Sign-up

VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-200906-0618 CVE-2009-0791 CUPS of pdftops Integer overflow vulnerability in filters CVSS V2: 6.8
CVSS V3: -
Severity: MEDIUM
Multiple integer overflows in Xpdf 2.x and 3.x and Poppler 0.x, as used in the pdftops filter in CUPS 1.1.17, 1.1.22, and 1.3.7, GPdf, and kdegraphics KPDF, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file that triggers a heap-based buffer overflow, possibly related to (1) Decrypt.cxx, (2) FoFiTrueType.cxx, (3) gmem.c, (4) JBIG2Stream.cxx, and (5) PSOutputDev.cxx in pdftops/. NOTE: the JBIG2Stream.cxx vector may overlap CVE-2009-1179. CUPS of pdftops The filter includes PDF Insufficient service operation due to incomplete file processing (DoS) Vulnerabilities exist that could be exploited or arbitrary code executed.Crafted by a third party PDF Service operation disrupted by file (DoS) May be executed, or arbitrary code may be executed. CUPS is prone to multiple heap-based buffer-overflow vulnerabilities because it fails to properly bounds-check user-supplied input before copying it into a finite-sized buffer. Exploiting these issues may allow remote attackers to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause denial-of-service conditions. Xpdf is an open source viewer for Portable Document Format (PDF) files. NOTE: This may override CVE-2009-0791. (CVE-2009-0791). (CVE-2009-1709). This update provides a solution to this vulnerability. (CVE-2009-0163) Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to g*allocn. (CVE-2009-0800) The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler request with two consecutive IPP_TAG_UNSUPPORTED tags. (CVE-2009-1183) Two integer overflow flaws were found in the CUPS pdftops filter. An attacker could create a malicious PDF file that would cause pdftops to crash or, potentially, execute arbitrary code as the lp user if the file was printed. (CVE-2009-3608, CVE-2009-3609) This update corrects the problems. Update: Packages for 2008.0 are being provided due to extended support for Corporate products. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0163 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0165 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0791 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0949 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.0: 6b17f59f63c062c017c78d459dd2d89a 2008.0/i586/cups-1.3.10-0.1mdv2008.0.i586.rpm 9bc5298d9895c356227fdda3a0ddb2c0 2008.0/i586/cups-common-1.3.10-0.1mdv2008.0.i586.rpm e3583883df8532fc8c496866dac713f8 2008.0/i586/cups-serial-1.3.10-0.1mdv2008.0.i586.rpm fac1fcb839ad53322a447d4d39f769e3 2008.0/i586/libcups2-1.3.10-0.1mdv2008.0.i586.rpm 3d65afc590fb8520d68b2a3e8e1da696 2008.0/i586/libcups2-devel-1.3.10-0.1mdv2008.0.i586.rpm 9e09ed22a2522ee45e93e0edc146193f 2008.0/i586/libpoppler2-0.6-3.5mdv2008.0.i586.rpm 7427b1f56387e84db5a15aad85b424d2 2008.0/i586/libpoppler-devel-0.6-3.5mdv2008.0.i586.rpm 67937a584d365d6b00ef688c88e8d7c5 2008.0/i586/libpoppler-glib2-0.6-3.5mdv2008.0.i586.rpm 410dc85c2c7b71ab316be5607c556682 2008.0/i586/libpoppler-glib-devel-0.6-3.5mdv2008.0.i586.rpm 64d6e14be8d93c7651ce5dc3e2ebc5bf 2008.0/i586/libpoppler-qt2-0.6-3.5mdv2008.0.i586.rpm cc9af7e314b6eaa6a8f946fa2c27f298 2008.0/i586/libpoppler-qt4-2-0.6-3.5mdv2008.0.i586.rpm 0c6d3a6b5211e8506a89144b8c3a3cfb 2008.0/i586/libpoppler-qt4-devel-0.6-3.5mdv2008.0.i586.rpm c985516638ed4d8f792daa13bd506023 2008.0/i586/libpoppler-qt-devel-0.6-3.5mdv2008.0.i586.rpm 8d05619dcef538092696ce70998abd20 2008.0/i586/php-cups-1.3.10-0.1mdv2008.0.i586.rpm 0bae2a3525b796882d2cc87853945e5a 2008.0/i586/poppler-0.6-3.5mdv2008.0.i586.rpm f3b53f5fafa8af4d754a5985e5f93830 2008.0/SRPMS/cups-1.3.10-0.1mdv2008.0.src.rpm 11b021f4e5d21d199728b9a0a37a8230 2008.0/SRPMS/poppler-0.6-3.5mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: 8249475feb3bdc74ea7060944baed6aa 2008.0/x86_64/cups-1.3.10-0.1mdv2008.0.x86_64.rpm 83951504acb783cfdb8ec4fe48d31e1e 2008.0/x86_64/cups-common-1.3.10-0.1mdv2008.0.x86_64.rpm fa8a91e8e3bc8f11c19ab460d1f690fe 2008.0/x86_64/cups-serial-1.3.10-0.1mdv2008.0.x86_64.rpm e061fdbeded2d97bb3ca6b34d33cb384 2008.0/x86_64/lib64cups2-1.3.10-0.1mdv2008.0.x86_64.rpm 893235ea8cf23295ae961ea2de0b9903 2008.0/x86_64/lib64cups2-devel-1.3.10-0.1mdv2008.0.x86_64.rpm 9844640563afdef4a870e2ed12e58136 2008.0/x86_64/lib64poppler2-0.6-3.5mdv2008.0.x86_64.rpm 06ea824a6a2cd9360a9e75a14718192a 2008.0/x86_64/lib64poppler-devel-0.6-3.5mdv2008.0.x86_64.rpm bb0eb04fa906a352e6738d08f116f89b 2008.0/x86_64/lib64poppler-glib2-0.6-3.5mdv2008.0.x86_64.rpm 43d6a85dfdad7e969655ee4e2a377370 2008.0/x86_64/lib64poppler-glib-devel-0.6-3.5mdv2008.0.x86_64.rpm eef29dde4b9e80d4c360e953cbe9110b 2008.0/x86_64/lib64poppler-qt2-0.6-3.5mdv2008.0.x86_64.rpm c74dc9f245091f451441d8b88f0beed3 2008.0/x86_64/lib64poppler-qt4-2-0.6-3.5mdv2008.0.x86_64.rpm 60345458274afc6ff480317fc408ec52 2008.0/x86_64/lib64poppler-qt4-devel-0.6-3.5mdv2008.0.x86_64.rpm 0a880b9c0d655c10f5757882e30911f1 2008.0/x86_64/lib64poppler-qt-devel-0.6-3.5mdv2008.0.x86_64.rpm eb6fde793ac0d7ea86df42aa22637807 2008.0/x86_64/php-cups-1.3.10-0.1mdv2008.0.x86_64.rpm 7f475f07368ed9158008f2891dce2cd6 2008.0/x86_64/poppler-0.6-3.5mdv2008.0.x86_64.rpm f3b53f5fafa8af4d754a5985e5f93830 2008.0/SRPMS/cups-1.3.10-0.1mdv2008.0.src.rpm 11b021f4e5d21d199728b9a0a37a8230 2008.0/SRPMS/poppler-0.6-3.5mdv2008.0.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFLHXsgmqjQ0CJFipgRAu1fAKCINX1H5StX89GjMDWzGrEM1UiHeACeMLSY a3mQtrfvoibfn29OFAfdSn0= =lTbL -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
VAR-200906-0067 CVE-2009-1196 CUPS of directory-services Service disruption in functionality (DoS) Vulnerabilities CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
The directory-services functionality in the scheduler in CUPS 1.1.17 and 1.1.22 allows remote attackers to cause a denial of service (cupsd daemon outage or crash) via manipulations of the timing of CUPS browse packets, related to a "pointer use-after-delete flaw.". CUPS is prone to a denial-of-service vulnerability. A remote attacker can exploit this issue to crash the affected application, denying service to legitimate users. Common Unix Printing System (CUPS) is a common Unix printing system and a cross-platform printing solution in the Unix environment. It is based on the Internet Printing Protocol and provides most PostScript and raster printer services. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2009:283 http://www.mandriva.com/security/ _______________________________________________________________________ Package : cups Date : October 19, 2009 Affected: Corporate 3.0, Multi Network Firewall 2.0 _______________________________________________________________________ Problem Description: Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap. (CVE-2009-0146, CVE-2009-0147) Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and earlier allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a crafted TIFF image, which is not properly handled by the (1) _cupsImageReadTIFF function in the imagetops filter and (2) imagetoraster filter, leading to a heap-based buffer overflow. (CVE-2009-0166) Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments (CVE-2009-0195). NOTE: the JBIG2Stream.cxx vector may overlap CVE-2009-1179. (CVE-2009-0799) Multiple input validation flaws in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file. (CVE-2009-0949) Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file. (CVE-2009-1179) The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data. (CVE-2009-1181) Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file. (CVE-2009-1196) Two integer overflow flaws were found in the CUPS pdftops filter. An attacker could create a malicious PDF file that would cause pdftops to crash or, potentially, execute arbitrary code as the lp user if the file was printed. (CVE-2009-3608, CVE-2009-3609) This update corrects the problems. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0163 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0791 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0949 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609 _______________________________________________________________________ Updated Packages: Corporate 3.0: 86301a5d5c962256a88d4e15faba9bbf corporate/3.0/i586/cups-1.1.20-5.21.C30mdk.i586.rpm 378811817692045b489880711aa46c85 corporate/3.0/i586/cups-common-1.1.20-5.21.C30mdk.i586.rpm b0b493387f5b0a67eb1bfa7b2cda1152 corporate/3.0/i586/cups-serial-1.1.20-5.21.C30mdk.i586.rpm 7236d2f3677e5f6e2ea740e291e145d5 corporate/3.0/i586/libcups2-1.1.20-5.21.C30mdk.i586.rpm b6959ae680668c17cb2dc84077bfb1a8 corporate/3.0/i586/libcups2-devel-1.1.20-5.21.C30mdk.i586.rpm 902b2ecfff8325312ad095425ec6b31b corporate/3.0/SRPMS/cups-1.1.20-5.21.C30mdk.src.rpm Corporate 3.0/X86_64: 633954b881b4a13641c71f5d8937d70e corporate/3.0/x86_64/cups-1.1.20-5.21.C30mdk.x86_64.rpm b1f94eafb660f6df4f1a7bf5a59f48b7 corporate/3.0/x86_64/cups-common-1.1.20-5.21.C30mdk.x86_64.rpm 6962c849474e00d4381f68ce0d700baa corporate/3.0/x86_64/cups-serial-1.1.20-5.21.C30mdk.x86_64.rpm 775f8c2232eb751dae3fbd5aa347c31b corporate/3.0/x86_64/lib64cups2-1.1.20-5.21.C30mdk.x86_64.rpm ec752b939267cf785a76161388d63b89 corporate/3.0/x86_64/lib64cups2-devel-1.1.20-5.21.C30mdk.x86_64.rpm 902b2ecfff8325312ad095425ec6b31b corporate/3.0/SRPMS/cups-1.1.20-5.21.C30mdk.src.rpm Multi Network Firewall 2.0: c998b8245740f55a475014ab84aa72c6 mnf/2.0/i586/cups-1.1.20-5.21.M20mdk.i586.rpm caff03b6b69c0dc6dcf5b0e56bc583c3 mnf/2.0/i586/cups-common-1.1.20-5.21.M20mdk.i586.rpm f4f7b5894f97f371dcaa84347170642c mnf/2.0/i586/cups-serial-1.1.20-5.21.M20mdk.i586.rpm ae0eb99fdc9ce79efff159a5dcd3d64e mnf/2.0/i586/libcups2-1.1.20-5.21.M20mdk.i586.rpm 8e701f7caa03cd8d1bb42566965506e6 mnf/2.0/i586/libcups2-devel-1.1.20-5.21.M20mdk.i586.rpm 10e3ff36714b79b806b62137b3d7d246 mnf/2.0/SRPMS/cups-1.1.20-5.21.M20mdk.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFK3OH6mqjQ0CJFipgRAsUOAKDHMqs7e509FxXN+hRs3MuoXG+hbACgxBLI 92SOL+8x2GTGblZj+/qsM7o= =ZAtW -----END PGP SIGNATURE----- . ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: Red Hat update for cups SECUNIA ADVISORY ID: SA35340 VERIFY ADVISORY: http://secunia.com/advisories/35340/ DESCRIPTION: Red Hat has issued an update for cups. This fixes some vulnerabilities, which can be exploited by malicious people to potentially disclose sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system. 1) A use-after-free error exists within the scheduler directory service. This can be exploited to e.g. crash cupsd by sending a CUPS browse packet at a specific moment. This can be exploited to e.g. 3) An error in the processing of IPP tags below 16 can be exploited to crash the server. For more information: SA34481 SOLUTION: Updated packages are available via Red Hat Network. PROVIDED AND/OR DISCOVERED BY: 1) Swen van Brussel 2) Reported by the vendor. ORIGINAL ADVISORY: RHSA-2009-1083: http://rhn.redhat.com/errata/RHSA-2009-1083.html OTHER REFERENCES: SA34481: http://secunia.com/advisories/34481/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200906-0617 CVE-2009-0949 CUPS  of  ippReadIO  Denial of service in functions  (DoS)  Vulnerability CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler request with two consecutive IPP_TAG_UNSUPPORTED tags. Common Unix Printing System(CUPS)是一款通用Unix打印系统,是Unix环境下的跨平台打印解决方案,基于Internet打印协议,提供大多数PostScript和raster打印机服务 . 在处理包含有两个IPP_TAG_UNSUPPORTED标签的特质IPP时,CUPS的cups/ipp.c文件中的ippReadIO()函数没有正确地初始化ipp结构,这可能导致受影响的应用崩溃 . cups/ipp.c文件中的ippReadIO()函数负责初始化表示当前IPP请求中不同标签的ipp结构: /----------- 1016 ipp_state_t /* O - Current state */ 1017 ippReadIO(void*src, /* I - Data source */ 1018 ipp_iocb_tcb, /* I - Read callback function */ 1019 int blocking, /* I - Use blocking IO? */ 1020 ipp_t *parent,/* I - Parent request, if any */ 1021 ipp_t *ipp) /* I - IPP data */ 1022 { 1023 int n;/* Length of data */ 1024 unsignedchar buffer[IPP_MAX_LENGTH + 1], 1025 /* Data buffer */ 1026 string[IPP_MAX_NAME], 1027 /* Small string buffer */ 1028*bufptr; /* Pointer into buffer */ 1029ipp_attribute_t*attr; /* Current attribute */ 1030ipp_tag_t tag; /* Current tag */ 1031ipp_tag_t value_tag; /* Current value tag */ 1032ipp_value_t *value;/* Current value */ 1035DEBUG_printf((\"ippReadIO(\\%p, \\%p, \\%d, \\%p, \\%p)\n\", src, cb, blocking, 1036parent, ipp)); 1037DEBUG_printf((\"ippReadIO: ipp->state=\\%d\n\", ipp->state)); 1039if (src == NULL || ipp == NULL) 1040return (IPP_ERROR); 1041 1042switch (ipp->state) 1043{ 1044case IPP_IDLE : 1045ipp->state ++; /* Avoid common problem... */ 1046 1047case IPP_HEADER : 1048if (parent == NULL) - -----------/ 在上面的代码中,通过几个不同的标签属性对报文进行计数。如果所发送的IPP报文标签属性低于0x10,CUPS就会认为是IPP_TAG_UNSUPPORTED标签: /----------- else if (tag < IPP_TAG_UNSUPPORTED_VALUE) { /* * Group tag...Set the current group and continue... */ if (ipp->curtag == tag) ipp->prev = ippAddSeparator(ipp); else if (ipp->current) ipp->prev = ipp->current; ipp->curtag= tag; ipp->current = NULL; DEBUG_printf((\"ippReadIO: group tag = \\%x, ipp->prev=\\%p\n\", tag, ipp->prev)); continue; } - -----------/ 由于CUPS处理这类标签的方式,如果报文中包含有两个连续的IPP_TAG_UNSUPPORTED,就会将IPP结构的最后一个节点初始化为NULL,这会在cupsdProcessIPPRequest函数试图读取attr结构的name字段时导致崩溃. /----------- /* * \'\'cupsdProcessIPPRequest()\'\' - Process an incoming IPP request. */ int /* O - 1 on success, 0 on failure */ cupsdProcessIPPRequest( cupsd_client_t *con)/* I - Client connection */ ... if (!attr) { /* * Then make sure that the first three attributes are: * * attributes-charset * attributes-natural-language * printer-uri/job-uri */ attr = con->request->attrs; if (attr && !strcmp(attr->name, \"attributes-charset\") && (attr->value_tag & IPP_TAG_MASK) == IPP_TAG_CHARSET) charset = attr; else charset = NULL; ... - -----------/. CUPS is prone to a denial-of-service vulnerability because of a NULL-pointer dereference that occurs when processing two consecutive IPP_TAG_UNSUPPORTED tags in specially crafted IPP (Internet Printing Protocal) packets. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. It is based on the Internet Printing Protocol and provides most PostScript and raster printer services. The ippReadIO() function in CUPS's cups/ipp.c file did not properly initialize the ipp structure when processing a idiosyncratic IPP that contained two IPP_TAG_UNSUPPORTED tags, which could crash the affected application. =========================================================== Ubuntu Security Notice USN-780-1 June 03, 2009 cups, cupsys vulnerability CVE-2009-0949 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: cupsys 1.2.2-0ubuntu0.6.06.14 Ubuntu 8.04 LTS: cupsys 1.3.7-1ubuntu3.5 Ubuntu 8.10: cups 1.3.9-2ubuntu9.2 Ubuntu 9.04: cups 1.3.9-17ubuntu3.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Anibal Sacco discovered that CUPS did not properly handle certain network operations. Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.14.diff.gz Size/MD5: 101447 1edf4eb6127965001092ac72fc5743ea http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.14.dsc Size/MD5: 1060 4843503dffb5c5268a64499cb2cf279e http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2.orig.tar.gz Size/MD5: 4070384 2c99b8aa4c8dc25c8a84f9c06aa52e3e Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.2.2-0ubuntu0.6.06.14_all.deb Size/MD5: 998 ee02e19aab490d9d97b6d3eb0f0808e4 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.14_amd64.deb Size/MD5: 36236 8f3c604623813d67800c2f06686ccd1b http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.14_amd64.deb Size/MD5: 81894 166216227002808778e9a01798409a37 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.14_amd64.deb Size/MD5: 2287028 141ace9ca050db86cdef9b44e620c13b http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.14_amd64.deb Size/MD5: 6094 f338b2ae622333497e2cda10f26590e9 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.14_amd64.deb Size/MD5: 77648 40846208a23006cab7c7bd52813a6343 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.14_amd64.deb Size/MD5: 25756 5b703a78f78465181f785715ef7036cc http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.14_amd64.deb Size/MD5: 130344 6c9d54d7f6c8069d8d69652bf6dbddd7 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.14_i386.deb Size/MD5: 34762 08037502d74a512a07b184c2999d32ad http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.14_i386.deb Size/MD5: 77992 260347aa2b7f4ec59fcaa1d29a16e0c3 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.14_i386.deb Size/MD5: 2254260 49e00eabc519426ee5413864c4bdb251 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.14_i386.deb Size/MD5: 6092 0a515dd0fdd48eb70da0b5bfe3019f08 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.14_i386.deb Size/MD5: 76752 7ee453f379433e22b9451e6282669797 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.14_i386.deb Size/MD5: 25740 28af462a2e8f13620bb1b70cef1cd08e http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.14_i386.deb Size/MD5: 122538 200a588a83e668f621ca41bc41a13413 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.14_powerpc.deb Size/MD5: 40462 3937e3b6cb8f6cda2f1e450518a4e136 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.14_powerpc.deb Size/MD5: 89516 bf845949727422d0ae4d550966d34c72 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.14_powerpc.deb Size/MD5: 2301634 8bf6a7e2fcff62817459186c189673d1 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.14_powerpc.deb Size/MD5: 6094 cb2ff11f6c55d69b99f39e64ad399774 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.14_powerpc.deb Size/MD5: 79292 b137122dde7459d5653e024b4d3b5852 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.14_powerpc.deb Size/MD5: 25744 7765abc3cea993a82a638458202892e5 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.14_powerpc.deb Size/MD5: 128304 69634210a2fa2a8af2383a12b657a568 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.14_sparc.deb Size/MD5: 35390 f4a5a9207d6494c05a7820cdbf2cadf9 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.14_sparc.deb Size/MD5: 78720 423336f4bf4be9292f49f31ab6cac3dc http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.14_sparc.deb Size/MD5: 2287900 4833fae9ab11ecd3721faef405ad8167 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.14_sparc.deb Size/MD5: 6094 ebae0d6eb86d9e3f4fff77c860f1693c http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.14_sparc.deb Size/MD5: 76568 7d1814766e366021fc136cb6577880b9 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.14_sparc.deb Size/MD5: 25746 a4eacdcf7d078a8200660cf0bb37c694 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.14_sparc.deb Size/MD5: 124034 6fd4c6c86596379e32fc228ed15cf4dc Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5.diff.gz Size/MD5: 135129 091bf3e7ac7e1a1f074dc15d08c2c4d5 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5.dsc Size/MD5: 1441 9cf7f2d9b00a22af8e8ccdfbe234fd8e http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7.orig.tar.gz Size/MD5: 4700333 383e556d9841475847da6076c88da467 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.7-1ubuntu3.5_all.deb Size/MD5: 1144240 9c3908b1639d493bcc580368adbfa3a3 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.5_amd64.deb Size/MD5: 37530 c252102dbd39005b010fff629e4daf2c http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.5_amd64.deb Size/MD5: 89980 2d95b8b2a44cfa62603335d6211f5fd1 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5_amd64.deb Size/MD5: 1880552 e94141a55ae34eb9ac5be1b941268f5b http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.5_amd64.deb Size/MD5: 60804 9e8d5476cccb6ea9ac0d0eaf1db9c615 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.5_amd64.deb Size/MD5: 50216 5de274a35fa3cbea87c9245b179364b5 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.5_amd64.deb Size/MD5: 344920 6a966e90749cbaf815c511717b84abaa http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.5_amd64.deb Size/MD5: 178092 3d4bda40ecf7c2091cc173b79658d6c9 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.5_i386.deb Size/MD5: 36952 2c6053368cf2a00f66197eca444af3b5 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.5_i386.deb Size/MD5: 88394 0c572acada7273e30b15bcb3cc2874cb http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5_i386.deb Size/MD5: 1863054 68e5cbd5fd1ed11bee4fef0c4e79de7f http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.5_i386.deb Size/MD5: 60082 062ad31917eedc6e5003e990807d838b http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.5_i386.deb Size/MD5: 49852 9ac15961d63d2fd6f4ce702e688a8985 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.5_i386.deb Size/MD5: 339354 8b842a2c754dc36a307aa64e613fe4c7 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.5_i386.deb Size/MD5: 174938 58ab39cc15878a158487fb858af9958d lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.5_lpia.deb Size/MD5: 36658 536346a17e6b5035307bdf1ce04b3799 http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.5_lpia.deb Size/MD5: 88744 2141679378e4e3700c78c09ec936e1da http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5_lpia.deb Size/MD5: 1865310 094ffb6f741440a18fca28d50b29ead0 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.5_lpia.deb Size/MD5: 60488 8681c7ebbe8e781fb7b3348b00da9de9 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.5_lpia.deb Size/MD5: 50808 dce50fc21c292b77ff3d0f21946cf23e http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.5_lpia.deb Size/MD5: 337014 84ca26401f9ae81f3d9f535f0361dd0c http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.5_lpia.deb Size/MD5: 173878 1f3e4888d7cf574b1c62aa092c852b8a powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.5_powerpc.deb Size/MD5: 46918 6e9a925312380561f2299f66cb134357 http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.5_powerpc.deb Size/MD5: 110820 b7b8c667cf96cfe0d60c1f2d1ba96628 http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5_powerpc.deb Size/MD5: 1949102 2d78cac8f6b3c758ac337c791de433a3 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.5_powerpc.deb Size/MD5: 59926 0c7f18be806b6467c39dd1955c6e4685 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.5_powerpc.deb Size/MD5: 54920 9403a69f365361e033707d5914a92f52 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.5_powerpc.deb Size/MD5: 341668 0ee868915ef0bd3e177244f931ec7b5d http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.5_powerpc.deb Size/MD5: 183836 e45a7d338ce136c48abf6c5cce3b6f6b sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.5_sparc.deb Size/MD5: 38028 e556e3eecc385e35b5c790046f91cec9 http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.5_sparc.deb Size/MD5: 91034 84e2052f3fd9e57363b13779fe3fb30f http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5_sparc.deb Size/MD5: 1897852 30481f2e4dff5ba7e8d465d0771360c8 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.5_sparc.deb Size/MD5: 57826 72589c6d350921d2ac7d5a4207c5b78a http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.5_sparc.deb Size/MD5: 48216 59e887dda48b748158c7083d50fb6405 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.5_sparc.deb Size/MD5: 341372 0976433618733b76b21104715594256e http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.5_sparc.deb Size/MD5: 173768 853ddf9a445d28cdf2740957676b50cd Updated packages for Ubuntu 8.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.2.diff.gz Size/MD5: 329287 0f1eabafd9f35ce1c7103f131976af91 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.2.dsc Size/MD5: 2043 5c406df0ddf6c7f849147bbccb4350bb http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9.orig.tar.gz Size/MD5: 4809771 e6f2d90491ed050e5ff2104b617b88ea Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.3.9-2ubuntu9.2_all.deb Size/MD5: 1162826 78ce799e56015d07969aea1b1e5750fe http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-bsd_1.3.9-2ubuntu9.2_all.deb Size/MD5: 58238 c04c758e79b5d28dec48637c8c73b549 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-client_1.3.9-2ubuntu9.2_all.deb Size/MD5: 58252 588dfe9e578fb1a17daf2faa5fab8774 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.3.9-2ubuntu9.2_all.deb Size/MD5: 58244 0fa4c07b2e66a7d0c106071d283d7edc http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys_1.3.9-2ubuntu9.2_all.deb Size/MD5: 58236 f163f465b79566c194364d14ebb49608 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsys2-dev_1.3.9-2ubuntu9.2_all.deb Size/MD5: 58252 afd476b79ec34e694d19f360a2cbc64c http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.3.9-2ubuntu9.2_all.deb Size/MD5: 4526 bd17a9f9600e53f3c5ce3b18a2cae590 http://security.ubuntu.com/ubuntu/pool/universe/c/cups/libcupsys2_1.3.9-2ubuntu9.2_all.deb Size/MD5: 58240 b1702f69d74e496859096eb6101e5139 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.2_amd64.deb Size/MD5: 37300 2e18f255477200b6320afa7e6903508f http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.2_amd64.deb Size/MD5: 119744 9c484968a2250bd303c305df9d53943f http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.2_amd64.deb Size/MD5: 1682962 e7fa53ce69537cd609e8d88e1873e9cc http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.2_amd64.deb Size/MD5: 2172504 b4d5b2ce9603e2b36374b100dbf9ada7 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.2_amd64.deb Size/MD5: 352190 8bbf84d00818cf88c0f3d048fa425cf1 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.2_amd64.deb Size/MD5: 173268 01abbe7f859eef7e9e5d453792b96f76 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.2_amd64.deb Size/MD5: 61314 73a75d935ccb41f7827bfeff0bf8f9ec http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.2_amd64.deb Size/MD5: 52312 263e4265a47473eff3b416b896907103 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.2_i386.deb Size/MD5: 36226 c8d3d0df62f93d519369f37ab0d337bf http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.2_i386.deb Size/MD5: 115328 65483c26c3e0efe02922a59beeb0d833 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.2_i386.deb Size/MD5: 1542716 c3737d9cfb6277985baf83bf4a449150 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.2_i386.deb Size/MD5: 2139250 edef8688cd2fe57ac989b4bad50022ac http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.2_i386.deb Size/MD5: 345992 e4adcaea69f8ae947f1ca0b63af74ffd http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.2_i386.deb Size/MD5: 170194 fd8ab14aafda63f2f41cbd4885be0d81 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.2_i386.deb Size/MD5: 60534 5064205f7a26e8ed1a543932e6aad79e http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.2_i386.deb Size/MD5: 51718 e663a435f42d39438e5fdf1ed599c7cb lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.2_lpia.deb Size/MD5: 36014 b9a880feca8d481df4f9495cec8b8121 http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.2_lpia.deb Size/MD5: 114512 1617fc04bc3c063dcb8bbc884050c6b2 http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.2_lpia.deb Size/MD5: 1571962 7b061e95651696885125af95d7b08532 http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.2_lpia.deb Size/MD5: 2135962 8695e326f9876ed3c3012becfaeed0f4 http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.2_lpia.deb Size/MD5: 342968 9887c91b3ac9427b240317f6eb6d8bf0 http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.2_lpia.deb Size/MD5: 168430 e13502a0fda3165d41d92f156f2ade21 http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.2_lpia.deb Size/MD5: 60630 63b43b5b90c7f271d8ffc491d50c77e0 http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.2_lpia.deb Size/MD5: 52386 f0ee10297823f8aa39049a1f9cff34bb powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.2_powerpc.deb Size/MD5: 43564 e3d68dd451cae339f4629e36363e27b4 http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.2_powerpc.deb Size/MD5: 138160 8d11bd04570c0738af0b35ecef8ca018 http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.2_powerpc.deb Size/MD5: 1663540 3f5d9437ffe6df630cde4ad4b4fbbe35 http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.2_powerpc.deb Size/MD5: 2264222 6c49653a70198b67692c220135fe5428 http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.2_powerpc.deb Size/MD5: 347966 72a14e0a64f503365475c436fa45ac39 http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.2_powerpc.deb Size/MD5: 177464 2615af3dce1a5b56c001adcbab649264 http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.2_powerpc.deb Size/MD5: 61256 b021d0be4915346dfc22203556c56ce4 http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.2_powerpc.deb Size/MD5: 57436 a9463cb0014dba068fe6ad3dd05b7693 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.2_sparc.deb Size/MD5: 37216 b30aec0d4f3cff1d59594c1272002e93 http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.2_sparc.deb Size/MD5: 117640 35ca75a0021841529ed85691ba0496bc http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.2_sparc.deb Size/MD5: 1490704 f143b16a5a811b517cc968d9e628feb9 http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.2_sparc.deb Size/MD5: 2200938 91b1621927bd5feb83bd1dd8fa20005d http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.2_sparc.deb Size/MD5: 344786 c5e02a1f344ddc4e10b91b255ac869dd http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.2_sparc.deb Size/MD5: 166318 e6bfc6840275b954311c4544667d6193 http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.2_sparc.deb Size/MD5: 57848 f4c6f5c70fd1ec7a95c322186e86c487 http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.2_sparc.deb Size/MD5: 49796 52f0c961942e4a0b8e85ed3b6d4953a4 Updated packages for Ubuntu 9.