Details of VAR-200911-0398

ID

VAR-200911-0398

CVE

CVE-2009-3555

TITLE

SSL and TLS protocols renegotiation vulnerability

Trust: 0.8

sources: CERT/CC: VU#120541

DESCRIPTION

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue. A vulnerability exists in SSL and TLS protocols that may allow attackers to execute an arbitrary HTTP transaction. The Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols are commonly used to provide authentication, encryption, integrity, and non-repudiation services to network applications such as HTTP, IMAP, POP3, LDAP. This could result in a situation where the attacker may be able to issue commands to the server that appear to be coming from a legitimate source. According to the Network Working Group:The server treats the client's initial TLS handshake as a renegotiation and thus believes that the initial data transmitted by the attacker is from the same entity as the subsequent client data.This issue affects SSL version 3.0 and newer and TLS version 1.0 and newer. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Release Date: 2010-07-12 Last Updated: 2010-07-12 Potential Security Impact: Remote execution of arbitrary code and other vulnerabilities Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified in HP Systems Insight Manager (SIM) for HP-UX, Linux, and Windows. References: Adobe Flash Player CVE-2008-4546 CVE-2009-3793 CVE-2010-1297 CVE-2010-2160 CVE-2010-2161 CVE-2010-2162 CVE-2010-2163 CVE-2010-2164 CVE-2010-2165 CVE-2010-2166 CVE-2010-2167 CVE-2010-2169 CVE-2010-2170 CVE-2010-2171 CVE-2010-2172 CVE-2010-2173 CVE-2010-2174 CVE-2010-2175 CVE-2010-2176 CVE-2010-2177 CVE-2010-2178 CVE-2010-2179 CVE-2010-2180 CVE-2010-2181 CVE-2010-2182 CVE-2010-2183 CVE-2010-2184 CVE-2010-2185 CVE-2010-2186 CVE-2010-2187 CVE-2010-2188 CVE-2010-2189 Java Runtime Environment (JRE) CVE-2010-0082 CVE-2010-0084 CVE-2010-0085 CVE-2010-0087 CVE-2010-0088 CVE-2010-0089 CVE-2010-0090 CVE-2010-0091 CVE-2010-0092 CVE-2010-0093 CVE-2010-0094 CVE-2010-0095 CVE-2010-0837 CVE-2010-0838 CVE-2010-0839 CVE-2010-0840 CVE-2010-0841 CVE-2010-0842 CVE-2010-0843 CVE-2010-0844 CVE-2010-0845 CVE-2010-0846 CVE-2010-0847 CVE-2010-0848 CVE-2010-0849 CVE-2010-0850 TLS/SSL CVE-2009-3555 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Systems Insight Manager (SIM) for HP-UX, Linux, and Windows prior to v6.1. BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2008-4546 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 4.3 CVE-2009-3793 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-1297 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-2160 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-2161 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-2162 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-2163 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-2164 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-2165 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-2166 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-2167 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-2169 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-2170 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-2171 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-2172 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2010-2173 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-2174 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-2175 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-2176 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-2177 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-2178 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-2179 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2010-2180 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-2181 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-2182 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-2183 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-2184 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-2185 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-2186 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-2187 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-2188 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-2189 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-0082 (AV:N/AC:H/Au:N/C:P/I:P/A:P) 5.1 CVE-2010-0084 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2010-0085 (AV:N/AC:H/Au:N/C:P/I:P/A:P) 5.1 CVE-2010-0087 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2010-0088 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2010-0089 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2010-0090 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8 CVE-2010-0091 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2010-0092 (AV:N/AC:H/Au:N/C:P/I:P/A:P) 5.1 CVE-2010-0093 (AV:N/AC:H/Au:N/C:P/I:P/A:P) 5.1 CVE-2010-0094 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2010-0095 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2010-0837 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2010-0838 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2010-0839 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2010-0840 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2010-0841 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2010-0842 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2010-0843 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2010-0844 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2010-0845 (AV:N/AC:H/Au:N/C:P/I:P/A:P) 7.5 CVE-2010-0846 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2010-0847 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2010-0848 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2010-0849 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2010-0850 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3555 (AV:N/AC:L/Au:N/C:N/I:P/A:P) 6.4 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION Hp has provided HP Systems Insight Manager (SIM) for HP-UX, Linux, and Windows v6.1 or subsequent to resolve these vulnerabilities. The HP SIM v6.1 can be downloaded from http://www.hp.com/go/hpsim MANUAL ACTIONS: Yes - Update Update to HP SIM v6.1 or subsequent PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa The following text is for use by the HP-UX Software Assistant. AFFECTED VERSIONS HP-UX B.11.23 HP-UX B.11.31 ============= SysMgmtServer.MX-CMS SysMgmtServer.MX-CORE SysMgmtServer.MX-CORE-ARCH SysMgmtServer.MX-CORE-ARCH SysMgmtServer.MX-PORTAL SysMgmtServer.MX-REPO SysMgmtServer.MX-TOOLS action: update to HP SIM v6.1 or subsequent END AFFECTED VERSIONS HISTORY Version: 1 (rev.1) - 12 July 2010 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For further information, contact normal HP Services support channel. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save. To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections. To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do * The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement." Copyright 2009 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkw7IkwACgkQ4B86/C0qfVlJ5QCfXkIKuTF7IcPYiRcmqfTLo8aQ Ck0Anij/T6Lor5PRgLg5eharEx5Spcki =Wfca -----END PGP SIGNATURE----- . =========================================================== Ubuntu Security Notice USN-923-1 April 07, 2010 openjdk-6 vulnerabilities CVE-2009-3555, CVE-2010-0082, CVE-2010-0084, CVE-2010-0085, CVE-2010-0088, CVE-2010-0091, CVE-2010-0092, CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837, CVE-2010-0838, CVE-2010-0840, CVE-2010-0845, CVE-2010-0847, CVE-2010-0848 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 Ubuntu 9.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: openjdk-6-jre 6b11-2ubuntu2.2 openjdk-6-jre-lib 6b11-2ubuntu2.2 Ubuntu 8.10: openjdk-6-jre 6b12-0ubuntu6.7 openjdk-6-jre-lib 6b12-0ubuntu6.7 Ubuntu 9.04: openjdk-6-jre 6b14-1.4.1-0ubuntu13 openjdk-6-jre-lib 6b14-1.4.1-0ubuntu13 Ubuntu 9.10: openjdk-6-jre 6b16-1.6.1-3ubuntu3 openjdk-6-jre-lib 6b16-1.6.1-3ubuntu3 After a standard system upgrade you need to restart all Java applications to effect the necessary changes. Details follow: Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. (CVE-2009-3555) It was discovered that Loader-constraint table, Policy/PolicyFile, Inflater/Deflater, drag/drop access, and deserialization did not correctly handle certain sensitive objects. If a user were tricked into running a specially crafted applet, private information could be leaked to a remote attacker, leading to a loss of privacy. (CVE-2010-0082, CVE-2010-0084, CVE-2010-0085, CVE-2010-0088, CVE-2010-0091, CVE-2010-0094) It was discovered that AtomicReferenceArray, System.arraycopy, InetAddress, and HashAttributeSet did not correctly handle certain situations. If a remote attacker could trigger specific error conditions, a Java application could crash, leading to a denial of service. (CVE-2010-0092, CVE-2010-0093, CVE-2010-0095, CVE-2010-0845) It was discovered that Pack200, CMM readMabCurveData, ImagingLib, and the AWT library did not correctly check buffer lengths. If a user or automated system were tricked into handling specially crafted JAR files or images, a remote attacker could crash the Java application or possibly gain user privileges (CVE-2010-0837, CVE-2010-0838, CVE-2010-0847, CVE-2010-0848). It was discovered that applets did not correctly handle certain trust chains. If a user were tricked into running a specially crafted applet, a remote attacker could possibly run untrusted code with user privileges. A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client's session (for example, an HTTPS connection to a website). This could force the server to process an attacker's request as if authenticated using the victim's credentials. This update addresses this flaw by implementing the TLS Renegotiation Indication Extension, as defined in RFC 5746 (CVE-2009-3555). The TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28, and 3.1.x before 3.1.7 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169 (CVE-2013-1619). Details follow: USN-927-1 fixed vulnerabilities in nss in Ubuntu 9.10. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201203-22 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: nginx: Multiple vulnerabilities Date: March 28, 2012 Bugs: #293785, #293786, #293788, #389319, #408367 ID: 201203-22 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in nginx, the worst of which may allow execution of arbitrary code. Background ========== nginx is a robust, small, and high performance HTTP and reverse proxy server. * The "ngx_http_process_request_headers()" function in ngx_http_parse.c could cause a NULL pointer dereference (CVE-2009-3896). * nginx does not properly sanitize user input for the the WebDAV COPY or MOVE methods (CVE-2009-3898). * The "ngx_resolver_copy()" function in ngx_resolver.c contains a boundary error which could cause a heap-based buffer overflow (CVE-2011-4315). * nginx does not properly parse HTTP header responses which could expose sensitive information (CVE-2012-1180). Impact ====== A remote attacker could possibly execute arbitrary code with the privileges of the nginx process, cause a Denial of Service condition, create or overwrite arbitrary files, or obtain sensitive information. Workaround ========== There is no known workaround at this time. Resolution ========== All nginx users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-servers/nginx-1.0.14" References ========== [ 1 ] CVE-2009-3555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555 [ 2 ] CVE-2009-3896 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3896 [ 3 ] CVE-2009-3898 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3898 [ 4 ] CVE-2011-4315 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4315 [ 5 ] CVE-2012-1180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1180 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201203-22.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . ---------------------------------------------------------------------- http://secunia.com/research/ http://secunia.com/company/jobs/open_positions/reverse_engineer ---------------------------------------------------------------------- TITLE: Oracle WebLogic Server OpenSSL Plaintext Injection Vulnerability SECUNIA ADVISORY ID: SA44292 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44292/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44292 RELEASE DATE: 2011-04-24 DISCUSS ADVISORY: http://secunia.com/advisories/44292/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44292/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44292 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged a vulnerability in Weblogic Server, which can be exploited by malicious people to manipulate certain data. SOLUTION: Apply updates (please see the vendor's advisory for details). ORIGINAL ADVISORY: http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html#AppendixAS OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . The attack is related to the way how TLS and SSL handle session renegotiations. CVE-2009-3555 has been assigned to this vulnerability. As a partial mitigation against this attack, this apache2 update disables client-initiated renegotiations. This should fix the vulnerability for the majority of Apache configurations in use. NOTE: This is not a complete fix for the problem. The attack is still possible in configurations where the server initiates the renegotiation. This is the case for the following configurations (the information in the changelog of the updated packages is slightly inaccurate): - - The "SSLVerifyClient" directive is used in a Directory or Location context. - - The "SSLCipherSuite" directive is used in a Directory or Location context. As a workaround, you may rearrange your configuration in a way that SSLVerifyClient and SSLCipherSuite are only used on the server or virtual host level. A complete fix for the problem will require a protocol change. Further information will be included in a separate announcement about this issue. In addition, this update fixes the following issues in Apache's mod_proxy_ftp: CVE-2009-3094: Insufficient input validation in the mod_proxy_ftp module allowed remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command. CVE-2009-3095: Insufficient input validation in the mod_proxy_ftp module allowed remote authenticated attackers to bypass intended access restrictions and send arbitrary FTP commands to an FTP server. For the stable distribution (lenny), these problems have been fixed in version 2.2.9-10+lenny6. This version also includes some non-security bug fixes that were scheduled for inclusion in the next stable point release (Debian 5.0.4). The oldstable distribution (etch), these problems have been fixed in version 2.2.3-4+etch11. For the testing distribution (squeeze) and the unstable distribution (sid), these problems will be fixed in version 2.2.14-2. This advisory also provides updated apache2-mpm-itk packages which have been recompiled against the new apache2 packages. They will be released as soon as they become available. We recommend that you upgrade your apache2 and apache2-mpm-itk packages. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch (oldstable) - ------------------------------------------- Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11.dsc Size/MD5 checksum: 1071 dff8f31d88ede35bb87f92743d2db202 http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3.orig.tar.gz Size/MD5 checksum: 6342475 f72ffb176e2dc7b322be16508c09f63c http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11.diff.gz Size/MD5 checksum: 124890 c9b197b2a4bade4e92f3c65b88eea614 Architecture independent packages: http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.2.3-4+etch11_all.deb Size/MD5 checksum: 2247064 357f2daba8360eaf00b0157326c4d258 http://security.debian.org/pool/updates/main/a/apache2/apache2-src_2.2.3-4+etch11_all.deb Size/MD5 checksum: 6668542 043a6a14dc48aae5fa8101715f4ddf81 http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11_all.deb Size/MD5 checksum: 41626 27661a99c55641d534a5ffe4ea828c4b http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.2.3-4+etch11_all.deb Size/MD5 checksum: 275872 8ff0ac120a46e235a9253df6be09e4d5 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_alpha.deb Size/MD5 checksum: 346016 02b337e48ef627e13d79ad3919bc380d http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_alpha.deb Size/MD5 checksum: 407682 f01d7e23f206baed1e42c60e15fe240f http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_alpha.deb Size/MD5 checksum: 1017408 1c8dccbed0a309ed0b74b83667f1d587 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_alpha.deb Size/MD5 checksum: 449704 b227ff8c9bceaa81488fec48b81f18f6 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_alpha.deb Size/MD5 checksum: 450266 766ba095925ee31c175716084f41b3cf http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_alpha.deb Size/MD5 checksum: 444898 3b1d9a9531c82872d36ce295d6cba581 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_alpha.deb Size/MD5 checksum: 407030 eedabbc4930b3c14012f57ec7956847b http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_alpha.deb Size/MD5 checksum: 184920 2d152290678598aeacd32564c2ec37c2 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_amd64.deb Size/MD5 checksum: 409010 15d5dda7eb1e9e8d406cd9ff4b25e60f http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_amd64.deb Size/MD5 checksum: 408330 0bf271280295146f4ded8c02335e8fc1 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_amd64.deb Size/MD5 checksum: 1000068 f92b3deafb9ce263d0d66b753231a003 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_amd64.deb Size/MD5 checksum: 436268 9ef6b02f0ecf9905c14114a464c86f80 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_amd64.deb Size/MD5 checksum: 432320 b734b0c2f1d2177a828cff7d8e34d17c http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_amd64.deb Size/MD5 checksum: 342152 ef061f914027b41b788a31758d7c4e96 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_amd64.deb Size/MD5 checksum: 436766 deb97a3637ae8be3e016e37c038bc470 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_amd64.deb Size/MD5 checksum: 172802 0550f661c804ef0c0ec31e1928f5f97d arm architecture (ARM) http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_arm.deb Size/MD5 checksum: 421056 b55b215aee8398e6388a73b421229db7 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_arm.deb Size/MD5 checksum: 408940 8782732ef6487ef268abf2856ec5e2c0 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_arm.deb