USN-892-1: FUSE vulnerability  

Posted by Daniela Mehler

"Ubuntu Security Notice USN-892-1 January 28, 2010
fuse vulnerability
CVE-2009-3297
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04
Ubuntu 9.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
fuse-utils 2.4.2-0ubuntu3.1

Ubuntu 8.04 LTS:
fuse-utils 2.7.2-1ubuntu2.1

Ubuntu 8.10:
fuse-utils 2.7.3-4ubuntu2.1

Ubuntu 9.04:
fuse-utils 2.7.4-1.1ubuntu4.0.9.04.1

Ubuntu 9.10:
fuse-utils 2.7.4-1.1ubuntu4.3

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

Ronald Volgers discovered that FUSE did not correctly check mount
locations. A local attacker, with access to use FUSE, could unmount
arbitrary locations, leading to a denial of service.


Updated packages for Ubuntu 6.06 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/f/fuse/fuse_2.4.2-0ubuntu3.1.diff.gz
Size/MD5: 15537 bf9aa08655445acdf89aa3ea8cfa6637
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/fuse_2.4.2-0ubuntu3.1.dsc
Size/MD5: 691 e619ae72e2b6d03d0e38acbc878f45e7
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/fuse_2.4.2.orig.tar.gz
Size/MD5: 384993 6e3d9a580c45ddf4a06558c135c158c2

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/universe/f/fuse/fuse-source_2.4.2-0ubuntu3.1_all.deb
Size/MD5: 94010 114f6e8a59193e4f8884143b08d861e4

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/f/fuse/libfuse-dev_2.4.2-0ubuntu3.1_amd64.deb
Size/MD5: 79360 8a0c7f50fcaac0a88aee238c8050077a
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/libfuse2_2.4.2-0ubuntu3.1_amd64.deb
Size/MD5: 44960 77260c2b96a68935070ffe6755dbaff0
http://security.ubuntu.com/ubuntu/pool/universe/f/fuse/fuse-utils_2.4.2-0ubuntu3.1_amd64.deb
Size/MD5: 50954 4bafc55f0a6ad974998605dd586d1f88

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/f/fuse/libfuse-dev_2.4.2-0ubuntu3.1_i386.deb
Size/MD5: 73868 79e054e0bc0f0c16d14dd5a3543d4c63
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/libfuse2_2.4.2-0ubuntu3.1_i386.deb
Size/MD5: 41312 2b477018cdd37af4dc76bb5ff877ad6f
http://security.ubuntu.com/ubuntu/pool/universe/f/fuse/fuse-utils_2.4.2-0ubuntu3.1_i386.deb
Size/MD5: 49780 20cddefa871fdd32d1b87952ec34a57f

powerpc architecture (Apple Macintosh G3/G4/G5):

http://security.ubuntu.com/ubuntu/pool/main/f/fuse/libfuse-dev_2.4.2-0ubuntu3.1_powerpc.deb
Size/MD5: 79584 77c322112ded6bbc48c0149aaaccf163
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/libfuse2_2.4.2-0ubuntu3.1_powerpc.deb
Size/MD5: 43520 cef0858cf7518cf339c712a98e50c804
http://security.ubuntu.com/ubuntu/pool/universe/f/fuse/fuse-utils_2.4.2-0ubuntu3.1_powerpc.deb
Size/MD5: 50222 64d0ef1ffef656986bf75fc688e95674

sparc architecture (Sun SPARC/UltraSPARC):

http://security.ubuntu.com/ubuntu/pool/main/f/fuse/libfuse-dev_2.4.2-0ubuntu3.1_sparc.deb
Size/MD5: 75702 3eb72cfd906c56323f588a5037096761
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/libfuse2_2.4.2-0ubuntu3.1_sparc.deb
Size/MD5: 41290 6992f12803377a85283f1bf724c00175
http://security.ubuntu.com/ubuntu/pool/universe/f/fuse/fuse-utils_2.4.2-0ubuntu3.1_sparc.deb
Size/MD5: 49940 a3c75879caaa5f96543c4c201fbe62f0

Updated packages for Ubuntu 8.04 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/f/fuse/fuse_2.7.2-1ubuntu2.1.diff.gz
Size/MD5: 20401 7b100165372e6a60437f601257213767
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/fuse_2.7.2-1ubuntu2.1.dsc
Size/MD5: 954 1b8a6f337e4e63a29a7b94a5a96d17af
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/fuse_2.7.2.orig.tar.gz
Size/MD5: 505855 813782a4f23211386c1ea91dc0ac7ded

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/universe/f/fuse/fuse-source_2.7.2-1ubuntu2.1_all.deb
Size/MD5: 190876 a5a6814e675571993ab1331d8253aba6

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/f/fuse/fuse-utils-udeb_2.7.2-1ubuntu2.1_amd64.udeb
Size/MD5: 19166 fe84a1a79b758510961b05f3dd1265df
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/fuse-utils_2.7.2-1ubuntu2.1_amd64.deb
Size/MD5: 22444 0370842bdae227f32800d56da35f4c91
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/libfuse-dev_2.7.2-1ubuntu2.1_amd64.deb
Size/MD5: 164814 046763da0bcec445d6b4bed08fbfdf7b
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/libfuse2-udeb_2.7.2-1ubuntu2.1_amd64.udeb
Size/MD5: 55272 8e3e2f5c874af9d2885a776859e201ae
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/libfuse2_2.7.2-1ubuntu2.1_amd64.deb
Size/MD5: 130704 245bfc42d3de30eeb808b5a1f4afe287

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/f/fuse/fuse-utils-udeb_2.7.2-1ubuntu2.1_i386.udeb
Size/MD5: 17446 07c8abd9f940d13111f6fccde52b6f79
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/fuse-utils_2.7.2-1ubuntu2.1_i386.deb
Size/MD5: 20732 738ccf9b95d77005c29c40e41571f3b0
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/libfuse-dev_2.7.2-1ubuntu2.1_i386.deb
Size/MD5: 154978 5ed102041d49f216f7d9c69b839bd10e
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/libfuse2-udeb_2.7.2-1ubuntu2.1_i386.udeb
Size/MD5: 49776 e7b06ebd62e3b2d7b1d708d43663fd22
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/libfuse2_2.7.2-1ubuntu2.1_i386.deb
Size/MD5: 124762 760a6a30a5ee969296bda0b2a060b3d9

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/f/fuse/fuse-utils-udeb_2.7.2-1ubuntu2.1_lpia.udeb
Size/MD5: 17526 3356cc0233455a6c6ba4fc3603f0deb1
http://ports.ubuntu.com/pool/main/f/fuse/fuse-utils_2.7.2-1ubuntu2.1_lpia.deb
Size/MD5: 20802 71a9d220466e876aa553249071e775b9
http://ports.ubuntu.com/pool/main/f/fuse/libfuse-dev_2.7.2-1ubuntu2.1_lpia.deb
Size/MD5: 154644 99a4e39878581cb67382d3a050389344
http://ports.ubuntu.com/pool/main/f/fuse/libfuse2-udeb_2.7.2-1ubuntu2.1_lpia.udeb
Size/MD5: 48784 bbbbb792b886b3b9aaea149a8e1621cb
http://ports.ubuntu.com/pool/main/f/fuse/libfuse2_2.7.2-1ubuntu2.1_lpia.deb
Size/MD5: 123842 681f44cac7f71555cc210d243cb05497

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/f/fuse/fuse-utils-udeb_2.7.2-1ubuntu2.1_powerpc.udeb
Size/MD5: 20032 51701c483f8cdff2ff61750c02975dd3
http://ports.ubuntu.com/pool/main/f/fuse/fuse-utils_2.7.2-1ubuntu2.1_powerpc.deb
Size/MD5: 23400 9d80e2b93abe1ebf4e029484a8d25abe
http://ports.ubuntu.com/pool/main/f/fuse/libfuse-dev_2.7.2-1ubuntu2.1_powerpc.deb
Size/MD5: 163282 38cd262d168ffa128bc6a281c77078e9
http://ports.ubuntu.com/pool/main/f/fuse/libfuse2-udeb_2.7.2-1ubuntu2.1_powerpc.udeb
Size/MD5: 55862 0cf2a5327040e50852c898e1a12b7fe2
http://ports.ubuntu.com/pool/main/f/fuse/libfuse2_2.7.2-1ubuntu2.1_powerpc.deb
Size/MD5: 131216 0bc1a4df4da67ea609a0f702560c4cb5

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/f/fuse/fuse-utils-udeb_2.7.2-1ubuntu2.1_sparc.udeb
Size/MD5: 17808 bdc6ef0ccc355ef292194fceff7a4c40
http://ports.ubuntu.com/pool/main/f/fuse/fuse-utils_2.7.2-1ubuntu2.1_sparc.deb
Size/MD5: 21100 fcfc33bf7bcd146e454b48ffa8e03492
http://ports.ubuntu.com/pool/main/f/fuse/libfuse-dev_2.7.2-1ubuntu2.1_sparc.deb
Size/MD5: 154880 ab36d834085ff239249182c641fb1157
http://ports.ubuntu.com/pool/main/f/fuse/libfuse2-udeb_2.7.2-1ubuntu2.1_sparc.udeb
Size/MD5: 45166 43e831102bd1b6485a1289404397a819
http://ports.ubuntu.com/pool/main/f/fuse/libfuse2_2.7.2-1ubuntu2.1_sparc.deb
Size/MD5: 120512 e6771adcf4f8d0f80dfa601a4f43f547

Updated packages for Ubuntu 8.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/f/fuse/fuse_2.7.3-4ubuntu2.1.diff.gz
Size/MD5: 21058 3452d0e1e271d74488ef5c7a15c256f2
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/fuse_2.7.3-4ubuntu2.1.dsc
Size/MD5: 1338 4156d212d0e7ac60b0bc96e24effb3dd
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/fuse_2.7.3.orig.tar.gz
Size/MD5: 506362 98563fc7b265b7479a3178181cbcf59a

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/universe/f/fuse/fuse-source_2.7.3-4ubuntu2.1_all.deb
Size/MD5: 192502 cb2da025362f91239e00624631da0f6d

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/f/fuse/fuse-utils-udeb_2.7.3-4ubuntu2.1_amd64.udeb
Size/MD5: 19458 042f1e4626477cd5bee939c008ccc6e2
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/fuse-utils_2.7.3-4ubuntu2.1_amd64.deb
Size/MD5: 22742 cac54934f1e4d45b8fcbb77db3f059f0
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/libfuse-dev_2.7.3-4ubuntu2.1_amd64.deb
Size/MD5: 166738 19d8f1e3d4aa6254bb31d6c9f13e5e75
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/libfuse2-udeb_2.7.3-4ubuntu2.1_amd64.udeb
Size/MD5: 56632 8c67c915a8395ba3a47a9c43038e355f
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/libfuse2_2.7.3-4ubuntu2.1_amd64.deb
Size/MD5: 132848 df868b907e7f04bc3508d7e0d91d3d5c

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/f/fuse/fuse-utils-udeb_2.7.3-4ubuntu2.1_i386.udeb
Size/MD5: 17518 106d9b7b2d76d0e6874a9d5eb52c4bdc
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/fuse-utils_2.7.3-4ubuntu2.1_i386.deb
Size/MD5: 20728 ad004441cbd64f7459840dc92ead3241
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/libfuse-dev_2.7.3-4ubuntu2.1_i386.deb
Size/MD5: 157480 b31ef98ee4b750be01cc536f70c91751
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/libfuse2-udeb_2.7.3-4ubuntu2.1_i386.udeb
Size/MD5: 51738 98d84db3af594bfdb42e129ce74a15fc
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/libfuse2_2.7.3-4ubuntu2.1_i386.deb
Size/MD5: 127760 ed8c52e8acaf9e56652a23468105daf3

