Sign-up

VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-201006-0260 CVE-2010-2249 libpng include pngrutil.c Memory leak vulnerability CVSS V2: 4.3
CVSS V3: 6.5
Severity: MEDIUM
Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks. The 'libpng' library is prone to multiple vulnerabilities. Successful exploits may allow remote attackers to cause denial-of-service conditions or potentially execute arbitrary code on computers running the affected library. These issues affect versions prior to 'libpng' 1.4.3 and 1.2.44. Background ========== libpng is a standard library used to process PNG (Portable Network Graphics) images. It is used by several programs, including web browsers and potentially server processes. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 media-libs/libpng < 1.4.3 >= 1.4.3 Description =========== Multiple vulnerabilities were found in libpng: * The png_decompress_chunk() function in pngrutil.c does not properly handle certain type of compressed data (CVE-2010-0205) * A buffer overflow in pngread.c when using progressive applications (CVE-2010-1205) * A memory leak in pngrutil.c when dealing with a certain type of chunks (CVE-2010-2249) Impact ====== An attacker could exploit these vulnerabilities to cause programs linked against the library to crash or execute arbitrary code with the permissions of the user running the vulnerable program, which could be the root user. Workaround ========== There is no known workaround at this time. Resolution ========== All libpng users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/libpng-1.4.3" References ========== [ 1 ] CVE-2010-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205 [ 2 ] CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 [ 3 ] CVE-2010-2249 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201010-01.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . For the testing (squeeze) and unstable (sid) distribution, these problems have been fixed in version 1.2.44-1 We recommend that you upgrade your libpng package. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 5.0 alias lenny - -------------------------------- Debian (stable) - --------------- Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.dsc Size/MD5 checksum: 1201 518a1f5c30a115dcb732e7499a2cef96 http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27.orig.tar.gz Size/MD5 checksum: 783204 13a0de401db1972a8e68f47d5bdadd13 http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.diff.gz Size/MD5 checksum: 21437 43e68a174233314cf49bb204abdd29b6 Architecture independent packages: http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.27-2+lenny4_all.deb Size/MD5 checksum: 886 94643952b104a6f231ed7d710e2ae95d alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_alpha.deb Size/MD5 checksum: 182808 27b109278c41f9354d529ce0cfa2fe70 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_alpha.deb Size/MD5 checksum: 287316 b05d9032dca244cfbb1773e17eb8fbf3 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_alpha.udeb Size/MD5 checksum: 86558 2082c8b1458c53860b8243c184909d99 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_amd64.udeb Size/MD5 checksum: 71944 a3992e7b18a2897879863fbf70f3e44f http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_amd64.deb Size/MD5 checksum: 167620 b654901994d4666d2918869ef59aef38 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_amd64.deb Size/MD5 checksum: 254780 dfb0d24bf329b004ccea98b3a94186be arm architecture (ARM) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_arm.udeb Size/MD5 checksum: 64570 f8b22165ed7daf5c40ecff5e03b7c724 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_arm.deb Size/MD5 checksum: 159684 b64a7d362ef23b72d4af94bd48c89e33 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_arm.deb Size/MD5 checksum: 245526 a55f8943e244796a2dbf4b244673d9ab armel architecture (ARM EABI) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_armel.udeb Size/MD5 checksum: 67034 4d6f0fbce281723de483067ae4226f18 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_armel.deb Size/MD5 checksum: 162570 fb1927ecf7521ce2de4c3c2d3d9ba679 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_armel.deb Size/MD5 checksum: 245964 38148590fd5c421c6e7649767ce23556 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_hppa.deb Size/MD5 checksum: 170090 1a9ad8514fb3dd6111090f321553452b http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_hppa.deb Size/MD5 checksum: 260414 b1ada2a28da472703f953547dc2947e2 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_hppa.udeb Size/MD5 checksum: 73894 eb6714f86f8085811a3dc1a1218a75a3 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_i386.deb Size/MD5 checksum: 245468 8b6e9b5424a8991c05734f90b00182a2 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_i386.deb Size/MD5 checksum: 166290 70c41d2feb2aff02be6154cea7cec1f4 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_i386.udeb Size/MD5 checksum: 70118 e7c845ff2e87dc1dc2849ecac4428aa4 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_ia64.udeb Size/MD5 checksum: 111752 9b3c6f30c1d59df47d8f1736cffb5f74 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_ia64.deb Size/MD5 checksum: 207554 ca076c99f9d64729eab9a58632ab2b9e http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_ia64.deb Size/MD5 checksum: 305536 0446686bb25783804121efced246e59d mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mips.deb Size/MD5 checksum: 164086 e615a6007aa89ccd38a1afc482c6c51e http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mips.udeb Size/MD5 checksum: 68180 beec6961eba764cd9186f4ba1e116949 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mips.deb Size/MD5 checksum: 262216 937b2f2c26200b4a53f0bd8293b80af3 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mipsel.udeb Size/MD5 checksum: 68464 c0e4a6cf4cbb2d6cda04ae5c0c572dd5 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mipsel.deb Size/MD5 checksum: 164312 48ec081a3f25a7863fe689a212d37b07 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mipsel.deb Size/MD5 checksum: 262482 560287e9b0c79a7d51ff4fd37e0a8da4 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_powerpc.deb Size/MD5 checksum: 253154 caa93c1b0d9460d93d7b81241dcd25fb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_powerpc.udeb Size/MD5 checksum: 70748 59534d8fcb740fdfd681a173a85d72fe http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_powerpc.deb Size/MD5 checksum: 166354 3d521ce5930a7707bb3afc61f7c48ccc s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_s390.udeb Size/MD5 checksum: 73500 bceb1dab986adc60adde49c6bb267e7d http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_s390.deb Size/MD5 checksum: 253036 85ebb3e8ac1749f20e0c45f489f348a6 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_s390.deb Size/MD5 checksum: 169330 aa9808b63b2301f8be657a3c2d6797d2 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_sparc.deb Size/MD5 checksum: 161688 5f12a2df5cea9e05bdad35a18e07f864 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_sparc.udeb Size/MD5 checksum: 66084 bc6933daf2143bcc3f3b8c96e7bc29bb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_sparc.deb Size/MD5 checksum: 247360 ad0ae85eb3806d0263b985139c3c54ed These files will probably be moved into the stable distribution on its next update. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2010-0014 Synopsis: VMware Workstation, Player, and ACE address several security issues. Issue date: 2010-09-23 Updated on: 2010-09-23 (initial release of advisory) CVE numbers: CVE-2010-3277 CVE-2010-1205 CVE-2010-0205 CVE-2010-2249 CVE-2010-0434 CVE-2010-0425 - ------------------------------------------------------------------------ 1. Summary VMware Workstation and Player address a potential installer security issue and security issues in libpng. VMware ACE Management Server (AMS) for Windows updates Apache httpd. 2. Relevant releases VMware Workstation 7.1.1 and earlier, VMware Player 3.1.1 and earlier, VMware ACE Management Server 2.7.1 and earlier, Note: VMware Server was declared End Of Availability on January 2010, support will be limited to Technical Guidance for the duration of the support term. 3. Problem Description a. VMware Workstation and Player installer security issue The Workstation 7.x and Player 3.x installers will load an index.htm file located in the current working directory on which Workstation 7.x or Player 3.x is being installed. This may allow an attacker to display a malicious file if they manage to get their file onto the system prior to installation. The issue can only be exploited at the time that Workstation 7.x or Player 3.x is being installed. Installed versions of Workstation and Player are not affected. The security issue is no longer present in the installer of the new versions of Workstation 7.x and Player 3.x (see table below for the version numbers). The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-3277 to this issue. VMware would like to thank Alexander Trofimov and Marc Esher for independently reporting this issue to VMware. The following table lists what action remediates the vulnerability (column 4) if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected Workstation 7.x any 7.1.2 build 301548 or later * Workstation 6.5.x any not affected Player 3.x any 3.1.2 build 301548 or later * Player 2.5.x any not affected AMS any any not affected Server any any not affected Fusion any Mac OS/X not affected ESXi any ESXi not affected ESX any ESX not affected * Note: This only affects the installer, if you have a version of Workstation or Player installed you are not vulnerable. b. Third party libpng updated to version 1.2.44 A buffer overflow condition in libpng is addressed that could potentially lead to code execution with the privileges of the application using libpng. Two potential denial of service issues are also addressed in the update. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-1205, CVE-2010-0205, CVE-2010-2249 to these issues. The following table lists what action remediates the vulnerability (column 4) if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected Workstation 7.1.x any 7.1.2 build 301548 or later Workstation 6.5.x any affected, patch pending Player 3.1.x any 3.1.2 build 301548 or later Player 2.5.x any affected, patch pending AMS any any not affected Server any any affected, no patch planned Fusion any Mac OS/X not affected ESXi any ESXi not affected ESX any ESX not affected c. VMware ACE Management Server (AMS) for Windows updates Apache httpd version 2.2.15. A function in Apache HTTP Server when multithreaded MPM is used does not properly handle headers in subrequests in certain circumstances which may allow remote attackers to obtain sensitive information via a crafted request that triggers access to memory locations associated with an earlier request. The Apache mod_isapi module can be forced to unload a specific library before the processing of a request is complete, resulting in memory corruption. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-0434 and CVE-2010-0425 to the issues addressed in this update. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected Workstation any any not affected Player any any not affected AMS any Windows 2.7.2 build 301548 or later AMS any Linux affected, patch pending * Server any any not affected Fusion any Mac OS/X not affected ESXi any ESXi not affected ESX any ESX not affected * Note CVE-2010-0425 is not applicable to AMS running on Linux 4. Solution Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file. VMware Workstation 7.1.2 ------------------------ http://www.vmware.com/download/ws/ Release notes: http://downloads.vmware.com/support/ws71/doc/releasenotes_ws712.html Workstation for Windows 32-bit and 64-bit with VMware Tools md5sum: 2e9715ec297dc3ca904ad2707d3e2614 sha1sum: 55b2b99f67c3dacd402fb9880999086efd264e7a Workstation for Windows 32-bit and 64-bit without VMware Tools md5sum: 066929f59aef46f11f4d9fd6c6b36e4d sha1sum: def776a28ee1a21b1ad26e836ae868551fff6fc3 VMware Player 3.1.2 ------------------- http://www.vmware.com/download/player/ Release notes: http://downloads.vmware.com/support/player31/doc/releasenotes_player312.html VMware Player for Windows 32-bit and 64-bit md5sum: 3f289cb33af5e425c92d8512fb22a7ba sha1sum: bf67240c1f410ebeb8dcb4f6d7371334bf9a6b70 VMware Player for Linux 32-bit md5sum: 11e3e3e8753e1d9abbbb92c4e3c1dfe8 sha1sum: dd1dbcdb1f4654eefc11472b68934dcb69842749 VMware Player for Linux 64-bit md5sum: 2ab08e0d4050719845a64d334ca15bb1 sha1sum: f024ad84ec831fce8667dfa9601851da5d9fa59c VMware ACE Management Server 2.7.2 ---------------------------------- http://downloads.vmware.com/d/info/desktop_downloads/vmware_ace/2_7 Release notes: http://downloads.vmware.com/support/ace27/doc/releasenotes_ace272.html ACE Management Server for Windows md5sum: 02f0072b8e48a98ed914b633f070d550 sha1sum: 94a68eac4a328d21a741879b9d063227c0dc1ce4 5. References CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3277 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425 - ------------------------------------------------------------------------ 6. Change log 2010-09-23 VMSA-2010-0014 Initial security advisory after release of Workstation 7.1.2, Player 3.1.2 and ACE Management Server 2.7.2 on 2010-09-23 - ----------------------------------------------------------------------- 7. Contact E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce This Security Advisory is posted to the following lists: * security-announce at lists.vmware.com * bugtraq at securityfocus.com * full-disclosure at lists.grok.org.uk E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055 VMware Security Center http://www.vmware.com/security VMware Security Advisories http://www.vmware.com/security/advisoiries VMware security response policy http://www.vmware.com/support/policies/security_response.html General support life cycle policy http://www.vmware.com/support/policies/eos.html VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html Copyright 2010 VMware Inc. All rights reserved. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) iEYEARECAAYFAkycSrQACgkQS2KysvBH1xmT9wCfbBUS4GYrJohz+QMLYcoiFmSh eTgAoIAmx+ilbe2myj02daLjFrVQfQII =5jlh -----END PGP SIGNATURE----- . =========================================================== Ubuntu Security Notice USN-960-1 July 08, 2010 libpng vulnerabilities CVE-2010-1205, CVE-2010-2249 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 9.04 Ubuntu 9.10 Ubuntu 10.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libpng12-0 1.2.8rel-5ubuntu0.6 Ubuntu 8.04 LTS: libpng12-0 1.2.15~beta5-3ubuntu0.3 Ubuntu 9.04: libpng12-0 1.2.27-2ubuntu2.2 Ubuntu 9.10: libpng12-0 1.2.37-1ubuntu0.2 Ubuntu 10.04 LTS: libpng12-0 1.2.42-1ubuntu2.1 After a standard system update you need to reboot your computer to make all the necessary changes. Details follow: It was discovered that libpng did not properly handle certain malformed PNG images. If a user or automated system were tricked into opening a crafted PNG file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1205) It was discovered that libpng did not properly handle certain malformed PNG images. If a user or automated system were tricked into processing a crafted PNG image, an attacker could possibly use this flaw to consume all available resources, resulting in a denial of service. (CVE-2010-2249) Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.6.diff.gz Size/MD5: 24044 8979ca6b113137fe5ee051c1c70571eb http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.6.dsc Size/MD5: 661 92722fa973e92a99f982fe05b5826adf http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz Size/MD5: 510681 cac1512878fb98f2456df6dc50bc9bc7 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5ubuntu0.6_all.deb Size/MD5: 842 dcbc7d24c8426e3b3024859ec157f57e amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_amd64.deb Size/MD5: 114528 aea355e99e67b76c9464f8cc49b3560d http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_amd64.deb Size/MD5: 247576 f0e52e10a663f9b1b04d9371d4a2cf14 http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_amd64.udeb Size/MD5: 69504 6536e83152b2cf00d0d961b9b095c2d5 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_i386.deb Size/MD5: 112048 b8f85cc6154602422a8841a5cad1a4a1 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_i386.deb Size/MD5: 239628 fb6f6e62a9fa6114c50946c74cb2ed5d http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_i386.udeb Size/MD5: 66946 501acb21d567d62608904e4272ff842d powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_powerpc.deb Size/MD5: 111648 19cccb12fb968f40f04068b9da24f589 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_powerpc.deb Size/MD5: 245230 ebdbfc860056170b7a165479d7905bb3 http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_powerpc.udeb Size/MD5: 66458 24e918a95770150b4df72530bd6de095 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_sparc.deb Size/MD5: 109156 510d17affd2c0cf3f5dce5379df57d49 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_sparc.deb Size/MD5: 240072 1ff11e0649a58bc7b809c86941aaafd7 http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_sparc.udeb Size/MD5: 63882 d7df02c540e66a536cbffca5d02645d5 Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.3.diff.gz Size/MD5: 22755 f5c0ba19b04eba8264ebb6b30c5617d6 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.3.dsc Size/MD5: 832 d08a82b28411baa0184d3b8231fd8b61 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5.orig.tar.gz Size/MD5: 829038 77ca14fcee1f1f4daaaa28123bd0b22d Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.15~beta5-3ubuntu0.3_all.deb Size/MD5: 940 7344fa4e61880636b014525f6e6482a1 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_amd64.deb Size/MD5: 190186 01f82b2b967c5212e834dd57c12c1a7c http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_amd64.deb Size/MD5: 179752 c26e243dd21f5dd10b478c0415215c1c http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_amd64.udeb Size/MD5: 70534 5f7628d9b644ae953c515d18f7de9980 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_i386.deb Size/MD5: 188782 51354007cca0796218e3aaeba6142c41 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_i386.deb Size/MD5: 171216 b7a092ef2f5955b380adc015bfae6c81 http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_i386.udeb Size/MD5: 69082 7612cd438ddfaab236de5f342f709b66 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_lpia.deb Size/MD5: 189664 4825baf36c5d14b5066d548aaf050866 http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_lpia.deb Size/MD5: 172962 b16b496d6553fbf28523147617011b95 http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_lpia.udeb Size/MD5: 70020 61f5d75c4435333ef586677a07d49915 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_powerpc.deb Size/MD5: 190300 8ac6e4c1efb73de848d5bc5457093e7a http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_powerpc.deb Size/MD5: 179166 d92637edf805d7d673a4440b2605dc57 http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_powerpc.udeb Size/MD5: 70604 adf25dd26d85725ab3c74c4a80a7a541 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_sparc.deb Size/MD5: 185622 ef3cf5486afe387d09bf05106893b371 http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_sparc.deb Size/MD5: 173422 4b2f3476b423a3c5c31ee0738bfb4458 http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_sparc.udeb Size/MD5: 65928 ab5ac0b24d618dc432d1763a0e50ebda Updated packages for Ubuntu 9.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.2.diff.gz Size/MD5: 176459 b2f27af9534f3c5b9a120680cd41ce7c http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.2.dsc Size/MD5: 1296 b66efe2157ab6f3dad6e57b4fe9dbf13 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27.orig.tar.gz Size/MD5: 783204 13a0de401db1972a8e68f47d5bdadd13 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-2ubuntu2.2_all.deb Size/MD5: 932 1c66e49e2b875fa40c5556c19d076508 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_amd64.udeb Size/MD5: 72852 a1bbcffd25c3ec87cbdf86be154962fc http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_amd64.deb Size/MD5: 168576 9f40f2846c21aa5835f53ab6895ec5cf http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_amd64.deb Size/MD5: 255784 d9060ad287e40ded1848b79284abbcc0 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_i386.udeb Size/MD5: 71102 c18134055d747d066b60218b69e99d45 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_i386.deb Size/MD5: 166904 e8151a3f79f0fff6d98bbb0675621594 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_i386.deb Size/MD5: 247922 ae8412d1c420f1dd63cb436382cad51f lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_lpia.udeb Size/MD5: 71488 5179307ffe74c10515e61503e647606f http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_lpia.deb Size/MD5: 167370 dd07d7a09484eb7711da5cd874099abe http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_lpia.deb Size/MD5: 248872 a34333b123f4d12e7872868111942cbd powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_powerpc.udeb Size/MD5: 71674 f742f2771d94ca29746906c1177d657d http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_powerpc.deb Size/MD5: 167514 478378fde5c7fd14fbffa1be072aa21c http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_powerpc.deb Size/MD5: 254642 ba3f255f4346a4483c5410d55acaac65 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_sparc.udeb Size/MD5: 66670 ee067298bc51471f06bcf1a74b557310 http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_sparc.deb Size/MD5: 162336 ab167dcdbbd930a3d976af0ad57cbac2 http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_sparc.deb Size/MD5: 248428 8b96f4ff4f0ad8e366ed4475d3890948 Updated packages for Ubuntu 9.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.2.diff.gz Size/MD5: 20129 f230ec37944a0150ffc83cfdddc7c906 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.2.dsc Size/MD5: 1293 fce0b2fd543aeff27d47fb91f12af053 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37.orig.tar.gz Size/MD5: 805380 7480dbbf9f6c3297faf6fe52ec9b91ab Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.37-1ubuntu0.2_all.deb Size/MD5: 932 cee669d58ac9660e1fe71cf9e2eeda9d amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_amd64.udeb Size/MD5: 73938 15bb328beed6ab3287967c54e4177018 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_amd64.deb Size/MD5: 175088 f003cc7565826cfcc337ab409ffc6e8f http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_amd64.deb Size/MD5: 265400 2d26dc0e9ddb6c2010776fbbcb82d791 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_i386.udeb Size/MD5: 70444 a80af68dda6ff1aa3168040d33600e64 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_i386.deb Size/MD5: 171594 3fca9df961cc3616b75f6518ab870a68 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_i386.deb Size/MD5: 255474 1ab05dffaa25e1d9190d0ea872b0fbd8 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_lpia.udeb Size/MD5: 71066 0495b247d489438259937bee1f17761f http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_lpia.deb Size/MD5: 172296 730fd7a16f9496e37ffee99ea68d15a6 http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_lpia.deb Size/MD5: 257350 fff93fe6a558aef20e20b8b8f15227e7 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_powerpc.udeb Size/MD5: 72524 8e92aaedc8e6fabafed81cca60a833e9 http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_powerpc.deb Size/MD5: 173720 055336debc8a5b9ff92e6cae9998ac94 http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_powerpc.deb Size/MD5: 264674 dbd6ca8bcdcf241c0629b7b27e0e1e5d sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_sparc.udeb Size/MD5: 67348 44b9c2989661e116d78b809a8657a5c8 http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_sparc.deb Size/MD5: 168516 b98b4872db6f90caf0f43da67197dec0 http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_sparc.deb Size/MD5: 257634 eb673ad114284bbd9be37e1c322e1bfb Updated packages for Ubuntu 10.