"Ubuntu Security Notice USN-837-1 September 24, 2009
newt vulnerability
CVE-2009-2905
==========================
==========================
=========
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
libnewt0.51 0.51.6-31ubuntu1.1
Ubuntu 8.04 LTS:
libnewt0.52 0.52.2-11.2ubuntu1.1
Ubuntu 8.10:
libnewt0.52 0.52.2-11.3ubuntu1.1
Ubuntu 9.04:
libnewt0.52 0.52.2-11.3ubuntu3.1
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
Miroslav Lichvar discovered that Newt incorrectly handled rendering in a
text box. An attacker could exploit this and cause a denial of service or
possibly execute arbitrary code with the privileges of the user invoking
the program.
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/n/newt/newt_0.51.6-31ubuntu=
1.1.diff.gz
Size/MD5: 114787 b900117e313946614c3417ee02a3d5e0
http://security.ubuntu.com/ubuntu/pool/main/n/newt/newt_0.51.6-31ubuntu=
1.1.dsc
Size/MD5: 786 cf4cf63740fabb44e914126be6ae4eb8
http://security.ubuntu.com/ubuntu/pool/main/n/newt/newt_0.51.6.orig.tar=
.gz
Size/MD5: 150936 880be915fc69e0f91e701a1a8e5be391
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/n/newt/libnewt-dev_0.51.6-3=
1ubuntu1.1_amd64.deb
Size/MD5: 87860 01a1836da52cb29b6aa1551a6eaf31c5
http://security.ubuntu.com/ubuntu/pool/main/n/newt/libnewt-pic_0.51.6-3=
1ubuntu1.1_amd64.deb
Size/MD5: 60594 48494b8f8f4e15024be3376285631187
http://security.ubuntu.com/ubuntu/pool/main/n/newt/libnewt0.51_0.51.6-3=
1ubuntu1.1_amd64.deb
Size/MD5: 56714 e6d3c3f318bb445daf1d0ff0f3f696fc
http://security.ubuntu.com/ubuntu/pool/main/n/newt/python-newt_0.51.6-3=
1ubuntu1.1_amd64.deb
Size/MD5: 38242 3acf407ba71871dce8776e61916fe0ed
http://security.ubuntu.com/ubuntu/pool/main/n/newt/whiptail_0.51.6-31ub=
untu1.1_amd64.deb
Size/MD5: 34092 bf29fd3f6a8cfe0dfdf1b9eca93b2158
http://security.ubuntu.com/ubuntu/pool/universe/n/newt/newt-tcl_0.51.6-=
31ubuntu1.1_amd64.deb
Size/MD5: 28414 684275c14129a0b176ac5d8c9d8c89bb
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/n/newt/libnewt-dev_0.51.6-3=
1ubuntu1.1_i386.deb
Size/MD5: 82044 35a09f0a8c2499d8e5076c5d2ae2c605
http://security.ubuntu.com/ubuntu/pool/main/n/newt/libnewt-pic_0.51.6-3=
1ubuntu1.1_i386.deb
Size/MD5: 54596 b5e8eb316307a5f894726c614f1ef4d8
http://security.ubuntu.com/ubuntu/pool/main/n/newt/libnewt0.51_0.51.6-3=
1ubuntu1.1_i386.deb
Size/MD5: 51330 191f7347df5025c6dbfa230f4b407b11
http://security.ubuntu.com/ubuntu/pool/main/n/newt/python-newt_0.51.6-3=
1ubuntu1.1_i386.deb
Size/MD5: 36170 f6659e2365993fb6049c7b8d3842582d
http://security.ubuntu.com/ubuntu/pool/main/n/newt/whiptail_0.51.6-31ub=
untu1.1_i386.deb
Size/MD5: 33134 80622a5dcd63c244c0d708acd81f5535
http://security.ubuntu.com/ubuntu/pool/universe/n/newt/newt-tcl_0.51.6-=
31ubuntu1.1_i386.deb
Size/MD5: 27492 480416dbc7c7bd3650a44ef8e5550a5f
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/n/newt/libnewt-dev_0.51.6-3=
1ubuntu1.1_powerpc.deb
Size/MD5: 86018 679208ef38df5a54acc2dfe56dbb0e6a
http://security.ubuntu.com/ubuntu/pool/main/n/newt/libnewt-pic_0.51.6-3=
1ubuntu1.1_powerpc.deb
Size/MD5: 58976 04412f48c70c79d650aec940d0dc0ea1
http://security.ubuntu.com/ubuntu/pool/main/n/newt/libnewt0.51_0.51.6-3=
1ubuntu1.1_powerpc.deb
Size/MD5: 55050 c13270e78feee1a8ff8e6a3a5d646f42
http://security.ubuntu.com/ubuntu/pool/main/n/newt/python-newt_0.51.6-3=
1ubuntu1.1_powerpc.deb
Size/MD5: 38244 78825ded45c596ed3fae9860d57999ac
http://security.ubuntu.com/ubuntu/pool/main/n/newt/whiptail_0.51.6-31ub=
untu1.1_powerpc.deb
Size/MD5: 35160 1d6c67562ff2d57cab47c64e50efa606
http://security.ubuntu.com/ubuntu/pool/universe/n/newt/newt-tcl_0.51.6-=
31ubuntu1.1_powerpc.deb
Size/MD5: 29526 9f2a8632fb7f2559167dfaaadf4a1dab
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/n/newt/libnewt-dev_0.51.6-3=
1ubuntu1.1_sparc.deb
Size/MD5: 81578 31e80c0ecae156d83d8a460b9780b3de
http://security.ubuntu.com/ubuntu/pool/main/n/newt/libnewt-pic_0.51.6-3=
1ubuntu1.1_sparc.deb
Size/MD5: 54652 1d8990dd93ec07d33587385f865b666f
http://security.ubuntu.com/ubuntu/pool/main/n/newt/libnewt0.51_0.51.6-3=
1ubuntu1.1_sparc.deb
Size/MD5: 50982 abe0050d5b63ebadbe2f718774f0d47d
http://security.ubuntu.com/ubuntu/pool/main/n/newt/python-newt_0.51.6-3=
1ubuntu1.1_sparc.deb
Size/MD5: 36612 65085589fd4b076e333ba0fbd6d4d497
http://security.ubuntu.com/ubuntu/pool/main/n/newt/whiptail_0.51.6-31ub=
untu1.1_sparc.deb
Size/MD5: 32982 c76ecaee56718fbe3caf09ccc52131a6
http://security.ubuntu.com/ubuntu/pool/universe/n/newt/newt-tcl_0.51.6-=
31ubuntu1.1_sparc.deb
Size/MD5: 27306 699d502b7c7282bd05ea81049eabc08a
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/n/newt/newt_0.52.2-11.2ubun=
tu1.1.diff.gz
Size/MD5: 105856 d5e2ea435232c6aa29fdb9aca71fcb72
http://security.ubuntu.com/ubuntu/pool/main/n/newt/newt_0.52.2-11.2ubun=
tu1.1.dsc
Size/MD5: 1011 5cbe6744f577a90f7c3260d1fd56b6cb
http://security.ubuntu.com/ubuntu/pool/main/n/newt/newt_0.52.2.orig.tar=
.gz
Size/MD5: 261072 a8558b40664a278bbbceeb54bb95927d
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/n/newt/libnewt-dev_0.52.2-1=
1.2ubuntu1.1_amd64.deb
Size/MD5: 92560 80799c9bf9d191940f66659f1751ea6d
http://security.ubuntu.com/ubuntu/pool/main/n/newt/libnewt-pic_0.52.2-1=
1.2ubuntu1.1_amd64.deb
Size/MD5: 65544 aa8be685f71d9bf97c52042d1c319912
http://security.ubuntu.com/ubuntu/pool/main/n/newt/libnewt0.52_0.52.2-1=
1.2ubuntu1.1_amd64.deb
Size/MD5: 61954 b762aa97e182cd9538a985c8b7b29fa7
http://security.ubuntu.com/ubuntu/pool/main/n/newt/python-newt-dbg_0.52=
.2-11.2ubuntu1.1_amd64.deb
Size/MD5: 86018 ca496b570c2cfcfd1e11255d542ed693
http://security.ubuntu.com/ubuntu/pool/main/n/newt/python-newt_0.52.2-1=
1.2ubuntu1.1_amd64.deb
Size/MD5: 58964 e02629d10a3d12b3cff1a3b11b7f3cfe
http://security.ubuntu.com/ubuntu/pool/main/n/newt/whiptail_0.52.2-11.2=
ubuntu1.1_amd64.deb
Size/MD5: 36264 f35392924d9e59834cd7d10257a23faa
http://security.ubuntu.com/ubuntu/pool/universe/n/newt/newt-tcl_0.52.2-=
11.2ubuntu1.1_amd64.deb
Size/MD5: 30628 6cfd4ff8f1e13e1b258b056723acf01f
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/n/newt/libnewt-dev_0.52.2-1=
1.2ubuntu1.1_i386.deb
Size/MD5: 87590 e4ba7b16be239e4a1edd9fdf1072575e
http://security.ubuntu.com/ubuntu/pool/main/n/newt/libnewt-pic_0.52.2-1=
1.2ubuntu1.1_i386.deb
Size/MD5: 60370 fe92a985e3b9dae624f0484210e7d8e1
http://security.ubuntu.com/ubuntu/pool/main/n/newt/libnewt0.52_0.52.2-1=
1.2ubuntu1.1_i386.deb
Size/MD5: 57486 d3b26e4a56e6c2cc20170d01bc8fa481
http://security.ubuntu.com/ubuntu/pool/main/n/newt/python-newt-dbg_0.52=
.2-11.2ubuntu1.1_i386.deb
Size/MD5: 77594 875da294941a6f26f75b00446031d9ca
http://security.ubuntu.com/ubuntu/pool/main/n/newt/python-newt_0.52.2-1=
1.2ubuntu1.1_i386.deb
Size/MD5: 54954 63816df493a1d0ded3b2819b00d0b9ff
http://security.ubuntu.com/ubuntu/pool/main/n/newt/whiptail_0.52.2-11.2=
ubuntu1.1_i386.deb
Size/MD5: 35472 04a84fe34af10d157ad3ab37c7ecbddf
http://security.ubuntu.com/ubuntu/pool/universe/n/newt/newt-tcl_0.52.2-=
11.2ubuntu1.1_i386.deb
Size/MD5: 29858 529171bf79c4cc219e2214d4a0701881
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/n/newt/libnewt-dev_0.52.2-11.2ubuntu1=
.1_lpia.deb
Size/MD5: 86514 b5d5bb537861293374239a0792d924e1
http://ports.ubuntu.com/pool/main/n/newt/libnewt-pic_0.52.2-11.2ubuntu1=
.1_lpia.deb
Size/MD5: 59116 c367bf08b8439cebc6f489748c270fec
http://ports.ubuntu.com/pool/main/n/newt/libnewt0.52_0.52.2-11.2ubuntu1=
.1_lpia.deb
Size/MD5: 57034 6e6add1790fa36e3cad84cff19089619
http://ports.ubuntu.com/pool/main/n/newt/python-newt-dbg_0.52.2-11.2ubu=
ntu1.1_lpia.deb
Size/MD5: 77604 8fc1aff00db01f875a2022aff9b79ded
http://ports.ubuntu.com/pool/main/n/newt/python-newt_0.52.2-11.2ubuntu1=
.1_lpia.deb
Size/MD5: 54496 d489e3aef760be2339971e1d82abfab6
http://ports.ubuntu.com/pool/main/n/newt/whiptail_0.52.2-11.2ubuntu1.1_=
lpia.deb
Size/MD5: 35368 b8ac1ce6082ee58222e2a026198598c3
http://ports.ubuntu.com/pool/universe/n/newt/newt-tcl_0.52.2-11.2ubuntu=
1.1_lpia.deb
Size/MD5: 29760 956d559aef641dcdb103112ea6606962
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/n/newt/libnewt-dev_0.52.2-11.2ubuntu1=
.1_powerpc.deb
Size/MD5: 91858 d556e54166892d4cbc16169dd4e03786
http://ports.ubuntu.com/pool/main/n/newt/libnewt-pic_0.52.2-11.2ubuntu1=
.1_powerpc.deb
Size/MD5: 64906 db6e405a2292b110858bd45426579d3f
http://ports.ubuntu.com/pool/main/n/newt/libnewt0.52_0.52.2-11.2ubuntu1=
.1_powerpc.deb
Size/MD5: 61822 d5892820756b4a54989068ddaa177606
http://ports.ubuntu.com/pool/main/n/newt/python-newt-dbg_0.52.2-11.2ubu=
ntu1.1_powerpc.deb
Size/MD5: 91004 5a6e3c0989fcaf22a674c7c71fddf8ea
http://ports.ubuntu.com/pool/main/n/newt/python-newt_0.52.2-11.2ubuntu1=
.1_powerpc.deb
Size/MD5: 60982 68c97b00891b30d736e90794b0df78a4
http://ports.ubuntu.com/pool/main/n/newt/whiptail_0.52.2-11.2ubuntu1.1_=
powerpc.deb
Size/MD5: 38862 cd43b3f206be0d550a462adc7c64b5ad
http://ports.ubuntu.com/pool/universe/n/newt/newt-tcl_0.52.2-11.2ubuntu=
1.1_powerpc.deb
Size/MD5: 32754 68df1127d2a1b67a2ec44798e6981d48
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/n/newt/libnewt-dev_0.52.2-11.2ubuntu1=
.1_sparc.deb
Size/MD5: 86856 63baf2999176bd4627df97e4148b408e
http://ports.ubuntu.com/pool/main/n/newt/libnewt-pic_0.52.2-11.2ubuntu1=
.1_sparc.deb
Size/MD5: 59780 ea7a8bc763d170c445fc98c8581cbd6c
http://ports.ubuntu.com/pool/main/n/newt/libnewt0.52_0.52.2-11.2ubuntu1=
.1_sparc.deb
Size/MD5: 56128 0bcc4f243cc7eab9f0c8ca7860efcac0
http://ports.ubuntu.com/pool/main/n/newt/python-newt-dbg_0.52.2-11.2ubu=
ntu1.1_sparc.deb
Size/MD5: 78750 fe9307a63449f2f62cd8b15c31672716
http://ports.ubuntu.com/pool/main/n/newt/python-newt_0.52.2-11.2ubuntu1=
.1_sparc.deb
Size/MD5: 54994 edc967651472d9527825a3d285f25e65
http://ports.ubuntu.com/pool/main/n/newt/whiptail_0.52.2-11.2ubuntu1.1_=