Size/MD5 checksum: 408140 f3627e52eaf7a011a5a624ea25fa058b http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_arm.deb Size/MD5 checksum: 968448 ac1354c562e7969e47561f4cba3a859b http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_arm.deb Size/MD5 checksum: 346166 a8729d03737330075908c2b8b2f5ce0b http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_arm.deb Size/MD5 checksum: 157634 53c277ca7e52e7e60a523183e87beec3 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_arm.deb Size/MD5 checksum: 421782 b17f7ce0bfd6fee4877d9bccaf82770e http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_arm.deb Size/MD5 checksum: 417026 03b845039bf49fba64f064acda350f43 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_hppa.deb Size/MD5 checksum: 444058 16fb9ac5807fcf161321ffc8467e963d http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_hppa.deb Size/MD5 checksum: 179532 b1f7b89ac1e830b72e30c9476b813263 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_hppa.deb Size/MD5 checksum: 352116 f34f19a1bf40a37695ac0aeb3f5b6d10 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_hppa.deb Size/MD5 checksum: 443324 e7106e9195fcd9f34ced7bccb009cbb7 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_hppa.deb Size/MD5 checksum: 1078948 29a60062b3f7676f768dda1d4cdb78fd http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_hppa.deb Size/MD5 checksum: 439968 6ff5b95ba06596c04f2fc7dc3adac7ac http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_hppa.deb Size/MD5 checksum: 410880 28ce1d24c4e152624c38330d34781636 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_hppa.deb Size/MD5 checksum: 409994 2ce21d9fc51fbbeb5e05ac7c418d7e11 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_i386.deb Size/MD5 checksum: 409776 04bafa059e90c14851f290c02fc7a29e http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_i386.deb Size/MD5 checksum: 963818 f2755fd250837dd878a24ffc8527855d http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_i386.deb Size/MD5 checksum: 425034 fc0b075a77853494886719b1bf4d7092 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_i386.deb Size/MD5 checksum: 421206 d2758678dc6dcfb2298a5e69dbd199d0 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_i386.deb Size/MD5 checksum: 425510 5df035120241567d62ba4154a7ade25f http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_i386.deb Size/MD5 checksum: 161256 614f006996e6309829bf7c80bb95e3ed http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_i386.deb Size/MD5 checksum: 410518 833b5256083de5f76d83354f63916af2 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_i386.deb Size/MD5 checksum: 343876 435638e472ccb187c7713f96840cf156 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_ia64.deb Size/MD5 checksum: 407664 9929d570df08ea81c10235d8cfad8cec http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_ia64.deb Size/MD5 checksum: 231808 505ed0109a851680126951f228f4ed40 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_ia64.deb Size/MD5 checksum: 491120 d1ef23e9bbd457b1c30d50234050b112 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_ia64.deb Size/MD5 checksum: 498202 f430c9b4231122f996799b45d68596a3 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_ia64.deb Size/MD5 checksum: 407018 f721b04b90b8b2b5ec76916488395bdd http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_ia64.deb Size/MD5 checksum: 360664 08763e41786b3c5b28cf3e27d234419d http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_ia64.deb Size/MD5 checksum: 497388 6ef80d442fbf5046e78b9b2a0637adb9 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_ia64.deb Size/MD5 checksum: 1204566 d1cc5f38e5683c539db6673611585b67 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_mips.deb Size/MD5 checksum: 430112 01c3cf5fc888bff3967c95736b3caf40 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_mips.deb Size/MD5 checksum: 407674 688656128f0f46e8b35da61d731e244f http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_mips.deb Size/MD5 checksum: 434122 791a223b58a6a3a00fdd5517decc6ff2 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_mips.deb Size/MD5 checksum: 951736 68a93c433a24dd42b461907c2b61c6d2 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_mips.deb Size/MD5 checksum: 407022 10cf7a6fa3ad60183a80b7fddc08ed98 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_mips.deb Size/MD5 checksum: 350066 ab3498abf9ddc41f0665be9c2912beab http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_mips.deb Size/MD5 checksum: 434784 2d07f9376a7c7eb6229e0c5238e604fc http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_mips.deb Size/MD5 checksum: 169932 db0ecd6b89594ecbff3bacd9d184f808 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_mipsel.deb Size/MD5 checksum: 428958 3c7b9e69ccbeb0db17d437ece3717b65 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_mipsel.deb Size/MD5 checksum: 407040 61a67a76dd0acfaeb747d5ee745cb3fa http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_mipsel.deb Size/MD5 checksum: 433736 74adf126949edfd4b1af734b3a8255f8 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_mipsel.deb Size/MD5 checksum: 951730 3c9d5a12163e7d1c939d26829a4454f1 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_mipsel.deb Size/MD5 checksum: 407694 0297490b8b4aff5e1a4527a9c897fbee http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_mipsel.deb Size/MD5 checksum: 350302 843a3c227ba43dc4b882c96cad62a6eb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_mipsel.deb Size/MD5 checksum: 434220 b18b6688a18a11d7bfa20d486c13ae64 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_mipsel.deb Size/MD5 checksum: 168814 6eedc4fb9e8027cf6d11c427a1cc4f8c powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_powerpc.deb Size/MD5 checksum: 1061292 0a43b7054755c361229d5e14db9c3156 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_powerpc.deb Size/MD5 checksum: 432806 ebe9b3113da3361dabf67acd291f9d93 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_powerpc.deb Size/MD5 checksum: 168374 ab7eb4de4a4c224a94698ebb67f627ea http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_powerpc.deb Size/MD5 checksum: 433416 0c53941e7e8765780e4e4a71f81a592b http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_powerpc.deb Size/MD5 checksum: 354920 0682a419e0d59ff5a2af1f322991b157 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_powerpc.deb Size/MD5 checksum: 410150 69ddc8b0b8ec235e65eabde0adbc1db7 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_powerpc.deb Size/MD5 checksum: 428826 f556fd9726b4c66bbe6fdc05b84d9918 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_powerpc.deb Size/MD5 checksum: 409396 d4b779470977873916bff7353829f172 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_s390.deb Size/MD5 checksum: 437364 0d844765789f2fcc4cf0c24e755b4c3d http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_s390.deb Size/MD5 checksum: 994710 63d476187cc9eed384ff792ce8b6f471 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_s390.deb Size/MD5 checksum: 443278 114375b6439d8a9cf344dd4829c7b6d2 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_s390.deb Size/MD5 checksum: 407682 e0db3031b4bb381a0f3178569d4c514a http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_s390.deb Size/MD5 checksum: 442268 219d9f7f67d2a53a3c3e700c68a6d682 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_s390.deb Size/MD5 checksum: 348624 ac97c9840e0cb11a1cf1e44fd1875015 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_s390.deb Size/MD5 checksum: 407026 6233c65e8860b416d7a6265ae2c2eda4 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_s390.deb Size/MD5 checksum: 177986 634687237fd58d539bc9492415a94b77 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_sparc.deb Size/MD5 checksum: 418896 96bdf44ad9d8c1d86ee3aaf383c9dcce http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_sparc.deb Size/MD5 checksum: 412078 c9aab17ccba1846ea02df78f636a28a6 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_sparc.deb Size/MD5 checksum: 342696 7dd353d553f6a495c506b22f60ff2a0d http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_sparc.deb Size/MD5 checksum: 158054 60de9a240c905bdb6ffa0ab6c032096d http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_sparc.deb Size/MD5 checksum: 422966 edb7194c73d08c0bdb1eed6bd19ceb53 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_sparc.deb Size/MD5 checksum: 422444 ad0a85ada33d687e1fc67b0fa3c40244 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_sparc.deb Size/MD5 checksum: 960150 0dae013a3e07502409918ff649cb1375 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_sparc.deb Size/MD5 checksum: 411290 88e769a08329b6728c6fd0770d241874 Debian GNU/Linux 5.0 alias lenny (stable) - ----------------------------------------- Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9.orig.tar.gz Size/MD5 checksum: 6396996 80d3754fc278338033296f0d41ef2c04 http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6.dsc Size/MD5 checksum: 1673 f6846ac2d9cbd7887629a9c503154310 http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6.diff.gz Size/MD5 checksum: 145719 fd456ef168b7f1ca1055ffbca1df53db Architecture independent packages: http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.2.9-10+lenny6_all.deb Size/MD5 checksum: 2060318 c2499fa1040a9ace89c1a969de4db870 http://security.debian.org/pool/updates/main/a/apache2/apache2-src_2.2.9-10+lenny6_all.deb Size/MD5 checksum: 6736558 e09131a305cf2e51d3c14ed7c1beaf5d http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6_all.deb Size/MD5 checksum: 45238 922ce7e9d14885bab9c9cbbfab99fbd3 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 209720 29861b61a3ae0912a7eb1ba2096b0421 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 84444 af60f321516a06fc9588433ba2c1a88e http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 256598 730d50c0f57ba7aad84e6897217bf42d http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 2402082 b932e642a152e30f948437d7313d2dcf http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 82728 bb04bbeae7865acad1ae89e943702623 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_alpha.deb Size/MD5 checksum: 198236 61b2f1529a056145d9ea8a87c5c5e8c0 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 208690 f6d15e0b6fa15a3738e9130b4044ce37 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 849014 dddd323a55b010c29a8626194b71a7a1 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 147844 40f11b60e0f5154680f16c1c67943101 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 261662 7b88269d9ce2877809a0f47daa4e756d http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 262336 eced46181f89a7f8ee636c0dce4789f7 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 210246 bb629f54f383bfcce66a6bf0bc1a2b6d http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 825462 051201fb8baa9a7a961961dd5082929a http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 257694 3b8c5bff06a870ccd062ce53771a43a4 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 211268 5e07756440fecd3a3ee3815a6cff3ff5 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 258424 92c5467fbef1d4da6803507b679df099 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 82532 40718aa8ebb6532404fad4b5ee2a1e09 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 84140 743b1e0fd988539a7346bddbcd573767 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 253708 bcc5c9f767c1e62913af45827f04b83f http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_amd64.deb Size/MD5 checksum: 195214 42f4650b895a51b853c253bbbd1e2cc0 http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 2455308 9b8792a5defa5193d825d31dc47b43f2 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 144980 240232c2f4932579c60ecee786c0af26 arm architecture (ARM) http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 224760 9615e8207a01d2759de57b58cd885286 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 83230 c840cb7342a3a83e0587fd3baacce760 http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 2327178 39819fd5f56728620aaefdbe10887c2b http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 147202 f7ebf064272389cf2dd7db7bfe3ff267 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_arm.deb Size/MD5 checksum: 161596 b7a2763998f12394ecae68df6ec73fbb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 223898 fbd3f6bc3340643f55862e5b14947345 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 786918 a142a6fbee216aaa87378bdc53773eb2 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 209812 2e4b61b494abdd8e52b219456a82e499 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 219946 4ac3564788d25b492a833e2df463b41e http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 81412 abe1efff8619aac89534c3f4d57c5356 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 211008 865b518f1a18de1020feb2212b137a6c armel architecture (ARM EABI) http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 212612 2b8654bdda7346a2a7804800e9a11d8e http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 802766 535b466511548a5264b0da3a3a348381 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 226068 8921ab3294cf45178f3b90fd51fbafc3 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 213694 38498cbd15341da4279e4193a4708c6c http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 226354 57f22f55c3ca485b5974e1f2a4ef1414 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 83934 6a6a2de840f638874d8ae05611f142b9 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 82284 b225eb7806650013baccae619ad08f2b http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 2340926 83bb45aa97542f6f796780c8a2d24c8b http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 221894 872e3f1df2080a84cca36f48e6c8e575 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 151226 3172e8ba667991da2881ea6a7b2781cc hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 84022 f603a1c369bbc7d05efe1ad99325e020 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 153048 0568fcb47c9cad398c7fd7abe2276828 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 82214 f27d31e710ba6640471c47a6fc240aad http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 246406 f18257777ba62d65ceb3aa4842415c74 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 241578 e71e710d7889e79b85e4c20b539a4d26 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 211730 a9913999aac5559db1e75835d87a2efd http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 896810 e8e2d9459750e5d9be76c00923a25696 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 245816 6a876fb502903c7bfcb5a4b8dad71a7a http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 213028 f072f0ca44edc122c1b3e1da847f1c8c http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_hppa.deb Size/MD5 checksum: 183316 41a32b0fd061c4f2afbd740af5e8325a http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 2385020 366e6e9bd1dec0ba6a784813785f13d3 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 82366 ab10d1ab26c914777c5296fe9ccfe027 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 241326 2ee9101bf92fcac69249094b3ca11e2a http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 240776 43a654cf0439fc97997a57baec5e2995 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 84104 f73a1bff0a8a4426e63803c4e5c67c60 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 783440 053ba7ef4fbb56547200c32c35ac8a0e http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 143414 c20c10a3eadac1c494a5750888875800 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 237396 06841f14531fab0adb92177af849c8be http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 211420 69c67bd0052c70322924b901ba5f5428 http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 2324892 87c51cc1fb8ae2532adcfa601a7b5af4 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 212726 11b86a68880fa98a130e449dec0fbbcc http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_i386.deb Size/MD5 checksum: 179396 4ae5716372fe19991b0d8a4cc751d45f ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 162732 0a9a153e3703f9dbd33e325d67373bce http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_ia64.deb Size/MD5 checksum: 247068 39445ee73d2076bfa589a5840a3d6024 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 1036624 80b366704dc888c2bea8d84c316faf33 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 208668 c2b06d3c767fa737fbf5e1c3d50d001c http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 311692 77ff8879c2853c4b33903299ec3120c8 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 312616 1c20b667ebbd43b0ee1b01cd1cdd991d http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 83920 a383c7aef1758f963c019793af7b5f92 http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 2317952 803f0b941814cbbc49f4e37bc3b9ca95 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 209700 59ab45d2c7c2168a941ff2fc842268e1 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 304670 067ece69f8b9518f9b18cd948c4df971 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 85802 9294d252435e8026d6135bf8efdfaf46 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 2465158 a36366e07810785cd1f2dc3b020d3486 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 780460 a5daeb91029f3b027a810ee22456ebd3 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 233408 ec9001ee4c996d0b14a9e67d9ce380ec http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 82082 1fc55f0526e3bf90c2156364055a1627 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_mips.deb Size/MD5 checksum: 171444 789208a77578e49ebca9be904c99aff3 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 83688 8612d0c31dee19c557723b08354c20d7 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 149712 ac8ddf3ab4a3b0fb255adbc588e57305 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 209718 8af3815f7794f4e60d72ba52d3bd19c4 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 229494 c2ef345862009f2a2b979205fec22567 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 208698 246c0001aaa98be577f6c5f004330285 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 233980 ce7b3760443a98b0ddc0607a7a9842bf mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 228110 e45b1c3294102e26eee671b860f4aabc http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 208710 1403636fff03ab43353cdffdef62ffd7 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 83708 9b1c257025920f6dd0a7a2b231c97141 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 209740 546504d6f0a2a449e9bcd618f4700ce5 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 82128 31209b35ecb423f2d88347df6c08eddb http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 2420074 