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42-1ubuntu2.1.debian.tar.bz2 Size/MD5: 19511 ac49d7354c1ab87a91dbad607733629f http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42-1ubuntu2.1.dsc Size/MD5: 1299 dae31f78418d5db8c3476d7562859658 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42.orig.tar.bz2 Size/MD5: 670811 9a5cbe9798927fdf528f3186a8840ebe Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.42-1ubuntu2.1_all.deb Size/MD5: 926 602d7036448637b45c1eacbc31e05640 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_amd64.udeb Size/MD5: 74124 82cc493f2b3d80b10ccf3f9fa2ec4ff6 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_amd64.deb Size/MD5: 180006 3b5339fe77bcdae97bb2a318496a192e http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_amd64.deb Size/MD5: 271858 ae0c6a1e973dad2b0a0685fd863c096d i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_i386.udeb Size/MD5: 70692 b264bdd0086f3451e42df7f840ab894a http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_i386.deb Size/MD5: 176510 03c3d70135e907f21b2342972d8a9b40 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_i386.deb Size/MD5: 261728 955b40272944dd988ee39b62d8c6606c powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_powerpc.udeb Size/MD5: 73380 ad2cda1c89c55c473121da33a40294f6 http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_powerpc.deb Size/MD5: 179272 b6623c3dcdc841a762308f889c8b478e http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_powerpc.deb Size/MD5: 271898 fcccfdb0eb4bc3a3470a83888f8bae28 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_sparc.udeb Size/MD5: 69258 ec2047ed5079933d6dbeb841a0207c59 http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_sparc.deb Size/MD5: 175214 142020dfd126d2335bc93bad6a714799 http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_sparc.deb Size/MD5: 265174 06843a4a028c5533e89d5562cbeb2047 . Latest xulrunner and mozilla-thunderbird has been patched as a precaution for 2008.0 wheres on 2009.0 and up the the system libpng library is used instead of the bundled copy. htmldoc, xulrunner and mozilla-thunderbird packages is therefore also being provided with this advisory. Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6218 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.0: 4e91a2a256c61f52dffd4fb625e20cf8 2008.0/i586/htmldoc-1.8.27-1.2mdv2008.0.i586.rpm 71553205b1e31d2891667d2eab7aca14 2008.0/i586/htmldoc-nogui-1.8.27-1.2mdv2008.0.i586.rpm 75b6d3f905d7e94154902f81e4728963 2008.0/i586/libpng3-1.2.22-0.5mdv2008.0.i586.rpm fa0c81f2b544f65455a0e0420d9a0e56 2008.0/i586/libpng-devel-1.2.22-0.5mdv2008.0.i586.rpm d4d06a12fd8ee88295877e127757c64b 2008.0/i586/libpng-source-1.2.22-0.5mdv2008.0.i586.rpm 6687d56f95702f0e5786c885ab79c6a9 2008.0/i586/libpng-static-devel-1.2.22-0.5mdv2008.0.i586.rpm 546c18ed8ccf044a45dff3a8cd5ac5b7 2008.0/i586/libxulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.i586.rpm b428e1202d95d588fb3248c2b2fe8b2f 2008.0/i586/libxulrunner-devel-1.9.2.6-0.2mdv2008.0.i586.rpm b9541da4417ea1150c493aea591509bb 2008.0/i586/mozilla-thunderbird-3.0.5-0.2mdv2008.0.i586.rpm 3389caeeda8b8f272d0e5ed070f075b8 2008.0/i586/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.i586.rpm 901abb46652fbc19c8e655895181a949 2008.0/i586/nsinstall-3.0.5-0.2mdv2008.0.i586.rpm ad221cd523bff8f4a59037aa05e1442b 2008.0/i586/xulrunner-1.9.2.6-0.2mdv2008.0.i586.rpm d3dbbb58c9832db4edbc45a4023b4477 2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm 885dba7fe0581b37de05d20b838f279a 2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm 358c49e17d4db735f6862fdbee95a1c9 2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm 748ab46a19f1c32808bf3e79429f2211 2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: 8b2eff5dd89f4ed7e3f120bbc31afa34 2008.0/x86_64/htmldoc-1.8.27-1.2mdv2008.0.x86_64.rpm 15460a7bce68e95d03a87eb14066728b 2008.0/x86_64/htmldoc-nogui-1.8.27-1.2mdv2008.0.x86_64.rpm c7577072f7ab2786a97d7df732b4299a 2008.0/x86_64/lib64png3-1.2.22-0.5mdv2008.0.x86_64.rpm fae36a86aa019cf0fcbcf0d15c508208 2008.0/x86_64/lib64png-devel-1.2.22-0.5mdv2008.0.x86_64.rpm 141ec56a2395ed150acc997eac851429 2008.0/x86_64/lib64png-static-devel-1.2.22-0.5mdv2008.0.x86_64.rpm a29c11e39685931084a085f5716afd5c 2008.0/x86_64/lib64xulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.x86_64.rpm 3a846b86c758be68420ef05e44cfe717 2008.0/x86_64/lib64xulrunner-devel-1.9.2.6-0.2mdv2008.0.x86_64.rpm 084f3b3d7c68806c7acfc7f3be701f0b 2008.0/x86_64/libpng-source-1.2.22-0.5mdv2008.0.x86_64.rpm c45f7479d93714c46d14f4ae2a5b76bd 2008.0/x86_64/mozilla-thunderbird-3.0.5-0.2mdv2008.0.x86_64.rpm 996e7a6a98997883236b08f6ec5816fa 2008.0/x86_64/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.x86_64.rpm ecfdba6225b837a7a03c2ddf0d77d07f 2008.0/x86_64/nsinstall-3.0.5-0.2mdv2008.0.x86_64.rpm 394d8e8458e503ed10db7c7b7f742c2b 2008.0/x86_64/xulrunner-1.9.2.6-0.2mdv2008.0.x86_64.rpm d3dbbb58c9832db4edbc45a4023b4477 2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm 885dba7fe0581b37de05d20b838f279a 2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm 358c49e17d4db735f6862fdbee95a1c9 2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm 748ab46a19f1c32808bf3e79429f2211 2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm Mandriva Linux 2009.0: 28b355727c0ef89be1955a18a8c4a1cf 2009.0/i586/libpng3-1.2.31-2.3mdv2009.0.i586.rpm bf33a24dc5144d0c2362e5c7432f9434 2009.0/i586/libpng-devel-1.2.31-2.3mdv2009.0.i586.rpm e331263b8ac75ddad94f6d9d06d9c802 2009.0/i586/libpng-source-1.2.31-2.3mdv2009.0.i586.rpm 921c4ed0268fcb932f52d299ea74a28c 2009.0/i586/libpng-static-devel-1.2.31-2.3mdv2009.0.i586.rpm c43df36b143f834aa7351eb6a9952897 2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: a20b2965684ddb18b2818d618927bb9a 2009.0/x86_64/lib64png3-1.2.31-2.3mdv2009.0.x86_64.rpm df3bbf6f7e959aea3f6065c83ece5321 2009.0/x86_64/lib64png-devel-1.2.31-2.3mdv2009.0.x86_64.rpm 3c8e3469239f93a70ccbcf56ba55cfb6 2009.0/x86_64/lib64png-static-devel-1.2.31-2.3mdv2009.0.x86_64.rpm 740cd4b4cf0d39dd03a26f0b821cfee4 2009.0/x86_64/libpng-source-1.2.31-2.3mdv2009.0.x86_64.rpm c43df36b143f834aa7351eb6a9952897 2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm Mandriva Linux 2009.1: 127a1c180703d9c89f5f968d7262c469 2009.1/i586/libpng3-1.2.35-1.2mdv2009.1.i586.rpm 3bbf13f800dcbb5f4ab45ffe898f96ce 2009.1/i586/libpng-devel-1.2.35-1.2mdv2009.1.i586.rpm 2e369ee2602705f601d23a977c82ae8a 2009.1/i586/libpng-source-1.2.35-1.2mdv2009.1.i586.rpm 5784917823e881a4aa997276528bfabe 2009.1/i586/libpng-static-devel-1.2.35-1.2mdv2009.1.i586.rpm 6267ae8a72870fdd2a44962d987a6216 2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm Mandriva Linux 2009.1/X86_64: d6032db330f8b8b40af48b29fc6d3730 2009.1/x86_64/lib64png3-1.2.35-1.2mdv2009.1.x86_64.rpm 4aac775bc389d382f184d912ef50b0be 2009.1/x86_64/lib64png-devel-1.2.35-1.2mdv2009.1.x86_64.rpm fb792b3d38cf769590a2dde6ee74c755 2009.1/x86_64/lib64png-static-devel-1.2.35-1.2mdv2009.1.x86_64.rpm 0dfcb358ed06fe83e9621e06189aa8f9 2009.1/x86_64/libpng-source-1.2.35-1.2mdv2009.1.x86_64.rpm 6267ae8a72870fdd2a44962d987a6216 2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm Mandriva Linux 2010.0: 76ba7b51c3eda624850a8288bd182afa 2010.0/i586/libpng3-1.2.40-1.2mdv2010.0.i586.rpm 7a936f6a94f33f0e7ffc991ff7b4ed7f 2010.0/i586/libpng-devel-1.2.40-1.2mdv2010.0.i586.rpm abd9ee162933e3208918d3190c76c0af 2010.0/i586/libpng-source-1.2.40-1.2mdv2010.0.i586.rpm bae7010f8e07568c1a9b42e20e7ddebf 2010.0/i586/libpng-static-devel-1.2.40-1.2mdv2010.0.i586.rpm cc04ec15436b892a4e75f1ad18675fb6 2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm Mandriva Linux 2010.0/X86_64: 499b5e2707d19becfdab415a8008b122 2010.0/x86_64/lib64png3-1.2.40-1.2mdv2010.0.x86_64.rpm 166ca4d21e39bbb3f250806626c59154 2010.0/x86_64/lib64png-devel-1.2.40-1.2mdv2010.0.x86_64.rpm 1c4b4f2e79cf01a4388a2e395dd64cfa 2010.0/x86_64/lib64png-static-devel-1.2.40-1.2mdv2010.0.x86_64.rpm 88b678c1352aa3ed0fffb04241254128 2010.0/x86_64/libpng-source-1.2.40-1.2mdv2010.0.x86_64.rpm cc04ec15436b892a4e75f1ad18675fb6 2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm Mandriva Linux 2010.1: 349ec004acb579d4466b530bfd5fbf3d 2010.1/i586/libpng3-1.2.43-1.1mdv2010.1.i586.rpm d9e323791b16319728fe1486f819e59b 2010.1/i586/libpng-devel-1.2.43-1.1mdv2010.1.i586.rpm 3101d70a79c416392fe228d34b9ba6ff 2010.1/i586/libpng-source-1.2.43-1.1mdv2010.1.i586.rpm 2ff75d1339d52d859939d81994eae477 2010.1/i586/libpng-static-devel-1.2.43-1.1mdv2010.1.i586.rpm 0638fc23b9c5f1f7b3bcd0fdaf71bea8 2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm Mandriva Linux 2010.1/X86_64: 80e4392bbe0bd06b392216a6737cd37a 2010.1/x86_64/lib64png3-1.2.43-1.1mdv2010.1.x86_64.rpm 2d7d50b539c63cd1874ed8150d7fb84a 2010.1/x86_64/lib64png-devel-1.2.43-1.1mdv2010.1.x86_64.rpm 5c3793d0bc69db028ec214a6c9f67c1e 2010.1/x86_64/lib64png-static-devel-1.2.43-1.1mdv2010.1.x86_64.rpm 06b83b6f5050410eff5fe8a590972c18 2010.1/x86_64/libpng-source-1.2.43-1.1mdv2010.1.x86_64.rpm 0638fc23b9c5f1f7b3bcd0fdaf71bea8 2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm Corporate 4.0: be322ac5f446c26c2d0983a2d37e0c6c corporate/4.0/i586/htmldoc-1.8.23-8.2.20060mlcs4.i586.rpm 71329303eddfd4af0994a708bbe4a119 corporate/4.0/i586/htmldoc-nogui-1.8.23-8.2.20060mlcs4.i586.rpm 1c1036be9452042cd356349d6251b697 corporate/4.0/i586/libpng3-1.2.8-1.8.20060mlcs4.i586.rpm e9ba6c0c604a08f555d99503ba7adb68 corporate/4.0/i586/libpng3-devel-1.2.8-1.8.20060mlcs4.i586.rpm 288d9ca48ea58918bdff316891f3c474 corporate/4.0/i586/libpng3-static-devel-1.2.8-1.8.20060mlcs4.i586.rpm 3aa4084dfc51cf4e8ba252f89d53b220 corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm b2449f493949c397ac345027783c1216 corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm Corporate 4.0/X86_64: f761706265fcbebd220b16542a742cc9 corporate/4.0/x86_64/htmldoc-1.8.23-8.2.20060mlcs4.x86_64.rpm 79b3189809ad9176401620a41aaa1fcd corporate/4.0/x86_64/htmldoc-nogui-1.8.23-8.2.20060mlcs4.x86_64.rpm e4f9ac99ff42fbc27aae3d8942903043 corporate/4.0/x86_64/lib64png3-1.2.8-1.8.20060mlcs4.x86_64.rpm e26042ead39ce63ed5f4700d2e61e260 corporate/4.0/x86_64/lib64png3-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm 609d6dc1b8a2b5afb029505469844c4f corporate/4.0/x86_64/lib64png3-static-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm 3aa4084dfc51cf4e8ba252f89d53b220 corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm b2449f493949c397ac345027783c1216 corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm Mandriva Enterprise Server 5: 282337fa9e11a04ef82464c7574591f4 mes5/i586/libpng3-1.2.31-2.3mdvmes5.1.i586.rpm 92c6ec861cf7da08a498576ba412e633 mes5/i586/libpng-devel-1.2.31-2.3mdvmes5.1.i586.rpm c9efa6abde763edff47bf0c1071c9f1a mes5/i586/libpng-source-1.2.31-2.3mdvmes5.1.i586.rpm 2f5340946610590a6baec42354868888 mes5/i586/libpng-static-devel-1.2.31-2.3mdvmes5.1.i586.rpm 488ece2aa6a2c4dc62d4c274d64c2926 mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm Mandriva Enterprise Server 5/X86_64: e5f88951d2135de8587d4be94b405ce9 mes5/x86_64/lib64png3-1.2.31-2.3mdvmes5.1.x86_64.rpm 6b89da9eea105e65d7ae3c875c148473 mes5/x86_64/lib64png-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm c1e6715410bbf2081187aef6749b0e3d mes5/x86_64/lib64png-static-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm cb7ef533d9966c8b531cde8a661fc0af mes5/x86_64/libpng-source-1.2.31-2.3mdvmes5.1.x86_64.rpm 488ece2aa6a2c4dc62d4c274d64c2926 mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFMP2A1mqjQ0CJFipgRAjw5AKDRGlB7JGhhCobOgDXKWuKOu8Q43gCeOclX KlOM1C8b0XVNVFF83vXPz9A= =E10C -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
VAR-201006-1188 CVE-2010-1205 libpng fails to limit number of rows in header CVSS V2: 7.5
CVSS V3: 9.8
Severity: CRITICAL
Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row. Libpng contains a vulnerability in the way it handles images containing an extra row of image data beyond the height reported in the image header. libpng Is PNG A vulnerability exists in the processing of files. libpng Crafted PNG A vulnerability exists that causes a buffer overflow when processing files. If the graphics file provides an extra graphics row that is higher than the height reported in the header, this overflow can be triggered, resulting in arbitrary code execution; in addition, when processing a certain There may be a memory leak when some sCAL blocks are used, and specially crafted PNG graphics may cause a denial of service. Background ========== libpng is a standard library used to process PNG (Portable Network Graphics) images. It is used by several programs, including web browsers and potentially server processes. =========================================================== Ubuntu Security Notice USN-930-5 July 23, 2010 ant, apturl, epiphany-browser, gluezilla, gnome-python-extras, liferea, mozvoikko, openjdk-6, packagekit, ubufox, webfav, yelp update https://launchpad.net/bugs/599954 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 9.04 Ubuntu 9.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 9.04: ant 1.7.1-0ubuntu2.2 apturl 0.3.3ubuntu1.2 epiphany-browser 2.26.1-0ubuntu1.9.04.1 icedtea6-plugin 6b18-1.8-4ubuntu3~9.04.2 libgluezilla 2.0-1ubuntu1.9.04.1 liferea 1.4.26-0ubuntu1.9.04.1 mozilla-packagekit 0.3.14-0ubuntu5.9.04.1 mozvoikko 0.9.5-1ubuntu2.9.04.1 python-gnome2-extras 2.19.1-0ubuntu14.9.04.1 ubufox 0.9~rc2-0ubuntu0.9.04.2 webfav 1.11-0ubuntu1.9.04.1 yelp 2.25.1-0ubuntu5.9.04.1 Ubuntu 9.10: ant 1.7.1-4ubuntu0.2 icedtea6-plugin 6b18-1.8-4ubuntu3~9.10.2 mozvoikko 1.0-1ubuntu3.9.10.1 python-gtkmozembed 2.25.3-3ubuntu1.9.10.1 ubufox 0.9~rc2-0ubuntu0.9.10.1 webfav 1.16-0ubuntu1.9.10.1 yelp 2.28.0-0ubuntu2.9.10.1 After a standard system upgrade you need to restart Firefox and any applications that use Xulrunner to effect the necessary changes. Details follow: USN-930-4 fixed vulnerabilities in Firefox and Xulrunner on Ubuntu 9.04 and 9.10. This update provides updated packages for use with Firefox 3.6 and Xulrunner 1.9.2. Original advisory details: If was discovered that Firefox could be made to access freed memory. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.04 LTS. (CVE-2010-1121) Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1200, CVE-2010-1201, CVE-2010-1202, CVE-2010-1203) A flaw was discovered in the way plugin instances interacted. An attacker could potentially exploit this and use one plugin to access freed memory from a second plugin to execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1198) An integer overflow was discovered in Firefox. If a user were tricked into viewing a malicious site, an attacker could overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1196) Martin Barbella discovered an integer overflow in an XSLT node sorting routine. An attacker could exploit this to overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1199) Michal Zalewski discovered that the focus behavior of Firefox could be subverted. If a user were tricked into viewing a malicious site, a remote attacker could use this to capture keystrokes. (CVE-2010-1125) Ilja van Sprundel discovered that the 'Content-Disposition: attachment' HTTP header was ignored when 'Content-Type: multipart' was also present. Under certain circumstances, this could potentially lead to cross-site scripting attacks. (CVE-2010-1197) Amit Klein discovered that Firefox did not seed its random number generator often enough. An attacker could exploit this to identify and track users across different web sites. (CVE-2008-5913) Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-1208, CVE-2010-1209, CVE-2010-1211, CVE-2010-1212) An integer overflow was discovered in how Firefox processed plugin parameters. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-1214) A flaw was discovered in the Firefox JavaScript engine. If a user were tricked into viewing a malicious site, a remote attacker code execute arbitrary JavaScript with chrome privileges. (CVE-2010-1215) An integer overflow was discovered in how Firefox processed CSS values. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-2752) An integer overflow was discovered in how Firefox interpreted the XUL <tree> element. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-2753) Aki Helin discovered that libpng did not properly handle certain malformed PNG images. If a user were tricked into opening a crafted PNG file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1205) Yosuke Hasegawa and Vladimir Vukicevic discovered that the same-origin check in Firefox could be bypassed by utilizing the importScripts Web Worker method. If a user were tricked into viewing a malicious website, an attacker could exploit this to read data from other domains. (CVE-2010-1213, CVE-2010-1207) O. Andersen that Firefox did not properly map undefined positions within certain 8 bit encodings. An attacker could utilize this to perform cross-site scripting attacks. (CVE-2010-1210) Michal Zalewski discovered flaws in how Firefox processed the HTTP 204 (no content) code. An attacker could exploit this to spoof the location bar, such as in a phishing attack. (CVE-2010-1206) Jordi Chancel discovered that Firefox did not properly handle when a server responds to an HTTPS request with plaintext and then processes JavaScript history events. An attacker could exploit this to spoof the location bar, such as in a phishing attack. (CVE-2010-2751) Chris Evans discovered that Firefox did not properly process improper CSS selectors. If a user were tricked into viewing a malicious website, an attacker could exploit this to read data from other domains. (CVE-2010-0654) Soroush Dalili discovered that Firefox did not properly handle script error output. An attacker could use this to access URL parameters from other domains. (CVE-2010-2754) Updated packages for Ubuntu 9.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant_1.7.1-0ubuntu2.2.diff.gz Size/MD5: 35326 69b771cb50f9a43e51aafda4e4a814e5 http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant_1.7.1-0ubuntu2.2.dsc Size/MD5: 1913 a68d465c4e70aea6e0a89c69180181fa http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant_1.7.1.orig.tar.gz Size/MD5: 6596356 d56d29861563f9991088226341b4c520 http://security.ubuntu.com/ubuntu/pool/main/a/apturl/apturl_0.3.3ubuntu1.2.dsc Size/MD5: 1261 69c73f46ef133f23b32f10652e5e7f6d http://security.ubuntu.com/ubuntu/pool/main/a/apturl/apturl_0.3.3ubuntu1.2.tar.gz Size/MD5: 25013 69f5b16449cbb14c71020e5499b26977 http://security.ubuntu.com/ubuntu/pool/main/e/epiphany-browser/epiphany-browser_2.26.1-0ubuntu1.9.04.1.diff.gz Size/MD5: 129801 4a62d9d085dd726001b5211521a9e93f http://security.ubuntu.com/ubuntu/pool/main/e/epiphany-browser/epiphany-browser_2.26.1-0ubuntu1.9.04.1.dsc Size/MD5: 2486 13d0448ad59341a8b1a82c74bf1e2fc9 http://security.ubuntu.com/ubuntu/pool/main/e/epiphany-browser/epiphany-browser_2.26.1.orig.tar.gz Size/MD5: 7952439 f9b23671a783fd18398011f33e9e26af http://security.ubuntu.com/ubuntu/pool/main/g/gluezilla/gluezilla_2.0-1ubuntu1.9.04.1.diff.gz Size/MD5: 24281 d9be6574392e67a2c7e66962eb6c1dcf http://security.ubuntu.com/ubuntu/pool/main/g/gluezilla/gluezilla_2.0-1ubuntu1.9.04.1.dsc Size/MD5: 1814 ef42b93a1ca6ffc962e22e8e3acbc8bf http://security.ubuntu.com/ubuntu/pool/main/g/gluezilla/gluezilla_2.0.orig.tar.gz Size/MD5: 389719 4ecb4220cf334d9a2160f27adde2aef2 http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/gnome-python-extras_2.19.1-0ubuntu14.9.04.1.diff.gz Size/MD5: 102888 25e71dad8ab15f8905fa9a480e64cb5e http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/gnome-python-extras_2.19.1-0ubuntu14.9.04.1.dsc Size/MD5: 2285 817c058aede19ac5e787c30eab5ac796 http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/gnome-python-extras_2.19.1.orig.tar.gz Size/MD5: 515369 3dd5eb6db50b86d49f065d9b8651bbc7 http://security.ubuntu.com/ubuntu/pool/main/l/liferea/liferea_1.4.26-0ubuntu1.9.04.1.diff.gz Size/MD5: 55064 9f99eacf6e210e9338f33219df325f73 http://security.ubuntu.com/ubuntu/pool/main/l/liferea/liferea_1.4.26-0ubuntu1.9.04.1.dsc Size/MD5: 1920 2c9480805e1fea8d3385d645a598c230 http://security.ubuntu.com/ubuntu/pool/main/l/liferea/liferea_1.4.26.orig.tar.gz Size/MD5: 1658484 d4ce9e710e3fb988bd5e4c2debe89331 http://security.ubuntu.com/ubuntu/pool/main/m/mozvoikko/mozvoikko_0.9.5-1ubuntu2.9.04.1.diff.gz Size/MD5: 3296 2a0e29a8e7e1c7b43b80eb41d369ba4b http://security.ubuntu.com/ubuntu/pool/main/m/mozvoikko/mozvoikko_0.9.5-1ubuntu2.9.04.1.dsc Size/MD5: 1517 8ed46947fe25ffcab9c1e2ffa3bb2d82 http://security.ubuntu.com/ubuntu/pool/main/m/mozvoikko/mozvoikko_0.9.5.orig.tar.gz Size/MD5: 25219 3469e95199aab774f74d13a41cb26d16 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b18-1.8-4ubuntu3~9.04.2.diff.gz Size/MD5: 178255 7a6717d747cad42a61f54f85bcf41620 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b18-1.8-4ubuntu3~9.04.2.dsc Size/MD5: 2624 8143bc4e6fbb54a39bd99fa6d4d2815a http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b18-1.8.orig.tar.gz Size/MD5: 68294481 39bd3323eb93c48ccd7517b4ebc2aeb2 http://security.ubuntu.com/ubuntu/pool/main/p/packagekit/packagekit_0.3.14-0ubuntu5.9.04.1.diff.gz Size/MD5: 481032 c695210856b3498c13ee5437c832e4a7 http://security.ubuntu.com/ubuntu/pool/main/p/packagekit/packagekit_0.3.14-0ubuntu5.9.04.1.dsc Size/MD5: 2298 ca929fff634603e2de0768834c075b0c http://security.ubuntu.com/ubuntu/pool/main/p/packagekit/packagekit_0.3.14.orig.tar.gz Size/MD5: 2764710 cd4460ccd94d3fb92b57eea387c842da http://security.ubuntu.com/ubuntu/pool/main/u/ubufox/ubufox_0.9~rc2-0ubuntu0.9.04.2.diff.gz Size/MD5: 6824 744ac9ef9c22a32f64e4c06c98218db3 http://security.ubuntu.com/ubuntu/pool/main/u/ubufox/ubufox_0.9~rc2-0ubuntu0.9.04.2.dsc Size/MD5: 1400 237dc9c88c7c7601dadcc7a24e334e3e http://security.ubuntu.com/ubuntu/pool/main/u/ubufox/ubufox_0.9~rc2.orig.tar.gz Size/MD5: 71757 373c0046b00366698f5aec0fce77e579 http://security.ubuntu.com/ubuntu/pool/main/y/yelp/yelp_2.25.1-0ubuntu5.9.04.1.diff.gz