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/f/fuse/fuse-utils-udeb_2.7.3-4ubuntu2.1_lpia.udeb
Size/MD5: 17282 cb4300c5d52736dc1020d3f7b7cf2dd5
http://ports.ubuntu.com/pool/main/f/fuse/fuse-utils_2.7.3-4ubuntu2.1_lpia.deb
Size/MD5: 20556 9fa0400c0cb003bec5644d018601117a
http://ports.ubuntu.com/pool/main/f/fuse/libfuse-dev_2.7.3-4ubuntu2.1_lpia.deb
Size/MD5: 157172 fca11e46fc437baee6c1109defe1fbbd
http://ports.ubuntu.com/pool/main/f/fuse/libfuse2-udeb_2.7.3-4ubuntu2.1_lpia.udeb
Size/MD5: 50728 d28a9edda26c674daf0a03b8938a8305
http://ports.ubuntu.com/pool/main/f/fuse/libfuse2_2.7.3-4ubuntu2.1_lpia.deb
Size/MD5: 126766 040dfd6d158c43bb4aa5cd1cf298f397

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/f/fuse/fuse-utils-udeb_2.7.3-4ubuntu2.1_powerpc.udeb
Size/MD5: 19178 4b09b30d7b017fd3bb12fffd1fd84736
http://ports.ubuntu.com/pool/main/f/fuse/fuse-utils_2.7.3-4ubuntu2.1_powerpc.deb
Size/MD5: 22428 3fa1ebed77f32380f1e791c1d5aebbfe
http://ports.ubuntu.com/pool/main/f/fuse/libfuse-dev_2.7.3-4ubuntu2.1_powerpc.deb
Size/MD5: 166340 abe37aa878af21224b29113aa6daaa98
http://ports.ubuntu.com/pool/main/f/fuse/libfuse2-udeb_2.7.3-4ubuntu2.1_powerpc.udeb
Size/MD5: 57290 3d7221923befbdd4e15595ec770b4e25
http://ports.ubuntu.com/pool/main/f/fuse/libfuse2_2.7.3-4ubuntu2.1_powerpc.deb
Size/MD5: 133542 71686749738c99ccbfbf132758edb890

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/f/fuse/fuse-utils-udeb_2.7.3-4ubuntu2.1_sparc.udeb
Size/MD5: 18030 94170380cc7849242e922c8a34c4c7b4
http://ports.ubuntu.com/pool/main/f/fuse/fuse-utils_2.7.3-4ubuntu2.1_sparc.deb
Size/MD5: 21278 bd89612c7b0218ff67970d11c77e53d6
http://ports.ubuntu.com/pool/main/f/fuse/libfuse-dev_2.7.3-4ubuntu2.1_sparc.deb
Size/MD5: 157324 9c0c836473ae78f555d58400bff87cde
http://ports.ubuntu.com/pool/main/f/fuse/libfuse2-udeb_2.7.3-4ubuntu2.1_sparc.udeb
Size/MD5: 46878 599f3de56d920bb7a4fd42383bf9b108
http://ports.ubuntu.com/pool/main/f/fuse/libfuse2_2.7.3-4ubuntu2.1_sparc.deb
Size/MD5: 122720 69388103899240dac0714ff7768f1171

Updated packages for Ubuntu 9.04:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/f/fuse/fuse_2.7.4-1.1ubuntu4.0.9.04.1.diff.gz
Size/MD5: 21374 d501f0708fb9d3f952d777b9cbe15ea1
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/fuse_2.7.4-1.1ubuntu4.0.9.04.1.dsc
Size/MD5: 1361 3fc2a635b8c65feab5a4b56b6a6dd796
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/fuse_2.7.4.orig.tar.gz
Size/MD5: 506658 4879f06570d2225667534c37fea04213

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/f/fuse/fuse-utils-udeb_2.7.4-1.1ubuntu4.0.9.04.1_amd64.udeb
Size/MD5: 19250 b192d45c2522528eba2a6c275f15bcde
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/fuse-utils_2.7.4-1.1ubuntu4.0.9.04.1_amd64.deb
Size/MD5: 23048 7f945a3e391d829ccdcfb01b4cc99541
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/libfuse-dev_2.7.4-1.1ubuntu4.0.9.04.1_amd64.deb
Size/MD5: 167872 42e6c7dc130e1810c044632cf733726c
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/libfuse2-udeb_2.7.4-1.1ubuntu4.0.9.04.1_amd64.udeb
Size/MD5: 56658 49512104c3f9eb5fb5afe036be799718
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/libfuse2_2.7.4-1.1ubuntu4.0.9.04.1_amd64.deb
Size/MD5: 134048 8c699f249d7bddd89c69b95772423e3a

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/f/fuse/fuse-utils-udeb_2.7.4-1.1ubuntu4.0.9.04.1_i386.udeb
Size/MD5: 17266 d248a3ec760e5dae82cb3d9224baa823
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/fuse-utils_2.7.4-1.1ubuntu4.0.9.04.1_i386.deb
Size/MD5: 21054 14551813b14085713889438fc04e7b12
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/libfuse-dev_2.7.4-1.1ubuntu4.0.9.04.1_i386.deb
Size/MD5: 158606 2a74f6fbc0973de6d801667f0cf73b0a
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/libfuse2-udeb_2.7.4-1.1ubuntu4.0.9.04.1_i386.udeb
Size/MD5: 51796 e1fb79ef772adf8823cbb8d88f50c8aa
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/libfuse2_2.7.4-1.1ubuntu4.0.9.04.1_i386.deb
Size/MD5: 128928 a5dfdd895cfb5b7b61dafa2a2f0199a8

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/f/fuse/fuse-utils-udeb_2.7.4-1.1ubuntu4.0.9.04.1_lpia.udeb
Size/MD5: 17090 f21bbc2041aa998a3f9ab0853f266831
http://ports.ubuntu.com/pool/main/f/fuse/fuse-utils_2.7.4-1.1ubuntu4.0.9.04.1_lpia.deb
Size/MD5: 20814 b3c613b9dbe9f41dd2bfa03ee21b7ecf
http://ports.ubuntu.com/pool/main/f/fuse/libfuse-dev_2.7.4-1.1ubuntu4.0.9.04.1_lpia.deb
Size/MD5: 158290 c40af5dbee5297f3ed9f5f25a4ddee95
http://ports.ubuntu.com/pool/main/f/fuse/libfuse2-udeb_2.7.4-1.1ubuntu4.0.9.04.1_lpia.udeb
Size/MD5: 50728 0a0b41b89b30b28396a329f37bd71122
http://ports.ubuntu.com/pool/main/f/fuse/libfuse2_2.7.4-1.1ubuntu4.0.9.04.1_lpia.deb
Size/MD5: 127858 0e773271d099ebe8c398b5d346904926

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/f/fuse/fuse-utils-udeb_2.7.4-1.1ubuntu4.0.9.04.1_powerpc.udeb
Size/MD5: 18990 bbde80236d87624c4fef499467f048ca
http://ports.ubuntu.com/pool/main/f/fuse/fuse-utils_2.7.4-1.1ubuntu4.0.9.04.1_powerpc.deb
Size/MD5: 22750 9687fffb2f72387f631339a219082dd8
http://ports.ubuntu.com/pool/main/f/fuse/libfuse-dev_2.7.4-1.1ubuntu4.0.9.04.1_powerpc.deb
Size/MD5: 167456 90b90c2f096e3a711de43d6f6a69a262
http://ports.ubuntu.com/pool/main/f/fuse/libfuse2-udeb_2.7.4-1.1ubuntu4.0.9.04.1_powerpc.udeb
Size/MD5: 57280 cd3b52cf5d85a012fcac10e078e6b736
http://ports.ubuntu.com/pool/main/f/fuse/libfuse2_2.7.4-1.1ubuntu4.0.9.04.1_powerpc.deb
Size/MD5: 134646 003501c87a35ce0b944e04541666cf56

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/f/fuse/fuse-utils-udeb_2.7.4-1.1ubuntu4.0.9.04.1_sparc.udeb
Size/MD5: 17812 945c6dd08aaa408f11f277e20fd12e7b
http://ports.ubuntu.com/pool/main/f/fuse/fuse-utils_2.7.4-1.1ubuntu4.0.9.04.1_sparc.deb
Size/MD5: 21552 49d236ef4f94f99253c8fca84e66c778
http://ports.ubuntu.com/pool/main/f/fuse/libfuse-dev_2.7.4-1.1ubuntu4.0.9.04.1_sparc.deb
Size/MD5: 158430 d702d44a38ed88d65a7023e7cd63a574
http://ports.ubuntu.com/pool/main/f/fuse/libfuse2-udeb_2.7.4-1.1ubuntu4.0.9.04.1_sparc.udeb
Size/MD5: 46812 f2b5749474b36c3ee96415fe6e29fc85
http://ports.ubuntu.com/pool/main/f/fuse/libfuse2_2.7.4-1.1ubuntu4.0.9.04.1_sparc.deb
Size/MD5: 123774 782fc50c8e7503ade1053db314d3b95b

Updated packages for Ubuntu 9.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/f/fuse/fuse_2.7.4-1.1ubuntu4.3.diff.gz
Size/MD5: 21441 04cc99102f3c397e2027d9714a22c6cb
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/fuse_2.7.4-1.1ubuntu4.3.dsc
Size/MD5: 1333 e54c9a2e4a6706801da7126dd83c9b71
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/fuse_2.7.4.orig.tar.gz
Size/MD5: 506658 4879f06570d2225667534c37fea04213

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/f/fuse/fuse-utils-udeb_2.7.4-1.1ubuntu4.3_amd64.udeb
Size/MD5: 19472 bd46963501262b12b99489b7e5bc7985
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/fuse-utils_2.7.4-1.1ubuntu4.3_amd64.deb
Size/MD5: 23282 3346abedaa90ad476070f75c9c02ef7d
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/libfuse-dev_2.7.4-1.1ubuntu4.3_amd64.deb
Size/MD5: 168674 35a80a1fbe61be753a4bfc9da4e91c66
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/libfuse2-udeb_2.7.4-1.1ubuntu4.3_amd64.udeb
Size/MD5: 57034 3ca9476b2c5190a6776724427b5a1f1a
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/libfuse2_2.7.4-1.1ubuntu4.3_amd64.deb
Size/MD5: 134484 3f11666298cd6f073b6877dc174a9bfa

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/f/fuse/fuse-utils-udeb_2.7.4-1.1ubuntu4.3_i386.udeb
Size/MD5: 17492 b8884b8345e94a06895cc61fb3547f44
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/fuse-utils_2.7.4-1.1ubuntu4.3_i386.deb
Size/MD5: 21280 efebfd3681546b46f1c8bebe51ec3106
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/libfuse-dev_2.7.4-1.1ubuntu4.3_i386.deb
Size/MD5: 158734 3bd7a08ea8f50a3ca8763127716fdf67
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/libfuse2-udeb_2.7.4-1.1ubuntu4.3_i386.udeb
Size/MD5: 52190 4014b2d2dc39d15963015fdc4fbfb47b
http://security.ubuntu.com/ubuntu/pool/main/f/fuse/libfuse2_2.7.4-1.1ubuntu4.3_i386.deb
Size/MD5: 129416 559304fe2aa7bb3250e63fbef8537b5b