b57ff2a01ee7f29d0dcba4214dc7fc21 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 232140 3dfff4c54077cb221e19533f19538834 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 778974 d9d0084ea48aaa56d2f99c632711d084 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_mipsel.deb Size/MD5 checksum: 169470 f04a239ba4f1d6ae4ff8ce0960f784fd http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 232796 8ced513dc28d7165fd76076803b98188 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 150024 c2a66c2c63eeb66df98b136cceadc780 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 84570 b43f074242385089dda2aae2e9ae1595 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 915976 723f3349b829894595b913099f06ecc2 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 257408 c4bab781417526a0dfdb2240ab2fef07 http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 2495210 6fb817120bcb095006fd09d2318f28ee http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_powerpc.deb Size/MD5 checksum: 195192 6b4d950e48c6cdfd00d403e42b719b40 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 208684 ece82cc979cff6832d51a6caf51f38b5 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 82908 c54a24103b503b5de1b27993ee33610f http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 160960 361e2bae65d5f1303073d8e4d88ccdb7 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 209714 81fbc6671b2d4137dc52232e9d572ea9 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 258234 6dbd57dc907e93b5e9dcd3058e99b30f http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 253294 696e2e9219d6e029c0c6f024045a4d5f s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 82544 4e332ccedffd13b1e7b866fe71cf8a9b http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_s390.deb Size/MD5 checksum: 197642 e32a924a47b90452356956e3fe39d34e http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 255970 197eea5c422ecf37ec592bf9612c3b2f http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 208694 33dddaec24eb4475411eb55abb5d5e71 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 150912 2aa00b2fb3b84a536030f5b5635115bc http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 209726 cf54089c8a33087820f8c9359e461625 http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 2409108 1b6e40f5d2772a0a1f26424f4b470136 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 824586 ff52926d953f8b5cbde82ac31176dedb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 259924 655aca8f56383ebd106ded50d8f557ea http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 260610 12751082d3f1466735d1b3d395d63690 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 84310 9aa451ccb1513c05f4ccc0319124181e sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 2231018 fcdbb08c45ff474592590fac0aa78dac http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 84568 6dcf4195e216a22ef2919806d55d5098 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 237224 9bf96cc5f932643b1c55c6a9fa238af1 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 241474 ed8557af547d9d55a075fca5cf88488d http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 82888 bde0baf83e2e972b398be6a500f77125 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_sparc.deb Size/MD5 checksum: 177562 09cbb49296407c83ef1575b003dfb129 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 241014 2c10b920cdfec918af3eb148e29fca0f http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 212798 28edff7612bb824fc20d88c29b8b7e1f http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 781748 63e7003956d73b1a04e544c00eaa7728 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 213976 b7e758d0a2e6574944d27e2d6e40f60c http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 146596 c37cea33bed94a68326b511a66bf050e These files will probably be moved into the stable distribution on its next update. The gnutls_x509_crt_get_serial function in the GnuTLS library before 1.2.1, when running on big-endian, 64-bit platforms, calls the asn1_read_value with a pointer to the wrong data type and the wrong length value, which allows remote attackers to bypass the certificate revocation list (CRL) check and cause a stack-based buffer overflow via a crafted X.509 certificate, related to extraction of a serial number (CVE-2010-0731). The vulnerabilities could be exploited remotely resulting in cross site scripting (XSS), HTTP response splitting, Denial of Service (DoS), information disclosure, and data modification. Note that this security issue does not really apply as zlib compression is not enabled in the openssl build provided by Mandriva, but apache is patched to address this issue anyway (conserns 2008.1 only). mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server 2.2.11 allows remote attackers to obtain sensitive response data, intended for a client that sent an earlier POST request with no request body, via an HTTP request (CVE-2009-1191). Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via wildcards in a pathname in an FTP URI (CVE-2008-2939). Note that this security issue was initially addressed with MDVSA-2008:195 but the patch fixing the issue was added but not applied in 2009.0. The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring (1) Options Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a .htaccess file, and then inserting an exec element in a .shtml file (CVE-2009-1195). The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service (CPU consumption) via crafted requests (CVE-2009-1890). Fix a potential Denial-of-Service attack against mod_deflate or other modules, by forcing the server to consume CPU time in compressing a large file after a client disconnects (CVE-2009-1891). NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes (CVE-2009-3095). Apache is affected by SSL injection or man-in-the-middle attacks due to a design flaw in the SSL and/or TLS protocols. A short term solution was released Sat Nov 07 2009 by the ASF team to mitigate these problems. Apache will now reject in-session renegotiation (CVE-2009-3555). Details follow: USN-860-1 introduced a partial workaround to Apache that disabled client initiated TLS renegotiation in order to mitigate CVE-2009-3555. USN-990-1 introduced the new RFC5746 renegotiation extension in openssl, and completely resolves the issue. After updating openssl, an Apache server will allow both patched and unpatched web browsers to connect, but unpatched browsers will not be able to renegotiate. This update introduces the new SSLInsecureRenegotiation directive for Apache that may be used to re-enable insecure renegotiations with unpatched web browsers. This update adds backported support for the new RFC5746 renegotiation extension and will use it when both the client and the server support it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2010:084 http://www.mandriva.com/security/ _______________________________________________________________________ Package : java-1.6.0-openjdk Date : April 28, 2010 Affected: 2009.0, 2009.1, 2010.0, Enterprise Server 5.0 _______________________________________________________________________ Problem Description: Multiple Java OpenJDK security vulnerabilities has been identified and fixed: - TLS: MITM attacks via session renegotiation (CVE-2009-3555). - Loader-constraint table allows arrays instead of only the b ase-classes (CVE-2010-0082). - Policy/PolicyFile leak dynamic ProtectionDomains. (CVE-2010-0084). - File TOCTOU deserialization vulnerability (CVE-2010-0085). - Inflater/Deflater clone issues (CVE-2010-0088). - Unsigned applet can retrieve the dragged information before drop action occurs (CVE-2010-0091). - AtomicReferenceArray causes SIGSEGV -> SEGV_MAPERR error (CVE-2010-0092). - System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes (CVE-2010-0093). - Deserialization of RMIConnectionImpl objects should enforce stricter checks (CVE-2010-0094). - Subclasses of InetAddress may incorrectly interpret network addresses (CVE-2010-0095). - JAR unpack200 must verify input parameters (CVE-2010-0837). - CMM readMabCurveData Buffer Overflow Vulnerability (CVE-2010-0838). - Applet Trusted Methods Chaining Privilege Escalation Vulner ability (CVE-2010-0840). - No ClassCastException for HashAttributeSet constructors if run with -Xcomp (CVE-2010-0845) - ImagingLib arbitrary code execution vulnerability (CVE-2010-0847). - AWT Library Invalid Index Vulnerability (CVE-2010-0848). Additional security issues that was fixed with IcedTea6 1.6.2: - deprecate MD2 in SSL cert validation (CVE-2009-2409). - ICC_Profile file existence detection information leak (CVE-2009-3728). - JRE AWT setDifflCM stack overflow (CVE-2009-3869). - JRE AWT setBytePixels heap overflow (CVE-2009-3871). - JPEG Image Writer quantization problem (CVE-2009-3873). - ImageI/O JPEG heap overflow (CVE-2009-3874). - MessageDigest.isEqual introduces timing attack vulnerabilities (CVE-2009-3875). - OpenJDK ASN.1/DER input stream parser denial of service (CVE-2009-3876, CVE-2009-3877) - GraphicsConfiguration information leak (CVE-2009-3879). - UI logging information leakage (CVE-2009-3880). - resurrected classloaders can still have children (CVE-2009-3881). - Numerous static security flaws in Swing (findbugs) (CVE-2009-3882). - Mutable statics in Windows PL&F (findbugs) (CVE-2009-3883). - zoneinfo file existence information leak (CVE-2009-3884). - BMP parsing DoS with UNC ICC links (CVE-2009-3885). Additionally Paulo Cesar Pereira de Andrade (pcpa) at Mandriva found and fixed a bug in IcedTea6 1.8 that is also applied to the provided packages: * plugin/icedteanp/IcedTeaNPPlugin.cc (plugin_filter_environment): Increment malloc size by one to account for NULL terminator. Bug# 474. Packages for 2009.0 are provided due to the Extended Maintenance Program. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2409 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3728 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3869 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3871 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3873 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3874 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3875 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3876 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3877 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3879 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3880 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3881 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3882 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3883 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3884 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3885 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0082 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0084 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0085 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0088 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0091 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0092 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0093 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0095 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0837 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0838 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0840 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0845 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0848 http://article.gmane.org/gmane.comp.java.openjdk.distro-packaging.devel/8938 http://blogs.sun.com/darcy/resource/OpenJDK_6/openjdk6-b18-changes-summary.html http://icedtea.classpath.org/hg/release/icedtea6-1.8/rev/a6a02193b073 _______________________________________________________________________ Updated Packages: Mandriva Linux 2009.0: 37c14ebea4b3ceccbecba4ffea2630a6 2009.0/i586/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.0.i586.rpm 3f7ba1d78aaf5f1ca56e86fcb48e7192 2009.0/i586/java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdv2009.0.i586.rpm 12963efa8b4ea6691ba68f4e72e81e5d 2009.0/i586/java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdv2009.0.i586.rpm 6387d4381c518c5658701c114c5fcb9d 2009.0/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdv2009.0.i586.rpm f90d2a22c10b6eb30aedef13207d346c 2009.0/i586/java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdv2009.0.i586.rpm 01e62b54974a3d1b5232de0baa196e41 2009.0/i586/java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdv2009.0.i586.rpm 212262f34829af20e53fb2076fa78d25 2009.0/SRPMS/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: 630941e679a033285ddf5cb3e4c1d092 2009.0/x86_64/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.0.x86_64.rpm 6330c6dda9cf7c59a90f529bceeee17b 2009.0/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdv2009.0.x86_64.rpm c7d708c5f14d710a6bdcc352bb18a55a 2009.0/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdv2009.0.x86_64.rpm edf4b1d8efeb157bb0f19b4c4cc55935 2009.0/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdv2009.0.x86_64.rpm ac9f8227297249940b1845f3ad95165f 2009.0/x86_64/java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdv2009.0.x86_64.rpm d1ed0ce1155c85c423d0cbe47eadfa5b 2009.0/x86_64/java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdv2009.0.x86_64.rpm 212262f34829af20e53fb2076fa78d25 2009.0/SRPMS/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.0.src.rpm Mandriva Linux 2009.1: 304bc2cab18b29781bfac69d4927ddce 2009.1/i586/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.1.i586.rpm 77f0d2e2b2c04288a5aae608a2f73f1a 2009.1/i586/java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdv2009.1.i586.rpm 7ff7542b4328fd978725f8e0b02590d9 2009.1/i586/java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdv2009.1.i586.rpm 3d1bf214209ea3aef86b58962e80901e 2009.1/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdv2009.1.i586.rpm f52cf5f8d3f85b98da246963d583f6bc 2009.1/i586/java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdv2009.1.i586.rpm 87b2fd7ac9883e624e71faa993559e78 2009.1/i586/java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdv2009.1.i586.rpm 0ff2ca4dfc122a3538349ed2dab6ed81 2009.1/SRPMS/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.1.src.rpm Mandriva Linux 2009.1/X86_64: 883105d4347bb0864c7c73e4f0865066 2009.1/x86_64/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.1.x86_64.rpm ac44d41806625e0be7a55ff30bf1f0e7 2009.1/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdv2009.1.x86_64.rpm 67db7247fbf1b5be5391f33603b9148c 2009.1/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdv2009.1.x86_64.rpm 0b6e7a93df49306976453daf29a29d96 2009.1/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdv2009.1.x86_64.rpm 67e679d7aa4545a968889dcbb1a3fa8e 2009.1/x86_64/java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdv2009.1.x86_64.rpm 4042e3ae7e3b2dbdcba0e73aadd219d5 2009.1/x86_64/java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdv2009.1.x86_64.rpm 0ff2ca4dfc122a3538349ed2dab6ed81 2009.1/SRPMS/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.1.src.rpm Mandriva Linux 2010.0: f3c1bb7b091d5889a856edf93e066367 2010.0/i586/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2010.0.i586.rpm 7f717091a34f98e9547c698bf08065f5 2010.0/i586/java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdv2010.0.i586.rpm 21b8532c934559100b0dbc498ba3c52e 2010.0/i586/java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdv2010.0.i586.rpm 8711fdef27cce9af73191903f85dbcd6 2010.0/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdv2010.0.i586.rpm 1905269f878bb1c6367dedc6797f6914 2010.0/i586/java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdv2010.0.i586.rpm c5f53d24770de6704f00fdf34c87a703 2010.0/i586/java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdv2010.0.i586.rpm b789ff663963ae8b60a0d189b870907c 2010.0/SRPMS/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2010.0.src.rpm Mandriva Linux 2010.0/X86_64: 100203d38e76348f262d69d2cae8a7ba 2010.0/x86_64/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2010.0.x86_64.rpm f155019a4a22d7bf7265c67024dcbc33 2010.0/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdv2010.0.x86_64.rpm 8eaf304d6eb93212d1045adc301de385 2010.0/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdv2010.0.x86_64.rpm 2e2082bd89db22cf5fa4be2ebaceb71c 2010.0/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdv2010.0.x86_64.rpm 3e7a1849db88a8b8ddcdf30441edfcb7 2010.0/x86_64/java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdv2010.0.x86_64.rpm fbc9da5e2080972f6f8c01f23e86890f 2010.0/x86_64/java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdv2010.0.x86_64.rpm b789ff663963ae8b60a0d189b870907c 2010.0/SRPMS/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2010.0.src.rpm Mandriva Enterprise Server 5: 742a7a6dcc82962a132eadb91a2b1736 mes5/i586/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdvmes5.1.i586.rpm 3acd32ccd1fee71f07ccb4b038434ffd mes5/i586/java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdvmes5.1.i586.rpm c3358ac84dbc950752655fee46fd5e4b mes5/i586/java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdvmes5.1.i586.rpm a30ef6b33fd9ba1403ab46ef9643efdb mes5/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdvmes5.1.i586.rpm 534f95a18c4798ec80cdfe47bd1148a8 mes5/i586/java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdvmes5.1.i586.rpm e79e4bd9462096222f5b07d681b3d418 mes5/i586/java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdvmes5.1.i586.rpm 0bc580c8d4d6e57cbee939bf68743170 mes5/SRPMS/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdvmes5.1.src.rpm Mandriva Enterprise Server 5/X86_64: 180566f92a5564c747c716ecdf082c8f mes5/x86_64/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdvmes5.1.x86_64.rpm 5e05d90fe32dfce7b15db7d9e5604227 mes5/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdvmes5.1.x86_64.rpm 09506c689ed0265023861e006fbcb624 mes5/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdvmes5.1.x86_64.rpm c9ff4a3a4695c56b13268d76c355cfbe mes5/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdvmes5.1.x86_64.rpm 0a70a54c2eed68e723cbc65de63bfbff mes5/x86_64/java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdvmes5.1.x86_64.rpm 166c980a8479cd915f3507070c25508e mes5/x86_64/java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdvmes5.1.x86_64.rpm 0bc580c8d4d6e57cbee939bf68743170 mes5/SRPMS/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdvmes5.1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFL1/vUmqjQ0CJFipgRAlcyAJ9+2v53cztdo8nXoixp0vg0IuQjrACbB/vW +oOtru3I2iYRjlx04fi7wMw= =rIwa -----END PGP SIGNATURE-----