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.1.diff.gz Size/MD5: 331113 386644ef646604fa3ea0f18a3440dd94 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.1.dsc Size/MD5: 1984 974758acb855004824caa579913a402f http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9.orig.tar.gz Size/MD5: 4809771 e6f2d90491ed050e5ff2104b617b88ea Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.3.9-17ubuntu3.1_all.deb Size/MD5: 1165116 0fea2201baecec1a63153ca024cf85b3 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.3.9-17ubuntu3.1_all.deb Size/MD5: 60220 78f1df511789d7c6fa564df73ae3737e http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsys2-dev_1.3.9-17ubuntu3.1_all.deb Size/MD5: 60230 dd363c3548b1d7bab16bb595ac2d8682 http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-bsd_1.3.9-17ubuntu3.1_all.deb Size/MD5: 60222 3fe72599089459e0533070ee35696c96 http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-client_1.3.9-17ubuntu3.1_all.deb Size/MD5: 60218 33922120f0f3b6d755691c6cd31a983a http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.3.9-17ubuntu3.1_all.deb Size/MD5: 4520 4944980239da17a124a13b5eb08814af http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys_1.3.9-17ubuntu3.1_all.deb Size/MD5: 60204 578a4a096679845a551abab4687ecd07 http://security.ubuntu.com/ubuntu/pool/universe/c/cups/libcupsys2_1.3.9-17ubuntu3.1_all.deb Size/MD5: 60220 404eae856385b1def832fb0474551e51 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.1_amd64.deb Size/MD5: 37310 824835ae3f5e791b0ced4e0bfa0094aa http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.1_amd64.deb Size/MD5: 119750 d3562b6435de311fdfdd3f5a433beafe http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.1_amd64.deb Size/MD5: 1658120 811f80a88d0fdcee20f41383b313d073 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.1_amd64.deb Size/MD5: 2168616 178ada0830fa6b64f1b2a28f43ba68d5 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.1_amd64.deb Size/MD5: 352130 b9502f3daaa52d057a815e6a11433707 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.1_amd64.deb Size/MD5: 177068 fedd91d5e3094e813b85c910e6f950ab http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.1_amd64.deb Size/MD5: 61260 68d03afa62ffd74aa517c588cd32017d http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.1_amd64.deb Size/MD5: 52220 715bc18c530db346e2faad81789af0a0 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.1_i386.deb Size/MD5: 36212 f8a3d3701b170c1637b469b1abcde7c6 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.1_i386.deb Size/MD5: 115324 062953a515a6c8b27c75c7539472f9f4 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.1_i386.deb Size/MD5: 1517622 a3c1f3ad98db97230d25ba20acfa4c11 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.1_i386.deb Size/MD5: 2134800 0cde4fc0fac7b7682f0a53f38caedbc4 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.1_i386.deb Size/MD5: 345990 2bc3076c1ad6c67c5858f62714ab4a3b http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.1_i386.deb Size/MD5: 173740 c44041d8784eae4ac9400a0d3b9b9138 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.1_i386.deb Size/MD5: 60488 c923e354bf04dbafff5339ea6d18433e http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.1_i386.deb Size/MD5: 51530 b03604b87ea464a7f97e26272582ee18 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.1_lpia.deb Size/MD5: 36032 2be317cc9206baaff256b4325072589a http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.1_lpia.deb Size/MD5: 114486 8c27d1961b1aa8a73f3c342ae6ae92f8 http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.1_lpia.deb Size/MD5: 1546154 0d3adaac793d357587ce7cc4275fe55f http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.1_lpia.deb Size/MD5: 2132166 9ae39e3c42178dd9b384fc8bc8a13d82 http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.1_lpia.deb Size/MD5: 342936 2cff2dcc4b5cd9e54046bd97f2ca1bed http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.1_lpia.deb Size/MD5: 171954 a2ea14f0324efa3d936f8a31730d0c9d http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.1_lpia.deb Size/MD5: 60678 4594a7764c86b427ff76b2700a294ddc http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.1_lpia.deb Size/MD5: 52340 86b3bb0d4279f78231d1bdd0e1dbc3fb powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.1_powerpc.deb Size/MD5: 43578 302e5e3849b99d0a12e2ff4f96be71d1 http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.1_powerpc.deb Size/MD5: 138164 5e62e249891ed196a7eb21466205fd7b http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.1_powerpc.deb Size/MD5: 1633586 15e374d5ff627a56713f2a7ce61ef616 http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.1_powerpc.deb Size/MD5: 2256002 66dd6a9c74b750671c86e90163941953 http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.1_powerpc.deb Size/MD5: 347906 cb12b0143262bdbe01a6e69584947228 http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.1_powerpc.deb Size/MD5: 182450 c07ea0fed64ca677713c8a9362a38467 http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.1_powerpc.deb Size/MD5: 61302 934f995a352040b03daf4b4462da2892 http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.1_powerpc.deb Size/MD5: 57414 31f122cc6a44e90c362dda241b98648c sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.1_sparc.deb Size/MD5: 37204 d11aa276b3c4049110c587b2131d1207 http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.1_sparc.deb Size/MD5: 117558 c29f382879fce337b440b71cb3a88b3d http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.1_sparc.deb Size/MD5: 1462180 9c40f63f4c088299eec0d97317c53a3a http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.1_sparc.deb Size/MD5: 2201794 00f9c319e7fd6b9eeed508baba656d21 http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.1_sparc.deb Size/MD5: 344712 9f8df2c64cff337847abca91c4e3fb1f http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.1_sparc.deb Size/MD5: 169558 555c2de1cc4ff90754500bb42947453e http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.1_sparc.deb Size/MD5: 57850 d5d1dc89040b20f04c6a99d14524a6d1 http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.1_sparc.deb Size/MD5: 49686 46af0e0b82ed5cc1d562909eacd9a35c . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2009:282-1 http://www.mandriva.com/security/ _______________________________________________________________________ Package : cups Date : December 7, 2009 Affected: 2008.0 _______________________________________________________________________ Problem Description: Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap. (CVE-2009-0163) Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to g*allocn. (CVE-2009-0166) Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments (CVE-2009-0195). NOTE: the JBIG2Stream.cxx vector may overlap CVE-2009-1179. (CVE-2009-0799) Multiple input validation flaws in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file. (CVE-2009-0949) Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file. (CVE-2009-1179) The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data. (CVE-2009-1181) Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file. (CVE-2009-1182) The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file. (CVE-2009-1183) Two integer overflow flaws were found in the CUPS pdftops filter. An attacker could create a malicious PDF file that would cause pdftops to crash or, potentially, execute arbitrary code as the lp user if the file was printed. (CVE-2009-3608, CVE-2009-3609) This update corrects the problems. Update: Packages for 2008.0 are being provided due to extended support for Corporate products. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0163 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0165 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0791 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0949 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.0: 6b17f59f63c062c017c78d459dd2d89a 2008.0/i586/cups-1.3.10-0.1mdv2008.0.i586.rpm 9bc5298d9895c356227fdda3a0ddb2c0 2008.0/i586/cups-common-1.3.10-0.1mdv2008.0.i586.rpm e3583883df8532fc8c496866dac713f8 2008.0/i586/cups-serial-1.3.10-0.1mdv2008.0.i586.rpm fac1fcb839ad53322a447d4d39f769e3 2008.0/i586/libcups2-1.3.10-0.1mdv2008.0.i586.rpm 3d65afc590fb8520d68b2a3e8e1da696 2008.0/i586/libcups2-devel-1.3.10-0.1mdv2008.0.i586.rpm 9e09ed22a2522ee45e93e0edc146193f 2008.0/i586/libpoppler2-0.6-3.5mdv2008.0.i586.rpm 7427b1f56387e84db5a15aad85b424d2 2008.0/i586/libpoppler-devel-0.6-3.5mdv2008.0.i586.rpm 67937a584d365d6b00ef688c88e8d7c5 2008.0/i586/libpoppler-glib2-0.6-3.5mdv2008.0.i586.rpm 410dc85c2c7b71ab316be5607c556682 2008.0/i586/libpoppler-glib-devel-0.6-3.5mdv2008.0.i586.rpm 64d6e14be8d93c7651ce5dc3e2ebc5bf 2008.0/i586/libpoppler-qt2-0.6-3.5mdv2008.0.i586.rpm cc9af7e314b6eaa6a8f946fa2c27f298 2008.0/i586/libpoppler-qt4-2-0.6-3.5mdv2008.0.i586.rpm 0c6d3a6b5211e8506a89144b8c3a3cfb 2008.0/i586/libpoppler-qt4-devel-0.6-3.5mdv2008.0.i586.rpm c985516638ed4d8f792daa13bd506023 2008.0/i586/libpoppler-qt-devel-0.6-3.5mdv2008.0.i586.rpm 8d05619dcef538092696ce70998abd20 2008.0/i586/php-cups-1.3.10-0.1mdv2008.0.i586.rpm 0bae2a3525b796882d2cc87853945e5a 2008.0/i586/poppler-0.6-3.5mdv2008.0.i586.rpm f3b53f5fafa8af4d754a5985e5f93830 2008.0/SRPMS/cups-1.3.10-0.1mdv2008.0.src.rpm 11b021f4e5d21d199728b9a0a37a8230 2008.0/SRPMS/poppler-0.6-3.5mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: 8249475feb3bdc74ea7060944baed6aa 2008.0/x86_64/cups-1.3.10-0.1mdv2008.0.x86_64.rpm 83951504acb783cfdb8ec4fe48d31e1e 2008.0/x86_64/cups-common-1.3.10-0.1mdv2008.0.x86_64.rpm fa8a91e8e3bc8f11c19ab460d1f690fe 2008.0/x86_64/cups-serial-1.3.10-0.1mdv2008.0.x86_64.rpm e061fdbeded2d97bb3ca6b34d33cb384 2008.0/x86_64/lib64cups2-1.3.10-0.1mdv2008.0.x86_64.rpm 893235ea8cf23295ae961ea2de0b9903 2008.0/x86_64/lib64cups2-devel-1.3.10-0.1mdv2008.0.x86_64.rpm 9844640563afdef4a870e2ed12e58136 2008.0/x86_64/lib64poppler2-0.6-3.5mdv2008.0.x86_64.rpm 06ea824a6a2cd9360a9e75a14718192a 2008.0/x86_64/lib64poppler-devel-0.6-3.5mdv2008.0.x86_64.rpm bb0eb04fa906a352e6738d08f116f89b 2008.0/x86_64/lib64poppler-glib2-0.6-3.5mdv2008.0.x86_64.rpm 43d6a85dfdad7e969655ee4e2a377370 2008.0/x86_64/lib64poppler-glib-devel-0.6-3.5mdv2008.0.x86_64.rpm eef29dde4b9e80d4c360e953cbe9110b 2008.0/x86_64/lib64poppler-qt2-0.6-3.5mdv2008.0.x86_64.rpm c74dc9f245091f451441d8b88f0beed3 2008.0/x86_64/lib64poppler-qt4-2-0.6-3.5mdv2008.0.x86_64.rpm 60345458274afc6ff480317fc408ec52 2008.0/x86_64/lib64poppler-qt4-devel-0.6-3.5mdv2008.0.x86_64.rpm 0a880b9c0d655c10f5757882e30911f1 2008.0/x86_64/lib64poppler-qt-devel-0.6-3.5mdv2008.0.x86_64.rpm eb6fde793ac0d7ea86df42aa22637807 2008.0/x86_64/php-cups-1.3.10-0.1mdv2008.0.x86_64.rpm 7f475f07368ed9158008f2891dce2cd6 2008.0/x86_64/poppler-0.6-3.5mdv2008.0.x86_64.rpm f3b53f5fafa8af4d754a5985e5f93830 2008.0/SRPMS/cups-1.3.10-0.1mdv2008.0.src.rpm 11b021f4e5d21d199728b9a0a37a8230 2008.0/SRPMS/poppler-0.6-3.5mdv2008.0.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFLHXsgmqjQ0CJFipgRAu1fAKCINX1H5StX89GjMDWzGrEM1UiHeACeMLSY a3mQtrfvoibfn29OFAfdSn0= =lTbL -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . For the oldstable distribution (etch), this problem has been fixed in version 1.2.7-4+etch8 of cupsys. For the stable distribution (lenny), this problem has been fixed in version 1.3.8-1+lenny6 of cups. For the testing distribution (squeeze), this problem will be fixed soon. For the unstable distribution (sid), this problem will be fixed soon. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - ------------------------------- Debian (oldstable) - ------------------ Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7.orig.tar.gz Size/MD5 checksum: 4214272 c9ba33356e5bb93efbcf77b6e142e498 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8.dsc Size/MD5 checksum: 1094 42b2e4d0d1709d31270cbd0361ded3f4 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8.diff.gz Size/MD5 checksum: 109744 c73260161da939be7517c6ff0c5493cb Architecture independent packages: http://security.debian.org/pool/updates/main/c/cupsys/cupsys-common_1.2.7-4+etch8_all.deb Size/MD5 checksum: 921366 4cec0d4b82b768bd42c801e87831eec9 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.2.7-4+etch8_all.deb Size/MD5 checksum: 46424 bc032e7d1c4520843b540d3bb238d3a3 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_alpha.deb Size/MD5 checksum: 72856 a2c626b3f8dd8e43cecc395c5cf9ef03 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_alpha.deb Size/MD5 checksum: 1614886 8286658ca407d05ecc87ea4cd2dc870a http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_alpha.deb Size/MD5 checksum: 183730 f2c644de893bf0ca28868cfecefca04d http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_alpha.deb Size/MD5 checksum: 85916 7233e6ec6bb857653d2829cd80012d41 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_alpha.deb Size/MD5 checksum: 1093518 e6544fc0edd973d09a1e00652991845b http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_alpha.deb Size/MD5 checksum: 96030 23aca27ae72c081612fb247cfd9e33da http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_alpha.deb Size/MD5 checksum: 39332 a931e92b73c1004f4c8ed110c01ac728 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_alpha.deb Size/MD5 checksum: 175552 8bb48e7fdb170d74a14e65aecee3b230 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_amd64.deb Size/MD5 checksum: 1087540 1e71685c6620845318d49cf1fcf5feb0 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_amd64.deb Size/MD5 checksum: 87128 281a245270d6c2dcd7f0e1a6fc7d0b12 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_amd64.deb Size/MD5 checksum: 37572 c0491559f8465d610a0577cc23f00de5 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_amd64.deb Size/MD5 checksum: 162892 42d1cf5ceaa5ed7a95f16b869e6df97f http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_amd64.deb Size/MD5 checksum: 80862 511e522206e17f759cd7c56e934f08bd http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_amd64.deb Size/MD5 checksum: 1572040 e2582ab015e6e3a3858b713d6f159a34 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_amd64.deb Size/MD5 checksum: 53056 d4c82327123ddc2c0e48c804634603ae http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_amd64.deb Size/MD5 checksum: 142418 d9314cb33230b9c6dbe571671b14adda arm architecture (ARM) http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_arm.deb Size/MD5 checksum: 1023048 8b559f55ae312c59e22a113fd6928c5f http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_arm.deb Size/MD5 checksum: 36758 cb2e80f86795f10af3fc100aa4506def http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_arm.deb Size/MD5 checksum: 1567912 776f4974949a31b3facd38b302b8097a http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_arm.deb Size/MD5 checksum: 78698 6122e3902076dd2c3247dd4b5a56a660 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_arm.deb Size/MD5 checksum: 48958 92730848f69e8540412fdf8bdfb96c1f http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_arm.deb Size/MD5 checksum: 85496 230c5b107dff69eca6f8d6241277a95f http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_arm.deb Size/MD5 checksum: 154962 8803b8b5ac7a11e3a2cf5a40f389d049 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_arm.deb Size/MD5 checksum: 131674 22e1a6767fc65ac920a5ce245743f9fd hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_hppa.deb Size/MD5 checksum: 154688 26ee139a8daabd621479d73ac2d04a16 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_hppa.deb Size/MD5 checksum: 1628398 beed29d0d6a15e33a83206acf3380cce http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_hppa.deb Size/MD5 checksum: 57246 07d89a1799a8b8daf3fb13f8c0b155d3 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_hppa.deb Size/MD5 checksum: 86802 f4e4a831a178e7e9df1f66a3af3633fb http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_hppa.deb Size/MD5 checksum: 172252 78031fa93b94ba44187e0986e82d6201 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_hppa.deb Size/MD5 checksum: 40370 b203925426b9411027184af8af2f73d6 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_hppa.deb Size/MD5 checksum: 1037196 85cd25d326e4535a9a18921e1016788d http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_hppa.deb Size/MD5 checksum: 91586 1ef7a9dd2be035a8504bd124e1da385d i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_i386.deb Size/MD5 checksum: 137728 7f9d176b0cb1e5976ea06e58526a60f4 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_i386.deb Size/MD5 checksum: 87336 3b3b4ffad78f35ffc5e05941bdfc15bd http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_i386.deb Size/MD5 checksum: 37416 3513b7cef1c51a35efd9ffd3c294e14d http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_i386.deb Size/MD5 checksum: 1000830 28dedcb611ed0538308122b860ba58c8 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_i386.deb Size/MD5 checksum: 53206 d0ae9184a84597d989b69fe7e25bc470 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_i386.deb Size/MD5 checksum: 1560356 5a8dc9c147a9d5c82224478f64731f0f http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_i386.deb Size/MD5 checksum: 79744 40326a8b68de9dbe6987e39fe95a13f8 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_i386.deb Size/MD5 checksum: 160956 da17f9d144495fde4e4c8bbad95560e8 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_ia64.deb Size/MD5 checksum: 106218 609f68aa16bfd657583e8be99a2ad0c1 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_ia64.deb Size/MD5 checksum: 74386 f0259501885d635d40aab9308a1bfbf3 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_ia64.deb Size/MD5 checksum: 192362 9009b4a91e64ab0a1c325bcaec97c2e0 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_ia64.deb Size/MD5 checksum: 1108908 1db7bb18903f47d5de29482709e3ff78 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_ia64.deb Size/MD5 checksum: 1771178 f104a7cc65ef288cd7758bb2175709a0 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_ia64.deb Size/MD5 checksum: 204522 8628cbc5cf2b22ed1d4eaeda2d7b4a60 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_ia64.deb Size/MD5 checksum: 46334 726f90dd146cd9d2d6ad964c0e718585 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_ia64.deb Size/MD5 checksum: 107424 c3c93da377fee4bf48f57778b305d5db mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_mips.deb Size/MD5 checksum: 1098528 5a9e021f7509cbde95ef66da819c3228 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_mips.deb Size/MD5 checksum: 150986 db510250f4f5aac631a743f04dc8054d http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_mips.deb Size/MD5 checksum: 36124 d8663fcdd8acb88018af29a3af61c9f6 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_mips.deb Size/MD5 checksum: 158310 776e9b5f14047779211e1262ae9f62d0 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_mips.deb Size/MD5 checksum: 76166 26a80a28871b162d72c2469a18ce6966 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_mips.deb Size/MD5 checksum: 87110 f71b2aa6af126f5ae434e1381126fc34 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_mips.deb Size/MD5 checksum: 1568290 ad4192ffb0d477ae964f6c3b039e52ac http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_mips.deb Size/MD5 checksum: 57678 da4e6ba9b1a61ad4bdc6a8e8d682fc61 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_mipsel.deb Size/MD5 checksum: 87254 e2917b072751a45afba30498006b71c3 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_mipsel.deb Size/MD5 checksum: 150894 09067f14c0938ef6dbeb500256dd42f9 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_mipsel.deb Size/MD5 checksum: 1553678 c4168376ca4d74744e24be76ec159067 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_mipsel.deb Size/MD5 checksum: 158842 f6d3053079e08de8e617272fd4a8489d http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_mipsel.deb Size/MD5 checksum: 1086490 e82ba4868d85ad36861a8aff82f6f72a http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_mipsel.deb Size/MD5 checksum: 36070 c67551d542db6a7b5081b8f0e1bdf30e http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_mipsel.deb Size/MD5 checksum: 57804 fa0c855349bfa38f31c82e83374ccdab http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_mipsel.deb Size/MD5 checksum: 77446 936b8d1173c259822d9e5ae3e82eb357 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_powerpc.deb Size/MD5 checksum: 41342 f5d1131ddc30cb780322237c47411177 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_powerpc.deb Size/MD5 checksum: 1147440 23944aceda9e865a4aab581509bb4058 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_powerpc.deb Size/MD5 checksum: 89404 9a0198042c3eb4ef053f720d20706c34 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_powerpc.deb Size/MD5 checksum: 163446 75275152a9b69f479d4b0c6ae8fb3fa0 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_powerpc.deb Size/MD5 checksum: 1582758 4544b9bc4aaf231fe604449311f118b9 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_powerpc.deb Size/MD5 checksum: 89574 942740b75d722b0fcbf284bc05035e48 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_powerpc.deb Size/MD5 checksum: 136242 5ef0278b80c263897d8942f9bc03631e http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_powerpc.deb Size/MD5 checksum: 51926 a35183dcb7bc3a0490b2ee1d8ed5ab3d s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_s390.deb Size/MD5 checksum: 82334 745d2f27c678f02ad011fa15f1731560 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_s390.deb Size/MD5 checksum: 1587692 d3c2245878121c7c16752f2b9949d0dc http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_s390.deb Size/MD5 checksum: 166998 64e5615906a50a2c19ee5359a521a9f6 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_s390.deb Size/MD5 checksum: 52522 199020914a0d52a771d112c6b2823de8 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_s390.deb Size/MD5 checksum: 1037546 89b9f600cc2a513678446a2a2fcb5b81 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_s390.deb Size/MD5 checksum: 88194 b376557a4f613fb65f46cbfae42050bf http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_s390.deb Size/MD5 checksum: 144934 da63d5b24df68891c2806f0f514911e6 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_s390.deb Size/MD5 checksum: 37422 3b0a8733a1ef7bf6fae8f00bb306bceb sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_sparc.deb Size/MD5 checksum: 78608 fb366ff39679d91c983deb2022ec0f0c http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_sparc.deb Size/MD5 checksum: 159716 eb0065adeacdf8a7f23098195a515e03 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_sparc.deb Size/MD5 checksum: 86066 5c0f9c078202fbf4c2f9c7cae3c89057 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_sparc.deb Size/MD5 checksum: 1578044 a94273670520f2db0fd4767ecb93cc4c http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_sparc.deb Size/MD5 checksum: 36060 b54d8ba11e9f8fd155e0b29f1609ebcd http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_sparc.deb Size/MD5 checksum: 51832 cb3bf2ee0f2d4661cd8198f8da780d00 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_sparc.deb Size/MD5 checksum: 996840 5609f09834fb8eecc031ad52bb1ba550 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_sparc.deb Size/MD5 checksum: 138744 5e701d9b2c7941e857c143e7289c3a20 Debian GNU/Linux 5.0 alias lenny - -------------------------------- Debian (stable) - --------------- Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6.diff.gz Size/MD5 checksum: 185068 01548b71a9c9f8f3cd4c4e38be162e0c http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6.dsc Size/MD5 checksum: 1837 74c7cc9607928673ef30937fa74d154c http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8.orig.tar.gz Size/MD5 checksum: 4796827 10efe9825c1a1dcd325be47a6cc21faf Architecture independent packages: http://security.debian.org/pool/updates/main/c/cups/cupsys_1.3.8-1+lenny6_all.deb Size/MD5 checksum: 52146 7e655df3208e7b1c14e963e62d2a1f9e http://security.debian.org/pool/updates/main/c/cups/libcupsys2-dev_1.3.8-1+lenny6_all.deb Size/MD5 checksum: 52174 ca30676d4f14b19d69f07948ec920645 http://security.debian.org/pool/updates/main/c/cups/cupsys-client_1.3.8-1+lenny6_all.deb Size/MD5 checksum: 52172 0745ebb9d35b06b2baed0946c9c4cdf4 http://security.debian.org/pool/updates/main/c/cups/cupsys-dbg_1.3.8-1+lenny6_all.deb Size/MD5 checksum: 52162 39dda2a8979e6d53d369a850a7287f98 http://security.debian.org/pool/updates/main/c/cups/cupsys-bsd_1.3.8-1+lenny6_all.deb Size/MD5 checksum: 52162 185cdcccb15621495bb4dd922824fb27 http://security.debian.org/pool/updates/main/c/cups/cupsys-common_1.3.8-1+lenny6_all.deb Size/MD5 checksum: 52162 7cfc925b6070373cb03f50e28ffcb5eb http://security.debian.org/pool/updates/main/c/cups/cups-common_1.3.8-1+lenny6_all.deb Size/MD5 checksum: 1180808 ab548a8679a470d91055cb14a524f019 http://security.debian.org/pool/updates/main/c/cups/libcupsys2_1.3.8-1+lenny6_all.deb Size/MD5 checksum: 52166 808680daaacf24e6969a46b5821c05b4 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_alpha.deb Size/MD5 checksum: 37990 1d176c775ae611d5de6fc28debeac312 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_alpha.deb Size/MD5 checksum: 108462 bee5be572e1c162c31a2f2cb6fccd95b http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_alpha.deb Size/MD5 checksum: 118450 c6848af4b97d419426046f53c0a10c8b http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_alpha.deb Size/MD5 checksum: 445916 a291be3dfa900c17126ce9796d71db2a http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_alpha.deb Size/MD5 checksum: 2099172 fabc17ee844d661b518a4c35321c5128 http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_alpha.deb Size/MD5 checksum: 1142836 46addc9aade19f27e42b443768023f94 http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_alpha.deb Size/MD5 checksum: 179128 0c7440b785436020854b72114e9e7686 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_alpha.deb Size/MD5 checksum: 81496 5235f6c116886ee493467ff1e52dff9f amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_amd64.deb Size/MD5 checksum: 168874 34599b5781a04df793603da238d30224 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_amd64.deb Size/MD5 checksum: 61012 fcd44c54190e1f2212335b0f971b2241 http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_amd64.deb Size/MD5 checksum: 1197270 584dbf166833f9f50a43137f1e2c04f7 http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_amd64.deb Size/MD5 checksum: 2070558 64782a03e7391d3b983fe918b6d416a6 http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_amd64.deb Size/MD5 checksum: 116780 317905cae4f2ba4acbdb62cc46b87e2a http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_amd64.deb Size/MD5 checksum: 401290 bdd244d1e6559d959eb803f8bd6abbf2 http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_amd64.deb Size/MD5 checksum: 37236 b3642bfa15ff0fe3c6d983e031275da6 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_amd64.deb Size/MD5 checksum: 99702 17dbaea17495777f8ba8a2996acc3725 arm architecture (ARM) http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_arm.deb Size/MD5 checksum: 387466 6ac7763fc0ade8a3703104cdd3c3357a http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_arm.deb Size/MD5 checksum: 97190 e274997fb4e49c281c21549b1120efb2 http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_arm.deb Size/MD5 checksum: 113164 eaa19c4d0964cd38613ab2c58f07ce26 http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_arm.deb Size/MD5 checksum: 2059026 ee1367a147b8c07bae9c87ccc87c4998 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_arm.deb Size/MD5 checksum: 55342 c57db0444dc9193f0ab35e1a934400ec http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_arm.deb Size/MD5 checksum: 155270 5f0300fb74cb89f6b9b7bb45537f4aec http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_arm.deb Size/MD5 checksum: 1123418 df0367cba01ba9919f409b022dbe7c1b http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_arm.deb Size/MD5 checksum: 36484 7294561d854c324dc268c8fb0d616a2a armel architecture (ARM EABI) http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_armel.deb Size/MD5 checksum: 1128236 5fb35a72133c870e444fe0b1250db6b2 http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_armel.deb Size/MD5 checksum: 38752 777da1a892c9d354f5e1ae2575b97d47 http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_armel.deb Size/MD5 checksum: 2075760 a850581323f50e10ded793a321763a39 http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_armel.deb Size/MD5 checksum: 387318 64dc6d3b023d3de8a9ad99c244555008 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_armel.deb Size/MD5 checksum: 98356 96861930db8e85257fa250312839d177 http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_armel.deb Size/MD5 checksum: 119314 7a4acbab9f1600e266780b8e4edc8161 http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_armel.deb Size/MD5 checksum: 156808 a67d3ee08ed7bbcee2d90e45b4c5d9fc http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_armel.deb Size/MD5 checksum: 54730 26bc079114200f249ee55182577d978b hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_hppa.deb Size/MD5 checksum: 102958 61cca5c9fe91de9823fe3b141df6cbfd http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_hppa.deb Size/MD5 checksum: 2118150 9a34c8fcfda89744ff1ed5cb57fdeae1 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_hppa.deb Size/MD5 checksum: 63136 dcc115ea567651075e3b7fbf73477f2c http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_hppa.deb Size/MD5 checksum: 406484 36b77c3f6c05df1f44b9a971b2fd3bc8 http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_hppa.deb Size/MD5 checksum: 121714 30743045e4927713923ab1f3bb9e6360 http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_hppa.deb Size/MD5 checksum: 1141670 a1d27d8aec34d3e1cefd8af9d680fdce http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_hppa.deb Size/MD5 checksum: 172628 bc5c1f4a039c3fb8dbfdd0dc36aa2f56 http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_hppa.deb Size/MD5 checksum: 39974 b00448f41ec531188e029bc7173f5271 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_i386.deb Size/MD5 checksum: 99256 289e9977f36773c117b6fcc6580b464f http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_i386.deb Size/MD5 checksum: 1096046 28adf6b61f8bff81e19ee5b7fc464aac http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_i386.deb Size/MD5 checksum: 60422 d4646115f417b7d56b1665283e914b42 http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_i386.deb Size/MD5 checksum: 115956 4db026d788ab7bcb923847491f46b8ca http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_i386.deb Size/MD5 checksum: 2051272 6b1ce4707c65c46af6ae766ce9b50e99 http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_i386.deb Size/MD5 checksum: 165348 ffd04ab3b875fef36b26fe3dd1106996 http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_i386.deb Size/MD5 checksum: 393998 080d022507d07a4713b3f95acb7c22f6 http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_i386.deb Size/MD5 checksum: 38022 7990b6a4a8d217fe07e7e1bd0f9108ff ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_ia64.deb Size/MD5 checksum: 2281420 2adc4c08d3bc24c8d70acac31ca8421a http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_ia64.deb Size/MD5 checksum: 123434 e3c1cbbd801a0ddd985e3b27c021b9d8 http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_ia64.deb Size/MD5 checksum: 209034 5bfbe9000e4f1cafdbc66a6a94c20e7b http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_ia64.deb Size/MD5 checksum: 1149350 7f6b259e7f4ecc70accf51236efb3a5a http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_ia64.deb Size/MD5 checksum: 41278 1cee7bf398c2e2c7e4189f005cbb3444 http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_ia64.deb Size/MD5 checksum: 139124 8ff9597b3e2cd534614a66531a5db361 http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_ia64.deb Size/MD5 checksum: 447412 b59175ffef15d9b2e618b85ce6f8cff2 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_ia64.deb Size/MD5 checksum: 86018 e5badf6982128286853fc360fc77a4d3 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_mips.deb Size/MD5 checksum: 157842 c3652835b110a94fc5a5f9d20230e443 http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_mips.deb Size/MD5 checksum: 2047282 ce608c3fa6d89e7d7ff3e313f88fbef2 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_mips.deb Size/MD5 checksum: 98662 ddbba9bea120f9b7740adc8ceb45c3dc http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_mips.deb Size/MD5 checksum: 108508 0a5b6ba27061cfa40e45cfc514d3ba0d http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_mips.deb Size/MD5 checksum: 36010 a786245e49b8cabcaad41a5e92a5c884 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_mips.deb Size/MD5 checksum: 65290 155e5959fac035fc8307800061913d35 http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_mips.deb Size/MD5 checksum: 1170866 11910e0f1ccbb2f3ba151cbfe8186696 http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_mips.deb Size/MD5 checksum: 405510 4f848ff0dd8f2b08f3fa3bb220a6f75c mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_mipsel.deb Size/MD5 checksum: 158274 8c3b143ee488c17cf00cf7599bee331c http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_mipsel.deb Size/MD5 checksum: 98792 74a91f31a602f6f2a0c04b4e72723b86 http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_mipsel.deb Size/MD5 checksum: 1156060 f3be7e74bd904dfdecc086bc6ee16bf5 http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_mipsel.deb Size/MD5 checksum: 403142 42cf44870e91355bb7a465dce52605ae http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_mipsel.deb Size/MD5 checksum: 36142 daa9ed0b87002a002bece0890b1a6e12 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_mipsel.deb Size/MD5 checksum: 65216 a1c8b686980e932f19a789430a4eafaa http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_mipsel.deb Size/MD5 checksum: 2028136 a67cf50db9734a8175936ff5e2d45d5d http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_mipsel.deb Size/MD5 checksum: 109968 23ff5d8a36aecd545c5cf210bc3873d5 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_powerpc.deb Size/MD5 checksum: 394114 5309447c955f4decbe93f50802ed1805 http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_powerpc.deb Size/MD5 checksum: 1188662 f8438353bab0a00502a1687042c54961 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_powerpc.deb Size/MD5 checksum: 61144 ac80e1cd5cc0661c10693d360e32c11d http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_powerpc.deb Size/MD5 checksum: 174232 5938321743bda64571c6d0797f84dca1 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_powerpc.deb Size/MD5 checksum: 104730 d5f60c53825c532dca34cb21f1c1d2fb http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_powerpc.deb Size/MD5 checksum: 44212 d0b547b8cf87254ce65874df057468db http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_powerpc.deb Size/MD5 checksum: 136102 34f3fbb1bf5519277c20944b3d118a6c http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_powerpc.deb Size/MD5 checksum: 2122006 f0e6902972831c2490b6f6bcbecd1ba0 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_s390.deb Size/MD5 checksum: 101502 e48e528e2b3ee8140dcce180aae0feb8 http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_s390.deb Size/MD5 checksum: 37818 7f26d32ff01aa1088e424a16439d0990 http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_s390.deb Size/MD5 checksum: 171544 131841fd12d9331c312f8a28718fe8a1 http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_s390.deb Size/MD5 checksum: 399662 f80688352e705e1293d64bb211dcd568 http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_s390.deb Size/MD5 checksum: 2090700 7d406321bb349547bdbe43123fb770f3 http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_s390.deb Size/MD5 checksum: 118588 64d6969a96a76de52a7296c745116a48 http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_s390.deb Size/MD5 checksum: 1188192 365ee760b0b9b8dd869dd11f1f4c42f9 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_s390.deb Size/MD5 checksum: 60716 634f2ba3cc0eb22c59252f15a1582770 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_sparc.deb Size/MD5 checksum: 390982 1235ace473b594360267daef5663c1b3 http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_sparc.deb Size/MD5 checksum: 116666 3c08364f33b2594c4f8be8c0bfce7333 http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_sparc.deb Size/MD5 checksum: 1051168 056faed5a5baf927d91b21b4fe624812 http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_sparc.deb Size/MD5 checksum: 38374 6401223175cfcf9082f3fac43a4f9d42 http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_sparc.deb Size/MD5 checksum: 2069062 4041871842ca0f29408c95c39f9cbb68 http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_sparc.deb Size/MD5 checksum: 160772 6a682010c72d5d78f4a6efcfb3ed5955 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_sparc.deb Size/MD5 checksum: 57762 478e92cd02d8acb20a600d4ca61aba39 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_sparc.deb Size/MD5 checksum: 96996 37446d6e2f9dbf94122db96d1df00b9f These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkolko8ACgkQHYflSXNkfP+rjwCfWDGEVO8HeUkO9sF09pz0Nvwn 4GMAn3rgCfJK2rFC5dZyvIzTiyo6CiUb =6yYH -----END PGP SIGNATURE-----