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/f/fuse/fuse-utils-udeb_2.7.4-1.1ubuntu4.3_lpia.udeb
Size/MD5: 17218 35657a6098145e5db519c34fc8975ac9
http://ports.ubuntu.com/pool/main/f/fuse/fuse-utils_2.7.4-1.1ubuntu4.3_lpia.deb
Size/MD5: 20946 c75854e4384b96a6d23f48fe00472316
http://ports.ubuntu.com/pool/main/f/fuse/libfuse-dev_2.7.4-1.1ubuntu4.3_lpia.deb
Size/MD5: 158880 8c7f019a0048dffb2838345f207faecc
http://ports.ubuntu.com/pool/main/f/fuse/libfuse2-udeb_2.7.4-1.1ubuntu4.3_lpia.udeb
Size/MD5: 51480 7dce67d415b296d0f83f860c03f8b3d3
http://ports.ubuntu.com/pool/main/f/fuse/libfuse2_2.7.4-1.1ubuntu4.3_lpia.deb
Size/MD5: 128740 e587fa470f69d010bd7d5a1f33d0cc56

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/f/fuse/fuse-utils-udeb_2.7.4-1.1ubuntu4.3_powerpc.udeb
Size/MD5: 19124 fb878094d150140616889f32b58d6619
http://ports.ubuntu.com/pool/main/f/fuse/fuse-utils_2.7.4-1.1ubuntu4.3_powerpc.deb
Size/MD5: 22868 6aae39d077eafdef9f41bfb35103cb50
http://ports.ubuntu.com/pool/main/f/fuse/libfuse-dev_2.7.4-1.1ubuntu4.3_powerpc.deb
Size/MD5: 167340 0e2a7bd1658e3a7b1eca0dc38aad4549
http://ports.ubuntu.com/pool/main/f/fuse/libfuse2-udeb_2.7.4-1.1ubuntu4.3_powerpc.udeb
Size/MD5: 55300 b960c141afb7640b90292c5d00ecf2d4
http://ports.ubuntu.com/pool/main/f/fuse/libfuse2_2.7.4-1.1ubuntu4.3_powerpc.deb
Size/MD5: 132678 7cbe4af9c6a3207c565e72ebbb5fb8ee

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/f/fuse/fuse-utils-udeb_2.7.4-1.1ubuntu4.3_sparc.udeb
Size/MD5: 18024 ea644cec270ed8774eba82d135a26e02
http://ports.ubuntu.com/pool/main/f/fuse/fuse-utils_2.7.4-1.1ubuntu4.3_sparc.deb
Size/MD5: 21752 ca2e8a511529efaa70b5985e4f12acdf
http://ports.ubuntu.com/pool/main/f/fuse/libfuse-dev_2.7.4-1.1ubuntu4.3_sparc.deb
Size/MD5: 158302 709ed8179ca8e91a0ecad47bc43e1a63
http://ports.ubuntu.com/pool/main/f/fuse/libfuse2-udeb_2.7.4-1.1ubuntu4.3_sparc.udeb
Size/MD5: 46794 ecd6bb837a304816dc5a8563bdeb6d13
http://ports.ubuntu.com/pool/main/f/fuse/libfuse2_2.7.4-1.1ubuntu4.3_sparc.deb
Size/MD5: 123798 60734373a5f0cf933c3c6b82c45029a7


--/NkBOFFp2J2Af1nK
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Kees Cook

iEYEARECAAYFAkth8x8ACgkQH/9LqRcGPm2EAACZAR1nqgWTe0iqNZtd/rMveUzM
X3UAn0D6U3R+LQuck2PCfgHV0/60bctC
=YEph
-----END PGP SIGNATURE-----
"

Victoria fumes as David Beckham has his balls grabbedUSN-885-1: LibThai vulnerability

DSA 1985-1: New sendmail packages fix SSL certificate verification weakness  

Posted by Daniela Mehler

"-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1985-1 security@debian.org
http://www.debian.org/security/ Giuseppe Iuculano
January 31, 2010 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : sendmail
Vulnerability : insufficient input validation
Problem type : remote
Debian-specific: no
CVE ID : CVE-2009-4565
Debian bug : 564581

It was discovered that sendmail, a Mail Transport Agent, does not properly handle
a '' character in a Common Name (CN) field of an X.509 certificate.
This allows an attacker to spoof arbitrary SSL-based SMTP servers via a crafted server
certificate issued by a legitimate Certification Authority, and to bypass intended
access restrictions via a crafted client certificate issued by a legitimate
Certification Authority.

For the oldstable distribution (etch), this problem has been fixed in
version 8.13.8-3+etch1

For the stable distribution (lenny), this problem has been fixed in
version 8.14.3-5+lenny1

For the unstable distribution (sid), this problem has been fixed in
version 8.14.3-9.1, and will migrate to the testing distribution (squeeze)
shortly.

We recommend that you upgrade your sendmail package.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian (oldstable)
- ------------------

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.13.8-3+etch1.diff.gz
Size/MD5 checksum: 369120 db03c2498a360f4da02be0e44facca57
http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.13.8-3+etch1.dsc
Size/MD5 checksum: 949 5252fa5d6c477d90f9474f999035f959
http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.13.8.orig.tar.gz
Size/MD5 checksum: 1995868 bcdd005ae02fdb0ecef2d6b21ac44e5d

Architecture independent packages:

http://security.debian.org/pool/updates/main/s/sendmail/sendmail-cf_8.13.8-3+etch1_all.deb
Size/MD5 checksum: 284068 65ef6467d6c85ef90f8e1bb9a0ce3eef
http://security.debian.org/pool/updates/main/s/sendmail/sendmail-doc_8.13.8-3+etch1_all.deb
Size/MD5 checksum: 698342 466aaa8a9cf452943549a3403f869df9
http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.13.8-3+etch1_all.deb
Size/MD5 checksum: 196848 2557652c4c66c3db1f1467272b1c0dfc
http://security.debian.org/pool/updates/main/s/sendmail/sendmail-base_8.13.8-3+etch1_all.deb
Size/MD5 checksum: 345118 8636e42323c07d63fd145cd5329d09b1

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.8-3+etch1_alpha.deb
Size/MD5 checksum: 202704 bba5c73b5da9971f8aee68b000e9b748
http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.8-3+etch1_alpha.deb
Size/MD5 checksum: 262668 26794af48fbdbaf3daac51f7b3478cad
http://security.debian.org/pool/updates/main/s/sendmail/libmilter0-dbg_8.13.8-3+etch1_alpha.deb
Size/MD5 checksum: 196278 5cbc296b501b2575d47f1a6201580c28
http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.8-3+etch1_alpha.deb
Size/MD5 checksum: 231818 53e7d4f9ba38f266457b1d3d37c9f8eb
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.8-3+etch1_alpha.deb
Size/MD5 checksum: 322192 bee24998a6e6db033f0753fe3fd26314
http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.8-3+etch1_alpha.deb
Size/MD5 checksum: 925162 47924bb85a2dbf791b86e1d7e6368b11

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.8-3+etch1_amd64.deb
Size/MD5 checksum: 202258 b13b1a088cb21da832f9125011f051db
http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.8-3+etch1_amd64.deb
Size/MD5 checksum: 866764 a0006766d2db53fc31e5326730c4d243
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.8-3+etch1_amd64.deb
Size/MD5 checksum: 300978 8d407fdf40114121dfc16dc8c6416d54
http://security.debian.org/pool/updates/main/s/sendmail/libmilter0-dbg_8.13.8-3+etch1_amd64.deb
Size/MD5 checksum: 196254 2e550571bf2441c2fc1271323a4619d6
http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.8-3+etch1_amd64.deb
Size/MD5 checksum: 261332 a8394f8f93c23ec655bab75376b7bb07
http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.8-3+etch1_amd64.deb
Size/MD5 checksum: 229794 faefb63a062f5328b450a8de7e740132

arm architecture (ARM)

http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.8-3+etch1_arm.deb
Size/MD5 checksum: 201918 1798418509ce66dcd7b62e06373357fd
http://security.debian.org/pool/updates/main/s/sendmail/libmilter0-dbg_8.13.8-3+etch1_arm.deb
Size/MD5 checksum: 196266 66a8e56ebdb6fbcb4c7db7af17d6678d
http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.8-3+etch1_arm.deb
Size/MD5 checksum: 857542 437edd61ab05ab2913cdb403dca51b51
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.8-3+etch1_arm.deb
Size/MD5 checksum: 288470 c28bad3e1c9ad1e7ae5dcb2e64d72393
http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.8-3+etch1_arm.deb
Size/MD5 checksum: 229324 e0d3bde1c7f8fed9dba3c8d0d0ef8c56
http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.8-3+etch1_arm.deb
Size/MD5 checksum: 256846 29b4c31fcaf597be305e480c2df8df43

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.8-3+etch1_hppa.deb
Size/MD5 checksum: 233760 25b7a4b659501c920ca3c8f89521dcea
http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.8-3+etch1_hppa.deb
Size/MD5 checksum: 202986 068bb27595c517133e2ab3d9b0dd4709
http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.8-3+etch1_hppa.deb
Size/MD5 checksum: 258902 afe3011bd08f3ce3c520b301bce7702f
http://security.debian.org/pool/updates/main/s/sendmail/libmilter0-dbg_8.13.8-3+etch1_hppa.deb
Size/MD5 checksum: 196266 c8cca90f819ddf244ad9a4ee520297b7
http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.8-3+etch1_hppa.deb
Size/MD5 checksum: 924806 231cf507f97386af28667ea786c2eac1
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.8-3+etch1_hppa.deb
Size/MD5 checksum: 301434 7c9c9bf73a91a74cbccf3d6087b06d2b

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.8-3+etch1_i386.deb
Size/MD5 checksum: 258810 405f1653150b3779525faaedf5e483c3
http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.8-3+etch1_i386.deb
Size/MD5 checksum: 830184 d0e8b06dbfe54a312dce8c49c35fccbb
http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.8-3+etch1_i386.deb
Size/MD5 checksum: 227812 8f497b7372c3d0138326869aac7f6092
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.8-3+etch1_i386.deb
Size/MD5 checksum: 292662 b2304bc7e4180865d044c98e021c055f
http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.8-3+etch1_i386.deb
Size/MD5 checksum: 202390 3cb4995e95000339fa091cdff80a8571
http://security.debian.org/pool/updates/main/s/sendmail/libmilter0-dbg_8.13.8-3+etch1_i386.deb
Size/MD5 checksum: 196358 25962ad5d0475e05ef61daf754c43492

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/s/sendmail/libmilter0-dbg_8.13.8-3+etch1_ia64.deb
Size/MD5 checksum: 196272 1a4649feebed2e3d6e654a6516355317
http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.8-3+etch1_ia64.deb
Size/MD5 checksum: 203786 8b5604817c67e12625779827baca9c96
http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.8-3+etch1_ia64.deb
Size/MD5 checksum: 268910 4122a2e311591bc377908e16d4964ec6
http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.8-3+etch1_ia64.deb
Size/MD5 checksum: 245750 257adcdb15adbf6e7c704ee94cacb2d3
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.8-3+etch1_ia64.deb
Size/MD5 checksum: 338558 7f4bf9abb4ca3b7cbe6dcb892d55e8b4
http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.8-3+etch1_ia64.deb
Size/MD5 checksum: 1213554 c85694d0f4145562cdcddf0b70eb3b40