Trust: 3.15

sources: NVD: CVE-2009-3555 // CERT/CC: VU#120541 // VULMON: CVE-2009-3555 // PACKETSTORM: 111583 // PACKETSTORM: 114128 // PACKETSTORM: 91749 // PACKETSTORM: 88173 // PACKETSTORM: 120714 // PACKETSTORM: 91309 // PACKETSTORM: 92095 // PACKETSTORM: 111273 // PACKETSTORM: 100765 // VULHUB: VHN-41001 // PACKETSTORM: 82647 // PACKETSTORM: 89136 // PACKETSTORM: 93944 // PACKETSTORM: 83521 // PACKETSTORM: 94088 // PACKETSTORM: 89026

AFFECTED PRODUCTS

vendor:	debian	model:	linux	scope:	eq	version:	6.0	Trust: 1.0
vendor:	f5	model:	nginx	scope:	gte	version:	0.1.0	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	9.04	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	5.0	Trust: 1.0
vendor:	f5	model:	nginx	scope:	lte	version:	0.8.22	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	7.0	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	8.04	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	10.04	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	8.0	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	12	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	9.10	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	10.10	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	4.0	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	11	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	8.10	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	14	Trust: 1.0
vendor:	mozilla	model:	nss	scope:	lte	version:	3.12.4	Trust: 1.0
vendor:	gnu	model:	gnutls	scope:	lte	version:	2.8.5	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	1.0	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	lte	version:	0.9.8k	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	13	Trust: 1.0
vendor:	apache	model:	http server	scope:	lte	version:	2.2.14	Trust: 1.0
vendor:	barracuda	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	debian gnu linux	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	gnutls	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	hewlett packard	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	ibm	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	mcafee	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	sun microsystems	model:	-	scope:	-	version:	-	Trust: 0.8

sources: CERT/CC: VU#120541 // NVD: CVE-2009-3555

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2009-3555
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2009-3555
value:	0
Trust: 0.8
VULHUB:	VHN-41001
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2009-3555
severity:	MEDIUM
baseScore:	5.8
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-41001
severity:	MEDIUM
baseScore:	5.8
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#120541 // VULHUB: VHN-41001 // NVD: CVE-2009-3555

PROBLEMTYPE DATA

problemtype:	CWE-295	Trust: 1.1
problemtype:	CWE-310	Trust: 0.1

sources: VULHUB: VHN-41001 // NVD: CVE-2009-3555

THREAT TYPE

remote

Trust: 0.3

sources: PACKETSTORM: 89136 // PACKETSTORM: 120714 // PACKETSTORM: 114128

TYPE

arbitrary

Trust: 0.7

sources: PACKETSTORM: 94088 // PACKETSTORM: 82647 // PACKETSTORM: 111273 // PACKETSTORM: 92095 // PACKETSTORM: 91309 // PACKETSTORM: 120714 // PACKETSTORM: 91749

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-41001 // VULMON: CVE-2009-3555

PATCH

title:	Red Hat: Moderate: gnutls security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20100167 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: httpd and httpd22 security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20100011 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: java-1.4.2-ibm security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20100155 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: openssl097a security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20100164 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: nss security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20100165 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: gnutls security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20100166 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: openssl security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20100162 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: openssl security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20100163 - Security Advisory	Trust: 0.1
title:	Red Hat: Low: JBoss Enterprise Web Server 1.0.1 update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20100119 - Security Advisory	Trust: 0.1
title:	Ubuntu Security Notice: nss vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-927-6	Trust: 0.1
title:	Ubuntu Security Notice: apache2 vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-990-2	Trust: 0.1
title:	Ubuntu Security Notice: nss vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-927-1	Trust: 0.1
title:	Ubuntu Security Notice: openssl vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-990-1	Trust: 0.1
title:	Ubuntu Security Notice: nss vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-927-4	Trust: 0.1
title:	Cisco: Transport Layer Security Renegotiation Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20091109-tls	Trust: 0.1
title:	Ubuntu Security Notice: apache2 vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-860-1	Trust: 0.1
title:	Red Hat: Moderate: java-1.5.0-ibm security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20100130 - Security Advisory	Trust: 0.1
title:	Cisco: Transport Layer Security Renegotiation Remote Man-in-the-Middle Attack Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=Cisco-SA-20091105-CVE-2009-3555	Trust: 0.1
title:	Debian CVElist Bug Report Logs: "slowloris" denial-of-service vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=5ed45f95901af77f1f752912d098b48e	Trust: 0.1
title:	Debian Security Advisories: DSA-2141-1 openssl -- SSL/TLS insecure renegotiation protocol design flaw	url:	https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=1c00cc4c6dbe7bb057db61e10ff97d6d	Trust: 0.1
title:	Debian Security Advisories: DSA-2626-1 lighttpd -- several issues	url:	https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=885d01db2c0276e75192acacb224a6e8	Trust: 0.1
title:	Debian CVElist Bug Report Logs: Not possible to disable SSLv3	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=cd46735759deed658e1e15bd89794f91	Trust: 0.1
title:	Debian Security Advisories: DSA-1934-1 apache2 -- multiple issues	url:	https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=a5a134c3483f034e2df5ced5ad7428ec	Trust: 0.1
title:	Debian Security Advisories: DSA-3253-1 pound -- security update	url:	https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=ad76a2fc91623114f1aaa478b7ecbe12	Trust: 0.1
title:	Debian CVElist Bug Report Logs: polarssl: CVE-2013-4623: Denial of Service through Certificate message during handshake	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=48a9651e9438ab2ad49c32956a8040ab	Trust: 0.1
title:	Mozilla: Mozilla Foundation Security Advisory 2010-22	url:	https://vulmon.com/vendoradvisory?qidtp=mozilla_advisories&qid=2010-22	Trust: 0.1
title:	Debian CVElist Bug Report Logs: polarssl: CVE-2013-5914 CVE-2013-5915	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=3ea56f82629f8bb9aeeedb7aa86eb416	Trust: 0.1
title:	Symantec Security Advisories: SA44 : TLS/SSLv3 renegotiation (CVE-2009-3555)	url:	https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories&qid=92adf6d8db72928bb63961cc8473a936	Trust: 0.1
title:	Red Hat: Critical: java-1.4.2-ibm security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20100786 - Security Advisory	Trust: 0.1
title:	Debian CVElist Bug Report Logs: polarssl: CVE-2009-3555	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=d154eb6a1f821c737dadd179519e99ce	Trust: 0.1
title:	Red Hat: Important: java-1.6.0-openjdk security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20100339 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: java-1.6.0-openjdk security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20100768 - Security Advisory	Trust: 0.1
title:	Citrix Security Bulletins: Transport Layer Security Renegotiation Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins&qid=d26786915d99808385e93927bb7516fd	Trust: 0.1
title:	Citrix Security Bulletins: Vulnerability in Citrix Online Plug-ins and ICA Clients Could Result in SSL/TLS Certificate Spoofing	url:	https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins&qid=8a0ec21ac35be2b30e769ff0af90fa26	Trust: 0.1
title:	Red Hat: Critical: java-1.5.0-sun security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20100338 - Security Advisory	Trust: 0.1
title:	Red Hat: Critical: java-1.6.0-sun security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20100337 - Security Advisory	Trust: 0.1
title:	Red Hat: Critical: java-1.6.0-ibm security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20091694 - Security Advisory	Trust: 0.1
title:	Red Hat: Critical: java-1.6.0-sun security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20100770 - Security Advisory	Trust: 0.1
title:	VMware Security Advisories: VMware ESX third party updates for Service Console	url:	https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories&qid=d7005a2e6744b7e4f77d0105454de35d	Trust: 0.1
title:	Ubuntu Security Notice: openjdk-6 vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-923-1	Trust: 0.1
title:	VMware Security Advisories: VMware ESX third party updates for Service Console	url:	https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories&qid=d8e6425b0cb8b545dc1e50945dafb2c0	Trust: 0.1
title:	Ubuntu Security Notice: openjdk-6, openjdk-6b18 vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-1010-1	Trust: 0.1
title:	Symantec Security Advisories: SA50 : Multiple SSL/TLS vulnerabilities in Reporter	url:	https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories&qid=1e934b8269c86666c1ebc108ca0e3d35	Trust: 0.1
title:	Symantec Security Advisories: SA61 : Director multiple Apache vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories&qid=508649a9a651b4fb32a5cc0f1310d652	Trust: 0.1
title:	VMware Security Advisories:	url:	https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories&qid=ea953b0a91a1816979ec1d304d5e3d93	Trust: 0.1
title:	DPSSLClientProfile	url:	https://github.com/ADesprets/DPSSLClientProfile	Trust: 0.1
title:	letsencrypt-lighttpd	url:	https://github.com/galeone/letsencrypt-lighttpd	Trust: 0.1
title:	igrill-smoker	url:	https://github.com/kins-dev/igrill-smoker	Trust: 0.1
title:	hanase	url:	https://github.com/ekiojp/hanase	Trust: 0.1
title:	CVE-HOWTO	url:	https://github.com/RedHatProductSecurity/CVE-HOWTO	Trust: 0.1
title:	pulse-secure-vpn-mitm-research	url:	https://github.com/withdk/pulse-secure-vpn-mitm-research	Trust: 0.1
title:	pulse-secure-vpn-mitm-research	url:	https://github.com/withdk/pulse-secure-mitm-research	Trust: 0.1
title:	ReconScan	url:	https://github.com/GiJ03/ReconScan	Trust: 0.1
title:	ReconScan	url:	https://github.com/RoliSoft/ReconScan	Trust: 0.1
title:	test	url:	https://github.com/issdp/test	Trust: 0.1
title:	ReconScan	url:	https://github.com/kira1111/ReconScan	Trust: 0.1

