USN-839-1: Samba vulnerabilities

Posted by Daniela Mehler

"Ubuntu Security Notice USN-839-1 October 01, 2009
samba vulnerabilities
CVE-2009-1886, CVE-2009-1888, CVE-2009-2813, CVE-2009-2906,
CVE-2009-2948
==========================
==========================
=========

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
samba 3.0.22-1ubuntu3.9
smbfs 3.0.22-1ubuntu3.9

Ubuntu 8.04 LTS:
samba 3.0.28a-1ubuntu4.9
smbfs 3.0.28a-1ubuntu4.9

Ubuntu 8.10:
samba 2:3.2.3-1ubuntu3.6
smbclient 2:3.2.3-1ubuntu3.6
smbfs 2:3.2.3-1ubuntu3.6

Ubuntu 9.04:
samba 2:3.3.2-1ubuntu3.2
smbfs 2:3.3.2-1ubuntu3.2

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

J. David Hester discovered that Samba incorrectly handled users that lack
home directories when the automated [homes] share is enabled. An
authenticated user could connect to that share name and gain access to the
whole filesystem. (CVE-2009-2813)

Tim Prouty discovered that the smbd daemon in Samba incorrectly handled
certain unexpected network replies. A remote attacker could send malicious
replies to the server and cause smbd to use all available CPU, leading to a
denial of service. (CVE-2009-2906)

Ronald Volgers discovered that the mount.cifs utility, when installed as a
setuid program, would not verify user permissions before opening a
credentials file. A local user could exploit this to use or read the
contents of unauthorized credential files. (CVE-2009-2948)

Reinhard NiÃŸl discovered that the smbclient utility contained format s=
tring
vulnerabilities in its file name handling. Because of security features in
Ubuntu, exploitation of this vulnerability is limited. If a user or
automated system were tricked into processing a specially crafted file
name, smbclient could be made to crash, possibly leading to a denial of
service. This only affected Ubuntu 8.10. (CVE-2009-1886)

Jeremy Allison discovered that the smbd daemon in Samba incorrectly handled
permissions to modify access control lists when dos filemode is enabled. A
remote attacker could exploit this to modify access control lists. This
only affected Ubuntu 8.10 and Ubuntu 9.04. (CVE-2009-1886)

Updated packages for Ubuntu 6.06 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.22-1ubunt=
u3.9.diff.gz
Size/MD5: 161616 0ad9aaba168245042d1489fdcdd5dc42
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.22-1ubunt=
u3.9.dsc
Size/MD5: 1203 e54ed933c8b093c77b7aecaccc1650ab
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.22.orig.t=
ar.gz
Size/MD5: 17542657 5c39505af17cf5caf3d6ed8bab135036

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-doc-pdf_3.0.2=
2-1ubuntu3.9_all.deb
Size/MD5: 6594720 714f26b307bf9c1d81392ef89dd57420
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-doc_3.0.22-1u=
buntu3.9_all.deb
Size/MD5: 6902292 116d5fcbf539e39460c4de1a03a2e5f1

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.0.=
22-1ubuntu3.9_amd64.deb
Size/MD5: 427020 eac8d7f26dbbe0a51eb6dd2089d5318f
http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.=
0.22-1ubuntu3.9_amd64.deb
Size/MD5: 112902 78153d8ae792d0dad9913142ac80f304
http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.22=
-1ubuntu3.9_amd64.deb
Size/MD5: 798804 51db5cb3445e03ce20bc01df763626f0
http://security.ubuntu.com/ubuntu/pool/main/s/samba/python2.4-samba_3.0=
.22-1ubuntu3.9_amd64.deb
Size/MD5: 5974858 2984a44edeff38950c8b117ee5dfc50d
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.22=
-1ubuntu3.9_amd64.deb
Size/MD5: 2415334 5a7e0073ee7714fa816d528ec7015e98
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.0.22-1u=
buntu3.9_amd64.deb
Size/MD5: 11893670 e9a72bdd6da691c06755694781c28cf0
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.22-1ubunt=
u3.9_amd64.deb
Size/MD5: 3405114 c3db6785e7e379912107194b85a6c4c0
http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.22-1u=
buntu3.9_amd64.deb
Size/MD5: 4042974 5b6d291f233ea349113f188c8b602922
http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.0.22-1ubunt=
u3.9_amd64.deb
Size/MD5: 450162 973bba455c72ac8f68c5266f4f6962c5
http://security.ubuntu.com/ubuntu/pool/main/s/samba/swat_3.0.22-1ubuntu=
3.9_amd64.deb
Size/MD5: 833738 7a32896e5bbbed676eb7d670b7b5c913
http://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.0.22-1ubu=
ntu3.9_amd64.deb
Size/MD5: 1931042 3da6192d4e7d101613c5af8b3d29cddf

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.0.=
22-1ubuntu3.9_i386.deb
Size/MD5: 366694 f14155bac141ad7f941ba03e393c5270
http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.=
0.22-1ubuntu3.9_i386.deb
Size/MD5: 112902 967c4537a0883400f4ee836d32b1acea
http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.22=
-1ubuntu3.9_i386.deb
Size/MD5: 683712 002366bd9b55bd6a9e5b01482a03e532
http://security.ubuntu.com/ubuntu/pool/main/s/samba/python2.4-samba_3.0=
.22-1ubuntu3.9_i386.deb
Size/MD5: 5068740 85a5168913d149757470d9604a132b8c
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.22=
-1ubuntu3.9_i386.deb
Size/MD5: 2078578 5eb6ccc70dc94c0f04879d46d047b52e
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.0.22-1u=
buntu3.9_i386.deb
Size/MD5: 9811828 e6daf862bdf89a5b2ae0e10b6ec7d46b
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.22-1ubunt=
u3.9_i386.deb
Size/MD5: 2852250 ce15a3ffa8bb74c1668e2e84af25f395
http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.22-1u=
buntu3.9_i386.deb
Size/MD5: 3353974 b359d873da6d8f2fbefb017c56a90d69
http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.0.22-1ubunt=
u3.9_i386.deb
Size/MD5: 380190 25564c8fcbe3748d89352c3889224a38
http://security.ubuntu.com/ubuntu/pool/main/s/samba/swat_3.0.22-1ubuntu=
3.9_i386.deb
Size/MD5: 711802 a3ea954b28c3b650e2a48672d6944205
http://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.0.22-1ubu=
ntu3.9_i386.deb
Size/MD5: 1609834 7b3072248ab3b89584205aa234ccf555

powerpc architecture (Apple Macintosh G3/G4/G5):

http://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.0.=
22-1ubuntu3.9_powerpc.deb
Size/MD5: 410852 ef7fe6cfe269a839e44f3cf538d4ae38
http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.=
0.22-1ubuntu3.9_powerpc.deb
Size/MD5: 112916 90aeed1dcdfc40442543b79b4c960027
http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.22=
-1ubuntu3.9_powerpc.deb
Size/MD5: 777048 32b63354cd4ea69407f715a690f51856
http://security.ubuntu.com/ubuntu/pool/main/s/samba/python2.4-samba_3.0=
.22-1ubuntu3.9_powerpc.deb
Size/MD5: 5693046 1903d9ec97fc80bf7ec844f0840b41ed
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.22=
-1ubuntu3.9_powerpc.deb
Size/MD5: 2359372 18c86a2b1c6ab25a370c2cdbd6661ead
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.0.22-1u=
buntu3.9_powerpc.deb
Size/MD5: 11903932 d04b1ea8aee57ae0df5c29756c2c3b5a
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.22-1ubunt=
u3.9_powerpc.deb
Size/MD5: 3334618 7667bd29d3beb55a97e5a3b5577ecd41
http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.22-1u=
buntu3.9_powerpc.deb
Size/MD5: 3942780 9d951c0722867033b8281e1866fcba24
http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.0.22-1ubunt=
u3.9_powerpc.deb
Size/MD5: 443270 b7f93c04656c39aa3dcbafc53ce0fa05
http://security.ubuntu.com/ubuntu/pool/main/s/samba/swat_3.0.22-1ubuntu=
3.9_powerpc.deb
Size/MD5: 814458 10be46698881dd3c2cbc9a55a34d214d
http://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.0.22-1ubu=
ntu3.9_powerpc.deb
Size/MD5: 1873756 4d919e6bf376e316a6195bfe5aae1a97

sparc architecture (Sun SPARC/UltraSPARC):

http://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.0.=
22-1ubuntu3.9_sparc.deb
Size/MD5: 389762 dcc58f618c5dc2199ff041aeedd71d98
http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.=
0.22-1ubuntu3.9_sparc.deb
Size/MD5: 112918 27c0500abe2141de9472fc5dcb379a97
http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.22=
-1ubuntu3.9_sparc.deb
Size/MD5: 730528 fd413b1753a90c741cdbf767cf4c6a4b
http://security.ubuntu.com/ubuntu/pool/main/s/samba/python2.4-samba_3.0=
.22-1ubuntu3.9_sparc.deb
Size/MD5: 5427026 af95ac20b0047a3fd4c640d8536b950a
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.22=
-1ubuntu3.9_sparc.deb
Size/MD5: 2145644 843c984664f3e644252ea6cdfddcb7d4
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.0.22-1u=
buntu3.9_sparc.deb
Size/MD5: 9723658 2639550c026db54b4bc5686e896dd510
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.22-1ubunt=
u3.9_sparc.deb
Size/MD5: 2993030 8260ac9ace47cc8767b6935c2b3ef5ec
http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.22-1u=
buntu3.9_sparc.deb
Size/MD5: 3508094 5c0ac997e1d96052f31b24fd1188a26f
http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.0.22-1ubunt=
u3.9_sparc.deb
Size/MD5: 400114 c4cef7889ece3a02aa7b59dd56b7a544
http://security.ubuntu.com/ubuntu/pool/main/s/samba/swat_3.0.22-1ubuntu=
3.9_sparc.deb
Size/MD5: 737168 42111d78eb3502791890f93c18d9b3bf
http://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.0.22-1ubu=
ntu3.9_sparc.deb
Size/MD5: 1691634 30bf9470299d7414a3874c2a8adae78d

Updated packages for Ubuntu 8.04 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.28a-1ubun=
tu4.9.diff.gz
Size/MD5: 231391 7e2af7f7d745cc77c330ee843679d8ca
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.28a-1ubun=
tu4.9.dsc
Size/MD5: 1586 2e4a432be1d531c58d1c120ffcd3a19c
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.28a.orig.=
tar.gz
Size/MD5: 18172643 59754cb0c19da6e65c42d0a163c5885a