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.8-3+etch1_mipsel.deb
Size/MD5 checksum: 900128 34de9d8996fc53833922ba9e612880ea
http://security.debian.org/pool/updates/main/s/sendmail/libmilter0-dbg_8.13.8-3+etch1_mipsel.deb
Size/MD5 checksum: 196274 5334f2952f7dad6402c46a1cbd68f064
http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.8-3+etch1_mipsel.deb
Size/MD5 checksum: 259490 dd05b7275508cc9f97099fd6890d71b4
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.8-3+etch1_mipsel.deb
Size/MD5 checksum: 300788 9bfebccccc9bc027127cf1fdc0e3502a
http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.8-3+etch1_mipsel.deb
Size/MD5 checksum: 202458 d25a9b6359b1d35e9611badaf09e04f9
http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.8-3+etch1_mipsel.deb
Size/MD5 checksum: 232030 8846d9e597c3ee7cd57cc1ba78c4241d

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.8-3+etch1_powerpc.deb
Size/MD5 checksum: 261128 6a7690e9fb192d0dc148f948d7f21c05
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.8-3+etch1_powerpc.deb
Size/MD5 checksum: 294652 e4fbbac48ceb05fe9fa5b6154dce77c1
http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.8-3+etch1_powerpc.deb
Size/MD5 checksum: 871652 3d1d31daf570415cc1e278e442b93656
http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.8-3+etch1_powerpc.deb
Size/MD5 checksum: 231294 e317ee912808e3f0f30682403bd675dd
http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.8-3+etch1_powerpc.deb
Size/MD5 checksum: 202370 df50ecc14c84b0f93fbea715047bbabb
http://security.debian.org/pool/updates/main/s/sendmail/libmilter0-dbg_8.13.8-3+etch1_powerpc.deb
Size/MD5 checksum: 196266 2c7092a7853b5a6e931560d0e89e9c3a

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/s/sendmail/libmilter0-dbg_8.13.8-3+etch1_s390.deb
Size/MD5 checksum: 196272 029993e64cec3aa0145772e3bff7bd8a
http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.8-3+etch1_s390.deb
Size/MD5 checksum: 260170 36fe7f0d94a81e4d6ff923f90a26682b
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.8-3+etch1_s390.deb
Size/MD5 checksum: 300854 4d96568bc19fcee5ebcee7d4b8212756
http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.8-3+etch1_s390.deb
Size/MD5 checksum: 202056 fe8d9920bc011553940f43329a47480b
http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.8-3+etch1_s390.deb
Size/MD5 checksum: 234484 9f070d5724172abceb604a19aa35baa9
http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.8-3+etch1_s390.deb
Size/MD5 checksum: 902004 c2b20e2e9dbe18afa1252e663f5ae498

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.8-3+etch1_sparc.deb
Size/MD5 checksum: 227492 d0025442fcc924a8fb9a5df2a85f5c21
http://security.debian.org/pool/updates/main/s/sendmail/libmilter0-dbg_8.13.8-3+etch1_sparc.deb
Size/MD5 checksum: 196288 1959a6c733e0b0a060f55ea4a8dc5322
http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.8-3+etch1_sparc.deb
Size/MD5 checksum: 829574 193136dbfc2172cd59b0c4aa88281baa
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.8-3+etch1_sparc.deb
Size/MD5 checksum: 289068 19f3984a8008b8ebae913124187be49a
http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.8-3+etch1_sparc.deb
Size/MD5 checksum: 255354 6de39f19bf79eb0823419909aa03dd4a
http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.8-3+etch1_sparc.deb
Size/MD5 checksum: 202190 3806844fdd0c0bd05368af19c54f778c

Debian (stable)
- ---------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.14.3-5+lenny1.dsc
Size/MD5 checksum: 1504 39619f499cdbace73edd78894b931e43
http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.14.3-5+lenny1.diff.gz
Size/MD5 checksum: 362573 483a8842d3d1f16362dc88f46316ae06
http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.14.3.orig.tar.gz
Size/MD5 checksum: 2060171 3476e9655ba95842bee96753c992b99b

Architecture independent packages:

http://security.debian.org/pool/updates/main/s/sendmail/sendmail-cf_8.14.3-5+lenny1_all.deb
Size/MD5 checksum: 295472 a881efa0de975702900734bceab7ffb6
http://security.debian.org/pool/updates/main/s/sendmail/sendmail-doc_8.14.3-5+lenny1_all.deb
Size/MD5 checksum: 833618 1e86303b48590dfbc200e4ccfc9a1dc9
http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.14.3-5+lenny1_all.deb
Size/MD5 checksum: 206546 d40fde3590704b097ca683e70ec3227f
http://security.debian.org/pool/updates/main/s/sendmail/sendmail-base_8.14.3-5+lenny1_all.deb
Size/MD5 checksum: 358922 b444f7633b213d8cbbb68d6f88bb116c

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/s/sendmail/libmilter1.0.1-dbg_8.14.3-5+lenny1_alpha.deb
Size/MD5 checksum: 253874 937a6749c4eca5f3c73cd7eb12f590b7
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.14.3-5+lenny1_alpha.deb
Size/MD5 checksum: 345342 d4f1222e459807c679853b2d3d4544ac
http://security.debian.org/pool/updates/main/s/sendmail/libmilter1.0.1_8.14.3-5+lenny1_alpha.deb
Size/MD5 checksum: 238306 d7715e99da1682556731960ec4898aaa
http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.14.3-5+lenny1_alpha.deb
Size/MD5 checksum: 245984 723146743d82a21e145a3a4be48b7c7a
http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.14.3-5+lenny1_alpha.deb
Size/MD5 checksum: 967662 42e3ac3322f78c8b55f82d8c5a7c1e14
http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.14.3-5+lenny1_alpha.deb
Size/MD5 checksum: 214954 9949a23986dd49c46c344d4cd13b92e2

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.14.3-5+lenny1_amd64.deb
Size/MD5 checksum: 214596 0ea6517f39733be2e89989274e35052b
http://security.debian.org/pool/updates/main/s/sendmail/libmilter1.0.1-dbg_8.14.3-5+lenny1_amd64.deb
Size/MD5 checksum: 255178 16ddeb6103b5f5642ce7a87b1056b3e9
http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.14.3-5+lenny1_amd64.deb
Size/MD5 checksum: 246478 0103c1c04d5d74ff7f02d05c5e191c3d
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.14.3-5+lenny1_amd64.deb
Size/MD5 checksum: 328198 a99bf005d2014e4dbfcbe94e3ea46583
http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.14.3-5+lenny1_amd64.deb
Size/MD5 checksum: 976578 4ff12de46d3585642597b932f0ddd1a8
http://security.debian.org/pool/updates/main/s/sendmail/libmilter1.0.1_8.14.3-5+lenny1_amd64.deb
Size/MD5 checksum: 237278 fc0aab20ab63becfead49d0881fe96cb

arm architecture (ARM)

http://security.debian.org/pool/updates/main/s/sendmail/libmilter1.0.1_8.14.3-5+lenny1_arm.deb
Size/MD5 checksum: 232234 6276e33285ccec62abfa1423c970edac
http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.14.3-5+lenny1_arm.deb
Size/MD5 checksum: 242310 7d03c4c9304c33d2abe77dfaf7358b6e
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.14.3-5+lenny1_arm.deb
Size/MD5 checksum: 309174 bbc55ea9c80f938cfc9f28bb1878be6d
http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.14.3-5+lenny1_arm.deb
Size/MD5 checksum: 934464 4fbddf6e1db85b5ff7ee7d161e1d77fd
http://security.debian.org/pool/updates/main/s/sendmail/libmilter1.0.1-dbg_8.14.3-5+lenny1_arm.deb
Size/MD5 checksum: 252046 c59709f62c58cb2d781fcd0f02bc3da9
http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.14.3-5+lenny1_arm.deb
Size/MD5 checksum: 214146 5336a32c7fa7cf43e96879041f265628

armel architecture (ARM EABI)

http://security.debian.org/pool/updates/main/s/sendmail/libmilter1.0.1-dbg_8.14.3-5+lenny1_armel.deb
Size/MD5 checksum: 251832 e4941805b21f87bc294379b3ae5f9ed8
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.14.3-5+lenny1_armel.deb
Size/MD5 checksum: 308756 5ca468d55abd745c46f5b76cead97223
http://security.debian.org/pool/updates/main/s/sendmail/libmilter1.0.1_8.14.3-5+lenny1_armel.deb
Size/MD5 checksum: 231792 ce4d6a6bf07a68ed34cfab4f038a675e
http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.14.3-5+lenny1_armel.deb
Size/MD5 checksum: 242814 45e4b790f71916f76ebda012a83001ed
http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.14.3-5+lenny1_armel.deb
Size/MD5 checksum: 214354 bd4e447688160a54aa8bd03122f515ba
http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.14.3-5+lenny1_armel.deb
Size/MD5 checksum: 932044 6c587d57090aadfb32a545b37f00ac93

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.14.3-5+lenny1_hppa.deb
Size/MD5 checksum: 1039526 6d66e3d82181bdae2fe2c011ad80c395
http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.14.3-5+lenny1_hppa.deb
Size/MD5 checksum: 248882 342439f3654e60f3f28baf27b25b3d94
http://security.debian.org/pool/updates/main/s/sendmail/libmilter1.0.1_8.14.3-5+lenny1_hppa.deb
Size/MD5 checksum: 235596 209f5222150e1ca5472f2a5faf623e7e
http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.14.3-5+lenny1_hppa.deb
Size/MD5 checksum: 215360 3a371f41db4ae8ff9e986228cd24cfda
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.14.3-5+lenny1_hppa.deb
Size/MD5 checksum: 321916 ed5b5b513697f26381ac2a66ddce05fe
http://security.debian.org/pool/updates/main/s/sendmail/libmilter1.0.1-dbg_8.14.3-5+lenny1_hppa.deb
Size/MD5 checksum: 252632 3d3c63808bf9c347235187bfac0decbf

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.14.3-5+lenny1_i386.deb
Size/MD5 checksum: 243262 39e5329ec1fc4e0daabbf06c6934c038
http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.14.3-5+lenny1_i386.deb
Size/MD5 checksum: 214498 35567466e98b5cd66540915448e11cf3
http://security.debian.org/pool/updates/main/s/sendmail/libmilter1.0.1_8.14.3-5+lenny1_i386.deb
Size/MD5 checksum: 235632 f7facff44a046aca0fda6b71634af2c1
http://security.debian.org/pool/updates/main/s/sendmail/libmilter1.0.1-dbg_8.14.3-5+lenny1_i386.deb
Size/MD5 checksum: 253198 62916ef56fb537fe01a74549dccce69f
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.14.3-5+lenny1_i386.deb
Size/MD5 checksum: 318478 4d8db5fbb1babd56b13773d657aeecdb
http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.14.3-5+lenny1_i386.deb
Size/MD5 checksum: 927790 e673ebdb9bb42f7af22eabd26cd47314

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.14.3-5+lenny1_ia64.deb
Size/MD5 checksum: 259046 535ad02335435465eedccbf93c4a9db6
http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.14.3-5+lenny1_ia64.deb
Size/MD5 checksum: 1249794 cbb30d97bbf36890dd46422a4c3b9335
http://security.debian.org/pool/updates/main/s/sendmail/libmilter1.0.1_8.14.3-5+lenny1_ia64.deb
Size/MD5 checksum: 245788 4090c4af51b7b37acbee64773431bf92
http://security.debian.org/pool/updates/main/s/sendmail/libmilter1.0.1-dbg_8.14.3-5+lenny1_ia64.deb
Size/MD5 checksum: 253208 c7ead8ea98e7af3022295efe48ff328e
http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.14.3-5+lenny1_ia64.deb
Size/MD5 checksum: 215656 fe8e723c804be1324cf4a262cbb77bbb
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.14.3-5+lenny1_ia64.deb
Size/MD5 checksum: 362638 2fb3812587a1c801c0a751c3e7963d63