sparc.deb
Size/MD5: 35498 7d298dff2288f828354cb0755a345e77
http://ports.ubuntu.com/pool/universe/n/newt/newt-tcl_0.52.2-11.2ubuntu=
1.1_sparc.deb
Size/MD5: 29408 30b3887bbe21f504bbe93c864ff83e84
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/n/newt/newt_0.52.2-11.3ubun=
tu1.1.diff.gz
Size/MD5: 104338 24d0ca556728fb444de7d071ae6f184f
http://security.ubuntu.com/ubuntu/pool/main/n/newt/newt_0.52.2-11.3ubun=
tu1.1.dsc
Size/MD5: 1407 380df201d122d81a68011c3a7c1c0d1f
http://security.ubuntu.com/ubuntu/pool/main/n/newt/newt_0.52.2.orig.tar=
.gz
Size/MD5: 261072 a8558b40664a278bbbceeb54bb95927d
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/n/newt/libnewt-dev_0.52.2-1=
1.3ubuntu1.1_amd64.deb
Size/MD5: 93306 4e5e1bd1898375ea5a073adc096c90bf
http://security.ubuntu.com/ubuntu/pool/main/n/newt/libnewt-pic_0.52.2-1=
1.3ubuntu1.1_amd64.deb
Size/MD5: 66326 6b902ca610a3277e30c89a7a1d83a416
http://security.ubuntu.com/ubuntu/pool/main/n/newt/libnewt0.52_0.52.2-1=
1.3ubuntu1.1_amd64.deb
Size/MD5: 62776 a6cdc70f37fe0e1022f2c0e106e89e01
http://security.ubuntu.com/ubuntu/pool/main/n/newt/python-newt-dbg_0.52=
.2-11.3ubuntu1.1_amd64.deb
Size/MD5: 87366 7b946f8688c943ef567d607029b4b0af
http://security.ubuntu.com/ubuntu/pool/main/n/newt/python-newt_0.52.2-1=
1.3ubuntu1.1_amd64.deb
Size/MD5: 58844 e5b01190b4ffb06dd1d0c6ef3a764efb
http://security.ubuntu.com/ubuntu/pool/main/n/newt/whiptail_0.52.2-11.3=
ubuntu1.1_amd64.deb
Size/MD5: 36404 2711fba1e09a94ed7d36e4b809d662e0
http://security.ubuntu.com/ubuntu/pool/universe/n/newt/newt-tcl_0.52.2-=
11.3ubuntu1.1_amd64.deb
Size/MD5: 30740 afbc5e8389c703ceaa4c05a6c6327a85
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/n/newt/libnewt-dev_0.52.2-1=
1.3ubuntu1.1_i386.deb
Size/MD5: 88578 0f355c269dc495e93eb520c16964c04d
http://security.ubuntu.com/ubuntu/pool/main/n/newt/libnewt-pic_0.52.2-1=
1.3ubuntu1.1_i386.deb
Size/MD5: 61316 e8f3abdcbb0062664718f2f444e90dbb
http://security.ubuntu.com/ubuntu/pool/main/n/newt/libnewt0.52_0.52.2-1=
1.3ubuntu1.1_i386.deb
Size/MD5: 58434 b2d58c5169da35d72c43acc4045f0281
http://security.ubuntu.com/ubuntu/pool/main/n/newt/python-newt-dbg_0.52=
.2-11.3ubuntu1.1_i386.deb
Size/MD5: 79562 0a707915451bd68106cfea64ca4377c3
http://security.ubuntu.com/ubuntu/pool/main/n/newt/python-newt_0.52.2-1=
1.3ubuntu1.1_i386.deb
Size/MD5: 55172 a84280dce95d8464ddcb2033769dfcca
http://security.ubuntu.com/ubuntu/pool/main/n/newt/whiptail_0.52.2-11.3=
ubuntu1.1_i386.deb
Size/MD5: 35714 69f0a014009e276cbd6a41b26b806b28
http://security.ubuntu.com/ubuntu/pool/universe/n/newt/newt-tcl_0.52.2-=
11.3ubuntu1.1_i386.deb
Size/MD5: 30054 b59c4cfdfdee319e9595abad7941429a
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/n/newt/libnewt-dev_0.52.2-11.3ubuntu1=
.1_lpia.deb
Size/MD5: 87348 4106d566603981c407d82c92437dabd6
http://ports.ubuntu.com/pool/main/n/newt/libnewt-pic_0.52.2-11.3ubuntu1=
.1_lpia.deb
Size/MD5: 59994 cd2d8c0620f50adf73bff50fd9e68d29
http://ports.ubuntu.com/pool/main/n/newt/libnewt0.52_0.52.2-11.3ubuntu1=
.1_lpia.deb
Size/MD5: 57792 62e1bc6f1009fea8691aa9d8690dc597
http://ports.ubuntu.com/pool/main/n/newt/python-newt-dbg_0.52.2-11.3ubu=
ntu1.1_lpia.deb
Size/MD5: 79394 c2f22e85ab2b4e934c9b61774a570edd
http://ports.ubuntu.com/pool/main/n/newt/python-newt_0.52.2-11.3ubuntu1=
.1_lpia.deb
Size/MD5: 54382 3e1febe3dd447440a5dcfa1885a651fb
http://ports.ubuntu.com/pool/main/n/newt/whiptail_0.52.2-11.3ubuntu1.1_=
lpia.deb
Size/MD5: 35574 0f78bd2fc979b56925707fc0287de1c7
http://ports.ubuntu.com/pool/universe/n/newt/newt-tcl_0.52.2-11.3ubuntu=
1.1_lpia.deb
Size/MD5: 29922 be924f14b63a12384379045e2e46faaa
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/n/newt/libnewt-dev_0.52.2-11.3ubuntu1=
.1_powerpc.deb
Size/MD5: 92844 2302ec5abfe629694481a87f0fc5546c
http://ports.ubuntu.com/pool/main/n/newt/libnewt-pic_0.52.2-11.3ubuntu1=
.1_powerpc.deb
Size/MD5: 65792 60d3a9429f7214d93ca5042cbcb78ba3
http://ports.ubuntu.com/pool/main/n/newt/libnewt0.52_0.52.2-11.3ubuntu1=
.1_powerpc.deb
Size/MD5: 62612 8d32a60eff5efa4810adbb62ed3c32db
http://ports.ubuntu.com/pool/main/n/newt/python-newt-dbg_0.52.2-11.3ubu=
ntu1.1_powerpc.deb
Size/MD5: 91996 f5fee24ee32e53778fc9e71b58c18f44
http://ports.ubuntu.com/pool/main/n/newt/python-newt_0.52.2-11.3ubuntu1=
.1_powerpc.deb
Size/MD5: 60888 f938f204a8e48d983401cce316dfc328
http://ports.ubuntu.com/pool/main/n/newt/whiptail_0.52.2-11.3ubuntu1.1_=
powerpc.deb
Size/MD5: 36474 2c5f1b5af301c994701c4b830f811533
http://ports.ubuntu.com/pool/universe/n/newt/newt-tcl_0.52.2-11.3ubuntu=
1.1_powerpc.deb
Size/MD5: 32956 0f5bd66716bb0e3e872c4e849ea74421
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/n/newt/libnewt-dev_0.52.2-11.3ubuntu1=
.1_sparc.deb
Size/MD5: 87166 3390fb38c6b814cecd6eef5f4ca125e8
http://ports.ubuntu.com/pool/main/n/newt/libnewt-pic_0.52.2-11.3ubuntu1=
.1_sparc.deb
Size/MD5: 60088 162ae080230bd0c09cf1ae74497f792f
http://ports.ubuntu.com/pool/main/n/newt/libnewt0.52_0.52.2-11.3ubuntu1=
.1_sparc.deb
Size/MD5: 56516 306288108c1903b7bde8571eece31d90
http://ports.ubuntu.com/pool/main/n/newt/python-newt-dbg_0.52.2-11.3ubu=
ntu1.1_sparc.deb
Size/MD5: 80470 70161405adc59969fc4c156f3dfe152f
http://ports.ubuntu.com/pool/main/n/newt/python-newt_0.52.2-11.3ubuntu1=
.1_sparc.deb
Size/MD5: 55022 6e2f0772aa1bcd33a302b258160f6ddc
http://ports.ubuntu.com/pool/main/n/newt/whiptail_0.52.2-11.3ubuntu1.1_=
sparc.deb
Size/MD5: 35572 03afbd8d8f7b02f974ccbb8edfcb15c0
http://ports.ubuntu.com/pool/universe/n/newt/newt-tcl_0.52.2-11.3ubuntu=
1.1_sparc.deb
Size/MD5: 29530 9a5e75471834a6201dbc9d06c2ad98d1
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/n/newt/newt_0.52.2-11.3ubun=
tu3.1.diff.gz
Size/MD5: 104613 614c52df632dc6130c26849154bac01d
http://security.ubuntu.com/ubuntu/pool/main/n/newt/newt_0.52.2-11.3ubun=
tu3.1.dsc
Size/MD5: 1407 d1768ae9267195e3f692977621dba5e2
http://security.ubuntu.com/ubuntu/pool/main/n/newt/newt_0.52.2.orig.tar=
.gz
Size/MD5: 261072 a8558b40664a278bbbceeb54bb95927d
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/n/newt/libnewt-dev_0.52.2-1=
1.3ubuntu3.1_amd64.deb
Size/MD5: 93446 c9f4f5de91765cf346852b6db47a91f8
http://security.ubuntu.com/ubuntu/pool/main/n/newt/libnewt-pic_0.52.2-1=
1.3ubuntu3.1_amd64.deb
Size/MD5: 66468 058548ae976c72f6b2399c85ebb26d57
http://security.ubuntu.com/ubuntu/pool/main/n/newt/libnewt0.52_0.52.2-1=
1.3ubuntu3.1_amd64.deb
Size/MD5: 62920 7b955ea61896501b3fce74a4a7086a4f
http://security.ubuntu.com/ubuntu/pool/main/n/newt/python-newt-dbg_0.52=
.2-11.3ubuntu3.1_amd64.deb
Size/MD5: 88008 e3e902e11283c9e327fd375497ecb505
http://security.ubuntu.com/ubuntu/pool/main/n/newt/python-newt_0.52.2-1=
1.3ubuntu3.1_amd64.deb
Size/MD5: 52446 0df6e71b5c2929db8efb8f150c339c0c
http://security.ubuntu.com/ubuntu/pool/main/n/newt/whiptail_0.52.2-11.3=
ubuntu3.1_amd64.deb
Size/MD5: 36528 b441f9870475824c6b333835f86b6072
http://security.ubuntu.com/ubuntu/pool/universe/n/newt/newt-tcl_0.52.2-=
11.3ubuntu3.1_amd64.deb
Size/MD5: 30860 0d53c33c8e21ed03da3b7d1e7cb72137
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/n/newt/libnewt-dev_0.52.2-1=
1.3ubuntu3.1_i386.deb
Size/MD5: 88680 d9d549514014c35c240c087515f3e331
http://security.ubuntu.com/ubuntu/pool/main/n/newt/libnewt-pic_0.52.2-1=
1.3ubuntu3.1_i386.deb
Size/MD5: 61422 b7c9470311ae47c79717d22b00590cd0
http://security.ubuntu.com/ubuntu/pool/main/n/newt/libnewt0.52_0.52.2-1=
1.3ubuntu3.1_i386.deb
Size/MD5: 58536 219540624e54af7cae2afd24d3ad8d17
http://security.ubuntu.com/ubuntu/pool/main/n/newt/python-newt-dbg_0.52=
.2-11.3ubuntu3.1_i386.deb
Size/MD5: 80264 814cd5a970017c4389e7afdb6f7c07a9
http://security.ubuntu.com/ubuntu/pool/main/n/newt/python-newt_0.52.2-1=
1.3ubuntu3.1_i386.deb
Size/MD5: 40136 b87f8ec1ae5c3df0ee7b9078c1ebc0d5
http://security.ubuntu.com/ubuntu/pool/main/n/newt/whiptail_0.52.2-11.3=
ubuntu3.1_i386.deb
Size/MD5: 35840 6b300c09830d102d7f9620e29165b2d7
http://security.ubuntu.com/ubuntu/pool/universe/n/newt/newt-tcl_0.52.2-=
11.3ubuntu3.1_i386.deb
Size/MD5: 30190 c14922681922015d6d0a77552f29aed1
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/n/newt/libnewt-dev_0.52.2-11.3ubuntu3=
.1_lpia.deb
Size/MD5: 87418 33128dafb6bf23a18fd28c0f55442ea5
http://ports.ubuntu.com/pool/main/n/newt/libnewt-pic_0.52.2-11.3ubuntu3=
.1_lpia.deb
Size/MD5: 60102 a0b1dce2171d4f7b6fcdb972b9f83777
http://ports.ubuntu.com/pool/main/n/newt/libnewt0.52_0.52.2-11.3ubuntu3=
.1_lpia.deb
Size/MD5: 57876 76721f53c2ff09d7a5b4a313a4218938
http://ports.ubuntu.com/pool/main/n/newt/python-newt-dbg_0.52.2-11.3ubu=
ntu3.1_lpia.deb
Size/MD5: 80110 29cdb3d28f32e937e37ced2e991871f0
http://ports.ubuntu.com/pool/main/n/newt/python-newt_0.52.2-11.3ubuntu3=
.1_lpia.deb
Size/MD5: 39786 1839064adb6dc3d67d2b2d694ac0f39d
http://ports.ubuntu.com/pool/main/n/newt/whiptail_0.52.2-11.3ubuntu3.1_=
lpia.deb
Size/MD5: 35698 d6dd2af22a1020062a66b097a876ad4e
http://ports.ubuntu.com/pool/universe/n/newt/newt-tcl_0.52.2-11.3ubuntu=
3.1_lpia.deb
Size/MD5: 30040 82b34032cb6abe17f5db44d1c885df20
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/n/newt/libnewt-dev_0.52.2-11.3ubuntu3=
.1_powerpc.deb
Size/MD5: 92886 bc03749496294c52873dd480c8fb4263
http://ports.ubuntu.com/pool/main/n/newt/libnewt-pic_0.52.2-11.3ubuntu3=
.1_powerpc.deb
Size/MD5: 65848 65e063742d53a41a50b0a5f734fa0522
http://ports.ubuntu.com/pool/main/n/newt/libnewt0.52_0.52.2-11.3ubuntu3=
.1_powerpc.deb
Size/MD5: 62704 61c501357f7a4bdb70c3895ecdc7e898
http://ports.ubuntu.com/pool/main/n/newt/python-newt-dbg_0.52.2-11.3ubu=
ntu3.1_powerpc.deb
Size/MD5: 92674 efd1c51b7777f4366dda198ed85ebd67
http://ports.ubuntu.com/pool/main/n/newt/python-newt_0.52.2-11.3ubuntu3=
.1_powerpc.deb