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-doc-pdf_3.0.2=
8a-1ubuntu4.9_all.deb
Size/MD5: 6622338 9380d43f5191a37cb32bcbab1bad7ae6
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-doc_3.0.28a-1=
ubuntu4.9_all.deb
Size/MD5: 7009210 cc331f7f2efb8e800bbb8762b37e25e0

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.0.=
28a-1ubuntu4.9_amd64.deb
Size/MD5: 520546 b4b1240a3ff4d40a83f78a07c443c0f3
http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.=
0.28a-1ubuntu4.9_amd64.deb
Size/MD5: 1292542 3bb97eca27dadd4722adb044a40adee5
http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.28=
a-1ubuntu4.9_amd64.deb
Size/MD5: 967892 bc14c1047fbf66c1925e0c882ba92ee7
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.28=
a-1ubuntu4.9_amd64.deb
Size/MD5: 3058802 f54479769002e9afe5e91ee46ae5ff41
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.0.28a-1=
ubuntu4.9_amd64.deb
Size/MD5: 20893780 4edd6952575bc8c73d1d36d41ecbb479
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.28a-1ubun=
tu4.9_amd64.deb
Size/MD5: 4194456 879f5a1f38a4fe9578a8a0493d522162
http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.28a-1=
ubuntu4.9_amd64.deb
Size/MD5: 5304436 3eb8858a5b14da4623dd48bf10f9fb73
http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.0.28a-1ubun=
tu4.9_amd64.deb
Size/MD5: 430122 fe85b84ec13ae940f9d2768464d709a4
http://security.ubuntu.com/ubuntu/pool/main/s/samba/swat_3.0.28a-1ubunt=
u4.9_amd64.deb
Size/MD5: 1048832 f6895c2fa5b41dbd8eba7d88194abf41
http://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.0.28a-1ub=
untu4.9_amd64.deb
Size/MD5: 2473112 74df91dbdde172e3899b100652695a45

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.0.=
28a-1ubuntu4.9_i386.deb
Size/MD5: 472252 15042a9ebf034ea53ba563c791763385
http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.=
0.28a-1ubuntu4.9_i386.deb
Size/MD5: 1201976 727bb81955ba29c4c41bf874c47d14b1
http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.28=
a-1ubuntu4.9_i386.deb
Size/MD5: 887392 ff28ffd04701e889014f83c492e8a992
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.28=
a-1ubuntu4.9_i386.deb
Size/MD5: 2840618 9bd4fdf53cd7b0b0b3bb4b3ec434fef9
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.0.28a-1=
ubuntu4.9_i386.deb
Size/MD5: 20216796 ced1db63e3cb543459c4cdb7f10a1bdf
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.28a-1ubun=
tu4.9_i386.deb
Size/MD5: 3840538 2cd8ab43090b315d116894170ec96d66
http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.28a-1=
ubuntu4.9_i386.deb
Size/MD5: 4863560 3898e31536f87d7dde65502d17ce05b6
http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.0.28a-1ubun=
tu4.9_i386.deb
Size/MD5: 397132 250691215f69c151186945b5a55b0b98
http://security.ubuntu.com/ubuntu/pool/main/s/samba/swat_3.0.28a-1ubunt=
u4.9_i386.deb
Size/MD5: 974478 dd38262a108a87c928dcc50f3389a3a9
http://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.0.28a-1ub=
untu4.9_i386.deb
Size/MD5: 2248406 896ce555ed798423eeb88fff50eb8b30

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/s/samba/libpam-smbpass_3.0.28a-1ubunt=
u4.9_lpia.deb
Size/MD5: 463234 08b9ee8f8361646792eb439ae045269b
http://ports.ubuntu.com/pool/main/s/samba/libsmbclient-dev_3.0.28a-1ubu=
ntu4.9_lpia.deb
Size/MD5: 1168374 2e2979e9f98c9b5dd73fb6c2da0911df
http://ports.ubuntu.com/pool/main/s/samba/libsmbclient_3.0.28a-1ubuntu4=
.9_lpia.deb
Size/MD5: 864522 130273d8f0f9ad49e0c383ef52fd6e1d
http://ports.ubuntu.com/pool/main/s/samba/samba-common_3.0.28a-1ubuntu4=
.9_lpia.deb
Size/MD5: 2779576 c0d8f3966307a5858d880d033603b3f5
http://ports.ubuntu.com/pool/main/s/samba/samba-dbg_3.0.28a-1ubuntu4.9_=
lpia.deb
Size/MD5: 20585618 d36b13bf28a9a3fc131c0f33b152d47e
http://ports.ubuntu.com/pool/main/s/samba/samba_3.0.28a-1ubuntu4.9_lpia=
.deb
Size/MD5: 3756770 eca1116f745d9766285c0d0a74d5b644
http://ports.ubuntu.com/pool/main/s/samba/smbclient_3.0.28a-1ubuntu4.9_=
lpia.deb
Size/MD5: 4734470 762b151daed66156092d163b0f406c20
http://ports.ubuntu.com/pool/main/s/samba/smbfs_3.0.28a-1ubuntu4.9_lpia=
.deb
Size/MD5: 390026 dbee68f037d577cd5439719c7fb92a41
http://ports.ubuntu.com/pool/main/s/samba/swat_3.0.28a-1ubuntu4.9_lpia.=
deb
Size/MD5: 951286 38e35eeaf91c45ca56565219149abd99
http://ports.ubuntu.com/pool/main/s/samba/winbind_3.0.28a-1ubuntu4.9_lp=
ia.deb
Size/MD5: 2195544 d64ab228f0342e4d67ec3b5f20216018

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/s/samba/libpam-smbpass_3.0.28a-1ubunt=
u4.9_powerpc.deb
Size/MD5: 515832 2ad077d63b6144cf907ab9988baf0139
http://ports.ubuntu.com/pool/main/s/samba/libsmbclient-dev_3.0.28a-1ubu=
ntu4.9_powerpc.deb
Size/MD5: 1200004 bf7ae58acb99cc3db2fab99638c95fa9
http://ports.ubuntu.com/pool/main/s/samba/libsmbclient_3.0.28a-1ubuntu4=
.9_powerpc.deb
Size/MD5: 956626 fda0b121c55858f6b66bcacb2b0461f8
http://ports.ubuntu.com/pool/main/s/samba/samba-common_3.0.28a-1ubuntu4=
.9_powerpc.deb
Size/MD5: 2990960 bcb29d58590b755074a365c552136c0a
http://ports.ubuntu.com/pool/main/s/samba/samba-dbg_3.0.28a-1ubuntu4.9_=
powerpc.deb
Size/MD5: 21182522 2c0803fafa6fbd40aa3e104ba56bbc0d
http://ports.ubuntu.com/pool/main/s/samba/samba_3.0.28a-1ubuntu4.9_powe=
rpc.deb
Size/MD5: 4126290 ccf21a784b39e047c6dc194755fdca7d
http://ports.ubuntu.com/pool/main/s/samba/smbclient_3.0.28a-1ubuntu4.9_=
powerpc.deb
Size/MD5: 5163400 74bd882877f5523cafc680de256290fb
http://ports.ubuntu.com/pool/main/s/samba/smbfs_3.0.28a-1ubuntu4.9_powe=
rpc.deb
Size/MD5: 431514 959ff71f764937096d6f15a655dfaee6
http://ports.ubuntu.com/pool/main/s/samba/swat_3.0.28a-1ubuntu4.9_power=
pc.deb
Size/MD5: 1018106 2b184bd834d898febb1ef227bfd1fb90
http://ports.ubuntu.com/pool/main/s/samba/winbind_3.0.28a-1ubuntu4.9_po=
werpc.deb
Size/MD5: 2420168 d39a44b7f9f8e154ad1c6a7cd7c47744

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/s/samba/libpam-smbpass_3.0.28a-1ubunt=
u4.9_sparc.deb
Size/MD5: 474682 4e2ebf556bf2aebc6ba6451f28c5b880
http://ports.ubuntu.com/pool/main/s/samba/libsmbclient-dev_3.0.28a-1ubu=
ntu4.9_sparc.deb
Size/MD5: 1264254 0e1762140c135589e5a82bb690bd7770
http://ports.ubuntu.com/pool/main/s/samba/libsmbclient_3.0.28a-1ubuntu4=
.9_sparc.deb
Size/MD5: 882412 8923f26cae63e096cbc88e036851486f
http://ports.ubuntu.com/pool/main/s/samba/samba-common_3.0.28a-1ubuntu4=
.9_sparc.deb
Size/MD5: 2780260 1538097139e3853e5123c022bb0b0f1c
http://ports.ubuntu.com/pool/main/s/samba/samba-dbg_3.0.28a-1ubuntu4.9_=
sparc.deb
Size/MD5: 18529580 59a25ca374c053660116dce03011abea
http://ports.ubuntu.com/pool/main/s/samba/samba_3.0.28a-1ubuntu4.9_spar=
c.deb
Size/MD5: 3802920 8fc30eccc623c180c4fc162102867fe1
http://ports.ubuntu.com/pool/main/s/samba/smbclient_3.0.28a-1ubuntu4.9_=
sparc.deb
Size/MD5: 4742870 aa4f92e69ad826b22fa1946e68e987da
http://ports.ubuntu.com/pool/main/s/samba/smbfs_3.0.28a-1ubuntu4.9_spar=
c.deb
Size/MD5: 396682 60fdbb3079527176c177305bb648ca07
http://ports.ubuntu.com/pool/main/s/samba/swat_3.0.28a-1ubuntu4.9_sparc=
.deb
Size/MD5: 948132 18f33ffe44b9d32f4b7cc8d8885b3dc1
http://ports.ubuntu.com/pool/main/s/samba/winbind_3.0.28a-1ubuntu4.9_sp=
arc.deb
Size/MD5: 2217900 bb8577eb34a3226359c58667ec2a9afb

Updated packages for Ubuntu 8.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.2.3-1ubuntu=
3.6.diff.gz
Size/MD5: 236931 4f9651b8fc38ae5775cc57b2d987f44e
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.2.3-1ubuntu=
3.6.dsc
Size/MD5: 1902 f281832cebbef598586013098bd67400
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.2.3.orig.ta=
r.gz
Size/MD5: 23704996 c1630a57ac0ec24bc364c6d11c93ec35

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-doc-pdf_3.2.3=
-1ubuntu3.6_all.deb
Size/MD5: 6261910 503b40ccc2f657eeb7c25bac480c4bf6
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-doc_3.2.3-1ub=
untu3.6_all.deb
Size/MD5: 7955234 412fd71fd346e66011f76a5af0466398