sources: VULMON: CVE-2009-3555

EXTERNAL IDS

db:	NVD	id:	CVE-2009-3555	Trust: 3.4
db:	CERT/CC	id:	VU#120541	Trust: 2.0
db:	SECUNIA	id:	38781	Trust: 1.1
db:	SECUNIA	id:	42377	Trust: 1.1
db:	SECUNIA	id:	37501	Trust: 1.1
db:	SECUNIA	id:	39632	Trust: 1.1
db:	SECUNIA	id:	37604	Trust: 1.1
db:	SECUNIA	id:	41972	Trust: 1.1
db:	SECUNIA	id:	43308	Trust: 1.1
db:	SECUNIA	id:	38241	Trust: 1.1
db:	SECUNIA	id:	37859	Trust: 1.1
db:	SECUNIA	id:	40070	Trust: 1.1
db:	SECUNIA	id:	41818	Trust: 1.1
db:	SECUNIA	id:	39292	Trust: 1.1
db:	SECUNIA	id:	42816	Trust: 1.1
db:	SECUNIA	id:	42379	Trust: 1.1
db:	SECUNIA	id:	39317	Trust: 1.1
db:	SECUNIA	id:	38020	Trust: 1.1
db:	SECUNIA	id:	42467	Trust: 1.1
db:	SECUNIA	id:	37320	Trust: 1.1
db:	SECUNIA	id:	37640	Trust: 1.1
db:	SECUNIA	id:	37656	Trust: 1.1
db:	SECUNIA	id:	37383	Trust: 1.1
db:	SECUNIA	id:	42724	Trust: 1.1
db:	SECUNIA	id:	38003	Trust: 1.1
db:	SECUNIA	id:	44183	Trust: 1.1
db:	SECUNIA	id:	42733	Trust: 1.1
db:	SECUNIA	id:	38484	Trust: 1.1
db:	SECUNIA	id:	40545	Trust: 1.1
db:	SECUNIA	id:	40866	Trust: 1.1
db:	SECUNIA	id:	39242	Trust: 1.1
db:	SECUNIA	id:	38056	Trust: 1.1
db:	SECUNIA	id:	39278	Trust: 1.1
db:	SECUNIA	id:	39243	Trust: 1.1
db:	SECUNIA	id:	42808	Trust: 1.1
db:	SECUNIA	id:	37675	Trust: 1.1
db:	SECUNIA	id:	39127	Trust: 1.1
db:	SECUNIA	id:	39461	Trust: 1.1
db:	SECUNIA	id:	39819	Trust: 1.1
db:	SECUNIA	id:	37453	Trust: 1.1
db:	SECUNIA	id:	40747	Trust: 1.1
db:	SECUNIA	id:	41490	Trust: 1.1
db:	SECUNIA	id:	39628	Trust: 1.1
db:	SECUNIA	id:	44954	Trust: 1.1
db:	SECUNIA	id:	39500	Trust: 1.1
db:	SECUNIA	id:	48577	Trust: 1.1
db:	SECUNIA	id:	42811	Trust: 1.1
db:	SECUNIA	id:	37291	Trust: 1.1
db:	SECUNIA	id:	41480	Trust: 1.1
db:	SECUNIA	id:	37292	Trust: 1.1
db:	SECUNIA	id:	37399	Trust: 1.1
db:	SECUNIA	id:	39713	Trust: 1.1
db:	SECUNIA	id:	38687	Trust: 1.1
db:	SECUNIA	id:	37504	Trust: 1.1
db:	SECUNIA	id:	39136	Trust: 1.1
db:	SECUNIA	id:	41967	Trust: 1.1
db:	SECTRACK	id:	1023217	Trust: 1.1
db:	SECTRACK	id:	1023273	Trust: 1.1
db:	SECTRACK	id:	1023274	Trust: 1.1
db:	SECTRACK	id:	1023206	Trust: 1.1
db:	SECTRACK	id:	1023272	Trust: 1.1
db:	SECTRACK	id:	1023427	Trust: 1.1
db:	SECTRACK	id:	1023218	Trust: 1.1
db:	SECTRACK	id:	1023163	Trust: 1.1
db:	SECTRACK	id:	1023214	Trust: 1.1
db:	SECTRACK	id:	1023211	Trust: 1.1
db:	SECTRACK	id:	1023219	Trust: 1.1
db:	SECTRACK	id:	1023216	Trust: 1.1
db:	SECTRACK	id:	1024789	Trust: 1.1
db:	SECTRACK	id:	1023148	Trust: 1.1
db:	SECTRACK	id:	1023213	Trust: 1.1
db:	SECTRACK	id:	1023271	Trust: 1.1
db:	SECTRACK	id:	1023243	Trust: 1.1
db:	SECTRACK	id:	1023209	Trust: 1.1
db:	SECTRACK	id:	1023215	Trust: 1.1
db:	SECTRACK	id:	1023208	Trust: 1.1
db:	SECTRACK	id:	1023411	Trust: 1.1
db:	SECTRACK	id:	1023204	Trust: 1.1
db:	SECTRACK	id:	1023224	Trust: 1.1
db:	SECTRACK	id:	1023210	Trust: 1.1
db:	SECTRACK	id:	1023207	Trust: 1.1
db:	SECTRACK	id:	1023426	Trust: 1.1
db:	SECTRACK	id:	1023428	Trust: 1.1
db:	SECTRACK	id:	1023205	Trust: 1.1
db:	SECTRACK	id:	1023275	Trust: 1.1
db:	SECTRACK	id:	1023270	Trust: 1.1
db:	SECTRACK	id:	1023212	Trust: 1.1
db:	VUPEN	id:	ADV-2010-2745	Trust: 1.1
db:	VUPEN	id:	ADV-2009-3353	Trust: 1.1
db:	VUPEN	id:	ADV-2010-3069	Trust: 1.1
db:	VUPEN	id:	ADV-2010-0086	Trust: 1.1
db:	VUPEN	id:	ADV-2009-3354	Trust: 1.1
db:	VUPEN	id:	ADV-2009-3484	Trust: 1.1
db:	VUPEN	id:	ADV-2010-1793	Trust: 1.1
db:	VUPEN	id:	ADV-2009-3310	Trust: 1.1
db:	VUPEN	id:	ADV-2010-0982	Trust: 1.1
db:	VUPEN	id:	ADV-2011-0033	Trust: 1.1
db:	VUPEN	id:	ADV-2009-3220	Trust: 1.1
db:	VUPEN	id:	ADV-2010-2010	Trust: 1.1
db:	VUPEN	id:	ADV-2010-1639	Trust: 1.1
db:	VUPEN	id:	ADV-2010-1107	Trust: 1.1
db:	VUPEN	id:	ADV-2010-3126	Trust: 1.1
db:	VUPEN	id:	ADV-2010-0916	Trust: 1.1
db:	VUPEN	id:	ADV-2009-3164	Trust: 1.1
db:	VUPEN	id:	ADV-2011-0032	Trust: 1.1
db:	VUPEN	id:	ADV-2011-0086	Trust: 1.1
db:	VUPEN	id:	ADV-2009-3313	Trust: 1.1
db:	VUPEN	id:	ADV-2010-0748	Trust: 1.1
db:	VUPEN	id:	ADV-2010-1350	Trust: 1.1
db:	VUPEN	id:	ADV-2009-3521	Trust: 1.1
db:	VUPEN	id:	ADV-2010-0994	Trust: 1.1
db:	VUPEN	id:	ADV-2010-3086	Trust: 1.1
db:	VUPEN	id:	ADV-2010-1191	Trust: 1.1
db:	VUPEN	id:	ADV-2010-0173	Trust: 1.1
db:	VUPEN	id:	ADV-2009-3587	Trust: 1.1
db:	VUPEN	id:	ADV-2010-0933	Trust: 1.1
db:	VUPEN	id:	ADV-2009-3205	Trust: 1.1
db:	VUPEN	id:	ADV-2010-1054	Trust: 1.1
db:	VUPEN	id:	ADV-2010-0848	Trust: 1.1
db:	VUPEN	id:	ADV-2010-1673	Trust: 1.1
db:	VUPEN	id:	ADV-2009-3165	Trust: 1.1
db:	OPENWALL	id:	OSS-SECURITY/2009/11/05/3	Trust: 1.1
db:	OPENWALL	id:	OSS-SECURITY/2009/11/07/3	Trust: 1.1
db:	OPENWALL	id:	OSS-SECURITY/2009/11/23/10	Trust: 1.1
db:	OPENWALL	id:	OSS-SECURITY/2009/11/05/5	Trust: 1.1
db:	OPENWALL	id:	OSS-SECURITY/2009/11/20/1	Trust: 1.1
db:	OPENWALL	id:	OSS-SECURITY/2009/11/06/3	Trust: 1.1
db:	OSVDB	id:	65202	Trust: 1.1
db:	OSVDB	id:	62210	Trust: 1.1
db:	OSVDB	id:	60521	Trust: 1.1
db:	OSVDB	id:	60972	Trust: 1.1
db:	HITACHI	id:	HS10-030	Trust: 1.1
db:	USCERT	id:	TA10-222A	Trust: 1.1
db:	USCERT	id:	TA10-287A	Trust: 1.1
db:	BID	id:	36935	Trust: 1.1
db:	PACKETSTORM	id:	88173	Trust: 0.2
db:	PACKETSTORM	id:	91309	Trust: 0.2
db:	PACKETSTORM	id:	111273	Trust: 0.2
db:	PACKETSTORM	id:	92095	Trust: 0.2
db:	PACKETSTORM	id:	120714	Trust: 0.2
db:	PACKETSTORM	id:	89136	Trust: 0.2
db:	PACKETSTORM	id:	94088	Trust: 0.2
db:	EXPLOIT-DB	id:	10071	Trust: 0.1
db:	EXPLOIT-DB	id:	10579	Trust: 0.1
db:	PACKETSTORM	id:	82657	Trust: 0.1
db:	PACKETSTORM	id:	82770	Trust: 0.1
db:	PACKETSTORM	id:	130868	Trust: 0.1
db:	PACKETSTORM	id:	83271	Trust: 0.1
db:	PACKETSTORM	id:	90262	Trust: 0.1
db:	PACKETSTORM	id:	120365	Trust: 0.1
db:	PACKETSTORM	id:	106155	Trust: 0.1
db:	PACKETSTORM	id:	83415	Trust: 0.1
db:	PACKETSTORM	id:	83414	Trust: 0.1
db:	PACKETSTORM	id:	88167	Trust: 0.1
db:	PACKETSTORM	id:	124088	Trust: 0.1
db:	PACKETSTORM	id:	82652	Trust: 0.1
db:	PACKETSTORM	id:	94087	Trust: 0.1
db:	PACKETSTORM	id:	97489	Trust: 0.1
db:	PACKETSTORM	id:	131826	Trust: 0.1
db:	PACKETSTORM	id:	95279	Trust: 0.1
db:	PACKETSTORM	id:	137201	Trust: 0.1
db:	PACKETSTORM	id:	102374	Trust: 0.1
db:	PACKETSTORM	id:	106156	Trust: 0.1
db:	PACKETSTORM	id:	92497	Trust: 0.1
db:	PACKETSTORM	id:	88621	Trust: 0.1
db:	PACKETSTORM	id:	89667	Trust: 0.1
db:	PACKETSTORM	id:	88698	Trust: 0.1
db:	PACKETSTORM	id:	84112	Trust: 0.1
db:	PACKETSTORM	id:	90286	Trust: 0.1
db:	PACKETSTORM	id:	127267	Trust: 0.1
db:	PACKETSTORM	id:	84183	Trust: 0.1
db:	PACKETSTORM	id:	86075	Trust: 0.1
db:	PACKETSTORM	id:	114810	Trust: 0.1
db:	PACKETSTORM	id:	88224	Trust: 0.1
db:	PACKETSTORM	id:	123380	Trust: 0.1
db:	PACKETSTORM	id:	84181	Trust: 0.1
db:	CNNVD	id:	CNNVD-200911-069	Trust: 0.1
db:	SEEBUG	id:	SSVID-67231	Trust: 0.1
db:	VULHUB	id:	VHN-41001	Trust: 0.1
db:	VULMON	id:	CVE-2009-3555	Trust: 0.1
db:	SECUNIA	id:	44292	Trust: 0.1
db:	PACKETSTORM	id:	100765	Trust: 0.1
db:	PACKETSTORM	id:	83521	Trust: 0.1
db:	PACKETSTORM	id:	93944	Trust: 0.1
db:	PACKETSTORM	id:	82647	Trust: 0.1
db:	PACKETSTORM	id:	89026	Trust: 0.1
db:	PACKETSTORM	id:	111583	Trust: 0.1
db:	PACKETSTORM	id:	91749	Trust: 0.1
db:	PACKETSTORM	id:	114128	Trust: 0.1

sources: CERT/CC: VU#120541 // VULHUB: VHN-41001 // VULMON: CVE-2009-3555 // PACKETSTORM: 100765 // PACKETSTORM: 94088 // PACKETSTORM: 83521 // PACKETSTORM: 93944 // PACKETSTORM: 89136 // PACKETSTORM: 82647 // PACKETSTORM: 89026 // PACKETSTORM: 111273 // PACKETSTORM: 111583 // PACKETSTORM: 92095 // PACKETSTORM: 91309 // PACKETSTORM: 120714 // PACKETSTORM: 88173 // PACKETSTORM: 91749 // PACKETSTORM: 114128 // NVD: CVE-2009-3555