Size/MD5: 54280 6954985a39da973a1a340190461f31e8
http://ports.ubuntu.com/pool/main/n/newt/whiptail_0.52.2-11.3ubuntu3.1_=
powerpc.deb
Size/MD5: 36592 cc90e3e95cdbb6c1a40814d6d01f1fe6
http://ports.ubuntu.com/pool/universe/n/newt/newt-tcl_0.52.2-11.3ubuntu=
3.1_powerpc.deb
Size/MD5: 33072 22dd85a3d3580e0b91fee32729faca4f
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/n/newt/libnewt-dev_0.52.2-11.3ubuntu3=
.1_sparc.deb
Size/MD5: 87272 6d49cce4eb920f120ae4a4148144776f
http://ports.ubuntu.com/pool/main/n/newt/libnewt-pic_0.52.2-11.3ubuntu3=
.1_sparc.deb
Size/MD5: 60184 7bde2d0040bdb5a57025233d8f196e45
http://ports.ubuntu.com/pool/main/n/newt/libnewt0.52_0.52.2-11.3ubuntu3=
.1_sparc.deb
Size/MD5: 56610 68c0db8a9ef44443fd2f688751e32fff
http://ports.ubuntu.com/pool/main/n/newt/python-newt-dbg_0.52.2-11.3ubu=
ntu3.1_sparc.deb
Size/MD5: 80788 3f39c6a53da84a18d00499fb2a521ef2
http://ports.ubuntu.com/pool/main/n/newt/python-newt_0.52.2-11.3ubuntu3=
.1_sparc.deb
Size/MD5: 40090 24ad9c9b27160ad65723dd21c526801a
http://ports.ubuntu.com/pool/main/n/newt/whiptail_0.52.2-11.3ubuntu3.1_=
sparc.deb
Size/MD5: 35648 7ba3425181ab62b3ec01910ec2af8191
http://ports.ubuntu.com/pool/universe/n/newt/newt-tcl_0.52.2-11.3ubuntu=
3.1_sparc.deb
Size/MD5: 29610 a5fa5ccf041a9c8f88bed5d6ad89e7b2
--=-kAbdjn4IfxcE8bBNjZGs
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEABECAAYFAkq7dr4ACgkQLMAs/0C4zNorZwCeJ/RSyjaBKG3XES/oHonP6etA
43UAnj1iNXPMVqw2ixx1BjZ0WlzwSLhZ
=+DoN
-----END PGP SIGNATURE-----
"
Rihanna saved millions on new homeUSN-832-1: FreeRADIUS vulnerability
"-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: neon security update
Advisory ID: RHSA-2009:1452-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1452.html
Issue date: 2009-09-21
CVE Names: CVE-2009-2473 CVE-2009-2474
=====================================================================
1. Summary:
Updated neon packages that fix two security issues are now available for
Red Hat Enterprise Linux 4 and 5.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64
3. Description:
neon is an HTTP and WebDAV client library, with a C interface. It provides
a high-level interface to HTTP and WebDAV methods along with a low-level
interface for HTTP request handling. neon supports persistent connections,
proxy servers, basic, digest and Kerberos authentication, and has complete
SSL support.
It was discovered that neon is affected by the previously published "null
prefix attack", caused by incorrect handling of NULL characters in X.509
certificates. If an attacker is able to get a carefully-crafted certificate
signed by a trusted Certificate Authority, the attacker could use the
certificate during a man-in-the-middle attack and potentially confuse an
application using the neon library into accepting it by mistake.
(CVE-2009-2474)
A denial of service flaw was found in the neon Extensible Markup Language
(XML) parser. A remote attacker (malicious DAV server) could provide a
specially-crafted XML document that would cause excessive memory and CPU
consumption if an application using the neon XML parser was tricked into
processing it. (CVE-2009-2473)
All neon users should upgrade to these updated packages, which contain
backported patches to correct these issues. Applications using the neon
HTTP and WebDAV client library, such as cadaver, must be restarted for this
update to take effect.
4. Solution:
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259
5. Bugs fixed (http://bugzilla.redhat.com/):
518215 - CVE-2009-2473 neon, gnome-vfs2 embedded neon: billion laughs DoS attack
518223 - CVE-2009-2474 neon: Improper verification of x509v3 certificate with NULL (zero) byte in certain fields
6. Package List:
Red Hat Enterprise Linux AS version 4:
Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/neon-0.24.7-4.el4_8.2.src.rpm
i386:
neon-0.24.7-4.el4_8.2.i386.rpm
neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm
neon-devel-0.24.7-4.el4_8.2.i386.rpm
ia64:
neon-0.24.7-4.el4_8.2.i386.rpm
neon-0.24.7-4.el4_8.2.ia64.rpm
neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm
neon-debuginfo-0.24.7-4.el4_8.2.ia64.rpm
neon-devel-0.24.7-4.el4_8.2.ia64.rpm
ppc:
neon-0.24.7-4.el4_8.2.ppc.rpm
neon-0.24.7-4.el4_8.2.ppc64.rpm
neon-debuginfo-0.24.7-4.el4_8.2.ppc.rpm
neon-debuginfo-0.24.7-4.el4_8.2.ppc64.rpm
neon-devel-0.24.7-4.el4_8.2.ppc.rpm
s390:
neon-0.24.7-4.el4_8.2.s390.rpm
neon-debuginfo-0.24.7-4.el4_8.2.s390.rpm
neon-devel-0.24.7-4.el4_8.2.s390.rpm
s390x:
neon-0.24.7-4.el4_8.2.s390.rpm
neon-0.24.7-4.el4_8.2.s390x.rpm
neon-debuginfo-0.24.7-4.el4_8.2.s390.rpm
neon-debuginfo-0.24.7-4.el4_8.2.s390x.rpm
neon-devel-0.24.7-4.el4_8.2.s390x.rpm
x86_64:
neon-0.24.7-4.el4_8.2.i386.rpm
neon-0.24.7-4.el4_8.2.x86_64.rpm
neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm
neon-debuginfo-0.24.7-4.el4_8.2.x86_64.rpm
neon-devel-0.24.7-4.el4_8.2.x86_64.rpm
Red Hat Enterprise Linux Desktop version 4:
Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/neon-0.24.7-4.el4_8.2.src.rpm
i386:
neon-0.24.7-4.el4_8.2.i386.rpm
neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm
neon-devel-0.24.7-4.el4_8.2.i386.rpm
x86_64:
neon-0.24.7-4.el4_8.2.i386.rpm
neon-0.24.7-4.el4_8.2.x86_64.rpm
neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm
neon-debuginfo-0.24.7-4.el4_8.2.x86_64.rpm
neon-devel-0.24.7-4.el4_8.2.x86_64.rpm
Red Hat Enterprise Linux ES version 4:
Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/neon-0.24.7-4.el4_8.2.src.rpm
i386:
neon-0.24.7-4.el4_8.2.i386.rpm
neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm
neon-devel-0.24.7-4.el4_8.2.i386.rpm
ia64:
neon-0.24.7-4.el4_8.2.i386.rpm
neon-0.24.7-4.el4_8.2.ia64.rpm
neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm
neon-debuginfo-0.24.7-4.el4_8.2.ia64.rpm
neon-devel-0.24.7-4.el4_8.2.ia64.rpm
x86_64:
neon-0.24.7-4.el4_8.2.i386.rpm
neon-0.24.7-4.el4_8.2.x86_64.rpm
neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm
neon-debuginfo-0.24.7-4.el4_8.2.x86_64.rpm
neon-devel-0.24.7-4.el4_8.2.x86_64.rpm
Red Hat Enterprise Linux WS version 4:
Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/neon-0.24.7-4.el4_8.2.src.rpm
i386:
neon-0.24.7-4.el4_8.2.i386.rpm
neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm
neon-devel-0.24.7-4.el4_8.2.i386.rpm
ia64:
neon-0.24.7-4.el4_8.2.i386.rpm
neon-0.24.7-4.el4_8.2.ia64.rpm
neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm
neon-debuginfo-0.24.7-4.el4_8.2.ia64.rpm
neon-devel-0.24.7-4.el4_8.2.ia64.rpm
x86_64:
neon-0.24.7-4.el4_8.2.i386.rpm
neon-0.24.7-4.el4_8.2.x86_64.rpm
neon-debuginfo-0.24.7-4.el4_8.2.i386.rpm
neon-debuginfo-0.24.7-4.el4_8.2.x86_64.rpm
neon-devel-0.24.7-4.el4_8.2.x86_64.rpm
Red Hat Enterprise Linux Desktop (v. 5 client):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/neon-0.25.5-10.el5_4.1.src.rpm
i386:
neon-0.25.5-10.el5_4.1.i386.rpm
neon-debuginfo-0.25.5-10.el5_4.1.i386.rpm
x86_64:
neon-0.25.5-10.el5_4.1.i386.rpm
neon-0.25.5-10.el5_4.1.x86_64.rpm
neon-debuginfo-0.25.5-10.el5_4.1.i386.rpm
neon-debuginfo-0.25.5-10.el5_4.1.x86_64.rpm
RHEL Desktop Workstation (v. 5 client):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/neon-0.25.5-10.el5_4.1.src.rpm
i386:
neon-debuginfo-0.25.5-10.el5_4.1.i386.rpm
neon-devel-0.25.5-10.el5_4.1.i386.rpm
x86_64:
neon-debuginfo-0.25.5-10.el5_4.1.i386.rpm
neon-debuginfo-0.25.5-10.el5_4.1.x86_64.rpm
neon-devel-0.25.5-10.el5_4.1.i386.rpm
neon-devel-0.25.5-10.el5_4.1.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/neon-0.25.5-10.el5_4.1.src.rpm
i386:
neon-0.25.5-10.el5_4.1.i386.rpm
neon-debuginfo-0.25.5-10.el5_4.1.i386.rpm
neon-devel-0.25.5-10.el5_4.1.i386.rpm
ia64:
neon-0.25.5-10.el5_4.1.ia64.rpm
neon-debuginfo-0.25.5-10.el5_4.1.ia64.rpm
neon-devel-0.25.5-10.el5_4.1.ia64.rpm
ppc:
neon-0.25.5-10.el5_4.1.ppc.rpm
neon-0.25.5-10.el5_4.1.ppc64.rpm
neon-debuginfo-0.25.5-10.el5_4.1.ppc.rpm
neon-debuginfo-0.25.5-10.el5_4.1.ppc64.rpm
neon-devel-0.25.5-10.el5_4.1.ppc.rpm
neon-devel-0.25.5-10.el5_4.1.ppc64.rpm
s390x:
neon-0.25.5-10.el5_4.1.s390.rpm
neon-0.25.5-10.el5_4.1.s390x.rpm
neon-debuginfo-0.25.5-10.el5_4.1.s390.rpm
neon-debuginfo-0.25.5-10.el5_4.1.s390x.rpm
neon-devel-0.25.5-10.el5_4.1.s390.rpm
neon-devel-0.25.5-10.el5_4.1.s390x.rpm
x86_64:
neon-0.25.5-10.el5_4.1.i386.rpm
neon-0.25.5-10.el5_4.1.x86_64.rpm
neon-debuginfo-0.25.5-10.el5_4.1.i386.rpm
neon-debuginfo-0.25.5-10.el5_4.1.x86_64.rpm
neon-devel-0.25.5-10.el5_4.1.i386.rpm
neon-devel-0.25.5-10.el5_4.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package
7. References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2473
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2474
http://www.redhat.com/security/updates/classification/#moderate
8. Contact:
The Red Hat security contact is . More contact
details at https://www.redhat.com/security/team/contact/
Copyright 2009 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFKt6HwXlSAg2UNWIIRAu2oAJ4risB4IoARBXb5EmGa3lM7hMUMvwCgh54a
EWt982isJFdvbWrsh48+Ypg=
=u2Hw
-----END PGP SIGNATURE-----
"
RHSA-2009:1232-01 Moderate: gnutls security updateJackson’s sperm flown to London
"-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------
Debian Security Advisory DSA-1891-1 security@debian.org
http://www.debian.org/security/ Steffen Joeris
September 22, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : changetrack
Vulnerability : shell command execution
Problem type : local
Debian-specific: no
CVE Id : CVE-2009-3233
Debian Bug : 546791
Marek Grzybowski discovered that changetrack, a program to monitor
changes to (configuration) files, is prone to shell command injection
via metacharacters in filenames. The behaviour of the program has been
adjusted to reject all filenames with metacharacters.
