Updated packages for Ubuntu 8.04 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6.4-1ub=
untu3.4.diff.gz
Size/MD5: 22170 0c87cf83b4bfafe6a057d1f1b77b0a94
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6.4-1ub=
untu3.4.dsc
Size/MD5: 1191 62a02161083523540d7497ce99acaadc
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6.4.ori=
g.tar.gz
Size/MD5: 1294481 13d12ca4e349574cfbbcf4a9b2b3ae52

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.=
6.4-1ubuntu3.4_amd64.deb
Size/MD5: 895292 611d447f180f75d3ac67b6d512b1733b
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-d=
ev_0.6.4-1ubuntu3.4_amd64.deb
Size/MD5: 109126 5dd23a23de590a957d4bd6e985c626a6
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib2_=
0.6.4-1ubuntu3.4_amd64.deb
Size/MD5: 54814 b5b2642d8e01dd987a53f98248687abe
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev=
_0.6.4-1ubuntu3.4_amd64.deb
Size/MD5: 46114 030a197b67afeab15b03cff9a35f754f
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.=
6.4-1ubuntu3.4_amd64.deb
Size/MD5: 25522 d94afd51dbbd791578fa9d0ee3a9a22c
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-2_=
0.6.4-1ubuntu3.4_amd64.deb
Size/MD5: 146754 8c98b285df1406b290adb37b1d046445
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-de=
v_0.6.4-1ubuntu3.4_amd64.deb
Size/MD5: 201270 65c62545fb27dd5d8ebc6d952200598b
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler2_0.6.4=
-1ubuntu3.4_amd64.deb
Size/MD5: 648572 6ee8f92318179b6b1a5239a318091ba2
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.6=
.4-1ubuntu3.4_amd64.deb
Size/MD5: 79032 270eedc3c88ec6f950879ffaddd46519

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.=
6.4-1ubuntu3.4_i386.deb
Size/MD5: 839454 ec34570894d92d793322daff28e89110
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-d=
ev_0.6.4-1ubuntu3.4_i386.deb
Size/MD5: 102838 0e51aa592860b3db1c992cc2afc226ca
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib2_=
0.6.4-1ubuntu3.4_i386.deb
Size/MD5: 52350 62e773280e07d36c4fee5bdfb4e7f4d5
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev=
_0.6.4-1ubuntu3.4_i386.deb
Size/MD5: 42496 651bf998b21c89a4d4ce3704468373cc
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.=
6.4-1ubuntu3.4_i386.deb
Size/MD5: 25054 e62ed0eeef863a375f4d0bf9d89d6612
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-2_=
0.6.4-1ubuntu3.4_i386.deb
Size/MD5: 143624 c0255841bf621b4b1de083733d15ab23
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-de=
v_0.6.4-1ubuntu3.4_i386.deb
Size/MD5: 189980 a0cc1e22949795b81657e118a4e7e208
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler2_0.6.4=
-1ubuntu3.4_i386.deb
Size/MD5: 623100 ecd055922e6b4f5cc45343cef11620e5
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.6=
.4-1ubuntu3.4_i386.deb
Size/MD5: 73702 4c0d3c1bb44e616acd1c65addb3869b7

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubunt=
u3.4_lpia.deb
Size/MD5: 859552 233110f6480ee56f7953ebd686507cc4
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1=
ubuntu3.4_lpia.deb
Size/MD5: 103836 aaf5d9fea9ded98cd1f7bff9059ad646
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubu=
ntu3.4_lpia.deb
Size/MD5: 52608 fee795b8d4f7e2bd9f15055f879e9cf1
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ub=
untu3.4_lpia.deb
Size/MD5: 42930 fb36921ec49f5be1934e7c2cf6904643
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubunt=
u3.4_lpia.deb
Size/MD5: 24794 7ace84fc08b8a2dabb27615bfae8f24f
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubu=
ntu3.4_lpia.deb
Size/MD5: 145064 d1f517f0b00f6a8162ac3b053ad8e27d
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1u=
buntu3.4_lpia.deb
Size/MD5: 191198 bc7dfe4369392bb972d3493d57a825d8
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.=
4_lpia.deb
Size/MD5: 637132 ca37cd4dddf8bfcdda45d92be3aabbc2
http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu=
3.4_lpia.deb
Size/MD5: 74702 0f05353cd2a5e89c3e2ac84195e68ba3