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.2.=
3-1ubuntu3.6_amd64.deb
Size/MD5: 639534 bbbfbbead71027d2419fcb27fba42407
http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.=
2.3-1ubuntu3.6_amd64.deb
Size/MD5: 1969252 a01c75db248048dddac69a59a81c7f89
http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.2.3-=
1ubuntu3.6_amd64.deb
Size/MD5: 1370904 0e1727442db6c636569c25822d1fdbf0
http://security.ubuntu.com/ubuntu/pool/main/s/samba/libwbclient0_3.2.3-=
1ubuntu3.6_amd64.deb
Size/MD5: 89560 6603c0860d68ad2819d718c6d05ec5d4
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.2.3-=
1ubuntu3.6_amd64.deb
Size/MD5: 3817612 7784145651faa822dc74d0976a99338c
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.2.3-1ub=
untu3.6_amd64.deb
Size/MD5: 1994386 6a019c4493229ae31edfea3ee46cb71c
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-tools_3.2.3-1=
ubuntu3.6_amd64.deb
Size/MD5: 5805124 d1c605957d71007be0fda1a15694d518
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.2.3-1ubuntu=
3.6_amd64.deb
Size/MD5: 4909508 1e5b668561555630f24091af0cd6d4e5
http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.2.3-1ub=
untu3.6_amd64.deb
Size/MD5: 7176252 7aa07ad7649a4446681b76847e5f5cb7
http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.2.3-1ubuntu=
3.6_amd64.deb
Size/MD5: 1530810 d6ddcc2f344f71c83f61b9ecb7b0c5a7
http://security.ubuntu.com/ubuntu/pool/main/s/samba/swat_3.2.3-1ubuntu3=
.6_amd64.deb
Size/MD5: 1113428 0379fc7d057771de7b437fecfc7966e6
http://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.2.3-1ubun=
tu3.6_amd64.deb
Size/MD5: 3351366 ee45f0cb769c6c28f8a347d34d338d7e

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.2.=
3-1ubuntu3.6_i386.deb
Size/MD5: 574924 506af0e56dff7d0fe7ab51ab469c47e6
http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.=
2.3-1ubuntu3.6_i386.deb
Size/MD5: 1845352 e6ed7ca7f84020e149e808fe64311cf3
http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.2.3-=
1ubuntu3.6_i386.deb
Size/MD5: 1218372 72aec547fa38b0a064bf0e60466fda42
http://security.ubuntu.com/ubuntu/pool/main/s/samba/libwbclient0_3.2.3-=
1ubuntu3.6_i386.deb
Size/MD5: 88078 ab33ce6e5cefa515a699aca9cdc461e9
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.2.3-=
1ubuntu3.6_i386.deb
Size/MD5: 3461470 17ffeb64ecd64f184e97a943c5eb9e6e
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.2.3-1ub=
untu3.6_i386.deb
Size/MD5: 2078640 3c519d38299e6fdbd07f4f4d72aef95c
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-tools_3.2.3-1=
ubuntu3.6_i386.deb
Size/MD5: 5163590 5222f9aea0fdf9a2acc5d95318948284
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.2.3-1ubuntu=
3.6_i386.deb
Size/MD5: 4369460 34806faae06578a1051d568c5cea17f9
http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.2.3-1ub=
untu3.6_i386.deb
Size/MD5: 6405268 02e19a3061477a8811d8d25709fe53e4
http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.2.3-1ubuntu=
3.6_i386.deb
Size/MD5: 1376806 d13a79928b41c7973a1a0c1ba691a722
http://security.ubuntu.com/ubuntu/pool/main/s/samba/swat_3.2.3-1ubuntu3=
.6_i386.deb
Size/MD5: 1007482 eae4a6678ae8130648a5fb572b0c8998
http://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.2.3-1ubun=
tu3.6_i386.deb
Size/MD5: 2977186 b4ee501767e1e5a49741ccbda78425d0

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/s/samba/libpam-smbpass_3.2.3-1ubuntu3=
.6_lpia.deb
Size/MD5: 554422 ff03551a483e90441db25c4c7692cd95
http://ports.ubuntu.com/pool/main/s/samba/libsmbclient-dev_3.2.3-1ubunt=
u3.6_lpia.deb
Size/MD5: 1769968 6ec919b02183c89b9aa80134249e4b52
http://ports.ubuntu.com/pool/main/s/samba/libsmbclient_3.2.3-1ubuntu3.6=
_lpia.deb
Size/MD5: 1161338 2516d6d888b98b3bd8a3b6d74a5937a6
http://ports.ubuntu.com/pool/main/s/samba/libwbclient0_3.2.3-1ubuntu3.6=
_lpia.deb
Size/MD5: 87506 38b8b5788656a29cb0db8a13cb8b9480
http://ports.ubuntu.com/pool/main/s/samba/samba-common_3.2.3-1ubuntu3.6=
_lpia.deb
Size/MD5: 3330112 84aac2e247aab6dd9efb162409f0aadc
http://ports.ubuntu.com/pool/main/s/samba/samba-dbg_3.2.3-1ubuntu3.6_lp=
ia.deb
Size/MD5: 2071010 56f8a2fbd9e80523ef4912c691676adf
http://ports.ubuntu.com/pool/main/s/samba/samba-tools_3.2.3-1ubuntu3.6_=
lpia.deb
Size/MD5: 4952144 af73024709a58ee64f805f77077d1364
http://ports.ubuntu.com/pool/main/s/samba/samba_3.2.3-1ubuntu3.6_lpia.d=
eb
Size/MD5: 4199086 a1f7386a5d5692d4b1e995ecd8f3bb87
http://ports.ubuntu.com/pool/main/s/samba/smbclient_3.2.3-1ubuntu3.6_lp=
ia.deb
Size/MD5: 6137958 e0a1a5d5aec37facd2c1330cfb56dfd2
http://ports.ubuntu.com/pool/main/s/samba/smbfs_3.2.3-1ubuntu3.6_lpia.d=
eb
Size/MD5: 1318062 bf22cc094c4e89d8770fd845e855a387
http://ports.ubuntu.com/pool/main/s/samba/swat_3.2.3-1ubuntu3.6_lpia.de=
b
Size/MD5: 969198 83f81cfc7d9ee22b599b505ba3ae3f05
http://ports.ubuntu.com/pool/main/s/samba/winbind_3.2.3-1ubuntu3.6_lpia=
.deb
Size/MD5: 2857452 2b48cd916e54e46d5f0452303d3851d3

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/s/samba/libpam-smbpass_3.2.3-1ubuntu3=
.6_powerpc.deb
Size/MD5: 607408 559831ff717451c998e29d4eddb3e034
http://ports.ubuntu.com/pool/main/s/samba/libsmbclient-dev_3.2.3-1ubunt=
u3.6_powerpc.deb
Size/MD5: 1731182 bd5a801be1d73c5ac033548987dde264
http://ports.ubuntu.com/pool/main/s/samba/libsmbclient_3.2.3-1ubuntu3.6=
_powerpc.deb
Size/MD5: 1255860 6efaefbeafe04c3103d84f2c105d1872
http://ports.ubuntu.com/pool/main/s/samba/libwbclient0_3.2.3-1ubuntu3.6=
_powerpc.deb
Size/MD5: 89508 9c3081f940474a1f415678746f6243f6
http://ports.ubuntu.com/pool/main/s/samba/samba-common_3.2.3-1ubuntu3.6=
_powerpc.deb
Size/MD5: 3601302 a0ce49b8f3aab2a28cb22765b063694c
http://ports.ubuntu.com/pool/main/s/samba/samba-dbg_3.2.3-1ubuntu3.6_po=
werpc.deb
Size/MD5: 2059040 92ad3324c83002e8b9783960ea40a036
http://ports.ubuntu.com/pool/main/s/samba/samba-tools_3.2.3-1ubuntu3.6_=
powerpc.deb
Size/MD5: 5477608 0e38befb17ef64fd0ced6d2643dbf8da
http://ports.ubuntu.com/pool/main/s/samba/samba_3.2.3-1ubuntu3.6_powerp=
c.deb
Size/MD5: 4641844 d31adf2bfafb586243e2faf535953e42
http://ports.ubuntu.com/pool/main/s/samba/smbclient_3.2.3-1ubuntu3.6_po=
werpc.deb
Size/MD5: 6659150 956f64674dd5cb7bb3f8bac62895d24d
http://ports.ubuntu.com/pool/main/s/samba/smbfs_3.2.3-1ubuntu3.6_powerp=
c.deb
Size/MD5: 1418796 8df76629fdc1fc014f9abfa1514540cc
http://ports.ubuntu.com/pool/main/s/samba/swat_3.2.3-1ubuntu3.6_powerpc=
.deb
Size/MD5: 1046932 6fdfbbf2b39c0b4962f3831538863e78
http://ports.ubuntu.com/pool/main/s/samba/winbind_3.2.3-1ubuntu3.6_powe=
rpc.deb
Size/MD5: 3124852 6c04f13595d0573d71cde5987ac264dd

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/s/samba/libpam-smbpass_3.2.3-1ubuntu3=
.6_sparc.deb
Size/MD5: 593506 b4870d6be6ef7a61ed6c5a2e4aeae16d
http://ports.ubuntu.com/pool/main/s/samba/libsmbclient-dev_3.2.3-1ubunt=
u3.6_sparc.deb
Size/MD5: 2008990 878258bf3efa14b921dd567103a80deb
http://ports.ubuntu.com/pool/main/s/samba/libsmbclient_3.2.3-1ubuntu3.6=
_sparc.deb
Size/MD5: 1216706 c488460e14273a93f0540c84c3248cee
http://ports.ubuntu.com/pool/main/s/samba/libwbclient0_3.2.3-1ubuntu3.6=
_sparc.deb
Size/MD5: 88094 3a6d77a02f0e6acaba23e4b9549e69b8
http://ports.ubuntu.com/pool/main/s/samba/samba-common_3.2.3-1ubuntu3.6=
_sparc.deb
Size/MD5: 3503522 8ecc0f2c8d5f4cd8e4e0c796ac5722b5
http://ports.ubuntu.com/pool/main/s/samba/samba-dbg_3.2.3-1ubuntu3.6_sp=
arc.deb
Size/MD5: 2008706 4fff798d96bf44cec97af54ca04db241
http://ports.ubuntu.com/pool/main/s/samba/samba-tools_3.2.3-1ubuntu3.6_=
sparc.deb
Size/MD5: 5332248 9d183a23e7fd5f7f3994dcb711a37e97
http://ports.ubuntu.com/pool/main/s/samba/samba_3.2.3-1ubuntu3.6_sparc.=
deb
Size/MD5: 4505892 c62a9e2bc675ce3649466cc130add2fe
http://ports.ubuntu.com/pool/main/s/samba/smbclient_3.2.3-1ubuntu3.6_sp=
arc.deb
Size/MD5: 6450016 54ee993bca2684d4e01b9f6f5a44c85e
http://ports.ubuntu.com/pool/main/s/samba/smbfs_3.2.3-1ubuntu3.6_sparc.=
deb
Size/MD5: 1372100 5aee6497bb5977e8e307157daba0c230
http://ports.ubuntu.com/pool/main/s/samba/swat_3.2.3-1ubuntu3.6_sparc.d=
eb
Size/MD5: 1020422 bfdb2375fc15aef8e2c9fe3a57c1af02
http://ports.ubuntu.com/pool/main/s/samba/winbind_3.2.3-1ubuntu3.6_spar=
c.deb
Size/MD5: 3030996 c0ca89ffac33688bdfe227fe26019fe5