Size/MD5: 1037578 33c8d6ed7e2f74ee51f9f912548db77e http://security.ubuntu.com/ubuntu/pool/main/y/yelp/yelp_2.25.1-0ubuntu5.9.04.1.dsc Size/MD5: 2049 a8c701cb048a35b4fefcfedf63b0a41a http://security.ubuntu.com/ubuntu/pool/main/y/yelp/yelp_2.25.1.orig.tar.gz Size/MD5: 1628219 96cbcb67a05fce704c8f36a67210c367 http://security.ubuntu.com/ubuntu/pool/universe/w/webfav/webfav_1.11-0ubuntu1.9.04.1.diff.gz Size/MD5: 2596 b8cad9da2ab1cb02698c6c8dfcd4d271 http://security.ubuntu.com/ubuntu/pool/universe/w/webfav/webfav_1.11-0ubuntu1.9.04.1.dsc Size/MD5: 1410 e4501e5af8e22123f9f1f8ab1b34667b http://security.ubuntu.com/ubuntu/pool/universe/w/webfav/webfav_1.11.orig.tar.gz Size/MD5: 37033 f83dddf0fc7312a43fb72da1309d3df9 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant-doc_1.7.1-0ubuntu2.2_all.deb Size/MD5: 3200484 0e608ee5e74b6abf5f6e616211d3de03 http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant-optional_1.7.1-0ubuntu2.2_all.deb Size/MD5: 676190 dd4514a952ac6cfa5859ebbb7a024bd9 http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant_1.7.1-0ubuntu2.2_all.deb Size/MD5: 1300714 d1ded1ecd944bcf4a7b37286ff9713dc http://security.ubuntu.com/ubuntu/pool/main/a/apturl/apturl_0.3.3ubuntu1.2_all.deb Size/MD5: 18580 01c802bd5aefef4c053e5a0303c9d8ee http://security.ubuntu.com/ubuntu/pool/main/e/epiphany-browser/epiphany-browser-data_2.26.1-0ubuntu1.9.04.1_all.deb Size/MD5: 3600516 14892f22e2656f05ec498102cbc6b529 http://security.ubuntu.com/ubuntu/pool/main/e/epiphany-browser/epiphany-browser-dev_2.26.1-0ubuntu1.9.04.1_all.deb Size/MD5: 84512 a1824777ad4c696982e7978f64a2b8ca http://security.ubuntu.com/ubuntu/pool/main/e/epiphany-browser/epiphany-browser_2.26.1-0ubuntu1.9.04.1_all.deb Size/MD5: 19244 93a759c2df991b79d5323917b49092d7 http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gnome2-extras-dev_2.19.1-0ubuntu14.9.04.1_all.deb Size/MD5: 44578 8726b9642d7db066c16b819ff2ccea2e http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gnome2-extras-doc_2.19.1-0ubuntu14.9.04.1_all.deb Size/MD5: 29032 95eee1cddc2b464ac9a9ffe8814cd881 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-doc_6b18-1.8-4ubuntu3~9.04.2_all.deb Size/MD5: 19756486 9f2e9ec10f5b379540122a88f4513381 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-lib_6b18-1.8-4ubuntu3~9.04.2_all.deb Size/MD5: 5804516 4630015b9b93179333da403230d60c7c http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-source_6b18-1.8-4ubuntu3~9.04.2_all.deb Size/MD5: 26750764 2c7eaa4c0556ef882018bbb9ab4d05e5 http://security.ubuntu.com/ubuntu/pool/main/p/packagekit/python-packagekit_0.3.14-0ubuntu5.9.04.1_all.deb Size/MD5: 69642 4cd0e893f855da91b66890536232b11a http://security.ubuntu.com/ubuntu/pool/main/u/ubufox/ubufox_0.9~rc2-0ubuntu0.9.04.2_all.deb Size/MD5: 58252 5415ff6c60a3a61290d9e62fd8e0cfab http://security.ubuntu.com/ubuntu/pool/universe/w/webfav/webfav_1.11-0ubuntu1.9.04.1_all.deb Size/MD5: 16726 6707b7a6bd86467bd353721c51c383bd amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant-gcj_1.7.1-0ubuntu2.2_amd64.deb Size/MD5: 1605060 d9b2c34bc84a75e3ffdd9904b9817cd6 http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant-optional-gcj_1.7.1-0ubuntu2.2_amd64.deb Size/MD5: 857800 93bd3fd0fc424249dc211ad1e9f8fdd5 http://security.ubuntu.com/ubuntu/pool/main/e/epiphany-browser/epiphany-browser-dbg_2.26.1-0ubuntu1.9.04.1_amd64.deb Size/MD5: 1937372 8004f8ed798613bdf32a270dfcdd8615 http://security.ubuntu.com/ubuntu/pool/main/e/epiphany-browser/epiphany-gecko_2.26.1-0ubuntu1.9.04.1_amd64.deb Size/MD5: 548104 e3b425149fa15eed5c3d9f1e937474a6 http://security.ubuntu.com/ubuntu/pool/main/g/gluezilla/libgluezilla_2.0-1ubuntu1.9.04.1_amd64.deb Size/MD5: 63000 e5ad841f473745665373f0689268ef4b http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gnome2-extras-dbg_2.19.1-0ubuntu14.9.04.1_amd64.deb Size/MD5: 1102072 dff5f1bb29d2b2f8e88e526f8e205592 http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gnome2-extras_2.19.1-0ubuntu14.9.04.1_amd64.deb Size/MD5: 375304 b7589c8855410d7350bbc30baccdca43 http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gtkhtml2-dbg_2.19.1-0ubuntu14.9.04.1_amd64.deb Size/MD5: 77906 a1d5ce5827e3923badd2e7afeb98cf1c http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gtkhtml2_2.19.1-0ubuntu14.9.04.1_amd64.deb Size/MD5: 28708 ff7a911ce620ce02f0d38c5065d95e12 http://security.ubuntu.com/ubuntu/pool/main/l/liferea/liferea-dbg_1.4.26-0ubuntu1.9.04.1_amd64.deb Size/MD5: 650462 d44ba92307b90d6bdd81121e11510897 http://security.ubuntu.com/ubuntu/pool/main/l/liferea/liferea_1.4.26-0ubuntu1.9.04.1_amd64.deb Size/MD5: 835784 c01c8b665d958ea8dafacd0e4a459779 http://security.ubuntu.com/ubuntu/pool/main/m/mozvoikko/mozvoikko_0.9.5-1ubuntu2.9.04.1_amd64.deb Size/MD5: 27594 25e65b64a59a6f3a09596c089f406a48 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b18-1.8-4ubuntu3~9.04.2_amd64.deb Size/MD5: 372296 67e5bcdc11ac0b03866e504d99f9a6af http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea6-plugin_6b18-1.8-4ubuntu3~9.04.2_amd64.deb Size/MD5: 84118 10628bc453befea0834b99d09ad004fb http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-dbg_6b18-1.8-4ubuntu3~9.04.2_amd64.deb Size/MD5: 91711778 c3891caf86891bc64f9b17fea5d0901f http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-demo_6b18-1.8-4ubuntu3~9.04.2_amd64.deb Size/MD5: 2360734 96bdb6f8858f2d39b614145136d8d33f http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jdk_6b18-1.8-4ubuntu3~9.04.2_amd64.deb Size/MD5: 11027386 d7cba1612242a1868852c463a59817db http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b18-1.8-4ubuntu3~9.04.2_amd64.deb Size/MD5: 25448718 0f2a95ca3a07df7b4ba1a460f33ca998 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre_6b18-1.8-4ubuntu3~9.04.2_amd64.deb Size/MD5: 269048 09d644f83fb91031b0362ebe854a1fd9 http://security.ubuntu.com/ubuntu/pool/main/p/packagekit/libpackagekit-glib-dev_0.3.14-0ubuntu5.9.04.1_amd64.deb Size/MD5: 311168 36e2339a9dfa8f54de7f5c8278ae49c8 http://security.ubuntu.com/ubuntu/pool/main/p/packagekit/libpackagekit-glib11_0.3.14-0ubuntu5.9.04.1_amd64.deb Size/MD5: 111658 81002db1acee7b9b9b47d954f4aed270 http://security.ubuntu.com/ubuntu/pool/main/p/packagekit/libpackagekit-qt-dev_0.3.14-0ubuntu5.9.04.1_amd64.deb Size/MD5: 11698 d3a88d29394d6b5304c07f04d6083348 http://security.ubuntu.com/ubuntu/pool/main/p/packagekit/libpackagekit-qt11_0.3.14-0ubuntu5.9.04.1_amd64.deb Size/MD5: 125586 984f309c2eed0a014b90d0e7268e9a62 http://security.ubuntu.com/ubuntu/pool/main/p/packagekit/packagekit-backend-apt_0.3.14-0ubuntu5.9.04.1_amd64.deb Size/MD5: 72306 905e6ace6c7268975f94678571aba02b http://security.ubuntu.com/ubuntu/pool/main/p/packagekit/packagekit_0.3.14-0ubuntu5.9.04.1_amd64.deb Size/MD5: 147098 bbdc9ef2f595028f6118dd3b9e069603 http://security.ubuntu.com/ubuntu/pool/main/y/yelp/yelp_2.25.1-0ubuntu5.9.04.1_amd64.deb Size/MD5: 381156 419e69eacf9feef361821da5c6f9c4c4 http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b18-1.8-4ubuntu3~9.04.2_amd64.deb Size/MD5: 2083486 6b2d9c29a4d5d8a2003170c2ca8f10df http://security.ubuntu.com/ubuntu/pool/universe/p/packagekit/gstreamer0.10-packagekit_0.3.14-0ubuntu5.9.04.1_amd64.deb Size/MD5: 47172 aa7a8cd653962ff7f131b07f4c32c899 http://security.ubuntu.com/ubuntu/pool/universe/p/packagekit/mozilla-packagekit_0.3.14-0ubuntu5.9.04.1_amd64.deb Size/MD5: 23728 379dd04e059688e11fe8c43f47761ba3 http://security.ubuntu.com/ubuntu/pool/universe/p/packagekit/packagekit-backend-smart_0.3.14-0ubuntu5.9.04.1_amd64.deb Size/MD5: 55414 71c2f053d5e6d08f65e6e5f0d1e39a4f http://security.ubuntu.com/ubuntu/pool/universe/p/packagekit/packagekit-backend-yum_0.3.14-0ubuntu5.9.04.1_amd64.deb Size/MD5: 70448 cd9008b345b38696c2c556614fdbdd57 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant-gcj_1.7.1-0ubuntu2.2_i386.deb Size/MD5: 1205810 8ae37dd3bea686753385b351a6ceb7fb http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant-optional-gcj_1.7.1-0ubuntu2.2_i386.deb Size/MD5: 660008 858711d138091f8836193d16420f68ab http://security.ubuntu.com/ubuntu/pool/main/e/epiphany-browser/epiphany-browser-dbg_2.26.1-0ubuntu1.9.04.1_i386.deb Size/MD5: 1857576 3c46bb79531013d0d3e8c7a19b71f8a2 http://security.ubuntu.com/ubuntu/pool/main/e/epiphany-browser/epiphany-gecko_2.26.1-0ubuntu1.9.04.1_i386.deb Size/MD5: 516908 6c2a349af075f296e81041f032ff71d1 http://security.ubuntu.com/ubuntu/pool/main/g/gluezilla/libgluezilla_2.0-1ubuntu1.9.04.1_i386.deb Size/MD5: 59554 4d72b9f5b7202ae91da475e23efd1d60 http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gnome2-extras-dbg_2.19.1-0ubuntu14.9.04.1_i386.deb Size/MD5: 971122 bc4b643688472f068523496bebf20aac http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gnome2-extras_2.19.1-0ubuntu14.9.04.1_i386.deb Size/MD5: 314892 0a2758584d56ac1c69885f9f0dfbeed2 http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gtkhtml2-dbg_2.19.1-0ubuntu14.9.04.1_i386.deb Size/MD5: 74246 d3f8429bba337d59d78354f73a7aed67 http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gtkhtml2_2.19.1-0ubuntu14.9.04.1_i386.deb Size/MD5: 27446 c23c0ff1baaf7ec36d8c5a6a935ff7bf http://security.ubuntu.com/ubuntu/pool/main/l/liferea/liferea-dbg_1.4.26-0ubuntu1.9.04.1_i386.deb Size/MD5: 631040 490c0abe27e215d7c86c3d8720fa97af http://security.ubuntu.com/ubuntu/pool/main/l/liferea/liferea_1.4.26-0ubuntu1.9.04.1_i386.deb Size/MD5: 795254 0d05fd9e79a5456d71dca4f50ddf47d2 http://security.ubuntu.com/ubuntu/pool/main/m/mozvoikko/mozvoikko_0.9.5-1ubuntu2.9.04.1_i386.deb Size/MD5: 23592 a566cf4b4e8ac5604f2e33cd1c106447 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b18-1.8-4ubuntu3~9.04.2_i386.deb Size/MD5: 345280 b7552497d360f196ed1ed18ade617cdc http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea6-plugin_6b18-1.8-4ubuntu3~9.04.2_i386.deb Size/MD5: 78406 544a3bb67c8b6735c1ebff746da4b58c http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-dbg_6b18-1.8-4ubuntu3~9.04.2_i386.deb Size/MD5: 156766248 3d45e9af9de8281ad11f27c6d50280f1 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-demo_6b18-1.8-4ubuntu3~9.04.2_i386.deb Size/MD5: 2342374 a92aa37c9bddd0698155afa31ff9338f http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jdk_6b18-1.8-4ubuntu3~9.04.2_i386.deb Size/MD5: 11041638 6d85cd4b7f0fa6781f5be04697ca269f http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b18-1.8-4ubuntu3~9.04.2_i386.deb Size/MD5: 27130440 6719700614381b777632cb41dfe04c0d http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre_6b18-1.8-4ubuntu3~9.04.2_i386.deb Size/MD5: 256288 1c3f73f3f126d1777d2eab35386f49e7 http://security.ubuntu.com/ubuntu/pool/main/p/packagekit/libpackagekit-glib-dev_0.3.14-0ubuntu5.9.04.1_i386.deb Size/MD5: 311148 7a774289162337552ce9957e8347448d http://security.ubuntu.com/ubuntu/pool/main/p/packagekit/libpackagekit-glib11_0.3.14-0ubuntu5.9.04.1_i386.deb Size/MD5: 101370 55b9f0f483ad041ef2bccd46981e389d http://security.ubuntu.com/ubuntu/pool/main/p/packagekit/libpackagekit-qt-dev_0.3.14-0ubuntu5.9.04.1_i386.deb Size/MD5: 11692 a106aeb67ca2be0a0bcfda1a6ef6621d http://security.ubuntu.com/ubuntu/pool/main/p/packagekit/libpackagekit-qt11_0.3.14-0ubuntu5.9.04.1_i386.deb Size/MD5: 125236 3978391622ae32666205eab7380e792d http://security.ubuntu.com/ubuntu/pool/main/p/packagekit/packagekit-backend-apt_0.3.14-0ubuntu5.9.04.1_i386.deb Size/MD5: 31434 b0e5338e62ef01dc3015ca4c64c34291 http://security.ubuntu.com/ubuntu/pool/main/p/packagekit/packagekit_0.3.14-0ubuntu5.9.04.1_i386.deb Size/MD5: 131718 467cb036dc9af60572250fc81bbced6f http://security.ubuntu.com/ubuntu/pool/main/y/yelp/yelp_2.25.1-0ubuntu5.9.04.1_i386.deb Size/MD5: 367906 c5264dab08c901d661b6f3338b6e0c2e http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b18-1.8-4ubuntu3~9.04.2_i386.deb Size/MD5: 1786240 dc77d76e53c915d205bb29b6962f6320 http://security.ubuntu.com/ubuntu/pool/universe/p/packagekit/gstreamer0.10-packagekit_0.3.14-0ubuntu5.9.04.1_i386.deb Size/MD5: 46878 15cb9cc230295963b1b1aa56e1bb2dd9 http://security.ubuntu.com/ubuntu/pool/universe/p/packagekit/mozilla-packagekit_0.3.14-0ubuntu5.9.04.1_i386.deb Size/MD5: 23670 a2bacc0eb82a892abfb3a6b30d00c74f http://security.ubuntu.com/ubuntu/pool/universe/p/packagekit/packagekit-backend-smart_0.3.14-0ubuntu5.9.04.1_i386.deb Size/MD5: 14678 033f2d33c87735e92afe61738f7a9ad2 http://security.ubuntu.com/ubuntu/pool/universe/p/packagekit/packagekit-backend-yum_0.3.14-0ubuntu5.9.04.1_i386.deb Size/MD5: 29326 0274bfb7b32dd034f1ea58716b8fcf83 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/a/ant/ant-gcj_1.7.1-0ubuntu2.2_lpia.deb Size/MD5: 1315204 b569c0987dfab6057c0f45dd2a478800 http://ports.ubuntu.com/pool/main/a/ant/ant-optional-gcj_1.7.1-0ubuntu2.2_lpia.deb Size/MD5: 709272 e78161c850bac0413252840bcf606c8c http://ports.ubuntu.com/pool/main/e/epiphany-browser/epiphany-browser-dbg_2.26.1-0ubuntu1.9.04.1_lpia.deb Size/MD5: 1877114 a01644de8daf478101b75b8a55ff3bb4 http://ports.ubuntu.com/pool/main/e/epiphany-browser/epiphany-gecko_2.26.1-0ubuntu1.9.04.1_lpia.deb Size/MD5: 509920 bde999bd1c1d486eaae910d45d8f6638 http://ports.ubuntu.com/pool/main/g/gluezilla/libgluezilla_2.0-1ubuntu1.9.04.1_lpia.deb Size/MD5: 59238 34060ade707e0b697b29c9b221b498b3 http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gnome2-extras-dbg_2.19.1-0ubuntu14.9.04.1_lpia.deb Size/MD5: 969704 73ea46850f1a91f21902bcd7e6ba46ac http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gnome2-extras_2.19.1-0ubuntu14.9.04.1_lpia.deb Size/MD5: 309146 ce5298651971071c97409bc5abd80313 http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gtkhtml2-dbg_2.19.1-0ubuntu14.9.04.1_lpia.deb Size/MD5: 74396 9975d07e88002a8f4cfcdcbc8152843d http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gtkhtml2_2.19.1-0ubuntu14.9.04.1_lpia.deb Size/MD5: 27398 7a7fa16f5c3ddf4021af4f88be040715 http://ports.ubuntu.com/pool/main/l/liferea/liferea-dbg_1.4.26-0ubuntu1.9.04.1_lpia.deb Size/MD5: 640678 0b9c68d4fc3e8fc3470f833b535fa950 http://ports.ubuntu.com/pool/main/l/liferea/liferea_1.4.26-0ubuntu1.9.04.1_lpia.deb Size/MD5: 792902 2a8390f39bbf5e75e720e82714c01cda http://ports.ubuntu.com/pool/main/m/mozvoikko/mozvoikko_0.9.5-1ubuntu2.9.04.1_lpia.deb Size/MD5: 22996 884987eab3a036f1d7fbac0b8556be02 http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b18-1.8-4ubuntu3~9.04.2_lpia.deb Size/MD5: 344914 98f70ae8ae77c0d1dcbab49a5bcccbd0 http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b18-1.8-4ubuntu3~9.04.2_lpia.deb Size/MD5: 80536 f76a0a9bb0a33c659c7e0f69ce545f20 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b18-1.8-4ubuntu3~9.04.2_lpia.deb Size/MD5: 156955182 d34094613340dbef8c11f9676fac45a2 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b18-1.8-4ubuntu3~9.04.2_lpia.deb Size/MD5: 2338362 dc78601f8e9cb22085bdf38266cfce38 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b18-1.8-4ubuntu3~9.04.2_lpia.deb Size/MD5: 11037420 9493cb2707da3b10aef4d186c9b325a8 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b18-1.8-4ubuntu3~9.04.2_lpia.deb Size/MD5: 27155892 deb47f466b603d4340d30aea8d54e87a http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b18-1.8-4ubuntu3~9.04.2_lpia.deb Size/MD5: 252104 050178465799ccfea475b688e142fbb2 http://ports.ubuntu.com/pool/main/p/packagekit/libpackagekit-glib-dev_0.3.14-0ubuntu5.9.04.1_lpia.deb Size/MD5: 311170 0fcef3954814cdce9be74c5a047d44a0 http://ports.ubuntu.com/pool/main/p/packagekit/libpackagekit-glib11_0.3.14-0ubuntu5.9.04.1_lpia.deb Size/MD5: 99620 14e226303cc9a66d2be7ec2b6858e0c2 http://ports.ubuntu.com/pool/main/p/packagekit/libpackagekit-qt-dev_0.3.14-0ubuntu5.9.04.1_lpia.deb Size/MD5: 11692 5852af80cb4f744bb40258c003db4aa0 http://ports.ubuntu.com/pool/main/p/packagekit/libpackagekit-qt11_0.3.14-0ubuntu5.9.04.1_lpia.deb Size/MD5: 125530 c6f00c00f1ee226e099eed9b37a02e18 http://ports.ubuntu.com/pool/main/p/packagekit/packagekit-backend-apt_0.3.14-0ubuntu5.9.04.1_lpia.deb Size/MD5: 71764 710e850cd4ded08e4a05cad80c9fbd32 http://ports.ubuntu.com/pool/main/p/packagekit/packagekit_0.3.14-0ubuntu5.9.04.1_lpia.deb Size/MD5: 129354 e46ea696ca6d4d1f7fb4adb683d6dd89 http://ports.ubuntu.com/pool/main/y/yelp/yelp_2.25.1-0ubuntu5.9.04.1_lpia.deb Size/MD5: 368642 1afae565bb46c3fc5c7eed2772d48969 http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b18-1.8-4ubuntu3~9.04.2_lpia.deb Size/MD5: 1770592 4aa6f032e4ac4b1021bd14f160d41343 http://ports.ubuntu.com/pool/universe/p/packagekit/gstreamer0.10-packagekit_0.3.14-0ubuntu5.9.04.1_lpia.deb Size/MD5: 46846 6649db97694e4dbe6aa1b740978fbcbe http://ports.ubuntu.com/pool/universe/p/packagekit/mozilla-packagekit_0.3.14-0ubuntu5.9.04.1_lpia.deb Size/MD5: 23632 1e9d2e23dab855a6d9f18684f89ca7bb http://ports.ubuntu.com/pool/universe/p/packagekit/packagekit-backend-smart_0.3.14-0ubuntu5.9.04.1_lpia.deb Size/MD5: 54572 9e87c6182c9da5404a62470cf8fe9f9f http://ports.ubuntu.com/pool/universe/p/packagekit/packagekit-backend-yum_0.3.14-0ubuntu5.9.04.1_lpia.deb Size/MD5: 69594 da5450bd742b532486e6989128791f61 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/a/ant/ant-gcj_1.7.1-0ubuntu2.2_powerpc.deb Size/MD5: 1508674 ec1bedfcc7a0499e88c6ebe8b65d76f2 http://ports.ubuntu.com/pool/main/a/ant/ant-optional-gcj_1.7.1-0ubuntu2.2_powerpc.deb Size/MD5: 835006 6a8785db2083b93377f5d707a7f0ac64 http://ports.ubuntu.com/pool/main/e/epiphany-browser/epiphany-browser-dbg_2.26.1-0ubuntu1.9.04.1_powerpc.deb Size/MD5: 1918996 3b7084af953869c5fd5da0e515e6c7fd http://ports.ubuntu.com/pool/main/e/epiphany-browser/epiphany-gecko_2.26.1-0ubuntu1.9.04.1_powerpc.deb Size/MD5: 535536 3b191bc795f3b985c9ac7dca43cc0c6b http://ports.ubuntu.com/pool/main/g/gluezilla/libgluezilla_2.0-1ubuntu1.9.04.1_powerpc.deb Size/MD5: 67460 eebcf90c5094b823ca623139064e5448 http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gnome2-extras-dbg_2.19.1-0ubuntu14.9.04.1_powerpc.deb Size/MD5: 1050600 4ff9ee99d1997d1e34cbc1a891196441 http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gnome2-extras_2.19.1-0ubuntu14.9.04.1_powerpc.deb Size/MD5: 354778 5d118d021fc3fa800ec9a980267c7efb http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gtkhtml2-dbg_2.19.1-0ubuntu14.9.04.1_powerpc.deb Size/MD5: 78058 2181fec9308043a252ae71b221935825 http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gtkhtml2_2.19.1-0ubuntu14.9.04.1_powerpc.deb Size/MD5: 28140 33c458eda3e811a65d00ea3f63e9e486 http://ports.ubuntu.com/pool/main/l/liferea/liferea-dbg_1.4.26-0ubuntu1.9.04.1_powerpc.deb Size/MD5: 644440 49603731c95e39d4b7142fadf768ffb2 http://ports.ubuntu.com/pool/main/l/liferea/liferea_1.4.26-0ubuntu1.9.04.1_powerpc.deb Size/MD5: 826164 c63d1a985774e51cb0e3aaeebee920d2 http://ports.ubuntu.com/pool/main/m/mozvoikko/mozvoikko_0.9.5-1ubuntu2.9.04.1_powerpc.deb Size/MD5: 28900 c700283728705976f1037974f6637085 http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b18-1.8-4ubuntu3~9.04.2_powerpc.deb Size/MD5: 362164 4446f5d719b538e7b1968c49e97b2ff1 http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b18-1.8-4ubuntu3~9.04.2_powerpc.deb Size/MD5: 86098 68249f07dc99a1ca48c03bd2ecbd1e1e http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b18-1.8-4ubuntu3~9.04.2_powerpc.deb Size/MD5: 42095672 125386f9272e336f9bb566dab5dbe250 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b18-1.8-4ubuntu3~9.04.2_powerpc.deb Size/MD5: 2405786 2ef97b9d1a982cdb670c418251e1b576 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b18-1.8-4ubuntu3~9.04.2_powerpc.deb Size/MD5: 8988872 348556d07c8a2c6220671a310754055c http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b18-1.8-4ubuntu3~9.04.2_powerpc.deb Size/MD5: 23851410 6eaf478d9b51f56e8675b869f21b2608 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b18-1.8-4ubuntu3~9.04.2_powerpc.deb Size/MD5: 285380 f9781831042943455e1271420e8df10e http://ports.ubuntu.com/pool/main/p/packagekit/libpackagekit-glib-dev_0.3.14-0ubuntu5.9.04.1_powerpc.deb Size/MD5: 311178 4b3d47dd8cf447df6032d7afd7be609f http://ports.ubuntu.com/pool/main/p/packagekit/libpackagekit-glib11_0.3.14-0ubuntu5.9.04.1_powerpc.deb Size/MD5: 109484 933514d0d4749b22f9f0552368616758 http://ports.ubuntu.com/pool/main/p/packagekit/libpackagekit-qt-dev_0.3.14-0ubuntu5.9.04.1_powerpc.deb Size/MD5: 11704 2b4e34d9c57baafc81719c0f0a178eee http://ports.ubuntu.com/pool/main/p/packagekit/libpackagekit-qt11_0.3.14-0ubuntu5.9.04.1_powerpc.deb Size/MD5: 130720 ad4fa336bba332faa97ac7c351f28663 http://ports.ubuntu.com/pool/main/p/packagekit/packagekit-backend-apt_0.3.14-0ubuntu5.9.04.1_powerpc.deb Size/MD5: 74248 be41b52c4d3fbacc2e6d69922a4e0d84 http://ports.ubuntu.com/pool/main/p/packagekit/packagekit_0.3.14-0ubuntu5.9.04.1_powerpc.deb Size/MD5: 148026 55cec2198c3d423ef9eb89ba1ef4f9e4 http://ports.ubuntu.com/pool/main/y/yelp/yelp_2.25.1-0ubuntu5.9.04.1_powerpc.deb Size/MD5: 377728 8454f645426828a2dee95420feae1370 http://ports.ubuntu.com/pool/universe/p/packagekit/gstreamer0.10-packagekit_0.3.14-0ubuntu5.9.04.1_powerpc.deb Size/MD5: 49296 6076591d57d524a3b649dc82b551ec90 http://ports.ubuntu.com/pool/universe/p/packagekit/mozilla-packagekit_0.3.14-0ubuntu5.9.04.1_powerpc.deb Size/MD5: 26690 a7abbe306c972647d6c4950df7990047 http://ports.ubuntu.com/pool/universe/p/packagekit/packagekit-backend-smart_0.3.14-0ubuntu5.9.04.1_powerpc.deb Size/MD5: 57394 062affd89984775782318479bc6d842c http://ports.ubuntu.com/pool/universe/p/packagekit/packagekit-backend-yum_0.3.14-0ubuntu5.9.04.1_powerpc.deb Size/MD5: 72452 947ece556889b4ad8a9c89510808daca sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/a/ant/ant-gcj_1.7.1-0ubuntu2.2_sparc.deb Size/MD5: 1416368 e4f42dee58fd683d9ca90f9cfa4ccfc6 http://ports.ubuntu.com/pool/main/a/ant/ant-optional-gcj_1.7.1-0ubuntu2.2_sparc.deb Size/MD5: 753840 ec2801f766a6a00b7d46307253937d02 http://ports.ubuntu.com/pool/main/e/epiphany-browser/epiphany-browser-dbg_2.26.1-0ubuntu1.9.04.1_sparc.deb Size/MD5: 1813338 04052ea9be254b6ebba98c1928dcee92 http://ports.ubuntu.com/pool/main/e/epiphany-browser/epiphany-gecko_2.26.1-0ubuntu1.9.04.1_sparc.deb Size/MD5: 508818 3354ff88533f317aa30ec32516e7496c http://ports.ubuntu.com/pool/main/g/gluezilla/libgluezilla_2.0-1ubuntu1.9.04.1_sparc.deb Size/MD5: 59408 f69cb01c7be6a46756a80c0ea720b4bb http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gnome2-extras-dbg_2.19.1-0ubuntu14.9.04.1_sparc.deb Size/MD5: 969266 db95f7a26dc50ae1a5102a42abc153a5 http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gnome2-extras_2.19.1-0ubuntu14.9.04.1_sparc.deb Size/MD5: 328182 5924d575bcc4640a80717991e3fdec95 http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gtkhtml2-dbg_2.19.1-0ubuntu14.9.04.1_sparc.deb Size/MD5: 73710 85ed40d8e81fb0ce51038d5392d18d86 http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gtkhtml2_2.19.1-0ubuntu14.9.04.1_sparc.deb Size/MD5: 27562 4f109254256e411583108e2c9ea59e62 http://ports.ubuntu.com/pool/main/l/liferea/liferea-dbg_1.4.26-0ubuntu1.9.04.1_sparc.deb Size/MD5: 608996 f0563a1abd2b337738b0a7e60f4b867d http://ports.ubuntu.com/pool/main/l/liferea/liferea_1.4.26-0ubuntu1.9.04.1_sparc.deb Size/MD5: 806204 af00879d22e60eba41b014f99cab61fa http://ports.ubuntu.com/pool/main/m/mozvoikko/mozvoikko_0.9.5-1ubuntu2.9.04.1_sparc.deb Size/MD5: 23442 592e7ac4e1eed653f6f227dbb8ed33cb http://ports.ubuntu.com/pool/main/p/packagekit/libpackagekit-glib-dev_0.3.14-0ubuntu5.9.04.1_sparc.deb Size/MD5: 311170 104c05caf3a537262d2679de3ea54cf1 http://ports.ubuntu.com/pool/main/p/packagekit/libpackagekit-glib11_0.3.14-0ubuntu5.9.04.1_sparc.deb Size/MD5: 104230 218cd1ad3ee8fc665c2d62dd77eb11ec http://ports.ubuntu.com/pool/main/p/packagekit/libpackagekit-qt-dev_0.3.14-0ubuntu5.9.04.1_sparc.deb Size/MD5: 11698 12746bd6b19d006c8209ee156c8d00de http://ports.ubuntu.com/pool/main/p/packagekit/libpackagekit-qt11_0.3.14-0ubuntu5.9.04.1_sparc.deb Size/MD5: 134794 9776eb6d68c90dbcc7e63886eff02a6f http://ports.ubuntu.com/pool/main/p/packagekit/packagekit-backend-apt_0.3.14-0ubuntu5.9.04.1_sparc.deb Size/MD5: 71818 b158a9bc7028d46912d5df30ff8f981c http://ports.ubuntu.com/pool/main/p/packagekit/packagekit_0.3.14-0ubuntu5.9.04.1_sparc.deb Size/MD5: 133202 1ccb53c1d2c7c799457d68ac474256e9 http://ports.ubuntu.com/pool/main/y/yelp/yelp_2.25.1-0ubuntu5.9.04.1_sparc.deb Size/MD5: 370258 de9f8575b1dd6ffa84c09d4aec11d132 http://ports.ubuntu.com/pool/universe/p/packagekit/gstreamer0.10-packagekit_0.3.14-0ubuntu5.9.04.1_sparc.deb Size/MD5: 47098 f65f6972e528695dd64b19e5c40abef0 http://ports.ubuntu.com/pool/universe/p/packagekit/mozilla-packagekit_0.3.14-0ubuntu5.9.04.1_sparc.deb Size/MD5: 23270 e2c1a894346c44a5146412c539f5ad45 http://ports.ubuntu.com/pool/universe/p/packagekit/packagekit-backend-smart_0.3.14-0ubuntu5.9.04.1_sparc.deb Size/MD5: 54870 da02ad4fb5dee259c9bbf7db688cf488 http://ports.ubuntu.com/pool/universe/p/packagekit/packagekit-backend-yum_0.3.14-0ubuntu5.9.04.1_sparc.deb Size/MD5: 69904 eb8b36416ea3e96511de1190908b3991 Updated packages for Ubuntu 9.