For the stable distribution (lenny), this problem has been fixed in
version 4.3-3+lenny1.
For the oldstable distribution (etch), this problem has been fixed in
version 4.3-3+etch1.
For the testing distribution (squeeze), this problem will be fixed soon.
For the unstable distribution (sid), this problem has been fixed in
version 4.5-2.
We recommend that you upgrade your changetrack packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- -------------------------------
Debian (oldstable)
- ------------------
Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/c/changetrack/changetrack_4.3-3+etch1.diff.gz
Size/MD5 checksum: 13330 3334d9ef744a08cc0b4d8253c78b7c10
http://security.debian.org/pool/updates/main/c/changetrack/changetrack_4.3-3+etch1.dsc
Size/MD5 checksum: 710 b519ffa08cb165819e9bdd67f7e9a4f3
Architecture independent packages:
http://security.debian.org/pool/updates/main/c/changetrack/changetrack_4.3-3+etch1_all.deb
Size/MD5 checksum: 21706 b1002889940ab122879f4d709fe8a573
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Debian (stable)
- ---------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/c/changetrack/changetrack_4.3.orig.tar.gz
Size/MD5 checksum: 16567 7600e72b299562c6773e9b6ac38aaa55
http://security.debian.org/pool/updates/main/c/changetrack/changetrack_4.3-3+lenny1.diff.gz
Size/MD5 checksum: 13325 c91d4a3d370dfe41ff41e6815eda7440
http://security.debian.org/pool/updates/main/c/changetrack/changetrack_4.3-3+lenny1.dsc
Size/MD5 checksum: 1110 5e689f11bc4dca83328cda0a888ec1e4
Architecture independent packages:
http://security.debian.org/pool/updates/main/c/changetrack/changetrack_4.3-3+lenny1_all.deb
Size/MD5 checksum: 21678 3b9fb111a49aa671886f6e5eaec66908
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkq4gmUACgkQ62zWxYk/rQdaFACfXtTyH9dQZCOhJJzuIDIKvQmU
29wAn3YRtZs0iQ0BcV20/Mw45MktymrP
=gzFZ
-----END PGP SIGNATURE-----
"
Rihanna saved millions on new homeDSA 1836-1: New fckeditor packages fix arbitrary code execution
"Ubuntu Security Notice USN-836-1 September 23, 2009
webkit vulnerabilities
CVE-2009-0945, CVE-2009-1687, CVE-2009-1690, CVE-2009-1698,
CVE-2009-1711, CVE-2009-1712, CVE-2009-1725
==========================
==========================
=========
A security issue affects the following Ubuntu releases:
Ubuntu 8.10
Ubuntu 9.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 8.10:
libwebkit-1.0-1 1.0.1-2ubuntu0.2
libwebkit-1.0-1-dbg 1.0.1-2ubuntu0.2
libwebkit-dev 1.0.1-2ubuntu0.2
Ubuntu 9.04:
libwebkit-1.0-1 1.0.1-4ubuntu0.1
libwebkit-1.0-1-dbg 1.0.1-4ubuntu0.1
libwebkit-dev 1.0.1-4ubuntu0.1
After a standard system upgrade you need to restart any applications that
use WebKit, such as Epiphany-webkit and Midori, to effect the necessary
changes.
Details follow:
It was discovered that WebKit did not properly handle certain SVGPathList
data structures. If a user were tricked into viewing a malicious website,
an attacker could exploit this to execute arbitrary code with the
privileges of the user invoking the program. (CVE-2009-0945)
Several flaws were discovered in the WebKit browser and JavaScript engines.
If a user were tricked into viewing a malicious website, a remote attacker
could cause a denial of service or possibly execute arbitrary code with the
privileges of the user invoking the program. (CVE-2009-1687, CVE-2009-1690,
CVE-2009-1698, CVE-2009-1711, CVE-2009-1725)
It was discovered that WebKit did not prevent the loading of local Java
applets. If a user were tricked into viewing a malicious website,
an attacker could exploit this to execute arbitrary code with the
privileges of the user invoking the program. (CVE-2009-1712)
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/w/webkit/webkit_1.0.1-2ubun=
tu0.2.diff.gz
Size/MD5: 25401 ca58f621eec09ea60847fb7eeb18ef2a
http://security.ubuntu.com/ubuntu/pool/main/w/webkit/webkit_1.0.1-2ubun=
tu0.2.dsc
Size/MD5: 1538 ebdb32117beca5fff473ca0c1b065b42
http://security.ubuntu.com/ubuntu/pool/main/w/webkit/webkit_1.0.1.orig.=
tar.gz
Size/MD5: 13418752 4de68a5773998bea14e8939aa341c466
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-dev_1.0.=
1-2ubuntu0.2_all.deb
Size/MD5: 34590 acb9cdfb9608c5f4146ea88eef384e75
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-1-db=
g_1.0.1-2ubuntu0.2_amd64.deb
Size/MD5: 62592212 df3152f6a40e538e3a267908d83783c0
http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-1_1.=
0.1-2ubuntu0.2_amd64.deb
Size/MD5: 3501472 e68f67894e53eb2faa48191ea3953732
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-1-db=
g_1.0.1-2ubuntu0.2_i386.deb
Size/MD5: 62206938 b7d1dde62360865cbc814122b93d4005
http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-1_1.=
0.1-2ubuntu0.2_i386.deb
Size/MD5: 3014500 73a5a3e9985f6d165120c5c3cca6d06b
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-2u=
buntu0.2_lpia.deb
Size/MD5: 62284322 75ff8aefee1fdea994f660dab5f6554f
http://ports.ubuntu.com/pool/main/w/webkit/libwebkit-1.0-1_1.0.1-2ubunt=
u0.2_lpia.deb
Size/MD5: 2966170 1c52f1920282c659a0a81a3be44dde7f
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/w/webkit/webkit_1.0.1-4ubun=
tu0.1.diff.gz
Size/MD5: 30900 0ea9f48f994b9bd759446a939ff5dca3
http://security.ubuntu.com/ubuntu/pool/main/w/webkit/webkit_1.0.1-4ubun=
tu0.1.dsc
Size/MD5: 1538 31502504b765f1161825ccdb82f71788
http://security.ubuntu.com/ubuntu/pool/main/w/webkit/webkit_1.0.1.orig.=
tar.gz
Size/MD5: 13418752 4de68a5773998bea14e8939aa341c466
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-dev_1.0.=
1-4ubuntu0.1_all.deb
Size/MD5: 34678 5042c01c01e9d128a13d1457c56b0cbd
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-1-db=
g_1.0.1-4ubuntu0.1_amd64.deb
Size/MD5: 62772554 3026ef7b332447cae68ed4f72b35ddb2
http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-1_1.=
0.1-4ubuntu0.1_amd64.deb
Size/MD5: 3502830 0fcd75b07524e2d70f8770ccd5bdc0c3
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-1-db=
g_1.0.1-4ubuntu0.1_i386.deb
Size/MD5: 62357024 777eb37c5384472cf9b4adac21f0d116
http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-1_1.=
0.1-4ubuntu0.1_i386.deb
Size/MD5: 3014688 100fd9406ea649edd954f4d154ab4d30
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4u=
buntu0.1_lpia.deb
Size/MD5: 62441454 18aa72b5c443a86153906e5ba4a87e55
http://ports.ubuntu.com/pool/main/w/webkit/libwebkit-1.0-1_1.0.1-4ubunt=
u0.1_lpia.deb
Size/MD5: 2968040 9651199f95dfee6252e2aacde99ebbbf
--=-3HF0opzWsiOULiTXaIDM
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEABECAAYFAkq6ItQACgkQLMAs/0C4zNrFQACfaJ0mrT7x4jPXDV0KgdPVL8Ve
6NsAnRYNc86AEFtg9VOLIJHaDinP2mwH
!Sm
-----END PGP SIGNATURE-----
"
USN-832-1: FreeRADIUS vulnerabilityRihanna saved millions on new home
"-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Important: cyrus-imapd security update
Advisory ID: RHSA-2009:1459-04
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1459.html
Issue date: 2009-09-23
CVE Names: CVE-2009-2632 CVE-2009-3235
=====================================================================
1. Summary:
Updated cyrus-imapd packages that fix several security issues are now
available for Red Hat Enterprise Linux 4 and 5.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64
3. Description:
The cyrus-imapd packages contain a high-performance mail server with IMAP,
POP3, NNTP, and Sieve support.
Multiple buffer overflow flaws were found in the Cyrus IMAP Sieve
implementation. An authenticated user able to create Sieve mail filtering
rules could use these flaws to execute arbitrary code with the privileges
of the Cyrus IMAP server user. (CVE-2009-2632, CVE-2009-3235)
Users of cyrus-imapd are advised to upgrade to these updated packages,
which contain backported patches to resolve these issues. After installing
the update, cyrus-imapd will be restarted automatically.