Updated packages for Ubuntu 9.04:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.3.2-1ubuntu=
3.2.diff.gz
Size/MD5: 246744 ae710e82bc844bc0784713c356a65fe0
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.3.2-1ubuntu=
3.2.dsc
Size/MD5: 2101 c340588b3010c9b5a7f33001a653ffb7
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.3.2.orig.ta=
r.gz
Size/MD5: 26058163 5c5178ea2c5d9bd5f6569285f2e0e6d7

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-doc-pdf_3.3.2=
-1ubuntu3.2_all.deb
Size/MD5: 6710652 9d2f3fef5b10b37a00c35671153b3632
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-doc_3.3.2-1ub=
untu3.2_all.deb
Size/MD5: 7994730 28f301eba9f060eea631aff3a1c263c2

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.3.=
2-1ubuntu3.2_amd64.deb
Size/MD5: 646652 2d5d4e46c0aea5af01fe5e9c6bbb9b28
http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.=
3.2-1ubuntu3.2_amd64.deb
Size/MD5: 2163380 c9423c1d10a0c24318882bbf169c824b
http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.3.2-=
1ubuntu3.2_amd64.deb
Size/MD5: 1508304 23c2a769c2998d346a712858cfff8cf9
http://security.ubuntu.com/ubuntu/pool/main/s/samba/libwbclient0_3.3.2-=
1ubuntu3.2_amd64.deb
Size/MD5: 98292 b7c4155820c63d283d503927f9cee94a
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.3.2-=
1ubuntu3.2_amd64.deb
Size/MD5: 4467650 c0b7ef8b7211281f0db3949011abbea1
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.3.2-1ub=
untu3.2_amd64.deb
Size/MD5: 36711768 99fd9b5afc6a4323e86e846cb72136b9
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.3.2-1ubuntu=
3.2_amd64.deb
Size/MD5: 5071440 dc9efb1ace97ea837b6114f0dade6322
http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.3.2-1ub=
untu3.2_amd64.deb
Size/MD5: 9018812 3a5e01312117b39737a09978ba9f9e43
http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.3.2-1ubuntu=
3.2_amd64.deb
Size/MD5: 1688934 59e11957943a573564aa166d4b018d3c
http://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.3.2-1ubun=
tu3.2_amd64.deb
Size/MD5: 3895728 9eb9988344d07744de3eb780b4c42b4a
http://security.ubuntu.com/ubuntu/pool/universe/s/samba/samba-tools_3.3=
.2-1ubuntu3.2_amd64.deb
Size/MD5: 5713268 b9146cd614816390dcae0cc91683221b
http://security.ubuntu.com/ubuntu/pool/universe/s/samba/swat_3.3.2-1ubu=
ntu3.2_amd64.deb
Size/MD5: 1542412 0c67889bbb7e28462b2124440ab654ca

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.3.=
2-1ubuntu3.2_i386.deb
Size/MD5: 582222 0219aff733081399d32448732dd96294
http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.=
3.2-1ubuntu3.2_i386.deb
Size/MD5: 2032960 750ff75ee3478437edf9e1d19e782e27
http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.3.2-=
1ubuntu3.2_i386.deb
Size/MD5: 1347184 3775216596791dc048b765b89abb05b3
http://security.ubuntu.com/ubuntu/pool/main/s/samba/libwbclient0_3.3.2-=
1ubuntu3.2_i386.deb
Size/MD5: 96638 d425c4783b30a1c0ad46407cd1f04dc8
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.3.2-=
1ubuntu3.2_i386.deb
Size/MD5: 4060442 34801ccdac63f1bdf9b10b637b1d4f6e
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.3.2-1ub=
untu3.2_i386.deb
Size/MD5: 34984314 e8551db86917575071e55762d87d3b85
http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.3.2-1ubuntu=
3.2_i386.deb
Size/MD5: 4527948 12e6be455b45d0ce4245ab1105a5f96c
http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.3.2-1ub=
untu3.2_i386.deb
Size/MD5: 8097728 251cc0883c670ee19edf0078a058c852
http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.3.2-1ubuntu=
3.2_i386.deb
Size/MD5: 1521034 e3f8b5995d81ba1f6c968ac32fc0d0be
http://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.3.2-1ubun=
tu3.2_i386.deb
Size/MD5: 3481570 a29f9da468b535c2da5e9923010d1d6d
http://security.ubuntu.com/ubuntu/pool/universe/s/samba/samba-tools_3.3=
.2-1ubuntu3.2_i386.deb
Size/MD5: 5099016 362165caee8cd0bba16258f66c073cc6
http://security.ubuntu.com/ubuntu/pool/universe/s/samba/swat_3.3.2-1ubu=
ntu3.2_i386.deb
Size/MD5: 1400948 84221b1da74bdb5f5787f68de8952355

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/s/samba/libpam-smbpass_3.3.2-1ubuntu3=
.2_lpia.deb
Size/MD5: 560958 962b835eefa46cc6bde4832d0e88121f
http://ports.ubuntu.com/pool/main/s/samba/libsmbclient-dev_3.3.2-1ubunt=
u3.2_lpia.deb
Size/MD5: 1952880 f9f1fb19bb809aaa6d3aad7242a4bb72
http://ports.ubuntu.com/pool/main/s/samba/libsmbclient_3.3.2-1ubuntu3.2=
_lpia.deb
Size/MD5: 1283570 af16ecb6dfd504c40dc56317b34ce9d3
http://ports.ubuntu.com/pool/main/s/samba/libwbclient0_3.3.2-1ubuntu3.2=
_lpia.deb
Size/MD5: 95956 a768287e6b93040ef2cb35ec8e7d7d41
http://ports.ubuntu.com/pool/main/s/samba/samba-common_3.3.2-1ubuntu3.2=
_lpia.deb
Size/MD5: 3904320 fc222ca31831d73c84faa7d1e2490974
http://ports.ubuntu.com/pool/main/s/samba/samba-dbg_3.3.2-1ubuntu3.2_lp=
ia.deb
Size/MD5: 35290838 396e2a07747efbc6823f6eec6f7edd53
http://ports.ubuntu.com/pool/main/s/samba/samba_3.3.2-1ubuntu3.2_lpia.d=
eb
Size/MD5: 4346314 6297c298aed6f3a4de613d54a1dcf749
http://ports.ubuntu.com/pool/main/s/samba/smbclient_3.3.2-1ubuntu3.2_lp=
ia.deb
Size/MD5: 7754410 c48267678450b0603139bc08e1edbbaf
http://ports.ubuntu.com/pool/main/s/samba/smbfs_3.3.2-1ubuntu3.2_lpia.d=
eb
Size/MD5: 1456666 f9b855b88c6a45b04e707a18aa55b9e0
http://ports.ubuntu.com/pool/main/s/samba/winbind_3.3.2-1ubuntu3.2_lpia=
.deb
Size/MD5: 3339424 5ce5bd4288830a8300a44b5c52768cf3
http://ports.ubuntu.com/pool/universe/s/samba/samba-tools_3.3.2-1ubuntu=
3.2_lpia.deb
Size/MD5: 4890862 dd221351f63783646d4e4f22d678c055
http://ports.ubuntu.com/pool/universe/s/samba/swat_3.3.2-1ubuntu3.2_lpi=
a.deb
Size/MD5: 1346736 d51baf9446d9fd010828a0131c1d3267

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/s/samba/libpam-smbpass_3.3.2-1ubuntu3=
.2_powerpc.deb
Size/MD5: 614320 8da8875e3c2226c83ecc5a40d97b2cb2
http://ports.ubuntu.com/pool/main/s/samba/libsmbclient-dev_3.3.2-1ubunt=
u3.2_powerpc.deb
Size/MD5: 1900044 953213cf62382b4b8b3a45d3f7def0ee
http://ports.ubuntu.com/pool/main/s/samba/libsmbclient_3.3.2-1ubuntu3.2=
_powerpc.deb
Size/MD5: 1382664 7c6ed21ea30b0ebcb0462ceb1c3f8e16
http://ports.ubuntu.com/pool/main/s/samba/libwbclient0_3.3.2-1ubuntu3.2=
_powerpc.deb
Size/MD5: 98086 c0f91f3844450ae41d6e3b0115f20591
http://ports.ubuntu.com/pool/main/s/samba/samba-common_3.3.2-1ubuntu3.2=
_powerpc.deb
Size/MD5: 4200232 98576bc60ab7737cb5bb547f29e1a5dc
http://ports.ubuntu.com/pool/main/s/samba/samba-dbg_3.3.2-1ubuntu3.2_po=
werpc.deb
Size/MD5: 35738340 9d638bf8c1ab59847995b9ca2c55d56a
http://ports.ubuntu.com/pool/main/s/samba/samba_3.3.2-1ubuntu3.2_powerp=
c.deb
Size/MD5: 4804652 8a7d4638dac9533316b1f0a020dccd3f
http://ports.ubuntu.com/pool/main/s/samba/smbclient_3.3.2-1ubuntu3.2_po=
werpc.deb
Size/MD5: 8333880 e1b4a75d2ad6a9725584243883312f3e
http://ports.ubuntu.com/pool/main/s/samba/smbfs_3.3.2-1ubuntu3.2_powerp=
c.deb
Size/MD5: 1565914 aac094d4e42580986c2056c2256209c5
http://ports.ubuntu.com/pool/main/s/samba/winbind_3.3.2-1ubuntu3.2_powe=
rpc.deb
Size/MD5: 3630424 7b6143e9fa2e47c716023e3f37d92768
http://ports.ubuntu.com/pool/universe/s/samba/samba-tools_3.3.2-1ubuntu=
3.2_powerpc.deb
Size/MD5: 5398448 60faa062e6ad2f7276f61efa06bca513
http://ports.ubuntu.com/pool/universe/s/samba/swat_3.3.2-1ubuntu3.2_pow=
erpc.deb
Size/MD5: 1436246 32c9c1f616da971f6b149630da05ab30