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant_1.7.1-4ubuntu0.2.diff.gz Size/MD5: 32899 781ea28739330f04ecaa898ccf99342c http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant_1.7.1-4ubuntu0.2.dsc Size/MD5: 1988 41dfee4a1359b28919d48fa223ce37fc http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant_1.7.1.orig.tar.gz Size/MD5: 6596356 d56d29861563f9991088226341b4c520 http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/gnome-python-extras_2.25.3-3ubuntu1.9.10.1.diff.gz Size/MD5: 500181 6cd628d1294b3a35603c0197bb6d956f http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/gnome-python-extras_2.25.3-3ubuntu1.9.10.1.dsc Size/MD5: 2442 dc128a0b9f924ebcc37eff6c83f14595 http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/gnome-python-extras_2.25.3.orig.tar.gz Size/MD5: 521021 375782d50d42cb1704533ffc42acc5f9 http://security.ubuntu.com/ubuntu/pool/main/m/mozvoikko/mozvoikko_1.0-1ubuntu3.9.10.1.diff.gz Size/MD5: 3644 f15bc2c9c637cbe9f438914a121d7d87 http://security.ubuntu.com/ubuntu/pool/main/m/mozvoikko/mozvoikko_1.0-1ubuntu3.9.10.1.dsc Size/MD5: 1503 78a19a371ece332cfa45578142f7525f http://security.ubuntu.com/ubuntu/pool/main/m/mozvoikko/mozvoikko_1.0.orig.tar.gz Size/MD5: 25545 c1b607e54186ea208d95cd1cb79f9e33 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b18-1.8-4ubuntu3~9.10.2.diff.gz Size/MD5: 177476 2af778ee3295847d06d9789b6dc62423 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b18-1.8-4ubuntu3~9.10.2.dsc Size/MD5: 2706 5a7ddaf0c668d4944d0d37981cd8c396 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b18-1.8.orig.tar.gz Size/MD5: 68294481 39bd3323eb93c48ccd7517b4ebc2aeb2 http://security.ubuntu.com/ubuntu/pool/main/u/ubufox/ubufox_0.9~rc2-0ubuntu0.9.10.1.diff.gz Size/MD5: 7509 6d1e9692caa878eac7dbdbd8a49da643 http://security.ubuntu.com/ubuntu/pool/main/u/ubufox/ubufox_0.9~rc2-0ubuntu0.9.10.1.dsc Size/MD5: 1434 5ae7f507d871c6e5a9b42726e0365a5b http://security.ubuntu.com/ubuntu/pool/main/u/ubufox/ubufox_0.9~rc2.orig.tar.gz Size/MD5: 71757 373c0046b00366698f5aec0fce77e579 http://security.ubuntu.com/ubuntu/pool/main/w/webfav/webfav_1.16-0ubuntu1.9.10.1.diff.gz Size/MD5: 3535 7cec834e52f15e47bcd089d25873bc5c http://security.ubuntu.com/ubuntu/pool/main/w/webfav/webfav_1.16-0ubuntu1.9.10.1.dsc Size/MD5: 1416 7b480fc24a4081820a5d0cddc9ba9124 http://security.ubuntu.com/ubuntu/pool/main/w/webfav/webfav_1.16.orig.tar.gz Size/MD5: 36518 4f1e61bf5ff181e7b28db0c8dcabbbc7 http://security.ubuntu.com/ubuntu/pool/main/y/yelp/yelp_2.28.0-0ubuntu2.9.10.1.diff.gz Size/MD5: 1052779 0d76fc3c03e55bf851d66967b6f98aa4 http://security.ubuntu.com/ubuntu/pool/main/y/yelp/yelp_2.28.0-0ubuntu2.9.10.1.dsc Size/MD5: 1978 e452b4207e29e4c7492e4581a4fab886 http://security.ubuntu.com/ubuntu/pool/main/y/yelp/yelp_2.28.0.orig.tar.gz Size/MD5: 1753547 eb5227a45d294d85ac0048db66b78592 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant-doc_1.7.1-4ubuntu0.2_all.deb Size/MD5: 3192772 42d64ce663eb882816ab66f4444c370f http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant-optional_1.7.1-4ubuntu0.2_all.deb Size/MD5: 648422 a2865c1187143ee05e46d5b51fc2b1cf http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant_1.7.1-4ubuntu0.2_all.deb Size/MD5: 1299438 6202974ed688a7e6be6034716e69ec31 http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gnome2-extras-dev_2.25.3-3ubuntu1.9.10.1_all.deb Size/MD5: 40408 769253152e178061f264956a503bf136 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-doc_6b18-1.8-4ubuntu3~9.10.2_all.deb Size/MD5: 19756468 b6906c6d17344250ad6913945a1bd180 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-lib_6b18-1.8-4ubuntu3~9.10.2_all.deb Size/MD5: 5919476 da2c849eb5e27e8d21cbf73947cd23c0 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-source_6b18-1.8-4ubuntu3~9.10.2_all.deb Size/MD5: 26751628 37b6925180cea7c0b8fcae0110f36bbb http://security.ubuntu.com/ubuntu/pool/main/u/ubufox/ubufox_0.9~rc2-0ubuntu0.9.10.1_all.deb Size/MD5: 59114 2097aad2d192883e62011771354023ee http://security.ubuntu.com/ubuntu/pool/main/w/webfav/webfav_1.16-0ubuntu1.9.10.1_all.deb Size/MD5: 16902 4cb08ff50f50a5ce39655776559426a9 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant-gcj_1.7.1-4ubuntu0.2_amd64.deb Size/MD5: 1585984 88ded0f850f905c4292fba18fae004ae http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant-optional-gcj_1.7.1-4ubuntu0.2_amd64.deb Size/MD5: 853816 bef384ea231b1ba354a811f45dee6d4d http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-eggtrayicon_2.25.3-3ubuntu1.9.10.1_amd64.deb Size/MD5: 33352 cb080804e288988e23748375ad681441 http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gda_2.25.3-3ubuntu1.9.10.1_amd64.deb Size/MD5: 114524 a1ab2f1de487a0e3f4f4a42bd7dfe61b http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gdl_2.25.3-3ubuntu1.9.10.1_amd64.deb Size/MD5: 47502 0b8a7962d77af4d6f03065fa2e8de7bc http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gksu2_2.25.3-3ubuntu1.9.10.1_amd64.deb Size/MD5: 29992 416c78329aa4e75bf96123016277dabc http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gnome2-extras-dbg_2.25.3-3ubuntu1.9.10.1_amd64.deb Size/MD5: 998940 838bede19ec814a6d30e41266dbdbdda http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gnome2-extras_2.25.3-3ubuntu1.9.10.1_amd64.deb Size/MD5: 99750 1a47bddc5b424d59fda49a38335930fa http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gtkhtml2_2.25.3-3ubuntu1.9.10.1_amd64.deb Size/MD5: 30438 110958214676173f07bfc199b0425535 http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gtkmozembed_2.25.3-3ubuntu1.9.10.1_amd64.deb Size/MD5: 85316 e0ce366191779bc1c265a2378b15e654 http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gtkspell_2.25.3-3ubuntu1.9.10.1_amd64.deb Size/MD5: 30782 f7e319db5beb92bb9efba5000c711053 http://security.ubuntu.com/ubuntu/pool/main/m/mozvoikko/mozvoikko_1.0-1ubuntu3.9.10.1_amd64.deb Size/MD5: 26916 78e08c1deef9a074316ced00d1508bca http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b18-1.8-4ubuntu3~9.10.2_amd64.deb Size/MD5: 374794 5168465682545b463b5397fe6377cf2a http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea6-plugin_6b18-1.8-4ubuntu3~9.10.2_amd64.deb Size/MD5: 83594 d28167480a447b7b6220de26f3017681 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-dbg_6b18-1.8-4ubuntu3~9.10.2_amd64.deb Size/MD5: 104615818 f7133a7a9bba9606dc04c95d6c022d5a http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-demo_6b18-1.8-4ubuntu3~9.10.2_amd64.deb Size/MD5: 2362130 63debdfbc561c7d84ed69fe3e1d0fe0d http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jdk_6b18-1.8-4ubuntu3~9.10.2_amd64.deb Size/MD5: 11033614 1f22b53bce31e84ae14efdcc12b2629c http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b18-1.8-4ubuntu3~9.10.2_amd64.deb Size/MD5: 25533394 8b5093f9b2ff7804b5d61c323ebbf37e http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre_6b18-1.8-4ubuntu3~9.10.2_amd64.deb Size/MD5: 270706 228bc5ccf05b833368e73019bc0ae23a http://security.ubuntu.com/ubuntu/pool/main/y/yelp/yelp_2.28.0-0ubuntu2.9.10.1_amd64.deb Size/MD5: 423488 aa48da5ecfeed7a2f5ca19d8b521d947 http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b18-1.8-4ubuntu3~9.10.2_amd64.deb Size/MD5: 5421340 c5bf9a72d077e7be99b3fe6c42e6e24f i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant-gcj_1.7.1-4ubuntu0.2_i386.deb Size/MD5: 1220310 920fa8b8c3aab84d33b99a698a22f4bb http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant-optional-gcj_1.7.1-4ubuntu0.2_i386.deb Size/MD5: 669054 7c40c87eae4a5170c824c9b74927168a http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-eggtrayicon_2.25.3-3ubuntu1.9.10.1_i386.deb Size/MD5: 31368 89d00380fb2c4a34bb573cb3e6d52a11 http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gda_2.25.3-3ubuntu1.9.10.1_i386.deb Size/MD5: 97918 4a7f4551861cf7f16cc479a270336261 http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gdl_2.25.3-3ubuntu1.9.10.1_i386.deb Size/MD5: 35260 0f209a37719cb9fab707d88d3fafc60e http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gksu2_2.25.3-3ubuntu1.9.10.1_i386.deb Size/MD5: 28730 a84fbc860dcdfa5c94ca14e16bf036b5 http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gnome2-extras-dbg_2.25.3-3ubuntu1.9.10.1_i386.deb Size/MD5: 905122 19ee68ac0437e7e75645040f94711fbd http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gnome2-extras_2.25.3-3ubuntu1.9.10.1_i386.deb Size/MD5: 90930 4c001077e2ef31e6167cf555a112f61d http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gtkhtml2_2.25.3-3ubuntu1.9.10.1_i386.deb Size/MD5: 29240 4c7cf0b1793307b8fe85f8472968cf69 http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gtkmozembed_2.25.3-3ubuntu1.9.10.1_i386.deb Size/MD5: 75988 e7e4de1fdbe5c5914b2d1e321744d131 http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gtkspell_2.25.3-3ubuntu1.9.10.1_i386.deb Size/MD5: 30376 b944337258904b71c09527caf533013e http://security.ubuntu.com/ubuntu/pool/main/m/mozvoikko/mozvoikko_1.0-1ubuntu3.9.10.1_i386.deb Size/MD5: 23384 cf228ad75eef18e4874f994cffca4f24 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b18-1.8-4ubuntu3~9.10.2_i386.deb Size/MD5: 344366 736f295aa39849fa922c0d3f9500a380 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea6-plugin_6b18-1.8-4ubuntu3~9.10.2_i386.deb Size/MD5: 79168 607535ccda54e25805b4c39e45af0003 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-dbg_6b18-1.8-4ubuntu3~9.10.2_i386.deb Size/MD5: 168902490 c147d314691ee7119b3673d4d6407e7a http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-demo_6b18-1.8-4ubuntu3~9.10.2_i386.deb Size/MD5: 2348916 bf33d21a45b6840ae2520978ded75a82 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jdk_6b18-1.8-4ubuntu3~9.10.2_i386.deb Size/MD5: 11032574 bb50601baa590b503ec3e69f104031d3 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b18-1.8-4ubuntu3~9.10.2_i386.deb Size/MD5: 27255706 7ac49f902dd0d4f83a93218bb7b4b615 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre_6b18-1.8-4ubuntu3~9.10.2_i386.deb Size/MD5: 258520 dbd338bf15ea6e21c389260c44692b21 http://security.ubuntu.com/ubuntu/pool/main/y/yelp/yelp_2.28.0-0ubuntu2.9.10.1_i386.deb Size/MD5: 407016 36759f2e5fdbfe3b51c70a1d5025ec1a http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b18-1.8-4ubuntu3~9.10.2_i386.deb Size/MD5: 4927562 fe70633bb388eaed42455a0bdabcceae lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/a/ant/ant-gcj_1.7.1-4ubuntu0.2_lpia.deb Size/MD5: 1319784 8f820ffab9f7e68f15d3e110a7f3b59d http://ports.ubuntu.com/pool/main/a/ant/ant-optional-gcj_1.7.1-4ubuntu0.2_lpia.deb Size/MD5: 712428 4e81a44f2025448627f76c55a1d9e0b3 http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-eggtrayicon_2.25.3-3ubuntu1.9.10.1_lpia.deb Size/MD5: 31288 1a03614692d7651f00c6f38afcba55c5 http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gda_2.25.3-3ubuntu1.9.10.1_lpia.deb Size/MD5: 97204 6100d0a7fc4d95ba988b527b7aa69d84 http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gdl_2.25.3-3ubuntu1.9.10.1_lpia.deb Size/MD5: 35236 554b10b3efa2aa30e68ed12742061fdc http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gksu2_2.25.3-3ubuntu1.9.10.1_lpia.deb Size/MD5: 28692 23b2825bcdf6cf52c8caa942d8b03fb8 http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gnome2-extras-dbg_2.25.3-3ubuntu1.9.10.1_lpia.deb Size/MD5: 905488 d80c1852056202879e172ee44d3fcae5 http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gnome2-extras_2.25.3-3ubuntu1.9.10.1_lpia.deb Size/MD5: 90050 07c13a8862d5eff9bcce2b5e7b6327e1 http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gtkhtml2_2.25.3-3ubuntu1.9.10.1_lpia.deb Size/MD5: 29180 15e9d46dad9c5b1d44dca11386362c7e http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gtkmozembed_2.25.3-3ubuntu1.9.10.1_lpia.deb Size/MD5: 74930 4fa8a91ebba20d043ed069db548784ff http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gtkspell_2.25.3-3ubuntu1.9.10.1_lpia.deb Size/MD5: 30338 d5b939a14f1b35aba0c10eb8de3f5318 http://ports.ubuntu.com/pool/main/m/mozvoikko/mozvoikko_1.0-1ubuntu3.9.10.1_lpia.deb Size/MD5: 22996 fc6f8b9a56beca22923a83feb662e2e1 http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b18-1.8-4ubuntu3~9.10.2_lpia.deb Size/MD5: 345520 83ea03209e0da5b671426cb2dfcae582 http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b18-1.8-4ubuntu3~9.10.2_lpia.deb Size/MD5: 81826 fe6789887f43628f0acf27a9fb0b1d90 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b18-1.8-4ubuntu3~9.10.2_lpia.deb Size/MD5: 169069650 71edf280c7d8f92753ac878a6198a262 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b18-1.8-4ubuntu3~9.10.2_lpia.deb Size/MD5: 2346150 a0f66878ee5b99b06328225a6c7e4857 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b18-1.8-4ubuntu3~9.10.2_lpia.deb Size/MD5: 11032228 9e8c197d448a3601cbd0f433006a6977 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b18-1.8-4ubuntu3~9.10.2_lpia.deb Size/MD5: 27301100 fdc95ef77fa66c86f8a8156065ff4fd3 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b18-1.8-4ubuntu3~9.10.2_lpia.deb Size/MD5: 254680 d4d00cb220011a5cc5dd5bf4c6602650 http://ports.ubuntu.com/pool/main/y/yelp/yelp_2.28.0-0ubuntu2.9.10.1_lpia.deb Size/MD5: 409274 4a872bb89199fd254adf57ac91038259 http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b18-1.8-4ubuntu3~9.10.2_lpia.deb Size/MD5: 4918580 a6244ec9edd0a991a81278185ed95feb powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/a/ant/ant-gcj_1.7.1-4ubuntu0.2_powerpc.deb Size/MD5: 1451728 c8efc897b60c0d21edd56f367aab293a http://ports.ubuntu.com/pool/main/a/ant/ant-optional-gcj_1.7.1-4ubuntu0.2_powerpc.deb Size/MD5: 771622 9d30ee649536b688ebe430ac2faa3ed9 http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-eggtrayicon_2.25.3-3ubuntu1.9.10.1_powerpc.deb Size/MD5: 32598 6fac6c05aa0e697612df3b4b4c09443a http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gda_2.25.3-3ubuntu1.9.10.1_powerpc.deb Size/MD5: 101454 27f1de46517c90c7b1ce91929f14bd1e http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gdl_2.25.3-3ubuntu1.9.10.1_powerpc.deb Size/MD5: 44830 dd7b2b58fb397c3022b78e90f059f107 http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gksu2_2.25.3-3ubuntu1.9.10.1_powerpc.deb Size/MD5: 29264 0a779ac87cb2ebe3d65c796046359028 http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gnome2-extras-dbg_2.25.3-3ubuntu1.9.10.1_powerpc.deb Size/MD5: 975100 dec6da77e9dd3da2b35eda7f9033f0ef http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gnome2-extras_2.25.3-3ubuntu1.9.10.1_powerpc.deb Size/MD5: 96128 4bef52b15155fb2f67dee29b0247ad3d http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gtkhtml2_2.25.3-3ubuntu1.9.10.1_powerpc.deb Size/MD5: 29626 33ecb227caeed1f0c8220c00ae788378 http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gtkmozembed_2.25.3-3ubuntu1.9.10.1_powerpc.deb Size/MD5: 83692 be538f1ee272dbec47d2c2684db35706 http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gtkspell_2.25.3-3ubuntu1.9.10.1_powerpc.deb Size/MD5: 30672 2e4f704a12a6280d83e429827e7642ef http://ports.ubuntu.com/pool/main/m/mozvoikko/mozvoikko_1.0-1ubuntu3.9.10.1_powerpc.deb Size/MD5: 26218 b19670a90b8555ee333732d9f33d7d1f http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b18-1.8-4ubuntu3~9.10.2_powerpc.deb Size/MD5: 365180 761f6fe89de66ab97fc397ff4ce60e55 http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b18-1.8-4ubuntu3~9.10.2_powerpc.deb Size/MD5: 82876 425f5de4c422b0b994d14bb0c36655e7 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b18-1.8-4ubuntu3~9.10.2_powerpc.deb Size/MD5: 87516762 58827456ac0d74ae2a9c3ef595bc4d32 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b18-1.8-4ubuntu3~9.10.2_powerpc.deb Size/MD5: 2363736 f77715eab09dc66966fb63912185f685 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b18-1.8-4ubuntu3~9.10.2_powerpc.deb Size/MD5: 8983532 722c76c237989ebbce6d213f783304d0 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b18-1.8-4ubuntu3~9.10.2_powerpc.deb Size/MD5: 23881916 3e8db89ead674331e095fef53b9738c1 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b18-1.8-4ubuntu3~9.10.2_powerpc.deb Size/MD5: 277960 146f778d7133d70bc165e9f06a9f6432 http://ports.ubuntu.com/pool/main/y/yelp/yelp_2.28.0-0ubuntu2.9.10.1_powerpc.deb Size/MD5: 418746 faee625198b82c18879ee4cebff86785 http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b18-1.8-4ubuntu3~9.10.2_powerpc.deb Size/MD5: 4746778 d15041dabdc01ab49061d5619e27741f sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-eggtrayicon_2.25.3-3ubuntu1.9.10.1_sparc.deb Size/MD5: 31456 6bedf900297b83417dfb781ecfee439b http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gda_2.25.3-3ubuntu1.9.10.1_sparc.deb Size/MD5: 98678 76c5a2c332e7a94c134fcd524c8b7b0f http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gdl_2.25.3-3ubuntu1.9.10.1_sparc.deb Size/MD5: 43690 ddc439f576bd587ddf3fb3c963b1a1a7 http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gksu2_2.25.3-3ubuntu1.9.10.1_sparc.deb Size/MD5: 28742 7b1ab92ce8bd8bde6aead09fad76ac9f http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gnome2-extras-dbg_2.25.3-3ubuntu1.9.10.1_sparc.deb Size/MD5: 895002 518c97b6420dd24181dc62733c8be566 http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gnome2-extras_2.25.3-3ubuntu1.9.10.1_sparc.deb Size/MD5: 91458 cd308ae5a553f1ac0e8dbbc938674fb6 http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gtkhtml2_2.25.3-3ubuntu1.9.10.1_sparc.deb Size/MD5: 29246 0113fa2aee70eb071534102496c767ec http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gtkmozembed_2.25.3-3ubuntu1.9.10.1_sparc.deb Size/MD5: 79372 c1fe5782d50aa9d28c08751676c08dde http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gtkspell_2.25.3-3ubuntu1.9.10.1_sparc.deb Size/MD5: 30330 28f2493aabd6a424452da7250d90e531 http://ports.ubuntu.com/pool/main/m/mozvoikko/mozvoikko_1.0-1ubuntu3.9.10.1_sparc.deb Size/MD5: 23038 372be5d94bcd615985f892c67995d50a http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b18-1.8-4ubuntu3~9.10.2_sparc.deb Size/MD5: 79546 6754183e3f911e880475575b09312ee2 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b18-1.8-4ubuntu3~9.10.2_sparc.deb Size/MD5: 119561952 4ff6a5c642770dff316acee8d7c975d0 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b18-1.8-4ubuntu3~9.10.2_sparc.deb Size/MD5: 2363162 dc167f68c22fcb0d1a28e00d2b91d204 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b18-1.8-4ubuntu3~9.10.2_sparc.deb Size/MD5: 11030808 a48907bd49438dd66ae4c1c7114b188d http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b18-1.8-4ubuntu3~9.10.2_sparc.deb Size/MD5: 26984092 21f22002c2192133ec160d13acf4cc80 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b18-1.8-4ubuntu3~9.10.2_sparc.deb Size/MD5: 258840 0a4e98c9186f903d2222ffba6b164b79 http://ports.ubuntu.com/pool/main/y/yelp/yelp_2.28.0-0ubuntu2.9.10.1_sparc.deb Size/MD5: 410438 532da8dd9228b739cbe8637c589b4460 . ---------------------------------------------------------------------- "From 2007 to 2009 vulnerabilities in a typical end-user PC almost doubled from about 220 to 420." Non-Microsoft software to blame for increase in vulnerabilities affecting typical Windows end-users, read more: http://secunia.com/gfx/pdf/Secunia_Half_Year_Report_2010.pdf ---------------------------------------------------------------------- TITLE: Mozilla Thunderbird Multiple Vulnerabilities SECUNIA ADVISORY ID: SA40642 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/40642/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=40642 RELEASE DATE: 2010-07-22 DISCUSS ADVISORY: http://secunia.com/advisories/40642/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/40642/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=40642 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some weaknesses and vulnerabilities have been reported in Mozilla Thunderbird, which can be exploited by malicious people to disclose potentially sensitive information, potentially conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system. For more information: SA39925 SOLUTION: Update to Thunderbird 3.0.6 and 3.1.1. ORIGINAL ADVISORY: http://www.mozilla.org/security/announce/2010/mfsa2010-34.html http://www.mozilla.org/security/announce/2010/mfsa2010-38.html http://www.mozilla.org/security/announce/2010/mfsa2010-39.html http://www.mozilla.org/security/announce/2010/mfsa2010-40.html http://www.mozilla.org/security/announce/2010/mfsa2010-41.html http://www.mozilla.org/security/announce/2010/mfsa2010-42.html http://www.mozilla.org/security/announce/2010/mfsa2010-43.html http://www.mozilla.org/security/announce/2010/mfsa2010-44.html http://www.mozilla.org/security/announce/2010/mfsa2010-46.html http://www.mozilla.org/security/announce/2010/mfsa2010-47.