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubunt=
u3.4_powerpc.deb
Size/MD5: 956766 3a599b64388dd73c7d15d053fd082654
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1=
ubuntu3.4_powerpc.deb
Size/MD5: 115776 098d8baa196be43ab21ad66317604b2c
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubu=
ntu3.4_powerpc.deb
Size/MD5: 58458 c5e0aca9bc3fc31deb5f115a83d60fcd
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ub=
untu3.4_powerpc.deb
Size/MD5: 46018 dc33133fdb10804da68db8bcd6afce61
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubunt=
u3.4_powerpc.deb
Size/MD5: 28862 5e52b0dad81852a49a27c66bcb46ceef
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubu=
ntu3.4_powerpc.deb
Size/MD5: 152736 41d62d6a68a77905dab075370a9df048
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1u=
buntu3.4_powerpc.deb
Size/MD5: 209424 d8141d5d1b5c6cdede5da07546b8f32c
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.=
4_powerpc.deb
Size/MD5: 683236 5abca30d1169c59e025574ac5a25d166
http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu=
3.4_powerpc.deb
Size/MD5: 94444 b7789e691824b61aa3a91791c30f2585

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubunt=
u3.4_sparc.deb
Size/MD5: 859932 7f64960d6142fd1d8ba34bf9f2a36364
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1=
ubuntu3.4_sparc.deb
Size/MD5: 104146 737d47f70bdcb17fb7796946c47ca87a
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubu=
ntu3.4_sparc.deb
Size/MD5: 51404 ff6290965f37ce5d3019767dc43dffa7
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ub=
untu3.4_sparc.deb
Size/MD5: 41894 fddb80fb5367b24d02a7ba69caa1eec0
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubunt=
u3.4_sparc.deb
Size/MD5: 23900 65bf57afb4b5ecc2695bd66b199a0da3
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubu=
ntu3.4_sparc.deb
Size/MD5: 145342 57f8319450b068110e3e8482fd34f29b
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1u=
buntu3.4_sparc.deb
Size/MD5: 193172 946888d3098de40be576e81df72bc9e7
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.=
4_sparc.deb
Size/MD5: 631430 cdf65d9832cced845c98ff6994963981
http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu=
3.4_sparc.deb
Size/MD5: 72978 936fd04decdc9a9a74b0c9391accba45

Updated packages for Ubuntu 8.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.8.7-1ub=
untu0.5.diff.gz
Size/MD5: 24308 3ec3159b56e9fecea9c4ec8e224b9218
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.8.7-1ub=
untu0.5.dsc
Size/MD5: 1600 251fb47d56c2fdd0f2ebfff1cb534cca
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.8.7.ori=
g.tar.gz
Size/MD5: 1469587 9af81429d6f8639c357a5eed25583365

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.=
8.7-1ubuntu0.5_amd64.deb
Size/MD5: 966766 bc91d65983ecb56c177c66c038f48040
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-d=
ev_0.8.7-1ubuntu0.5_amd64.deb
Size/MD5: 123076 fbc571a52ade7d5a47160edc447ee507
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib3_=
0.8.7-1ubuntu0.5_amd64.deb
Size/MD5: 64040 9d8415a5fd45eb88c0def91dc02213db
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev=
_0.8.7-1ubuntu0.5_amd64.deb
Size/MD5: 47914 4e66e752386789a744efca8f353b5fcb
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.=
8.7-1ubuntu0.5_amd64.deb
Size/MD5: 25634 12ec1043bdd957b1fec20ea9ab7a070c
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-3_=
0.8.7-1ubuntu0.5_amd64.deb
Size/MD5: 159074 8133e86a34ef85d1d32e041c6cce2ac9
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-de=
v_0.8.7-1ubuntu0.5_amd64.deb
Size/MD5: 221722 621914511095bf900c0215f62d6db4b4
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler3_0.8.7=
-1ubuntu0.5_amd64.deb
Size/MD5: 695424 c7e803ac545458397542911c6f4b1d2b
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-dbg_0.8.7=
-1ubuntu0.5_amd64.deb
Size/MD5: 3011576 78a47b598492dda5090f35537046ad43
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.8=
.7-1ubuntu0.5_amd64.deb
Size/MD5: 79502 583905fa28139e43c1346958165c3079