REFERENCES

url:	http://extendedsubset.com/?p=8	Trust: 1.9
url:	http://www.links.org/?p=780	Trust: 1.9
url:	http://www.links.org/?p=786	Trust: 1.9
url:	http://www.links.org/?p=789	Trust: 1.9
url:	http://blogs.iss.net/archive/sslmitmiscsrf.html	Trust: 1.9
url:	http://www.ietf.org/mail-archive/web/tls/current/msg03948.html	Trust: 1.9
url:	https://bugzilla.redhat.com/show_bug.cgi?id=533125	Trust: 1.9
url:	https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt	Trust: 1.9
url:	http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html	Trust: 1.9
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3555	Trust: 1.4
url:	http://security.gentoo.org/glsa/glsa-201203-22.xml	Trust: 1.2
url:	http://www.kb.cert.org/vuls/id/120541	Trust: 1.2
url:	http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1	Trust: 1.1
url:	http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1	Trust: 1.1
url:	http://securitytracker.com/id?1023148	Trust: 1.1
url:	http://www.securitytracker.com/id?1023163	Trust: 1.1
url:	http://www.securitytracker.com/id?1023204	Trust: 1.1
url:	http://www.securitytracker.com/id?1023205	Trust: 1.1
url:	http://www.securitytracker.com/id?1023206	Trust: 1.1
url:	http://www.securitytracker.com/id?1023207	Trust: 1.1
url:	http://www.securitytracker.com/id?1023208	Trust: 1.1
url:	http://www.securitytracker.com/id?1023209	Trust: 1.1
url:	http://www.securitytracker.com/id?1023210	Trust: 1.1
url:	http://www.securitytracker.com/id?1023211	Trust: 1.1
url:	http://www.securitytracker.com/id?1023212	Trust: 1.1
url:	http://www.securitytracker.com/id?1023213	Trust: 1.1
url:	http://www.securitytracker.com/id?1023214	Trust: 1.1
url:	http://www.securitytracker.com/id?1023215	Trust: 1.1
url:	http://www.securitytracker.com/id?1023216	Trust: 1.1
url:	http://www.securitytracker.com/id?1023217	Trust: 1.1
url:	http://www.securitytracker.com/id?1023218	Trust: 1.1
url:	http://www.securitytracker.com/id?1023219	Trust: 1.1
url:	http://www.securitytracker.com/id?1023224	Trust: 1.1
url:	http://www.securitytracker.com/id?1023243	Trust: 1.1
url:	http://www.securitytracker.com/id?1023270	Trust: 1.1
url:	http://www.securitytracker.com/id?1023271	Trust: 1.1
url:	http://www.securitytracker.com/id?1023272	Trust: 1.1
url:	http://www.securitytracker.com/id?1023273	Trust: 1.1
url:	http://www.securitytracker.com/id?1023274	Trust: 1.1
url:	http://www.securitytracker.com/id?1023275	Trust: 1.1
url:	http://www.securitytracker.com/id?1023411	Trust: 1.1
url:	http://www.securitytracker.com/id?1023426	Trust: 1.1
url:	http://www.securitytracker.com/id?1023427	Trust: 1.1
url:	http://www.securitytracker.com/id?1023428	Trust: 1.1
url:	http://www.securitytracker.com/id?1024789	Trust: 1.1
url:	http://www.cisco.com/en/us/products/products_security_advisory09186a0080b01d1d.shtml	Trust: 1.1
url:	http://seclists.org/fulldisclosure/2009/nov/139	Trust: 1.1
url:	http://www.securityfocus.com/archive/1/507952/100/0/threaded	Trust: 1.1
url:	http://www.securityfocus.com/archive/1/508075/100/0/threaded	Trust: 1.1
url:	http://www.securityfocus.com/archive/1/508130/100/0/threaded	Trust: 1.1
url:	http://www.securityfocus.com/archive/1/515055/100/0/threaded	Trust: 1.1
url:	http://www.securityfocus.com/archive/1/516397/100/0/threaded	Trust: 1.1
url:	http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html	Trust: 1.1
url:	http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1	Trust: 1.1
url:	http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1	Trust: 1.1
url:	http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1	Trust: 1.1
url:	http://www.securityfocus.com/bid/36935	Trust: 1.1
url:	http://secunia.com/advisories/37291	Trust: 1.1
url:	http://secunia.com/advisories/37292	Trust: 1.1
url:	http://secunia.com/advisories/37320	Trust: 1.1
url:	http://secunia.com/advisories/37383	Trust: 1.1
url:	http://secunia.com/advisories/37399	Trust: 1.1
url:	http://secunia.com/advisories/37453	Trust: 1.1
url:	http://secunia.com/advisories/37501	Trust: 1.1
url:	http://secunia.com/advisories/37504	Trust: 1.1
url:	http://secunia.com/advisories/37604	Trust: 1.1
url:	http://secunia.com/advisories/37640	Trust: 1.1
url:	http://secunia.com/advisories/37656	Trust: 1.1
url:	http://secunia.com/advisories/37675	Trust: 1.1
url:	http://secunia.com/advisories/37859	Trust: 1.1
url:	http://secunia.com/advisories/38003	Trust: 1.1
url:	http://secunia.com/advisories/38020	Trust: 1.1
url:	http://secunia.com/advisories/38056	Trust: 1.1
url:	http://secunia.com/advisories/38241	Trust: 1.1
url:	http://secunia.com/advisories/38484	Trust: 1.1
url:	http://secunia.com/advisories/38687	Trust: 1.1
url:	http://secunia.com/advisories/38781	Trust: 1.1
url:	http://secunia.com/advisories/39127	Trust: 1.1
url:	http://secunia.com/advisories/39136	Trust: 1.1
url:	http://secunia.com/advisories/39242	Trust: 1.1
url:	http://secunia.com/advisories/39243	Trust: 1.1
url:	http://secunia.com/advisories/39278	Trust: 1.1
url:	http://secunia.com/advisories/39292	Trust: 1.1
url:	http://secunia.com/advisories/39317	Trust: 1.1
url:	http://secunia.com/advisories/39461	Trust: 1.1
url:	http://secunia.com/advisories/39500	Trust: 1.1
url:	http://secunia.com/advisories/39628	Trust: 1.1
url:	http://secunia.com/advisories/39632	Trust: 1.1
url:	http://secunia.com/advisories/39713	Trust: 1.1
url:	http://secunia.com/advisories/39819	Trust: 1.1
url:	http://secunia.com/advisories/40070	Trust: 1.1
url:	http://secunia.com/advisories/40545	Trust: 1.1
url:	http://secunia.com/advisories/40747	Trust: 1.1
url:	http://secunia.com/advisories/40866	Trust: 1.1
url:	http://secunia.com/advisories/41480	Trust: 1.1
url:	http://secunia.com/advisories/41490	Trust: 1.1
url:	http://secunia.com/advisories/41818	Trust: 1.1
url:	http://secunia.com/advisories/41967	Trust: 1.1
url:	http://secunia.com/advisories/41972	Trust: 1.1
url:	http://secunia.com/advisories/42377	Trust: 1.1
url:	http://secunia.com/advisories/42379	Trust: 1.1
url:	http://secunia.com/advisories/42467	Trust: 1.1
url:	http://secunia.com/advisories/42724	Trust: 1.1
url:	http://secunia.com/advisories/42733	Trust: 1.1
url:	http://secunia.com/advisories/42808	Trust: 1.1
url:	http://secunia.com/advisories/42811	Trust: 1.1
url:	http://secunia.com/advisories/42816	Trust: 1.1
url:	http://secunia.com/advisories/43308	Trust: 1.1
url:	http://secunia.com/advisories/44183	Trust: 1.1
url:	http://secunia.com/advisories/44954	Trust: 1.1
url:	http://secunia.com/advisories/48577	Trust: 1.1
url:	http://osvdb.org/60521	Trust: 1.1
url:	http://osvdb.org/60972	Trust: 1.1
url:	http://osvdb.org/62210	Trust: 1.1
url:	http://osvdb.org/65202	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2009/3164	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2009/3165	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2009/3205	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2009/3220	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2009/3310	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2009/3313	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2009/3353	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2009/3354	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2009/3484	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2009/3521	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2009/3587	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2010/0086	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2010/0173	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2010/0748	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2010/0848	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2010/0916	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2010/0933	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2010/0982	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2010/0994	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2010/1054	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2010/1107	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2010/1191	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2010/1350	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2010/1639	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2010/1673	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2010/1793	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2010/2010	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2010/2745	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2010/3069	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2010/3086	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2010/3126	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2011/0032	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2011/0033	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2011/0086	Trust: 1.1
url:	http://lists.apple.com/archives/security-announce/2010/jan/msg00000.html	Trust: 1.1
url:	http://lists.apple.com/archives/security-announce/2010//may/msg00001.html	Trust: 1.1
url:	http://lists.apple.com/archives/security-announce/2010//may/msg00002.html	Trust: 1.1
url:	http://www.debian.org/security/2009/dsa-1934	Trust: 1.1
url:	http://www.debian.org/security/2011/dsa-2141	Trust: 1.1
url:	http://www.debian.org/security/2015/dsa-3253	Trust: 1.1
url:	https://www.redhat.com/archives/fedora-package-announce/2009-december/msg01029.html	Trust: 1.1
url:	https://www.redhat.com/archives/fedora-package-announce/2009-december/msg01020.html	Trust: 1.1
url:	https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00645.html	Trust: 1.1
url:	https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00944.html	Trust: 1.1
url:	https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00428.html	Trust: 1.1
url:	https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00442.html	Trust: 1.1
url:	https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00449.html	Trust: 1.1
url:	https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00634.html	Trust: 1.1
url:	http://lists.fedoraproject.org/pipermail/package-announce/2010-october/049702.html	Trust: 1.1
url:	http://lists.fedoraproject.org/pipermail/package-announce/2010-october/049528.html	Trust: 1.1
url:	http://lists.fedoraproject.org/pipermail/package-announce/2010-october/049455.html	Trust: 1.1
url:	http://lists.fedoraproject.org/pipermail/package-announce/2010-april/039561.html	Trust: 1.1
url:	http://lists.fedoraproject.org/pipermail/package-announce/2010-april/039957.html	Trust: 1.1
url:	http://lists.fedoraproject.org/pipermail/package-announce/2010-may/040652.html	Trust: 1.1
url:	http://security.gentoo.org/glsa/glsa-200912-01.xml	Trust: 1.1
url:	http://security.gentoo.org/glsa/glsa-201406-32.xml	Trust: 1.1
url:	http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c02436041	Trust: 1.1
url:	http://itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02273751	Trust: 1.1
url:	http://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02512995	Trust: 1.1
url:	http://www.securityfocus.com/archive/1/522176	Trust: 1.1
url:	http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01945686	Trust: 1.1
url:	http://www-01.ibm.com/support/docview.wss?uid=swg1ic67848	Trust: 1.1
url:	http://www-01.ibm.com/support/docview.wss?uid=swg1ic68054	Trust: 1.1
url:	http://www-01.ibm.com/support/docview.wss?uid=swg1ic68055	Trust: 1.1
url:	http://www.mandriva.com/security/advisories?name=mdvsa-2010:076	Trust: 1.1
url:	http://www.mandriva.com/security/advisories?name=mdvsa-2010:084	Trust: 1.1
url:	http://www.mandriva.com/security/advisories?name=mdvsa-2010:089	Trust: 1.1
url:	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049	Trust: 1.1
url:	http://www-01.ibm.com/support/docview.wss?uid=swg1pm12247	Trust: 1.1
url:	http://www.redhat.com/support/errata/rhsa-2010-0119.html	Trust: 1.1
url:	http://www.redhat.com/support/errata/rhsa-2010-0130.html	Trust: 1.1
url:	http://www.redhat.com/support/errata/rhsa-2010-0155.html	Trust: 1.1
url:	http://www.redhat.com/support/errata/rhsa-2010-0165.html	Trust: 1.1
url:	http://www.redhat.com/support/errata/rhsa-2010-0167.html	Trust: 1.1
url:	http://www.redhat.com/support/errata/rhsa-2010-0337.html	Trust: 1.1
url:	http://www.redhat.com/support/errata/rhsa-2010-0338.html	Trust: 1.1
url:	http://www.redhat.com/support/errata/rhsa-2010-0339.html	Trust: 1.1
url:	http://www.redhat.com/support/errata/rhsa-2010-0768.html	Trust: 1.1
url:	http://www.redhat.com/support/errata/rhsa-2010-0770.html	Trust: 1.1
url:	http://www.redhat.com/support/errata/rhsa-2010-0786.html	Trust: 1.1
url:	http://www.redhat.com/support/errata/rhsa-2010-0807.html	Trust: 1.1
url:	http://www.redhat.com/support/errata/rhsa-2010-0865.html	Trust: 1.1
url:	http://www.redhat.com/support/errata/rhsa-2010-0986.html	Trust: 1.1
url:	http://www.redhat.com/support/errata/rhsa-2010-0987.html	Trust: 1.1
url:	http://www.redhat.com/support/errata/rhsa-2011-0880.html	Trust: 1.1
url:	http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html	Trust: 1.1
url:	http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html	Trust: 1.1
url:	http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html	Trust: 1.1
url:	http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html	Trust: 1.1
url:	http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html	Trust: 1.1
url:	http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html	Trust: 1.1
url:	http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html	Trust: 1.1
url:	http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html	Trust: 1.1
url:	http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html	Trust: 1.1
url:	http://www.us-cert.gov/cas/techalerts/ta10-222a.html	Trust: 1.1
url:	http://www.us-cert.gov/cas/techalerts/ta10-287a.html	Trust: 1.1
url:	http://www.ubuntu.com/usn/usn-1010-1	Trust: 1.1
url:	http://ubuntu.com/usn/usn-923-1	Trust: 1.1
url:	http://www.ubuntu.com/usn/usn-927-1	Trust: 1.1
url:	http://www.ubuntu.com/usn/usn-927-4	Trust: 1.1
url:	http://www.ubuntu.com/usn/usn-927-5	Trust: 1.1
url:	http://openbsd.org/errata45.html#010_openssl	Trust: 1.1
url:	http://openbsd.org/errata46.html#004_openssl	Trust: 1.1
url:	http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html	Trust: 1.1
url:	http://www.openwall.com/lists/oss-security/2009/11/05/3	Trust: 1.1
url:	http://www.openwall.com/lists/oss-security/2009/11/05/5	Trust: 1.1
url:	http://www.openwall.com/lists/oss-security/2009/11/06/3	Trust: 1.1
url:	http://www.openwall.com/lists/oss-security/2009/11/07/3	Trust: 1.1
url:	http://www.openwall.com/lists/oss-security/2009/11/20/1	Trust: 1.1
url:	http://www.openwall.com/lists/oss-security/2009/11/23/10	Trust: 1.1
url:	http://www.ietf.org/mail-archive/web/tls/current/msg03928.html	Trust: 1.1
url:	https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3cdev.tomcat.apache.org%3e	Trust: 1.1
url:	https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3cdev.tomcat.apache.org%3e	Trust: 1.1
url:	https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3cdev.tomcat.apache.org%3e	Trust: 1.1
url:	https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3cdev.tomcat.apache.org%3e	Trust: 1.1
url:	http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html	Trust: 1.1
url:	http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during	Trust: 1.1
url:	http://clicky.me/tlsvuln	Trust: 1.1
url:	http://extendedsubset.com/renegotiating_tls.pdf	Trust: 1.1
url:	http://kbase.redhat.com/faq/docs/doc-20491	Trust: 1.1
url:	http://support.apple.com/kb/ht4004	Trust: 1.1
url:	http://support.apple.com/kb/ht4170	Trust: 1.1
url:	http://support.apple.com/kb/ht4171	Trust: 1.1
url:	http://support.avaya.com/css/p8/documents/100070150	Trust: 1.1
url:	http://support.avaya.com/css/p8/documents/100081611	Trust: 1.1
url:	http://support.avaya.com/css/p8/documents/100114315	Trust: 1.1
url:	http://support.avaya.com/css/p8/documents/100114327	Trust: 1.1
url:	http://support.citrix.com/article/ctx123359	Trust: 1.1
url:	http://support.zeus.com/zws/media/docs/4.3/release_notes	Trust: 1.1
url:	http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released	Trust: 1.1
url:	http://sysoev.ru/nginx/patch.cve-2009-3555.txt	Trust: 1.1
url:	http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html	Trust: 1.1
url:	http://wiki.rpath.com/advisories:rpsa-2009-0155	Trust: 1.1
url:	http://www-01.ibm.com/support/docview.wss?uid=swg21426108	Trust: 1.1
url:	http://www-01.ibm.com/support/docview.wss?uid=swg21432298	Trust: 1.1
url:	http://www-01.ibm.com/support/docview.wss?uid=swg24006386	Trust: 1.1
url:	http://www-01.ibm.com/support/docview.wss?uid=swg24025312	Trust: 1.1
url:	http://www.arubanetworks.com/support/alerts/aid-020810.txt	Trust: 1.1
url:	http://www.betanews.com/article/1257452450	Trust: 1.1
url:	http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs10-030/index.html	Trust: 1.1
url:	http://www.ingate.com/relnote.php?ver=481	Trust: 1.1
url:	http://www.mozilla.org/security/announce/2010/mfsa2010-22.html	Trust: 1.1
url:	http://www.openoffice.org/security/cves/cve-2009-3555.html	Trust: 1.1
url:	http://www.openssl.org/news/secadv_20091111.txt	Trust: 1.1
url:	http://www.opera.com/docs/changelogs/unix/1060/	Trust: 1.1
url:	http://www.opera.com/support/search/view/944/	Trust: 1.1
url:	http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html	Trust: 1.1
url:	http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html	Trust: 1.1
url:	http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html	Trust: 1.1
url:	http://www.proftpd.org/docs/release_notes-1.3.2c	Trust: 1.1
url:	http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html	Trust: 1.1
url:	http://www.tombom.co.uk/blog/?p=85	Trust: 1.1
url:	http://www.vmware.com/security/advisories/vmsa-2010-0019.html	Trust: 1.1
url:	http://www.vmware.com/security/advisories/vmsa-2011-0003.html	Trust: 1.1
url:	http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html	Trust: 1.1
url:	http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html	Trust: 1.1
url:	https://bugzilla.mozilla.org/show_bug.cgi?id=526689	Trust: 1.1
url:	https://bugzilla.mozilla.org/show_bug.cgi?id=545755	Trust: 1.1
url:	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05150888	Trust: 1.1
url:	https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html	Trust: 1.1
url:	http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html	Trust: 1.1
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10088	Trust: 1.1
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11578	Trust: 1.1
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11617	Trust: 1.1
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7315	Trust: 1.1
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7478	Trust: 1.1
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7973	Trust: 1.1
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a8366	Trust: 1.1
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a8535	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/54158	Trust: 1.1
url:	http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2	Trust: 1.1
url:	http://marc.info/?l=bugtraq&m=127557596201693&w=2	Trust: 1.0
url:	http://marc.info/?l=bugtraq&m=130497311408250&w=2	Trust: 1.0
url:	http://marc.info/?l=bugtraq&m=133469267822771&w=2	Trust: 1.0
url:	https://kb.bluecoat.com/index?page=content&id=sa50	Trust: 1.0
url:	http://marc.info/?l=bugtraq&m=132077688910227&w=2	Trust: 1.0
url:	http://marc.info/?l=bugtraq&m=126150535619567&w=2	Trust: 1.0
url:	http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446	Trust: 1.0
url:	http://marc.info/?l=bugtraq&m=142660345230545&w=2	Trust: 1.0
url:	http://marc.info/?l=cryptography&m=125752275331877&w=2	Trust: 1.0
url:	http://marc.info/?l=bugtraq&m=127128920008563&w=2	Trust: 1.0
url:	http://marc.info/?l=bugtraq&m=134254866602253&w=2	Trust: 1.0
url:	http://www-1.ibm.com/support/search.wss?rs=0&q=pm00675&apar=only	Trust: 1.0
url:	http://marc.info/?l=bugtraq&m=127419602507642&w=2	Trust: 1.0
url:	http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00014.html	Trust: 0.8
url:	http://cvs.openssl.org/chngview?cn=18790	Trust: 0.8
url:	http://www.links.org/files/no-renegotiation-2.patch	Trust: 0.8
url:	http://blog.zoller.lu/2009/11/new-sslv3-tls-vulnerability-mitm.html	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3555	Trust: 0.4
url:	http://www.mandriva.com/security/	Trust: 0.3
url:	http://www.mandriva.com/security/advisories	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2010-0082	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3094	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3095	Trust: 0.2
url:	http://www.itrc.hp.com/service/cki/secbullarchive.do	Trust: 0.2
url:	http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na&langcode=useng&jumpid=in_sc-gen__driveritrc&topiccode=itrc	Trust: 0.2
url:	http://h30046.www3.hp.com/subsignin.php	Trust: 0.2
url:	http://creativecommons.org/licenses/by-sa/2.5	Trust: 0.2
url:	https://bugs.gentoo.org.	Trust: 0.2
url:	http://security.gentoo.org/	Trust: 0.2
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3555	Trust: 0.2
url:	http://security.ubuntu.com/ubuntu/pool/main/n/nss/nss_3.12.6.orig.tar.gz	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2010-0085	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2010-0084	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2010-0091	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2010-0093	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2010-0088	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2010-0092	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2010-0094	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2010-0838	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2010-0837	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2010-0095	Trust: 0.2
url:	http://marc.info/?l=bugtraq&m=132077688910227&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=142660345230545&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=127419602507642&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=134254866602253&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=130497311408250&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=133469267822771&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=126150535619567&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=127128920008563&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=127557596201693&w=2	Trust: 0.1
url:	http://www-1.ibm.com/support/search.wss?rs=0&q=pm00675&apar=only	Trust: 0.1
url:	http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446	Trust: 0.1
url:	http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2	Trust: 0.1
url:	http://marc.info/?l=cryptography&m=125752275331877&w=2	Trust: 0.1
url:	https://kb.bluecoat.com/index?page=content&id=sa50	Trust: 0.1
url:	https://github.com/adesprets/dpsslclientprofile	Trust: 0.1
url:	https://github.com/galeone/letsencrypt-lighttpd	Trust: 0.1
url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20091105-cve-2009-3555	Trust: 0.1
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=20886	Trust: 0.1
url:	http://secunia.com/advisories/44292/	Trust: 0.1
url:	http://secunia.com/research/	Trust: 0.1
url:	http://secunia.com/products/corporate/evm/	Trust: 0.1
url:	http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html#appendixas	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/	Trust: 0.1
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.1
url:	https://ca.secunia.com/?page=viewadvisory&vuln_id=44292	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/personal/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/company/jobs/open_positions/reverse_engineer	Trust: 0.1
url:	http://secunia.com/advisories/44292/#comments	Trust: 0.1
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.14-5ubuntu8.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.3_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.7.dsc	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.11_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.14-5ubuntu8.2_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.14-5ubuntu8.2_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.14-5ubuntu8.2_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.11_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.8-1ubuntu0.18_all.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.18_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.14-5ubuntu8.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.7_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.18_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.11_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.18_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.14-5ubuntu8.2_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.14-5ubuntu8.2_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.18_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.18_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.14-5ubuntu8.2_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.14-5ubuntu8.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.7.diff.gz	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.18_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.14-5ubuntu8.2_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.7_all.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.11_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.18_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.3_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.14-5ubuntu8.2_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.14-5ubuntu8.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.14-5ubuntu8.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.14-5ubuntu8.2_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.3.diff.gz	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.11_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.7_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.3_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.14-5ubuntu8.2_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.18_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.7_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.11_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.11_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.14-5ubuntu8.2_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.14-5ubuntu8.2_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.14-5ubuntu8.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.11_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.8-1ubuntu0.18_all.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.7_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.7_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.11_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.7_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.18_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.14-5ubuntu8.2_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.14-5ubuntu8.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.7_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.11_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.7_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.7_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.14-5ubuntu8.2_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.11_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.3_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2_2.2.14-5ubuntu8.2_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.3_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.7_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.7_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.14-5ubuntu8.2_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.3_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.7_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.11_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.3_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.14-5ubuntu8.2_all.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.7_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-mpm-itk_2.2.14-5ubuntu8.2_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.18_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.11_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.7_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.11_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.18_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.3_all.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.12-1ubuntu2.3_all.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.3_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.18_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.3_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.18_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.18_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11.orig.tar.gz	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.3_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.14-5ubuntu8.2_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.7_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.18_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.3_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.11_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.18_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.14-5ubuntu8.2_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12.orig.tar.gz	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.7_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.7_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.7_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.7_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8.orig.tar.gz	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.3.dsc	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.3_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.3_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.11_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.7_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.14.orig.tar.gz	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.11.diff.gz	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.18_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.7_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.14-5ubuntu8.2_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.14-5ubuntu8.2_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.18_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.18_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.3_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-mpm-itk_2.2.14-5ubuntu8.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.18_all.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.14-5ubuntu8.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.11_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.7_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.7_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.14-5ubuntu8.2_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.7_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.11_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.3_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.11_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.18_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.8-1ubuntu0.18_all.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-src_2.2.11-2ubuntu2.7_all.