4. Solution:
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259
5. Bugs fixed (http://bugzilla.redhat.com/):
521010 - CVE-2009-2632 cyrus-imapd: buffer overflow in cyrus sieve
523910 - CVE-2009-3235 cyrus-impad: CMU sieve buffer overflows
6. Package List:
Red Hat Enterprise Linux AS version 4:
Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/cyrus-imapd-2.2.12-10.el4_8.4.src.rpm
i386:
cyrus-imapd-2.2.12-10.el4_8.4.i386.rpm
cyrus-imapd-debuginfo-2.2.12-10.el4_8.4.i386.rpm
cyrus-imapd-devel-2.2.12-10.el4_8.4.i386.rpm
cyrus-imapd-murder-2.2.12-10.el4_8.4.i386.rpm
cyrus-imapd-nntp-2.2.12-10.el4_8.4.i386.rpm
cyrus-imapd-utils-2.2.12-10.el4_8.4.i386.rpm
perl-Cyrus-2.2.12-10.el4_8.4.i386.rpm
ia64:
cyrus-imapd-2.2.12-10.el4_8.4.ia64.rpm
cyrus-imapd-debuginfo-2.2.12-10.el4_8.4.ia64.rpm
cyrus-imapd-devel-2.2.12-10.el4_8.4.ia64.rpm
cyrus-imapd-murder-2.2.12-10.el4_8.4.ia64.rpm
cyrus-imapd-nntp-2.2.12-10.el4_8.4.ia64.rpm
cyrus-imapd-utils-2.2.12-10.el4_8.4.ia64.rpm
perl-Cyrus-2.2.12-10.el4_8.4.ia64.rpm
ppc:
cyrus-imapd-2.2.12-10.el4_8.4.ppc.rpm
cyrus-imapd-debuginfo-2.2.12-10.el4_8.4.ppc.rpm
cyrus-imapd-devel-2.2.12-10.el4_8.4.ppc.rpm
cyrus-imapd-murder-2.2.12-10.el4_8.4.ppc.rpm
cyrus-imapd-nntp-2.2.12-10.el4_8.4.ppc.rpm
cyrus-imapd-utils-2.2.12-10.el4_8.4.ppc.rpm
perl-Cyrus-2.2.12-10.el4_8.4.ppc.rpm
s390:
cyrus-imapd-2.2.12-10.el4_8.4.s390.rpm
cyrus-imapd-debuginfo-2.2.12-10.el4_8.4.s390.rpm
cyrus-imapd-devel-2.2.12-10.el4_8.4.s390.rpm
cyrus-imapd-murder-2.2.12-10.el4_8.4.s390.rpm
cyrus-imapd-nntp-2.2.12-10.el4_8.4.s390.rpm
cyrus-imapd-utils-2.2.12-10.el4_8.4.s390.rpm
perl-Cyrus-2.2.12-10.el4_8.4.s390.rpm
s390x:
cyrus-imapd-2.2.12-10.el4_8.4.s390x.rpm
cyrus-imapd-debuginfo-2.2.12-10.el4_8.4.s390x.rpm
cyrus-imapd-devel-2.2.12-10.el4_8.4.s390x.rpm
cyrus-imapd-murder-2.2.12-10.el4_8.4.s390x.rpm
cyrus-imapd-nntp-2.2.12-10.el4_8.4.s390x.rpm
cyrus-imapd-utils-2.2.12-10.el4_8.4.s390x.rpm
perl-Cyrus-2.2.12-10.el4_8.4.s390x.rpm
x86_64:
cyrus-imapd-2.2.12-10.el4_8.4.x86_64.rpm
cyrus-imapd-debuginfo-2.2.12-10.el4_8.4.x86_64.rpm
cyrus-imapd-devel-2.2.12-10.el4_8.4.x86_64.rpm
cyrus-imapd-murder-2.2.12-10.el4_8.4.x86_64.rpm
cyrus-imapd-nntp-2.2.12-10.el4_8.4.x86_64.rpm
cyrus-imapd-utils-2.2.12-10.el4_8.4.x86_64.rpm
perl-Cyrus-2.2.12-10.el4_8.4.x86_64.rpm
Red Hat Enterprise Linux Desktop version 4:
Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/cyrus-imapd-2.2.12-10.el4_8.4.src.rpm
i386:
cyrus-imapd-2.2.12-10.el4_8.4.i386.rpm
cyrus-imapd-debuginfo-2.2.12-10.el4_8.4.i386.rpm
cyrus-imapd-devel-2.2.12-10.el4_8.4.i386.rpm
cyrus-imapd-murder-2.2.12-10.el4_8.4.i386.rpm
cyrus-imapd-nntp-2.2.12-10.el4_8.4.i386.rpm
cyrus-imapd-utils-2.2.12-10.el4_8.4.i386.rpm
perl-Cyrus-2.2.12-10.el4_8.4.i386.rpm
x86_64:
cyrus-imapd-2.2.12-10.el4_8.4.x86_64.rpm
cyrus-imapd-debuginfo-2.2.12-10.el4_8.4.x86_64.rpm
cyrus-imapd-devel-2.2.12-10.el4_8.4.x86_64.rpm
cyrus-imapd-murder-2.2.12-10.el4_8.4.x86_64.rpm
cyrus-imapd-nntp-2.2.12-10.el4_8.4.x86_64.rpm
cyrus-imapd-utils-2.2.12-10.el4_8.4.x86_64.rpm
perl-Cyrus-2.2.12-10.el4_8.4.x86_64.rpm
Red Hat Enterprise Linux ES version 4:
Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/cyrus-imapd-2.2.12-10.el4_8.4.src.rpm
i386:
cyrus-imapd-2.2.12-10.el4_8.4.i386.rpm
cyrus-imapd-debuginfo-2.2.12-10.el4_8.4.i386.rpm
cyrus-imapd-devel-2.2.12-10.el4_8.4.i386.rpm
cyrus-imapd-murder-2.2.12-10.el4_8.4.i386.rpm
cyrus-imapd-nntp-2.2.12-10.el4_8.4.i386.rpm
cyrus-imapd-utils-2.2.12-10.el4_8.4.i386.rpm
perl-Cyrus-2.2.12-10.el4_8.4.i386.rpm
ia64:
cyrus-imapd-2.2.12-10.el4_8.4.ia64.rpm
cyrus-imapd-debuginfo-2.2.12-10.el4_8.4.ia64.rpm
cyrus-imapd-devel-2.2.12-10.el4_8.4.ia64.rpm
cyrus-imapd-murder-2.2.12-10.el4_8.4.ia64.rpm
cyrus-imapd-nntp-2.2.12-10.el4_8.4.ia64.rpm
cyrus-imapd-utils-2.2.12-10.el4_8.4.ia64.rpm
perl-Cyrus-2.2.12-10.el4_8.4.ia64.rpm
x86_64:
cyrus-imapd-2.2.12-10.el4_8.4.x86_64.rpm
cyrus-imapd-debuginfo-2.2.12-10.el4_8.4.x86_64.rpm
cyrus-imapd-devel-2.2.12-10.el4_8.4.x86_64.rpm
cyrus-imapd-murder-2.2.12-10.el4_8.4.x86_64.rpm
cyrus-imapd-nntp-2.2.12-10.el4_8.4.x86_64.rpm
cyrus-imapd-utils-2.2.12-10.el4_8.4.x86_64.rpm
perl-Cyrus-2.2.12-10.el4_8.4.x86_64.rpm
Red Hat Enterprise Linux WS version 4:
Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/cyrus-imapd-2.2.12-10.el4_8.4.src.rpm
i386:
cyrus-imapd-2.2.12-10.el4_8.4.i386.rpm
cyrus-imapd-debuginfo-2.2.12-10.el4_8.4.i386.rpm
cyrus-imapd-devel-2.2.12-10.el4_8.4.i386.rpm
cyrus-imapd-murder-2.2.12-10.el4_8.4.i386.rpm
cyrus-imapd-nntp-2.2.12-10.el4_8.4.i386.rpm
cyrus-imapd-utils-2.2.12-10.el4_8.4.i386.rpm
perl-Cyrus-2.2.12-10.el4_8.4.i386.rpm
ia64:
cyrus-imapd-2.2.12-10.el4_8.4.ia64.rpm
cyrus-imapd-debuginfo-2.2.12-10.el4_8.4.ia64.rpm
cyrus-imapd-devel-2.2.12-10.el4_8.4.ia64.rpm
cyrus-imapd-murder-2.2.12-10.el4_8.4.ia64.rpm
cyrus-imapd-nntp-2.2.12-10.el4_8.4.ia64.rpm
cyrus-imapd-utils-2.2.12-10.el4_8.4.ia64.rpm
perl-Cyrus-2.2.12-10.el4_8.4.ia64.rpm
x86_64:
cyrus-imapd-2.2.12-10.el4_8.4.x86_64.rpm
cyrus-imapd-debuginfo-2.2.12-10.el4_8.4.x86_64.rpm
cyrus-imapd-devel-2.2.12-10.el4_8.4.x86_64.rpm
cyrus-imapd-murder-2.2.12-10.el4_8.4.x86_64.rpm
cyrus-imapd-nntp-2.2.12-10.el4_8.4.x86_64.rpm
cyrus-imapd-utils-2.2.12-10.el4_8.4.x86_64.rpm
perl-Cyrus-2.2.12-10.el4_8.4.x86_64.rpm
RHEL Desktop Workstation (v. 5 client):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/cyrus-imapd-2.3.7-7.el5_4.3.src.rpm
i386:
cyrus-imapd-2.3.7-7.el5_4.3.i386.rpm
cyrus-imapd-debuginfo-2.3.7-7.el5_4.3.i386.rpm
cyrus-imapd-devel-2.3.7-7.el5_4.3.i386.rpm
cyrus-imapd-perl-2.3.7-7.el5_4.3.i386.rpm
cyrus-imapd-utils-2.3.7-7.el5_4.3.i386.rpm
x86_64:
cyrus-imapd-2.3.7-7.el5_4.3.x86_64.rpm
cyrus-imapd-debuginfo-2.3.7-7.el5_4.3.i386.rpm
cyrus-imapd-debuginfo-2.3.7-7.el5_4.3.x86_64.rpm
cyrus-imapd-devel-2.3.7-7.el5_4.3.i386.rpm
cyrus-imapd-devel-2.3.7-7.el5_4.3.x86_64.rpm
cyrus-imapd-perl-2.3.7-7.el5_4.3.x86_64.rpm
cyrus-imapd-utils-2.3.7-7.el5_4.3.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/cyrus-imapd-2.3.7-7.el5_4.3.src.rpm
i386:
cyrus-imapd-2.3.7-7.el5_4.3.i386.rpm
cyrus-imapd-debuginfo-2.3.7-7.el5_4.3.i386.rpm
cyrus-imapd-devel-2.3.7-7.el5_4.3.i386.rpm
cyrus-imapd-perl-2.3.7-7.el5_4.3.i386.rpm
cyrus-imapd-utils-2.3.7-7.el5_4.3.i386.rpm
ia64:
cyrus-imapd-2.3.7-7.el5_4.3.ia64.rpm
cyrus-imapd-debuginfo-2.3.7-7.el5_4.3.ia64.rpm
cyrus-imapd-devel-2.3.7-7.el5_4.3.ia64.rpm
cyrus-imapd-perl-2.3.7-7.el5_4.3.ia64.rpm
cyrus-imapd-utils-2.3.7-7.el5_4.3.ia64.rpm
ppc:
cyrus-imapd-2.3.7-7.el5_4.3.ppc.rpm
cyrus-imapd-debuginfo-2.3.7-7.el5_4.3.ppc.rpm
cyrus-imapd-debuginfo-2.3.7-7.el5_4.3.ppc64.rpm
cyrus-imapd-devel-2.3.7-7.el5_4.3.ppc.rpm
cyrus-imapd-devel-2.3.7-7.el5_4.3.ppc64.rpm
cyrus-imapd-perl-2.3.7-7.el5_4.3.ppc.rpm
cyrus-imapd-utils-2.3.7-7.el5_4.3.ppc.rpm
s390x:
cyrus-imapd-2.3.7-7.el5_4.3.s390x.rpm
cyrus-imapd-debuginfo-2.3.7-7.el5_4.3.s390.rpm
cyrus-imapd-debuginfo-2.3.7-7.el5_4.3.s390x.rpm
cyrus-imapd-devel-2.3.7-7.el5_4.3.s390.rpm
cyrus-imapd-devel-2.3.7-7.el5_4.3.s390x.rpm
cyrus-imapd-perl-2.3.7-7.el5_4.3.s390x.rpm
cyrus-imapd-utils-2.3.7-7.el5_4.3.s390x.rpm
x86_64:
cyrus-imapd-2.3.7-7.el5_4.3.x86_64.rpm
cyrus-imapd-debuginfo-2.3.7-7.el5_4.3.i386.rpm
cyrus-imapd-debuginfo-2.3.7-7.el5_4.3.x86_64.rpm
cyrus-imapd-devel-2.3.7-7.el5_4.3.i386.rpm
cyrus-imapd-devel-2.3.7-7.el5_4.3.x86_64.rpm
cyrus-imapd-perl-2.3.7-7.el5_4.3.x86_64.rpm
cyrus-imapd-utils-2.3.7-7.el5_4.3.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package
7. References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2632
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3235
http://www.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is . More contact
details at https://www.redhat.com/security/team/contact/
Copyright 2009 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFKuj3SXlSAg2UNWIIRAlDOAJ9Mv6K81o+GhCU/b0D0zt0+HpjasQCfRW/r
DyTQFg0LOlGMCajRVruzyo8=
=eIsi
-----END PGP SIGNATURE-----
"
Miley Cyrus co-star wants sequelRHSA-2009:1232-01 Moderate: gnutls security update
"-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: pidgin security update
Advisory ID: RHSA-2009:1453-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1453.html
Issue date: 2009-09-21
CVE Names: CVE-2009-2703 CVE-2009-3026 CVE-2009-3083
CVE-2009-3085
=====================================================================
1. Summary:
Updated pidgin packages that fix several security issues are now available
for Red Hat Enterprise Linux 4 and 5.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
RHEL Desktop Workstation (v. 5 client) - i386, x86_64
RHEL Optional Productivity Applications (v. 5 server) - i386, x86_64
3. Description:
Pidgin is an instant messaging program which can log in to multiple
accounts on multiple instant messaging networks simultaneously. Info/Query
(IQ) is an Extensible Messaging and Presence Protocol (XMPP) specific
request-response mechanism.