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.=
8.7-1ubuntu0.5_i386.deb
Size/MD5: 900300 1c735ad422bc1ced236d252d433d45e4
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-d=
ev_0.8.7-1ubuntu0.5_i386.deb
Size/MD5: 115964 73c67d4b86fe64497ca1413132647356
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib3_=
0.8.7-1ubuntu0.5_i386.deb
Size/MD5: 60928 393160a851ef0ed85836d50a21410350
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev=
_0.8.7-1ubuntu0.5_i386.deb
Size/MD5: 44808 f4b7c7abbb0653a1df516a37620221f2
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.=
8.7-1ubuntu0.5_i386.deb
Size/MD5: 24970 926b3f0b49f4a807a2233e219a72a4b6
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-3_=
0.8.7-1ubuntu0.5_i386.deb
Size/MD5: 157450 0c076fa4a67be611b4d53d3b383c4eb3
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-de=
v_0.8.7-1ubuntu0.5_i386.deb
Size/MD5: 207524 2520eef3ce1e4631e723e4294277d4bf
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler3_0.8.7=
-1ubuntu0.5_i386.deb
Size/MD5: 668378 9b8cf460636211abb8740ae780353bfd
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-dbg_0.8.7=
-1ubuntu0.5_i386.deb
Size/MD5: 2923970 105649d5c4e68d62a1926f330c57a451
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.8=
.7-1ubuntu0.5_i386.deb
Size/MD5: 74866 1c6d44ee87f7956f6ad2b82f52287c67

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.8.7-1ubunt=
u0.5_lpia.deb
Size/MD5: 919386 a05a8f1dd586e8282f23ed41e71d341d
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.8.7-1=
ubuntu0.5_lpia.deb
Size/MD5: 116580 c07dd6d1159a31ab1ddba8161459c039
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib3_0.8.7-1ubu=
ntu0.5_lpia.deb
Size/MD5: 60904 f939d358d6a54a486ee62ba6d5149190
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.8.7-1ub=
untu0.5_lpia.deb
Size/MD5: 45008 fffb6ac75b0fc5195ce1fecab3db5b7f
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.8.7-1ubunt=
u0.5_lpia.deb
Size/MD5: 24644 ac448d4c15acef77e59ef469f7f8aa2b
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.8.7-1ubu=
ntu0.5_lpia.deb
Size/MD5: 157956 d58946762b3c8844200f033712fc484a
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.8.7-1u=
buntu0.5_lpia.deb
Size/MD5: 207282 979207f9399c6d769d9750681bc245e7
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler3_0.8.7-1ubuntu0.=
5_lpia.deb
Size/MD5: 678500 1d8dfa717ab31ea248c15f1c98c1df8d
http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.8.7-1ubuntu0.=
5_lpia.deb
Size/MD5: 2957038 7d4514ffdd1b0c8c5631865fb4cfc9fe
http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.8.7-1ubuntu=
0.5_lpia.deb
Size/MD5: 75864 1a1bbd0068f728cacca1706455deefa2

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.8.7-1ubunt=
u0.5_powerpc.deb
Size/MD5: 1029054 d714694727351c4431e7c35cc037e67b
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.8.7-1=
ubuntu0.5_powerpc.deb
Size/MD5: 130832 ae83c0453b3ce6943abf4814883ff262
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib3_0.8.7-1ubu=
ntu0.5_powerpc.deb
Size/MD5: 68522 51746acc5ebb30bb1f8518f500075f01
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.8.7-1ub=
untu0.5_powerpc.deb
Size/MD5: 48184 9d76f3ba8b464cce701319ca7b9f0ed4
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.8.7-1ubunt=
u0.5_powerpc.deb
Size/MD5: 28472 a6d578439db8b041af2a17a629ae2082
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.8.7-1ubu=
ntu0.5_powerpc.deb
Size/MD5: 163288 be591eeb14b68febb0c42c749b2402c6
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.8.7-1u=
buntu0.5_powerpc.deb
Size/MD5: 224730 3d84bc25dc82fc42f6540c90ae4fba9b
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler3_0.8.7-1ubuntu0.=
5_powerpc.deb
Size/MD5: 729172 827bec779403dfef2e6391607dd84e78
http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.8.7-1ubuntu0.=
5_powerpc.deb
Size/MD5: 3104540 9f16d4687c65327310f320cbd61a733b
http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.8.7-1ubuntu=
0.5_powerpc.deb
Size/MD5: 92504 9a4b3b26cf5018b6ebd2daf3c0ec3ee8