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.14.3-5+lenny1_mips.deb
Size/MD5 checksum: 929562 42c931a18eb21bcef56e92f67e5f03db
http://security.debian.org/pool/updates/main/s/sendmail/libmilter1.0.1_8.14.3-5+lenny1_mips.deb
Size/MD5 checksum: 232678 656cdb78a72c75cbb4b065f30c3f9329
http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.14.3-5+lenny1_mips.deb
Size/MD5 checksum: 244568 07e6e929be48887f40a7da8952fa8d74
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.14.3-5+lenny1_mips.deb
Size/MD5 checksum: 321916 0c683e0403e283bc5b3eb74375c31643
http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.14.3-5+lenny1_mips.deb
Size/MD5 checksum: 214478 bc4dbf2196f36fe6197dd6b47d0622e8
http://security.debian.org/pool/updates/main/s/sendmail/libmilter1.0.1-dbg_8.14.3-5+lenny1_mips.deb
Size/MD5 checksum: 254604 7d1482ab8f5c5e12dc3ca1ae485dd7f7

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/s/sendmail/libmilter1.0.1-dbg_8.14.3-5+lenny1_mipsel.deb
Size/MD5 checksum: 254008 062866141c0ea336649679387b9680ad
http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.14.3-5+lenny1_mipsel.deb
Size/MD5 checksum: 214498 678c36c92bfede7ed7f4a22e9963c8a8
http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.14.3-5+lenny1_mipsel.deb
Size/MD5 checksum: 930580 1659a1abaa05ee8b87629a03f9fe7ac9
http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.14.3-5+lenny1_mipsel.deb
Size/MD5 checksum: 244666 cfd5792d66d9bf4afff3d57b0d07f221
http://security.debian.org/pool/updates/main/s/sendmail/libmilter1.0.1_8.14.3-5+lenny1_mipsel.deb
Size/MD5 checksum: 232838 9f45348868591ef374b4456295a15f32
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.14.3-5+lenny1_mipsel.deb
Size/MD5 checksum: 322102 54515b9f45310e86d1d32906df722336

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.14.3-5+lenny1_powerpc.deb
Size/MD5 checksum: 974022 1c37948467d4fec4886b8aa99be27a1e
http://security.debian.org/pool/updates/main/s/sendmail/libmilter1.0.1-dbg_8.14.3-5+lenny1_powerpc.deb
Size/MD5 checksum: 255992 90fd40ea3490b44ece28acc8a4fe826b
http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.14.3-5+lenny1_powerpc.deb
Size/MD5 checksum: 215260 cafb7da0dd2576b3246c4921c97bb43a
http://security.debian.org/pool/updates/main/s/sendmail/libmilter1.0.1_8.14.3-5+lenny1_powerpc.deb
Size/MD5 checksum: 239168 e563c9a87f92fecd534b32117dbb42f7
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.14.3-5+lenny1_powerpc.deb
Size/MD5 checksum: 321120 6c976e861f549695a0c8e5a6b2e90ca3
http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.14.3-5+lenny1_powerpc.deb
Size/MD5 checksum: 247760 512627779646f9adfd92971d5cac5dc7

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.14.3-5+lenny1_s390.deb
Size/MD5 checksum: 250630 f1f9b514708d97773ad74b13f4c4058f
http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.14.3-5+lenny1_s390.deb
Size/MD5 checksum: 1034220 be9222edad8e87af288f562e6e7d466e
http://security.debian.org/pool/updates/main/s/sendmail/libmilter1.0.1-dbg_8.14.3-5+lenny1_s390.deb
Size/MD5 checksum: 254240 16ac8e7dc48607fca96c827df56a0f96
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.14.3-5+lenny1_s390.deb
Size/MD5 checksum: 324662 b2f5e64b1138a7fe8212c67abf88aaf6
http://security.debian.org/pool/updates/main/s/sendmail/libmilter1.0.1_8.14.3-5+lenny1_s390.deb
Size/MD5 checksum: 237004 de84239ba51b5649966b963a073a3878
http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.14.3-5+lenny1_s390.deb
Size/MD5 checksum: 214816 5c01bf333cdfe50b8e3b5501cc7c494a

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.14.3-5+lenny1_sparc.deb
Size/MD5 checksum: 214672 a7680df86dc7c11ed7f02232136ae58a
http://security.debian.org/pool/updates/main/s/sendmail/libmilter1.0.1_8.14.3-5+lenny1_sparc.deb
Size/MD5 checksum: 234996 5a9c4d48a45d32184670216e80a38f7a
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.14.3-5+lenny1_sparc.deb
Size/MD5 checksum: 313516 885201f32dfd8c5049428085b23ab0f7
http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.14.3-5+lenny1_sparc.deb
Size/MD5 checksum: 977328 03c6b2cbd690fe8b70bffa07581eb178
http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.14.3-5+lenny1_sparc.deb
Size/MD5 checksum: 244848 14b649b4b66b1e229fe85fed85f77915
http://security.debian.org/pool/updates/main/s/sendmail/libmilter1.0.1-dbg_8.14.3-5+lenny1_sparc.deb
Size/MD5 checksum: 250876 39dc7ca4b7cd3287c61fc3f893d8a9bf


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAktllGYACgkQNxpp46476aqLlACffXKJwlByUd4ixLn620o3FBkg
XUAAoJ7VlvOrUZ/dR1apRodlr17OZt2a
=ge0z
-----END PGP SIGNATURE-----
"

DSA-1972-2: New audiofile packages fix buffer overflowVictoria fumes as David Beckham has his balls grabbed

DSA 1978-1: New phpgroupware packages fix several vulnerabilities  

Posted by Daniela Mehler

"-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1978-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
January 26, 2010 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : phpgroupware
Vulnerability : several
Problem-Type : remote
Debian-specific: no
CVE ID : CVE-2009-4414 CVE-2009-4415 CVE-2009-4416

Several remote vulnerabilities have been discovered in phpgroupware, a
Web based groupware system written in PHP. The Common Vulnerabilities
and Exposures project identifies the following problems:

CVE-2009-4414

An SQL injection vulnerability was found in the authentication
module.

CVE-2009-4415

Multiple directory traversal vulnerabilities were found in the
addressbook module.

CVE-2009-4416

The authentication module is affected by cross-site scripting.


For the stable distribution (lenny) these problems have been fixed in
version 0.9.16.012+dfsg-8+lenny1.

For the unstable distribution (sid) these problems have been fixed in
version 0.9.16.012+dfsg-9.

We recommend that you upgrade your phpgroupware packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware_0.9.16.012+dfsg.orig.tar.gz
Size/MD5 checksum: 19383160 bbfcfa12aca69b4032d7b4d38aeba85f
http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware_0.9.16.012+dfsg-8+lenny1.diff.gz
Size/MD5 checksum: 70541 fc805ae50cd52606578ed95e8a5bde96
http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware_0.9.16.012+dfsg-8+lenny1.dsc
Size/MD5 checksum: 1662 0507c4e0a6be1d93a060a7c6222c84c0

Architecture independent packages:

http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-0.9.16-email_0.9.16.012+dfsg-8+lenny1_all.deb
Size/MD5 checksum: 1167526 b7d47f4df02c98e3269fd2b8bce094f4
http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-0.9.16-core-base_0.9.16.012+dfsg-8+lenny1_all.deb
Size/MD5 checksum: 48252 80a0c4bf563e576fbad0b023fcca2f4b
http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-0.9.16-calendar_0.9.16.012+dfsg-8+lenny1_all.deb
Size/MD5 checksum: 268338 acdc243f1b2cbcea42a548408232657d
http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-0.9.16-addressbook_0.9.16.012+dfsg-8+lenny1_all.deb
Size/MD5 checksum: 180662 e0835bac92df72541b52912e80e1e852
http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware_0.9.16.012+dfsg-8+lenny1_all.deb
Size/MD5 checksum: 22380 c12295c8f5f4abdf2f9d8c94ceefe4a1
http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-0.9.16-news-admin_0.9.16.012+dfsg-8+lenny1_all.deb
Size/MD5 checksum: 41572 d21d4ab4ce6adbb23a46a21fd0dd67cb
http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-0.9.16-manual_0.9.16.012+dfsg-8+lenny1_all.deb
Size/MD5 checksum: 93094 dc2bcd999a4a97a0acb8a0a9b156ea03
http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-0.9.16-filemanager_0.9.16.012+dfsg-8+lenny1_all.deb
Size/MD5 checksum: 95206 0faba6d54c83ac610d11a256a12eec67
http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-0.9.16-phpgwapi_0.9.16.012+dfsg-8+lenny1_all.deb
Size/MD5 checksum: 1522130 c4ff77bb7c80222b04ccdb130f5d2db6
http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-0.9.16-preferences_0.9.16.012+dfsg-8+lenny1_all.deb
Size/MD5 checksum: 60034 b7b86ca86b431dbd7b637506db451196
http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-0.9.16_0.9.16.012+dfsg-8+lenny1_all.deb
Size/MD5 checksum: 20228 5563f9a3d9b4835b2c89cb1ba571b23f
http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-0.9.16-core_0.9.16.012+dfsg-8+lenny1_all.deb
Size/MD5 checksum: 4546 de306e6062f710d430704297106f192e
http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-0.9.16-admin_0.9.16.012+dfsg-8+lenny1_all.deb
Size/MD5 checksum: 192062 0427388ce20eb307946c6272856313b7
http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-0.9.16-notes_0.9.16.012+dfsg-8+lenny1_all.deb
Size/MD5 checksum: 33356 700f8d5a2b8fff7b03f464259f912ddb
http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-0.9.16-doc_0.9.16.012+dfsg-8+lenny1_all.deb
Size/MD5 checksum: 130988 230362e560b03abda388bb0964516d6c
http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-0.9.16-phpgwapi-doc_0.9.16.012+dfsg-8+lenny1_all.deb
Size/MD5 checksum: 7984748 82aff1fbf1f337ad876dd63be9914102
http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-0.9.16-setup_0.9.16.012+dfsg-8+lenny1_all.deb
Size/MD5 checksum: 276764 6c743b8fcfbdfa313086264ccee8a7fd
http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-0.9.16-todo_0.9.16.012+dfsg-8+lenny1_all.deb
Size/MD5 checksum: 50716 6c7c8523a8e03e94a9211efccb337dd0


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAktfVZIACgkQXm3vHE4uylrvOwCdFJvWO6TIq6kMiKuXd6jNIgf9
WzAAn2k180FV5fb0Y4tmkQlJX4OllDBN
=vr1k
-----END PGP SIGNATURE-----
"

Victoria fumes as David Beckham has his balls grabbedDSA 1980-1: New ircd-hybrid/ircd-ratbox packages fix arbitrary code execution

USN-890-4: PyXML vulnerabilities  

Posted by Daniela Mehler

"Ubuntu Security Notice USN-890-4 January 26, 2010
python-xml vulnerabilities
CVE-2009-3560, CVE-2009-3720
==========================
==========================
=========

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
python2.4-xml 0.8.4-1ubuntu3.1

After a standard system upgrade you need to restart any applications that
use PyXML to effect the necessary changes.