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/s/samba/libpam-smbpass_3.3.2-1ubuntu3=
.2_sparc.deb
Size/MD5: 600048 2552f5b27c823718c0862c5b76ca9f63
http://ports.ubuntu.com/pool/main/s/samba/libsmbclient-dev_3.3.2-1ubunt=
u3.2_sparc.deb
Size/MD5: 2213024 65ecad7035168477e207bbc5ed1d0c29
http://ports.ubuntu.com/pool/main/s/samba/libsmbclient_3.3.2-1ubuntu3.2=
_sparc.deb
Size/MD5: 1339606 cf15ae0ff3b54429d4f66917b5d406ed
http://ports.ubuntu.com/pool/main/s/samba/libwbclient0_3.3.2-1ubuntu3.2=
_sparc.deb
Size/MD5: 96454 a7c4796444e2146c181a9222c7710970
http://ports.ubuntu.com/pool/main/s/samba/samba-common_3.3.2-1ubuntu3.2=
_sparc.deb
Size/MD5: 4080446 b1728440e3d6a92683d620f398b496c1
http://ports.ubuntu.com/pool/main/s/samba/samba-dbg_3.3.2-1ubuntu3.2_sp=
arc.deb
Size/MD5: 32778340 0ca389ca9b68bf428c7e94ed23603353
http://ports.ubuntu.com/pool/main/s/samba/samba_3.3.2-1ubuntu3.2_sparc.=
deb
Size/MD5: 4657980 997f813c1e1da2decb4c84970c72dd77
http://ports.ubuntu.com/pool/main/s/samba/smbclient_3.3.2-1ubuntu3.2_sp=
arc.deb
Size/MD5: 8060996 ee6756467677a4fc46fab626b8be0396
http://ports.ubuntu.com/pool/main/s/samba/smbfs_3.3.2-1ubuntu3.2_sparc.=
deb
Size/MD5: 1512774 2ea893dd60671f3cac6c24fc42db131f
http://ports.ubuntu.com/pool/main/s/samba/winbind_3.3.2-1ubuntu3.2_spar=
c.deb
Size/MD5: 3513456 2d5d634bd732ee034f0d10239bb26944
http://ports.ubuntu.com/pool/universe/s/samba/samba-tools_3.3.2-1ubuntu=
3.2_sparc.deb
Size/MD5: 5250174 fd91190a66a41ab02deb6741b2035559
http://ports.ubuntu.com/pool/universe/s/samba/swat_3.3.2-1ubuntu3.2_spa=
rc.deb
Size/MD5: 1395758 225e6ebcb5b001906b5014af4a40c3e3

--=-lwsryBXflMHEGhY2R/tl
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEABECAAYFAkrFBdEACgkQLMAs/0C4zNp8uQCcCro0jHCTQ7jAWC0nqJgjUMCw
0XQAn0CcByBz7E5R7W9/6Ruo9bC4qf0h
=Otl3
-----END PGP SIGNATURE-----
"

Rihanna saved millions on new home USN-832-1: FreeRADIUS vulnerability

DSA 1898-1: New openswan packages fix denial of service

Posted by Daniela Mehler

"-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1898-1 security@debian.org
http://www.debian.org/security/ Florian Weimer
October 02, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : openswan
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2009-2185

It was discovered that the pluto daemon in the openswan, an
implementation of IPSEC and IKE, could crash when processing a crafted
X.509 certificate.

For the old stable distribution (etch), this problem has been fixed in
version 2.4.6+dfsg.2-1.1+etch2.

For the stable distribution (lenny), this problem has been fixed in
version 2.4.12+dfsg-1.3+lenny2.

For the unstable distribution (sid), this problem has been fixed in
version 2.6.22+dfsg-1.

We recommend that you upgrade your openswan package.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch
- -------------------------------

Source archives:

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2.orig.tar.gz
Size/MD5 checksum: 3555236 e5ef22979f8a67038f445746fdc7ff38
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2.diff.gz
Size/MD5 checksum: 91729 e7772358f397628f18f8590b2381a360
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2.dsc
Size/MD5 checksum: 879 3210a5ae193686c4f7fcd54c7855d720

Architecture independent packages:

http://security.debian.org/pool/updates/main/o/openswan/openswan-modules-source_2.4.6+dfsg.2-1.1+etch2_all.deb
Size/MD5 checksum: 522838 0368797b593a98c90d6e06cbe6743413
http://security.debian.org/pool/updates/main/o/openswan/linux-patch-openswan_2.4.6+dfsg.2-1.1+etch2_all.deb
Size/MD5 checksum: 599200 1780b2e6a74358d4caf2bde57f3b8f17

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_alpha.deb
Size/MD5 checksum: 1798002 0c82e879ab4437375188a65edc88dc3c

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_amd64.deb
Size/MD5 checksum: 1675158 db6086977260bbb4bb122d1bab3d3af5

arm architecture (ARM)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_arm.deb
Size/MD5 checksum: 1718930 99c1b3db0733aa752802d3bac61dee5a

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_hppa.deb
Size/MD5 checksum: 1771158 7342b46f65862bee24eb47e6d19d3a33

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_i386.deb
Size/MD5 checksum: 1698718 4149cea4bc3176f5882e4c7f84eabf56

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_ia64.deb
Size/MD5 checksum: 1930186 e1026107147145804d91567013b23329

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_mips.deb
Size/MD5 checksum: 1692076 2b7f7d0c3bda2016453e91424c6a483a

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_mipsel.deb
Size/MD5 checksum: 1697442 5ab952bf26a3b392b5c9ef1406a24019

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_powerpc.deb
Size/MD5 checksum: 1667696 e84e9f2d87d6cf1b544e650867877c4e

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_s390.deb
Size/MD5 checksum: 1671262 7d9b4488c61b3261478e4598e2d1cbe9

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_sparc.deb
Size/MD5 checksum: 1689370 f00222a3310c2758204de6ded56cfa4b

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2.dsc
Size/MD5 checksum: 1315 2eb502ff966ff81e9da9930889f6199c
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg.orig.tar.gz
Size/MD5 checksum: 3765276 f753413e9c705dee9a23ab8db6c26ee4
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2.diff.gz
Size/MD5 checksum: 145354 d0ef8b06a64471210268de94f79bfcbe

Architecture independent packages:

http://security.debian.org/pool/updates/main/o/openswan/linux-patch-openswan_2.4.12+dfsg-1.3+lenny2_all.deb
Size/MD5 checksum: 613180 a589be2a64b1715d209f9c28a5654ea6
http://security.debian.org/pool/updates/main/o/openswan/openswan-modules-source_2.4.12+dfsg-1.3+lenny2_all.deb
Size/MD5 checksum: 537728 e0f72fde54078d6fc805fe27f1a4c688

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_alpha.deb
Size/MD5 checksum: 1825688 cecb628caabdc6848734f335e4b14813

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_amd64.deb
Size/MD5 checksum: 1767032 12f084adacc24ebe4f03c6106b6ecc11

arm architecture (ARM)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_arm.deb
Size/MD5 checksum: 1756446 b07bc1876b226a960afcf443cebdf868

armel architecture (ARM EABI)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_armel.deb
Size/MD5 checksum: 1736620 d3f87f7a3756ab47bedeb23cbabc7c29

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_hppa.deb
Size/MD5 checksum: 1805586 c0d564fc0db6241a52bd5e20fadeecb9

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_i386.deb
Size/MD5 checksum: 1722564 6d6f09820c51c80105b83c5369b94815

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_ia64.deb
Size/MD5 checksum: 1964688 ccd9a5a84b6c9517f5cfa65aee91872d

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_mips.deb
Size/MD5 checksum: 1703500 c1570749962f3d983ce6ab3589ed60ae

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_mipsel.deb
Size/MD5 checksum: 1710082 1c220e8c8244141f67ae46267ed89844

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_powerpc.deb
Size/MD5 checksum: 1710982 39f9f36c47954570d88c089ce23d7d32

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_s390.deb
Size/MD5 checksum: 1695204 d6b47d731eddfd3a443aea2c5e233147

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_sparc.deb
Size/MD5 checksum: 1717100 e0c7c8bab8e8da06ad88bfa47431b7b1

These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iQEcBAEBAgAGBQJKxkYEAAoJEL97/wQC1SS+HRgH/jTSulB3tvuBrscF9OO7hCGg
NpEJ7h/T69lQyxUR+H1mgdVNjC9VNXtBkZ81y+RQdK7+Ja8pEoiNEJ7zMeONnkci
rk4ubabYjojZ/0+rSdXl8a6Z9F3gvQuHmvuN/FYAdH48Ln7sU0QPLKlGR9No9Wv3
8hfB5LBSDzSgDQCDJmc4ByZ0dIIBJ/T+Wnhy8GuAs/q9B5MgneHpOCdJjtA6JU53
/F6SQAC1mCGWXmBwZNQUDAOP25XTaPEeWZwDi0ZFmFOXSkcvv/2XM5IlthSywF/P
CFrWG/9cve02An516eMCYHjFXfA4TTzUuJ882oVcQVkgsFboRKIo8ccxmAe/+d4=
=gmpD
-----END PGP SIGNATURE-----
"

DSA 1856-1: New mantis packages fix information leak Rihanna saved millions on new home

RHSA-2009:1470-01 Moderate: openssh security update

Posted by Daniela Mehler

USN-838-1: Dovecot vulnerabilities

Posted by Daniela Mehler

"Ubuntu Security Notice USN-838-1 September 28, 2009
dovecot vulnerabilities
CVE-2008-4577, CVE-2008-5301, CVE-2009-2632, CVE-2009-3235
==========================
==========================
=========

A security issue affects the following Ubuntu releases:

Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.04 LTS:
dovecot-common 1:1.0.10-1ubuntu5.2

Ubuntu 8.10:
dovecot-common 1:1.1.4-0ubuntu1.3

Ubuntu 9.04:
dovecot-common 1:1.1.11-0ubuntu4.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

It was discovered that the ACL plugin in Dovecot would incorrectly handle
negative access rights. An attacker could exploit this flaw to access the
Dovecot server, bypassing the indended access restrictions. This only
affected Ubuntu 8.04 LTS. (CVE-2008-4577)