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.8.7-1ubunt=
u0.5_sparc.deb
Size/MD5: 923004 00ebfc7f7c49e16442c7c7ace6b8eb05
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.8.7-1=
ubuntu0.5_sparc.deb
Size/MD5: 119476 fb95ae0feba60feb9add3026394277ab
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib3_0.8.7-1ubu=
ntu0.5_sparc.deb
Size/MD5: 60716 a9aefae7d58e8e791bbd55d7eca588a0
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.8.7-1ub=
untu0.5_sparc.deb
Size/MD5: 44570 2356ef600a67cca1ec78a59371dbc4ed
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.8.7-1ubunt=
u0.5_sparc.deb
Size/MD5: 23876 b5c8a4a50bb5e8a17c15efc62e185761
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.8.7-1ubu=
ntu0.5_sparc.deb
Size/MD5: 156124 7665d9f59cb0ff1341f2561a2000338e
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.8.7-1u=
buntu0.5_sparc.deb
Size/MD5: 212372 3f936aad2c2186b3880704580d52920b
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler3_0.8.7-1ubuntu0.=
5_sparc.deb
Size/MD5: 675534 ae1d243169181ead180d26424e16a089
http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.8.7-1ubuntu0.=
5_sparc.deb
Size/MD5: 2871958 a4466337b7c06b4aab57722094293226
http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.8.7-1ubuntu=
0.5_sparc.deb
Size/MD5: 75298 5672b976cacfb080ff18ff3b42b0e049

Updated packages for Ubuntu 9.04:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.10.5-1u=
buntu2.5.diff.gz
Size/MD5: 22104 e2ec87fa82e1d94c45e3ccf31b015718
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.10.5-1u=
buntu2.5.dsc
Size/MD5: 1678 0f8fd943c5cf36b4ab13725166c3f7ea
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.10.5.or=
ig.tar.gz
Size/MD5: 1516687 125f671a19707861132fb03e73b61184

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.=
10.5-1ubuntu2.5_amd64.deb
Size/MD5: 1000760 b2915595d52cf2018a5ba546029d19a1
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-d=
ev_0.10.5-1ubuntu2.5_amd64.deb
Size/MD5: 124328 bf55151c1e46749f38ef67ad9524cdcd
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib4_=
0.10.5-1ubuntu2.5_amd64.deb
Size/MD5: 64492 fb76fceeaf3f8f7c2ed6fb74d130a3aa
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev=
_0.10.5-1ubuntu2.5_amd64.deb
Size/MD5: 51024 bb075f4d49938727be2a55b6784c8cff
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.=
10.5-1ubuntu2.5_amd64.deb
Size/MD5: 26070 140ca7a00517e367de5e5b8a47c18b25
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-3_=
0.10.5-1ubuntu2.5_amd64.deb
Size/MD5: 166086 eaa25728eb0273ee63a9f97ba4993a01
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-de=
v_0.10.5-1ubuntu2.5_amd64.deb
Size/MD5: 234892 b27532071c42c5311b9ff9750e2614b5
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler4_0.10.=
5-1ubuntu2.5_amd64.deb
Size/MD5: 715590 431b2cb0e5cae5afe4b406f5f6f1d7f7
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-dbg_0.10.=
5-1ubuntu2.5_amd64.deb
Size/MD5: 3191320 c18210ffcc7bd7d9b83ecb4ccd59a4af
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.1=
0.5-1ubuntu2.5_amd64.deb
Size/MD5: 80300 925858812bcd59d967ca07672e41844a