Details follow:

USN-890-1 fixed vulnerabilities in Expat. This update provides the
corresponding updates for PyXML.

Original advisory details:

Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did
not properly process malformed XML. If a user or application linked against
Expat were tricked into opening a crafted XML file, an attacker could cause
a denial of service via application crash. (CVE-2009-2625, CVE-2009-3720)

It was discovered that Expat did not properly process malformed UTF-8
sequences. If a user or application linked against Expat were tricked into
opening a crafted XML file, an attacker could cause a denial of service via
application crash. (CVE-2009-3560)


Updated packages for Ubuntu 6.06 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/p/python-xml/python-xml_0.8=
.4-1ubuntu3.1.diff.gz
Size/MD5: 26092 7b735067d5b8494bfa9479a38b1f971f
http://security.ubuntu.com/ubuntu/pool/main/p/python-xml/python-xml_0.8=
.4-1ubuntu3.1.dsc
Size/MD5: 663 064ad0d03d81132088df42f78850bfd7
http://security.ubuntu.com/ubuntu/pool/main/p/python-xml/python-xml_0.8=
.4.orig.tar.gz
Size/MD5: 734751 04fc1685542b32c1948c2936dfb6ba0e

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/p/python-xml/python-xml_0.8=
.4-1ubuntu3.1_all.deb
Size/MD5: 11568 253250bca793d626d3f651a116259b00
http://security.ubuntu.com/ubuntu/pool/universe/p/python-xml/xbel-utils=
_0.8.4-1ubuntu3.1_all.deb
Size/MD5: 25206 e73978eb774cf39690739f0908fb32dc
http://security.ubuntu.com/ubuntu/pool/universe/p/python-xml/xbel_0.8.4=
-1ubuntu3.1_all.deb
Size/MD5: 24392 e4bab68a86bd7fb0dd85d39268716a64

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/p/python-xml/python2.4-xml_=
0.8.4-1ubuntu3.1_amd64.deb
Size/MD5: 717460 763ab0e82cbd3767958753060145c5ab

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/p/python-xml/python2.4-xml_=
0.8.4-1ubuntu3.1_i386.deb
Size/MD5: 708074 e34c9a1bdaaef83eb885104360d9e94f

powerpc architecture (Apple Macintosh G3/G4/G5):

http://security.ubuntu.com/ubuntu/pool/main/p/python-xml/python2.4-xml_=
0.8.4-1ubuntu3.1_powerpc.deb
Size/MD5: 716638 8ee8326bb735b20b18f0335c4485aadb

sparc architecture (Sun SPARC/UltraSPARC):

http://security.ubuntu.com/ubuntu/pool/main/p/python-xml/python2.4-xml_=
0.8.4-1ubuntu3.1_sparc.deb
Size/MD5: 706208 11751f3c1654c648dd145c88afc3002c




--M9NhX3UHpAaciwkO
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAktfQUoACgkQW0JvuRdL8Bp4UwCdE/Ajq29Rkk85/1lsmQlFWCul
ZD8An3hhQZZ631h0hVPYd0iLjyrHDIq8
=/SfE
-----END PGP SIGNATURE-----
"

Victoria fumes as David Beckham has his balls grabbedUSN-890-3: Python 2.4 vulnerabilities

USN-890-3: Python 2.4 vulnerabilities  

Posted by Daniela Mehler

"Ubuntu Security Notice USN-890-3 January 22, 2010
python2.4 vulnerabilities
CVE-2009-3560, CVE-2009-3720
==========================
==========================
=========

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04
Ubuntu 9.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
python2.4 2.4.3-0ubuntu6.4
python2.4-minimal 2.4.3-0ubuntu6.4

Ubuntu 8.04 LTS:
python2.4 2.4.5-1ubuntu4.3
python2.4-minimal 2.4.5-1ubuntu4.3

Ubuntu 8.10:
python2.4 2.4.5-5ubuntu1.2
python2.4-minimal 2.4.5-5ubuntu1.2

Ubuntu 9.04:
python2.4 2.4.6-1ubuntu3.2.9.04.1
python2.4-minimal 2.4.6-1ubuntu3.2.9.04.1

Ubuntu 9.10:
python2.4 2.4.6-1ubuntu3.2.9.10.1
python2.4-minimal 2.4.6-1ubuntu3.2.9.10.1

After a standard system upgrade you need to restart any Python 2.4
applications that use the PyExpat module to effect the necessary changes.

Details follow:

USN-890-1 fixed vulnerabilities in Expat. This update provides the
corresponding updates for the PyExpat module in Python 2.4.

Original advisory details:

Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did
not properly process malformed XML. If a user or application linked against
Expat were tricked into opening a crafted XML file, an attacker could cause
a denial of service via application crash. (CVE-2009-2625, CVE-2009-3720)

It was discovered that Expat did not properly process malformed UTF-8
sequences. If a user or application linked against Expat were tricked into
opening a crafted XML file, an attacker could cause a denial of service via
application crash. (CVE-2009-3560)


Updated packages for Ubuntu 6.06 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4_2.4.3=
-0ubuntu6.4.diff.gz
Size/MD5: 2664095 5de4651cbd7cde17234d4211ba2411ae
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4_2.4.3=
-0ubuntu6.4.dsc
Size/MD5: 1231 531ed5726641e53070416713ae73fc13
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4_2.4.3=
.orig.tar.gz
Size/MD5: 9328584 fd9dd825b8c680fa04c2fc2c957964b1

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/idle-python2.4_=
2.4.3-0ubuntu6.4_all.deb
Size/MD5: 243560 46eb30d3ba78d65a24942d45399ab253
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-doc_2=
.4.3-0ubuntu6.4_all.deb
Size/MD5: 3358290 ddd3fe197e3e098f60440048d47eb887
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-examp=
les_2.4.3-0ubuntu6.4_all.deb
Size/MD5: 587756 2066487eb0f6b0c2928fc992162a77af

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-dbg_2=
.4.3-0ubuntu6.4_amd64.deb
Size/MD5: 5570950 10762ebd4d1da8b3f5c154b0331e72ab
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-dev_2=
.4.3-0ubuntu6.4_amd64.deb
Size/MD5: 1635738 bb3f078081d50c309edd48f768b3c731
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-gdbm_=
2.4.3-0ubuntu6.4_amd64.deb
Size/MD5: 30414 67faa5e501c7f3dc9a3963f7048df087
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-minim=
al_2.4.3-0ubuntu6.4_amd64.deb
Size/MD5: 794578 9f54103d56a5f8df99c802846452c047
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-tk_2.=
4.3-0ubuntu6.4_amd64.deb
Size/MD5: 114202 49798f581bc3d754a6f1f70100a4fd43
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4_2.4.3=
-0ubuntu6.4_amd64.deb
Size/MD5: 2862842 a734f567c48c97db1a9edaab2293cd36

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-dbg_2=
.4.3-0ubuntu6.4_i386.deb
Size/MD5: 4832926 e3b2968fe756fe6afb9c71392420b906
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-dev_2=
.4.3-0ubuntu6.4_i386.deb
Size/MD5: 1466698 c8a5dbb232fdc29bc527f46729e3f68b
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-gdbm_=
2.4.3-0ubuntu6.4_i386.deb
Size/MD5: 29704 9006cb06f2fdf32ce673583b1908e789
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-minim=
al_2.4.3-0ubuntu6.4_i386.deb
Size/MD5: 703714 fc3f12993b059cb8bfd324a15fdf16eb
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-tk_2.=
4.3-0ubuntu6.4_i386.deb
Size/MD5: 110502 07647877c6b44447c58848e7055936c8
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4_2.4.3=
-0ubuntu6.4_i386.deb
Size/MD5: 2740134 b8f70f1bc9b50bc3ef2e228c9ed7705a

powerpc architecture (Apple Macintosh G3/G4/G5):

http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-dbg_2=
.4.3-0ubuntu6.4_powerpc.deb
Size/MD5: 5675960 cc3ee1e8e1e510584952a748c7753a35
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-dev_2=
.4.3-0ubuntu6.4_powerpc.deb
Size/MD5: 1632088 91caeb905d2f7359b46bfa1e46001aa7
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-gdbm_=
2.4.3-0ubuntu6.4_powerpc.deb
Size/MD5: 31620 e2fbbab09a662399e8c78b60da86b083
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-minim=
al_2.4.3-0ubuntu6.4_powerpc.deb
Size/MD5: 783944 9208a0b5d6d6afb85ee7e531473883e9
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-tk_2.=
4.3-0ubuntu6.4_powerpc.deb
Size/MD5: 113410 716fe56c6ed7c5980d49640dfb4ae0e9
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4_2.4.3=
-0ubuntu6.4_powerpc.deb
Size/MD5: 2888592 0b1e942c7d04f80643dffc37111a97ec

sparc architecture (Sun SPARC/UltraSPARC):

http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-dbg_2=
.4.3-0ubuntu6.4_sparc.deb
Size/MD5: 5007520 7a6d11e3bfb4839d91e54163c8bc8172
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-dev_2=
.4.3-0ubuntu6.4_sparc.deb
Size/MD5: 1579844 387df760a949bcfa63b00cd3eabc233e
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-gdbm_=
2.4.3-0ubuntu6.4_sparc.deb
Size/MD5: 29842 8e916b371f894bbb0cbd44ca793e99a8
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-minim=
al_2.4.3-0ubuntu6.4_sparc.deb
Size/MD5: 724172 40e4e41ec21c969741c2e495f2937fd5
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-tk_2.=
4.3-0ubuntu6.4_sparc.deb
Size/MD5: 111280 3e1915538ed5543abc638a0a4f4df0d8
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4_2.4.3=
-0ubuntu6.4_sparc.deb
Size/MD5: 2805012 6e30c17ab918dbc6d45bbf04c5ccb361

Updated packages for Ubuntu 8.04 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4_2.4.5=
-1ubuntu4.3.diff.gz
Size/MD5: 2669433 ce6aace302b74f10b812ad8f36396f47
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4_2.4.5=
-1ubuntu4.3.dsc
Size/MD5: 1427 750c5079f39c5f561ce0a3499f6fdcff
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4_2.4.5=
.orig.tar.gz
Size/MD5: 9523188 9a615c6868074f60872084ecd240de3e

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-doc_2=
.4.5-1ubuntu4.3_all.deb
Size/MD5: 3369752 d69f23606f53c0807afdf5f4bf7f544c
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-examp=
les_2.4.5-1ubuntu4.3_all.deb
Size/MD5: 592130 68b924bea153282efb44b665a21720d9
http://security.ubuntu.com/ubuntu/pool/universe/p/python2.4/idle-python=
2.4_2.4.5-1ubuntu4.3_all.deb
Size/MD5: 64034 34f6bbbd95e28be372d4b831a3181078

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-dbg_2=
.4.5-1ubuntu4.3_amd64.deb
Size/MD5: 6875322 c2b912cfcba60070fc321cd0e11d2dac
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-dev_2=
.4.5-1ubuntu4.3_amd64.deb
Size/MD5: 1626758 84336dcf71b42f89e83c7591372c9fcf
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-minim=
al_2.4.5-1ubuntu4.3_amd64.deb
Size/MD5: 1053418 9ce514ba9908aeb692d5e59e703f9de2
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4_2.4.5=
-1ubuntu4.3_amd64.deb
Size/MD5: 2913244 ba231096bcd363fc942eef2c86e96e70