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.14-5ubuntu8.2_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.3_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.3_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.18_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.7_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.18_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.18_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.7_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.14-5ubuntu8.2_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.14-5ubuntu8.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.7_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.3_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/a/apache2/apache2-mpm-itk_2.2.14-5ubuntu8.2_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.7_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.11.dsc	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.7_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.7_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.7_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.18_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.3_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.11_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.14-5ubuntu8.2_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.7_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.14-5ubuntu8.2.diff.gz	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.7_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.14-5ubuntu8.2_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.11_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.11_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.11_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.7_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.7_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.3_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.7_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.11_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.7_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.11-2ubuntu2.7_all.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.11_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-mpm-itk_2.2.12-1ubuntu2.3_all.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.18_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.18_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.18_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.11_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.3_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.14-5ubuntu8.2_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.12-1ubuntu2.3_all.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.3_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.7_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.7_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.3_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.18_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.3_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.11_all.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.11_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.3_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.18_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.14-5ubuntu8.2_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.12-1ubuntu2.3_all.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2_2.2.14-5ubuntu8.2_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.14-5ubuntu8.2_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.14-5ubuntu8.2_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.7_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.18.diff.gz	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.18_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.7_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.14-5ubuntu8.2.dsc	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.11_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.11_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.7_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.7_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.7_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.3_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.12-1ubuntu2.3_all.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.14-5ubuntu8.2_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.14-5ubuntu8.2_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.12-1ubuntu2.3_all.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.11_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.11_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.18_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.14-5ubuntu8.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.11_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.14-5ubuntu8.2_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.18.dsc	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.18_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.11_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.3_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.18_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.11_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.11_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.11_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.11_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.7_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.11_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.3_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.18_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.11_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.11_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.3_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/a/apache2/apache2-mpm-itk_2.2.14-5ubuntu8.2_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.18_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.14-5ubuntu8.2_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.3_powerpc.deb	Trust: 0.1
url:	http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslinsecurerenegotiation	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1195	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1890	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2008-2939	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-1890	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2008-1678	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2939	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-1195	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3095	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1891	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1191	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-1191	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1678	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3094	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-1891	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-3010	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-4143	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-2068	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-4018	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-3011	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-4017	Trust: 0.1
url:	http://www.hp.com/servers/manage/smh	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0731	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-0731	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-src_2.2.3-4+etch11_all.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_mips.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_mips.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_mips.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_armel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_mips.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_mips.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9.orig.tar.gz	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_armel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.2.3-4+etch11_all.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_mips.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_armel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3.orig.tar.gz	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_mips.deb	Trust: 0.1
url:	http://www.debian.org/security/faq	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_mips.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_armel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.2.9-10+lenny6_all.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_armel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_mips.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_mips.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.2.3-4+etch11_all.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11.diff.gz	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_armel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11.dsc	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_armel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_armel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_mips.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_mips.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_mips.deb	Trust: 0.1
url:	http://security.debian.org/	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_mips.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_ia64.deb	Trust: 0.1
url:	http://www.debian.org/security/	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_mips.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_armel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11_all.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6.dsc	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_mips.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_armel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6_all.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_mips.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6.diff.gz	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_hppa.deb	Trust: 0.1
url:	http://packages.debian.org/<pkg>	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-src_2.2.9-10+lenny6_all.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_mips.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_mips.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_arm.deb	Trust: 0.1
url:	http://icedtea.classpath.org/hg/release/icedtea6-1.8/rev/a6a02193b073	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3728	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3874	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3728	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3875	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3876	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0091	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3884	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3873	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3881	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-2409	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2409	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0094	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3883	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3884	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3869	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0095	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0840	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3882	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3879	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0092	Trust: 0.1
url:	http://blogs.sun.com/darcy/resource/openjdk_6/openjdk6-b18-changes-summary.html	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0093	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3881	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0088	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3877	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3883	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0084	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3869	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0845	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3871	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0848	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3882	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0838	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3873	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3875	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3874	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3885	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0847	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3871	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3877	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3876	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0085	Trust: 0.1
url:	http://article.gmane.org/gmane.comp.java.openjdk.distro-packaging.devel/8938	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0082	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3880	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3885	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0837	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3880	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3879	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3896	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3898	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1180	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4315	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3896	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3898	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-4315	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-1180	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0130	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0128	Trust: 0.1
url:	http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/	Trust: 0.1
url:	http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins	Trust: 0.1
url:	https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c02964430	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0129	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2008-7270	Trust: 0.1
url:	http://h20000.www2.hp.com/bizsupport/techsupport/softwareindex.jsp?lang=en&cc=us&prodnameid=3188475&prodtypeid=329290&prodseriesid=3188465&swlang=8&taskid=135&swenvoid=1113	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/n/nss/nss_3.12.6-0ubuntu0.9.04.1.diff.gz	Trust: 0.1
url:	http://www.canonical.com	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d-dbg_3.12.6-0ubuntu0.9.04.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/n/nss/libnss3-tools_3.12.6-0ubuntu0.9.04.1_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d-dbg_3.12.6-0ubuntu0.9.04.1_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d_3.12.6-0ubuntu0.9.04.1_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d-dbg_3.12.6-0ubuntu0.9.04.1_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/n/nss/libnss3-0d_3.12.6-0ubuntu0.9.04.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d_3.12.6-0ubuntu0.9.04.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d_3.12.6-0ubuntu0.9.04.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/n/nss/nss_3.12.6-0ubuntu0.9.04.1.dsc	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/n/nss/libnss3-0d_3.12.6-0ubuntu0.9.04.1_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/n/nss/libnss3-tools_3.12.6-0ubuntu0.9.04.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/n/nss/libnss3-tools_3.12.6-0ubuntu0.9.04.1_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/n/nss/libnss3-dev_3.12.6-0ubuntu0.9.04.1_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/n/nss/libnss3-tools_3.12.6-0ubuntu0.9.04.1_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/n/nss/libnss3-0d_3.12.6-0ubuntu0.9.04.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/n/nss/libnss3-0d_3.12.6-0ubuntu0.9.04.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-dev_3.12.6-0ubuntu0.9.04.1_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/n/nss/libnss3-dev_3.12.6-0ubuntu0.9.04.1_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/n/nss/libnss3-tools_3.12.6-0ubuntu0.9.04.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-dev_3.12.6-0ubuntu0.9.04.1_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d-dbg_3.12.6-0ubuntu0.9.04.1_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d_3.12.6-0ubuntu0.9.04.1_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d_3.12.6-0ubuntu0.9.04.1_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d-dbg_3.12.6-0ubuntu0.9.04.1_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/n/nss/libnss3-dev_3.12.6-0ubuntu0.9.04.1_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/n/nss/libnss3-0d_3.12.6-0ubuntu0.9.04.1_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d_3.12.6-0ubuntu0.8.04.1_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/n/nss/libnss3-dev_3.12.6-0ubuntu0.8.04.1_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d-dbg_3.12.6-0ubuntu0.8.04.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/n/nss/nss_3.12.6-0ubuntu0.8.04.1.diff.gz	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-dev_3.12.6-0ubuntu0.8.04.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/n/nss/nss_3.12.6-0ubuntu0.8.04.1.dsc	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/n/nss/libnss3-0d_3.12.6-0ubuntu0.8.04.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/n/nss/libnss3-tools_3.12.6-0ubuntu0.8.04.1_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/n/nss/libnss3-tools_3.12.6-0ubuntu0.8.04.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d_3.12.6-0ubuntu0.8.04.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/n/nss/libnss3-tools_3.12.6-0ubuntu0.8.04.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-0d_3.12.6-0ubuntu0.8.04.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d-dbg_3.12.6-0ubuntu0.8.04.1_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/n/nss/libnss3-tools_3.12.6-0ubuntu0.8.04.1_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d_3.12.6-0ubuntu0.8.04.1_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/n/nss/libnss3-dev_3.12.6-0ubuntu0.8.04.1_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/n/nss/libnss3-0d_3.12.6-0ubuntu0.8.04.1_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-dev_3.12.6-0ubuntu0.8.04.1_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/n/nss/libnss3-0d_3.12.6-0ubuntu0.8.04.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-0d_3.12.6-0ubuntu0.8.04.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d-dbg_3.12.6-0ubuntu0.8.04.1_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/n/nss/libnss3-tools_3.12.6-0ubuntu0.8.04.1_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d-dbg_3.12.6-0ubuntu0.8.04.1_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d-dbg_3.12.6-0ubuntu0.8.04.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d_3.12.6-0ubuntu0.8.04.1_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/n/nss/libnss3-dev_3.12.6-0ubuntu0.8.04.1_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d_3.12.6-0ubuntu0.8.04.1_powerpc.deb	Trust: 0.1
url:	http://www.mandriva.com/en/support/security/	Trust: 0.1
url:	http://www.mandriva.com/en/support/security/advisories/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1619	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1619	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b16-1.6.1-3ubuntu3_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b16-1.6.1-3ubuntu3.dsc	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b12-0ubuntu6.7_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-headless_6b11-2ubuntu2.2_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b16-1.6.1-3ubuntu3_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-dbg_6b11-2ubuntu2.2_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-lib_6b12-0ubuntu6.7_all.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jdk_6b12-0ubuntu6.7_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-source-files_6b12-0ubuntu6.7_all.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jdk_6b14-1.4.1-0ubuntu13_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b14-1.4.1-0ubuntu13_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b16-1.6.1-3ubuntu3_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea6-plugin_6b12-0ubuntu6.7_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b14-1.4.1-0ubuntu13_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-demo_6b11-2ubuntu2.2_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-dbg_6b16-1.6.1-3ubuntu3_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea6-plugin_6b14-1.4.1-0ubuntu13_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre_6b12-0ubuntu6.7_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jre_6b11-2ubuntu2.2_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea6-plugin_6b16-1.6.1-3ubuntu3_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-dbg_6b11-2ubuntu2.2_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b16-1.6.1-3ubuntu3_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b16-1.6.1-3ubuntu3_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b16-1.6.1-3ubuntu3_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea6-plugin_6b16-1.6.1-3ubuntu3_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-demo_6b11-2ubuntu2.2_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b14-1.4.1-0ubuntu13_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b16-1.6.1-3ubuntu3_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b14-1.4.1-0ubuntu13_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b14-1.4.1-0ubuntu13_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b16-1.6.1-3ubuntu3_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jdk_6b11-2ubuntu2.2_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b16-1.6.1-3ubuntu3_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b14-1.4.1-0ubuntu13_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b12-0ubuntu6.7_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b12-0ubuntu6.7_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-dbg_6b14-1.4.1-0ubuntu13_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jdk_6b11-2ubuntu2.2_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea6-plugin_6b12-0ubuntu6.7_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b16-1.6.1-3ubuntu3_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-lib_6b11-2ubuntu2.2_all.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b14-1.4.1-0ubuntu13_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-dbg_6b11-2ubuntu2.2_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b16-1.6.1-3ubuntu3_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jre-headless_6b11-2ubuntu2.2_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b12-0ubuntu6.7_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b14-1.4.1-0ubuntu13_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b14-1.4.1-0ubuntu13_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-demo_6b16-1.6.1-3ubuntu3_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b16-1.6.1-3ubuntu3_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b14-1.4.1-0ubuntu13_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b12.orig.tar.gz	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b16-1.6.1-3ubuntu3_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-source_6b14-1.4.1-0ubuntu13_all.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b16-1.6.1-3ubuntu3_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b12-0ubuntu6.7_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b14-1.4.1-0ubuntu13.diff.gz	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b14-1.4.1-0ubuntu13_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-demo_6b14-1.4.1-0ubuntu13_amd64.deb	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-0840	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jdk_6b11-2ubuntu2.2_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre_6b14-1.4.1-0ubuntu13_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b14-1.4.1-0ubuntu13.dsc	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b16-1.6.1.orig.tar.gz	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-0848	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-dbg_6b12-0ubuntu6.7_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jdk_6b16-1.6.1-3ubuntu3_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b12-0ubuntu6.7.dsc	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6_6b11.orig.tar.gz	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b16-1.6.1-3ubuntu3.diff.gz	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b14-1.4.1-0ubuntu13_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b14-1.4.1-0ubuntu13_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b14-1.4.1-0ubuntu13_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-source-files_6b14-1.4.1-0ubuntu13_all.deb	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-0845	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b12-0ubuntu6.7.diff.gz	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b16-1.6.1-3ubuntu3_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-doc_6b11-2ubuntu2.2_all.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre_6b11-2ubuntu2.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-dbg_6b16-1.6.1-3ubuntu3_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b16-1.6.1-3ubuntu3_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b12-0ubuntu6.7_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b12-0ubuntu6.7_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6_6b11-2ubuntu2.2.diff.gz	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-doc_6b14-1.4.1-0ubuntu13_all.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea6-plugin_6b14-1.4.1-0ubuntu13_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-dbg_6b11-2ubuntu2.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-source_6b12-0ubuntu6.7_all.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-doc_6b16-1.6.1-3ubuntu3_all.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b12-0ubuntu6.7_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-demo_6b12-0ubuntu6.7_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-demo_6b16-1.6.1-3ubuntu3_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-lib_6b14-1.4.1-0ubuntu13_all.deb	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-0847	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b14-1.4.1-0ubuntu13_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jdk_6b16-1.6.1-3ubuntu3_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b16-1.6.1-3ubuntu3_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre_6b11-2ubuntu2.2_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b16-1.6.1-3ubuntu3_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-dbg_6b12-0ubuntu6.7_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b16-1.6.1-3ubuntu3_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b16-1.6.1-3ubuntu3_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-demo_6b11-2ubuntu2.2_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b16-1.6.1-3ubuntu3_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b12-0ubuntu6.7_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b14-1.4.1.orig.tar.gz	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre_6b12-0ubuntu6.7_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre_6b16-1.6.1-3ubuntu3_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jdk_6b11-2ubuntu2.2_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b12-0ubuntu6.7_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-headless_6b11-2ubuntu2.2_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jre-headless_6b11-2ubuntu2.2_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b14-1.4.1-0ubuntu13_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b14-1.4.1-0ubuntu13_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jdk_6b14-1.4.1-0ubuntu13_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6_6b11-2ubuntu2.2.dsc	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b14-1.4.1-0ubuntu13_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b12-0ubuntu6.7_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b16-1.6.1-3ubuntu3_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b16-1.6.1-3ubuntu3_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b12-0ubuntu6.7_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-dbg_6b14-1.4.1-0ubuntu13_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-source_6b16-1.6.1-3ubuntu3_all.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-lib_6b16-1.6.1-3ubuntu3_all.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b14-1.4.1-0ubuntu13_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b12-0ubuntu6.7_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b16-1.6.1-3ubuntu3_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-demo_6b12-0ubuntu6.7_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-doc_6b12-0ubuntu6.7_all.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b16-1.6.1-3ubuntu3_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b14-1.4.1-0ubuntu13_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jre_6b11-2ubuntu2.2_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b12-0ubuntu6.7_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jdk_6b12-0ubuntu6.7_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre_6b16-1.6.1-3ubuntu3_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-demo_6b14-1.4.1-0ubuntu13_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-source_6b11-2ubuntu2.2_all.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b16-1.6.1-3ubuntu3_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre_6b14-1.4.1-0ubuntu13_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-demo_6b11-2ubuntu2.2_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b16-1.6.1-3ubuntu3_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b16-1.6.1-3ubuntu3_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b14-1.4.1-0ubuntu13_i386.deb	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-0087	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-0839	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-0089	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3793	Trust: 0.1
url:	https://www.hp.com/go/swa	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2008-4546	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-0090	Trust: 0.1
url:	http://www.hp.com/go/hpsim	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-2730	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-1573	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2730	Trust: 0.1
url:	http://security.gentoo.org/glsa/glsa-201206-18.xml	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1573	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-4128	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4128	Trust: 0.1