A NULL pointer dereference flaw was found in the way the Pidgin XMPP
protocol plug-in processes IQ error responses when trying to fetch a custom
smiley. A remote client could send a specially-crafted IQ error response
that would crash Pidgin. (CVE-2009-3085)
A NULL pointer dereference flaw was found in the way the Pidgin IRC
protocol plug-in handles IRC topics. A malicious IRC server could send a
specially-crafted IRC TOPIC message, which once received by Pidgin, would
lead to a denial of service (Pidgin crash). (CVE-2009-2703)
It was discovered that, when connecting to certain, very old Jabber servers
via XMPP, Pidgin may ignore the "Require SSL/TLS" setting. In these
situations, a non-encrypted connection is established rather than the
connection failing, causing the user to believe they are using an encrypted
connection when they are not, leading to sensitive information disclosure
(session sniffing). (CVE-2009-3026)
A NULL pointer dereference flaw was found in the way the Pidgin MSN
protocol plug-in handles improper MSNSLP invitations. A remote attacker
could send a specially-crafted MSNSLP invitation request, which once
accepted by a valid Pidgin user, would lead to a denial of service (Pidgin
crash). (CVE-2009-3083)
These packages upgrade Pidgin to version 2.6.2. Refer to the Pidgin release
notes for a full list of changes: http://developer.pidgin.im/wiki/ChangeLog
All Pidgin users should upgrade to these updated packages, which correct
these issues. Pidgin must be restarted for this update to take effect.
4. Solution:
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259
5. Bugs fixed (http://bugzilla.redhat.com/):
519224 - CVE-2009-3026 pidgin: ignores SSL/TLS requirements with old jabber servers
521823 - CVE-2009-2703 Pidgin: NULL pointer dereference by handling IRC topic(s) (DoS)
521832 - CVE-2009-3083 Pidgin: NULL pointer dereference by processing incomplete MSN SLP invite (DoS)
521853 - CVE-2009-3085 Pidgin: NULL pointer dereference by processing a custom smiley (DoS)
6. Package List:
Red Hat Enterprise Linux AS version 4:
Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/pidgin-2.6.2-2.el4.src.rpm
i386:
finch-2.6.2-2.el4.i386.rpm
finch-devel-2.6.2-2.el4.i386.rpm
libpurple-2.6.2-2.el4.i386.rpm
libpurple-devel-2.6.2-2.el4.i386.rpm
libpurple-perl-2.6.2-2.el4.i386.rpm
libpurple-tcl-2.6.2-2.el4.i386.rpm
pidgin-2.6.2-2.el4.i386.rpm
pidgin-debuginfo-2.6.2-2.el4.i386.rpm
pidgin-devel-2.6.2-2.el4.i386.rpm
pidgin-perl-2.6.2-2.el4.i386.rpm
ia64:
finch-2.6.2-2.el4.ia64.rpm
finch-devel-2.6.2-2.el4.ia64.rpm
libpurple-2.6.2-2.el4.ia64.rpm
libpurple-devel-2.6.2-2.el4.ia64.rpm
libpurple-perl-2.6.2-2.el4.ia64.rpm
libpurple-tcl-2.6.2-2.el4.ia64.rpm
pidgin-2.6.2-2.el4.ia64.rpm
pidgin-debuginfo-2.6.2-2.el4.ia64.rpm
pidgin-devel-2.6.2-2.el4.ia64.rpm
pidgin-perl-2.6.2-2.el4.ia64.rpm
ppc:
finch-2.6.2-2.el4.ppc.rpm
finch-devel-2.6.2-2.el4.ppc.rpm
libpurple-2.6.2-2.el4.ppc.rpm
libpurple-devel-2.6.2-2.el4.ppc.rpm
libpurple-perl-2.6.2-2.el4.ppc.rpm
libpurple-tcl-2.6.2-2.el4.ppc.rpm
pidgin-2.6.2-2.el4.ppc.rpm
pidgin-debuginfo-2.6.2-2.el4.ppc.rpm
pidgin-devel-2.6.2-2.el4.ppc.rpm
pidgin-perl-2.6.2-2.el4.ppc.rpm
x86_64:
finch-2.6.2-2.el4.x86_64.rpm
finch-devel-2.6.2-2.el4.x86_64.rpm
libpurple-2.6.2-2.el4.x86_64.rpm
libpurple-devel-2.6.2-2.el4.x86_64.rpm
libpurple-perl-2.6.2-2.el4.x86_64.rpm
libpurple-tcl-2.6.2-2.el4.x86_64.rpm
pidgin-2.6.2-2.el4.x86_64.rpm
pidgin-debuginfo-2.6.2-2.el4.x86_64.rpm
pidgin-devel-2.6.2-2.el4.x86_64.rpm
pidgin-perl-2.6.2-2.el4.x86_64.rpm
Red Hat Enterprise Linux Desktop version 4:
Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/pidgin-2.6.2-2.el4.src.rpm
i386:
finch-2.6.2-2.el4.i386.rpm
finch-devel-2.6.2-2.el4.i386.rpm
libpurple-2.6.2-2.el4.i386.rpm
libpurple-devel-2.6.2-2.el4.i386.rpm
libpurple-perl-2.6.2-2.el4.i386.rpm
libpurple-tcl-2.6.2-2.el4.i386.rpm
pidgin-2.6.2-2.el4.i386.rpm
pidgin-debuginfo-2.6.2-2.el4.i386.rpm
pidgin-devel-2.6.2-2.el4.i386.rpm
pidgin-perl-2.6.2-2.el4.i386.rpm
x86_64:
finch-2.6.2-2.el4.x86_64.rpm
finch-devel-2.6.2-2.el4.x86_64.rpm
libpurple-2.6.2-2.el4.x86_64.rpm
libpurple-devel-2.6.2-2.el4.x86_64.rpm
libpurple-perl-2.6.2-2.el4.x86_64.rpm
libpurple-tcl-2.6.2-2.el4.x86_64.rpm
pidgin-2.6.2-2.el4.x86_64.rpm
pidgin-debuginfo-2.6.2-2.el4.x86_64.rpm
pidgin-devel-2.6.2-2.el4.x86_64.rpm
pidgin-perl-2.6.2-2.el4.x86_64.rpm
Red Hat Enterprise Linux ES version 4:
Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/pidgin-2.6.2-2.el4.src.rpm
i386:
finch-2.6.2-2.el4.i386.rpm
finch-devel-2.6.2-2.el4.i386.rpm
libpurple-2.6.2-2.el4.i386.rpm
libpurple-devel-2.6.2-2.el4.i386.rpm
libpurple-perl-2.6.2-2.el4.i386.rpm
libpurple-tcl-2.6.2-2.el4.i386.rpm
pidgin-2.6.2-2.el4.i386.rpm
pidgin-debuginfo-2.6.2-2.el4.i386.rpm
pidgin-devel-2.6.2-2.el4.i386.rpm
pidgin-perl-2.6.2-2.el4.i386.rpm
ia64:
finch-2.6.2-2.el4.ia64.rpm
finch-devel-2.6.2-2.el4.ia64.rpm
libpurple-2.6.2-2.el4.ia64.rpm
libpurple-devel-2.6.2-2.el4.ia64.rpm
libpurple-perl-2.6.2-2.el4.ia64.rpm
libpurple-tcl-2.6.2-2.el4.ia64.rpm
pidgin-2.6.2-2.el4.ia64.rpm
pidgin-debuginfo-2.6.2-2.el4.ia64.rpm
pidgin-devel-2.6.2-2.el4.ia64.rpm
pidgin-perl-2.6.2-2.el4.ia64.rpm
x86_64:
finch-2.6.2-2.el4.x86_64.rpm
finch-devel-2.6.2-2.el4.x86_64.rpm
libpurple-2.6.2-2.el4.x86_64.rpm
libpurple-devel-2.6.2-2.el4.x86_64.rpm
libpurple-perl-2.6.2-2.el4.x86_64.rpm
libpurple-tcl-2.6.2-2.el4.x86_64.rpm
pidgin-2.6.2-2.el4.x86_64.rpm
pidgin-debuginfo-2.6.2-2.el4.x86_64.rpm
pidgin-devel-2.6.2-2.el4.x86_64.rpm
pidgin-perl-2.6.2-2.el4.x86_64.rpm
Red Hat Enterprise Linux WS version 4:
Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/pidgin-2.6.2-2.el4.src.rpm
i386:
finch-2.6.2-2.el4.i386.rpm
finch-devel-2.6.2-2.el4.i386.rpm
libpurple-2.6.2-2.el4.i386.rpm
libpurple-devel-2.6.2-2.el4.i386.rpm
libpurple-perl-2.6.2-2.el4.i386.rpm
libpurple-tcl-2.6.2-2.el4.i386.rpm
pidgin-2.6.2-2.el4.i386.rpm
pidgin-debuginfo-2.6.2-2.el4.i386.rpm
pidgin-devel-2.6.2-2.el4.i386.rpm
pidgin-perl-2.6.2-2.el4.i386.rpm
ia64:
finch-2.6.2-2.el4.ia64.rpm
finch-devel-2.6.2-2.el4.ia64.rpm
libpurple-2.6.2-2.el4.ia64.rpm
libpurple-devel-2.6.2-2.el4.ia64.rpm
libpurple-perl-2.6.2-2.el4.ia64.rpm
libpurple-tcl-2.6.2-2.el4.ia64.rpm
pidgin-2.6.2-2.el4.ia64.rpm
pidgin-debuginfo-2.6.2-2.el4.ia64.rpm
pidgin-devel-2.6.2-2.el4.ia64.rpm
pidgin-perl-2.6.2-2.el4.ia64.rpm
x86_64:
finch-2.6.2-2.el4.x86_64.rpm
finch-devel-2.6.2-2.el4.x86_64.rpm
libpurple-2.6.2-2.el4.x86_64.rpm
libpurple-devel-2.6.2-2.el4.x86_64.rpm
libpurple-perl-2.6.2-2.el4.x86_64.rpm
libpurple-tcl-2.6.2-2.el4.x86_64.rpm
pidgin-2.6.2-2.el4.x86_64.rpm
pidgin-debuginfo-2.6.2-2.el4.x86_64.rpm
pidgin-devel-2.6.2-2.el4.x86_64.rpm
pidgin-perl-2.6.2-2.el4.x86_64.rpm
Red Hat Enterprise Linux Desktop (v. 5 client):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/pidgin-2.6.2-2.el5.src.rpm
i386:
finch-2.6.2-2.el5.i386.rpm
libpurple-2.6.2-2.el5.i386.rpm
libpurple-perl-2.6.2-2.el5.i386.rpm
libpurple-tcl-2.6.2-2.el5.i386.rpm
pidgin-2.6.2-2.el5.i386.rpm
pidgin-debuginfo-2.6.2-2.el5.i386.rpm
pidgin-perl-2.6.2-2.el5.i386.rpm
x86_64:
finch-2.6.2-2.el5.i386.rpm
finch-2.6.2-2.el5.x86_64.rpm
libpurple-2.6.2-2.el5.i386.rpm
libpurple-2.6.2-2.el5.x86_64.rpm
libpurple-perl-2.6.2-2.el5.x86_64.rpm
libpurple-tcl-2.6.2-2.el5.x86_64.rpm
pidgin-2.6.2-2.el5.i386.rpm
pidgin-2.6.2-2.el5.x86_64.rpm
pidgin-debuginfo-2.6.2-2.el5.i386.rpm
pidgin-debuginfo-2.6.2-2.el5.x86_64.rpm
pidgin-perl-2.6.2-2.el5.x86_64.rpm
RHEL Desktop Workstation (v. 5 client):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/pidgin-2.6.2-2.el5.src.rpm
i386:
finch-devel-2.6.2-2.el5.i386.rpm
libpurple-devel-2.6.2-2.el5.i386.rpm
pidgin-debuginfo-2.6.2-2.el5.i386.rpm
pidgin-devel-2.6.2-2.el5.i386.rpm
x86_64:
finch-devel-2.6.2-2.el5.i386.rpm
finch-devel-2.6.2-2.el5.x86_64.rpm
libpurple-devel-2.6.2-2.el5.i386.rpm
libpurple-devel-2.6.2-2.el5.x86_64.rpm
pidgin-debuginfo-2.6.2-2.el5.i386.rpm
pidgin-debuginfo-2.6.2-2.el5.x86_64.rpm
pidgin-devel-2.6.2-2.el5.i386.rpm
pidgin-devel-2.6.2-2.el5.x86_64.rpm
RHEL Optional Productivity Applications (v. 5 server):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/pidgin-2.6.2-2.el5.src.rpm
i386:
finch-2.6.2-2.el5.i386.rpm
finch-devel-2.6.2-2.el5.i386.rpm
libpurple-2.6.2-2.el5.i386.rpm
libpurple-devel-2.6.2-2.el5.i386.rpm
libpurple-perl-2.6.2-2.el5.i386.rpm
libpurple-tcl-2.6.2-2.el5.i386.rpm
pidgin-2.6.2-2.el5.i386.rpm
pidgin-debuginfo-2.6.2-2.el5.i386.rpm
pidgin-devel-2.6.2-2.el5.i386.rpm
pidgin-perl-2.6.2-2.el5.i386.rpm
x86_64:
finch-2.6.2-2.el5.i386.rpm
finch-2.6.2-2.el5.x86_64.rpm
finch-devel-2.6.2-2.el5.i386.rpm
finch-devel-2.6.2-2.el5.x86_64.rpm
libpurple-2.6.2-2.el5.i386.rpm
libpurple-2.6.2-2.el5.x86_64.rpm
libpurple-devel-2.6.2-2.el5.i386.rpm
libpurple-devel-2.6.2-2.el5.x86_64.rpm
libpurple-perl-2.6.2-2.el5.x86_64.rpm
libpurple-tcl-2.6.2-2.el5.x86_64.rpm
pidgin-2.6.2-2.el5.i386.rpm
pidgin-2.6.2-2.el5.x86_64.rpm
pidgin-debuginfo-2.6.2-2.el5.i386.rpm
pidgin-debuginfo-2.6.2-2.el5.x86_64.rpm
pidgin-devel-2.6.2-2.el5.i386.rpm
pidgin-devel-2.6.2-2.el5.x86_64.rpm
pidgin-perl-2.6.2-2.el5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package
7. References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2703
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3026
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3083
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3085
http://www.redhat.com/security/updates/classification/#moderate
http://xmpp.org/rfcs/rfc3920.html#stanzas-semantics-iq