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-dbg_2=
.4.5-1ubuntu4.3_i386.deb
Size/MD5: 6363854 e8a3c1d21e8da7c0356737781761a304
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-dev_2=
.4.5-1ubuntu4.3_i386.deb
Size/MD5: 1487746 5cd323acc5e32389dc91159a62ef13cd
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-minim=
al_2.4.5-1ubuntu4.3_i386.deb
Size/MD5: 977212 f4182b9a7a2970e38953d5d93002c961
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4_2.4.5=
-1ubuntu4.3_i386.deb
Size/MD5: 2813478 1e8a15bd3ddf8c6d589ef810d490086c

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-dbg_2.4.5-1ubun=
tu4.3_lpia.deb
Size/MD5: 6460568 00880e127c62fb7060a9f931ebf9294b
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-dev_2.4.5-1ubun=
tu4.3_lpia.deb
Size/MD5: 1483496 a0e2c8ea61b0ec99f1becaf60b26f330
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-minimal_2.4.5-1=
ubuntu4.3_lpia.deb
Size/MD5: 980858 dee97559b9fb72e26b48c0e575a1224a
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4_2.4.5-1ubuntu4.=
3_lpia.deb
Size/MD5: 2812240 43d77ea846457dffcd71cdb2b33ec571

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-dbg_2.4.5-1ubun=
tu4.3_powerpc.deb
Size/MD5: 7120212 d386642eadcf28905cf1becc9a203e32
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-dev_2.4.5-1ubun=
tu4.3_powerpc.deb
Size/MD5: 1627884 adabc45ef8d448f42b8360b25208999b
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-minimal_2.4.5-1=
ubuntu4.3_powerpc.deb
Size/MD5: 1075804 b594ec1ca562349a109b314f500ae403
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4_2.4.5-1ubuntu4.=
3_powerpc.deb
Size/MD5: 2961624 715684171a931b636ab7ed4802c23745

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-dbg_2.4.5-1ubun=
tu4.3_sparc.deb
Size/MD5: 6444750 47b37d33dee80e0383ff6d075ba05421
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-dev_2.4.5-1ubun=
tu4.3_sparc.deb
Size/MD5: 1560466 74bf28afcf995bc19d13bb2219454ebc
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-minimal_2.4.5-1=
ubuntu4.3_sparc.deb
Size/MD5: 999354 be9d691bedfb7605f066b96389968afe
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4_2.4.5-1ubuntu4.=
3_sparc.deb
Size/MD5: 2829928 43058a2718bf85b38bf97de324bd3615

Updated packages for Ubuntu 8.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4_2.4.5=
-5ubuntu1.2.diff.gz
Size/MD5: 2669391 86902ec46b51f8d9dee1162daa2d4f6e
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4_2.4.5=
-5ubuntu1.2.dsc
Size/MD5: 1865 02532d4ac13d12d52fc2b13ceeccf09e
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4_2.4.5=
.orig.tar.gz
Size/MD5: 9523188 9a615c6868074f60872084ecd240de3e

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-doc_2=
.4.5-5ubuntu1.2_all.deb
Size/MD5: 3369922 9029167296dbf1ac7ddb60b177b16929
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-examp=
les_2.4.5-5ubuntu1.2_all.deb
Size/MD5: 592476 6f795d493b1f20a9f64581fb4b7d3d29
http://security.ubuntu.com/ubuntu/pool/universe/p/python2.4/idle-python=
2.4_2.4.5-5ubuntu1.2_all.deb
Size/MD5: 64438 758480fba9d2d422921594e71d90a333

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-dbg_2=
.4.5-5ubuntu1.2_amd64.deb
Size/MD5: 7121974 d2e6039f0c0ddf21eef95a6b2fa90b59
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-dev_2=
.4.5-5ubuntu1.2_amd64.deb
Size/MD5: 1643332 98f89ccdb3f99b4025a5ad313861031e
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-minim=
al_2.4.5-5ubuntu1.2_amd64.deb
Size/MD5: 1062882 467302a9972896b767c90bc6a21dd350
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4_2.4.5=
-5ubuntu1.2_amd64.deb
Size/MD5: 2952630 40adee9b87ded0abb075526ad035ac19

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-dbg_2=
.4.5-5ubuntu1.2_i386.deb
Size/MD5: 6587760 d962473da279debf68902205e8f2a19a
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-dev_2=
.4.5-5ubuntu1.2_i386.deb
Size/MD5: 1507772 1ac712b5aa90ed2b56bba34e2b2e902c
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-minim=
al_2.4.5-5ubuntu1.2_i386.deb
Size/MD5: 988150 97d80f94476341c3038c16becd4128d4
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4_2.4.5=
-5ubuntu1.2_i386.deb
Size/MD5: 2850006 983ef320d3a3a6028912c27f5ddedc80

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-dbg_2.4.5-5ubun=
tu1.2_lpia.deb
Size/MD5: 6687174 fafaf7e6b287a6b1c3b5d657a08f3a4b
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-dev_2.4.5-5ubun=
tu1.2_lpia.deb
Size/MD5: 1498700 a813ed709bd404916eea797e5f34f20c
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-minimal_2.4.5-5=
ubuntu1.2_lpia.deb
Size/MD5: 988962 98ca0384dc4fa1f3d97cb4972581a3fb
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4_2.4.5-5ubuntu1.=
2_lpia.deb
Size/MD5: 2844532 a0946a995a9edfefacb6d7a57abd100a

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-dbg_2.4.5-5ubun=
tu1.2_powerpc.deb
Size/MD5: 7446186 366e1bd4ffbd5caf3f4144b689d7dbfa
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-dev_2.4.5-5ubun=
tu1.2_powerpc.deb
Size/MD5: 1634942 18779b2f2d57442c0e1a9483bebca7f4
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-minimal_2.4.5-5=
ubuntu1.2_powerpc.deb
Size/MD5: 1079644 206a0a1b2e95397443d5cac17a6b751b
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4_2.4.5-5ubuntu1.=
2_powerpc.deb
Size/MD5: 3004894 8ee2079acc40ca83748711abfbbecd71

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-dbg_2.4.5-5ubun=
tu1.2_sparc.deb
Size/MD5: 6659518 633ead67d80574eec5691b9c4242d415
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-dev_2.4.5-5ubun=
tu1.2_sparc.deb
Size/MD5: 1563018 fda5813e60e2e9feb5208e4c291bffa4
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-minimal_2.4.5-5=
ubuntu1.2_sparc.deb
Size/MD5: 1002180 b8c3526955d1ffec8f798399b1ac6a95
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4_2.4.5-5ubuntu1.=
2_sparc.deb
Size/MD5: 2857638 d7ad4a186a7c8a66f0ffb9a1e68f33c1

Updated packages for Ubuntu 9.04:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4_2.4.6=
-1ubuntu3.2.9.04.1.diff.gz
Size/MD5: 2713408 497a1a5759a7fd686a50004dc019ddd5
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4_2.4.6=
-1ubuntu3.2.9.04.1.dsc
Size/MD5: 1840 4c0b8c4b20e7fc42427eb0f06f7b6af1
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4_2.4.6=
.orig.tar.gz
Size/MD5: 9594954 1f81e15ea22838260d5c094d31107443

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-doc_2=
.4.6-1ubuntu3.2.9.04.1_all.deb
Size/MD5: 3477518 2a8bc6caf988052518d613453440ac3c
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-examp=
les_2.4.6-1ubuntu3.2.9.04.1_all.deb
Size/MD5: 593516 1e47188a90551e2607a0792ce5d96d83
http://security.ubuntu.com/ubuntu/pool/universe/p/python2.4/idle-python=
2.4_2.4.6-1ubuntu3.2.9.04.1_all.deb
Size/MD5: 64692 9f44e4d920f3e397cc24c56e71eb19f4

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-dbg_2=
.4.6-1ubuntu3.2.9.04.1_amd64.deb
Size/MD5: 7086884 572f8bc5eeb9368b6faa4d1a93c99df2
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-dev_2=
.4.6-1ubuntu3.2.9.04.1_amd64.deb
Size/MD5: 1642472 71f09d7504abdcdfe3767af5657f02b7
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-minim=
al_2.4.6-1ubuntu3.2.9.04.1_amd64.deb
Size/MD5: 1063814 c357f8b5b58892d2eb706ec985bd95e9
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4_2.4.6=
-1ubuntu3.2.9.04.1_amd64.deb
Size/MD5: 2930914 fc695d93a4bb08a526c590d51c52deb1

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-dbg_2=
.4.6-1ubuntu3.2.9.04.1_i386.deb
Size/MD5: 6554448 81ca01e7ebc3c68ec6efa6df6bb21fdf
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-dev_2=
.4.6-1ubuntu3.2.9.04.1_i386.deb
Size/MD5: 1506898 64d2344cf67367a6f8a2af3230085368
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-minim=
al_2.4.6-1ubuntu3.2.9.04.1_i386.deb
Size/MD5: 989744 af53ed5b9b15e124fc76198981381718
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4_2.4.6=
-1ubuntu3.2.9.04.1_i386.deb
Size/MD5: 2832804 e5c75a45165eca0b018e161b4ed26feb

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-dbg_2.4.6-1ubun=
tu3.2.9.04.1_lpia.deb
Size/MD5: 6654538 ff50fe93c787b378f1c02d3e988c24e9
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-dev_2.4.6-1ubun=
tu3.2.9.04.1_lpia.deb
Size/MD5: 1498232 9842f54b2818a06c14f1be3022ddd9d1
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-minimal_2.4.6-1=
ubuntu3.2.9.04.1_lpia.deb
Size/MD5: 990616 8cc00956c408d9c19a21469c09eeaca5
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4_2.4.6-1ubuntu3.=
2.9.04.1_lpia.deb
Size/MD5: 2827142 1ffbe79d6c8790437c2fee7fe94b6308

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-dbg_2.4.6-1ubun=
tu3.2.9.04.1_powerpc.deb
Size/MD5: 7422502 e2ad7d5fe3fa5acde774fb7af4b05572
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-dev_2.4.6-1ubun=
tu3.2.9.04.1_powerpc.deb
Size/MD5: 1634526 44c37ea3d34f9ed74def8e73408c27ba
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-minimal_2.4.6-1=
ubuntu3.2.9.04.1_powerpc.deb
Size/MD5: 1081094 f8e53a50261ee09184000fc0263b989b
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4_2.4.6-1ubuntu3.=
2.9.04.1_powerpc.deb
Size/MD5: 2983468 59c42d9c40d799fca88d07c294a862f5

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-dbg_2.4.6-1ubun=
tu3.2.9.04.1_sparc.deb
Size/MD5: 6641924 f946507dc596f49e64df20c26474f9be
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-dev_2.4.6-1ubun=
tu3.2.9.04.1_sparc.deb
Size/MD5: 1562380 d85f41c86fad94132f4a2b878b80fa2e
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-minimal_2.4.6-1=
ubuntu3.2.9.04.1_sparc.deb
Size/MD5: 1002606 d0671a68353b9fcfd4a902665ce519d0
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4_2.4.6-1ubuntu3.=
2.9.04.1_sparc.deb
Size/MD5: 2840280 5024c60f95c1533242f34c5f7034fc7e

Updated packages for Ubuntu 9.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4_2.4.6=
-1ubuntu3.2.9.10.1.diff.gz
Size/MD5: 2713410 d27a5995212e6c6f32caff9b3d586bdf
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4_2.4.6=
-1ubuntu3.2.9.10.1.dsc
Size/MD5: 1840 d420424b063f2ede7f64935e07e8a887
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4_2.4.6=
.orig.tar.gz
Size/MD5: 9594954 1f81e15ea22838260d5c094d31107443