It was discovered that the ManageSieve service in Dovecot incorrectly
handled ".." in script names. A remote attacker could exploit this to read
and modify arbitrary sieve files on the server. This only affected Ubuntu
8.10. (CVE-2008-5301)

It was discovered that the Sieve plugin in Dovecot incorrectly handled
certain sieve scripts. An authenticated user could exploit this with a
crafted sieve script to cause a denial of service or possibly execute
arbitrary code. (CVE-2009-2632, CVE-2009-3235)

Updated packages for Ubuntu 8.04 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_1.0.10-1u=
buntu5.2.diff.gz
Size/MD5: 407785 8bab610c8eaa3d584251f43f589458ef
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_1.0.10-1u=
buntu5.2.dsc
Size/MD5: 1295 381a3267d0258419fee8f054ee5bcd13
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_1.0.10.or=
ig.tar.gz
Size/MD5: 1797790 c050fa2a7dae8984d432595e3e8183e1

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.=
0.10-1ubuntu5.2_amd64.deb
Size/MD5: 1838902 c0bd69b04f49b20bdbe7e2c830660e04
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-dev_1.0.1=
0-1ubuntu5.2_amd64.deb
Size/MD5: 387834 b6a474d722d36ca98e2790954304d249
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.0=
.10-1ubuntu5.2_amd64.deb
Size/MD5: 662814 ab6309638125fabe5752177671b3f8b3
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.0=
.10-1ubuntu5.2_amd64.deb
Size/MD5: 625852 ce40fd95a9dc4bcc60c1b0c473a5e117

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.=
0.10-1ubuntu5.2_i386.deb
Size/MD5: 1695832 b1c5df762f681ee1c6ab3a9903ff367a
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-dev_1.0.1=
0-1ubuntu5.2_i386.deb
Size/MD5: 387848 d00535e76b28f9622ea77c36c69b808d
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.0=
.10-1ubuntu5.2_i386.deb
Size/MD5: 629748 61cb4fda4aa29fce1bf326522bbb2dda
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.0=
.10-1ubuntu5.2_i386.deb
Size/MD5: 596084 d97fb54aba0f43f014f9e1dfd6404456

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-common_1.0.10-1ubun=
tu5.2_lpia.deb
Size/MD5: 1689932 e20d72de31679d4698caaa2d3fd92ebb
http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-dev_1.0.10-1ubuntu5=
.2_lpia.deb
Size/MD5: 387846 34903b7cdb220e85978c6483c7f09848
http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-imapd_1.0.10-1ubunt=
u5.2_lpia.deb
Size/MD5: 630210 7238a78a55f787251facd75cc3a15539
http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-pop3d_1.0.10-1ubunt=
u5.2_lpia.deb
Size/MD5: 596564 f969a0ee5a2de65dee4e81de9c103622

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-common_1.0.10-1ubun=
tu5.2_powerpc.deb
Size/MD5: 1859284 96619941551bb690e56d6604972370da
http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-dev_1.0.10-1ubuntu5=
.2_powerpc.deb
Size/MD5: 387880 cf175dd90cf5b677f55106c4e680ed9b
http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-imapd_1.0.10-1ubunt=
u5.2_powerpc.deb
Size/MD5: 669752 2b3b052e0d9703b41886c57793e7d1d6
http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-pop3d_1.0.10-1ubunt=
u5.2_powerpc.deb
Size/MD5: 633286 d87398d7e70d3eaf53e2c6fdd8652c5b

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-common_1.0.10-1ubun=
tu5.2_sparc.deb
Size/MD5: 1688040 38f3316086f8e23d3894a3391d5e1a4d
http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-dev_1.0.10-1ubuntu5=
.2_sparc.deb
Size/MD5: 387864 ddb730f73fa997e160fc5cecb33849fa
http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-imapd_1.0.10-1ubunt=
u5.2_sparc.deb
Size/MD5: 626886 6f8101225f556210c487c1b893aa639e
http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-pop3d_1.0.10-1ubunt=
u5.2_sparc.deb
Size/MD5: 593772 ea19773a3574702074ae05e30bdb248a

Updated packages for Ubuntu 8.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_1.1.4-0ub=
untu1.3.diff.gz
Size/MD5: 928070 e0aa195d3428177fe9411548751772bd
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_1.1.4-0ub=
untu1.3.dsc
Size/MD5: 1631 9c08ffd5652cfb1773f44e124d13ca61
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_1.1.4.ori=
g.tar.gz
Size/MD5: 2314155 0050dd609cb456c8e52565a85373df28

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.=
1.4-0ubuntu1.3_amd64.deb
Size/MD5: 3741952 0b0cfe3678735916771b36e5ec160e06
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-dev_1.1.4=
-0ubuntu1.3_amd64.deb
Size/MD5: 550040 1917dfa8998eb7ca66ca3976bda173e1
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.1=
.4-0ubuntu1.3_amd64.deb
Size/MD5: 950536 17d646723188b605fa3a3049498fe4ff
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.1=
.4-0ubuntu1.3_amd64.deb
Size/MD5: 905584 f387f84340a9504321524219474fa147

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.=
1.4-0ubuntu1.3_i386.deb
Size/MD5: 3517356 7e0152635e337f3270880854fd6c9915
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-dev_1.1.4=
-0ubuntu1.3_i386.deb
Size/MD5: 550052 13bf7c6602410ef8f36e12a0ad9acfa2
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.1=
.4-0ubuntu1.3_i386.deb
Size/MD5: 921792 417d56c7b938c795e55f49900e915b3b
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.1=
.4-0ubuntu1.3_i386.deb
Size/MD5: 875792 09ff4ebec07209aa3a6c8e4948a9fdef

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-common_1.1.4-0ubunt=
u1.3_lpia.deb
Size/MD5: 3462178 1069f6a2dba50c0ca051f6729d5b690c
http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-dev_1.1.4-0ubuntu1.=
3_lpia.deb
Size/MD5: 550044 ff2f07f9bf2e2790dfa3a0bb179f9818
http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-imapd_1.1.4-0ubuntu=
1.3_lpia.deb
Size/MD5: 913898 a9b186e1376c95035149e03cb6304f06
http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-pop3d_1.1.4-0ubuntu=
1.3_lpia.deb
Size/MD5: 869782 3100c863e91d39871bbef95eb90fc5d2

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-common_1.1.4-0ubunt=
u1.3_powerpc.deb
Size/MD5: 3809458 549f771da3cc47778cf39cd136fb31ea
http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-dev_1.1.4-0ubuntu1.=
3_powerpc.deb
Size/MD5: 550068 a7684b6f8de2bdc0779e3f1909a71ddd
http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-imapd_1.1.4-0ubuntu=
1.3_powerpc.deb
Size/MD5: 967808 ac60bc51b60709e87c16e1a89b4d86a4
http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-pop3d_1.1.4-0ubuntu=
1.3_powerpc.deb
Size/MD5: 917878 1a97248a18f853868f79a647baddadf9

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-common_1.1.4-0ubunt=
u1.3_sparc.deb
Size/MD5: 3504892 2f9769dba2217da279734406fc4f7598
http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-dev_1.1.4-0ubuntu1.=
3_sparc.deb
Size/MD5: 550104 785e41269e14f2dc8259b4c50d7521f5
http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-imapd_1.1.4-0ubuntu=
1.3_sparc.deb
Size/MD5: 919240 32d5e97daaac4a485a73e1c2deb4b12a
http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-pop3d_1.1.4-0ubuntu=
1.3_sparc.deb
Size/MD5: 872784 ba89567df97c5852802dee8664592440

Updated packages for Ubuntu 9.04:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_1.1.11-0u=
buntu4.1.diff.gz
Size/MD5: 933389 e69b949ee26b6f2d59549c14f473ff36
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_1.1.11-0u=
buntu4.1.dsc
Size/MD5: 1655 55553d872f13646ee67923675ba5aeca
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_1.1.11.or=
ig.tar.gz
Size/MD5: 2362415 c973eb41aca79fb16630a16f0d84f765

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-postfix_1=
.1.11-0ubuntu4.1_all.deb
Size/MD5: 22572 dc5219ed120e1541596d327ea3c5bb25

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.=
1.11-0ubuntu4.1_amd64.deb
Size/MD5: 3708084 016223dc6893ecf7e87d269f49125e58
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-dev_1.1.1=
1-0ubuntu4.1_amd64.deb
Size/MD5: 565074 1d847edeba4f72d6bc849af74facb327
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.1=
.11-0ubuntu4.1_amd64.deb
Size/MD5: 969828 7f4fae28f42007ddc221cb17a4698b46
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.1=
.11-0ubuntu4.1_amd64.deb
Size/MD5: 925688 079c721b1076d1e0fbe207250acaac2f

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.=
1.11-0ubuntu4.1_i386.deb
Size/MD5: 3489560 4891c8aaa08191613a910abca4004807
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-dev_1.1.1=
1-0ubuntu4.1_i386.deb
Size/MD5: 565088 205baabd1480d8dc192ad8664806d79f
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.1=
.11-0ubuntu4.1_i386.deb
Size/MD5: 939976 51b85c21d6985a0179ae400f150bbc43
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.1=
.11-0ubuntu4.1_i386.deb
Size/MD5: 896494 c509b3e8e4f33a7b89b09fe898aa0a26

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-common_1.1.11-0ubun=
tu4.1_lpia.deb
Size/MD5: 3438158 00fd839575485921909b33205279f434
http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-dev_1.1.11-0ubuntu4=
.1_lpia.deb
Size/MD5: 565062 3f97b5355509275f1e895a2f8f2548b1
http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-imapd_1.1.11-0ubunt=
u4.1_lpia.deb
Size/MD5: 932192 69836d9eb88460c42f5fdea61a6e70aa
http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-pop3d_1.1.11-0ubunt=
u4.1_lpia.deb
Size/MD5: 890114 c23e4311d013a7416392a2c2c28c2144

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-common_1.1.11-0ubun=
tu4.1_powerpc.deb
Size/MD5: 3780660 bab41c6fcbcdf7e2f39d32f27e090ec3
http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-dev_1.1.11-0ubuntu4=
.1_powerpc.deb
Size/MD5: 565124 b3d5cc8886c6be0b4c538c3204cb6cef
http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-imapd_1.1.11-0ubunt=
u4.1_powerpc.deb
Size/MD5: 987250 7a018b6c36747bde9d1cff6eb79a7a5d
http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-pop3d_1.1.11-0ubunt=
u4.1_powerpc.deb
Size/MD5: 938730 c3a8c128308f0b1212300a0a2121ca43