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.=
10.5-1ubuntu2.5_i386.deb
Size/MD5: 935446 8068b4b3a97e72f17b08891e73ccd68f
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-d=
ev_0.10.5-1ubuntu2.5_i386.deb
Size/MD5: 117398 cb41404d89baf9f0850a004eecc39e4e
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib4_=
0.10.5-1ubuntu2.5_i386.deb
Size/MD5: 61432 844aee718e348188c86cd6e6a486d756
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev=
_0.10.5-1ubuntu2.5_i386.deb
Size/MD5: 47750 76cdc573e9309dd879be75b67708fe0f
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.=
10.5-1ubuntu2.5_i386.deb
Size/MD5: 25400 10091638b7447d6459f002f3cf26e15c
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-3_=
0.10.5-1ubuntu2.5_i386.deb
Size/MD5: 164416 5a3ae1a124e10c879cc3fe833b76fc86
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-de=
v_0.10.5-1ubuntu2.5_i386.deb
Size/MD5: 218478 9ee1d45600d38a8844bafb0004364b43
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler4_0.10.=
5-1ubuntu2.5_i386.deb
Size/MD5: 686942 9dae9162ceee436b431f29695abf8b56
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-dbg_0.10.=
5-1ubuntu2.5_i386.deb
Size/MD5: 3106542 6f94f0f288afdde1a02eaf532a89de91
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.1=
0.5-1ubuntu2.5_i386.deb
Size/MD5: 75080 72b752ff0891f83f480efd6192a38307

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.10.5-1ubun=
tu2.5_lpia.deb
Size/MD5: 951686 7fe928b4df07e5ccbc27d1a015c28857
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.10.5-=
1ubuntu2.5_lpia.deb
Size/MD5: 118060 f3e2aea6c54e89c12b69fc2ff0c1464f
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib4_0.10.5-1ub=
untu2.5_lpia.deb
Size/MD5: 61516 afbc64a7baf95a70d971e97273487a0d
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.10.5-1u=
buntu2.5_lpia.deb
Size/MD5: 48104 bc478841ffaabea87649780d337c7fce
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.10.5-1ubun=
tu2.5_lpia.deb
Size/MD5: 25082 5fbbdffc92938ee6d818ebe45ccc379a
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.10.5-1ub=
untu2.5_lpia.deb
Size/MD5: 164646 7939b389ddba9927347c69de55ecb053
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.10.5-1=
ubuntu2.5_lpia.deb
Size/MD5: 219874 d0a02c62492ec72d58ca75cd935c18e2
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler4_0.10.5-1ubuntu2=
.5_lpia.deb
Size/MD5: 697706 5d4e9dbfaa796d3d50bbc9808833e6f3
http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.10.5-1ubuntu2=
.5_lpia.deb
Size/MD5: 3140982 5219e7d6cede23934177eee6b12e1b67
http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.10.5-1ubunt=
u2.5_lpia.deb
Size/MD5: 75850 6d89e9f4ff37034c132d0b71d4ef5d5f

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.10.5-1ubun=
tu2.5_powerpc.deb
Size/MD5: 1067766 724da070dac02b92c0f125cc056a67eb
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.10.5-=
1ubuntu2.5_powerpc.deb
Size/MD5: 132066 4afc7dc82e3a078d79ba874cb147314a
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib4_0.10.5-1ub=
untu2.5_powerpc.deb
Size/MD5: 69132 7b41dfe0d57050c4978ca478cf53663d
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.10.5-1u=
buntu2.5_powerpc.deb
Size/MD5: 51124 ab0ba7a15b549bab3fd8046e2d63d83a
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.10.5-1ubun=
tu2.5_powerpc.deb
Size/MD5: 28780 867cb139ed127abd978ebfd83fd8eb93
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.10.5-1ub=
untu2.5_powerpc.deb
Size/MD5: 170348 dc0238e2ac36c5af9ef9ddaf988553cf
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.10.5-1=
ubuntu2.5_powerpc.deb
Size/MD5: 239110 54712ecb893adb03ad40cb0bd60900e3
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler4_0.10.5-1ubuntu2=
.5_powerpc.deb
Size/MD5: 750800 15369b15d65f1b4ee6a396317d93a895
http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.10.5-1ubuntu2=
.5_powerpc.deb
Size/MD5: 3289140 90e07528bfc8f3795504d083e175e1fc
http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.10.5-1ubunt=
u2.5_powerpc.deb
Size/MD5: 92838 4042770ed658c9002fad6061828f312d