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . CVE-2010-1208 "regenrecht" discovered that incorrect memory handling in DOM parsing could lead to the execution of arbitrary code. CVE-2010-1211 Jesse Ruderman, Ehsan Akhgari, Mats Palmgren, Igor Bukanov, Gary Kwong, Tobias Markus and Daniel Holbert discovered crashes in the layout engine, which might allow the execution of arbitrary code. CVE-2010-2751 Jordi Chancel discovered that the location could be spoofed to appear like a secured page. CVE-2010-2753 "regenrecht" discovered that incorrect memory handling in XUL parsing could lead to the execution of arbitrary code. CVE-2010-2754 Soroush Dalili discovered an information leak in script processing. For the stable distribution (lenny), these problems have been fixed in version 1.9.0.19-3. For the unstable distribution (sid), these problems have been fixed in version 1.9.1.11-1. For the experimental distribution, these problems have been fixed in version 1.9.2.7-1. We recommend that you upgrade your xulrunner packages. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 5.0 alias lenny - -------------------------------- Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19-3.diff.gz Size/MD5 checksum: 149955 e6ec4540373a8dfbea5c1e63f5b628b2 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19-3.dsc Size/MD5 checksum: 1755 59f9033377f2450ad114d9ee4367f9c7 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19.orig.tar.gz Size/MD5 checksum: 44174623 83667df1e46399960593fdd8832e958e Architecture independent packages: http://security.debian.org/pool/updates/main/x/xulrunner/libmozillainterfaces-java_1.9.0.19-3_all.deb Size/MD5 checksum: 1466246 a3b5c8b34df7e2077a5e3c5c0d911b85 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_alpha.deb Size/MD5 checksum: 165496 ad7c134eeadc1a2aa751c289052d32f1 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_alpha.deb Size/MD5 checksum: 433152 57f7a88c05eece5c0ea17517646267bb http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_alpha.deb Size/MD5 checksum: 72550 b581302383396b57f7e07aa4564245b3 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_alpha.deb Size/MD5 checksum: 51155444 37595efd28303ec3a88d294b58c1e7aa http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_alpha.deb Size/MD5 checksum: 9487312 452f2c3b26bb249711720ade76e77c3f http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_alpha.deb Size/MD5 checksum: 223422 9ce6e6f35412321405c27618a3550763 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_alpha.deb Size/MD5 checksum: 113478 f4946488381af317acb3bd27da3e372e http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_alpha.deb Size/MD5 checksum: 940250 abb2d020d4cce2e5547d17dd94323cee http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_alpha.deb Size/MD5 checksum: 3357434 a26b339fee481f1ae5494ee0983e3e75 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_amd64.deb Size/MD5 checksum: 50381710 4e6df9133e326ca7fe1d91adab87609b http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_amd64.deb Size/MD5 checksum: 3291324 01a75923a6b796c2e1f3c02e4584072f http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_amd64.deb Size/MD5 checksum: 152266 0a9e05d5e36920cf9cb6c9e39357679b http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_amd64.deb Size/MD5 checksum: 7735106 eedecb0183cd911bf7416be5f61cf88e http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_amd64.deb Size/MD5 checksum: 374604 7a71d4ce527727f43225fc1cdc6b3915 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_amd64.deb Size/MD5 checksum: 70226 f8860e988f030333c59f893582e17da0 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_amd64.deb Size/MD5 checksum: 890738 0db2e5b458ae1495dce575688a27ef2a http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_amd64.deb Size/MD5 checksum: 223326 1d128ae917c5dab4e977ffb018cb704c http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_amd64.deb Size/MD5 checksum: 101830 2bb9a62d6454d0b7ef6da98cc07b4013 arm architecture (ARM) http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_arm.deb Size/MD5 checksum: 140950 d9044d5f823661f4a1ef11c47971d6e2 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_arm.deb Size/MD5 checksum: 3584768 6ff8221347684a334d6f358d2c8f2dcc http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_arm.deb Size/MD5 checksum: 6802070 e489c87976c243d040f568a8e04a7466 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_arm.deb Size/MD5 checksum: 351056 dd61fc5b425e296ef00120b4cfbc5604 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_arm.deb Size/MD5 checksum: 68552 819703fc0550ee6473572ea3655ab1f5 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_arm.deb Size/MD5 checksum: 84224 f3915220a86a6a31e48b845d2af7f249 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_arm.deb Size/MD5 checksum: 222376 cb0563f3e5220ceb6f42b8e6471eb883 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_arm.deb Size/MD5 checksum: 49349776 4037a4ab7eeb964c24c95fbb905edbe6 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_arm.deb Size/MD5 checksum: 815334 c055e242c82b7643c67712602e4f3215 armel architecture (ARM EABI) http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_armel.deb Size/MD5 checksum: 822978 f8609edb961b6c71732c17575393644a http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_armel.deb Size/MD5 checksum: 6962470 fc143ac75279405ef99a3e045439adeb http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_armel.deb Size/MD5 checksum: 3583846 db81fc2e4c8a30fbaf0b176f6d7e77a5 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_armel.deb Size/MD5 checksum: 142446 016a6aa2efa9e49788c97bc925d90bbb http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_armel.deb Size/MD5 checksum: 353294 65f40d8a434c6b430685ef1a54246888 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_armel.deb Size/MD5 checksum: 50182030 97009b62c3d65b5e715f363d7a5a2e0c http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_armel.deb Size/MD5 checksum: 223380 30fd707dea85e43894c84036115920a3 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_armel.deb Size/MD5 checksum: 70694 e5892c32e9850d86138ebf15ad317b63 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_armel.deb Size/MD5 checksum: 84758 a94402fed374f82a1ffeb338cb2a4cbb hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_hppa.deb Size/MD5 checksum: 223614 ea284c98cc97b10b879d6174b81cb486 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_hppa.deb Size/MD5 checksum: 899460 290c89b8835d773b8fd240f5610dc63c http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_hppa.deb Size/MD5 checksum: 72280 1d32724f444212696e28d15dc22386af http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_hppa.deb Size/MD5 checksum: 413386 e78a2aabb581f3f7f8da9cb531d6a883 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_hppa.deb Size/MD5 checksum: 158762 89855347fdf8833df8fd643cfd6a2f10 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_hppa.deb Size/MD5 checksum: 51267722 b51b03ef591a26a4bb72fb0c58e610c0 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_hppa.deb Size/MD5 checksum: 3632562 2d9a207f01319a7bd8f3eb72b3762c77 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_hppa.deb Size/MD5 checksum: 9523510 0f38b76b0074881d4b12823eedc40846 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_hppa.deb Size/MD5 checksum: 106998 32d701f55bd4cc6e0f7160c3b5db43aa i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_i386.deb Size/MD5 checksum: 49553140 cd9fb750075df895e2ad46a8fe4c8bdf http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_i386.deb Size/MD5 checksum: 852228 f04ee6f2c26e9bda77477d64a13f3c53 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_i386.deb Size/MD5 checksum: 79554 e69019a20fc3e8750faf73961cae8a38 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_i386.deb Size/MD5 checksum: 224454 c7e441828615fa66d9907b6407a2b1ad http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_i386.deb Size/MD5 checksum: 351828 85e4711445491850841c2f05102f2bd2 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_i386.deb Size/MD5 checksum: 6609818 b99e5d5f75686adcea1c3570fb82ead5 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_i386.deb Size/MD5 checksum: 3573826 2869c274453928b8b110d8aee7dcba96 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_i386.deb Size/MD5 checksum: 142966 847a37421b7980378c81c5e818c2df3d http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_i386.deb Size/MD5 checksum: 68968 1eee7343caee6a8a23a141bf6b653fa4 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_ia64.deb Size/MD5 checksum: 224078 a9dc6949ac6ef39884d1cb58929e20fc http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_ia64.deb Size/MD5 checksum: 3693822 602f37b927bc425803730a66d17e8bec http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_ia64.deb Size/MD5 checksum: 542370 6015bef0d96154f73c32b2031c8bbf70 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_ia64.deb Size/MD5 checksum: 77166 1a94ec379b6e210cf35c1116939fc5f7 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_ia64.deb Size/MD5 checksum: 813100 d0cdc640bf4a68973942cf563b7f7d7b http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_ia64.deb Size/MD5 checksum: 181192 54ef9505c0b0a0b62539dc3d983a8f83 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_ia64.deb Size/MD5 checksum: 11340432 b833d183a5337231c512aba60e733213 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_ia64.deb Size/MD5 checksum: 49734538 21b8086eb33e228f4a3800307a721558 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_ia64.deb Size/MD5 checksum: 121688 1e8f51c8c5d1097d5c0e4b8fd6743ec7 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_mips.deb Size/MD5 checksum: 3611102 8f2980b314f14ff7cf1c244ed11ee638 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_mips.deb Size/MD5 checksum: 145574 f38aa4d16323e517d075d1de833a7a35 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_mips.deb Size/MD5 checksum: 380888 73bf50fdf8fd49a2251f3c13db9e0a2c http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_mips.deb Size/MD5 checksum: 7677088 d034f72357eb3276850bea226dfc3489 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_mips.deb Size/MD5 checksum: 96932 9c55e0f731b1a507e77abb54ea7c2b08 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_mips.deb Size/MD5 checksum: 223126 cc6d3e47d51d4a15cd05ef6af47560c2 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_mips.deb Size/MD5 checksum: 51902590 b9cafda15eba1ae28b5b054bd82e9d62 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_mips.deb Size/MD5 checksum: 919306 764f458b99647036fbdb1b36768e9b99 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_mips.deb Size/MD5 checksum: 70412 c674d096e73e7f353733e502bbc9cd05 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_mipsel.deb Size/MD5 checksum: 378984 c66e5ff8815e2386755ece9c9a34b820 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_mipsel.deb Size/MD5 checksum: 50034074 88479753fa54a417df183b78d0bb6ed1 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_mipsel.deb Size/MD5 checksum: 145324 a801aeefc7fbf555ab407eaeb4c35295 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_mipsel.deb Size/MD5 checksum: 70170 3145be02d89d6e205de5d89b269b9d8d http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_mipsel.deb Size/MD5 checksum: 3311114 4dac1eff7f53b49976d984606e76afe6 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_mipsel.deb Size/MD5 checksum: 900836 6727b545324904a39f31261db59f516b http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_mipsel.deb Size/MD5 checksum: 97046 2953be8b2d4df3994abd68d6f95de215 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_mipsel.deb Size/MD5 checksum: 7384772 6666f68f98fa2cc81d9e3106c958360b http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_mipsel.deb Size/MD5 checksum: 223416 a3ad25d92dc8f8e09352bc1fbce07989 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_powerpc.deb Size/MD5 checksum: 95068 18f76fe7d470194c6320df8b42e7b09b http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_powerpc.deb Size/MD5 checksum: 888120 b426372622e1ac0164db3f25589a5447 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_powerpc.deb Size/MD5 checksum: 152544 e3b9205b45b66a3fcf4937c44897a7d8 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_powerpc.deb Size/MD5 checksum: 3285670 a63c4ce33c3f482584b32cfe50488700 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_powerpc.deb Size/MD5 checksum: 7287440 f9d042196ccedd4dfb4da6d3e45ca2b1 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_powerpc.deb Size/MD5 checksum: 51458688 a669258d296192b6bd48b68006f9b618 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_powerpc.deb Size/MD5 checksum: 223412 b900b19a182c059590bfcdb9495851ef http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_powerpc.deb Size/MD5 checksum: 73306 94fdad8b176e63c0c791d19a026ce4b0 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_powerpc.deb Size/MD5 checksum: 362778 79f1ea4633cf0147da60871533750312 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_s390.deb Size/MD5 checksum: 156410 6e986f5714d7052295a32253daea02a9 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_s390.deb Size/MD5 checksum: 73182 f3b9b343586f554ac37e5c7c8970a28a http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_s390.deb Size/MD5 checksum: 407006 5919961e64253609b9eacc6a31a19b87 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_s390.deb Size/MD5 checksum: 8401766 a23f6d0b7ac0b83997635feff3977ac2 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_s390.deb Size/MD5 checksum: 223402 f08c12d85314436f6331b75e2e18b1c7 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_s390.deb Size/MD5 checksum: 909824 8c8c3aa62be4c19e97351562dcbe1694 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_s390.deb Size/MD5 checksum: 3308768 50226e505e97362404ffbe3e770775fe http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_s390.deb Size/MD5 checksum: 105828 1e5fc5d7be3c5ab803dd71e8391c06bb http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_s390.deb Size/MD5 checksum: 51242096 ebae3e5b1eb3fd2d9470cbe117b8ced9 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_sparc.deb Size/MD5 checksum: 49406432 caf251c788fe4f76679f600bd1d7b1c0 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_sparc.deb Size/MD5 checksum: 70192 33434a3b887ac076d88c0a4e425b3c29 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_sparc.deb Size/MD5 checksum: 144136 359a3cac1ee340f79eb9a53ac65f62ed http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_sparc.deb Size/MD5 checksum: 7181582 4b0f8aaf9a51e7c76073afbb7ea33c6e http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_sparc.deb Size/MD5 checksum: 3583844 11cb9b988b9eac3564f11ed310a8d77e http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_sparc.deb Size/MD5 checksum: 84544 0646f157f384a6a1ffcc3052035d1789 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_sparc.deb Size/MD5 checksum: 350470 1c643effc57e45c6afc964f2284cda7e http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_sparc.deb Size/MD5 checksum: 223260 77281a13fcc78aacd93cf479621ccf74 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_sparc.deb Size/MD5 checksum: 821854 32eba751571daa1dcd4db30e7a3b7b2c These files will probably be moved into the stable distribution on its next update. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2010-0014 Synopsis: VMware Workstation, Player, and ACE address several security issues. Issue date: 2010-09-23 Updated on: 2010-09-23 (initial release of advisory) CVE numbers: CVE-2010-3277 CVE-2010-1205 CVE-2010-0205 CVE-2010-2249 CVE-2010-0434 CVE-2010-0425 - ------------------------------------------------------------------------ 1. Summary VMware Workstation and Player address a potential installer security issue and security issues in libpng. VMware ACE Management Server (AMS) for Windows updates Apache httpd. 2. Relevant releases VMware Workstation 7.1.1 and earlier, VMware Player 3.1.1 and earlier, VMware ACE Management Server 2.7.1 and earlier, Note: VMware Server was declared End Of Availability on January 2010, support will be limited to Technical Guidance for the duration of the support term. 3. Problem Description a. VMware Workstation and Player installer security issue The Workstation 7.x and Player 3.x installers will load an index.htm file located in the current working directory on which Workstation 7.x or Player 3.x is being installed. This may allow an attacker to display a malicious file if they manage to get their file onto the system prior to installation. The issue can only be exploited at the time that Workstation 7.x or Player 3.x is being installed. Installed versions of Workstation and Player are not affected. The security issue is no longer present in the installer of the new versions of Workstation 7.x and Player 3.x (see table below for the version numbers). The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-3277 to this issue. VMware would like to thank Alexander Trofimov and Marc Esher for independently reporting this issue to VMware. The following table lists what action remediates the vulnerability (column 4) if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected Workstation 7.x any 7.1.2 build 301548 or later * Workstation 6.5.x any not affected Player 3.x any 3.1.2 build 301548 or later * Player 2.5.x any not affected AMS any any not affected Server any any not affected Fusion any Mac OS/X not affected ESXi any ESXi not affected ESX any ESX not affected * Note: This only affects the installer, if you have a version of Workstation or Player installed you are not vulnerable. Third party libpng updated to version 1.2.44 A buffer overflow condition in libpng is addressed that could potentially lead to code execution with the privileges of the application using libpng. Two potential denial of service issues are also addressed in the update. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-1205, CVE-2010-0205, CVE-2010-2249 to these issues. The following table lists what action remediates the vulnerability (column 4) if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected Workstation 7.1.x any 7.1.2 build 301548 or later Workstation 6.5.x any affected, patch pending Player 3.1.x any 3.1.2 build 301548 or later Player 2.5.x any affected, patch pending AMS any any not affected Server any any affected, no patch planned Fusion any Mac OS/X not affected ESXi any ESXi not affected ESX any ESX not affected c. VMware ACE Management Server (AMS) for Windows updates Apache httpd version 2.2.15. A function in Apache HTTP Server when multithreaded MPM is used does not properly handle headers in subrequests in certain circumstances which may allow remote attackers to obtain sensitive information via a crafted request that triggers access to memory locations associated with an earlier request. The Apache mod_isapi module can be forced to unload a specific library before the processing of a request is complete, resulting in memory corruption. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-0434 and CVE-2010-0425 to the issues addressed in this update. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected Workstation any any not affected Player any any not affected AMS any Windows 2.7.2 build 301548 or later AMS any Linux affected, patch pending * Server any any not affected Fusion any Mac OS/X not affected ESXi any ESXi not affected ESX any ESX not affected * Note CVE-2010-0425 is not applicable to AMS running on Linux 4. Solution Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file. VMware Workstation 7.1.2 ------------------------ http://www.vmware.com/download/ws/ Release notes: http://downloads.vmware.com/support/ws71/doc/releasenotes_ws712.html Workstation for Windows 32-bit and 64-bit with VMware Tools md5sum: 2e9715ec297dc3ca904ad2707d3e2614 sha1sum: 55b2b99f67c3dacd402fb9880999086efd264e7a Workstation for Windows 32-bit and 64-bit without VMware Tools md5sum: 066929f59aef46f11f4d9fd6c6b36e4d sha1sum: def776a28ee1a21b1ad26e836ae868551fff6fc3 VMware Player 3.1.2 ------------------- http://www.vmware.com/download/player/ Release notes: http://downloads.vmware.com/support/player31/doc/releasenotes_player312.html VMware Player for Windows 32-bit and 64-bit md5sum: 3f289cb33af5e425c92d8512fb22a7ba sha1sum: bf67240c1f410ebeb8dcb4f6d7371334bf9a6b70 VMware Player for Linux 32-bit md5sum: 11e3e3e8753e1d9abbbb92c4e3c1dfe8 sha1sum: dd1dbcdb1f4654eefc11472b68934dcb69842749 VMware Player for Linux 64-bit md5sum: 2ab08e0d4050719845a64d334ca15bb1 sha1sum: f024ad84ec831fce8667dfa9601851da5d9fa59c VMware ACE Management Server 2.7.2 ---------------------------------- http://downloads.vmware.com/d/info/desktop_downloads/vmware_ace/2_7 Release notes: http://downloads.vmware.com/support/ace27/doc/releasenotes_ace272.html ACE Management Server for Windows md5sum: 02f0072b8e48a98ed914b633f070d550 sha1sum: 94a68eac4a328d21a741879b9d063227c0dc1ce4 5. References CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3277 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425 - ------------------------------------------------------------------------ 6. Change log 2010-09-23 VMSA-2010-0014 Initial security advisory after release of Workstation 7.1.2, Player 3.1.2 and ACE Management Server 2.7.2 on 2010-09-23 - ----------------------------------------------------------------------- 7. Contact E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce This Security Advisory is posted to the following lists: * security-announce at lists.vmware.com * bugtraq at securityfocus.com * full-disclosure at lists.grok.org.uk E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055 VMware Security Center http://www.vmware.com/security VMware Security Advisories http://www.vmware.com/security/advisoiries VMware security response policy http://www.vmware.com/support/policies/security_response.html General support life cycle policy http://www.vmware.com/support/policies/eos.html VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html Copyright 2010 VMware Inc. All rights reserved. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) iEYEARECAAYFAkycSrQACgkQS2KysvBH1xmT9wCfbBUS4GYrJohz+QMLYcoiFmSh eTgAoIAmx+ilbe2myj02daLjFrVQfQII =5jlh -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201301-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Mozilla Products: Multiple vulnerabilities Date: January 08, 2013 Bugs: #180159, #181361, #207261, #238535, #246602, #251322, #255221, #255234, #255687, #257577, #260062, #261386, #262704, #267234, #273918, #277752, #280226, #280234, #280393, #282549, #284439, #286721, #290892, #292034, #297532, #305689, #307045, #311021, #312361, #312645, #312651, #312675, #312679, #312763, #313003, #324735, #326341, #329279, #336396, #341821, #342847, #348316, #357057, #360055, #360315, #365323, #373595, #379549, #381245, #388045, #390771, #395431, #401701, #403183, #404437, #408161, #413657, #419917, #427224, #433383, #437780, #439586, #439960, #444318 ID: 201301-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation. Background ========== Mozilla Firefox is an open-source web browser and Mozilla Thunderbird an open-source email client, both from the Mozilla Project. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the 'Mozilla Application Suite'. XULRunner is a Mozilla runtime package that can be used to bootstrap XUL+XPCOM applications such as Firefox and Thunderbird. NSS is Mozilla's Network Security Services library that implements PKI support. IceCat is the GNU version of Firefox. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/firefox < 10.0.11 >= 10.0.11 2 www-client/firefox-bin < 10.0.11 >= 10.0.11 3 mail-client/thunderbird < 10.0.11 >= 10.0.11 4 mail-client/thunderbird-bin < 10.0.11 >= 10.0.11 5 www-client/seamonkey < 2.14-r1 >= 2.14-r1 6 www-client/seamonkey-bin < 2.14 >= 2.14 7 dev-libs/nss < 3.14 >= 3.14 8 www-client/mozilla-firefox <= 3.6.8 Vulnerable! 9 www-client/mozilla-firefox-bin <= 3.5.6 Vulnerable! 10 mail-client/mozilla-thunderbird <= 3.0.4-r1 Vulnerable! 11 mail-client/mozilla-thunderbird-bin <= 3.0 Vulnerable! 12 www-client/icecat <= 10.0-r1 Vulnerable! 13 net-libs/xulrunner <= 2.0-r1 Vulnerable! 14 net-libs/xulrunner-bin <= 1.8.1.19 Vulnerable! ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. ------------------------------------------------------------------- 14 affected packages Description =========== Multiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Please review the CVE identifiers referenced below for details. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, bypass restrictions and protection mechanisms, force file downloads, conduct XML injection attacks, conduct XSS attacks, bypass the Same Origin Policy, spoof URL's for phishing attacks, trigger a vertical scroll, spoof the location bar, spoof an SSL indicator, modify the browser's font, conduct clickjacking attacks, or have other unspecified impact. A local attacker could gain escalated privileges, obtain sensitive information, or replace an arbitrary downloaded file. Workaround ========== There is no known workaround at this time. Resolution ========== All Mozilla Firefox users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/firefox-10.0.11" All users of the Mozilla Firefox binary package should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-10.0.11"= All Mozilla Thunderbird users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=mail-client/thunderbird-10.0.11" All users of the Mozilla Thunderbird binary package should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=mail-client/thunderbird-bin-10.0.11" All Mozilla SeaMonkey users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/seamonkey-2.14-r1" All users of the Mozilla SeaMonkey binary package should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/seamonkey-bin-2.14" All NSS users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/nss-3.14" The "www-client/mozilla-firefox" package has been merged into the "www-client/firefox" package. To upgrade, please unmerge "www-client/mozilla-firefox" and then emerge the latest "www-client/firefox" package: # emerge --sync # emerge --unmerge "www-client/mozilla-firefox" # emerge --ask --oneshot --verbose ">=www-client/firefox-10.0.11" The "www-client/mozilla-firefox-bin" package has been merged into the "www-client/firefox-bin" package. To upgrade, please unmerge "www-client/mozilla-firefox-bin" and then emerge the latest "www-client/firefox-bin" package: # emerge --sync # emerge --unmerge "www-client/mozilla-firefox-bin" # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-10.0.11"= The "mail-client/mozilla-thunderbird" package has been merged into the "mail-client/thunderbird" package. To upgrade, please unmerge "mail-client/mozilla-thunderbird" and then emerge the latest "mail-client/thunderbird" package: # emerge --sync # emerge --unmerge "mail-client/mozilla-thunderbird" # emerge --ask --oneshot -v ">=mail-client/thunderbird-10.0.11" The "mail-client/mozilla-thunderbird-bin" package has been merged into the "mail-client/thunderbird-bin" package. To upgrade, please unmerge "mail-client/mozilla-thunderbird-bin" and then emerge the latest "mail-client/thunderbird-bin" package: # emerge --sync # emerge --unmerge "mail-client/mozilla-thunderbird-bin" # emerge --ask --oneshot -v ">=mail-client/thunderbird-bin-10.0.11" Gentoo discontinued support for GNU IceCat. We recommend that users unmerge GNU IceCat: # emerge --unmerge "www-client/icecat" Gentoo discontinued support for XULRunner. We recommend that users unmerge XULRunner: # emerge --unmerge "net-libs/xulrunner" Gentoo discontinued support for the XULRunner binary package. We recommend that users unmerge XULRunner: # emerge --unmerge "net-libs/xulrunner-bin" References ========== [ 1 ] CVE-2011-3101 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3101 [ 2 ] CVE-2007-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2436 [ 3 ] CVE-2007-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2437 [ 4 ] CVE-2007-2671 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2671 [ 5 ] CVE-2007-3073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3073 [ 6 ] CVE-2008-0016 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0016 [ 7 ] CVE-2008-0017 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0017 [ 8 ] CVE-2008-0367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0367 [ 9 ] CVE-2008-3835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3835 [ 10 ] CVE-2008-3836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3836 [ 11 ] CVE-2008-3837 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3837 [ 12 ] CVE-2008-4058 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4058 [ 13 ] CVE-2008-4059 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4059 [ 14 ] CVE-2008-4060 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4060 [ 15 ] CVE-2008-4061 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4061 [ 16 ] CVE-2008-4062 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4062 [ 17 ] CVE-2008-4063 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4063 [ 18 ] CVE-2008-4064 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4064 [ 19 ] CVE-2008-4065 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4065 [ 20 ] CVE-2008-4066 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4066 [ 21 ] CVE-2008-4067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4067 [ 22 ] CVE-2008-4068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4068 [ 23 ] CVE-2008-4069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4069 [ 24 ] CVE-2008-4070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4070 [ 25 ] CVE-2008-4582 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4582 [ 26 ] CVE-2008-5012 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5012 [ 27 ] CVE-2008-5013 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5013 [ 28 ] CVE-2008-5014 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5014 [ 29 ] CVE-2008-5015 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5015 [ 30 ] CVE-2008-5016 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5016 [ 31 ] CVE-2008-5017 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5017 [ 32 ] CVE-2008-5018 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5018 [ 33 ] CVE-2008-5019 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5019 [ 34 ] CVE-2008-5021 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5021 [ 35 ] CVE-2008-5022 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5022 [ 36 ] CVE-2008-5023 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5023 [ 37 ] CVE-2008-5024 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5024 [ 38 ] CVE-2008-5052 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5052 [ 39 ] CVE-2008-5500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5500 [ 40 ] CVE-2008-5501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5501 [ 41 ] CVE-2008-5502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5502 [ 42 ] CVE-2008-5503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5503 [ 43 ] CVE-2008-5504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5504 [ 44 ] CVE-2008-5505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5505 [ 45 ] CVE-2008-5506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5506 [ 46 ] CVE-2008-5507 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5507 [ 47 ] CVE-2008-5508 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5508 [ 48 ] CVE-2008-5510 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5510 [ 49 ] CVE-2008-5511 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5511 [ 50 ] CVE-2008-5512 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5512 [ 51 ] CVE-2008-5513 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5513 [ 52 ] CVE-2008-5822 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5822 [ 53 ] CVE-2008-5913 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5913 [ 54 ] CVE-2008-6961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-6961 [ 55 ] CVE-2009-0071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0071 [ 56 ] CVE-2009-0071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0071 [ 57 ] CVE-2009-0352 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0352 [ 58 ] CVE-2009-0353 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0353 [ 59 ] CVE-2009-0354 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0354 [ 60 ] CVE-2009-0355 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0355 [ 61 ] CVE-2009-0356 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0356 [ 62 ] CVE-2009-0357 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0357 [ 63 ] CVE-2009-0358 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0358 [ 64 ] CVE-2009-0652 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0652 [ 65 ] CVE-2009-0771 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0771 [ 66 ] CVE-2009-0772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0772 [ 67 ] CVE-2009-0773 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0773 [ 68 ] CVE-2009-0774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0774 [ 69 ] CVE-2009-0775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0775 [ 70 ] CVE-2009-0776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0776 [ 71 ] CVE-2009-0777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0777 [ 72 ] CVE-2009-1044 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1044 [ 73 ] CVE-2009-1169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1169 [ 74 ] CVE-2009-1302 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1302 [ 75 ] CVE-2009-1303 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1303 [ 76 ] CVE-2009-1304 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1304 [ 77 ] CVE-2009-1305 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1305 [ 78 ] CVE-2009-1306 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1306 [ 79 ] CVE-2009-1307 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1307 [ 80 ] CVE-2009-1308 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1308 [ 81 ] CVE-2009-1309 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1309 [ 82 ] CVE-2009-1310 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1310 [ 83 ] CVE-2009-1311 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1311 [ 84 ] CVE-2009-1312 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1312 [ 85 ] CVE-2009-1313 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1313 [ 86 ] CVE-2009-1392 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1392 [ 87 ] CVE-2009-1563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1563 [ 88 ] CVE-2009-1571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1571 [ 89 ] CVE-2009-1828 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1828 [ 90 ] CVE-2009-1832 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1832 [ 91 ] CVE-2009-1833 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1833 [ 92 ] CVE-2009-1834 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1834 [ 93 ] CVE-2009-1835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1835 [ 94 ] CVE-2009-1836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1836 [ 95 ] CVE-2009-1837 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1837 [ 96 ] CVE-2009-1838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1838 [ 97 ] CVE-2009-1839 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1839 [ 98 ] CVE-2009-1840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1840 [ 99 ] CVE-2009-1841 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1841 [ 100 ] CVE-2009-2043 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2043 [ 101 ] CVE-2009-2044 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2044 [ 102 ] CVE-2009-2061 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2061 [ 103 ] CVE-2009-2065 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2065 [ 104 ] CVE-2009-2210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2210 [ 105 ] CVE-2009-2404 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2404 [ 106 ] CVE-2009-2408 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2408 [ 107 ] CVE-2009-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2462 [ 108 ] CVE-2009-2463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2463 [ 109 ] CVE-2009-2464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2464 [ 110 ] CVE-2009-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2465 [ 111 ] CVE-2009-2466 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2466 [ 112 ] CVE-2009-2467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2467 [ 113 ] CVE-2009-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2469 [ 114 ] CVE-2009-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2470 [ 115 ] CVE-2009-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2471 [ 116 ] CVE-2009-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2472 [ 117 ] CVE-2009-2477 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2477 [ 118 ] CVE-2009-2478 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2478 [ 119 ] CVE-2009-2479 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2479 [ 120 ] CVE-2009-2535 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2535 [ 121 ] CVE-2009-2654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2654 [ 122 ] CVE-2009-2662 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2662 [ 123 ] CVE-2009-2664 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2664 [ 124 ] CVE-2009-2665 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2665 [ 125 ] CVE-2009-3069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3069 [ 126 ] CVE-2009-3070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3070 [ 127 ] CVE-2009-3071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3071 [ 128 ] CVE-2009-3072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3072 [ 129 ] CVE-2009-3074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3074 [ 130 ] CVE-2009-3075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3075 [ 131 ] CVE-2009-3076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3076 [ 132 ] CVE-2009-3077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3077 [ 133 ] CVE-2009-3078 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3078 [ 134 ] CVE-2009-3079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3079 [ 135 ] CVE-2009-3274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3274 [ 136 ] CVE-2009-3371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3371 [ 137 ] CVE-2009-3372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3372 [ 138 ] CVE-2009-3373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3373 [ 139 ] CVE-2009-3374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3374 [ 140 ] CVE-2009-3375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3375 [ 141 ] CVE-2009-3376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3376 [ 142 ] CVE-2009-3377 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3377 [ 143 ] CVE-2009-3378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3378 [ 144 ] CVE-2009-3379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3379 [ 145 ] CVE-2009-3380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3380 [ 146 ] CVE-2009-3381 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3381 [ 147 ] CVE-2009-3382 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3382 [ 148 ] CVE-2009-3383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3383 [ 149 ] CVE-2009-3388 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3388 [ 150 ] CVE-2009-3389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3389 [ 151 ] CVE-2009-3555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555 [ 152 ] CVE-2009-3978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3978 [ 153 ] CVE-2009-3979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3979 [ 154 ] CVE-2009-3980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3980 [ 155 ] CVE-2009-3981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3981 [ 156 ] CVE-2009-3982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3982 [ 157 ] CVE-2009-3983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3983 [ 158 ] CVE-2009-3984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3984 [ 159 ] CVE-2009-3985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3985 [ 160 ] CVE-2009-3986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3986 [ 161 ] CVE-2009-3987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3987 [ 162 ] CVE-2009-3988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3988 [ 163 ] CVE-2010-0159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0159 [ 164 ] CVE-2010-0160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0160 [ 165 ] CVE-2010-0162 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0162 [ 166 ] CVE-2010-0163 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0163 [ 167 ] CVE-2010-0164 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0164 [ 168 ] CVE-2010-0165 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0165 [ 169 ] CVE-2010-0166 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0166 [ 170 ] CVE-2010-0167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0167 [ 171 ] CVE-2010-0167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0167 [ 172 ] CVE-2010-0168 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0168 [ 173 ] CVE-2010-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0169 [ 174 ] CVE-2010-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0169 [ 175 ] CVE-2010-0170 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0170 [ 176 ] CVE-2010-0171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0171 [ 177 ] CVE-2010-0171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0171 [ 178 ] CVE-2010-0172 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0172 [ 179 ] CVE-2010-0173 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0173 [ 180 ] CVE-2010-0174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0174 [ 181 ] CVE-2010-0174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0174 [ 182 ] CVE-2010-0175 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0175 [ 183 ] CVE-2010-0175 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0175 [ 184 ] CVE-2010-0176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0176 [ 185 ] CVE-2010-0176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0176 [ 186 ] CVE-2010-0177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0177 [ 187 ] CVE-2010-0178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0178 [ 188 ] CVE-2010-0179 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0179 [ 189 ] CVE-2010-0181 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0181 [ 190 ] CVE-2010-0182 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0182 [ 191 ] CVE-2010-0183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0183 [ 192 ] CVE-2010-0220 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0220 [ 193 ] CVE-2010-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0648 [ 194 ] CVE-2010-0654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0654 [ 195 ] CVE-2010-1028 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1028 [ 196 ] CVE-2010-1121 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1121 [ 197 ] CVE-2010-1125 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1125 [ 198 ] CVE-2010-1196 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1196 [ 199 ] CVE-2010-1197 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1197 [ 200 ] CVE-2010-1198 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1198 [ 201 ] CVE-2010-1199 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1199 [ 202 ] CVE-2010-1200 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1200 [ 203 ] CVE-2010-1201 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1201 [ 204 ] CVE-2010-1202 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1202 [ 205 ] CVE-2010-1203 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1203 [ 206 ] CVE-2010-1205 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1205 [ 207 ] CVE-2010-1206 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1206 [ 208 ] CVE-2010-1207 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1207 [ 209 ] CVE-2010-1208 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1208 [ 210 ] CVE-2010-1209 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1209 [ 211 ] CVE-2010-1210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1210 [ 212 ] CVE-2010-1211 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1211 [ 213 ] CVE-2010-1212 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1212 [ 214 ] CVE-2010-1213 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1213 [ 215 ] CVE-2010-1214 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1214 [ 216 ] CVE-2010-1215 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1215 [ 217 ] CVE-2010-1585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1585 [ 218 ] CVE-2010-2751 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2751 [ 219 ] CVE-2010-2752 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2752 [ 220 ] CVE-2010-2753 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2753 [ 221 ] CVE-2010-2754 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2754 [ 222 ] CVE-2010-2755 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2755 [ 223 ] CVE-2010-2760 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2760 [ 224 ] CVE-2010-2762 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2762 [ 225 ] CVE-2010-2763 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2763 [ 226 ] CVE-2010-2764 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2764 [ 227 ] CVE-2010-2765 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2765 [ 228 ] CVE-2010-2766 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2766 [ 229 ] CVE-2010-2767 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2767 [ 230 ] CVE-2010-2768 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2768 [ 231 ] CVE-2010-2769 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2769 [ 232 ] CVE-2010-2770 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2770 [ 233 ] CVE-2010-3131 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3131 [ 234 ] CVE-2010-3166 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3166 [ 235 ] CVE-2010-3167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3167 [ 236 ] CVE-2010-3168 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3168 [ 237 ] CVE-2010-3169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3169 [ 238 ] CVE-2010-3170 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3170 [ 239 ] CVE-2010-3171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3171 [ 240 ] CVE-2010-3173 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3173 [ 241 ] CVE-2010-3174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3174 [ 242 ] CVE-2010-3175 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3175 [ 243 ] CVE-2010-3176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3176 [ 244 ] CVE-2010-3177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3177 [ 245 ] CVE-2010-3178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3178 [ 246 ] CVE-2010-3179 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3179 [ 247 ] CVE-2010-3180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3180 [ 248 ] CVE-2010-3182 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3182 [ 249 ] CVE-2010-3183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3183 [ 250 ] CVE-2010-3399 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3399 [ 251 ] CVE-2010-3400 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3400 [ 252 ] CVE-2010-3765 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3765 [ 253 ] CVE-2010-3766 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3766 [ 254 ] CVE-2010-3767 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3767 [ 255 ] CVE-2010-3768 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3768 [ 256 ] CVE-2010-3769 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3769 [ 257 ] CVE-2010-3770 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3770 [ 258 ] CVE-2010-3771 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3771 [ 259 ] CVE-2010-3772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3772 [ 260 ] CVE-2010-3773 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3773 [ 261 ] CVE-2010-3774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3774 [ 262 ] CVE-2010-3775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3775 [ 263 ] CVE-2010-3776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3776 [ 264 ] CVE-2010-3777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3777 [ 265 ] CVE-2010-3778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3778 [ 266 ] CVE-2010-4508 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4508 [ 267 ] CVE-2010-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-5074 [ 268 ] CVE-2011-0051 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0051 [ 269 ] CVE-2011-0053 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0053 [ 270 ] CVE-2011-0054 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0054 [ 271 ] CVE-2011-0055 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0055 [ 272 ] CVE-2011-0056 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0056 [ 273 ] CVE-2011-0057 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0057 [ 274 ] CVE-2011-0058 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0058 [ 275 ] CVE-2011-0059 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0059 [ 276 ] CVE-2011-0061 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0061 [ 277 ] CVE-2011-0062 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0062 [ 278 ] CVE-2011-0065 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0065 [ 279 ] CVE-2011-0066 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0066 [ 280 ] CVE-2011-0067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0067 [ 281 ] CVE-2011-0068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0068 [ 282 ] CVE-2011-0069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0069 [ 283 ] CVE-2011-0070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0070 [ 284 ] CVE-2011-0071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0071 [ 285 ] CVE-2011-0072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0072 [ 286 ] CVE-2011-0073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0073 [ 287 ] CVE-2011-0074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0074 [ 288 ] CVE-2011-0075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0075 [ 289 ] CVE-2011-0076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0076 [ 290 ] CVE-2011-0077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0077 [ 291 ] CVE-2011-0078 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0078 [ 292 ] CVE-2011-0079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0079 [ 293 ] CVE-2011-0080 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0080 [ 294 ] CVE-2011-0081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0081 [ 295 ] CVE-2011-0082 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0082 [ 296 ] CVE-2011-0083 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0083 [ 297 ] CVE-2011-0084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0084 [ 298 ] CVE-2011-0085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0085 [ 299 ] CVE-2011-1187 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1187 [ 300 ] CVE-2011-1202 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1202 [ 301 ] CVE-2011-1712 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1712 [ 302 ] CVE-2011-2362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2362 [ 303 ] CVE-2011-2363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2363 [ 304 ] CVE-2011-2364 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2364 [ 305 ] CVE-2011-2365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2365 [ 306 ] CVE-2011-2369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2369 [ 307 ] CVE-2011-2370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2370 [ 308 ] CVE-2011-2371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2371 [ 309 ] CVE-2011-2372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2372 [ 310 ] CVE-2011-2373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2373 [ 311 ] CVE-2011-2374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2374 [ 312 ] CVE-2011-2375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2375 [ 313 ] CVE-2011-2376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2376 [ 314 ] CVE-2011-2377 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2377 [ 315 ] CVE-2011-2378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2378 [ 316 ] CVE-2011-2605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2605 [ 317 ] CVE-2011-2980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2980 [ 318 ] CVE-2011-2981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2981 [ 319 ] CVE-2011-2982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2982 [ 320 ] CVE-2011-2983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2983 [ 321 ] CVE-2011-2984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2984 [ 322 ] CVE-2011-2985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2985 [ 323 ] CVE-2011-2986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2986 [ 324 ] CVE-2011-2987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2987 [ 325 ] CVE-2011-2988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2988 [ 326 ] CVE-2011-2989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2989 [ 327 ] CVE-2011-2990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2990 [ 328 ] CVE-2011-2991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2991 [ 329 ] CVE-2011-2993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2993 [ 330 ] CVE-2011-2995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2995 [ 331 ] CVE-2011-2996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2996 [ 332 ] CVE-2011-2997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2997 [ 333 ] CVE-2011-2998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2998 [ 334 ] CVE-2011-2999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2999 [ 335 ] CVE-2011-3000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3000 [ 336 ] CVE-2011-3001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3001 [ 337 ] CVE-2011-3002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3002 [ 338 ] CVE-2011-3003 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3003 [ 339 ] CVE-2011-3004 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3004 [ 340 ] CVE-2011-3005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3005 [ 341 ] CVE-2011-3026 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3026 [ 342 ] CVE-2011-3062 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3062 [ 343 ] CVE-2011-3232 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3232 [ 344 ] CVE-2011-3389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389 [ 345 ] CVE-2011-3640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3640 [ 346 ] CVE-2011-3647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3647 [ 347 ] CVE-2011-3648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3648 [ 348 ] CVE-2011-3649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3649 [ 349 ] CVE-2011-3650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3650 [ 350 ] CVE-2011-3651 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3651 [ 351 ] CVE-2011-3652 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3652 [ 352 ] CVE-2011-3653 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3653 [ 353 ] CVE-2011-3654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3654 [ 354 ] CVE-2011-3655 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3655 [ 355 ] CVE-2011-3658 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3658 [ 356 ] CVE-2011-3659 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3659 [ 357 ] CVE-2011-3660 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3660 [ 358 ] CVE-2011-3661 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3661 [ 359 ] CVE-2011-3663 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3663 [ 360 ] CVE-2011-3665 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3665 [ 361 ] CVE-2011-3670 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3670 [ 362 ] CVE-2011-3866 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3866 [ 363 ] CVE-2011-4688 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4688 [ 364 ] CVE-2012-0441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0441 [ 365 ] CVE-2012-0442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0442 [ 366 ] CVE-2012-0443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0443 [ 367 ] CVE-2012-0444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0444 [ 368 ] CVE-2012-0445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0445 [ 369 ] CVE-2012-0446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0446 [ 370 ] CVE-2012-0447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0447 [ 371 ] CVE-2012-0449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0449 [ 372 ] CVE-2012-0450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0450 [ 373 ] CVE-2012-0451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0451 [ 374 ] CVE-2012-0452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0452 [ 375 ] CVE-2012-0455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0455 [ 376 ] CVE-2012-0456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0456 [ 377 ] CVE-2012-0457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0457 [ 378 ] CVE-2012-0458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0458 [ 379 ] CVE-2012-0459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0459 [ 380 ] CVE-2012-0460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0460 [ 381 ] CVE-2012-0461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0461 [ 382 ] CVE-2012-0462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0462 [ 383 ] CVE-2012-0463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0463 [ 384 ] CVE-2012-0464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0464 [ 385 ] CVE-2012-0467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0467 [ 386 ] CVE-2012-0468 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0468 [ 387 ] CVE-2012-0469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0469 [ 388 ] CVE-2012-0470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0470 [ 389 ] CVE-2012-0471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0471 [ 390 ] CVE-2012-0473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0473 [ 391 ] CVE-2012-0474 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0474 [ 392 ] CVE-2012-0475 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0475 [ 393 ] CVE-2012-0477 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0477 [ 394 ] CVE-2012-0478 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0478 [ 395 ] CVE-2012-0479 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0479 [ 396 ] CVE-2012-1937 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1937 [ 397 ] CVE-2012-1938 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1938 [ 398 ] CVE-2012-1939 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1939 [ 399 ] CVE-2012-1940 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1940 [ 400 ] CVE-2012-1941 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1941 [ 401 ] CVE-2012-1945 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1945 [ 402 ] CVE-2012-1946 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1946 [ 403 ] CVE-2012-1947 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1947 [ 404 ] CVE-2012-1948 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1948 [ 405 ] CVE-2012-1949 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1949 [ 406 ] CVE-2012-1950 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1950 [ 407 ] CVE-2012-1951 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1951 [ 408 ] CVE-2012-1952 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1952 [ 409 ] CVE-2012-1953 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1953 [ 410 ] CVE-2012-1954 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1954 [ 411 ] CVE-2012-1955 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1955 [ 412 ] CVE-2012-1956 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1956 [ 413 ] CVE-2012-1957 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1957 [ 414 ] CVE-2012-1958 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1958 [ 415 ] CVE-2012-1959 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1959 [ 416 ] CVE-2012-1960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1960 [ 417 ] CVE-2012-1961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1961 [ 418 ] CVE-2012-1962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1962 [ 419 ] CVE-2012-1963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1963 [ 420 ] CVE-2012-1964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1964 [ 421 ] CVE-2012-1965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1965 [ 422 ] CVE-2012-1966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1966 [ 423 ] CVE-2012-1967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1967 [ 424 ] CVE-2012-1970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1970 [ 425 ] CVE-2012-1971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1971 [ 426 ] CVE-2012-1972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1972 [ 427 ] CVE-2012-1973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1973 [ 428 ] CVE-2012-1974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1974 [ 429 ] CVE-2012-1975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1975 [ 430 ] CVE-2012-1976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1976 [ 431 ] CVE-2012-1994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1994 [ 432 ] CVE-2012-3956 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3956 [ 433 ] CVE-2012-3957 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3957 [ 434 ] CVE-2012-3958 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3958 [ 435 ] CVE-2012-3959 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3959 [ 436 ] CVE-2012-3960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3960 [ 437 ] CVE-2012-3961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3961 [ 438 ] CVE-2012-3962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3962 [ 439 ] CVE-2012-3963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3963 [ 440 ] CVE-2012-3964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3964 [ 441 ] CVE-2012-3965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3965 [ 442 ] CVE-2012-3966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3966 [ 443 ] CVE-2012-3967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3967 [ 444 ] CVE-2012-3968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3968 [ 445 ] CVE-2012-3969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3969 [ 446 ] CVE-2012-3970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3970 [ 447 ] CVE-2012-3971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3971 [ 448 ] CVE-2012-3972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3972 [ 449 ] CVE-2012-3973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3973 [ 450 ] CVE-2012-3975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3975 [ 451 ] CVE-2012-3976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3976 [ 452 ] CVE-2012-3977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3977 [ 453 ] CVE-2012-3978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3978 [ 454 ] CVE-2012-3980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3980 [ 455 ] CVE-2012-3982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3982 [ 456 ] CVE-2012-3984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3984 [ 457 ] CVE-2012-3985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3985 [ 458 ] CVE-2012-3986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3986 [ 459 ] CVE-2012-3988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3988 [ 460 ] CVE-2012-3989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3989 [ 461 ] CVE-2012-3990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3990 [ 462 ] CVE-2012-3991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3991 [ 463 ] CVE-2012-3992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3992 [ 464 ] CVE-2012-3993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3993 [ 465 ] CVE-2012-3994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3994 [ 466 ] CVE-2012-3995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3995 [ 467 ] CVE-2012-4179 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4179 [ 468 ] CVE-2012-4180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4180 [ 469 ] CVE-2012-4181 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4181 [ 470 ] CVE-2012-4182 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4182 [ 471 ] CVE-2012-4183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4183 [ 472 ] CVE-2012-4184 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4184 [ 473 ] CVE-2012-4185 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4185 [ 474 ] CVE-2012-4186 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4186 [ 475 ] CVE-2012-4187 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4187 [ 476 ] CVE-2012-4188 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4188 [ 477 ] CVE-2012-4190 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4190 [ 478 ] CVE-2012-4191 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4191 [ 479 ] CVE-2012-4192 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4192 [ 480 ] CVE-2012-4193 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4193 [ 481 ] CVE-2012-4194 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4194 [ 482 ] CVE-2012-4195 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4195 [ 483 ] CVE-2012-4196 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4196 [ 484 ] CVE-2012-4201 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4201 [ 485 ] CVE-2012-4202 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4202 [ 486 ] CVE-2012-4204 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4204 [ 487 ] CVE-2012-4205 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4205 [ 488 ] CVE-2012-4206 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4206 [ 489 ] CVE-2012-4207 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4207 [ 490 ] CVE-2012-4208 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4208 [ 491 ] CVE-2012-4209 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4209 [ 492 ] CVE-2012-4210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4210 [ 493 ] CVE-2012-4212 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4212 [ 494 ] CVE-2012-4215 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4215 [ 495 ] CVE-2012-4216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4216 [ 496 ] CVE-2012-5354 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5354 [ 497 ] CVE-2012-5829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5829 [ 498 ] CVE-2012-5830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5830 [ 499 ] CVE-2012-5833 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5833 [ 500 ] CVE-2012-5835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5835 [ 501 ] CVE-2012-5836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5836 [ 502 ] CVE-2012-5838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5838 [ 503 ] CVE-2012-5839 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5839 [ 504 ] CVE-2012-5840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5840 [ 505 ] CVE-2012-5841 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5841 [ 506 ] CVE-2012-5842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5842 [ 507 ] CVE-2012-5843 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5843 [ 508 ] Firefox Blocking Fraudulent Certificates http://blog.mozilla.org/security/2011/03/22/firefox-blocking-fraudulent-c= ertificates/ [ 509 ] Mozilla Foundation Security Advisory 2011-11 http://www.mozilla.org/security/announce/2011/mfsa2011-11.html [ 510 ] Mozilla Foundation Security Advisory 2011-34 http://www.mozilla.org/security/announce/2011/mfsa2011-34.html Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201301-01.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . As a precaution htmldoc has been rebuilt to link against the system libpng library for CS4 and 2008.0. Latest xulrunner and mozilla-thunderbird has been patched as a precaution for 2008.0 wheres on 2009.0 and up the the system libpng library is used instead of the bundled copy. Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6218 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.0: 4e91a2a256c61f52dffd4fb625e20cf8 2008.0/i586/htmldoc-1.8.27-1.2mdv2008.0.i586.rpm 71553205b1e31d2891667d2eab7aca14 2008.0/i586/htmldoc-nogui-1.8.27-1.2mdv2008.0.i586.rpm 75b6d3f905d7e94154902f81e4728963 2008.0/i586/libpng3-1.2.22-0.5mdv2008.0.i586.rpm fa0c81f2b544f65455a0e0420d9a0e56 2008.0/i586/libpng-devel-1.2.22-0.5mdv2008.0.i586.rpm d4d06a12fd8ee88295877e127757c64b 2008.0/i586/libpng-source-1.2.22-0.5mdv2008.0.i586.rpm 6687d56f95702f0e5786c885ab79c6a9 2008.0/i586/libpng-static-devel-1.2.22-0.5mdv2008.0.i586.rpm 546c18ed8ccf044a45dff3a8cd5ac5b7 2008.0/i586/libxulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.i586.rpm b428e1202d95d588fb3248c2b2fe8b2f 2008.0/i586/libxulrunner-devel-1.9.2.6-0.2mdv2008.0.i586.rpm b9541da4417ea1150c493aea591509bb 2008.0/i586/mozilla-thunderbird-3.0.5-0.2mdv2008.0.i586.rpm 3389caeeda8b8f272d0e5ed070f075b8 2008.0/i586/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.i586.rpm 901abb46652fbc19c8e655895181a949 2008.0/i586/nsinstall-3.0.5-0.2mdv2008.0.i586.rpm ad221cd523bff8f4a59037aa05e1442b 2008.0/i586/xulrunner-1.9.2.6-0.2mdv2008.0.i586.rpm d3dbbb58c9832db4edbc45a4023b4477 2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm 885dba7fe0581b37de05d20b838f279a 2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm 358c49e17d4db735f6862fdbee95a1c9 2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm 748ab46a19f1c32808bf3e79429f2211 2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: 8b2eff5dd89f4ed7e3f120bbc31afa34 2008.0/x86_64/htmldoc-1.8.27-1.2mdv2008.0.x86_64.rpm 15460a7bce68e95d03a87eb14066728b 2008.0/x86_64/htmldoc-nogui-1.8.27-1.2mdv2008.0.x86_64.rpm c7577072f7ab2786a97d7df732b4299a 2008.0/x86_64/lib64png3-1.2.22-0.5mdv2008.0.x86_64.rpm fae36a86aa019cf0fcbcf0d15c508208 2008.0/x86_64/lib64png-devel-1.2.22-0.5mdv2008.0.x86_64.rpm 141ec56a2395ed150acc997eac851429 2008.0/x86_64/lib64png-static-devel-1.2.22-0.5mdv2008.0.x86_64.rpm a29c11e39685931084a085f5716afd5c 2008.0/x86_64/lib64xulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.x86_64.rpm 3a846b86c758be68420ef05e44cfe717 2008.0/x86_64/lib64xulrunner-devel-1.9.2.6-0.2mdv2008.0.x86_64.rpm 084f3b3d7c68806c7acfc7f3be701f0b 2008.0/x86_64/libpng-source-1.2.22-0.5mdv2008.0.x86_64.rpm c45f7479d93714c46d14f4ae2a5b76bd 2008.0/x86_64/mozilla-thunderbird-3.0.5-0.2mdv2008.0.x86_64.rpm 996e7a6a98997883236b08f6ec5816fa 2008.0/x86_64/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.x86_64.rpm ecfdba6225b837a7a03c2ddf0d77d07f 2008.0/x86_64/nsinstall-3.0.5-0.2mdv2008.0.x86_64.rpm 394d8e8458e503ed10db7c7b7f742c2b 2008.0/x86_64/xulrunner-1.9.2.6-0.2mdv2008.0.x86_64.rpm d3dbbb58c9832db4edbc45a4023b4477 2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm 885dba7fe0581b37de05d20b838f279a 2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm 358c49e17d4db735f6862fdbee95a1c9 2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm 748ab46a19f1c32808bf3e79429f2211 2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm Mandriva Linux 2009.0: 28b355727c0ef89be1955a18a8c4a1cf 2009.0/i586/libpng3-1.2.31-2.3mdv2009.0.i586.rpm bf33a24dc5144d0c2362e5c7432f9434 2009.0/i586/libpng-devel-1.2.31-2.3mdv2009.0.i586.rpm e331263b8ac75ddad94f6d9d06d9c802 2009.0/i586/libpng-source-1.2.31-2.3mdv2009.0.i586.rpm 921c4ed0268fcb932f52d299ea74a28c 2009.0/i586/libpng-static-devel-1.2.31-2.3mdv2009.0.i586.rpm c43df36b143f834aa7351eb6a9952897 2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: a20b2965684ddb18b2818d618927bb9a 2009.0/x86_64/lib64png3-1.2.31-2.3mdv2009.0.x86_64.rpm df3bbf6f7e959aea3f6065c83ece5321 2009.0/x86_64/lib64png-devel-1.2.31-2.3mdv2009.0.x86_64.rpm 3c8e3469239f93a70ccbcf56ba55cfb6 2009.0/x86_64/lib64png-static-devel-1.2.31-2.3mdv2009.0.x86_64.rpm 740cd4b4cf0d39dd03a26f0b821cfee4 2009.0/x86_64/libpng-source-1.2.31-2.3mdv2009.0.x86_64.rpm c43df36b143f834aa7351eb6a9952897 2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm Mandriva Linux 2009.1: 127a1c180703d9c89f5f968d7262c469 2009.1/i586/libpng3-1.2.35-1.2mdv2009.1.i586.rpm 3bbf13f800dcbb5f4ab45ffe898f96ce 2009.1/i586/libpng-devel-1.2.35-1.2mdv2009.1.i586.rpm 2e369ee2602705f601d23a977c82ae8a 2009.1/i586/libpng-source-1.2.35-1.2mdv2009.1.i586.rpm 5784917823e881a4aa997276528bfabe 2009.1/i586/libpng-static-devel-1.2.35-1.2mdv2009.1.i586.rpm 6267ae8a72870fdd2a44962d987a6216 2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm Mandriva Linux 2009.1/X86_64: d6032db330f8b8b40af48b29fc6d3730 2009.1/x86_64/lib64png3-1.2.35-1.2mdv2009.1.x86_64.rpm 4aac775bc389d382f184d912ef50b0be 2009.1/x86_64/lib64png-devel-1.2.35-1.2mdv2009.1.x86_64.rpm fb792b3d38cf769590a2dde6ee74c755 2009.1/x86_64/lib64png-static-devel-1.2.35-1.2mdv2009.1.x86_64.rpm 0dfcb358ed06fe83e9621e06189aa8f9 2009.1/x86_64/libpng-source-1.2.35-1.2mdv2009.1.x86_64.rpm 6267ae8a72870fdd2a44962d987a6216 2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm Mandriva Linux 2010.0: 76ba7b51c3eda624850a8288bd182afa 2010.0/i586/libpng3-1.2.40-1.2mdv2010.0.i586.rpm 7a936f6a94f33f0e7ffc991ff7b4ed7f 2010.0/i586/libpng-devel-1.2.40-1.2mdv2010.0.i586.rpm abd9ee162933e3208918d3190c76c0af 2010.0/i586/libpng-source-1.2.40-1.2mdv2010.0.i586.rpm bae7010f8e07568c1a9b42e20e7ddebf 2010.0/i586/libpng-static-devel-1.2.40-1.2mdv2010.0.i586.rpm cc04ec15436b892a4e75f1ad18675fb6 2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm Mandriva Linux 2010.0/X86_64: 499b5e2707d19becfdab415a8008b122 2010.0/x86_64/lib64png3-1.2.40-1.2mdv2010.0.x86_64.rpm 166ca4d21e39bbb3f250806626c59154 2010.0/x86_64/lib64png-devel-1.2.40-1.2mdv2010.0.x86_64.rpm 1c4b4f2e79cf01a4388a2e395dd64cfa 2010.0/x86_64/lib64png-static-devel-1.2.40-1.2mdv2010.0.x86_64.rpm 88b678c1352aa3ed0fffb04241254128 2010.0/x86_64/libpng-source-1.2.40-1.2mdv2010.0.x86_64.rpm cc04ec15436b892a4e75f1ad18675fb6 2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm Mandriva Linux 2010.1: 349ec004acb579d4466b530bfd5fbf3d 2010.1/i586/libpng3-1.2.43-1.1mdv2010.1.i586.rpm d9e323791b16319728fe1486f819e59b 2010.1/i586/libpng-devel-1.2.43-1.1mdv2010.1.i586.rpm 3101d70a79c416392fe228d34b9ba6ff 2010.1/i586/libpng-source-1.2.43-1.1mdv2010.1.i586.rpm 2ff75d1339d52d859939d81994eae477 2010.1/i586/libpng-static-devel-1.2.43-1.1mdv2010.1.i586.rpm 0638fc23b9c5f1f7b3bcd0fdaf71bea8 2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm Mandriva Linux 2010.1/X86_64: 80e4392bbe0bd06b392216a6737cd37a 2010.1/x86_64/lib64png3-1.2.43-1.1mdv2010.1.x86_64.rpm 2d7d50b539c63cd1874ed8150d7fb84a 2010.1/x86_64/lib64png-devel-1.2.43-1.1mdv2010.1.x86_64.rpm 5c3793d0bc69db028ec214a6c9f67c1e 2010.1/x86_64/lib64png-static-devel-1.2.43-1.1mdv2010.1.x86_64.rpm 06b83b6f5050410eff5fe8a590972c18 2010.1/x86_64/libpng-source-1.2.43-1.1mdv2010.1.x86_64.rpm 0638fc23b9c5f1f7b3bcd0fdaf71bea8 2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm Corporate 4.0: be322ac5f446c26c2d0983a2d37e0c6c corporate/4.0/i586/htmldoc-1.8.23-8.2.20060mlcs4.i586.rpm 71329303eddfd4af0994a708bbe4a119 corporate/4.0/i586/htmldoc-nogui-1.8.23-8.2.20060mlcs4.i586.rpm 1c1036be9452042cd356349d6251b697 corporate/4.0/i586/libpng3-1.2.8-1.8.20060mlcs4.i586.rpm e9ba6c0c604a08f555d99503ba7adb68 corporate/4.0/i586/libpng3-devel-1.2.8-1.8.20060mlcs4.i586.rpm 288d9ca48ea58918bdff316891f3c474 corporate/4.0/i586/libpng3-static-devel-1.2.8-1.8.20060mlcs4.i586.rpm 3aa4084dfc51cf4e8ba252f89d53b220 corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm b2449f493949c397ac345027783c1216 corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm Corporate 4.0/X86_64: f761706265fcbebd220b16542a742cc9 corporate/4.0/x86_64/htmldoc-1.8.23-8.2.20060mlcs4.x86_64.rpm 79b3189809ad9176401620a41aaa1fcd corporate/4.0/x86_64/htmldoc-nogui-1.8.23-8.2.20060mlcs4.x86_64.rpm e4f9ac99ff42fbc27aae3d8942903043 corporate/4.0/x86_64/lib64png3-1.2.8-1.8.20060mlcs4.x86_64.rpm e26042ead39ce63ed5f4700d2e61e260 corporate/4.0/x86_64/lib64png3-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm 609d6dc1b8a2b5afb029505469844c4f corporate/4.0/x86_64/lib64png3-static-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm 3aa4084dfc51cf4e8ba252f89d53b220 corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm b2449f493949c397ac345027783c1216 corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm Mandriva Enterprise Server 5: 282337fa9e11a04ef82464c7574591f4 mes5/i586/libpng3-1.2.31-2.3mdvmes5.1.i586.rpm 92c6ec861cf7da08a498576ba412e633 mes5/i586/libpng-devel-1.2.31-2.3mdvmes5.1.i586.rpm c9efa6abde763edff47bf0c1071c9f1a mes5/i586/libpng-source-1.2.31-2.3mdvmes5.1.i586.rpm 2f5340946610590a6baec42354868888 mes5/i586/libpng-static-devel-1.2.31-2.3mdvmes5.1.i586.rpm 488ece2aa6a2c4dc62d4c274d64c2926 mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm Mandriva Enterprise Server 5/X86_64: e5f88951d2135de8587d4be94b405ce9 mes5/x86_64/lib64png3-1.2.31-2.3mdvmes5.1.x86_64.rpm 6b89da9eea105e65d7ae3c875c148473 mes5/x86_64/lib64png-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm c1e6715410bbf2081187aef6749b0e3d mes5/x86_64/lib64png-static-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm cb7ef533d9966c8b531cde8a661fc0af mes5/x86_64/libpng-source-1.2.31-2.3mdvmes5.1.x86_64.rpm 488ece2aa6a2c4dc62d4c274d64c2926 mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you
VAR-201006-0509 No CVE Unknown buffer overflow vulnerability in Twitter on iPhone platform CVSS V2: -
CVSS V3: -
Severity: -
Twitter for iPhone is a Twitter client for the iPhone platform. There is a buffer overflow on the Twitter client under the iPhone platform that can be triggered by an infrequently used user profile location. No detailed vulnerability details are currently available. Twitter for iPhone is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. Versions prior to Twiiter for iPhone 3.0.1 are vulnerable
VAR-201006-0508 No CVE D-LINK DIR-615 Cross-Site Scripting Vulnerability CVSS V2: -
CVSS V3: -
Severity: -
The D-LINK DIR-615 is a router device. The D-LINK DIR-615 incorrectly comes with user-submitted input, and a remote attacker can exploit the vulnerability for cross-site scripting attacks to obtain sensitive information from the target user or unauthorized access to the device. D-LINK DIR-615 is prone to a cross-site scripting vulnerability because the device's web interface fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. NOTE: This issue may be related to one of the issues described in BID 28439
VAR-201008-0355 CVE-2010-2984 Cisco UWN Solution Vulnerable to access restrictions CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 4404 series controllers does not properly implement the WEBAUTH_REQD state, which allows remote attackers to bypass intended access restrictions via WLAN traffic, aka Bug ID CSCtb75305. Exploiting these issues can allow an attacker to deny service to legitimate users, bypass security restrictions, gain unauthorized access, or execute arbitrary code. Other attacks may also be possible. Versions prior to Cisco Unified Wireless Network (UWN) 7.0.98.0 are vulnerable
VAR-201008-0354 CVE-2010-2983 Cisco UWN Solution Service disruption in the workgroup bridge function (DoS) Vulnerabilities CVSS V2: 7.8
CVSS V3: -
Severity: HIGH
The workgroup bridge (aka WGB) functionality in Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to cause a denial of service (dropped connection) via a series of spoofed EAPoL-Logoff frames, related to an "EAPoL logoff attack," aka Bug ID CSCte43374. Cisco Unified Wireless Network (UWN) Solution is prone to multiple security vulnerabilities, including denial of service, authentication bypass, information disclosure, unauthorized access, and an unspecified remote vulnerability. Exploiting these issues can allow an attacker to deny service to legitimate users, bypass security restrictions, gain unauthorized access, or execute arbitrary code. Other attacks may also be possible. Versions prior to Cisco Unified Wireless Network (UWN) 7.0.98.0 are vulnerable. A remote attacker can cause a denial of service attack (connection failure) by means of a series of forged EAPoL-Logoff frames
VAR-201008-0353 CVE-2010-2982 Cisco UWN Solution Vulnerable to group password discovery CVSS V2: 7.1
CVSS V3: -
Severity: HIGH
Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to discover a group password via a series of SNMP requests, as demonstrated by an SNMP walk, aka Bug ID CSCtb74037. Cisco Unified Wireless Network (UWN) Solution is prone to multiple security vulnerabilities, including denial of service, authentication bypass, information disclosure, unauthorized access, and an unspecified remote vulnerability. Exploiting these issues can allow an attacker to deny service to legitimate users, bypass security restrictions, gain unauthorized access, or execute arbitrary code. Other attacks may also be possible. Versions prior to Cisco Unified Wireless Network (UWN) 7.0.98.0 are vulnerable. A remote attacker discovers a set of passwords through a series of SNMP requests
VAR-201008-0346 CVE-2010-2975 Cisco UWN Solution Password read vulnerability CVSS V2: 2.1
CVSS V3: -
Severity: LOW
Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 does not properly handle multiple SSH sessions, which allows physically proximate attackers to read a password, related to an "arrow key failure," aka Bug ID CSCtg51544. Exploiting these issues can allow an attacker to deny service to legitimate users, bypass security restrictions, gain unauthorized access, or execute arbitrary code. Other attacks may also be possible. Versions prior to Cisco Unified Wireless Network (UWN) 7.0.98.0 are vulnerable
VAR-201008-0350 CVE-2010-2979 Cisco UWN Solution Denial of service in Japan (DoS) Vulnerability CVSS V2: 7.8
CVSS V3: -
Severity: HIGH
Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 5508 series controllers allows remote attackers to cause a denial of service (buffer leak and device crash) via ARP requests that trigger an ARP storm, aka Bug ID CSCte43508. Exploiting these issues can allow an attacker to deny service to legitimate users, bypass security restrictions, gain unauthorized access, or execute arbitrary code. Other attacks may also be possible. Versions prior to Cisco Unified Wireless Network (UWN) 7.0.98.0 are vulnerable
VAR-201008-0351 CVE-2010-2980 Cisco UWN Solution Service disruption in (DoS) Vulnerabilities CVSS V2: 7.8
CVSS V3: -
Severity: HIGH
Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 5508 series controllers allows remote attackers to cause a denial of service (pbuf exhaustion and device crash) via fragmented traffic, aka Bug ID CSCtd26794. Exploiting these issues can allow an attacker to deny service to legitimate users, bypass security restrictions, gain unauthorized access, or execute arbitrary code. Other attacks may also be possible. Versions prior to Cisco Unified Wireless Network (UWN) 7.0.98.0 are vulnerable
VAR-201008-0347 CVE-2010-2976 Cisco UWN Solution Vulnerabilities that allow access rights to be acquired in other controllers CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
The controller in Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 has (1) a default SNMP read-only community of public, (2) a default SNMP read-write community of private, and a value of "default" for the (3) SNMP v3 username, (4) SNMP v3 authentication password, and (5) SNMP v3 privacy password, which makes it easier for remote attackers to obtain access. Cisco Unified Wireless Network (UWN) Solution There is a vulnerability in which access rights can be obtained because of the following controller. Exploiting these issues can allow an attacker to deny service to legitimate users, bypass security restrictions, gain unauthorized access, or execute arbitrary code. Other attacks may also be possible
VAR-201008-0349 CVE-2010-2978 Cisco UWN Solution Vulnerable to access restrictions CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 does not use an adequate message-digest algorithm for a self-signed certificate, which allows remote attackers to bypass intended access restrictions via vectors involving collisions, aka Bug ID CSCtd67660. Exploiting these issues can allow an attacker to deny service to legitimate users, bypass security restrictions, gain unauthorized access, or execute arbitrary code. Other attacks may also be possible. Versions prior to Cisco Unified Wireless Network (UWN) 7.0.98.0 are vulnerable
VAR-201008-0348 CVE-2010-2977 Cisco UWN Solution Vulnerabilities in unknown details CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 does not properly implement TLS and SSL, which has unspecified impact and remote attack vectors, aka Bug ID CSCtd01611. Exploiting these issues can allow an attacker to deny service to legitimate users, bypass security restrictions, gain unauthorized access, or execute arbitrary code. Other attacks may also be possible. Versions prior to Cisco Unified Wireless Network (UWN) 7.0.98.0 are vulnerable
VAR-201008-0352 CVE-2010-2981 Cisco UWN Solution Service disruption in (DoS) Vulnerabilities CVSS V2: 7.1
CVSS V3: -
Severity: HIGH
Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to cause a denial of service (device crash) by pinging a virtual interface, aka Bug ID CSCte55370. Exploiting these issues can allow an attacker to deny service to legitimate users, bypass security restrictions, gain unauthorized access, or execute arbitrary code. Other attacks may also be possible. Versions prior to Cisco Unified Wireless Network (UWN) 7.0.98.0 are vulnerable
VAR-201006-0463 CVE-2010-2441 WebKit Vulnerable to reading keystrokes CVSS V2: 4.3
CVSS V3: -
Severity: MEDIUM
WebKit does not properly restrict focus changes, which allows remote attackers to read keystrokes via "cross-domain IFRAME gadgets," a different vulnerability than CVE-2010-1126, CVE-2010-1422, and CVE-2010-2295. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: SUSE update for Multiple Packages SECUNIA ADVISORY ID: SA43068 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43068/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43068 RELEASE DATE: 2011-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/43068/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43068/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43068 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for multiple packages, which fixes multiple vulnerabilities. For more information: SA32349 SA33495 SA35095 SA35379 SA35411 SA35449 SA35758 SA36269 SA36677 SA37273 SA37346 SA37769 SA38061 SA38545 SA38932 SA39029 SA39091 SA39384 SA39661 SA39937 SA40002 SA40072 SA40105 SA40112 SA40148 SA40196 SA40257 SA40664 SA40783 SA41014 SA41085 SA41242 SA41328 SA41390 SA41443 SA41535 SA41841 SA41888 SA41968 SA42151 SA42264 SA42290 SA42312 SA42443 SA42461 SA42658 SA42769 SA42886 SA42956 SA43053 SOLUTION: Apply updated packages via YaST Online Update or the SUSE FTP server. ORIGINAL ADVISORY: SUSE-SR:2011:002: http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-201006-0457 CVE-2010-2435 Weborf HTTP Server Service disruption in (DoS) Vulnerabilities CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
Weborf HTTP Server 0.12.1 and earlier allows remote attackers to cause a denial of service (crash) via Unicode characters in a Connection HTTP header, and possibly other headers. Weborf is a lightweight web server developed in C. Weborf has an error in processing part of the HTTP header field data. The attacker submits an HTTP header request containing a wide character to stop the service program from responding. Weborf is prone to a denial-of-service vulnerability. Remote attackers can exploit this issue to cause the application to crash, denying service to legitimate users. Weborf 0.12.1 is vulnerable; prior versions may also be affected. ---------------------------------------------------------------------- Secunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management Free webinars http://secunia.com/vulnerability_scanning/corporate/webinars/ ---------------------------------------------------------------------- TITLE: Weborf Header Processing Denial of Service Vulnerability SECUNIA ADVISORY ID: SA40322 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/40322/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=40322 RELEASE DATE: 2010-06-29 DISCUSS ADVISORY: http://secunia.com/advisories/40322/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/40322/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=40322 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Weborf, which can be exploited by malicious people to cause a DoS (Denial of Service). This can be exploited to terminate an affected server via e.g. specially crafted HTTP headers containing wide characters. The vulnerability is reported in version 0.12.1. SOLUTION: Update to version 0.12.2. PROVIDED AND/OR DISCOVERED BY: Crash, DcLabs Security Group ORIGINAL ADVISORY: http://freshmeat.net/projects/weborf/releases/318531 http://code.google.com/p/weborf/source/browse/branches/0.12.2/CHANGELOG?spec=svn437&r=437 DcLabs Security Group: http://archives.neohapsis.com/archives/bugtraq/2010-06/0215.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-201006-0504 No CVE Linksys WAP54Gv3 Wireless Router 'debug.cgi' Cross-Site Scripting Vulnerability CVSS V2: -
CVSS V3: -
Severity: -
Linksys WAP54Gv3 is a wireless router device. The Linksys WAP54Gv3 debug.cgi script is used to debug devices. As the POST variable data submitted by the user lacks sufficient filtering when returning the <textarea> tag of the output page, it can trigger a cross-site scripting attack. Linksys WAP54Gv3 Wireless Router is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. Attackers may exploit this issue by enticing victims into visiting a malicious site. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected device. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. The following firmware versions are vulnerable: 3.05.03 (Europe) 3.04.03 (US)
VAR-201006-0687 No CVE Multiple Fujitsu Interstage Products Unspecified Cross Site Scripting Vulnerability CVSS V2: -
CVSS V3: -
Severity: -
Multiple Fujitsu Interstage products are prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
VAR-201006-0513 No CVE TP1/Message Control Denial of Service (DoS) Vulnerability CVSS V2: 5.0
CVSS V3: -
Severity: Medium
The port used by TP1/Message Control's mapping service has a vulnerability where the port is forced to keep collecting debug information when it receives a maliciously-crafted message, which in turn causes the depletion of the disk resource and leads to a denial of service (DoS) condition.A remote attacker could cause a denial of service (DoS) condition on the affected system.
VAR-201006-0506 No CVE Sysax Multi Server 'SFTP' Module Denial of Service Vulnerability CVSS V2: -
CVSS V3: -
Severity: -
Sysax Multi Server is an SSH2 and FTP server for Windows. There are multiple denial of service problems in the Sysax Multi Server SFTP module. Unsafe commands include \"open\", \"unlink\", \"mkdir\", etc., and long strings are not handled correctly. An attacker with valid login credentials can exploit these issues to cause the server to crash, resulting in a denial-of-service condition. Other attacks may also be possible. Sysax Multi Server 5.25 is vulnerable; prior versions may also be affected. Update (June 28, 2010): Assuming the server is running as 'admin', attackers can execute arbitrary code to compromise the application