8. Contact:
The Red Hat security contact is . More contact
details at https://www.redhat.com/security/team/contact/
Copyright 2009 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFKt6IDXlSAg2UNWIIRAkB5AKCWlaxwTC9/X6tqYBYTOytmKnN++ACgtbvk
JknVVejYErgfzo6OyrOovu8=
=KVNz
-----END PGP SIGNATURE-----
"
RHSA-2009:1218-01 Critical: pidgin security update
"Ubuntu Security Notice USN-835-1 September 21, 2009
neon, neon27 vulnerabilities
CVE-2008-3746, CVE-2009-2474
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
libneon25 0.25.5.dfsg-5ubuntu0.1
Ubuntu 8.04 LTS:
libneon27 0.27.2-1ubuntu0.1
libneon27-gnutls 0.27.2-1ubuntu0.1
Ubuntu 8.10:
libneon27 0.28.2-2ubuntu0.1
libneon27-gnutls 0.28.2-2ubuntu0.1
Ubuntu 9.04:
libneon27 0.28.2-6.1ubuntu0.1
libneon27-gnutls 0.28.2-6.1ubuntu0.1
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
Joe Orton discovered that neon did not correctly handle SSL certificates
with zero bytes in the Common Name. A remote attacker could exploit this
to perform a man in the middle attack to view sensitive information or
alter encrypted communications.
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/n/neon/neon_0.25.5.dfsg-5ubuntu0.1.diff.gz
Size/MD5: 21241 816587e0cf93ab4a4b83facb7768962f
http://security.ubuntu.com/ubuntu/pool/main/n/neon/neon_0.25.5.dfsg-5ubuntu0.1.dsc
Size/MD5: 789 883a571edfb6ca2f265b6cc830b92cec
http://security.ubuntu.com/ubuntu/pool/main/n/neon/neon_0.25.5.dfsg.orig.tar.gz
Size/MD5: 633438 32ed43bea8568f8f592266c6ff6acf0f
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/n/neon/libneon25-dbg_0.25.5.dfsg-5ubuntu0.1_amd64.deb
Size/MD5: 150072 8fe35489f1bf3c0d9dc029c737a3b400
http://security.ubuntu.com/ubuntu/pool/main/n/neon/libneon25-dev_0.25.5.dfsg-5ubuntu0.1_amd64.deb
Size/MD5: 139964 1fc960e8c8d23498f73651158c5fed88
http://security.ubuntu.com/ubuntu/pool/main/n/neon/libneon25_0.25.5.dfsg-5ubuntu0.1_amd64.deb
Size/MD5: 105972 718aab24299009494603f217d680343e
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/n/neon/libneon25-dbg_0.25.5.dfsg-5ubuntu0.1_i386.deb
Size/MD5: 129460 850a2dcae6650b6cd360d8fd5e260306
http://security.ubuntu.com/ubuntu/pool/main/n/neon/libneon25-dev_0.25.5.dfsg-5ubuntu0.1_i386.deb
Size/MD5: 127282 b29d4d5725a2b166a65317b39d927a2d
http://security.ubuntu.com/ubuntu/pool/main/n/neon/libneon25_0.25.5.dfsg-5ubuntu0.1_i386.deb
Size/MD5: 98742 d925ff133a28cd973197e22b2e0d18e4
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/n/neon/libneon25-dbg_0.25.5.dfsg-5ubuntu0.1_powerpc.deb
Size/MD5: 149668 037f23da1f9566622a018632fe610c2d
http://security.ubuntu.com/ubuntu/pool/main/n/neon/libneon25-dev_0.25.5.dfsg-5ubuntu0.1_powerpc.deb
Size/MD5: 139344 f1fe92c7c7f59ca0968a1bb87d585717
http://security.ubuntu.com/ubuntu/pool/main/n/neon/libneon25_0.25.5.dfsg-5ubuntu0.1_powerpc.deb
Size/MD5: 102650 38eff65b3cb36fdf18b1a9c508ebbd56
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/n/neon/libneon25-dbg_0.25.5.dfsg-5ubuntu0.1_sparc.deb
Size/MD5: 131338 e204e6cb89e1bf96d3367c3bbf1487c1
http://security.ubuntu.com/ubuntu/pool/main/n/neon/libneon25-dev_0.25.5.dfsg-5ubuntu0.1_sparc.deb
Size/MD5: 133516 213211b48418ed7388bb9235130efa9a
http://security.ubuntu.com/ubuntu/pool/main/n/neon/libneon25_0.25.5.dfsg-5ubuntu0.1_sparc.deb
Size/MD5: 101588 3cb88debbc07258d7ee434b32262128e
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/neon27_0.27.2-1ubuntu0.1.diff.gz
Size/MD5: 20712 20939a5349b3b1d57c6ce3660e362f42
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/neon27_0.27.2-1ubuntu0.1.dsc
Size/MD5: 939 a8ad0b6b6c520828fd7d00749897f26a
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/neon27_0.27.2.orig.tar.gz
Size/MD5: 812750 24d434a4d5d4b6ce8f076039688f60ce
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27-dbg_0.27.2-1ubuntu0.1_amd64.deb
Size/MD5: 176652 ed7021e0f6b21df0851aab43e6c008d3
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27-dev_0.27.2-1ubuntu0.1_amd64.deb
Size/MD5: 402820 9f302f4e9031233a43d49b636706e13f
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27-gnutls-dbg_0.27.2-1ubuntu0.1_amd64.deb
Size/MD5: 157874 ff25752134f938896a7b146169ddee49
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27-gnutls-dev_0.27.2-1ubuntu0.1_amd64.deb
Size/MD5: 376918 2615e14d72ec90aa8b42cf6ca0b379b2
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27-gnutls_0.27.2-1ubuntu0.1_amd64.deb
Size/MD5: 108292 2539874993245e5a3e34fbc6ecf29fda
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27_0.27.2-1ubuntu0.1_amd64.deb
Size/MD5: 133262 70d032dcdcac2b62d0279504990f5d3e
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27-dbg_0.27.2-1ubuntu0.1_i386.deb
Size/MD5: 170324 916695eae648a04716d6decd5afd454e
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27-dev_0.27.2-1ubuntu0.1_i386.deb
Size/MD5: 369116 6a079f855afcbf62debaec5b6d924d78
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27-gnutls-dbg_0.27.2-1ubuntu0.1_i386.deb
Size/MD5: 151426 654b963a71dcb4e96e4f37bf858a498f
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27-gnutls-dev_0.27.2-1ubuntu0.1_i386.deb
Size/MD5: 344216 42923c3cd16536839d33e91391afe58a
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27-gnutls_0.27.2-1ubuntu0.1_i386.deb
Size/MD5: 103146 85cbd67c28eed802c146f49266986793
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27_0.27.2-1ubuntu0.1_i386.deb
Size/MD5: 127926 99fa358256515f29eab2057538cf3ee1
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-dbg_0.27.2-1ubuntu0.1_lpia.deb
Size/MD5: 172252 eab88350f2284d5f9d74f8788555fc81
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-dev_0.27.2-1ubuntu0.1_lpia.deb
Size/MD5: 371158 8e97b2cc49f5213f127848b9bf760324
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-gnutls-dbg_0.27.2-1ubuntu0.1_lpia.deb
Size/MD5: 153228 191f3882e96d175eb9f58df4db377cdd
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-gnutls-dev_0.27.2-1ubuntu0.1_lpia.deb
Size/MD5: 345646 026e6d7570cfcd8452aabc1aa4e430c5
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-gnutls_0.27.2-1ubuntu0.1_lpia.deb
Size/MD5: 102114 96bc6e6b22ca0c87c4542d447ef87f6c
http://ports.ubuntu.com/pool/main/n/neon27/libneon27_0.27.2-1ubuntu0.1_lpia.deb
Size/MD5: 127030 4e55fd691c2349280efceb57448dba6a
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-dbg_0.27.2-1ubuntu0.1_powerpc.deb
Size/MD5: 176704 c5cb99ca83490774d54ca181d537ead2
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-dev_0.27.2-1ubuntu0.1_powerpc.deb
Size/MD5: 421734 a1465902d5fce2a81631971b3e7158a7
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-gnutls-dbg_0.27.2-1ubuntu0.1_powerpc.deb
Size/MD5: 157946 a983b5baf576d1f065176ba12166cc19
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-gnutls-dev_0.27.2-1ubuntu0.1_powerpc.deb
Size/MD5: 391658 4a9785df166703eb6fa7c8132a98a3b1
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-gnutls_0.27.2-1ubuntu0.1_powerpc.deb
Size/MD5: 110220 d885beccb5d7db7aace902b39ebd2cb5
http://ports.ubuntu.com/pool/main/n/neon27/libneon27_0.27.2-1ubuntu0.1_powerpc.deb
Size/MD5: 134874 bdc0bd129db2bc565b514a86eff5aaef
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-dbg_0.27.2-1ubuntu0.1_sparc.deb
Size/MD5: 162998 ff3ed6431bffadfc57c3f8a9d4cac74e
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-dev_0.27.2-1ubuntu0.1_sparc.deb
Size/MD5: 371204 fced2fe9f2cc105203c9fe518408c12c
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-gnutls-dbg_0.27.2-1ubuntu0.1_sparc.deb
Size/MD5: 144480 5d79c57d41605ab64dd46500e42e0843
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-gnutls-dev_0.27.2-1ubuntu0.1_sparc.deb
Size/MD5: 343442 94b1d72e42b52c2164168f8d377773e8
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-gnutls_0.27.2-1ubuntu0.1_sparc.deb
Size/MD5: 103374 8c77263ab7d6181405005208022a1b06
http://ports.ubuntu.com/pool/main/n/neon27/libneon27_0.27.2-1ubuntu0.1_sparc.deb
Size/MD5: 128486 e272c8dddd67ce4d87afbd4c90fedffa
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/neon27_0.28.2-2ubuntu0.1.diff.gz
Size/MD5: 23815 6f6b1e6ada9a523896127613b1f2a217
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/neon27_0.28.2-2ubuntu0.1.dsc
Size/MD5: 1379 7ea5e427b97085cc7511afcdcedf857d
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/neon27_0.28.2.orig.tar.gz
Size/MD5: 797944 b99b3f44e8507ae2d17362f1b34aaf02
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27-dbg_0.28.2-2ubuntu0.1_amd64.deb
Size/MD5: 191520 f6ab3ecad18b6cd3d05e2751ffa7a5a9
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27-dev_0.28.2-2ubuntu0.1_amd64.deb
Size/MD5: 428176 5830845f7612a0dba4efbe2a8021e4c4
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27-gnutls-dbg_0.28.2-2ubuntu0.1_amd64.deb
Size/MD5: 172890 97942efd1db0a758e97bcdf37f0d8f76
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27-gnutls-dev_0.28.2-2ubuntu0.1_amd64.deb
Size/MD5: 402762 892c4c6fb330a202e7c3bb6202bb0a02
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27-gnutls_0.28.2-2ubuntu0.1_amd64.deb
Size/MD5: 119264 d313c4dc3a6b379fbe4e2f973b5947e6
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27_0.28.2-2ubuntu0.1_amd64.deb
Size/MD5: 144902 7d580f2550b264fada435ec7597a5742
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27-dbg_0.28.2-2ubuntu0.1_i386.deb
Size/MD5: 184370 3d50415bf133d4dfe276dfc03e71e020
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27-dev_0.28.2-2ubuntu0.1_i386.deb
Size/MD5: 393130 29bd3b6e83c131e6900c031805ba34fa