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.10.5-1ubun=
tu2.5_sparc.deb
Size/MD5: 958786 8f35fe561ffe440026871fc1d8214b73
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.10.5-=
1ubuntu2.5_sparc.deb
Size/MD5: 120796 fbe0368c328bc101519f886a55bdb902
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib4_0.10.5-1ub=
untu2.5_sparc.deb
Size/MD5: 61180 e82f5a63cdc19945c23398dccc525e6d
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.10.5-1u=
buntu2.5_sparc.deb
Size/MD5: 47456 4efa47a7c707b8c4e92ec13c4a619f3f
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.10.5-1ubun=
tu2.5_sparc.deb
Size/MD5: 24302 6f8322c48b603d4a2175ac32c3e6ee58
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.10.5-1ub=
untu2.5_sparc.deb
Size/MD5: 165794 b4f8483fb17430f7cc03b6ffdfe78ab4
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.10.5-1=
ubuntu2.5_sparc.deb
Size/MD5: 226896 8250ba9957e204d62583d363d39d3750
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler4_0.10.5-1ubuntu2=
.5_sparc.deb
Size/MD5: 699398 d6e49445dfeed9e29e5951214888696e
http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.10.5-1ubuntu2=
.5_sparc.deb
Size/MD5: 3054064 56805b90426349e0290f53e49b92ae39
http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.10.5-1ubunt=
u2.5_sparc.deb
Size/MD5: 75452 0bf6b5ee346f70baf265eb767df56f73




--=-XP0GwiZLMqUQkvq+aH99
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEABECAAYFAkrgtLgACgkQLMAs/0C4zNpfWwCfS72dVNIPFnDBYeKqHAqKw5BD
6VkAmwXjLObzW0bMKcCX+kWLWMUYe5YG
=usEt
-----END PGP SIGNATURE-----
"

Moby to release ltd edition deluxe version of ‘Wait For Me’USN-845-1: Pan vulnerability

GLSA 200910-03 Adobe Reader: Multiple vulnerabilities  

Posted by Daniela Mehler

"Gentoo Linux Security Advisory GLSA 200910-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Adobe Reader: Multiple vulnerabilities
Date: October 25, 2009
Bugs: #289016
ID: 200910-03

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=3D=3D=3D=3D=3D=3D=3D=3D

Multiple vulnerabilities in Adobe Reader might result in the execution
of arbitrary code, or other attacks.

Background
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

Adobe Reader (formerly Adobe Acrobat Reader) is a closed-source PDF
reader.

Affected packages
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread =3D 9.2

Description
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

Multiple vulnerabilities were discovered in Adobe Reader. For further
information please consult the CVE entries and the Adobe Security
Bulletin referenced below.

Impact
=3D=3D=3D=3D=3D=3D

A remote attacker might entice a user to open a specially crafted PDF
file, possibly resulting in the execution of arbitrary code with the
privileges of the user running the application, Denial of Service, the
creation of arbitrary files on the victim's system, "Trust Manager"
bypass, or social engineering attacks.

Workaround
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

There is no known workaround at this time.

Resolution
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

All Adobe Reader users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose =3Dapp-text/acroread-9.2

References
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

[ 1 ] APSB09-15
http://www.adobe.com/support/security/bulletins/apsb09-15.html
[ 2 ] CVE-2007-0045
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2007-0045
[ 3 ] CVE-2007-0048
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2007-0048
[ 4 ] CVE-2009-2979
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2009-2979
[ 5 ] CVE-2009-2980
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2009-2980
[ 6 ] CVE-2009-2981
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2009-2981
[ 7 ] CVE-2009-2982
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2009-2982
[ 8 ] CVE-2009-2983
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2009-2983
[ 9 ] CVE-2009-2985
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2009-2985
[ 10 ] CVE-2009-2986
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2009-2986
[ 11 ] CVE-2009-2988
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2009-2988
[ 12 ] CVE-2009-2990
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2009-2990
[ 13 ] CVE-2009-2991
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2009-2991
[ 14 ] CVE-2009-2993
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2009-2993
[ 15 ] CVE-2009-2994
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2009-2994
[ 16 ] CVE-2009-2996
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2009-2996
[ 17 ] CVE-2009-2997
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2009-2997
[ 18 ] CVE-2009-2998
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2009-2998
[ 19 ] CVE-2009-3431
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2009-3431
[ 20 ] CVE-2009-3458
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2009-3458
[ 21 ] CVE-2009-3459
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2009-3459
[ 22 ] CVE-2009-3462
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2009-3462