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-common_1.1.11-0ubun=
tu4.1_sparc.deb
Size/MD5: 3473282 d20e674b6c5fff91f20a75182b836664
http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-dev_1.1.11-0ubuntu4=
.1_sparc.deb
Size/MD5: 565124 d9abbe6098367fbdb0cb75c58197edab
http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-imapd_1.1.11-0ubunt=
u4.1_sparc.deb
Size/MD5: 936990 62c55214cbb59c52e6df64a599135b28
http://ports.ubuntu.com/pool/main/d/dovecot/dovecot-pop3d_1.1.11-0ubunt=
u4.1_sparc.deb
Size/MD5: 893462 c613a178367b122aa0a4ef525f9f55e8

--=-Xr4eQRjW8uxm45GWBwNb
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEABECAAYFAkrAuO4ACgkQLMAs/0C4zNpoEQCfdAfv4xoCPFGk7Og7CL1dqMOu
hFYAnAzOkuBvL4gbQ8u0PPikbff/vIw6
=eqDW
-----END PGP SIGNATURE-----
"

USN-832-1: FreeRADIUS vulnerability Rihanna saved millions on new home

RHSA-2009:1472-01 Moderate: xen security and bug fix update

Posted by Daniela Mehler

RHSA-2009:1469-01 Important: kernel security update

Posted by Daniela Mehler

"-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
Red Hat Security Advisory

Synopsis: Important: kernel security update
Advisory ID: RHSA-2009:1469-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1469.html
Issue date: 2009-09-30
CVE Names: CVE-2009-1389 CVE-2009-2692 CVE-2009-2698
=====================================================================

1. Summary:

Updated kernel packages that fix several security issues are now available
for Red Hat Enterprise Linux 4.7 Extended Update Support.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4.7.z - i386, ia64, noarch, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux ES version 4.7.z - i386, ia64, noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

* Michael Tokarev reported a flaw in the Realtek r8169 Ethernet driver in
the Linux kernel. This driver allowed interfaces using this driver to
receive frames larger than what could be handled. This could lead to a
remote denial of service or code execution. (CVE-2009-1389, Important)

* Tavis Ormandy and Julien Tinnes of the Google Security Team reported a
flaw in the SOCKOPS_WRAP macro in the Linux kernel. This macro did not
initialize the sendpage operation in the proto_ops structure correctly. A
local, unprivileged user could use this flaw to cause a local denial of
service or escalate their privileges. (CVE-2009-2692, Important)

* Tavis Ormandy and Julien Tinnes of the Google Security Team reported a
flaw in the udp_sendmsg() implementation in the Linux kernel when using the
MSG_MORE flag on UDP sockets. A local, unprivileged user could use this
flaw to cause a local denial of service or escalate their privileges.
(CVE-2009-2698, Important)

Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

504726 - CVE-2009-1389 kernel: r8169: fix crash when large packets are received
516949 - CVE-2009-2692 kernel: uninit op in SOCKOPS_WRAP() leads to privesc
518034 - CVE-2009-2698 kernel: udp socket NULL ptr dereference

6. Package List:

Red Hat Enterprise Linux AS version 4.7.z:

i386:
kernel-2.6.9-78.0.27.EL.i686.rpm
kernel-debuginfo-2.6.9-78.0.27.EL.i686.rpm
kernel-devel-2.6.9-78.0.27.EL.i686.rpm
kernel-hugemem-2.6.9-78.0.27.EL.i686.rpm
kernel-hugemem-devel-2.6.9-78.0.27.EL.i686.rpm
kernel-smp-2.6.9-78.0.27.EL.i686.rpm
kernel-smp-devel-2.6.9-78.0.27.EL.i686.rpm
kernel-xenU-2.6.9-78.0.27.EL.i686.rpm
kernel-xenU-devel-2.6.9-78.0.27.EL.i686.rpm

ia64:
kernel-2.6.9-78.0.27.EL.ia64.rpm
kernel-debuginfo-2.6.9-78.0.27.EL.ia64.rpm
kernel-devel-2.6.9-78.0.27.EL.ia64.rpm
kernel-largesmp-2.6.9-78.0.27.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-78.0.27.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-78.0.27.EL.noarch.rpm

ppc:
kernel-2.6.9-78.0.27.EL.ppc64.rpm
kernel-2.6.9-78.0.27.EL.ppc64iseries.rpm
kernel-debuginfo-2.6.9-78.0.27.EL.ppc64.rpm
kernel-debuginfo-2.6.9-78.0.27.EL.ppc64iseries.rpm
kernel-devel-2.6.9-78.0.27.EL.ppc64.rpm
kernel-devel-2.6.9-78.0.27.EL.ppc64iseries.rpm
kernel-largesmp-2.6.9-78.0.27.EL.ppc64.rpm
kernel-largesmp-devel-2.6.9-78.0.27.EL.ppc64.rpm

s390:
kernel-2.6.9-78.0.27.EL.s390.rpm
kernel-debuginfo-2.6.9-78.0.27.EL.s390.rpm
kernel-devel-2.6.9-78.0.27.EL.s390.rpm

s390x:
kernel-2.6.9-78.0.27.EL.s390x.rpm
kernel-debuginfo-2.6.9-78.0.27.EL.s390x.rpm
kernel-devel-2.6.9-78.0.27.EL.s390x.rpm

x86_64:
kernel-2.6.9-78.0.27.EL.x86_64.rpm
kernel-debuginfo-2.6.9-78.0.27.EL.x86_64.rpm
kernel-devel-2.6.9-78.0.27.EL.x86_64.rpm
kernel-largesmp-2.6.9-78.0.27.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-78.0.27.EL.x86_64.rpm
kernel-smp-2.6.9-78.0.27.EL.x86_64.rpm
kernel-smp-devel-2.6.9-78.0.27.EL.x86_64.rpm
kernel-xenU-2.6.9-78.0.27.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-78.0.27.EL.x86_64.rpm

Red Hat Enterprise Linux ES version 4.7.z:

i386:
kernel-2.6.9-78.0.27.EL.i686.rpm
kernel-debuginfo-2.6.9-78.0.27.EL.i686.rpm
kernel-devel-2.6.9-78.0.27.EL.i686.rpm
kernel-hugemem-2.6.9-78.0.27.EL.i686.rpm
kernel-hugemem-devel-2.6.9-78.0.27.EL.i686.rpm
kernel-smp-2.6.9-78.0.27.EL.i686.rpm
kernel-smp-devel-2.6.9-78.0.27.EL.i686.rpm
kernel-xenU-2.6.9-78.0.27.EL.i686.rpm
kernel-xenU-devel-2.6.9-78.0.27.EL.i686.rpm

ia64:
kernel-2.6.9-78.0.27.EL.ia64.rpm
kernel-debuginfo-2.6.9-78.0.27.EL.ia64.rpm
kernel-devel-2.6.9-78.0.27.EL.ia64.rpm
kernel-largesmp-2.6.9-78.0.27.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-78.0.27.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-78.0.27.EL.noarch.rpm

x86_64:
kernel-2.6.9-78.0.27.EL.x86_64.rpm
kernel-debuginfo-2.6.9-78.0.27.EL.x86_64.rpm
kernel-devel-2.6.9-78.0.27.EL.x86_64.rpm
kernel-largesmp-2.6.9-78.0.27.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-78.0.27.EL.x86_64.rpm
kernel-smp-2.6.9-78.0.27.EL.x86_64.rpm
kernel-smp-devel-2.6.9-78.0.27.EL.x86_64.rpm
kernel-xenU-2.6.9-78.0.27.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-78.0.27.EL.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1389
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2692
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2698
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2009 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFKw3KcXlSAg2UNWIIRAmeQAJ4yc4vES764z91zXBVObNdAPdzY3ACdEaCF
gG0/tU4VWhdHtBdx5Fcq7E8=
=vDbq
-----END PGP SIGNATURE-----
"

Jackson’s sperm flown to London RHSA-2009:1223-02 Important: kernel security update

RHSA-2009:1455-01 Moderate: kernel security and bug fix update

Posted by Daniela Mehler

"-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
Red Hat Security Advisory

Synopsis: Moderate: kernel security and bug fix update
Advisory ID: RHSA-2009:1455-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1455.html
Issue date: 2009-09-29
CVE Names: CVE-2009-2849
=====================================================================

1. Summary:

Updated kernel packages that fix one security issue and several bugs are
now available for Red Hat Enterprise Linux 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security fix:

* a NULL pointer dereference flaw was found in the Multiple Devices (md)
driver in the Linux kernel. If the "suspend_lo" or "suspend_hi" file on the
sysfs file system ("/sys/") is modified when the disk array is inactive, it
could lead to a local denial of service or privilege escalation. Note: By
default, only the root user can write to the files mentioned above.
(CVE-2009-2849, Moderate)

Bug fixes:

* a bug in nlm_lookup_host() could lead to un-reclaimed locks on file
systems, resulting in umount failing and NFS service relocation issues for
clusters. (BZ#517967)

* a bug in the sky2 driver prevented the phy from being reset properly on
some hardware when it hanged, preventing a link from coming back up.
(BZ#517976)

* disabling MSI-X for qla2xxx also disabled MSI interrupts. (BZ#519782)

* performance issues with reads when using the qlge driver on PowerPC
systems. A system hang could also occur during reboot. (BZ#519783)

* unreliable time keeping for Red Hat Enterprise Linux virtual machines.
The KVM pvclock code is now used to detect/correct lost ticks. (BZ#520685)

* /proc/cpuinfo was missing flags for new features in supported processors,
possibly preventing the operating system and applications from getting the
best performance. (BZ#520686)

* reading/writing with a serial loopback device on a certain IBM system did
not work unless booted with "pnpacpi=off". (BZ#520905)

* mlx4_core failed to load on systems with more than 32 CPUs. (BZ#520906)

* on big-endian platforms, interfaces using the mlx4_en driver and Large
Receive Offload (LRO) did not handle VLAN traffic properly (a segmentation
fault in the VLAN stack in the kernel occurred). (BZ#520908)

* due to a lock being held for a long time, some systems may have
experienced "BUG: soft lockup" messages under very heavy load. (BZ#520919)

* incorrect APIC timer calibration may have caused a system hang during
boot, as well as the system time becoming faster or slower. A warning is
now provided. (BZ#521238)

* a Fibre Channel device re-scan via 'echo "---" > /sys/class/scsi_host/
host[x]/scan' may not complete after hot adding a drive, leading to soft
lockups ("BUG: soft lockup detected"). (BZ#521239)