VAR-200906-0279 CVE-2009-1717 Apple Mac OS X of Terminal Integer overflow vulnerability CVSS V2: 6.8
CVSS V3: -
Severity: MEDIUM
Integer overflow in Terminal in Apple Mac OS X 10.5 before 10.5.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted size value in a CSI[4 xterm resize escape sequence that triggers a heap-based buffer overflow. Apple Mac OS X is prone to an integer-overflow vulnerability affecting the Terminal application. An attacker can exploit this issue to execute arbitrary code in the context of the user running the vulnerable application. An attacker can exploit this vulnerability by tricking a user into using Terminal to connect to a remote system (such as opening a telnet: URL), causing a denial of service or executing arbitrary commands. For further product information on the TippingPoint IPS, visit: http://www.tippingpoint.com -- Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Terminal. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of 'CSI[4' xterm window resizing escape code. When a very low negative value for (x, y) size is set, an integer overflow occurs resulting in a memory corruption. -- Vendor Response: Apple has issued an update to correct this vulnerability. More details can be found at: http://support.apple.com/kb/HT3549 -- Disclosure Timeline: 2009-05-06 - Vulnerability reported to vendor 2009-06-02 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * James King, TippingPoint DVLabs
VAR-200906-0598 CVE-2009-1385 Linux kernel of e1000_clean_rx_irq Integer underflow vulnerability in functions CVSS V2: 7.8
CVSS V3: -
Severity: HIGH
Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka e1000) before 7.5.5 allows remote attackers to cause a denial of service (panic) via a crafted frame size. (DoS) There is a vulnerability that becomes a condition.Denial of service due to crafted frame size (DoS) There is a possibility of being put into a state. The Linux kernel is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue via crafted packets to cause a kernel panic, denying service to legitimate users. The NFSv4 implementation is one of the distributed file system protocols. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ----------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2009-0016 Synopsis: VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components Issue date: 2009-11-20 Updated on: 2009-11-20 (initial release of advisory) CVE numbers: --- JRE --- CVE-2009-1093 CVE-2009-1094 CVE-2009-1095 CVE-2009-1096 CVE-2009-1097 CVE-2009-1098 CVE-2009-1099 CVE-2009-1100 CVE-2009-1101 CVE-2009-1102 CVE-2009-1103 CVE-2009-1104 CVE-2009-1105 CVE-2009-1106 CVE-2009-1107 CVE-2009-2625 CVE-2009-2670 CVE-2009-2671 CVE-2009-2672 CVE-2009-2673 CVE-2009-2675 CVE-2009-2676 CVE-2009-2716 CVE-2009-2718 CVE-2009-2719 CVE-2009-2720 CVE-2009-2721 CVE-2009-2722 CVE-2009-2723 CVE-2009-2724 --- Tomcat --- CVE-2008-5515 CVE-2009-0033 CVE-2009-0580 CVE-2009-0781 CVE-2009-0783 CVE-2008-1232 CVE-2008-1947 CVE-2008-2370 CVE-2007-5333 CVE-2007-5342 CVE-2007-5461 CVE-2007-6286 CVE-2008-0002 --- ntp --- CVE-2009-1252 CVE-2009-0159 --- kernel --- CVE-2008-3528 CVE-2008-5700 CVE-2009-0028 CVE-2009-0269 CVE-2009-0322 CVE-2009-0675 CVE-2009-0676 CVE-2009-0778 CVE-2008-4307 CVE-2009-0834 CVE-2009-1337 CVE-2009-0787 CVE-2009-1336 CVE-2009-1439 CVE-2009-1633 CVE-2009-1072 CVE-2009-1630 CVE-2009-1192 CVE-2007-5966 CVE-2009-1385 CVE-2009-1388 CVE-2009-1389 CVE-2009-1895 CVE-2009-2406 CVE-2009-2407 CVE-2009-2692 CVE-2009-2698 CVE-2009-0745 CVE-2009-0746 CVE-2009-0747 CVE-2009-0748 CVE-2009-2847 CVE-2009-2848 --- python --- CVE-2007-2052 CVE-2007-4965 CVE-2008-1721 CVE-2008-1887 CVE-2008-2315 CVE-2008-3142 CVE-2008-3143 CVE-2008-3144 CVE-2008-4864 CVE-2008-5031 --- bind --- CVE-2009-0696 --- libxml and libxml2 --- CVE-2009-2414 CVE-2009-2416 --- curl -- CVE-2009-2417 --- gnutil --- CVE-2007-2052 - ----------------------------------------------------------------------- 1. Summary Updated Java JRE packages and Tomcat packages address several security issues. Updates for the ESX Service Console and vMA include kernel, ntp, Python, bind libxml, libxml2, curl and gnutil packages. ntp is also updated for ESXi userworlds. 2. Relevant releases vCenter Server 4.0 before Update 1 ESXi 4.0 without patch ESXi400-200911201-UG ESX 4.0 without patches ESX400-200911201-UG, ESX400-200911223-UG, ESX400-200911232-SG, ESX400-200911233-SG, ESX400-200911234-SG, ESX400-200911235-SG, ESX400-200911237-SG, ESX400-200911238-SG vMA 4.0 before patch 02 3. Problem Description a. JRE Security Update JRE update to version 1.5.0_20, which addresses multiple security issues that existed in earlier releases of JRE. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in JRE 1.5.0_18: CVE-2009-1093, CVE-2009-1094, CVE-2009-1095, CVE-2009-1096, CVE-2009-1097, CVE-2009-1098, CVE-2009-1099, CVE-2009-1100, CVE-2009-1101, CVE-2009-1102, CVE-2009-1103, CVE-2009-1104, CVE-2009-1105, CVE-2009-1106, and CVE-2009-1107. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in JRE 1.5.0_20: CVE-2009-2625, CVE-2009-2670, CVE-2009-2671, CVE-2009-2672, CVE-2009-2673, CVE-2009-2675, CVE-2009-2676, CVE-2009-2716, CVE-2009-2718, CVE-2009-2719, CVE-2009-2720, CVE-2009-2721, CVE-2009-2722, CVE-2009-2723, CVE-2009-2724. The following table lists what action remediates the vulnerability (column 4) if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter 4.0 Windows Update 1 VirtualCenter 2.5 Windows affected, patch pending VirtualCenter 2.0.2 Windows affected, patch pending Workstation any any not affected Player any any not affected Server 2.0 any affected, patch pending Server 1.0 any not affected ACE any any not affected Fusion any any not affected ESXi any ESXi not affected ESX 4.0 ESX ESX400-200911223-UG ESX 3.5 ESX affected, patch pending ESX 3.0.3 ESX affected, patch pending ESX 2.5.5 ESX not affected vMA 4.0 RHEL5 Patch 2 * * vMA JRE is updated to version JRE 1.5.0_21 Notes: These vulnerabilities can be exploited remotely only if the attacker has access to the Service Console network. Security best practices provided by VMware recommend that the Service Console be isolated from the VM network. Please see http://www.vmware.com/resources/techresources/726 for more information on VMware security best practices. The currently installed version of JRE depends on your patch deployment history. b. Update Apache Tomcat version to 6.0.20 Update for VirtualCenter and ESX patch update the Tomcat package to version 6.0.20 which addresses multiple security issues that existed in the previous version of Apache Tomcat. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Apache Tomcat 6.0.20: CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781, CVE-2009-0783. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Apache Tomcat 6.0.18: CVE-2008-1232, CVE-2008-1947, CVE-2008-2370. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Apache Tomcat 6.0.16: CVE-2007-5333, CVE-2007-5342, CVE-2007-5461, CVE-2007-6286, CVE-2008-0002. The following table lists what action remediates the vulnerability (column 4) if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ======== ======== ======= ======================= vCenter 4.0 Windows Update 1 VirtualCenter 2.5 Windows affected, patch pending VirtualCenter 2.0.2 Windows affected, patch pending Workstation any any not affected Player any any not affected ACE any Windows not affected Server 2.x any affected, patch pending Server 1.x any not affected Fusion any Mac OS/X not affected ESXi any ESXi not affected ESX 4.0 ESX ESX400-200911223-UG ESX 3.5 ESX affected, patch pending ESX 3.0.3 ESX affected, patch pending ESX 2.5.5 ESX not affected vMA 4.0 RHEL5 not affected Notes: These vulnerabilities can be exploited remotely only if the attacker has access to the Service Console network. Security best practices provided by VMware recommend that the Service Console be isolated from the VM network. Please see http://www.vmware.com/resources/techresources/726 for more information on VMware security best practices. The currently installed version of Tomcat depends on your patch deployment history. c. Third party library update for ntp. The Network Time Protocol (NTP) is used to synchronize a computer's time with a referenced time source. ESXi 3.5 and ESXi 4.0 have a ntp client that is affected by the following security issue. Note that the same security issue is present in the ESX Service Console as described in section d. of this advisory. A buffer overflow flaw was discovered in the ntpd daemon's NTPv4 authentication code. If ntpd was configured to use public key cryptography for NTP packet authentication, a remote attacker could use this flaw to send a specially-crafted request packet that could crash ntpd or, potentially, execute arbitrary code with the privileges of the "ntp" user. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-1252 to this issue. The NTP security issue identified by CVE-2009-0159 is not relevant for ESXi 3.5 and ESXi 4.0. The following table lists what action remediates the vulnerability in this component (column 4) if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter any Windows not affected hosted * any any not affected ESXi 4.0 ESXi ESXi400-200911201-UG ESXi 3.5 ESXi affected, patch pending ESX 4.0 ESX not affected ESX 3.5 ESX not affected ESX 3.0.3 ESX not affected ESX 2.5.5 ESX not affected vMA 4.0 RHEL5 not affected * hosted products are VMware Workstation, Player, ACE, Server, Fusion. d. Service Console update for ntp Service Console package ntp updated to version ntp-4.2.2pl-9.el5_3.2 The Network Time Protocol (NTP) is used to synchronize a computer's time with a referenced time source. The Service Console present in ESX is affected by the following security issues. A buffer overflow flaw was discovered in the ntpd daemon's NTPv4 authentication code. If ntpd was configured to use public key cryptography for NTP packet authentication, a remote attacker could use this flaw to send a specially-crafted request packet that could crash ntpd or, potentially, execute arbitrary code with the privileges of the "ntp" user. NTP authentication is not enabled by default on the Service Console. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-1252 to this issue. A buffer overflow flaw was found in the ntpq diagnostic command. A malicious, remote server could send a specially-crafted reply to an ntpq request that could crash ntpq or, potentially, execute arbitrary code with the privileges of the user running the ntpq command. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-0159 to this issue. The following table lists what action remediates the vulnerability in the Service Console (column 4) if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter any Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX 4.0 ESX ESX400-200911238-SG ESX 3.5 ESX affected, patch pending ** ESX 3.0.3 ESX affected, patch pending ** ESX 2.5.5 ESX affected, patch pending ** vMA 4.0 RHEL5 Patch 2 * hosted products are VMware Workstation, Player, ACE, Server, Fusion. ** The service consoles of ESX 2.5.5, ESX 3.0.3 and ESX 3.5 are not affected by CVE-2009-1252. The security issue identified by CVE-2009-0159 has a low impact on the service console of ESX 2.5.5, ESX 3.0.3 and ESX 3.5. e. Updated Service Console package kernel Updated Service Console package kernel addresses the security issues below. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-3528, CVE-2008-5700, CVE-2009-0028, CVE-2009-0269, CVE-2009-0322, CVE-2009-0675, CVE-2009-0676, CVE-2009-0778 to the security issues fixed in kernel 2.6.18-128.1.6. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-4307, CVE-2009-0834, CVE-2009-1337, CVE-2009-0787, CVE-2009-1336 to the security issues fixed in kernel 2.6.18-128.1.10. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2009-1439, CVE-2009-1633, CVE-2009-1072, CVE-2009-1630, CVE-2009-1192 to the security issues fixed in kernel 2.6.18-128.1.14. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2007-5966, CVE-2009-1385, CVE-2009-1388, CVE-2009-1389, CVE-2009-1895, CVE-2009-2406, CVE-2009-2407 to the security issues fixed in kernel 2.6.18-128.4.1. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2009-2692, CVE-2009-2698 to the security issues fixed in kernel 2.6.18-128.7.1. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2009-0745, CVE-2009-0746, CVE-2009-0747, CVE-2009-0748, CVE-2009-2847, CVE-2009-2848 to the security issues fixed in kernel 2.6.18-164. The following table lists what action remediates the vulnerability (column 4) if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter any Windows not applicable hosted * any any not applicable ESXi any ESXi not applicable ESX 4.0 ESX ESX400-200911201-UG ESX 3.5 ESX not applicable ESX 3.0.3 ESX not applicable ESX 2.5.5 ESX not applicable vMA 4.0 RHEL5 Patch 2 ** * hosted products are VMware Workstation, Player, ACE, Server, Fusion. ** vMA is updated to kernel version 2.6.18-164. f. Updated Service Console package python Service Console package Python update to version 2.4.3-24.el5. When the assert() system call was disabled, an input sanitization flaw was revealed in the Python string object implementation that led to a buffer overflow. The missing check for negative size values meant the Python memory allocator could allocate less memory than expected. This could result in arbitrary code execution with the Python interpreter's privileges. Multiple buffer and integer overflow flaws were found in the Python Unicode string processing and in the Python Unicode and string object implementations. An attacker could use these flaws to cause a denial of service. Multiple integer overflow flaws were found in the Python imageop module. If a Python application used the imageop module to process untrusted images, it could cause the application to disclose sensitive information, crash or, potentially, execute arbitrary code with the Python interpreter's privileges. Multiple integer underflow and overflow flaws were found in the Python snprintf() wrapper implementation. An attacker could use these flaws to cause a denial of service (memory corruption). Multiple integer overflow flaws were found in various Python modules. An attacker could use these flaws to cause a denial of service. An integer signedness error, leading to a buffer overflow, was found in the Python zlib extension module. If a Python application requested the negative byte count be flushed for a decompression stream, it could cause the application to crash or, potentially, execute arbitrary code with the Python interpreter's privileges. A flaw was discovered in the strxfrm() function of the Python locale module. Strings generated by this function were not properly NULL-terminated, which could possibly cause disclosure of data stored in the memory of a Python application using this function. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2007-2052 CVE-2007-4965 CVE-2008-1721 CVE-2008-1887 CVE-2008-2315 CVE-2008-3142 CVE-2008-3143 CVE-2008-3144 CVE-2008-4864 CVE-2008-5031 to these issues. The following table lists what action remediates the vulnerability (column 4) if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter any Windows not applicable hosted * any any not applicable ESXi any ESXi not applicable ESX 4.0 ESX ESX400-200911235-SG ESX 3.5 ESX affected, patch pending ESX 3.0.3 ESX affected, patch pending ESX 2.5.5 ESX affected, patch pending vMA 4.0 RHEL5 Patch 2 * hosted products are VMware Workstation, Player, ACE, Server, Fusion. g. Updated Service Console package bind Service Console package bind updated to version 9.3.6-4.P1.el5 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handles dynamic update message packets containing the "ANY" record type. A remote attacker could use this flaw to send a specially-crafted dynamic update packet that could cause named to exit with an assertion failure. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2009-0696 to this issue. The following table lists what action remediates the vulnerability (column 4) if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter any Windows not applicable hosted * any any not applicable ESXi any ESXi not applicable ESX 4.0 ESX ESX400-200911237-SG ESX 3.5 ESX affected, patch pending ESX 3.0.3 ESX affected, patch pending ESX 2.5.5 ESX affected, patch pending vMA 4.0 RHEL5 Patch 2 * hosted products are VMware Workstation, Player, ACE, Server, Fusion. h. Updated Service Console package libxml2 Service Console package libxml2 updated to version 2.6.26-2.1.2.8. libxml is a library for parsing and manipulating XML files. A Document Type Definition (DTD) defines the legal syntax (and also which elements can be used) for certain types of files, such as XML files. A stack overflow flaw was found in the way libxml processes the root XML document element definition in a DTD. A remote attacker could provide a specially-crafted XML file, which once opened by a local, unsuspecting user, would lead to denial of service. Multiple use-after-free flaws were found in the way libxml parses the Notation and Enumeration attribute types. A remote attacker could provide a specially-crafted XML file, which once opened by a local, unsuspecting user, would lead to denial of service. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2009-2414 and CVE-2009-2416 to these issues. The following table lists what action remediates the vulnerability (column 4) if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter any Windows not applicable hosted * any any not applicable ESXi any ESXi not applicable ESX 4.0 ESX ESX400-200911234-SG ESX 3.5 ESX affected, patch pending ESX 3.0.3 ESX affected, patch pending ESX 2.5.5 ESX affected, patch pending vMA 4.0 RHEL5 Patch 2 * hosted products are VMware Workstation, Player, ACE, Server, Fusion. i. Updated Service Console package curl Service Console package curl updated to version 7.15.5-2.1.el5_3.5 A cURL is affected by the previously published "null prefix attack", caused by incorrect handling of NULL characters in X.509 certificates. If an attacker is able to get a carefully-crafted certificate signed by a trusted Certificate Authority, the attacker could use the certificate during a man-in-the-middle attack and potentially confuse cURL into accepting it by mistake. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2009-2417 to this issue The following table lists what action remediates the vulnerability (column 4) if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter any Windows not applicable hosted * any any not applicable ESXi any ESXi not applicable ESX 4.0 ESX ESX400-200911232-SG ESX 3.5 ESX not affected ESX 3.0.3 ESX not affected ESX 2.5.5 ESX not affected vMA 4.0 RHEL5 Patch 2 * hosted products are VMware Workstation, Player, ACE, Server, Fusion. j. Updated Service Console package gnutls Service Console package gnutil updated to version 1.4.1-3.el5_3.5 A flaw was discovered in the way GnuTLS handles NULL characters in certain fields of X.509 certificates. If an attacker is able to get a carefully-crafted certificate signed by a Certificate Authority trusted by an application using GnuTLS, the attacker could use the certificate during a man-in-the-middle attack and potentially confuse the application into accepting it by mistake. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2009-2730 to this issue The following table lists what action remediates the vulnerability (column 4) if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter any Windows not applicable hosted * any any not applicable ESXi any ESXi not applicable ESX 4.0 ESX ESX400-200911233-SG ESX 3.5 ESX not affected ESX 3.0.3 ESX not affected ESX 2.5.5 ESX not affected vMA 4.0 RHEL5 Patch 2 * hosted products are VMware Workstation, Player, ACE, Server, Fusion. 4. Solution Please review the patch/release notes for your product and version and verify the md5sum of your downloaded file. VMware vCenter Server 4 Update 1 -------------------------------- Version 4.0 Update 1 Build Number 208156 Release Date 2009/11/19 Type Product Binaries http://downloads.vmware.com/download/download.do?downloadGroup=VC40U1 VMware vCenter Server 4 and modules File size: 1.8 GB File type: .iso MD5SUM: 057d55b32eb27fe5f3e01bc8d3df3bc5 SHA1SUM: c90134418c2e4d3d6637d8bee44261300ad95ec1 VMware vCenter Server 4 and modules File size: 1.5 GB File type: .zip MD5SUM: f843d9c19795eb3bc5a77f5c545468a8 SHA1SUM: 9a7abd8e70bd983151e2ee40e1b3931525c4480c VMware vSphere Client and Host Update Utility File size: 113.8 MB File type: .exe MD5SUM: 6cc6b2c958e7e9529c284e48dfae22a9 SHA1SUM: f4c19c63a75d93cffc57b170066358160788c959 VMware vCenter Converter BootCD File size: 98.8 MB File type: .zip MD5SUM: 3df94eb0e93de76b0389132ada2a3799 SHA1SUM: 5d7c04e4f9f8ae25adc8de5963fefd8a4c92464c VMware vCenter Converter CLI (Linux) File size: 36.9 MB File type: .tar.gz MD5SUM: 3766097563936ba5e03e87e898f6bd48 SHA1SUM: 36d485bdb5eb279296ce8c8523df04bfb12a2cb4 ESXi 4.0 Update 1 ----------------- ESXi400-200911201-UG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-155-20091116-013169/ESXi-4.0.0-update01.zip md5sum:c6fdd6722d9e5cacb280bdcc2cca0627 sha1sum:de9d4875f86b6493f9da991a8cff37784215db2e http://kb.vmware.com/kb/1014886 NOTE: The three ESXi patches for Firmware, VMware Tools, and the VI Client "C" are contained in a single download file. ESX 4.0 Update 1 ---------------- https://hostupdate.vmware.com/software/VUM/OFFLINE/release-158-20091118-187517/ESX-4.0.0-update01.zip md5sum: 68934321105c34dcda4cbeeab36a2b8f sha1sum: 0d8ae58cf9143d5c7113af9692dea11ed2dd864b http://kb.vmware.com/kb/1014842 To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle=ESX-4.0.0-update01.zip -b ESX400-200911223-UG -b ESX400-200911238-SG -b ESX400-200911201-UG -b ESX400-200911235-SG -b ESX400-200911237-SG -b ESX400-200911234-SG -b ESX400-200911232-SG -b ESX400-200911233-SG update 5. References CVE numbers --- JRE --- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1093 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1095 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1096 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1097 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1098 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1099 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1100 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1101 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1102 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1103 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1104 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1105 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1106 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1107 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2625 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2670 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2671 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2672 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2673 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2675 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2676 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2716 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2718 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2719 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2720 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2721 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2722 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2723 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2724 --- Tomcat --- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0002 --- ntp --- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1252 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0159 --- kernel --- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3528 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5700 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0028 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0269 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0322 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0675 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0676 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0778 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4307 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0834 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1337 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0787 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1336 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1439 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1633 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1072 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1630 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5966 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1385 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1389 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1895 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2406 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2407 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2692 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2698 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0745 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0746 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0747 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0748 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2848 --- python --- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2052 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4965 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1721 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1887 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2315 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3143 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3144 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4864 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5031 --- bind --- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696 --- libxml and libxml2 --- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2414 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2416 --- curl -- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2417 --- gnutil --- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2052 - ------------------------------------------------------------------------ 6. Change log 2009-11-20 VMSA-2009-0016 Initial security advisory after release of vCenter 4.0 Update 1 and ESX 4.0 Update 1 on 2009-11-19 and release of vMA Patch 2 on 2009-11-23. - ----------------------------------------------------------------------- 7. Contact E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce This Security Advisory is posted to the following lists: * security-announce at lists.vmware.com * bugtraq at securityfocus.com * full-disclosure at lists.grok.org.uk E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055 VMware Security Center http://www.vmware.com/security VMware security response policy http://www.vmware.com/support/policies/security_response.html General support life cycle policy http://www.vmware.com/support/policies/eos.html VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/lifecycle/ Copyright 2009 VMware Inc. All rights reserved. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAksHAooACgkQS2KysvBH1xmQMACfTEcnuPanvucXPmgJCTT054o+ dtoAniXz+9xLskrkPr3oUzAcDeV729WG =wSRz -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------- Debian Security Advisory DSA-1844-1 security@debian.org http://www.debian.org/security/ Dann Frazier July 28, 2009 http://www.debian.org/security/faq - ---------------------------------------------------------------------- Package : linux-2.6.24 Vulnerability : denial of service/privilege escalation Problem type : local/remote Debian-specific: no CVE Id(s) : CVE-2009-1385 CVE-2009-1389 CVE-2009-1630 CVE-2009-1633 CVE-2009-1895 CVE-2009-1914 CVE-2009-1961 CVE-2009-2406 CVE-2009-2407 Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. CVE-2009-1895 Julien Tinnes and Tavis Ormandy reported and issue in the Linux vulnerability code. Local users can take advantage of a setuid binary that can either be made to dereference a NULL pointer or drop privileges and return control to the user. CVE-2009-1961 Miklos Szeredi reported an issue in the ocfs2 filesystem. CVE-2009-2406 CVE-2009-2407 Ramon de Carvalho Valle discovered two issues with the eCryptfs layered filesystem using the fsfuzzer utility. For the stable distribution (etch), these problems have been fixed in version 2.6.24-6~etchnhalf.8etch2. We recommend that you upgrade your linux-2.6.24 packages. Note: Debian 'etch' includes linux kernel packages based upon both the 2.6.18 and 2.6.24 linux releases. All known security issues are carefully tracked against both packages and both packages will receive security updates until security support for Debian 'etch' concludes. However, given the high frequency at which low-severity security issues are discovered in the kernel and the resource requirements of doing an update, lower severity 2.6.18 and 2.6.24 updates will typically release in a staggered or "leap-frog" fashion. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - ------------------------------- Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24-6~etchnhalf.8etch2.diff.gz Size/MD5 checksum: 4046697 0c540aa51d64fd0f41fefda0370a7d57 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24-6~etchnhalf.8etch2.dsc Size/MD5 checksum: 5117 8149bb152305e615760fd5accc516b17 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24.orig.tar.gz Size/MD5 checksum: 59630522 6b8751d1eb8e71498ba74bbd346343af Architecture independent packages: http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-patch-debian-2.6.24_2.6.24-6~etchnhalf.8etch2_all.deb Size/MD5 checksum: 931690 8230f79880ab579b104e9b34029cc97d http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-manual-2.6.24_2.6.24-6~etchnhalf.8etch2_all.deb Size/MD5 checksum: 1572166 59bdbfc8850a9eb4c7f09229f8481a04 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-source-2.6.24_2.6.24-6~etchnhalf.8etch2_all.deb Size/MD5 checksum: 46892520 c736086affec0e829b80074008edc96d http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-support-2.6.24-etchnhalf.1_2.6.24-6~etchnhalf.8etch2_all.deb Size/MD5 checksum: 97696 ac7c8e4af4d15f8e77817f3a2060621e http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-doc-2.6.24_2.6.24-6~etchnhalf.8etch2_all.deb Size/MD5 checksum: 4469630 76391a2afe93b14ef942260a2ab0f6c4 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-tree-2.6.24_2.6.24-6~etchnhalf.8etch2_all.deb Size/MD5 checksum: 82766 fccf13a8baefeb96443c00718b47178a alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-legacy_2.6.24-6~etchnhalf.8etch2_alpha.deb Size/MD5 checksum: 26737560 705e6c1f456e523e4cd6e2199247ad8a http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-smp_2.6.24-6~etchnhalf.8etch2_alpha.deb Size/MD5 checksum: 27342178 b22b7be9f15a3fcd569e83b0981c7b2b http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch2_alpha.deb Size/MD5 checksum: 3454340 5d9c4195f523265e691a73d165a32bd5 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-generic_2.6.24-6~etchnhalf.8etch2_alpha.deb Size/MD5 checksum: 331144 9b199341a9906f69b92956bee989678f http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-smp_2.6.24-6~etchnhalf.8etch2_alpha.deb Size/MD5 checksum: 330548 2e97270481c6406f4703f7ffc642a306 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-alpha_2.6.24-6~etchnhalf.8etch2_alpha.deb Size/MD5 checksum: 82254 6ef54422427a87fb7013208abbb90bfe http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-generic_2.6.24-6~etchnhalf.8etch2_alpha.deb Size/MD5 checksum: 26758348 3fa44a2c192d5296abff11160c4143f7 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch2_alpha.deb Size/MD5 checksum: 82234 2d73cbb156467a0e189b66d64d725957 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-legacy_2.6.24-6~etchnhalf.8etch2_alpha.deb Size/MD5 checksum: 332176 8abd6e28989d5ffa359dbdf523b8802a amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch2_amd64.deb Size/MD5 checksum: 82232 f31859776e8c538793ce7bc12e4d16e6 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-amd64_2.6.24-6~etchnhalf.8etch2_amd64.deb Size/MD5 checksum: 82238 0dd51e0668293dc4a112ba7c177a2d62 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.8etch2_amd64.deb Size/MD5 checksum: 355216 e912a184ffa55eefcbf4d075575f956b http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch2_amd64.deb Size/MD5 checksum: 3649934 25d6d6f81163cd422b987cffe8555482 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.8etch2_amd64.deb Size/MD5 checksum: 19596152 128c3dcd4b54fbca2a8cccf553b15c15 arm architecture (ARM) http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-ixp4xx_2.6.24-6~etchnhalf.8etch2_arm.deb Size/MD5 checksum: 308764 081a21f64a1939858fd628b2b17b1e9d http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch2_arm.deb Size/MD5 checksum: 82362 a02c06864fb8adb347c7b3b83707ec71 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch2_arm.deb Size/MD5 checksum: 3937452 4296fde893b88cba41a5164cd6c68266 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-footbridge_2.6.24-6~etchnhalf.8etch2_arm.deb Size/MD5 checksum: 297832 882e93119837e060496995474bfbde0c http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-arm_2.6.24-6~etchnhalf.8etch2_arm.deb Size/MD5 checksum: 82388 5682b9cb3c9efdf951541c5e951858d5 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-footbridge_2.6.24-6~etchnhalf.8etch2_arm.deb Size/MD5 checksum: 9356202 12691f5684650f5f808b4ccc3d77e6f6 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-iop32x_2.6.24-6~etchnhalf.8etch2_arm.deb Size/MD5 checksum: 10777668 be1c3aa597e81f449a1712c059b6d219 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-ixp4xx_2.6.24-6~etchnhalf.8etch2_arm.deb Size/MD5 checksum: 10786276 fdfef0d9f0a0f740cdf096efe4076849 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-iop32x_2.6.24-6~etchnhalf.8etch2_arm.deb Size/MD5 checksum: 306278 243cc2aef642ad3dc3e6faa9f5b7d2ac hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc-smp_2.6.24-6~etchnhalf.8etch2_hppa.deb Size/MD5 checksum: 259166 403c84cc8eec53736e11babcd7133c36 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-hppa_2.6.24-6~etchnhalf.8etch2_hppa.deb Size/MD5 checksum: 82390 c1e6ec2b43d6dc4849ab58fcca7708fd http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc_2.6.24-6~etchnhalf.8etch2_hppa.deb Size/MD5 checksum: 257800 dcf392b46aaabf4187d0b739d7b3f0b6 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch2_hppa.deb Size/MD5 checksum: 82356 e67f07544c8505aebf46d0fc5cc6ff9b http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc64_2.6.24-6~etchnhalf.8etch2_hppa.deb Size/MD5 checksum: 258558 a2e28e8a24b42aa4f092218fdb7b24b0 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc64_2.6.24-6~etchnhalf.8etch2_hppa.deb Size/MD5 checksum: 14371812 91a757a164d87fcca9b7c8dcf9737e52 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc64-smp_2.6.24-6~etchnhalf.8etch2_hppa.deb Size/MD5 checksum: 261468 72a0d875029ef878bcfa7734ad0e3221 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch2_hppa.deb Size/MD5 checksum: 3444724 e4cbc7652241146662a324980caf28e8 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc64-smp_2.6.24-6~etchnhalf.8etch2_hppa.deb Size/MD5 checksum: 14830286 ee2c1dd21c02e82c845897b92fc44d18 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc-smp_2.6.24-6~etchnhalf.8etch2_hppa.deb Size/MD5 checksum: 13846760 3133b7187049be153f3d946556c58d5a http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc_2.6.24-6~etchnhalf.8etch2_hppa.deb Size/MD5 checksum: 13335008 a71482e5f95d01ae60ef6f9e84851905 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-686-bigmem_2.6.24-6~etchnhalf.8etch2_i386.deb Size/MD5 checksum: 19345260 c8d133c7df467610a2b58b02d437f140 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-486_2.6.24-6~etchnhalf.8etch2_i386.deb Size/MD5 checksum: 19349370 99465914e158a8a8095d704c7a4eca58 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch2_i386.deb Size/MD5 checksum: 82350 eb75675cf418a8fe18a45cf78e113b14 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.8etch2_i386.deb Size/MD5 checksum: 19589510 ed83c2d0ba92a0f4b5fb5daed6b86d5c http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.8etch2_i386.deb Size/MD5 checksum: 347746 23befd72e069faf404ede7a276b78311 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch2_i386.deb Size/MD5 checksum: 3647494 9cf283a4c89c8281db35e5fb2ace4335 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-i386_2.6.24-6~etchnhalf.8etch2_i386.deb Size/MD5 checksum: 82384 199633269844e3e36cf936f5a63857a7 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-686_2.6.24-6~etchnhalf.8etch2_i386.deb Size/MD5 checksum: 361018 4f7299551139e79ad329057ff07de93d http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-686-bigmem_2.6.24-6~etchnhalf.8etch2_i386.deb Size/MD5 checksum: 359956 5272e0df584721713692ccb80e8fdc45 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-486_2.6.24-6~etchnhalf.8etch2_i386.deb Size/MD5 checksum: 361502 4c9a0586154b5fce6d50610d6728bf75 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-686_2.6.24-6~etchnhalf.8etch2_i386.deb Size/MD5 checksum: 19278068 41f6b91dceeaba5592a15bdbb4170c3a ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch2_ia64.deb Size/MD5 checksum: 82360 e96d164aa97cbda5c4e0d4a4d8d47298 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch2_ia64.deb Size/MD5 checksum: 3570154 a7bdb15fd5dc46ea33b570390700255a http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-mckinley_2.6.24-6~etchnhalf.8etch2_ia64.deb Size/MD5 checksum: 32289122 8a66a1efccab804aece0f9c9f9a0c2c3 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-ia64_2.6.24-6~etchnhalf.8etch2_ia64.deb Size/MD5 checksum: 82378 11c070123743f3060aee864a6fa7621e http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-mckinley_2.6.24-6~etchnhalf.8etch2_ia64.deb Size/MD5 checksum: 322394 7e68b691385f67de57eca947718b3cf3 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-itanium_2.6.24-6~etchnhalf.8etch2_ia64.deb Size/MD5 checksum: 32112122 81952edc15d24552bc7e0e250d4e4c2f http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-itanium_2.6.24-6~etchnhalf.8etch2_ia64.deb Size/MD5 checksum: 322756 0332b3131abca0dde23a3980e3269d6a mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.8etch2_mips.deb Size/MD5 checksum: 22151540 85f675d6aa5e858c776b25ed7b55fd01 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.8etch2_mips.deb Size/MD5 checksum: 17152584 968f51589e2246eb98d54f8f7a0deac3 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.8etch2_mips.deb Size/MD5 checksum: 246524 7d37dee7fa5f20d5484a054697944a4a http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-r5k-ip32_2.6.24-6~etchnhalf.8etch2_mips.deb Size/MD5 checksum: 11958562 189d907c882ca1f971e5df5b020db861 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.8etch2_mips.deb Size/MD5 checksum: 246320 9b22546464feae45ee05c1318ce4eeb1 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-r4k-ip22_2.6.24-6~etchnhalf.8etch2_mips.deb Size/MD5 checksum: 214790 9f3182d818ff7b6a05993763a6120725 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.8etch2_mips.deb Size/MD5 checksum: 17168120 bc71f4391f0b74712a77ce0a98104c42 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch2_mips.deb Size/MD5 checksum: 82240 56ffbcabce3c1df699ab5005b86b5fcb http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-r4k-ip22_2.6.24-6~etchnhalf.8etch2_mips.deb Size/MD5 checksum: 10524568 1dcc5f02fea750b73b3d26bbf9436744 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.8etch2_mips.deb Size/MD5 checksum: 309414 2f3e51dd53a0aee437acd14822bdc812 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-mips_2.6.24-6~etchnhalf.8etch2_mips.deb Size/MD5 checksum: 82294 9d3e3e23c0fc8a0f1e1841e28fd3a2e2 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch2_mips.deb Size/MD5 checksum: 3803692 496de2fac6b2631145112d3df8c30a74 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.8etch2_mips.deb Size/MD5 checksum: 309366 ad8430704237cac6706abefb3cb3a66a http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-r5k-ip32_2.6.24-6~etchnhalf.8etch2_mips.deb Size/MD5 checksum: 225310 6f208c9d5eada9b92d3e98530a7421ab http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.8etch2_mips.deb Size/MD5 checksum: 27775866 480af1976cfb2ad886bbeab57828e0a9 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.8etch2_mipsel.deb Size/MD5 checksum: 26985726 697670a3bb624d4d3d78f46f3dd1ffa0 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.8etch2_mipsel.deb Size/MD5 checksum: 16630534 64876417bfc90be839f742b7f3df4017 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-mipsel_2.6.24-6~etchnhalf.8etch2_mipsel.deb Size/MD5 checksum: 82296 3b389589e0d350fd94e1e6a55064b597 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-r5k-cobalt_2.6.24-6~etchnhalf.8etch2_mipsel.deb Size/MD5 checksum: 246006 6b907d81792642929e73f8f7138a0686 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch2_mipsel.deb Size/MD5 checksum: 82244 06ea877ec50d7981c308674e878de0fd http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.8etch2_mipsel.deb Size/MD5 checksum: 21734936 1f58a04e3f3e233fc379f7585b37f67c http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.8etch2_mipsel.deb Size/MD5 checksum: 309876 33999e485bc68c26f1355c34591fa9d1 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.8etch2_mipsel.deb Size/MD5 checksum: 246316 f5ee5c81b6f69590e7483c63914aa4f1 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-r5k-cobalt_2.6.24-6~etchnhalf.8etch2_mipsel.deb Size/MD5 checksum: 13317230 d5c0090dd1f3487c1a1b98e663d302a9 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch2_mipsel.deb Size/MD5 checksum: 3803662 c04871193e6cd5fe88e7d757fe94dc15 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.8etch2_mipsel.deb Size/MD5 checksum: 246138 83d394f1c4638687b1bd71213d6fc9fd http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.8etch2_mipsel.deb Size/MD5 checksum: 16566994 4ad893a3f64121974125e7df7a246c32 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.8etch2_mipsel.deb Size/MD5 checksum: 308542 d1aa85d73a85243f9e11e6d319829560 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-powerpc-miboot_2.6.24-6~etchnhalf.8etch2_powerpc.deb Size/MD5 checksum: 17459600 932f0c6e71fa2a92bcbf91245d4a6f34 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-powerpc_2.6.24-6~etchnhalf.8etch2_powerpc.deb Size/MD5 checksum: 19195098 3894f438fae8ccd897ae1b193e05a06c http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-powerpc-smp_2.6.24-6~etchnhalf.8etch2_powerpc.deb Size/MD5 checksum: 19486104 e186a5e57fc6ef416a9f0611b4e32b00 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-powerpc64_2.6.24-6~etchnhalf.8etch2_powerpc.deb Size/MD5 checksum: 321892 920d908f2b7f39a4ea245a452707de9c http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-powerpc-smp_2.6.24-6~etchnhalf.8etch2_powerpc.deb Size/MD5 checksum: 321508 053a1e68eb59bc3616762c77c478b77c http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch2_powerpc.deb Size/MD5 checksum: 3672616 9480b5733676cd5d73e984cd6b36cdb2 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-powerpc64_2.6.24-6~etchnhalf.8etch2_powerpc.deb Size/MD5 checksum: 21169994 225176293c099a0a66a6e427f8f342c9 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-powerpc_2.6.24-6~etchnhalf.8etch2_powerpc.deb Size/MD5 checksum: 321100 ed5daac657617ab8ea09dedbbd5825e9 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch2_powerpc.deb Size/MD5 checksum: 82240 d5758f3021b63ba5a46f4bb59a0264bd http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-powerpc_2.6.24-6~etchnhalf.8etch2_powerpc.deb Size/MD5 checksum: 82278 68134af3769b6654c610701382a41932 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-powerpc-miboot_2.6.24-6~etchnhalf.8etch2_powerpc.deb Size/MD5 checksum: 294694 6e01dfd311f1094cb5cf39e6ab13030f s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-s390-tape_2.6.24-6~etchnhalf.8etch2_s390.deb Size/MD5 checksum: 1502142 d742c3ccecaeae89dd72efa337ad8d77 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-s390x_2.6.24-6~etchnhalf.8etch2_s390.deb Size/MD5 checksum: 194364 95a4fc8d1329f3926c95d0d866ea95c1 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch2_s390.deb Size/MD5 checksum: 3429940 46b5705e72023ec8eabbeaaae179df0f http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-s390_2.6.24-6~etchnhalf.8etch2_s390.deb Size/MD5 checksum: 194060 0c71ba7ea8c4108e88ce439c83e36101 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch2_s390.deb Size/MD5 checksum: 82228 f6a160399eb50aed5c7ce0a802977eec http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-s390_2.6.24-6~etchnhalf.8etch2_s390.deb Size/MD5 checksum: 82242 20fa5214b693fd929327b65dff5ec749 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-s390x_2.6.24-6~etchnhalf.8etch2_s390.deb Size/MD5 checksum: 7200766 c6697bcd7109bad0fd2742368bfc7173 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-s390_2.6.24-6~etchnhalf.8etch2_s390.deb Size/MD5 checksum: 6950228 2c118466985f0d41c074e3d7ae019d4e sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch2_sparc.deb Size/MD5 checksum: 82354 917940e7cc2b2ae64b7b13119c8d5cdf http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sparc64-smp_2.6.24-6~etchnhalf.8etch2_sparc.deb Size/MD5 checksum: 263544 e8b14218397904ab5f792a659c713900 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sparc64-smp_2.6.24-6~etchnhalf.8etch2_sparc.deb Size/MD5 checksum: 13317316 74c832fd75da1e42442c1fc2fb985454 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch2_sparc.deb Size/MD5 checksum: 3650988 92f721bff0660a92cff31845e3db2b09 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sparc64_2.6.24-6~etchnhalf.8etch2_sparc.deb Size/MD5 checksum: 261690 519b6d40d8fc3af21f475b10bfaef609 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-sparc_2.6.24-6~etchnhalf.8etch2_sparc.deb Size/MD5 checksum: 82374 8ff85603936f91294ec959d8fbca1db5 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sparc64_2.6.24-6~etchnhalf.8etch2_sparc.deb Size/MD5 checksum: 13019920 db00ad3ea888c38b94f6e9c2aebbd834 These changes will probably be included in the oldstable distribution on its next update. =========================================================== Ubuntu Security Notice USN-793-1 July 02, 2009 linux, linux-source-2.6.15 vulnerabilities CVE-2009-1072, CVE-2009-1184, CVE-2009-1192, CVE-2009-1242, CVE-2009-1265, CVE-2009-1336, CVE-2009-1337, CVE-2009-1338, CVE-2009-1360, CVE-2009-1385, CVE-2009-1439, CVE-2009-1630, CVE-2009-1633, CVE-2009-1914, CVE-2009-1961 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: linux-image-2.6.15-54-386 2.6.15-54.77 linux-image-2.6.15-54-686 2.6.15-54.77 linux-image-2.6.15-54-amd64-generic 2.6.15-54.77 linux-image-2.6.15-54-amd64-k8 2.6.15-54.77 linux-image-2.6.15-54-amd64-server 2.6.15-54.77 linux-image-2.6.15-54-amd64-xeon 2.6.15-54.77 linux-image-2.6.15-54-hppa32 2.6.15-54.77 linux-image-2.6.15-54-hppa32-smp 2.6.15-54.77 linux-image-2.6.15-54-hppa64 2.6.15-54.77 linux-image-2.6.15-54-hppa64-smp 2.6.15-54.77 linux-image-2.6.15-54-itanium 2.6.15-54.77 linux-image-2.6.15-54-itanium-smp 2.6.15-54.77 linux-image-2.6.15-54-k7 2.6.15-54.77 linux-image-2.6.15-54-mckinley 2.6.15-54.77 linux-image-2.6.15-54-mckinley-smp 2.6.15-54.77 linux-image-2.6.15-54-powerpc 2.6.15-54.77 linux-image-2.6.15-54-powerpc-smp 2.6.15-54.77 linux-image-2.6.15-54-powerpc64-smp 2.6.15-54.77 linux-image-2.6.15-54-server 2.6.15-54.77 linux-image-2.6.15-54-server-bigiron 2.6.15-54.77 linux-image-2.6.15-54-sparc64 2.6.15-54.77 linux-image-2.6.15-54-sparc64-smp 2.6.15-54.77 Ubuntu 8.04 LTS: linux-image-2.6.24-24-386 2.6.24-24.55 linux-image-2.6.24-24-generic 2.6.24-24.55 linux-image-2.6.24-24-hppa32 2.6.24-24.55 linux-image-2.6.24-24-hppa64 2.6.24-24.55 linux-image-2.6.24-24-itanium 2.6.24-24.55 linux-image-2.6.24-24-lpia 2.6.24-24.55 linux-image-2.6.24-24-lpiacompat 2.6.24-24.55 linux-image-2.6.24-24-mckinley 2.6.24-24.55 linux-image-2.6.24-24-openvz 2.6.24-24.55 linux-image-2.6.24-24-powerpc 2.6.24-24.55 linux-image-2.6.24-24-powerpc-smp 2.6.24-24.55 linux-image-2.6.24-24-powerpc64-smp 2.6.24-24.55 linux-image-2.6.24-24-rt 2.6.24-24.55 linux-image-2.6.24-24-server 2.6.24-24.55 linux-image-2.6.24-24-sparc64 2.6.24-24.55 linux-image-2.6.24-24-sparc64-smp 2.6.24-24.55 linux-image-2.6.24-24-virtual 2.6.24-24.55 linux-image-2.6.24-24-xen 2.6.24-24.55 Ubuntu 8.10: linux-image-2.6.27-14-generic 2.6.27-14.35 linux-image-2.6.27-14-server 2.6.27-14.35 linux-image-2.6.27-14-virtual 2.6.27-14.35 Ubuntu 9.04: linux-image-2.6.28-13-generic 2.6.28-13.45 linux-image-2.6.28-13-imx51 2.6.28-13.45 linux-image-2.6.28-13-iop32x 2.6.28-13.45 linux-image-2.6.28-13-ixp4xx 2.6.28-13.45 linux-image-2.6.28-13-lpia 2.6.28-13.45 linux-image-2.6.28-13-server 2.6.28-13.45 linux-image-2.6.28-13-versatile 2.6.28-13.45 linux-image-2.6.28-13-virtual 2.6.28-13.45 After a standard system upgrade you need to reboot your computer to effect the necessary changes. ATTENTION: Due to an unavoidable ABI change for Ubuntu 8.04 and 8.10, the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-server, linux-powerpc), a standard system upgrade will automatically perform this as well. Details follow: Igor Zhbanov discovered that NFS clients were able to create device nodes even when root_squash was enabled. An authenticated remote attacker could create device nodes with open permissions, leading to a loss of privacy or escalation of privileges. Only Ubuntu 8.10 and 9.04 were affected. (CVE-2009-1072) Dan Carpenter discovered that SELinux did not correctly handle certain network checks when running with compat_net=1. A local attacker could exploit this to bypass network checks. Default Ubuntu installations do not enable SELinux, and only Ubuntu 8.10 and 9.04 were affected. (CVE-2009-1184) Shaohua Li discovered that memory was not correctly initialized in the AGP subsystem. A local attacker could potentially read kernel memory, leading to a loss of privacy. (CVE-2009-1192) Benjamin Gilbert discovered that the VMX implementation of KVM did not correctly handle certain registers. This only affected 32bit hosts. Ubuntu 6.06 was not affected. (CVE-2009-1242) Thomas Pollet discovered that the Amateur Radio X.25 Packet Layer Protocol did not correctly validate certain fields. A remote attacker could exploit this to read kernel memory, leading to a loss of privacy. (CVE-2009-1265) Trond Myklebust discovered that NFS did not correctly handle certain long filenames. Only Ubuntu 6.06 was affected. (CVE-2009-1336) Oleg Nesterov discovered that the kernel did not correctly handle CAP_KILL. (CVE-2009-1337) Daniel Hokka Zakrisson discovered that signal handling was not correctly limited to process namespaces. Only Ubuntu 8.04 was affected. (CVE-2009-1338) Pavel Emelyanov discovered that network namespace support for IPv6 was not correctly handled. Only Ubuntu 8.10 and 9.04 were affected. (CVE-2009-1360) Neil Horman discovered that the e1000 network driver did not correctly validate certain fields. (CVE-2009-1385) Pavan Naregundi discovered that CIFS did not correctly check lengths when handling certain mount requests. (CVE-2009-1439) Simon Vallet and Frank Filz discovered that execute permissions were not correctly handled by NFSv4. A local user could bypass permissions and run restricted programs, possibly leading to an escalation of privileges. (CVE-2009-1633) Mikulas Patocka discovered that /proc/iomem was not correctly initialized on Sparc. Ubuntu 6.06 was not affected. (CVE-2009-1914) Miklos Szeredi discovered that OCFS2 did not correctly handle certain splice operations. Ubuntu 6.06 was not affected. (CVE-2009-1961) Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15-54.77.diff.gz Size/MD5: 3001537 eba4f5e0c7a98a38dea67bfa3e168240 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15-54.77.dsc Size/MD5: 2400 4ddbb75d160d27e0385fbabe7f1ee16a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15.orig.tar.gz Size/MD5: 57403387 88ab0747cb8c2ceed662e0fd1b27d81d Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-doc-2.6.15_2.6.15-54.77_all.deb Size/MD5: 5167494 b57a1f066e6e27335636d97032bac1e4 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-kernel-devel_2.6.15-54.77_all.deb Size/MD5: 95350 6585056cad015d6ca7e28ab593cd8b69 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15-54.77_all.deb Size/MD5: 44742940 96f1bf40f8e1197b05d8cc2892f2c145 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/acpi-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 22354 a8efeb55cc67813d523cce4e9a8540ec http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 44770 ceb8d616dcdd3e0acd2c5f1bc0957167 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 2306 13cb4639cc7517e3111efdea783b906e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 36252 5ef331e5a71c799d054ed67e1af7afb6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 102298 94937c4a9294258227c971c9c5e05c5b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 38894 eb294ea73d31f1c2f9fda6618ec63770 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fb-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 49144 b633a70773bbbe8acf959b99056c8117 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/firewire-core-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 176712 02c0b79f0fa0b1ebf343781974474a4e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/floppy-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 36776 8a9d598a72f8199cafd120f3aec583c1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 142248 3adf2b7652974e829eaeb41d822a5011 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 51070 25ec529d7f82bfb0ddcd981304434934 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 140616 bf360bdcf71309b158123ce3070aaaf9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/irda-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 286860 041ee91c6050c552bd52930dfb7c9f6b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/jfs-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 97798 b66af76803a50cf7a3b22c2fbb9f00b4 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 1651646 756c6cea34752f0bf7a1e829db020e57 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-54-amd64-generic_2.6.15-54.77_amd64.deb Size/MD5: 871700 f51a4a973ece89338d4843d27a5ced94 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-54-amd64-k8_2.6.15-54.77_amd64.deb Size/MD5: 872620 cef392fe29c4a2dcfa1ffb9607f990eb http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-54-amd64-server_2.6.15-54.77_amd64.deb Size/MD5: 872046 e9a140b82a6800dd7c08d8b744e75e2f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-54-amd64-xeon_2.6.15-54.77_amd64.deb Size/MD5: 872590 46b39ade35d2e36728d913fe84b6f79d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-54_2.6.15-54.77_amd64.deb Size/MD5: 6925720 a40915984f97b8e817774d8d56155484 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-54-amd64-generic_2.6.15-54.77_amd64.deb Size/MD5: 20816072 98817474a9a662d4c5d79811547b98ef http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-54-amd64-k8_2.6.15-54.77_amd64.deb Size/MD5: 20785638 cbf0cd088aeff7b0b87df905b9e8468f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-54-amd64-server_2.6.15-54.77_amd64.deb Size/MD5: 21630872 f56a80007a836fec66ef9a2a94883d97 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-54-amd64-xeon_2.6.15-54.77_amd64.deb Size/MD5: 19903700 98158564170bf417e3ba7f91263f5f31 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 15646 3894b718b3d312c48c92d9ac52252e5d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 240370 a8ee1ef17d8c778484a1b5fdc14777b5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 202636 2fbb7c2f21624e8c39388ac167f1bca3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 1048602 97b108097bf19f308240d1413ad38b64 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 1542980 c57046562d168b6e8ee13a25fea0347c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-pcmcia-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 161648 c9463e7a0ebb0c3879f7a6d644751c85 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 9832 88ec0bfa3382802a777bcbf9dc7d2220 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-usb-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 80862 c850080cdc776aabab0c7e0e89cdb13d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ntfs-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 49172 99f5fcc78a1beea9bbbf9cb455c45707 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/parport-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 35168 9a07d29dedcbed5a44079e64e2bfc911 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 70884 86d8342ace381ebf07b2f4ead760797c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-storage-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 6224 55a1df7fa8889b89cd3a009d2d84cbb0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/plip-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 9060 9805d4d7b24730a66d881ec8ffccc203 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 57898 4a0c6ab2237785c56a140bb82818578a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 123332 cfa831d03acaba7fdcd38cc296245fd7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/sata-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 101028 f5be2f6c6c299d7c732b59fbfc2ea586 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 79250 a59e9df8e087eac06df9fbda8a8a6405 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 1594790 0bc41203b7830a51a6e1a1b9f981ab15 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/serial-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 72306 6acc47f96a766cc043ee2a4f47edd3d3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/socket-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 12654 5a615c1146e10d37ef89d0d2ffaf770e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ufs-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 33736 850c53ba72802eba8128f9c69786b663 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 138534 82827eb2785d66387e75873bcbcb84f9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 38938 bb5ec1051b41c083cdd18225b4f0ac24 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-54-amd64-generic-di_2.6.15-54.77_amd64.udeb Size/MD5: 278746 1a19131977b00e345ca43f2da7d78f60 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/acpi-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 18976 cc2753f5656925c3015c39979cb8cff3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 43460 a322e932de50b99745f263a9c2d07e00 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 105212 c109dd4fd0061a526e506e6419e71b24 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 2286 47108cbcb70c3749d2b045c6f8c1a1c7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 34576 