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27-gnutls-dbg_0.28.2-2ubuntu0.1_i386.deb
Size/MD5: 166050 f65eddb05aa5d975a7e122c84d7b7845
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27-gnutls-dev_0.28.2-2ubuntu0.1_i386.deb
Size/MD5: 368212 eb7020e74a0311d2104976e1772b641a
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27-gnutls_0.28.2-2ubuntu0.1_i386.deb
Size/MD5: 114122 035e3b754e87e0cf46a8ec136caaa026
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27_0.28.2-2ubuntu0.1_i386.deb
Size/MD5: 139584 cfc9ceb5dcc52610fde529ffe5604da7
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-dbg_0.28.2-2ubuntu0.1_lpia.deb
Size/MD5: 185900 17a1d4d1f1ab9708aa18e034fb7b29e1
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-dev_0.28.2-2ubuntu0.1_lpia.deb
Size/MD5: 394742 24f17a926e8a8c17b0273dab1c24a70e
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-gnutls-dbg_0.28.2-2ubuntu0.1_lpia.deb
Size/MD5: 167492 2c73ae4810ba0742f849803620595c74
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-gnutls-dev_0.28.2-2ubuntu0.1_lpia.deb
Size/MD5: 370226 f7ff770cfcfd9a624db80a2c8100e436
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-gnutls_0.28.2-2ubuntu0.1_lpia.deb
Size/MD5: 113006 4e7446c38f409381e44fa3348d9cf16d
http://ports.ubuntu.com/pool/main/n/neon27/libneon27_0.28.2-2ubuntu0.1_lpia.deb
Size/MD5: 138624 a2de6a9c1ec02a3970f01052caccef64
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-dbg_0.28.2-2ubuntu0.1_powerpc.deb
Size/MD5: 191006 d2ae675e1836a76db2974ca4bb10a6d2
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-dev_0.28.2-2ubuntu0.1_powerpc.deb
Size/MD5: 445778 75977229ba9371115dd80bd77b078230
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-gnutls-dbg_0.28.2-2ubuntu0.1_powerpc.deb
Size/MD5: 173002 265636356f24a9fea8be60ca92938b37
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-gnutls-dev_0.28.2-2ubuntu0.1_powerpc.deb
Size/MD5: 415936 5f87a783c030a936ce9535a06f627785
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-gnutls_0.28.2-2ubuntu0.1_powerpc.deb
Size/MD5: 120452 c543de922280e517454db6bdef402cde
http://ports.ubuntu.com/pool/main/n/neon27/libneon27_0.28.2-2ubuntu0.1_powerpc.deb
Size/MD5: 145836 cc66be766fd9275d137edd4ec11ed625
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-dbg_0.28.2-2ubuntu0.1_sparc.deb
Size/MD5: 175622 3ba09f3066863bdf0520c2a8f8eb45ac
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-dev_0.28.2-2ubuntu0.1_sparc.deb
Size/MD5: 392552 359ede258a11a7d17457e24a98986775
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-gnutls-dbg_0.28.2-2ubuntu0.1_sparc.deb
Size/MD5: 156452 0ffb01d9c0bbfe97fe114af0d331fd3e
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-gnutls-dev_0.28.2-2ubuntu0.1_sparc.deb
Size/MD5: 365460 79920f83cac355effe18b7bdc872c634
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-gnutls_0.28.2-2ubuntu0.1_sparc.deb
Size/MD5: 113430 f603e40fb8ec979f617a3d45b4bf5ce0
http://ports.ubuntu.com/pool/main/n/neon27/libneon27_0.28.2-2ubuntu0.1_sparc.deb
Size/MD5: 139032 0ec4017b6acb3ef39f2a6f6d2447844b
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/neon27_0.28.2-6.1ubuntu0.1.diff.gz
Size/MD5: 24132 da9be21a19b61748eda43f41a1aca91c
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/neon27_0.28.2-6.1ubuntu0.1.dsc
Size/MD5: 1411 bae9926bff7220064db056ba7ce726f9
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/neon27_0.28.2.orig.tar.gz
Size/MD5: 797944 b99b3f44e8507ae2d17362f1b34aaf02
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon25-dev_0.28.2-6.1ubuntu0.1_amd64.deb
Size/MD5: 51354 8617736f3540ceb2c7fdd1b2a54d3dda
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27-dbg_0.28.2-6.1ubuntu0.1_amd64.deb
Size/MD5: 191964 1dd150f8babcfce047b839607bcac0f7
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27-dev_0.28.2-6.1ubuntu0.1_amd64.deb
Size/MD5: 428610 00f874c335002728e868f365db185b04
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27-gnutls-dbg_0.28.2-6.1ubuntu0.1_amd64.deb
Size/MD5: 173350 71cfa13feebdde24f2332a5bd0e73c0c
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27-gnutls-dev_0.28.2-6.1ubuntu0.1_amd64.deb
Size/MD5: 403366 a4e0c48c548fef1014e604e59c15b027
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27-gnutls_0.28.2-6.1ubuntu0.1_amd64.deb
Size/MD5: 119684 52876e4cecf3b1ec6d8192eea3da2778
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27_0.28.2-6.1ubuntu0.1_amd64.deb
Size/MD5: 145328 3b6f9fe274456465097f4f41ac265e13
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon25-dev_0.28.2-6.1ubuntu0.1_i386.deb
Size/MD5: 51354 93dde95d793a6ce061cb3af2db75a271
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27-dbg_0.28.2-6.1ubuntu0.1_i386.deb
Size/MD5: 184882 8000f55c371f25d1ee87f91f9ca7f364
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27-dev_0.28.2-6.1ubuntu0.1_i386.deb
Size/MD5: 393574 b5ed91f1b2cc9306b482cd936cc5c78c
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27-gnutls-dbg_0.28.2-6.1ubuntu0.1_i386.deb
Size/MD5: 166604 b21c479d09f7e88e0510c12190d87296
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27-gnutls-dev_0.28.2-6.1ubuntu0.1_i386.deb
Size/MD5: 368756 ee65f90a0496ed8128526a338ffd7fe7
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27-gnutls_0.28.2-6.1ubuntu0.1_i386.deb
Size/MD5: 114522 96bc36544b43d5e65727725e85b75ff0
http://security.ubuntu.com/ubuntu/pool/main/n/neon27/libneon27_0.28.2-6.1ubuntu0.1_i386.deb
Size/MD5: 140030 267bdfbc9b9784baf73857798a99967d
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/n/neon27/libneon25-dev_0.28.2-6.1ubuntu0.1_lpia.deb
Size/MD5: 51352 97c0f618e1a8da22999f9904f78c573d
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-dbg_0.28.2-6.1ubuntu0.1_lpia.deb
Size/MD5: 186410 5e20424a69ce45d3a66db001e5efb2dc
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-dev_0.28.2-6.1ubuntu0.1_lpia.deb
Size/MD5: 395242 372ebcd1dd210f2d5c136e9129b08ace
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-gnutls-dbg_0.28.2-6.1ubuntu0.1_lpia.deb
Size/MD5: 168082 cbe9aede94ebf50f2ba0ff571429efc8
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-gnutls-dev_0.28.2-6.1ubuntu0.1_lpia.deb
Size/MD5: 370768 b9f57bf4900fa9ffe18a07fd71da3b8a
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-gnutls_0.28.2-6.1ubuntu0.1_lpia.deb
Size/MD5: 113406 1846871ab639b8a0bc919a65c1d09e6e
http://ports.ubuntu.com/pool/main/n/neon27/libneon27_0.28.2-6.1ubuntu0.1_lpia.deb
Size/MD5: 139088 66b63223d36d97786e6174173d267dcb
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/n/neon27/libneon25-dev_0.28.2-6.1ubuntu0.1_powerpc.deb
Size/MD5: 51354 07ee535da3df9885366f770800bd6598
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-dbg_0.28.2-6.1ubuntu0.1_powerpc.deb
Size/MD5: 191494 e7843d2987691be6246d6d1041dc4ca6
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-dev_0.28.2-6.1ubuntu0.1_powerpc.deb
Size/MD5: 446240 b47ea0b823d1118a71591e83cbe0eb48
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-gnutls-dbg_0.28.2-6.1ubuntu0.1_powerpc.deb
Size/MD5: 173578 a295423d33a38e5420988e1dac86e9b4
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-gnutls-dev_0.28.2-6.1ubuntu0.1_powerpc.deb
Size/MD5: 416384 5ea6c1bdb3c729500216f4deedad8dfc
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-gnutls_0.28.2-6.1ubuntu0.1_powerpc.deb
Size/MD5: 120876 68ec1ef141c84bcad4ac4f84c547db17
http://ports.ubuntu.com/pool/main/n/neon27/libneon27_0.28.2-6.1ubuntu0.1_powerpc.deb
Size/MD5: 146292 0984c79035eb76183dc9be0b79cbd721
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/n/neon27/libneon25-dev_0.28.2-6.1ubuntu0.1_sparc.deb
Size/MD5: 51354 2024b1b2d5b26aef5fb0572e2daa8359
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-dbg_0.28.2-6.1ubuntu0.1_sparc.deb
Size/MD5: 176196 4913aebd8db013e216c5e15fa4484ea9
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-dev_0.28.2-6.1ubuntu0.1_sparc.deb
Size/MD5: 393056 318c10bfa9e933e6b899608b48e1f8ce
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-gnutls-dbg_0.28.2-6.1ubuntu0.1_sparc.deb
Size/MD5: 156960 a3f9117577059313afe62e30ae9ca3d4
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-gnutls-dev_0.28.2-6.1ubuntu0.1_sparc.deb
Size/MD5: 365968 45a35f598143a009cd432e1c5f146f36
http://ports.ubuntu.com/pool/main/n/neon27/libneon27-gnutls_0.28.2-6.1ubuntu0.1_sparc.deb
Size/MD5: 113806 ed7d45494f5bc5749abef18218b5c697
http://ports.ubuntu.com/pool/main/n/neon27/libneon27_0.28.2-6.1ubuntu0.1_sparc.deb
Size/MD5: 139408 a5248c13c20456a323f932f8cd32b04c
--f2QGlHpHGjS2mn6Y
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Kees Cook
iEYEARECAAYFAkq32BcACgkQH/9LqRcGPm3TcwCeIRqAK3XfUOTZ0Sv4PU6TXDhp
r8cAnioC7/I240hdhEXEhRQJoFdspq6M
=fR1o
-----END PGP SIGNATURE-----
"
Rihanna saved millions on new homeUSN-832-1: FreeRADIUS vulnerability
Archives
-
▼
2011
(171)
-
▼
November
(17)
- PC/104-Plus board gets guillotined to save power
- OpenSUSE 12.1 ships with GNOME 3.2, SystemD, Snapp...
- O'Reilly book tackles embedded system development
- OpenTTD/phpDocumentor Updates for Gentoo
- 36 CentOS Updates
- Adobe Fixes 12 Critical Flaws in Flash
- Compact networking appliance offers optional Wi-Fi...
- $19/month Android plan is 'unlimited' thanks to Wi-Fi
- ETX module gets DDR3 refresh
- How to remove autohide option in unity on ubuntu 1...
- 6 CentOS Updates
- Oracle JRE/JDK Security Update for Gentoo
- Ubuntu 11.10 Review
- 6 CentOS Updates
- Nginx 1.0.9 for Debian
- Installing Nginx With PHP5 (And PHP-FPM) And MySQL...
- All-in-one POS system has plenty of ports
-
▼
November
(17)