Availability
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200910-03.xml

Concerns?
=3D=3D=3D=3D=3D=3D=3D=3D=3D

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=3D=3D=3D=3D=3D=3D=3D

Copyright 2009 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5
"

RHSA-2009:1499-01 Critical: acroread security updateShinedown single and November dates

DSA 1919-1: New smarty packages fix several vulnerabilities  

Posted by Daniela Mehler

"-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1919-1 security@debian.org
http://www.debian.org/security/ Thijs Kinkhorst
October 25, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : smarty
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2008-4810 CVE-2009-1669
Debian Bug : 504328 529810

Several remote vulnerabilities have been discovered in Smarty, a PHP
templating engine. The Common Vulnerabilities and Exposures project
identifies the following problems:

CVE-2008-4810

The _expand_quoted_text function allows for certain restrictions in
templates, like function calling and PHP execution, to be bypassed.

CVE-2009-1669

The smarty_function_math function allows context-dependent attackers
to execute arbitrary commands via shell metacharacters in the equation
attribute of the math function.

For the old stable distribution (etch), these problems have been fixed
in version 2.6.14-1etch2.

For the stable distribution (lenny), these problems have been fixed in
version 2.6.20-1.2.

For the unstable distribution (sid), these problems will be fixed soon.

We recommend that you upgrade your smarty package.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch
- -------------------------------

Source archives:

http://security.debian.org/pool/updates/main/s/smarty/smarty_2.6.14-1etch2.dsc
Size/MD5 checksum: 958 f061c466cef93df89e677aeb72101910
http://security.debian.org/pool/updates/main/s/smarty/smarty_2.6.14.orig.tar.gz
Size/MD5 checksum: 144986 9186796ddbc29191306338dea9d632a0
http://security.debian.org/pool/updates/main/s/smarty/smarty_2.6.14-1etch2.diff.gz
Size/MD5 checksum: 4290 0ef9a669c127818f5ff084e2829738e9

Architecture independent packages:

http://security.debian.org/pool/updates/main/s/smarty/smarty_2.6.14-1etch2_all.deb
Size/MD5 checksum: 183300 d0ac954aad344f20b5933b09593b2968

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/s/smarty/smarty_2.6.20-1.2.dsc
Size/MD5 checksum: 1409 f280e2733ef52ff621891f99b26386f3
http://security.debian.org/pool/updates/main/s/smarty/smarty_2.6.20-1.2.diff.gz
Size/MD5 checksum: 4876 4d729d18d7efe68e1ce3023149436c01
http://security.debian.org/pool/updates/main/s/smarty/smarty_2.6.20.orig.tar.gz
Size/MD5 checksum: 158091 35f405b2418a26a895302a2ce5bf89d2

Architecture independent packages:

http://security.debian.org/pool/updates/main/s/smarty/smarty_2.6.20-1.2_all.deb
Size/MD5 checksum: 204412 1e8e85b298b97176359dd15731e0dc88


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iQEcBAEBAgAGBQJK5HuJAAoJECIIoQCMVaAc41oH/iXgblL5cfzH4wujl26DrEmd
8ivwmMDdRzd6zio60VtRgbLFfDa1nvByavfJYbJSgjkphbf4qXMxNVVRxp0z9laT
fg7gkytG9KXXiqvhxz8NrzCGg7v0jmOorATYCamFEUgKg9d+sXy2/bIpO3xN1txU
Wvub7/q3n8DUg3go7kPMCC5euzaB0Fs0fq6zzWuRcKW640bMiOyNq6n/kvTICv3x
4Yv+PIj1KbXgz/R45+QtyQGibJzj3XWTL5DpRNe1fH8uUQ4sqKCyKDsaayrOXa0w
Y0wkZ3IEmbOpe1UmUB57kAVSzfRAicFOGRJmXunni/tBs2ivBL27P7F/dMKYAQg=
=EBks
-----END PGP SIGNATURE-----
"

Moby to release ltd edition deluxe version of ‘Wait For Me’DSA 1913-1: New bugzilla packages fix SQL injection