CREDITS

Ubuntu

Trust: 0.4

sources: PACKETSTORM: 94088 // PACKETSTORM: 92095 // PACKETSTORM: 91309 // PACKETSTORM: 88173

SOURCES

db:	CERT/CC	id:	VU#120541
db:	VULHUB	id:	VHN-41001
db:	VULMON	id:	CVE-2009-3555
db:	PACKETSTORM	id:	100765
db:	PACKETSTORM	id:	94088
db:	PACKETSTORM	id:	83521
db:	PACKETSTORM	id:	93944
db:	PACKETSTORM	id:	89136
db:	PACKETSTORM	id:	82647
db:	PACKETSTORM	id:	89026
db:	PACKETSTORM	id:	111273
db:	PACKETSTORM	id:	111583
db:	PACKETSTORM	id:	92095
db:	PACKETSTORM	id:	91309
db:	PACKETSTORM	id:	120714
db:	PACKETSTORM	id:	88173
db:	PACKETSTORM	id:	91749
db:	PACKETSTORM	id:	114128
db:	NVD	id:	CVE-2009-3555

LAST UPDATE DATE

2025-06-25T22:19:40.064000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#120541	date:	2011-07-22T00:00:00
db:	VULHUB	id:	VHN-41001	date:	2023-02-13T00:00:00
db:	NVD	id:	CVE-2009-3555	date:	2025-04-09T00:30:58.490

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#120541	date:	2009-11-11T00:00:00
db:	VULHUB	id:	VHN-41001	date:	2009-11-09T00:00:00
db:	PACKETSTORM	id:	100765	date:	2011-04-24T07:03:17
db:	PACKETSTORM	id:	94088	date:	2010-09-21T22:55:35
db:	PACKETSTORM	id:	83521	date:	2009-12-07T21:57:59
db:	PACKETSTORM	id:	93944	date:	2010-09-17T00:35:23
db:	PACKETSTORM	id:	89136	date:	2010-05-03T23:54:02
db:	PACKETSTORM	id:	82647	date:	2009-11-16T23:36:55
db:	PACKETSTORM	id:	89026	date:	2010-04-28T20:44:54
db:	PACKETSTORM	id:	111273	date:	2012-03-29T02:37:12
db:	PACKETSTORM	id:	111583	date:	2012-04-05T00:45:56
db:	PACKETSTORM	id:	92095	date:	2010-07-23T18:03:56
db:	PACKETSTORM	id:	91309	date:	2010-06-30T03:23:55
db:	PACKETSTORM	id:	120714	date:	2013-03-08T04:15:53
db:	PACKETSTORM	id:	88173	date:	2010-04-07T22:23:17
db:	PACKETSTORM	id:	91749	date:	2010-07-14T04:19:30
db:	PACKETSTORM	id:	114128	date:	2012-06-23T19:34:19
db:	NVD	id:	CVE-2009-3555	date:	2009-11-09T17:30:00.407