* the Broadcom BCM5761 network device was unable to be initialized
properly; therefore, the associated interface could not obtain an IP
address via DHCP, or be assigned one manually. (BZ#521241)

* when a process attempted to read from a page that had first been
accessed by writing to part of it (via write(2)), the NFS client needed to
flush the modified portion of the page out to the server, and then read
the entire page back in. This flush caused performance issues. (BZ#521244)

* a kernel panic when using bnx2x devices and LRO in a bridge. A warning is
now provided to disable LRO in these situations. (BZ#522636)

* the scsi_dh_rdac driver was updated to recognize the Sun StorageTek
Flexline 380. (BZ#523237)

* in FIPS mode, random number generators are required to not return the
first block of random data they generate, but rather save it to seed the
repetition check. This update brings the random number generator into
conformance. (BZ#523289)

* an option to disable/enable the use of the first random block is now
provided to bring ansi_cprng into compliance with FIPS-140 continuous test
requirements. (BZ#523290)

* running the SAP Linux Certification Suite in a KVM guest caused severe
SAP kernel errors, causing it to exit. (BZ#524150)

* attempting to 'online' a CPU for a KVM guest via sysfs caused a system
crash. (BZ#524151)

* when using KVM, pvclock returned bogus wallclock values. (BZ#524152)

* the clock could go backwards when using the vsyscall infrastructure.
(BZ#524527)

Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

517967 - Bug in lockd prevents a locks being freed. [rhel-5.4.z]
517976 - [RHEL 5] sky2 eth0: receiver hang detected [rhel-5.4.z]
518132 - CVE-2009-2849 kernel: md: NULL pointer deref when accessing suspend_* sysfs attributes
519782 - [QLogic 5.5 bug] qla2xxx - allow use of MSI when MSI-X disabled. [rhel-5.4.z]
519783 - [QLogic 5.5 bug] qlge - fix hangs and read perfromance [rhel-5.4.z]
520685 - use KVM pvclock code to detect/correct lost ticks [rhel-5.4.z]
520686 - bare-metal and xen: /proc/cpuinfo does not list all CPU flags presented by CPU [rhel-5.4.z]
520905 - Serial ports don't function on 4838-310 without pnpacpi=off boot option [rhel-5.4.z]
520906 - mlx4_core fails to load on systems with32 cores [rhel-5.4.z]
520908 - TCP traffic for VLAN interfaces fails over mlx4_en parent interface. [rhel-5.4.z]
520919 - BUG: soft lockup - CPU#5 stuck for 10s at .context_struct_compute_av+0x214/0x39c [rhel-5.4.z]
521238 - [RHEL 5] Hang on boot due to wrong APIC timer calibration [rhel-5.4.z]
521239 - scsi_transport_fc: fc_user_scan can loop forever, needs mutex with rport list changes [rhel-5.4.z]
521241 - 5.4 alpha: Broadcom 5761 NIC does not work [rhel-5.4.z]
521244 - Read/Write NFS I/O performance degraded by FLUSH_STABLE page flushing [rhel-5.4.z]
522636 - bridge: Fix LRO crash with tun (tun_chr_read()) [rhel-5.4.z]
523237 - Add kernel (scsi_dh_rdac) support for Sun 6540 storage arrays. [rhel-5.4.z]
523289 - [FIP140-2] the first n- bit block generated after power-up, initialization, or reset shall not be used [rhel-5.4.z]
523290 - [FIPS140-2] Provide option to disable/enable use of the first random block [rhel-5.4.z]
524150 - Can't override KVM clock in a KVM guest with -165 kernel to triage SAP DB create failure [rhel-5.4.z]
524151 - cpu1 didn't come online in a kvm i686 guest [rhel-5.4.z]
524152 - pvclock return bogus wallclock values [rhel-5.4.z]
524527 - RHEV : SAP SLCS 2.3 fails during install/import in a RHEV-H/KVM guest with PV KVM clock [rhel-5.4.z]

6. Package List:

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-164.2.1.el5.src.rpm

i386:
kernel-2.6.18-164.2.1.el5.i686.rpm
kernel-PAE-2.6.18-164.2.1.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-164.2.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-164.2.1.el5.i686.rpm
kernel-debug-2.6.18-164.2.1.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-164.2.1.el5.i686.rpm
kernel-debug-devel-2.6.18-164.2.1.el5.i686.rpm
kernel-debuginfo-2.6.18-164.2.1.el5.i686.rpm
kernel-debuginfo-common-2.6.18-164.2.1.el5.i686.rpm
kernel-devel-2.6.18-164.2.1.el5.i686.rpm
kernel-headers-2.6.18-164.2.1.el5.i386.rpm
kernel-xen-2.6.18-164.2.1.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-164.2.1.el5.i686.rpm
kernel-xen-devel-2.6.18-164.2.1.el5.i686.rpm

noarch:
kernel-doc-2.6.18-164.2.1.el5.noarch.rpm

x86_64:
kernel-2.6.18-164.2.1.el5.x86_64.rpm
kernel-debug-2.6.18-164.2.1.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-164.2.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-164.2.1.el5.x86_64.rpm
kernel-debuginfo-2.6.18-164.2.1.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-164.2.1.el5.x86_64.rpm
kernel-devel-2.6.18-164.2.1.el5.x86_64.rpm
kernel-headers-2.6.18-164.2.1.el5.x86_64.rpm
kernel-xen-2.6.18-164.2.1.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-164.2.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-164.2.1.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-164.2.1.el5.src.rpm

i386:
kernel-2.6.18-164.2.1.el5.i686.rpm
kernel-PAE-2.6.18-164.2.1.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-164.2.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-164.2.1.el5.i686.rpm
kernel-debug-2.6.18-164.2.1.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-164.2.1.el5.i686.rpm
kernel-debug-devel-2.6.18-164.2.1.el5.i686.rpm
kernel-debuginfo-2.6.18-164.2.1.el5.i686.rpm
kernel-debuginfo-common-2.6.18-164.2.1.el5.i686.rpm
kernel-devel-2.6.18-164.2.1.el5.i686.rpm
kernel-headers-2.6.18-164.2.1.el5.i386.rpm
kernel-xen-2.6.18-164.2.1.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-164.2.1.el5.i686.rpm
kernel-xen-devel-2.6.18-164.2.1.el5.i686.rpm

ia64:
kernel-2.6.18-164.2.1.el5.ia64.rpm
kernel-debug-2.6.18-164.2.1.el5.ia64.rpm
kernel-debug-debuginfo-2.6.18-164.2.1.el5.ia64.rpm
kernel-debug-devel-2.6.18-164.2.1.el5.ia64.rpm
kernel-debuginfo-2.6.18-164.2.1.el5.ia64.rpm
kernel-debuginfo-common-2.6.18-164.2.1.el5.ia64.rpm
kernel-devel-2.6.18-164.2.1.el5.ia64.rpm
kernel-headers-2.6.18-164.2.1.el5.ia64.rpm
kernel-xen-2.6.18-164.2.1.el5.ia64.rpm
kernel-xen-debuginfo-2.6.18-164.2.1.el5.ia64.rpm
kernel-xen-devel-2.6.18-164.2.1.el5.ia64.rpm

noarch:
kernel-doc-2.6.18-164.2.1.el5.noarch.rpm

ppc:
kernel-2.6.18-164.2.1.el5.ppc64.rpm
kernel-debug-2.6.18-164.2.1.el5.ppc64.rpm
kernel-debug-debuginfo-2.6.18-164.2.1.el5.ppc64.rpm
kernel-debug-devel-2.6.18-164.2.1.el5.ppc64.rpm
kernel-debuginfo-2.6.18-164.2.1.el5.ppc64.rpm
kernel-debuginfo-common-2.6.18-164.2.1.el5.ppc64.rpm
kernel-devel-2.6.18-164.2.1.el5.ppc64.rpm
kernel-headers-2.6.18-164.2.1.el5.ppc.rpm
kernel-headers-2.6.18-164.2.1.el5.ppc64.rpm
kernel-kdump-2.6.18-164.2.1.el5.ppc64.rpm
kernel-kdump-debuginfo-2.6.18-164.2.1.el5.ppc64.rpm
kernel-kdump-devel-2.6.18-164.2.1.el5.ppc64.rpm

s390x:
kernel-2.6.18-164.2.1.el5.s390x.rpm
kernel-debug-2.6.18-164.2.1.el5.s390x.rpm
kernel-debug-debuginfo-2.6.18-164.2.1.el5.s390x.rpm
kernel-debug-devel-2.6.18-164.2.1.el5.s390x.rpm
kernel-debuginfo-2.6.18-164.2.1.el5.s390x.rpm
kernel-debuginfo-common-2.6.18-164.2.1.el5.s390x.rpm
kernel-devel-2.6.18-164.2.1.el5.s390x.rpm
kernel-headers-2.6.18-164.2.1.el5.s390x.rpm
kernel-kdump-2.6.18-164.2.1.el5.s390x.rpm
kernel-kdump-debuginfo-2.6.18-164.2.1.el5.s390x.rpm
kernel-kdump-devel-2.6.18-164.2.1.el5.s390x.rpm

x86_64:
kernel-2.6.18-164.2.1.el5.x86_64.rpm
kernel-debug-2.6.18-164.2.1.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-164.2.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-164.2.1.el5.x86_64.rpm
kernel-debuginfo-2.6.18-164.2.1.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-164.2.1.el5.x86_64.rpm
kernel-devel-2.6.18-164.2.1.el5.x86_64.rpm
kernel-headers-2.6.18-164.2.1.el5.x86_64.rpm
kernel-xen-2.6.18-164.2.1.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-164.2.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-164.2.1.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2849
http://www.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is . More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2009 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFKwmRPXlSAg2UNWIIRApiJAJ0ZsswUu9VyoFsWGKDxEL+1NAuTFgCfbTvI
KAiY3cGhmT9HvYtXJ0Zz6wE=
=aLny
-----END PGP SIGNATURE-----
"

RHSA-2009:1222-02 Important: kernel security and bug fix update

Linux More

USN-839-1: Samba vulnerabilities

DSA 1898-1: New openswan packages fix denial of service

RHSA-2009:1470-01 Moderate: openssh security update

USN-838-1: Dovecot vulnerabilities

RHSA-2009:1472-01 Moderate: xen security and bug fix update

RHSA-2009:1469-01 Important: kernel security update

RHSA-2009:1455-01 Moderate: kernel security and bug fix update

Archives