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-doc_2=
.4.6-1ubuntu3.2.9.10.1_all.deb
Size/MD5: 3477288 dc4f8ff50b7c8b9a3abd9e5d0aa47489
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-examp=
les_2.4.6-1ubuntu3.2.9.10.1_all.deb
Size/MD5: 593512 1e3a2b833745ee01a95378b05d83e715
http://security.ubuntu.com/ubuntu/pool/universe/p/python2.4/idle-python=
2.4_2.4.6-1ubuntu3.2.9.10.1_all.deb
Size/MD5: 64694 5a875705dcfc489c10dbc4c8d0ef29c4

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-dbg_2=
.4.6-1ubuntu3.2.9.10.1_amd64.deb
Size/MD5: 6876620 4ee4369130b0b9b12dd303b3586d0e07
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-dev_2=
.4.6-1ubuntu3.2.9.10.1_amd64.deb
Size/MD5: 1643510 36f3b9622eba9c221e1ce90e73465149
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-minim=
al_2.4.6-1ubuntu3.2.9.10.1_amd64.deb
Size/MD5: 1066786 b7da39378023524df96e42d8c5f55d78
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4_2.4.6=
-1ubuntu3.2.9.10.1_amd64.deb
Size/MD5: 2932056 38fbfa3c936e2c386427636eb439ca59

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-dbg_2=
.4.6-1ubuntu3.2.9.10.1_i386.deb
Size/MD5: 6467440 52d57c4475b42af86857cb8154eab656
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-dev_2=
.4.6-1ubuntu3.2.9.10.1_i386.deb
Size/MD5: 1492278 6ccdaaf56a34f214343eb7dd71bb0d4e
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4-minim=
al_2.4.6-1ubuntu3.2.9.10.1_i386.deb
Size/MD5: 985188 5e110175af1bfb54a58110af58aa5ffb
http://security.ubuntu.com/ubuntu/pool/main/p/python2.4/python2.4_2.4.6=
-1ubuntu3.2.9.10.1_i386.deb
Size/MD5: 2828314 bd3e56fdf77d5543a136a9b62cca7779

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-dbg_2.4.6-1ubun=
tu3.2.9.10.1_lpia.deb
Size/MD5: 6558038 52a6fd9d89a3c8502066b88f6090aa3d
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-dev_2.4.6-1ubun=
tu3.2.9.10.1_lpia.deb
Size/MD5: 1495462 6afbecaf2a24295fcb38479a3b6ff1dd
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-minimal_2.4.6-1=
ubuntu3.2.9.10.1_lpia.deb
Size/MD5: 991968 297a54e24d6728ded9a065d931d951ed
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4_2.4.6-1ubuntu3.=
2.9.10.1_lpia.deb
Size/MD5: 2832416 8bb2e4900bac215d5c278261af841868

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-dbg_2.4.6-1ubun=
tu3.2.9.10.1_powerpc.deb
Size/MD5: 7185436 16b7614a9db64a3d38f0e3de2b17ef0f
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-dev_2.4.6-1ubun=
tu3.2.9.10.1_powerpc.deb
Size/MD5: 1626190 93d3a1c366dd3401dda05631a4628e17
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-minimal_2.4.6-1=
ubuntu3.2.9.10.1_powerpc.deb
Size/MD5: 1047022 6b6df09ca38c2e290527ca77869a78d4
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4_2.4.6-1ubuntu3.=
2.9.10.1_powerpc.deb
Size/MD5: 2907540 0d96ed2460c5dd669967c8aa21abfa0c

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-dbg_2.4.6-1ubun=
tu3.2.9.10.1_sparc.deb
Size/MD5: 6569354 f695cb773324a9780438e529fbe1a5d1
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-dev_2.4.6-1ubun=
tu3.2.9.10.1_sparc.deb
Size/MD5: 1549868 51b1f23e858f2e45e46a8e8bcd0e8d90
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4-minimal_2.4.6-1=
ubuntu3.2.9.10.1_sparc.deb
Size/MD5: 1002130 3d05e578ca3ac3636da6610a3ad16a07
http://ports.ubuntu.com/pool/main/p/python2.4/python2.4_2.4.6-1ubuntu3.=
2.9.10.1_sparc.deb
Size/MD5: 2837692 60c0c15bea33864be53752c3203a5378




--EeQfGwPcQSOJBaQU
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAktZuaAACgkQW0JvuRdL8BrTmQCggtRbhv6L4c8475yDSEHjiMJA
n48AoJlw8tlj0XtQOXFkNhqfxM8n15bi
=Ubef
-----END PGP SIGNATURE-----
"

USN-885-1: LibThai vulnerabilityVictoria fumes as David Beckham has his balls grabbed

DSA 1980-1: New ircd-hybrid/ircd-ratbox packages fix arbitrary code execution  

Posted by Daniela Mehler

"-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1980-1 security@debian.org
http://www.debian.org/security/ Steffen Joeris
January 27, 2010 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : ircd-hybrid/ircd-ratbox
Vulnerability : integer underflow/denial of service
Problem type : remote
Debian-specific: no
CVE Ids : CVE-2009-4016 CVE-2010-0300


David Leadbeater discovered an integer underflow that could be triggered
via the LINKS command and can lead to a denial of service or the
execution of arbitrary code (CVE-2009-4016). This issue affects both,
ircd-hybrid and ircd-ratbox.

It was discovered that the ratbox IRC server is prone to a denial of
service attack via the HELP command. The ircd-hybrid package is not
vulnerable to this issue (CVE-2010-0300).


For the stable distribution (lenny), this problem has been fixed in
version 1:7.2.2.dfsg.2-4+lenny1 of the ircd-hybrid package and in
version 2.2.8.dfsg-2+lenny1 of ircd-ratbox.

Due to a bug in the archive software it was not possible to release the
fix for the oldstable distribution (etch) simultaneously. The packages
will be released as version 7.2.2.dfsg.2-3+etch1 once they become
available.

For the testing distribution (squeeze) and the unstable distribution
(sid), this problem will be fixed soon.


We recommend that you upgrade your ircd-hybrid/ircd-ratbox packages.


Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Debian (stable)
- ---------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1.dsc
Size/MD5 checksum: 1139 a48d912892925013b37fb773841d6710
http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2.orig.tar.gz
Size/MD5 checksum: 756749 75896381ea6330aea860b35fff3c34bb
http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1.diff.gz
Size/MD5 checksum: 115007 a8d23129d0675ff779e5e315f8632a6b
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1.diff.gz
Size/MD5 checksum: 18289 04a221b2b8dfd0654778a6608c7cb66b
http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1.dsc
Size/MD5 checksum: 1230 f79125aafcc5d9fcbd09bedadd69fce7
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg.orig.tar.gz
Size/MD5 checksum: 673439 0eb7d1430a997a37af03f8b2f9eed4bb

Architecture independent packages:

http://security.debian.org/pool/updates/main/i/ircd-hybrid/hybrid-dev_7.2.2.dfsg.2-4+lenny1_all.deb
Size/MD5 checksum: 65708 85dba185f2fdd9e7b3c423ae8722cc2f

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_alpha.deb
Size/MD5 checksum: 568252 35a559f24895dab0fbe71f6af3a8c0b1
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_alpha.deb
Size/MD5 checksum: 929788 583d32d5afc9747d824499183d4a5761
http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_alpha.deb
Size/MD5 checksum: 660008 1a2bca514133dbc27f91bca69ed2122e

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_amd64.deb
Size/MD5 checksum: 937710 2867b5535578c017699418acab7565b7
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_amd64.deb
Size/MD5 checksum: 542006 52ca320cdd28849bd65065c921f03623
http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_amd64.deb
Size/MD5 checksum: 634416 d320f0d1b77cb08cb0caa9c9644d13aa

arm architecture (ARM)

http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_arm.deb
Size/MD5 checksum: 589350 451a5bcf2b4b8f40e39128be3fdc479d

armel architecture (ARM EABI)

http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_armel.deb
Size/MD5 checksum: 894654 4daf0784d8865e75c378630d7cf2d870
http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_armel.deb
Size/MD5 checksum: 595420 bf40953d00dbccd069b1596b6c84eadc
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_armel.deb
Size/MD5 checksum: 504238 785107a5a9fa3dcd88f2a12916d47092

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_hppa.deb
Size/MD5 checksum: 908902 8e1ebf2baf27a71f008eba792cdd87d7
http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_hppa.deb
Size/MD5 checksum: 647938 c67f473e9b4ae77a5578359c76ff5e75
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_hppa.deb
Size/MD5 checksum: 554656 00af4d733f43a8404b2e62718a4bd341

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_i386.deb
Size/MD5 checksum: 591346 7a9ccd0273005c654f5e78d6ba9d29d6
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_i386.deb
Size/MD5 checksum: 891002 796bbd22c352ec873c9705e560492dbe
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_i386.deb
Size/MD5 checksum: 499796 24e0d7b1284b3d7c3688366e9a8c493e

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_ia64.deb
Size/MD5 checksum: 783482 28568b727f452ef622cb8939618dde23
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_ia64.deb
Size/MD5 checksum: 685370 17507ab3172ad5e1fd88ea05c70f68c4
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_ia64.deb
Size/MD5 checksum: 906848 4561656a5c033c9b647f146a13e79322

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_mips.deb
Size/MD5 checksum: 506502 854cd9c98a5eaf38e3f815fd79d20c9a
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_mips.deb
Size/MD5 checksum: 918546 5307013e962c38b405db7507e251a31d
http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_mips.deb
Size/MD5 checksum: 601610 9fc6640bb08a3af295589b72f6667087

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_mipsel.deb
Size/MD5 checksum: 912794 6024ad0383d9696c727203a0af740630
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_mipsel.deb
Size/MD5 checksum: 504864 ac200b212ed5ed69095b90bba53558f3
http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_mipsel.deb
Size/MD5 checksum: 599656 f32d222728582a36d1a75494d87340af

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_powerpc.deb
Size/MD5 checksum: 732146 445dc7f28c92455ed3293b9b6b795020
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_powerpc.deb
Size/MD5 checksum: 1001328 bca90faf524223bb06bb47774ee7d147
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_powerpc.deb
Size/MD5 checksum: 639750 282ee75ee6b2e2fefcda221fb930bc6b

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_s390.deb
Size/MD5 checksum: 905196 cc484c7b4f807227ff75af729504ca0c
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_s390.deb
Size/MD5 checksum: 537006 3c24b451ae8fdd846d982982fa652535
http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_s390.deb
Size/MD5 checksum: 616620 d9bba18dc19104a06d57403bf93e64a6

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_sparc.deb
Size/MD5 checksum: 843350 99cd0379e8623f3265bbba3eb8578e86
http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_sparc.deb
Size/MD5 checksum: 586408 87cbcdd0fadac9c2d17c71cb5df907f7
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_sparc.deb
Size/MD5 checksum: 498376 a117209c1ed8b9104bee8a154d390fd0


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAktgoccACgkQ62zWxYk/rQdv9gCfUjTdEehRZSMgLqcSEUdOyy2d
XvMAniS7ut9hqsHpASG+55i86DfEQ6wH
=Ph5o
-----END PGP SIGNATURE-----
"

DSA-1972-2: New audiofile packages fix buffer overflowVictoria fumes as David Beckham has his balls grabbed