df9c1643a4d064f3db582744ad47a9e0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 96952 0fa666be29393ff121f0ff64c45495ea http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 37102 f4f2833e372e12fabc8237f05e45bf6d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fb-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 44078 cdcdb874e1bc26abeec66c66c39dd6e2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/firewire-core-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 167754 575f5b4208371c2e5d11fdd1d8856119 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/floppy-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 33938 8578c3357a6f1ddfddaf863d2ac2cfb4 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 137870 f46efe5131f63f6f6ee7757d1418b81d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 46894 7dc4dc6732d97dcf4ec8e854f5f563c6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 132998 a70d2f28ac9f08ef9b505fbe034fa9e2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/irda-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 273450 d6d45586cf1dfff150b030e9ef3de755 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/jfs-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 102260 7216111ca2c37fc6ef3d6757254f8261 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 1596062 4d81a723f97979546f7a7032411e88ff http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-54-386_2.6.15-54.77_i386.deb Size/MD5: 863226 924f92be148cb1bb13db4f7252fd644c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-54-686_2.6.15-54.77_i386.deb Size/MD5: 858374 ddd82deb53082e6ce4b6791ed14dd44f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-54-k7_2.6.15-54.77_i386.deb Size/MD5: 859558 59451d436d231e187ec193aa4abfe1fc http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-54-server-bigiron_2.6.15-54.77_i386.deb Size/MD5: 867408 e88f0427e3f965f7c8cfd10cf65255a3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-54-server_2.6.15-54.77_i386.deb Size/MD5: 859510 ff4d32a7389bf7ecdb224525699c1868 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-54_2.6.15-54.77_i386.deb Size/MD5: 6917458 fd0a57262224b5c9c03b392deee6dba2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-54-386_2.6.15-54.77_i386.deb Size/MD5: 21712838 ce53ee29a36dd9cd9228176e6a67d0cf http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-54-686_2.6.15-54.77_i386.deb Size/MD5: 22508152 f8977584a67f926bce6e172b61d483cc http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-54-k7_2.6.15-54.77_i386.deb Size/MD5: 22255354 85be88ae00e9c10d859985cfe320b9ba http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-54-server-bigiron_2.6.15-54.77_i386.deb Size/MD5: 23618958 0dd94a3c4bc391252914ef536a049eaf http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-54-server_2.6.15-54.77_i386.deb Size/MD5: 23173694 36c092afcfd842937423257362deb71d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 15510 9bfea12610a193ecbf077c7dc10b67a2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 238530 0d6767483144ccbdfb4d5496dfa1b890 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 197046 b779aa690688bd0ce620b3feed37c72f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 1048392 251f698fe32b7aa18b52b8c930d997a4 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 1740818 be462a74a24ef70208e5af89879da1fb http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-pcmcia-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 160828 bee9438c9a9c524335bbde0b07be1313 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 9166 1f281ddb8155bd44eca2c0097bd3412e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-usb-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 76484 024d47a314d9e6567fb071e2814622d1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ntfs-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 53256 456e910d9e3bde1047c24daef0b5658e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/parport-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 33054 3b0bc0f0738ca6080dd9446a54b22ac7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 85630 b46b2de723e39a047552d1bf53422286 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-storage-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 6028 efd9e548799433f47e80be328f92e779 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/plip-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 8762 da11c1b27b852c13e054d4aec99b9f13 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 53636 e7c55e0573e7aabc1098bbe9d37c6910 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 130776 a254b737d82cd35230628f67effd60d3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/sata-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 98432 f772e922c5ca1f3ea8249c702e72cc73 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 77184 1a3d5fed7e2593cd1e324e81e8f73fbc http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 1768386 bba934fcf1768f4e6616783b67cc0cb6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/serial-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 69570 672c7fe6f046dc6ec11486a62622ed26 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/socket-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 11758 a86954df8c28e894e6849038aec6dd3e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ufs-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 36008 fc0d3c2b5b263bcd9260dcb8a75cf2e3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 132566 75fad8a0bac352909402ff2b333fc917 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 38564 48aa028998c1382beeecf660aa5aac3a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-54-386-di_2.6.15-54.77_i386.udeb Size/MD5: 299114 f11e7eb80349e04b8f23d8a049f76b56 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/affs-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 23724 2db2adaa57d92b7f48688f95179e15e0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/affs-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 25950 95c01793a23a24cbff49964e4b8c5585 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 49326 ab284f2d44d7a2bbc5ea52e67f613b23 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 51530 a600f307f0f91779acc5c1980c4c3223 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 2308 4effd1e0af9c3f48e2243691eb8ff6be http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 2482 a4633265ec8c02ba24ea472625a3a3ee http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 40196 21e77905b68f5d3872662ab5948dfd94 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 43758 e439eec68bed9e401fec40c0031434d3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 112596 caf6e08a7b71ca1051b5d94c62029fe3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 120666 feb6891c9b38bbcc0d58026e14e2a0f5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 40850 d1933a4df097dba261b11bbae450cc95 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 45958 17b93bb9695be9a7cc0cb8bdac26e767 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fb-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 29032 6ca496a4614fc2f0bf880a9f0fdbcb35 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fb-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 29900 538fd9bb6ec6ff9c1cb4c61506a2094e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/firewire-core-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 211404 5d35841b61601520fa369d152d3bbd42 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/firewire-core-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 225214 3866f620a880044623bbc963a1b15f8f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/floppy-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 45056 3fd6ac720a4053a1554c515dbdd60d09 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/floppy-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 40220 342eae2faccd8a8e8235ccbe7a118f44 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fs-common-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 1936 6eb08d519ab2bf1a5f5fac6e0c832e6d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fs-common-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 2200 a2f7579c4986495691a7b124fc34c7c0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/hfs-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 80680 37cbcb404f7c6d42ddf270cb222d97a0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/hfs-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 86078 ffb8b233eb68841688aa616f1880fcb7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 111644 8d3233bee5a2d55582bda79b6bd22f1c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 125774 b1d8fd5c48d3d50a25da84576e3b1c2e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 53410 9737ace229facb52faba8819b39aaa4f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 58474 c0dfc0546cd6a326e8e5372286147ebc http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 147772 5add6e71d59aa7b22544c89d236f1264 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 161708 2e4eaeb64a8a149fe0e89a6aa32c4273 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/irda-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 317494 e1e4733d8591ebe9372fe88ed3f0c816 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/irda-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 287602 85599af30985f874baa2005e68247c8a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/jfs-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 115854 b64bea5344a06582f592f8de8493fea0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/jfs-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 116514 54a687f3c7d632b17400826c8358eec2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 1924292 af79708a135129928126925812c5e985 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 2447446 600b87a4f5376d7ed6685dde273d1ca6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-54-powerpc-smp_2.6.15-54.77_powerpc.deb Size/MD5: 873400 cdb7cb415d400e8e8e9d69fa6a21549d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-54-powerpc64-smp_2.6.15-54.77_powerpc.deb Size/MD5: 870866 7252b4b7c1a9b0d65e69939157d86e13 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-54-powerpc_2.6.15-54.77_powerpc.deb Size/MD5: 868624 fa84e5dae2ee6f9986de8772a1357e23 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-54_2.6.15-54.77_powerpc.deb Size/MD5: 6946740 28fc20a94d95b0b8c02aca0708a74101 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-54-powerpc-smp_2.6.15-54.77_powerpc.deb Size/MD5: 22776364 389e45cbdd998fa7dafa1229f5737bcb http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-54-powerpc64-smp_2.6.15-54.77_powerpc.deb Size/MD5: 23678834 ea0a1438c2b0a5334b7ac71407cbc868 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-54-powerpc_2.6.15-54.77_powerpc.deb Size/MD5: 22355382 18f2e503843c54824551f54d39b8b468 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 17782 9933c39eaa26b6c5558399d461d6e4aa http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 17380 4f213deee9b7c625c1fd48d88f048c6c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 261268 d73545c9cef2251ad094e9e53f889421 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 282478 b037d7889d3f63d86c3605c945f081dc http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 227640 d6a097d06e05da8ae4676497fe918633 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 248884 ca8a5caa96f92834425d7ee4a48a95e2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 1048444 f58af64355ebfa8d71973d7961285aea http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 1048566 32f48ed1ee827656c9446c79d6802b99 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 1737706 67f6c275ca396042f8613936eda72c97 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 1877428 8d0bbebe4eb6e4bf964fb6f440af7789 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-pcmcia-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 250878 c171495228a2d3f25a5dab6a1d46ffe5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-pcmcia-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 233632 c6062b42d12fa38bc5fcb59261bfa528 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 13026 e2a2a9c9c0a66e0f66e4971456becb07 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 13526 6393b9447870a049537c64f1da8c0984 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-usb-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 84832 dafa241b2ba2792acc11ed92ebf58d8a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-usb-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 52194 9d681e1cde559db52f919d9a75da2987 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 73908 1b9eea0eb286147c629a5eb6a737bf68 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 85844 9d8a5108c045be78f3aa16ec41863d49 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-storage-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 6624 c39e697a9b25473e791b7668df4798d5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-storage-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 7064 02c208ead4772ebd6dfaa1ee19df56cf http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 60376 b83d6031ce6298fd19869d5d29e3a0c4 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 70392 cbaee4dfd466a12dff0b9098baa8788d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 128550 e4821e65980d609ef08066b2780a485a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 157808 9a1b4e218e785ecef63b0406c5f9c8a5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/sata-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 108038 b472765900eaa08cc2cc54a2ae26d907 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/sata-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 126050 75623f4ca292e6d3fc2b6e00211f964b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 87304 2ff71c1735a777692a08170ed726345b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 93306 ee8b741bf1ee4f57a90da0ed2b6da7d8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 2013972 dac2efef3ff9d6289b7309d57cb72745 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 1988102 c8d45fc53efb2b9f324547fd06ae7409 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/serial-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 104106 14ccbc627fb90ae558e79b3833e5ba6b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/serial-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 115702 19934a14896949c68acbe6f4b6459b0a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/socket-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 12738 31ecc1891237ac01baa6d70fa55b2ffa http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/socket-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 14444 a638ce85cd817ffcd0316b798067af0b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ufs-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 39948 0fad0a28b3b61dbce21d2ab2d3e385ec http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ufs-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 41474 4c179c6570402716b5e16076ee359ff9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 149308 d381b35191480574c053f931f5d4b838 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 168034 937d9f0067d9c5b86f547355a759ce3a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 42272 9adfaeeaeec83a69f60bba08b9f7029e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 44880 8be844f59b2578d8b0b96df521ed2980 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-54-powerpc-di_2.6.15-54.77_powerpc.udeb Size/MD5: 320284 ed49feb1ad11dbe9eaebdf8e3b55aa14 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-54-powerpc64-smp-di_2.6.15-54.77_powerpc.udeb Size/MD5: 324712 00dc7e4c517a8e77dbdbcd472560fd07 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-54-sparc64-di_2.6.15-54.77_sparc.udeb Size/MD5: 50478 90ae6fcda7578bfc42fb227db6ed4a16 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-54-sparc64-di_2.6.15-54.77_sparc.udeb Size/MD5: 2362 81e28a5627bcd9793bdb3d7d66c808e0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-54-sparc64-di_2.6.15-54.77_sparc.udeb Size/MD5: 40332 bba6454e4e7a730fc19a71e9f177591b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-54-sparc64-di_2.6.15-54.77_sparc.udeb Size/MD5: 110530 ee2bc9880d4119adc01104c26f4c9b45 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-54-sparc64-di_2.6.15-54.77_sparc.udeb Size/MD5: 41186 22e3751924678d62633868c319ec33bb http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-54-sparc64-di_2.6.15-54.77_sparc.udeb Size/MD5: 104238 f5357492d5c611bd51c4724b1b955972 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-54-sparc64-di_2.6.15-54.77_sparc.udeb Size/MD5: 7438 6e66a60e61009df9bc350cde8318fd0e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-54-sparc64-di_2.6.15-54.77_sparc.udeb Size/MD5: 149008 d39a3d71f7cdaa48f4603f0d40d7183d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-54-sparc64-di_2.6.15-54.77_sparc.udeb Size/MD5: 1711722 024c561786c0bfc1f337cc46a1a99842 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-54-sparc64-smp_2.6.15-54.77_sparc.deb Size/MD5: 772116 b88f78698771d7b662bd8f55da837860 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-54-sparc64_2.6.15-54.77_sparc.deb Size/MD5: 771542 ade51cbe986056b296fc493d071add8f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-54_2.6.15-54.77_sparc.deb Size/MD5: 6963002 734ea162d7bdae6fa642fbb65fc4aefd http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-54-sparc64-smp_2.6.15-54.77_sparc.deb Size/MD5: 15009480 f11efad62b8121702c97f681aaeff50c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-54-sparc64_2.6.15-54.77_sparc.deb Size/MD5: 14829506 72058abf59e768b6e7a962a0f1765772 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-54-sparc64-di_2.6.15-54.77_sparc.udeb Size/MD5: 7422 0fa7e99c434b4c2e616b163473d2482d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-54-sparc64-di_2.6.15-54.77_sparc.udeb Size/MD5: 248670 395da4afc2eea6417478e5b9df10eac9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-54-sparc64-di_2.6.15-54.77_sparc.udeb Size/MD5: 212452 381c41cde8488c4b922e0d13250ac60d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-54-sparc64-di_2.6.15-54.77_sparc.udeb Size/MD5: 1048468 d00527551222987b228c1b3a236b33fa http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-54-sparc64-di_2.6.15-54.77_sparc.udeb Size/MD5: 1481892 c2a73def45b9c272b0f1b16b24072f74 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-54-sparc64-di_2.6.15-54.77_sparc.udeb Size/MD5: 10118 6c152d785d4130d9189dfc5562b2918d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/parport-modules-2.6.15-54-sparc64-di_2.6.15-54.77_sparc.udeb Size/MD5: 40180 bfdd5a38c85c337948efc354d5b52b1b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/plip-modules-2.6.15-54-sparc64-di_2.6.15-54.77_sparc.udeb Size/MD5: 9370 a6b288b0cddcba37aa113b6c6a82c1ac http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-54-sparc64-di_2.6.15-54.77_sparc.udeb Size/MD5: 61482 f6d84c317c95ca51e4a3a961edd4afbc http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-54-sparc64-di_2.6.15-54.77_sparc.udeb Size/MD5: 163022 75d6fbd3830d3fa83a4a33087893230f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-54-sparc64-di_2.6.15-54.77_sparc.udeb Size/MD5: 64010 b2c069e1a9ab296b69db1c9d9347fdb5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-54-sparc64-di_2.6.15-54.77_sparc.udeb Size/MD5: 1235086 983bf44bbfed30448fc00b43e525a222 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-54-sparc64-di_2.6.15-54.77_sparc.udeb Size/MD5: 59354 ce272f6264ab0b9731c489358ffae596 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-54-sparc64-di_2.6.15-54.77_sparc.udeb Size/MD5: 37406 39fb3eb53208a1810ef284874296c3ac http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-54-sparc64-di_2.6.15-54.77_sparc.udeb Size/MD5: 280076 7716ed5dd3c520a43c3774a4e3633047 Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.24-24.55.diff.gz Size/MD5: 4767049 a3e6ddfbd5081bb6e7535fcde2a3f609 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.24-24.55.dsc Size/MD5: 2219 ddc04a20e187b20a43a5cecc952e4b59 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.24.orig.tar.gz Size/MD5: 59085601 e4aad2f8c445505cbbfa92864f5941ab Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-doc-2.6.24_2.6.24-24.55_all.deb Size/MD5: 4928644 067a5db90758e43f49badf44aadc2ae2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-24_2.6.24-24.55_all.deb Size/MD5: 8142948 27ced16bc9ee340f7d2e59c4d03d4175 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-kernel-devel_2.6.24-24.55_all.deb Size/MD5: 96898 a53b271582fb8cb0f8aa7a3e6ef32d02 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-source-2.6.24_2.6.24-24.55_all.deb Size/MD5: 46978434 5338ae19db39ce537ea7f81fbdfc4a62 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/l/linux/acpi-modules-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 28590 3b10ec843d4ca2b68122730e1a14b331 http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 224138 5ef7d9b5cad79f6e5b10f8a004ec5cf4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 52646 d4bf1babe03ceacbe09131b76a14b9cd http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 40622 8e880c89feeb75ddcb97eff9a1d2fb3c http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 48658 639f3170e278823641666c3355710ce9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 86268 b2ae6f9d0f3397ab9d56b5ee2604f176 http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 36310 1f5d7ef1723c827f6ec1727b3787f3a9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 648378 1e2bb0cf23d1a130795cd9f745e76fe7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 209694 0235e8c39f85c8c59e5d8992d2c4d3fa http://security.ubuntu.com/ubuntu/pool/main/l/linux/ide-modules-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 39192 40b6ff3fb69584a473fd285329e2e2b2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 67952 06997f3f9fd155b9d8fd19ed840a7f46 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ipv6-modules-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 145266 94a9d3bf11d07fda05ba8d37e488c75e http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 286678 5b1c737aa948d6e03fdc79cea2467968 http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 2128784 32fc2ee9b3e3e5fb2b1c8a2522acc991 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-24-generic_2.6.24-24.55_amd64.deb Size/MD5: 671194 533f220e2ed87ae41437a2e46d1135bb http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-24-openvz_2.6.24-24.55_amd64.deb Size/MD5: 1251290 0c12f1ec5d33bf9b98a2cf65411f0cf6 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-24-rt_2.6.24-24.55_amd64.deb Size/MD5: 1273382 3dd530222979fbc4a0ec5846be3daa2b http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-24-server_2.6.24-24.55_amd64.deb Size/MD5: 671242 608ed557543bc3b12872b8731ac5594c http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-24-xen_2.6.24-24.55_amd64.deb Size/MD5: 1082876 c87e898e14f6037d1e4ad8c2c9fbe726 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.24-24-generic_2.6.24-24.55_amd64.deb Size/MD5: 17801664 16b23af9d06baf9c80b4ffc5b2ac8ce0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.24-24-server_2.6.24-24.55_amd64.deb Size/MD5: 17771428 8122d12f5082445f9603d13335b83515 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-debug-2.6.24-24-generic_2.6.24-24.55_amd64.deb Size/MD5: 21014464 68b73490ad11f3343768b5c201c70b25 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-debug-2.6.24-24-server_2.6.24-24.55_amd64.deb Size/MD5: 21387618 3b1bee21e40c69175cd5d1d45c5bf353 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.24-24.55_amd64.deb Size/MD5: 705286 db77b2afae66f80b6692bb8a19cc602e http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 263680 7f27a9bbc9cefe36cf9dc85d16423bc7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 176350 b51e4026bc049983ebd216f31169a41e http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 253928 a60545ac2ad4d8cdaf08da09e555ad08 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 1640052 b5d649f457aecfccea9ee1758b546bd9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 143684 0290beaef1a4ae3e291e20c517b979cb http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 164328 9124879a405d861d756f6dbeb40485b0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 115838 6edbfc0f6d64e81778feec9bbe7d0388 http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 35062 34b4bfd673f5b69d6a66d357d53913e8 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 64396 8913719a5eb39424e244f3aa3923ad56 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 69694 0a45f71737115cdcc8a8a7979bc9c01e http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 21592 1e5dfd4b78a18cbe0615bfe4e656241d http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 8618 3353256d9abc6aac3c8904247fad36a8 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 57178 34272f15a47eaead9a3bb5e8cabc99fe http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 102988 16f8a54269e7acfeec29642135518312 http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 1212082 7bfdf05b2a0e7a3e2a9bd69bfb74929a http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 45470 57609f5c992b83ab16b19cb8bdacff4a http://security.ubuntu.com/ubuntu/pool/main/l/linux/socket-modules-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 12772 ddb48f6ed471562112661169d41c09c3 http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 497808 bd328b4bfef64c9afaddaee236abdb91 http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.24-24-generic-di_2.6.24-24.55_amd64.udeb Size/MD5: 74980 db1542ff52ce70a7fa58d678e70d1ab7 http://security.ubuntu.com/ubuntu/pool/universe/l/linux/linux-image-2.6.24-24-openvz_2.6.24-24.55_amd64.deb Size/MD5: 19242994 1c7114da74f213cc5cdb9599ecf7233d http://security.ubuntu.com/ubuntu/pool/universe/l/linux/linux-image-2.6.24-24-rt_2.6.24-24.55_amd64.deb Size/MD5: 17890604 f7c54711409ec7c911b89a9e8d3cef47 http://security.ubuntu.com/ubuntu/pool/universe/l/linux/linux-image-2.6.24-24-xen_2.6.24-24.55_amd64.deb Size/MD5: 18900390 a6502ae7ee82cf1393310e22903b2763 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/l/linux/acpi-modules-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 23682 1c7aab194616a471285a9d250127a835 http://security.ubuntu.com/ubuntu/pool/main/l/linux/acpi-modules-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 26764 92a84719d2c4883b366d6d68d1820120 http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 218684 eb3d8b92d6c4a48245724997a6121fc2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 220440 40b53586ca28797dc014b8f656cf4725 http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 51932 80258fa2f467ec10a1ec94ba389a247e http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 52062 d84d679039a1dcb7a7a6e2be9a11bc9a http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 38324 ff2e0a017b7f58e42c276911d2b763ea http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 39080 50426ae4e5c02d35e95c5351665417cb http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 45866 27ce55188a7e0726ea19ac778c1b20bf http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 46012 ec9111a5e17c2b7cf80a8ec9d7eb574e http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 83200 c17e82497048c7e436642aa16a8b4177 http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 83580 d683701699212dcc121fb6c59096a766 http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 32396 2476d6800fd166d9923a3b25e7284e37 http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 32674 15560eb3ad638e98cf61e9ba41f59040 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 637392 0fecf174e6f568e2c6c7dad168bc3841 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 655480 3296fe2e55062e3b5b4b39e79e2104c6 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 209782 13517227a395e3b14e02c55a04d9b4a3 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 213588 e303705801fc9b3fb8f04b49c18f8d20 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ide-modules-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 46558 47c3d466e4f4e2725a11e60e8869d501 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ide-modules-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 47578 3680b979071cb88973c8aa33f94f2037 http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 62250 79aec11c8be1c769f018f94cbe9c1e42 http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 63618 5f60fbf8b28c79d969bbda9f457e5761 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ipv6-modules-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 130296 744b0747406ed2d6b4d57eac25a866ae http://security.ubuntu.com/ubuntu/pool/main/l/linux/ipv6-modules-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 136874 923a1fde2cf0625dd1a4de29e9738fac http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 278542 56184e755e1b37390051b10d66615d8e http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 277118 b273c46bbceb8d256b04295ea3f6bc5c http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 2008816 96b6e6b4d202c7d4edcd9a4e9257e663 http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 2086100 0199324ff0fe5d6e7d833a3c07a6ac0a http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-24-386_2.6.24-24.55_i386.deb Size/MD5: 652664 06b4ba3927add4c3a8fb5ee484129bd5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-24-generic_2.6.24-24.55_i386.deb Size/MD5: 655538 f1aad1bb26f9fdaea6bee64cdf6e69d7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-24-openvz_2.6.24-24.55_i386.deb Size/MD5: 1239292 17b21b1c71a637a1f3470befdc6e244c http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-24-rt_2.6.24-24.55_i386.deb Size/MD5: 1259626 c857ca06ef5630c9b6faad7c13ef1449 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-24-server_2.6.24-24.55_i386.deb Size/MD5: 657340 e5fc27b2ba6419ae6110bfdb147dc50a http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-24-virtual_2.6.24-24.55_i386.deb Size/MD5: 557898 1d6abe04efc461e263605280c3d6a327 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-24-xen_2.6.24-24.55_i386.deb Size/MD5: 1058088 1de1a8532504cfab66b9afb58aa7fd64 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.24-24-386_2.6.24-24.55_i386.deb Size/MD5: 18368104 894bae5c45f3313fa6ffde9c5403a050 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.24-24-generic_2.6.24-24.55_i386.deb Size/MD5: 18389358 0f87aba56c1e970dcc7a05c178764c59 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.24-24-server_2.6.24-24.55_i386.deb Size/MD5: 18498588 f5c1063f494bd8000f41db10a4c923a3 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.24-24-virtual_2.6.24-24.55_i386.deb Size/MD5: 8686422 ff430f2f608d318cfdc9ee1f085232c0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-debug-2.6.24-24-386_2.6.24-24.55_i386.deb Size/MD5: 25497824 3fdb3a0bae1754cc7dcd5fc13e5c92f3 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-debug-2.6.24-24-generic_2.6.24-24.55_i386.deb Size/MD5: 26304704 fbf86e8b9355cd2a4dc4e964ce93a1e1 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-debug-2.6.24-24-server_2.6.24-24.55_i386.deb Size/MD5: 27324298 f2411de5448b6b3dc5041ae93e3fbad8 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-debug-2.6.24-24-virtual_2.6.24-24.55_i386.deb Size/MD5: 24820580 7c3be9e7dca67713529e3f593c28ca8d http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.24-24.55_i386.deb Size/MD5: 705292 e7ea84e2f6120b20e2718223efe47e4a http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 258744 758ec24355c4c81cb04be0b337b79d22 http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 264062 c3f0e5c7f02e751e8db755eb939e493f http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 163194 681a38c27b55f122aff23ddc43358e82 http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 162950 64cab9f1cece7117949678fd7022be38 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 236500 02a04c11e39555ded5a1af39a31f2e1b http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 244826 1536f32ebccf86886505f5c111275425 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 1809006 eaa66dd9cdf3cae2f3387bc50b0aca3f http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 1826238 ef6179911307b224bfbc9442d401168d http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 150794 3dce18851cd0f9da0e49af7df236dac8 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 142948 69d90acefce82696bb1db4f68bfc70c9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 155958 15a467bdd1e7bdbf50d61a024502acb4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 156974 69832b6793dd3c121ae93eada967077d http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 107174 d2138453acdf0e700bdf074e33e99286 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 108480 fedf19d305e641f2d3c370dced2309e5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 32962 e7bd906326133b9381e2cb49c8af646b http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 33388 bcad2f4d1eb61a1d7d795e75854ca434 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 60704 84ae7bb7df1e8102cb7a7a190d963362 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 61154 66fd1b4c06a054c95fad67893640b621 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 82652 ce2130dbd82535557b662084e728928a http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 82958 d439c65c130de9fa29027716f8710874 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 48356 daa2818cfb4b21a7032416c18182b147 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 48244 6a2211f86f7f8df90c5b8ceb38a4a627 http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 8190 b40afdf981d8fe354b20d0bc7cc83c3a http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 8440 70afae21dbbd5f5cef34294c8de8e725 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 51050 5fe6712265c74000a7d92360c4d1ac81 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 52908 cf6981bb68eb23f899b6a55642238b7b http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 92184 fe7ae21dc89d89b1921f4ed7cbbabf59 http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 92448 e18bed4505a2ca45dfd67499c87f3b8b http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 1442928 f9784301cbe888b3a7610f69210845c9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 1426196 fee708e2af1dab92610fb1c3496c95da http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 43236 4b344cdc662f35bad896e8c7bc726f21 http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 42796 91578f1e887bac7983dae7884b357616 http://security.ubuntu.com/ubuntu/pool/main/l/linux/socket-modules-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 11406 097f3d4965b4fb4b62250309b71ea556 http://security.ubuntu.com/ubuntu/pool/main/l/linux/socket-modules-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 12016 4c3681d6ac324a27218a5d7f1eb012a4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 470332 975e3f02a4bdd541e27f7c917bcfcb11 http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 472254 3d79ecbffb9a08a25f5e818718137079 http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.24-24-386-di_2.6.24-24.55_i386.udeb Size/MD5: 70450 aeb3fece9342114f992fec68f5d48f71 http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.24-24-generic-di_2.6.24-24.55_i386.udeb Size/MD5: 71368 a6bb96b015f25d08f5628aeedd3bcb81 http://security.ubuntu.com/ubuntu/pool/universe/l/linux/linux-image-2.6.24-24-openvz_2.6.24-24.55_i386.deb Size/MD5: 20243576 c1424fd878abdcd2a7bc29fc88369c9b http://security.ubuntu.com/ubuntu/pool/universe/l/linux/linux-image-2.6.24-24-rt_2.6.24-24.55_i386.deb Size/MD5: 18527060 4213eff1e17851fd9a6ba77150b54638 http://security.ubuntu.com/ubuntu/pool/universe/l/linux/linux-image-2.6.24-24-xen_2.6.24-24.55_i386.deb Size/MD5: 18773284 a33c73287198621afbe02e414e91d696 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-24-lpia_2.6.24-24.55_lpia.deb Size/MD5: 636610 4747e9fa2334ce46a6f0700646291dd9 http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-24-lpiacompat_2.6.24-24.55_lpia.deb Size/MD5: 703234 44e3bcfa9a931471c392192cfb0c54a8 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.24-24-lpia_2.6.24-24.55_lpia.deb Size/MD5: 14504750 5e482a7e08464985b808a6230a00d1b3 http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.24-24.55_lpia.deb Size/MD5: 705278 c7d8b590dbff2f80c38689e174e2723a http://ports.ubuntu.com/pool/universe/l/linux/linux-image-2.6.24-24-lpiacompat_2.6.24-24.55_lpia.deb Size/MD5: 19810228 4d05fa4a2372061c0c1ac2637ee08ff6 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.24-24-powerpc-di_2.6.24-24.55_powerpc.udeb Size/MD5: 334050 549350eae9ac212a55977acc795e683f http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.24-24-powerpc64-smp-di_2.6.24-24.55_powerpc.udeb Size/MD5: 318864 ab27ac3a958eb09b9d12fafd09a77df8 http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.24-24-powerpc-di_2.6.24-24.55_powerpc.udeb Size/MD5: 62716 00b04f957690db8a0ba8a22438f2e496 http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.24-24-powerpc64-smp-di_2.6.24-24.55_powerpc.udeb Size/MD5: 73002 e8cb037fdde1bdb771482900638bb6d4 http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.24-24-powerpc-di_2.6.24-24.55_powerpc.udeb Size/MD5: 41434 88738c9f94ad51860b132ec86417d295 http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.24-24-powerpc64-smp-di_2.6.24-24.55_powerpc.udeb Size/MD5: 47824 b3c9f8d3e3d792c644dc6dff2da19df8 http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.24-24-powerpc-di_2.6.24-24.55_powerpc.udeb Size/MD5: 89458 52a345ac135c1ac50f528412b7d31f75 http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.24-24-powerpc64-smp-di_2.6.24-24.55_powerpc.udeb Size/MD5: 105682 57846bf90eef89a20cdf99b67e2f6b2a http://ports.ubuntu.com/pool/main/l/linux/floppy-modules-2.6.24-24-powerpc-di_2.6.24-24.55_powerpc.udeb Size/MD5: 44804 3f9bc834fa30a5f15a054bc4a1ffcae0 http://ports.ubuntu.com/pool/main/l/linux/floppy-modules-2.6.24-24-powerpc64-smp-di_2.6.24-24.55_powerpc.udeb Size/MD5: 40928 a1c7bfd9166c6dbd96f79c7454d72bb4 http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.24-24-powerpc-di_2.6.24-24.55_powerpc.udeb Size/MD5: 704240 118333ea34b764806834b8da0975eb32 http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.24-24-powerpc64-smp-di_2.6.24-24.55_powerpc.udeb Size/MD5: 770534 f2ff41faa006ee681e1f0fa467626f98 http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.24-24-powerpc-di_2.6.24-24.55_powerpc.udeb Size/MD5: 242804 cd1d00ce97f420cc7a7ea0e73b11bc17 http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.24-24-powerpc64-smp-di_2.6.24-24.55_powerpc.udeb Size/MD5: 245874 bddc2d618001db1be1d3330b921e498a http://ports.ubuntu.com/pool/main/l/linux/ide-modules-2.6.24-24-powerpc-di_2.6.24-24.55_powerpc.udeb Size/MD5: 69130 630b48f7871d88b3c2ec42ba406b56df http://ports.ubuntu.com/pool/main/l/linux/ide-modules-2.6.24-24-powerpc64-smp-di_2.6.24-24.55_powerpc.udeb Size/MD5: 132574 c32734e71c98e17a3d3326c2d0caaa03 http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.24-24-powerpc-di_2.6.24-24.55_powerpc.udeb Size/MD5: 70240 1f2caeecf72dea50709079d5987714e8 http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.24-24-powerpc64-smp-di_2.6.24-24.55_powerpc.udeb Size/MD5: 77438 9c53877ef28007ed1185a93ec5cf90f5 http://ports.ubuntu.com/pool/main/l/linux/ipv6-modules-2.6.24-24-powerpc-di_2.6.24-24.55_powerpc.udeb Size/MD5: 146066 8b3b83976cc2eec52b5dbb49568c2b44 http://ports.ubuntu.com/pool/main/l/linux/ipv6-modules-2.6.24-24-powerpc64-smp-di_2.6.24-24.55_powerpc.udeb Size/MD5: 165040 7e0732ce30c7d287c6897fd89f0eab03 http://ports.ubuntu.com/pool/main/l/linux/irda-modules-2.6.24-24-powerpc-di_2.6.24-24.55_powerpc.udeb Size/MD5: 387144 7681e85a926a3cfd4bd1101bfe802ef0 http://ports.ubuntu.com/pool/main/l/linux/irda-modules-2.6.24-24-powerpc64-smp-di_2.6.24-24.55_powerpc.udeb Size/MD5: 350038 c70af186448028febde4ce8eb77751f7 http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.24-24-powerpc-di_2.6.24-24.55_powerpc.udeb Size/MD5: 2429338 f466200ef72ff34ab3048e67e2fefa4d http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.24-24-powerpc64-smp-di_2.6.24-24.55_powerpc.udeb Size/MD5: 3471000 339b6ce1c1190471faa546011cbe67a6 http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-24-powerpc-smp_2.6.24-24.55_powerpc.deb Size/MD5: 650754 d55d970951a1844ed71f6e3c91709989 http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-24-powerpc64-smp_2.6.24-24.55_powerpc.deb Size/MD5: 654978 1b04d2d2aab7846f7799a90433106d2e http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-24-powerpc_2.6.24-24.55_powerpc.deb Size/MD5: 650486 a9a4f052ac25ea294b6d285808c441da http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.24-24-powerpc-smp_2.6.24-24.55_powerpc.deb Size/MD5: 20160752 f0ee78fa89e85b317dc850d8a5cd5f4c http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.24-24-powerpc64-smp_2.6.24-24.55_powerpc.deb Size/MD5: 21366650 f8c2e33729bac5cc66aade8eed5893a9 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.24-24-powerpc_2.6.24-24.55_powerpc.deb Size/MD5: 19924130 c30583206aa8506e4f8316e3519bb038 http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.24-24.55_powerpc.deb Size/MD5: 695442 60d6d8281a73567a3a1859e603604f2d http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.24-24-powerpc-di_2.6.24-24.55_powerpc.udeb Size/MD5: 266766 d734653d249aba57e366ae07a6b1fc93 http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.24-24-powerpc64-smp-di_2.6.24-24.55_powerpc.udeb Size/MD5: 307642 097f927755577ead97570034ae0f6388 http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.24-24-powerpc-di_2.6.24-24.55_powerpc.udeb Size/MD5: 192170 d8d4fde8fe228d72875d66dd761ed7df http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.24-24-powerpc64-smp-di_2.6.24-24.55_powerpc.udeb Size/MD5: 201578 5f98ef6e232bfb91d8a91be636a154c9 http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.24-24-powerpc-di_2.6.24-24.55_powerpc.udeb Size/MD5: 271794 5072cd3330a816dcaa3a77f3805464e3 http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.24-24-powerpc64-smp-di_2.6.24-24.55_powerpc.udeb Size/MD5: 305896 4fe491fccc865c3d73ccf92bae2544b5 http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.24-24-powerpc-di_2.6.24-24.55_powerpc.udeb Size/MD5: 1806898 510190e890ad1fc342fafec66b6ab616 http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.24-24-powerpc64-smp-di_2.6.24-24.55_powerpc.udeb Size/MD5: 2117694 2af9aa4973ab6554eaf799abcff3e1b9 http://ports.ubuntu.com/pool/main/l/linux/nic-pcmcia-modules-2.6.24-24-powerpc-di_2.6.24-24.55_powerpc.udeb Size/MD5: 235192 379bf968241b634089ebbf2a3ba440e0 http://ports.ubuntu.com/pool/main/l/linux/nic-pcmcia-modules-2.6.24-24-powerpc64-smp-di_2.6.24-24.55_powerpc.udeb Size/MD5: 225202 4066dff0c55796f0af7809947252d479 http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.24-24-powerpc-di_2.6.24-24.55_powerpc.udeb Size/MD5: 170102 1a3ccf3058cab72bba610082bd9dd390 http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.24-24-powerpc64-smp-di_2.6.24-24.55_powerpc.udeb Size/MD5: 199686 447cab0246a933abfac18838eaac032a http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.24-24-powerpc-di_2.6.24-24.55_powerpc.udeb Size/MD5: 117910 9074869c8dad579b52daaafefebd100c http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.24-24-powerpc64-smp-di_2.6.24-24.55_powerpc.udeb Size/MD5: 139200 06c2711f162832bcaf4141298024f18e http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.24-24-powerpc-di_2.6.24-24.55_powerpc.udeb Size/MD5: 45366 e9f0bb9ae84949936a872f1a90ad4118 http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.24-24-powerpc64-smp-di_2.6.24-24.55_powerpc.udeb Size/MD5: 46836 05b95ec8a1a0557f8b82e1b0000e2dcc http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.24-24-powerpc-di_2.6.24-24.55_powerpc.udeb Size/MD5: 51136 34dd7d7fb1c2ed5e3d1c737573fb2cd5 http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.24-24-powerpc64-smp-di_2.6.24-24.55_powerpc.udeb Size/MD5: 60286 99bbe8d8d2ffb39ba38190798354c608 http://ports.ubuntu.com/pool/main/l/linux/pcmcia-modules-2.6.24-24-powerpc-di_2.6.24-24.55_powerpc.udeb Size/MD5: 74166 682080eb95c5a3820aacf3a3654e9a77 http://ports.ubuntu.com/pool/main/l/linux/pcmcia-modules-2.6.24-24-powerpc64-smp-di_2.6.24-24.55_powerpc.udeb Size/MD5: 87206 4e21dc9fe1e1899d668fa3e0a5e15e14 http://ports.ubuntu.com/pool/main/l/linux/pcmcia-storage-modules-2.6.24-24-powerpc-di_2.6.24-24.55_powerpc.udeb Size/MD5: 76004 1ae6a390c94233465c10686bf504e4bc http://ports.ubuntu.com/pool/main/l/linux/pcmcia-storage-modules-2.6.24-24-powerpc64-smp-di_2.6.24-24.55_powerpc.udeb Size/MD5: 30226 9649e84d3347d6ff643833bb0911f670 http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.24-24-powerpc-di_2.6.24-24.55_powerpc.udeb Size/MD5: 8492 100b04ee69053cb99263a9639d1fe52e http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.24-24-powerpc64-smp-di_2.6.24-24.55_powerpc.udeb Size/MD5: 10026 9b7c48978f55d3ab82a253db053175d7 http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.24-24-powerpc-di_2.6.24-24.55_powerpc.udeb Size/MD5: 57368 dbba71ebc8d5e9ab03a061cc143d8c6e http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.24-24-powerpc64-smp-di_2.6.24-24.55_powerpc.udeb Size/MD5: 68688 9dba3901ed2ccf499412430b8ae02ffe http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.24-24-powerpc-di_2.6.24-24.55_powerpc.udeb Size/MD5: 101246 290026d8946c001bd7e2f9e8d6510a6b http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.24-24-powerpc64-smp-di_2.6.24-24.55_powerpc.udeb Size/MD5: 147768 ad3b8e8f8947d09aa69cbd7f9034e440 http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.24-24-powerpc-di_2.6.24-24.55_powerpc.udeb Size/MD5: 1565048 4e7fd21f0fa808514fc1f84e6113e4dd http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.24-24-powerpc64-smp-di_2.6.24-24.55_powerpc.udeb Size/MD5: 1514044 2eb4cb565003a82d51c8cc36db03c6e7 http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.24-24-powerpc-di_2.6.24-24.55_powerpc.udeb Size/MD5: 76680 6c5817e16da05b6017c93af9ac31fe2d http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.24-24-powerpc64-smp-di_2.6.24-24.55_powerpc.udeb Size/MD5: 85964 45673fac64f8a6d5074a5173bfeb38e0 http://ports.ubuntu.com/pool/main/l/linux/socket-modules-2.6.24-24-powerpc-di_2.6.24-24.55_powerpc.udeb Size/MD5: 12710 25923caf1ed00118907a4e61b5df617f http://ports.ubuntu.com/pool/main/l/linux/socket-modules-2.6.24-24-powerpc64-smp-di_2.6.24-24.55_powerpc.udeb Size/MD5: 14558 22805c8e35fa454f643f9913f2a0083d http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.24-24-powerpc-di_2.6.24-24.55_powerpc.udeb Size/MD5: 449544 ff9ce90996651531510b7880de3d87fd http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.24-24-powerpc64-smp-di_2.6.24-24.55_powerpc.udeb Size/MD5: 504018 c28ce7f4984fff73f65845d644d956db http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.24-24-powerpc-di_2.6.24-24.55_powerpc.udeb Size/MD5: 83508 cc54fd358a4e6f5b812fefc493f53d49 http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.24-24-powerpc64-smp-di_2.6.24-24.55_powerpc.udeb Size/MD5: 108720 70ec0fd895b63491bc5b5e895d23e730 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.24-24-sparc64-di_2.6.24-24.55_sparc.udeb Size/MD5: 59596 e0228d1b8d48dcb9b2eeb5a133fd4fea http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.24-24-sparc64-di_2.6.24-24.55_sparc.udeb Size/MD5: 71728 1cde4a7c06765886c874a504349c7295 http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.24-24-sparc64-di_2.6.24-24.55_sparc.udeb Size/MD5: 42454 dede4ea8cdb116e8865de77c903012a6 http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.24-24-sparc64-di_2.6.24-24.55_sparc.udeb Size/MD5: 91760 fb38bcd0b2c03e153c25569fd6bf6f7f http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.24-24-sparc64-di_2.6.24-24.55_sparc.udeb Size/MD5: 587002 31d43eb6a4b4fba550bd644c5e3dab86 http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.24-24-sparc64-di_2.6.24-24.55_sparc.udeb Size/MD5: 171008 431c1bde571792a29e2c746ac89f4069 http://ports.ubuntu.com/pool/main/l/linux/ide-modules-2.6.24-24-sparc64-di_2.6.24-24.55_sparc.udeb Size/MD5: 22354 17062dcda3c2018f97dbc320045cff0e http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.24-24-sparc64-di_2.6.24-24.55_sparc.udeb Size/MD5: 46050 111c0d79c0bdad8a685f422383037219 http://ports.ubuntu.com/pool/main/l/linux/ipv6-modules-2.6.24-24-sparc64-di_2.6.24-24.55_sparc.udeb Size/MD5: 152862 e2cc622a55df2744b07812def8c89239 http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.24-24-sparc64-di_2.6.24-24.55_sparc.udeb Size/MD5: 2121270 a2a2e37a9c05525401efaffc7ce199e7 http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-24-sparc64-smp_2.6.24-24.55_sparc.deb Size/MD5: 562642 a76540180de0ac6e12dac23389ac1b3f http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-24-sparc64_2.6.24-24.55_sparc.deb Size/MD5: 560822 72eb5f3fcb523dd8106850417fd0520e http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.24-24-sparc64-smp_2.6.24-24.55_sparc.deb Size/MD5: 14090906 2d868fdedfc320b2239dbf301790d1dc http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.24-24-sparc64_2.6.24-24.55_sparc.deb Size/MD5: 13802896 bf6e9b86cbdede26fd89061b10296551 http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.24-24.55_sparc.deb Size/MD5: 750358 2aa64567f87f3e01794a2c86529da23d http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.24-24-sparc64-di_2.6.24-24.55_sparc.udeb Size/MD5: 270052 0ba83932dbed8aeaf6ddd3a29b692a46 http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.24-24-sparc64-di_2.6.24-24.55_sparc.udeb Size/MD5: 190274 e71570e211349110b3e422c4be949ad2 http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.24-24-sparc64-di_2.6.24-24.55_sparc.udeb Size/MD5: 262746 5945be1dee0f68cc7c2accaf043bc050 http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.24-24-sparc64-di_2.6.24-24.55_sparc.udeb Size/MD5: 1385732 1e777b3f2817abf6b080c0716332bbd5 http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.24-24-sparc64-di_2.6.24-24.55_sparc.udeb Size/MD5: 175218 97800c61086265b7ec2e905295897e5a http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.24-24-sparc64-di_2.6.24-24.55_sparc.udeb Size/MD5: 122096 951902334238b51aa9b172b78962db10 http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.24-24-sparc64-di_2.6.24-24.55_sparc.udeb Size/MD5: 40402 c630c56f90c33e2bd29d18af59670427 http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.24-24-sparc64-di_2.6.24-24.55_sparc.udeb Size/MD5: 48062 599c33d62648436711413f7d36da2d18 http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.24-24-sparc64-di_2.6.24-24.55_sparc.udeb Size/MD5: 8700 5d3347aa29bdfac095254b435ed40d98 http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.24-24-sparc64-di_2.6.24-24.55_sparc.udeb Size/MD5: 60398 53c6a79c562b197f78a7e1fdb4e77e95 http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.24-24-sparc64-di_2.6.24-24.55_sparc.udeb Size/MD5: 106764 9889da01d9805293d43cab0fd63ffeec http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.24-24-sparc64-di_2.6.24-24.55_sparc.udeb Size/MD5: 1001728 2fe7e877334ddd3cf236f6e98f5f46fe http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.24-24-sparc64-di_2.6.24-24.55_sparc.udeb Size/MD5: 9512 be22a95339bad90349084fa441b1471f http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.24-24-sparc64-di_2.6.24-24.55_sparc.udeb Size/MD5: 391164 43cbe127ea4d0b428ac38c360e235cb3 http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.24-24-sparc64-di_2.6.24-24.55_sparc.udeb Size/MD5: 75858 d3fd8c3a8134018d37ddc66b7fb0711d Updated packages for Ubuntu 8.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.27-14.35.diff.gz Size/MD5: 3181140 f341f37430b19a4815761da90e63e255 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.27-14.35.dsc Size/MD5: 1491 348bdb8051f6821a99b6e0725c2aca64 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.27.orig.tar.gz Size/MD5: 63721466 482b04f680ce6676114ccfaaf8f66a55 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-doc-2.6.27_2.6.27-14.35_all.deb Size/MD5: 3489746 1ff47091f292a7388a12f08f9dc8f8b7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-14_2.6.27-14.35_all.deb Size/MD5: 5793886 6b12bcd8a9d7fbb597c13d0aa0d285bf http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-source-2.6.27_2.6.27-14.35_all.deb Size/MD5: 52077688 28412f9128132c91c15915a3d5812093 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/l/linux/acpi-modules-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 36522 304d150ef4d9a9db9695c2ea3eddf798 http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 265178 c0cedca8f9af22d7d35a6f5331e64f46 http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 53460 164d97bf182cdc710089336701669026 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 43068 27182ab8ec89343ddb1acaadb79d20a8 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 52322 615253a966a6cfb75cde1ea2e74cdcfb http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 89740 8ed1b79d7e290f7bf3cb49f50907e370 http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 38172 56c5bfbb21825a4fa74292c63532e201 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 676692 265d0d3fd047797b08261901f3cb50d1 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 158538 b27457d63fe234182a931c857b64d242 http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 46344 f4e9b955dc853195fd05ecae5f140794 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ipv6-modules-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 154248 ad469c83e50590ada6c4b399a6d69854 http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 312772 95e8ea1f4626ae7ced5c93597fbd8af0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 2602274 23d7c86bd8d4ad26d754b97a428b74d4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-14-generic_2.6.27-14.35_amd64.deb Size/MD5: 660580 6c6df3fe5e9f36c47392b8df503fb996 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-14-server_2.6.27-14.35_amd64.deb Size/MD5: 660584 05bb6f130a1faac0e47c59a64cb59e41 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-14-generic_2.6.27-14.35_amd64.deb Size/MD5: 23065618 fe985c117c3b6faee48830f64cabf971 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-14-server_2.6.27-14.35_amd64.deb Size/MD5: 23071172 a9d6617828de879a1ef4a68610f06e43 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-14-virtual_2.6.27-14.35_amd64.deb Size/MD5: 10464288 f91fdb8992629a5ae82cbcb2d383b8e7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.27-14.35_amd64.deb Size/MD5: 673298 fe94d2d76e3a5dce812d7d8a597637a1 http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 434636 6fe6ed3dc5c57e5a876f2c6c6c7fbb88 http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 186386 338f1bad9040bf0c78ee9397de9398b0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 275414 4a5d4c3690aedd96e3eee3d922d73728 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 1809338 6afa319ea3d9f91e4d16629b86afb1b6 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 151300 cdf306368201a053d740b4d77bf62c02 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 194010 d7ed2a96bbd6dcfa75c163511c8b4f7c http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 168054 27dbc834cddb14ce830806e769efb0b6 http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 36432 95637deca9859881af3edf3db8e06ccc http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 83440 e97ed7ed724ca8c518927601f6b433b9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 71986 1c4c570c1fe15e5cebad90d8a93cf70f http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 23240 ebaa5d5263395e8517ea82ae3b92ddfc http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 9012 f865b88210a4c54d8fdc79a9cfbdf4a0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 68492 6994b7e19338405c0e127924e67e516d http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 110292 8e81e11a44a41f94fef4dff4e59e3da3 http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 1275410 34848383b66939762660048e268e8441 http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 47594 9181c757204f49f4d0dac390e83f02a4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/socket-modules-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 13480 a51476c745872d0858d9b7033a64ea9f http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 393508 9500d323c74c9a330c85183c1686ff49 http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 200788 c5ed4008f970210bb982f80cbce591e4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.27-14-generic-di_2.6.27-14.35_amd64.udeb Size/MD5: 13620 2fc4b4f188f9218932d0490308507835 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/l/linux/acpi-modules-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 33922 f40a1e72d099b64c586a6db641443044 http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 244642 b720012479a1cbe6ba08d28302584fc9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 55394 90c1f139ebe83c6d6d8b1a1fc1061297 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 41218 c1b7874af183c54e95df8d57557aa7c0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 48654 dfb3c0359053a662017fd9dea0f840ab http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 86896 3e594eaa10f4598f2c050daf5ee208e5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 34058 c5f4fc9d0f61e279e0f6a9b351545b27 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 675184 eac37d6873c317fec9dbc41af85ce84f http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 158298 fdb6996d620940e986f9e809a1061414 http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 43598 8d56f44e1e6c01610509b5cdc9ea5f42 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ipv6-modules-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 145120 47f331154c2773e7861a63965661123a http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 301946 d7980f5869e46243a45b37625ad61afe http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 2435224 46b565365b11d793768f04f50a4c248b http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-14-generic_2.6.27-14.35_i386.deb Size/MD5: 643392 3e61d3633116618454601e745e24a863 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-14-server_2.6.27-14.35_i386.deb Size/MD5: 644726 37a677e1e3004e6b42d0958beeb0fda7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-14-generic_2.6.27-14.35_i386.deb Size/MD5: 23478050 04856487eac811aebdd2a30416889f40 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-14-server_2.6.27-14.35_i386.deb Size/MD5: 23600374 2b9a4093fbdd02dbd054cbe8ca2384f1 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-14-virtual_2.6.27-14.35_i386.deb Size/MD5: 10108412 0d4c0bd4e94cac0ea3b384b6b1d29cb5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.27-14.35_i386.deb Size/MD5: 673308 dc76499e326c2f5c2e10b547241ed770 http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 432904 836dfe4f7fd217c3d6b4e50ee27ff5ec http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 171144 e01935798941dc8722f25c9e499d7dba http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 263706 ad942f31cb448980c110c5d65b4c5938 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 1993126 9e48f8f227a345c72ae76263b3acc41e http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 150922 d45e54c03e6524f7409d8ffe6ccbc1fe http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 183850 26ff7871dda8a29516eb04951e395500 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 157722 7cefa9c1e1abd9574daa5a2732c8d43b http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 34498 a323c4253a702888a9ee866bafcac9e5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 78252 3306e0596c6ec6a941906ec5cf1b5896 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 86172 14f820994a04b74bacc55f908ced747a http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 51176 929ace31f9151a14f646711b57141335 http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 8794 c6ff3050c0e8d61f69978e3a64f3afc0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 64308 ab5438618e09f3747c9cabe4d2202d42 http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 102010 d66cf8423068745b1896a2d37087ea57 http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 1449250 cc24f0d8b7411f15f0b3704c92c73719 http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 44514 0763f6eeda9cf0971a5145eeca31a37b http://security.ubuntu.com/ubuntu/pool/main/l/linux/socket-modules-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 12642 4142729eb596aefe6b55a3c91b537aa7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 372528 2ec016366a3c65b130470af25b4f4cd9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 189698 577f8d2648589a2620fe4917bcd90e4a http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.27-14-generic-di_2.6.27-14.35_i386.udeb Size/MD5: 12992 aaf90b0f25f26915752e0d01ffdf1404 Updated packages for Ubuntu 9.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.28-13.45.diff.gz Size/MD5: 7052018 c30f6c12f534fb270e77a8db16658c00 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.28-13.45.dsc Size/MD5: 1988 c31e8f14e5353913483bcbe5134a221a http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.28.orig.tar.gz Size/MD5: 66766084 062c29b626a55f09a65532538a6184d4 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-doc-2.6.28_2.6.28-13.45_all.deb Size/MD5: 3630660 dff37123aa2a0a01813aaafa113efeaa http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.28-13_2.6.28-13.45_all.deb Size/MD5: 8694158 d568990611704c5022f17a406bba56da http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-source-2.6.28_2.6.28-13.45_all.deb Size/MD5: 56896726 2218180442fe2265c4a383718103d24b amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.28-13-generic-di_2.6.28-13.45_amd64.udeb Size/MD5: 234530 8ca4ab91f04156b591af5e036a9d9eaf http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.28-13-generic-di_2.6.28-13.45_amd64.udeb Size/MD5: 44110 3d35edf87a693b4aec248c4e110db223 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.28-13-generic-di_2.6.28-13.45_amd64.udeb Size/MD5: 43326 8b5f1e9917275cb49fd5cdc5fe7c372c http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.28-13-generic-di_2.6.28-13.45_amd64.udeb Size/MD5: 51102 a1b090802ce4589182c26704db51e79a http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.28-13-generic-di_2.6.28-13.45_amd64.udeb Size/MD5: 89946 692cdd4f68027d91736aee9507a279a3 http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.28-13-generic-di_2.6.28-13.45_amd64.udeb Size/MD5: 37992 40f149752511e8e7d4b527bd321f5f61 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.28-13-generic-di_2.6.28-13.45_amd64.udeb Size/MD5: 521610 a346bd312d8eed61e8bb96fb59f3b9b9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.28-13-generic-di_2.6.28-13.45_amd64.udeb Size/MD5: 125632 86429c19731c1bbc4fc7025d4659f4e0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.28-13-generic-di_2.6.28-13.45_amd64.udeb Size/MD5: 58050 dbb7ceb698b6e40a9429b35804416265 http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.28-13-generic-di_2.6.28-13.45_amd64.udeb Size/MD5: 312206 2bd5e6bd4338e51c72d349a40a24afb9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.28-13-generic-di_2.6.28-13.45_amd64.udeb Size/MD5: 3867978 7532ceaadca5ac062476c9a058e87f87 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.28-13-generic_2.6.28-13.45_amd64.deb Size/MD5: 684590 ce636ed44071caf1eb5696a5b4cd3d52 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.28-13-server_2.6.28-13.45_amd64.deb Size/MD5: 684602 67c72e9124b19974c39f55341d293d4f http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.28-13-generic_2.6.28-13.45_amd64.deb Size/MD5: 24250596 54189eb7095f154663e12fcbd03e3052 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.28-13-server_2.6.28-13.45_amd64.deb Size/MD5: 24255096 11079badc74f668bfa9299a94eee9500 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.28-13-virtual_2.6.28-13.45_amd64.deb Size/MD5: 10522290 889f00238ab9579a1a3787b6f4093bba http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.28-13.45_amd64.deb Size/MD5: 761032 20f696493a51b361c8211cd3a99773a3 http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.28-13-generic-di_2.6.28-13.45_amd64.udeb Size/MD5: 215158 e7434a687dec03b384f88e8e86870b2d http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.28-13-generic-di_2.6.28-13.45_amd64.udeb Size/MD5: 189390 cd7116d69deef0ccd449097583b27125 http://security.ubuntu.com/ubuntu/pool/main/l/linux/mouse-modules-2.6.28-13-generic-di_2.6.28-13.45_amd64.udeb Size/MD5: 29396 de5e69d2393ad59f85a530a3a1076f03 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.28-13-generic-di_2.6.28-13.45_amd64.udeb Size/MD5: 274128 a4bb104369c8be8748a38ec66a6649b1 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.28-13-generic-di_2.6.28-13.45_amd64.udeb Size/MD5: 1826044 25d1a4452606ab450f214afd2c6da482 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.28-13-generic-di_2.6.28-13.45_amd64.udeb Size/MD5: 163490 edffca1a4f08889ab04638134e70bdfa http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.28-13-generic-di_2.6.28-13.45_amd64.udeb Size/MD5: 194758 84976648caa181490b9c748f7672e20c http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.28-13-generic-di_2.6.28-13.45_amd64.udeb Size/MD5: 152946 38f0b1e429efc2993fb2f0346daf98d2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.28-13-generic-di_2.6.28-13.45_amd64.udeb Size/MD5: 36490 09b7bf2b970fab395adc80da34772183 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.28-13-generic-di_2.6.28-13.45_amd64.udeb Size/MD5: 5842 6a537fc3a2af29ba6fd981ce8b2b19f0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.28-13-generic-di_2.6.28-13.45_amd64.udeb Size/MD5: 72132 2416b9382cc51b3b1c424d52bbf379b0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.28-13-generic-di_2.6.28-13.45_amd64.udeb Size/MD5: 22716 d5f4dc6ca66de6c6044e2fcfcf9783c5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.28-13-generic-di_2.6.28-13.45_amd64.udeb Size/MD5: 8878 58927a3e2b4abbb9a3e0e19c969b701a http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.28-13-generic-di_2.6.28-13.45_amd64.udeb Size/MD5: 47470 8cd84b96c9d3b1e32b3e7d29042b4a91 http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.28-13-generic-di_2.6.28-13.45_amd64.udeb Size/MD5: 15622 5b3599e51e3513f458430702ba57410a http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.28-13-generic-di_2.6.28-13.45_amd64.udeb Size/MD5: 1272842 175bd4440eb113fa0b72b1c3897457c4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.28-13-generic-di_2.6.28-13.45_amd64.udeb Size/MD5: 47218 3bf3faa60421de087af2696985c361eb http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.28-13-generic-di_2.6.28-13.45_amd64.udeb Size/MD5: 72626 f431e2290ae3347326ff8b3fc5b5bf98 http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.28-13-generic-di_2.6.28-13.45_amd64.udeb Size/MD5: 126946 c82470ee359a4f8d7879367739e73f1d http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.28-13-generic-di_2.6.28-13.45_amd64.udeb Size/MD5: 13472 0299bdd96f706adde62bcbf1fe873527 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.28-13-generic-di_2.6.28-13.45_i386.udeb Size/MD5: 215716 af09e22b5eededba6f06bbce4b6f7f6e http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.28-13-generic-di_2.6.28-13.45_i386.udeb Size/MD5: 46662 cbb33d90c53ae6c5a277c9f4402188e1 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.28-13-generic-di_2.6.28-13.45_i386.udeb Size/MD5: 41344 c369ce39d1595df751bf81a7ca1d4831 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.28-13-generic-di_2.6.28-13.45_i386.udeb Size/MD5: 47378 092cfe8af282c15f332902a0295fe1b4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.28-13-generic-di_2.6.28-13.45_i386.udeb Size/MD5: 86848 c2b5e966fc9e4476ab1b6c6fde5bb7a5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.28-13-generic-di_2.6.28-13.45_i386.udeb Size/MD5: 33574 e7b69e22af4eb33299e772769f464803 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.28-13-generic-di_2.6.28-13.45_i386.udeb Size/MD5: 525474 11f2df9f8143a48c6395b3b51fbd964e http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.28-13-generic-di_2.6.28-13.45_i386.udeb Size/MD5: 125494 feafd7e08878356c984098698d832b72 http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.28-13-generic-di_2.6.28-13.45_i386.udeb Size/MD5: 54864 7bf17f733cf036e0492643870dbc439a http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.28-13-generic-di_2.6.28-13.45_i386.udeb Size/MD5: 300874 8e5766303f17caafeffc6db2d3590487 http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.28-13-generic-di_2.6.28-13.45_i386.udeb Size/MD5: 3741754 f62502087f0d206a7c43856618b63099 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.28-13-generic_2.6.28-13.45_i386.deb Size/MD5: 668290 36fb94764dc7b473989ab048f6f8d18d http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.28-13-server_2.6.28-13.45_i386.deb Size/MD5: 669404 6dcdc4988b80b0d5fad7a49eec4b3f68 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.28-13-generic_2.6.28-13.45_i386.deb Size/MD5: 24584190 6d3e2aed50aed94ac91512384ae202a8 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.28-13-server_2.6.28-13.45_i386.deb Size/MD5: 24662820 2f4ac0738424f2295bff2077238b126b http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.28-13-virtual_2.6.28-13.45_i386.deb Size/MD5: 10219490 e088239542d6b5caa4ba16b16c9ca5ce http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.28-13.45_i386.deb Size/MD5: 761048 a2f34260d40ebb215d26ed09a45e4fe1 http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.28-13-generic-di_2.6.28-13.45_i386.udeb Size/MD5: 218044 3cfad485954208027c844fe40bc0b838 http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.28-13-generic-di_2.6.28-13.45_i386.udeb Size/MD5: 174812 bf413e3a9b0cb7ab124f411ead7df97d http://security.ubuntu.com/ubuntu/pool/main/l/linux/mouse-modules-2.6.28-13-generic-di_2.6.28-13.45_i386.udeb Size/MD5: 30068 22dfd9b4f06187b520b67d4855f7573f http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.28-13-generic-di_2.6.28-13.45_i386.udeb Size/MD5: 262414 0e23c7445d3582011f9767101e4af06c http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.28-13-generic-di_2.6.28-13.45_i386.udeb Size/MD5: 2007452 f84390b7d8d9f8b32c74823649b247aa http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.28-13-generic-di_2.6.28-13.45_i386.udeb Size/MD5: 150198 05caa7db9bb38f7a42ec7ab0deb6ce47 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.28-13-generic-di_2.6.28-13.45_i386.udeb Size/MD5: 184298 45df2dcc24ab9a0ffc27da827f246206 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.28-13-generic-di_2.6.28-13.45_i386.udeb Size/MD5: 143542 5f862fc8f33fc1e4fbcabf78a733f1de http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.28-13-generic-di_2.6.28-13.45_i386.udeb Size/MD5: 34572 92451114d002c65edb0d89d053a7037e http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.28-13-generic-di_2.6.28-13.45_i386.udeb Size/MD5: 5502 f39f3f824fff9020a7fa80358fdfe7b9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.28-13-generic-di_2.6.28-13.45_i386.udeb Size/MD5: 85990 04a9436fc3c061a9feedf8a46b79a534 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.28-13-generic-di_2.6.28-13.45_i386.udeb Size/MD5: 47334 7134b0740644c5c266d52dc6d7524d68 http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.28-13-generic-di_2.6.28-13.45_i386.udeb Size/MD5: 8712 cbd3f0e41be40915f413ac5802a6221e http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.28-13-generic-di_2.6.28-13.45_i386.udeb Size/MD5: 44698 0cd8ea7ec39409e8563ab5c8c9e0248c http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.28-13-generic-di_2.6.28-13.45_i386.udeb Size/MD5: 14740 c7287bd485367a228246ef8502f3d175 http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.28-13-generic-di_2.6.28-13.45_i386.udeb Size/MD5: 1445196 81a9314640917265a536c3894ceed78a http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.28-13-generic-di_2.6.28-13.45_i386.udeb Size/MD5: 44092 84aac7e95054a44fcfc589bce5129355 http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.28-13-generic-di_2.6.28-13.45_i386.udeb Size/MD5: 69138 e79c9c942d7e02b83359cc1fe7fe6e6e http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.28-13-generic-di_2.6.28-13.45_i386.udeb Size/MD5: 119512 ca6a4973ba663fe06f57b52c47b3fe5b http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.28-13-generic-di_2.6.28-13.45_i386.udeb Size/MD5: 12672 cff86af5ddbc47b6cc5dbf6892f7f3ad lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.28-13-lpia-di_2.6.28-13.45_lpia.udeb Size/MD5: 215242 34f3d0cfbebcc281bff8887d58a2fdd1 http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.28-13-lpia-di_2.6.28-13.45_lpia.udeb Size/MD5: 46662 b60318e129f56b4f1ace761bfcbfeb8c http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.28-13-lpia-di_2.6.28-13.45_lpia.udeb Size/MD5: 40950 aaa3fffb7bbd0ad7dbe1a49fd48d3cb0 http://ports.ubuntu.com/pool/main/l/linux/fb-modules-2.6.28-13-lpia-di_2.6.28-13.45_lpia.udeb Size/MD5: 47292 4ca4fffc517a758eb5a9dc3dd69eb2c3 http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.28-13-lpia-di_2.6.28-13.45_lpia.udeb Size/MD5: 86454 ba73d27d65487eed24ef32dade5dd6f3 http://ports.ubuntu.com/pool/main/l/linux/floppy-modules-2.6.28-13-lpia-di_2.6.28-13.45_lpia.udeb Size/MD5: 33270 96d878bfefd1667337a7d781624744fe http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.28-13-lpia-di_2.6.28-13.45_lpia.udeb Size/MD5: 523424 3b0daef52c7fbc78f477a82d2885eedb http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.28-13-lpia-di_2.6.28-13.45_lpia.udeb Size/MD5: 125172 ca7244bb0c9ea93bf1793fafc8d93249 http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.28-13-lpia-di_2.6.28-13.45_lpia.udeb Size/MD5: 63536 a2ddb239393108fb7888391bdbcc0235 http://ports.ubuntu.com/pool/main/l/linux/irda-modules-2.6.28-13-lpia-di_2.6.28-13.45_lpia.udeb Size/MD5: 300334 b0fe7216d15a908a78ef5eee547efef9 http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.28-13-lpia-di_2.6.28-13.45_lpia.udeb Size/MD5: 3033028 ae4b9666c230f663aa490e5ef7915d3c http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.28-13-lpia_2.6.28-13.45_lpia.deb Size/MD5: 636848 685ad5fdd4837d0fc7670b40fdc55424 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.28-13-lpia_2.6.28-13.45_lpia.deb Size/MD5: 21714272 d7a1bafe41d1f5aaf8c2b67a9171c5df http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.28-13.45_lpia.deb Size/MD5: 761014 ebaf6b30ac3b8f5eeaa396e980eef83f http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.28-13-lpia-di_2.6.28-13.45_lpia.udeb Size/MD5: 303684 5e037a0ca19df39904654a98a34a1bc6 http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.28-13-lpia-di_2.6.28-13.45_lpia.udeb Size/MD5: 157340 00f6f5576c21231b566afa0e2cf8fd61 http://ports.ubuntu.com/pool/main/l/linux/mouse-modules-2.6.28-13-lpia-di_2.6.28-13.45_lpia.udeb Size/MD5: 24440 86b67b982ba9ca31546e0b2a21f0f864 http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.28-13-lpia-di_2.6.28-13.45_lpia.udeb Size/MD5: 259984 8c79116a9aeb8b302834f8e1fc266955 http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.28-13-lpia-di_2.6.28-13.45_lpia.udeb Size/MD5: 1925766 1212a0ff61f4eda2f650f309d08be026 http://ports.ubuntu.com/pool/main/l/linux/nic-pcmcia-modules-2.6.28-13-lpia-di_2.6.28-13.45_lpia.udeb Size/MD5: 149320 40933fec799a654327e69f3e147f84d5 http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.28-13-lpia-di_2.6.28-13.45_lpia.udeb Size/MD5: 184726 9c6154589bfc80b2dbddd2bcb84427de http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.28-13-lpia-di_2.6.28-13.45_lpia.udeb Size/MD5: 143218 050db10728b271bdc222ec1af04581cb http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.28-13-lpia-di_2.6.28-13.45_lpia.udeb Size/MD5: 34468 33f04ac2a7c747cace4c3cca47fc5c33 http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.28-13-lpia-di_2.6.28-13.45_lpia.udeb Size/MD5: 5494 d974930a7f9c6808966eb8a90f7b6e09 http://ports.ubuntu.com/pool/main/l/linux/pcmcia-modules-2.6.28-13-lpia-di_2.6.28-13.45_lpia.udeb Size/MD5: 85642 67d356fdc7853f0e2080da162297ce7a http://ports.ubuntu.com/pool/main/l/linux/pcmcia-storage-modules-2.6.28-13-lpia-di_2.6.28-13.45_lpia.udeb Size/MD5: 47256 d814aa4d377714470bd6acc6a5e310db http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.28-13-lpia-di_2.6.28-13.45_lpia.udeb Size/MD5: 8708 97001eca3bfbeea54af2f8754beb6417 http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.28-13-lpia-di_2.6.28-13.45_lpia.udeb Size/MD5: 63068 f7c2bd8e6e913ccebecc87873d9c5ce3 http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.28-13-lpia-di_2.6.28-13.45_lpia.udeb Size/MD5: 14688 2bf1158a576fa810d85facf7bfd4b6d2 http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.28-13-lpia-di_2.6.28-13.45_lpia.udeb Size/MD5: 1446758 b3a985a1ea798516afd4a7afd356a2e9 http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.28-13-lpia-di_2.6.28-13.45_lpia.udeb Size/MD5: 43890 c37408769b4cd3de313f21dd7c1ae220 http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.28-13-lpia-di_2.6.28-13.45_lpia.udeb Size/MD5: 154914 2d14ce87eaa2b0f3ab967c818d87648b http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.28-13-lpia-di_2.6.28-13.45_lpia.udeb Size/MD5: 172600 716eff2706e585a3064c44ca8fae9ce9 http://ports.ubuntu.com/pool/main/l/linux/virtio-modules-2.6.28-13-lpia-di_2.6.28-13.45_lpia.udeb Size/MD5: 8158 3cac29e81c3e9d2a3d905761f572e74d . Local users can exploit this vulnerability to gain elevated privileges. Rather, they will be released in a staggered or "leap-frog" fashion. Updates for arm and mips will be released as they become available. (CVE-2009-1184) The exit_notify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application. (CVE-2009-1337) The (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages functions in drivers/char/agp/generic.c in the agp subsystem in the Linux kernel before 2.6.30-rc3 do not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages. (CVE-2009-1192) The ABI in the Linux kernel 2.6.28 and earlier on s390, powerpc, sparc64, and mips 64-bit platforms requires that a 32-bit argument in a 64-bit register was properly sign extended when sent from a user-mode application, but cannot verify this, which allows local users to cause a denial of service (crash) or possibly gain privileges via a crafted system call. The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFKORHLmqjQ0CJFipgRAnzRAJ9w1CGojCsYdG001OcNmQuVonRkrwCeNMpH bzIigZKDE4V8120vojufik8= =cJ+u -----END PGP SIGNATURE----- . ESX 3.0.3 Update 1, ESX 3.5 Update 5, and VirtualCenter 2.5 Update 6). Refer to section "End of Product Availability FAQs" at http://www.vmware.com/support/policies/lifecycle/vi/faq.html for details. Extended support for ESX 3.0.3 ends on 2011-12-10. Users should plan to upgrade to at least ESX 3.5 and preferably to the newest release available. ESX 3.5 ------- http://download3.vmware.com/software/vi/ESX350-201006401-SG.zip md5sum: b89fb8a51c4a896bc0bf297b57645d1d http://kb.vmware.com/kb/1022899 5. References CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5029 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5300 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1337 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1385 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1895 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2848 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3002 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3547 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2698 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2692 - ------------------------------------------------------------------------ 6
VAR-201906-0001 CVE-2009-5156 ASMAX AR-804gu Command injection vulnerability CVSS V2: 10.0
CVSS V3: 9.8
Severity: CRITICAL
An issue was discovered on ASMAX AR-804gu 66.34.1 devices. There is Command Injection via the cgi-bin/script query string. ASMAX AR-804gu Contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Asmax Ar-804gu is a SOHO-class router device that provides ADSL, WiFi, and Ethernet interfaces. There is a script called script in the /cgi-bin/ directory of the Asmax Ar-804gu router web management interface. There is no restriction on the user access to the script in the LAN. If a remote attacker submits a malicious request with a system parameter, it can cause any shell command to be injected. Asmax Ar-804gu router is prone to a remote command-injection vulnerability because it fails to adequately restrict access to certain features. Remote attackers can exploit this issue to execute arbitrary shell commands with superuser privileges, which may facilitate a complete compromise of the affected device. Asmax Ar-804gu with firmware version 66.34.1 is affected; other versions may also be vulnerable
VAR-200906-0059 CVE-2009-0950 Apple iTunes Vulnerable to buffer overflow CVSS V2: 9.3
CVSS V3: -
Severity: HIGH
Stack-based buffer overflow in Apple iTunes before 8.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an itms: URL with a long URL component after a colon. Apple iTunes is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks before copying user-supplied data to an insufficiently sized buffer. Attackers can leverage this issue to execute arbitrary code with the privileges of the user running the affected application. Failed attacks will likely cause denial-of-service conditions. Apple iTunes is a media player program. TPTI-09-03: Apple iTunes Multiple Protocol Handler Buffer Overflow Vulnerabilities http://dvlabs.tippingpoint.com/advisory/TPTI-09-03 June 2, 2009 -- CVE ID: CVE-2009-0950 -- Affected Vendors: Apple -- Affected Products: Apple iTunes -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 8013. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the URL handlers associated with iTunes. When processing URLs via the protocol handlers "itms", "itmss", "daap", "pcast", and "itpc" an exploitable stack overflow occurs. Successful exploitation can lead to a remote system compromise under the credentials of the currently logged in user. -- Vendor Response: Apple has issued an update to correct this vulnerability. More details can be found at: http://support.apple.com/kb/HT3592 -- Disclosure Timeline: 2009-04-09 - Vulnerability reported to vendor 2009-06-02 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * James King, TippingPoint DVLabs . ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: Apple iTunes "itms" URI Handling Buffer Overflow SECUNIA ADVISORY ID: SA35314 VERIFY ADVISORY: http://secunia.com/advisories/35314/ DESCRIPTION: A vulnerability has been reported in Apple iTunes, which can be exploited by malicious people to compromise a user's system. Successful exploitation may allow execution of arbitrary code. SOLUTION: Update to version 8.2. PROVIDED AND/OR DISCOVERED BY: The vendor credits Will Drewry. ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT3592 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200905-0411 No CVE SonicWALL SSL-VPN 'cgi-bin/welcome/VirtualOffice' Remote Format String Vulnerability CVSS V2: -
CVSS V3: -
Severity: -
Multiple SonicWALL SSL-VPN devices are prone to a remote format-string vulnerability because they fail to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function. Attackers may exploit this issue to run arbitrary code in the context of the affected application. Failed attempts may cause denial-of-service conditions. The following are vulnerable: SSL-VPN 200 firmware prior to 3.0.0.9 SSL-VPN 2000 firmware prior to 3.5.0.5 SSL-VPN 4000 firmware prior to 3.5.0.5
VAR-200905-0330 CVE-2009-1792 StoneTrip Ston3D StandalonePlayer and WebPlayer of system.openURL Arbitrary command execution vulnerability CVSS V2: 9.3
CVSS V3: -
Severity: HIGH
The system.openURL function in StoneTrip Ston3D StandalonePlayer (aka S3DPlayer StandAlone) 1.6.2.4 and 1.7.0.1 and WebPlayer (aka S3DPlayer Web) 1.6.0.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the first argument (the sURL argument). S3DPlayer Web and Standalone are prone to a remote command-injection vulnerability because they fail to adequately sanitize user-supplied input data. Attackers can exploit this issue to execute arbitrary commands within the context of the affected application. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ StoneTrip S3DPlayers remote command injection 1. *Advisory Information* Title: StoneTrip S3DPlayers remote command injection Advisory ID: CORE-2009-0401 Advisory URL: http://www.coresecurity.com/content/StoneTrip-S3DPlayers Date published: 2009-05-28 Date of last update: 2009-05-28 Vendors contacted: StoneTrip Release mode: User release 2. *Vulnerability Information* Class: Command injection, Client side Remotely Exploitable: Yes Locally Exploitable: No Bugtraq ID: 35105 CVE Name: CVE-2009-1792 3. *Vulnerability Description* Ston3D is a cross-platform technology developed by StoneTrip [1], allowing applications developed with ShiVa product [2] to be run from various media. It is a platform for 3D real time development, specially designed to make games and other real time applications. Ston3D players come in two flavors: 1. Ston3D StandalonePlayer [3], 2. and Ston3D WebPlayer [4], which runs like an extension or plug-in within most popular web browsers. These players are vulnerable to a command injection vulnerability, which can be exploited by malicious remote attackers. The vulnerability is due to the Ston3D scripting language. It provides the function 'system.openURL()' which does not properly sanitize the input before using it. 4. *Vulnerable packages* 4.1. *Win32* . S3DPlayer Web v1.6.0.0 . S3DPlayer StandAlone v1.6.2.4 . S3DPlayer StandAlone v1.7.0.1 4.2. *MacOS* . S3DPlayer Web v1.6.0.0 . S3DPlayer StandAlone v1.6.2.4 4.3. *Linux* . S3DPlayer StandAlone v1.6.2.4 NOTE: Older versions are probably affected too, but they were not checked. 5. *Non-vulnerable packages* By the time this advisory was published, the vendor: 1. had not released patched versions of its products, 2. had not answered the requests made by Core Security for 3 weeks (see Section 9). Please contact StoneTrip for a fix. 6. *Vendor Information, Solutions and Workarounds* The vendor did not provide this information. A possible mitigation action would be to enable MIME type filtering in your IDS/proxies and block S3DPlayer traffic: /----------- application/x-ston3d-stk - -----------/ As a workaround, vulnerable users can also avoid this flaw by disabling the Ston3D Plugin in their web browsers: 6.1. *Mozilla Firefox* 1. Go to the *Tools* menu, and select *Options...* 2. Click on the *Main* tab 3. Click on the *Manage Add-ons...* 4. Disable *Ston3D Plugin* 6.2. *Safari* 1. Go to the *Safari* menu within Safari, and select *Preferences* 2. Click on the *Security * tab 3. Deselect *Enable plug-ins* 6.3. *Internet Explorer* Set the kill bit for control 7508D2BB-F085-45BF-8261-167C6DF4D477 (as explained in http://support.microsoft.com/kb/240797). Please contact StoneTrip for further information, patches and workarounds. 7. *Credits* This vulnerability was discovered and researched by Diego Juarez from Core Security Technologies. 8. *Technical Description / Proof of Concept Code* Ston3D is a cross-platform technology allowing applications developed with ShiVa product [2] to be run from various media, such as a website, CD/DVD or interactive equipment. This technology provides a scripting interface [5] based on the Lua programming language, within this interface the function 'system.openURL' is defined as follows: /----------- Prototype system.openURL(sURL, sTarget) --Call this function to open an URL. - -----------/ In the current implementation, the call 'system.openURL(sURL, sTarget)' with the parameter 'sURL' set as 'file://path/command' will ultimately execute the equivalent of calling /----------- system("open path/command"); - -----------/ By using platform specific delimiter characters this could allow arbitrary code execution in the context of the player. Find below the relevant code snippets from various platforms. 8.1. *Windows* /----------- .text:1000D64D test esi, esi .text:1000D64F mov eax, esi .text:1000D651 jnz short loc_1000D658 .text:1000D653 .text:1000D653 loc_1000D653: ; CODE XREF: Pandora::ClientCore::HTTPConnectionManager::OpenURL(Pandora::EngineCore::String const &amp;,Pandora::EngineCore::String const &amp;)+1CB .text:1000D653 mov eax, offset Name .text:1000D658 .text:1000D658 loc_1000D658: ; CODE XREF: Pandora::ClientCore::HTTPConnectionManager::OpenURL(Pandora::EngineCore::String const &amp;,Pandora::EngineCore::String const &amp;)+1D1 .text:1000D658 push 1 .text:1000D65A push offset Name ; lpDirectory .text:1000D65F push ecx ; lpParameters .text:1000D660 push eax ; lpFile .text:1000D661 push offset Operation ; "open" .text:1000D666 push 0 ; hwnd .text:1000D668 call ds:ShellExecuteA .text:1000D66E .text:1000D66E loc_1000D66E: ; CODE XREF: Pandora::ClientCore::HTTPConnectionManager::OpenURL(Pandora::EngineCore::String const &amp;,Pandora::EngineCore::String const &amp;)+1B0 .text:1000D66E test edi, edi .text:1000D670 jbe short loc_1000D67F .text:1000D672 test esi, esi .text:1000D674 jz short loc_1000D67F .text:1000D676 add esi, 0FFFFFFFCh .text:1000D679 push esi ; Memory .text:1000D67A call ebp ; __imp_free - -----------/ 8.2. *Linux* /----------- .text:08371334 mov [esp+5Ch+var_58], offset aOpen ; "open " .text:0837133C lea eax, [esp+5Ch+var_34] .text:08371340 mov [esp+5Ch+command], eax .text:08371343 call sub_8109FC0 .text:08371348 lea eax, [esp+5Ch+var_1C] .text:0837134C mov [esp+5Ch+var_58], eax .text:08371350 lea eax, [esp+5Ch+var_34] .text:08371354 mov [esp+5Ch+command], eax .text:08371357 call sub_8108F10 .text:0837135C lea eax, [esp+5Ch+var_34] .text:08371360 mov [esp+5Ch+command], eax .text:08371363 call sub_80DF660 .text:08371368 mov [esp+5Ch+command], eax .text:0837136B call _system .text:08371370 lea eax, [esp+5Ch+var_34] .text:08371374 mov [esp+5Ch+command], eax .text:08371377 call sub_80D92F0 .text:0837137C jmp short loc_8371398 - -----------/ 8.3. *MacOSX (x86)* /----------- __text:0005995B lea eax, (aOpen - 597ECh)[ebx] ; "open " __text:00059961 lea esi, [esp+5Ch+var_44] __text:00059965 mov [esp+5Ch+var_58], eax __text:00059969 mov [esp+5Ch+var_5C], esi __text:0005996C call __ZN7Pandora10EngineCore6StringC1EPKc ; Pandora::EngineCore::String::String(char const*) __text:00059971 mov [esp+5Ch+var_58], edi __text:00059975 mov [esp+5Ch+var_5C], esi __text:00059978 call __ZN7Pandora10EngineCore6StringpLERKS1_ __text:0005997D mov edx, [esp+5Ch+var_44] __text:00059981 test edx, edx __text:00059983 jz loc_59A5F __text:00059989 mov eax, [esp+5Ch+var_40] __text:0005998D test eax, eax __text:0005998F jz loc_59A5F __text:00059995 __text:00059995 loc_59995: ; CODE XREF: Pandora::ClientCore::HTTPConnectionManager::OpenURL(Pandora::EngineCore::String const&amp;,Pandora::EngineCore::String const&amp;)+295 __text:00059995 mov [esp+5Ch+var_5C], eax __text:00059998 call _system __text:0005999D mov eax, [esp+5Ch+var_44] __text:000599A1 test eax, eax __text:000599A3 jnz loc_59AB2 __text:000599A9 nop dword ptr [eax+00000000h] - -----------/ 8.4. *MacOSX (PPC)* /----------- __text:00053D6C addi %r30, %sp, 0x90+var_38 __text:00053D70 addis %r4, %r31, 0x3F __text:00053D74 addi %r4, %r4, -0x29DC __text:00053D78 mr %r3, %r30 __text:00053D7C bl __ZN7Pandora10EngineCore6StringC1EPKc # Pandora::EngineCore::String::String(char const*) __text:00053D80 mr %r3, %r30 __text:00053D84 mr %r4, %r29 __text:00053D88 bl __ZN7Pandora10EngineCore6StringpLERKS1_ __text:00053D8C lwz %r0, 0x90+var_38(%sp) __text:00053D90 cmpwi cr7, %r0, 0 __text:00053D94 beq cr7, loc_53DA4 __text:00053D98 lwz %r3, 0x90+var_34(%sp) __text:00053D9C cmpwi cr7, %r3, 0 __text:00053DA0 bc 5, 4*cr7+eq, loc_53DAC __text:00053DA4 __text:00053DA4 loc_53DA4: # CODE XREF: Pandora::ClientCore::HTTPConnectionManager::OpenURL(Pandora::EngineCore::String const&amp;,Pandora::EngineCore::String const&amp;)+394 __text:00053DA4 addis %rtoc, %r31, 0x3F __text:00053DA8 addi %r3, %rtoc, -0x5620 __text:00053DAC __text:00053DAC loc_53DAC: # CODE XREF: Pandora::ClientCore::HTTPConnectionManager::OpenURL(Pandora::EngineCore::String const&amp;,Pandora::EngineCore::String const&amp;)+3A0 __text:00053DAC bl _system __text:00053DB0 lwz %r0, 0x90+var_38(%sp) __text:00053DB4 cmpwi cr7, %r0, 0 __text:00053DB8 beq cr7, loc_53E24 __text:00053DBC b loc_53DF8 - -----------/ 9. *Report Timeline* . 2009-04-20: Core Security Technologies notifies the StoneTrip team of the vulnerability and announces its initial plan to publish the content on May 18th, 2009. 2009-04-21: The vendor asks Core for a technical description of the vulnerability. 2009-04-23: Technical details sent to StoneTrip team by Core. 2009-04-24: In addition to the technical details, a Proof of Concept was sent to StoneTrip team. 2009-04-28: Core asks the vendor to confirm the reception of the technical report. 2009-04-28: StoneTrip team notifies that the technical report has been received and that a vulnerability report will be sent to Core soon. 2009-05-07: Core requests a status update for this vulnerability and notifies its plan to publish the advisory on May 18th, 2009. No reply received. 2009-05-15: Core requests an answer to the previous mail. No reply received. 2009-05-18: Core Advisories Team does not release the advisory as originally planned. Core re-schedules the advisory publication date to 26th May 2009. 2009-05-20: Core notifies StoneTrip that the advisory publication date was missed and that the last status requests were not replied. Core also notifies the vendor of the final release date (26th May 2009). 2009-05-28: After trying to contact the StoneTrip team several times without success, the advisory CORE-2009-0401 is published as 'User Release'. 10. *References* [1] http://www.stonetrip.com. [2] ShiVa, a platform for 3D real time development with focus in game development http://www.stonetrip.com/shiva/shiva-3d-game-engine.html. [3] http://www.stonetrip.com/ston3d-players/ston3d-standalone.html. [4] http://www.stonetrip.com/ston3d-players/ston3d-webplayer.html. [5] http://stdn.stonetrip.com. 11. *About CoreLabs* CoreLabs, the research center of Core Security Technologies, is charged with anticipating the future needs and requirements for information security technologies. We conduct our research in several important areas of computer security including system vulnerabilities, cyber attack planning and simulation, source code auditing, and cryptography. Our results include problem formalization, identification of vulnerabilities, novel solutions and prototypes for new technologies. CoreLabs regularly publishes security advisories, technical papers, project information and shared software tools for public use at: http://www.coresecurity.com/corelabs. 12. *About Core Security Technologies* Core Security Technologies develops strategic solutions that help security-conscious organizations worldwide develop and maintain a proactive process for securing their networks. The company's flagship product, CORE IMPACT, is the most comprehensive product for performing enterprise security assurance testing. CORE IMPACT evaluates network, endpoint and end-user vulnerabilities and identifies what resources are exposed. It enables organizations to determine if current security investments are detecting and preventing attacks. Core Security Technologies augments its leading technology solution with world-class security consulting services, including penetration testing and software security auditing. Based in Boston, MA and Buenos Aires, Argentina, Core Security Technologies can be reached at 617-399-6980 or on the Web at http://www.coresecurity.com. 13. *Disclaimer* The contents of this advisory are copyright (c) 2009 Core Security Technologies and (c) 2009 CoreLabs, and may be distributed freely provided that no fee is charged for this distribution and proper credit is given. 14. *PGP/GPG Keys* This advisory has been signed with the GPG key of Core Security Technologies advisories team, which is available for download at http://www.coresecurity.com/files/attachments/core_security_advisories.asc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFKHuAiyNibggitWa0RAgJTAJsEXfUBmIjxmY7X4hplONY/Z0DOJgCfUKxJ F9s8R8PuYBiIhvLANh3XmhE= =kU8D -----END PGP SIGNATURE----- . ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: Ston3D "system.openURL()" Command Injection Vulnerability SECUNIA ADVISORY ID: SA35256 VERIFY ADVISORY: http://secunia.com/advisories/35256/ DESCRIPTION: A vulnerability has been reported in Ston3D, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in the implementation of the "system.openURL()" script function. The vulnerability is reported in the following products and versions: * Ston3D Web Player version 1.6.0.0 * Ston3D StandAlone Player versions 1.6.2.4 and 1.7.0.1 SOLUTION: Do not browse untrusted websites or follow untrusted links. Do not open untrusted Ston3D files. Reportedly an update will be available for Ston3D Web Player later this month. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200905-0261 CVE-2009-1472 ATEN KH1516i IP KVM Switch Java Vulnerability in a client program that gains access to the machine connected to the switch CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
The Java client program for the ATEN KH1516i IP KVM switch with firmware 1.0.063 and the KN9116 IP KVM switch with firmware 1.1.104 has a hardcoded AES encryption key, which makes it easier for man-in-the-middle attackers to (1) execute arbitrary Java code, or (2) gain access to machines connected to the switch, by hijacking a session. Multiple ATEN IP KVM switches are prone to multiple remote vulnerabilities and a weakness: - A security weakness may allow attackers to decrypt HTTP traffic. - A remote code-execution vulnerability is present. - A security vulnerability may allow attackers to gain access to the session key. - A security vulnerability may allow attackers to gain access to mouse events. - A security vulnerability may allow attackers to gain access to the session ID. Other attacks are also possible. IP KVM is a series of switch equipment developed by Taiwan Acer Technology Co., Ltd. The Java client executes arbitrary code. The Java client program connects to the kvm switch on port 9002 and then downloads and runs the new Java class. This connection is encrypted using AES, but the encryption key is hardcoded in the client program. An attacker acting as a man-in-the-middle can inject other Java classes, resulting in arbitrary Java code execution on the client machine
VAR-200905-0262 CVE-2009-1473 ATEN KH1516i IP KVM Switch Windows Vulnerability in a client program that could allow man-in-the-middle attacks CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
The (1) Windows and (2) Java client programs for the ATEN KH1516i IP KVM switch with firmware 1.0.063 and the KN9116 IP KVM switch with firmware 1.1.104 do not properly use RSA cryptography for a symmetric session-key negotiation, which makes it easier for remote attackers to (a) decrypt network traffic, or (b) conduct man-in-the-middle attacks, by repeating unspecified "client-side calculations.". RSA Vulnerability exists in decrypting network traffic or performing man-in-the-middle attacks due to improper use of cryptography.By a third party " Client-side calculation " Can be used to decrypt network traffic or perform man-in-the-middle attacks. Multiple ATEN IP KVM switches are prone to multiple remote vulnerabilities and a weakness: - A security weakness may allow attackers to decrypt HTTP traffic. - A remote code-execution vulnerability is present. - A security vulnerability may allow attackers to gain access to the session key. - A security vulnerability may allow attackers to gain access to mouse events. - A security vulnerability may allow attackers to gain access to the session ID. Attackers can exploit these issues to execute Java code, compromise and gain unauthorized access to the affected device connected to the KVM, gain access to the session key, and gain access to the session ID. Other attacks are also possible. IP KVM is a series of switch equipment developed by Taiwan Acer Technology Co., Ltd. This key agreement uses RSA in an insecure way, an attacker who can monitor the communication between the client and the switch can repeat the client's calculations and obtain the session key, and then use this key to decrypt the communication and reconstruct keystrokes, or Perform man-in-the-middle attacks to gain access to machines connected to the switch. ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: ATEN KH1516i / KN9116 Multiple Vulnerabilities SECUNIA ADVISORY ID: SA35241 VERIFY ADVISORY: http://secunia.com/advisories/35241/ DESCRIPTION: Some vulnerabilities have been reported in ATEN KH1516i and KN9116, which can be exploited by malicious people to disclose sensitive information, manipulate certain data, and potentially compromise a user's system. 1) An error exists in the key exchange process when negotiating a symmetric session key via RSA. This can be exploited extract the session key by intercepting traffic and e.g. potentially execute arbitrary code on connected machines via MitM (Man-in-the-Middle) attacks. 2) Mouse events are transferred between a client and the KVM switch via an unencrypted data channel. This can be exploited to inject e.g. arbitrary mouse clicks via MitM (Man-in-the-Middle) attacks. 3) The web interface session cookie does not contain the "Secure" attribute. This can be exploited to obtain the cookie and potentially gain access to connected machines by redirecting the user's browser to a HTTP connection. The vulnerabilities are reported in KH1516i and KN9116. Other products may also be affected. SOLUTION: Use the products in trusted networks only. PROVIDED AND/OR DISCOVERED BY: Jakob Lell from the TU Berlin computer security working group ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200905-0263 CVE-2009-1474 ATEN KH1516i IP KVM Cookie acquisition vulnerability in Switch CVSS V2: 7.6
CVSS V3: -
Severity: HIGH
The ATEN KH1516i IP KVM switch with firmware 1.0.063 and the KN9116 IP KVM switch with firmware 1.1.104 do not (1) encrypt mouse events, which makes it easier for man-in-the-middle attackers to perform mouse operations on machines connected to the switch by injecting network traffic; and do not (2) set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. Multiple ATEN IP KVM switches are prone to multiple remote vulnerabilities and a weakness: - A security weakness may allow attackers to decrypt HTTP traffic. - A remote code-execution vulnerability is present. - A security vulnerability may allow attackers to gain access to the session key. - A security vulnerability may allow attackers to gain access to mouse events. - A security vulnerability may allow attackers to gain access to the session ID. Attackers can exploit these issues to execute Java code, compromise and gain unauthorized access to the affected device connected to the KVM, gain access to the session key, and gain access to the session ID. Other attacks are also possible. IP KVM is a series of switch equipment developed by Taiwan Acer Technology Co., Ltd. Insecure session ID cookie When a user connects to the device via HTTP on port 80, the device redirects the user to log in on port 443 (https) and obtains a session ID cookie. When the user returns to HTTP for various reasons, the attacker can sniff the session ID and use this to download the Windows/Java client program containing authentication data, and obtain Access to computers connected to the KVM switch. Since the first HTTP connection is not protected, a man-in-the-middle attacker can also inject some dynamic content so that the browser automatically reloads the HTTP site after login. ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: ATEN KH1516i / KN9116 Multiple Vulnerabilities SECUNIA ADVISORY ID: SA35241 VERIFY ADVISORY: http://secunia.com/advisories/35241/ DESCRIPTION: Some vulnerabilities have been reported in ATEN KH1516i and KN9116, which can be exploited by malicious people to disclose sensitive information, manipulate certain data, and potentially compromise a user's system. 1) An error exists in the key exchange process when negotiating a symmetric session key via RSA. This can be exploited extract the session key by intercepting traffic and e.g. potentially execute arbitrary code on connected machines via MitM (Man-in-the-Middle) attacks. 2) Mouse events are transferred between a client and the KVM switch via an unencrypted data channel. This can be exploited to inject e.g. arbitrary mouse clicks via MitM (Man-in-the-Middle) attacks. 3) The web interface session cookie does not contain the "Secure" attribute. This can be exploited to obtain the cookie and potentially gain access to connected machines by redirecting the user's browser to a HTTP connection. The vulnerabilities are reported in KH1516i and KN9116. Other products may also be affected. SOLUTION: Use the products in trusted networks only. PROVIDED AND/OR DISCOVERED BY: Jakob Lell from the TU Berlin computer security working group ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200905-0265 CVE-2009-1477 ATEN KH1516i IP KVM On the switch https Web In the interface https Session decryption vulnerability CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
The https web interfaces on the ATEN KH1516i IP KVM switch with firmware 1.0.063, the KN9116 IP KVM switch with firmware 1.1.104, and the PN9108 power-control unit have a hardcoded SSL private key, which makes it easier for remote attackers to decrypt https sessions by extracting this key from their own switch and then sniffing network traffic to a switch owned by a different customer. - A remote code-execution vulnerability is present. - A security vulnerability may allow attackers to gain access to the session key. - A security vulnerability may allow attackers to gain access to mouse events. - A security vulnerability may allow attackers to gain access to the session ID. Attackers can exploit these issues to execute Java code, compromise and gain unauthorized access to the affected device connected to the KVM, gain access to the session key, and gain access to the session ID. Other attacks are also possible. IP KVM is a series of switch equipment developed by Taiwan Acer Technology Co., Ltd. All devices use the same SSL key KH1516i, KN9116, and PN9108 model devices use the same SSL key for the HTTPS web interface
VAR-200906-0064 CVE-2009-0955 Apple QuickTime Vulnerable to arbitrary code execution for handling image description atoms CVSS V2: 9.3
CVSS V3: -
Severity: HIGH
Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted image description atoms in an Apple video file, related to a "sign extension issue.". Apple QuickTime is prone to a vulnerability that occurs because the bit width of a number is increased without changing its sign in certain image description atoms. Successful exploits will allow the attacker to execute arbitrary code in the context of the user running the application. Failed exploit attempts likely result in denial-of-service conditions. This issue affects Apple QuickTime running on Microsoft Windows Vista, Windows XP SP3, and Mac OS X. Apple QuickTime is a very popular multimedia player. Versions of QuickTime prior to 7.6.2 have multiple security vulnerabilities that allow users to cause a denial of service or completely compromise a user's system through malformed media files. ---------------------------------------------------------------------- Are you missing: SECUNIA ADVISORY ID: Critical: Impact: Where: within the advisory below? This is now part of the Secunia commercial solutions. Click here to learn more about our commercial solutions: http://secunia.com/advisories/business_solutions/ Click here to trial our solutions: http://secunia.com/advisories/try_vi/ ---------------------------------------------------------------------- TITLE: Apple QuickTime PICT Parsing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA35091 VERIFY ADVISORY: http://secunia.com/advisories/35091/ DESCRIPTION: A vulnerability has been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system The vulnerability is caused due to an error in the processing of "0x77" tags within PICT images, which can be exploited to cause a heap-based buffer overflow when the user opens a specially crafted PICT image or visits a malicious web site. This is related to vulnerability #30 in: SA35074 SOLUTION: Do not browse untrusted web sites. Do not open files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Damian Put and Sebastian Apelt, reported via ZDI. ORIGINAL ADVISORY: http://www.zerodayinitiative.com/advisories/ZDI-09-021/ OTHER REFERENCES: SA35074: http://secunia.com/advisories/35074/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200906-0063 CVE-2009-0954 Apple QuickTime In CRGN Buffer overflow vulnerability in atom type processing CVSS V2: 9.3
CVSS V3: -
Severity: HIGH
Heap-based buffer overflow in Apple QuickTime before 7.6.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a movie file containing crafted Clipping Region (CRGN) atom types. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of QuickTime Player. The application trusts the contents of the atom to contain a terminator during a copy operation. The application will copy user-supplied data into a heap-buffer until it identifies this terminator. This will allow one to overwrite heap-control structures which can be leveraged to achieve code execution from the context of the application. Apple QuickTime is prone to a heap-based buffer-overflow vulnerability. A remote attacker can exploit this issue by enticing an unsuspecting user to open a specially crafted file. Failed exploit attempts likely result in denial-of-service conditions. This issue affects Apple QuickTime running on Microsoft Windows Vista and Windows XP SP3. Versions of QuickTime prior to 7.6.2 have multiple security vulnerabilities that allow users to cause a denial of service or completely compromise a user's system through malformed media files. ZDI-09-028: Apple QuickTime CRGN Atom Parsing Heap Buffer Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-028 June 2, 2009 -- CVE ID: CVE-2009-0954 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 6698. -- Vendor Response: Apple has issued an update to correct this vulnerability. More details can be found at: http://support.apple.com/kb/HT3591 -- Disclosure Timeline: 2008-12-17 - Vulnerability reported to vendor 2009-06-02 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * Anonymous * Damian Put -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/ . ---------------------------------------------------------------------- Are you missing: SECUNIA ADVISORY ID: Critical: Impact: Where: within the advisory below? This is now part of the Secunia commercial solutions. Click here to learn more about our commercial solutions: http://secunia.com/advisories/business_solutions/ Click here to trial our solutions: http://secunia.com/advisories/try_vi/ ---------------------------------------------------------------------- TITLE: Apple QuickTime PICT Parsing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA35091 VERIFY ADVISORY: http://secunia.com/advisories/35091/ DESCRIPTION: A vulnerability has been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system The vulnerability is caused due to an error in the processing of "0x77" tags within PICT images, which can be exploited to cause a heap-based buffer overflow when the user opens a specially crafted PICT image or visits a malicious web site. This is related to vulnerability #30 in: SA35074 SOLUTION: Do not browse untrusted web sites. Do not open files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Damian Put and Sebastian Apelt, reported via ZDI. ORIGINAL ADVISORY: http://www.zerodayinitiative.com/advisories/ZDI-09-021/ OTHER REFERENCES: SA35074: http://secunia.com/advisories/35074/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200906-0061 CVE-2009-0952 Apple QuickTime In compression PSD Vulnerability to execute arbitrary code related to image processing CVSS V2: 9.3
CVSS V3: -
Severity: HIGH
Buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted compressed PSD image. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists when the application parses a malformed .PSD image. While decoding the columns, rows and channels in the image header, the application trusts a different length for copying than used for allocating it. This results in a heap overflow and can lead to code execution under the context of the current user. Apple QuickTime is prone to a buffer-overflow vulnerability. A remote attacker can exploit this issue by enticing an unsuspecting user to open a specially crafted image. Failed exploit attempts likely result in denial-of-service conditions. This issue affects Apple QuickTime running on Microsoft Windows Vista, Windows XP SP3, and Mac OS X. Versions of QuickTime prior to 7.6.2 have multiple security vulnerabilities that allow users to cause a denial of service or completely compromise a user's system through malformed media files. ---------------------------------------------------------------------- Are you missing: SECUNIA ADVISORY ID: Critical: Impact: Where: within the advisory below? This is now part of the Secunia commercial solutions. Click here to learn more about our commercial solutions: http://secunia.com/advisories/business_solutions/ Click here to trial our solutions: http://secunia.com/advisories/try_vi/ ---------------------------------------------------------------------- TITLE: Apple QuickTime PICT Parsing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA35091 VERIFY ADVISORY: http://secunia.com/advisories/35091/ DESCRIPTION: A vulnerability has been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system The vulnerability is caused due to an error in the processing of "0x77" tags within PICT images, which can be exploited to cause a heap-based buffer overflow when the user opens a specially crafted PICT image or visits a malicious web site. This is related to vulnerability #30 in: SA35074 SOLUTION: Do not browse untrusted web sites. Do not open files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Damian Put and Sebastian Apelt, reported via ZDI. ORIGINAL ADVISORY: http://www.zerodayinitiative.com/advisories/ZDI-09-021/ OTHER REFERENCES: SA35074: http://secunia.com/advisories/35074/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . ZDI-09-026: Apple QuickTime Packed-bit Decoding Heap Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-026 June 2, 2009 -- CVE ID: CVE-2009-0952 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 8047. -- Vendor Response: Apple has issued an update to correct this vulnerability. More details can be found at: http://support.apple.com/kb/HT3591 -- Disclosure Timeline: 2009-04-15 - Vulnerability reported to vendor 2009-06-02 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * Damian Put -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/
VAR-200906-0062 CVE-2009-0953 Apple QuickTime In PICT Vulnerability to execute arbitrary code related to image processing CVSS V2: 9.3
CVSS V3: -
Severity: HIGH
Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists in the parsing of PICT files in QuickTime.qts. While processing data for opcode 0x8201 QuickTime trusts a value contained in the file and makes an allocation accordingly. The process then enters a loop whose terminating condition is controlled. The previously allocated heap buffer can be overflowed leading to arbitrary code execution under the context of the user running QuickTime. Apple QuickTime is prone to a heap-based buffer-overflow vulnerability. A remote attacker can exploit this issue by enticing an unsuspecting user to open a specially crafted file. Failed exploit attempts likely result in denial-of-service conditions. This issue affects Apple QuickTime running on Microsoft Windows Vista, Windows XP SP3, and Mac OS X. Versions of QuickTime prior to 7.6.2 have multiple security vulnerabilities that allow users to cause a denial of service or completely compromise a user's system through malformed media files. ---------------------------------------------------------------------- Are you missing: SECUNIA ADVISORY ID: Critical: Impact: Where: within the advisory below? This is now part of the Secunia commercial solutions. This is related to vulnerability #30 in: SA35074 SOLUTION: Do not browse untrusted web sites. Do not open files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Damian Put and Sebastian Apelt, reported via ZDI. ORIGINAL ADVISORY: http://www.zerodayinitiative.com/advisories/ZDI-09-021/ OTHER REFERENCES: SA35074: http://secunia.com/advisories/35074/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . ZDI-09-027: Apple Quicktime PICT Opcode 0x8201 Heap Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-027 June 2, 2009 -- CVE ID: CVE-2009-0953 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 6664. -- Vendor Response: Apple has issued an update to correct this vulnerability. More details can be found at: http://support.apple.com/kb/HT3591 -- Disclosure Timeline: 2008-12-17 - Vulnerability reported to vendor 2009-06-02 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * Sebastian Apelt (sebastian.apelt@siberas.de) -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/
VAR-200906-0060 CVE-2009-0951 Apple QuickTime In FLC Vulnerability in arbitrary code execution related to processing of compressed files CVSS V2: 9.3
CVSS V3: -
Severity: HIGH
Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FLC compression file. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of QuickTime Player. User interaction is required to exploit this vulnerability in that the target must either open a malicious file, or visit a malicious web page.The specific flaw exists during decompression of a delta-encoded chunk. The algorithm to decompress the frame trusts a line specifier when calculating where to write decompressed data. This results in a relative write using attacker supplied values which can lead to remove code execution under the context of the current user. Apple QuickTime is prone to a heap-based buffer-overflow vulnerability. A remote attacker can exploit this issue by enticing an unsuspecting user to open a specially crafted file. Failed exploit attempts likely result in denial-of-service conditions. This issue affects Apple QuickTime running on Microsoft Windows Vista, Windows XP SP3, and Mac OS X. Versions of QuickTime prior to 7.6.2 have multiple security vulnerabilities that allow users to cause a denial of service or completely compromise a user's system through malformed media files. ---------------------------------------------------------------------- Are you missing: SECUNIA ADVISORY ID: Critical: Impact: Where: within the advisory below? This is now part of the Secunia commercial solutions. Click here to learn more about our commercial solutions: http://secunia.com/advisories/business_solutions/ Click here to trial our solutions: http://secunia.com/advisories/try_vi/ ---------------------------------------------------------------------- TITLE: Apple QuickTime PICT Parsing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA35091 VERIFY ADVISORY: http://secunia.com/advisories/35091/ DESCRIPTION: A vulnerability has been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system The vulnerability is caused due to an error in the processing of "0x77" tags within PICT images, which can be exploited to cause a heap-based buffer overflow when the user opens a specially crafted PICT image or visits a malicious web site. This is related to vulnerability #30 in: SA35074 SOLUTION: Do not browse untrusted web sites. Do not open files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Damian Put and Sebastian Apelt, reported via ZDI. ORIGINAL ADVISORY: http://www.zerodayinitiative.com/advisories/ZDI-09-021/ OTHER REFERENCES: SA35074: http://secunia.com/advisories/35074/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . ZDI-09-025: Apple Quicktime Picture Viewer FLC Delta-Encoded Frame Decompression Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-025 June 2, 2009 -- CVE ID: CVE-2009-0951 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 6570. The specific flaw exists during decompression of a delta-encoded chunk. -- Vendor Response: Apple has issued an update to correct this vulnerability. More details can be found at: http://support.apple.com/kb/HT3591 -- Disclosure Timeline: 2008-10-28 - Vulnerability reported to vendor 2009-06-02 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * Anonymous -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/
VAR-200906-0053 CVE-2009-0956 Apple QuickTime Vulnerable to arbitrary code execution related to user data atom handling CVSS V2: 9.3
CVSS V3: -
Severity: HIGH
Apple QuickTime before 7.6.2 does not properly initialize memory before use in handling movie files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a movie containing a user data atom of size zero. Apple QuickTime is prone to a remote code-execution vulnerability. A remote attacker can exploit this issue by enticing an unsuspecting user to open a specially crafted file. Successful exploits will allow the attacker to execute arbitrary code in the context of the user running the application. Failed exploit attempts likely result in denial-of-service conditions. This issue affects Apple QuickTime running on Microsoft Windows Vista, Windows XP SP3, and Mac OS X. Versions of QuickTime prior to 7.6.2 have multiple security vulnerabilities that allow users to cause a denial of service or completely compromise a user's system through malformed media files. ---------------------------------------------------------------------- Are you missing: SECUNIA ADVISORY ID: Critical: Impact: Where: within the advisory below? This is now part of the Secunia commercial solutions. Click here to learn more about our commercial solutions: http://secunia.com/advisories/business_solutions/ Click here to trial our solutions: http://secunia.com/advisories/try_vi/ ---------------------------------------------------------------------- TITLE: Apple QuickTime PICT Parsing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA35091 VERIFY ADVISORY: http://secunia.com/advisories/35091/ DESCRIPTION: A vulnerability has been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system The vulnerability is caused due to an error in the processing of "0x77" tags within PICT images, which can be exploited to cause a heap-based buffer overflow when the user opens a specially crafted PICT image or visits a malicious web site. This is related to vulnerability #30 in: SA35074 SOLUTION: Do not browse untrusted web sites. Do not open files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Damian Put and Sebastian Apelt, reported via ZDI. ORIGINAL ADVISORY: http://www.zerodayinitiative.com/advisories/ZDI-09-021/ OTHER REFERENCES: SA35074: http://secunia.com/advisories/35074/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200906-0034 CVE-2009-0185 Apple QuickTime In MS ADPCM Buffer overflow vulnerability in processing of encoded audio data CVSS V2: 9.3
CVSS V3: -
Severity: HIGH
Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted MS ADPCM encoded audio data in an AVI movie file. Apple QuickTime is prone to a heap-based buffer-overflow vulnerability. A remote attacker can exploit this issue by enticing an unsuspecting user to open a specially AVI crafted file. Successful exploits will allow the attacker to execute arbitrary code in the context of the user running the application. Failed exploit attempts likely result in denial-of-service conditions. This issue affects Apple QuickTime running on Microsoft Windows Vista, Windows XP SP3, and Mac OS X. Versions of QuickTime prior to 7.6.2 have multiple security vulnerabilities that allow users to cause a denial of service or completely compromise a user's system through malformed media files. ====================================================================== Secunia Research 02/06/2009 - Apple QuickTime MS ADPCM Encoding Buffer Overflow - ====================================================================== Table of Contents Affected Software....................................................1 Severity.............................................................2 Vendor's Description of Software.....................................3 Description of Vulnerability.........................................4 Solution.............................................................5 Time Table...........................................................6 Credits..............................................................7 References...........................................................8 About Secunia........................................................9 Verification........................................................10 ====================================================================== 1) Affected Software * Apple QuickTime version 7.6 NOTE: Other versions may also be affected. ====================================================================== 2) Severity Rating: Highly critical Impact: System access Where: Remote ====================================================================== 3) Vendor's Description of Software "Whether you are creating content for delivery on cell phones, broadcast or the Internet, or a software developer looking to take your application to the next level, QuickTime provides the most comprehensive platform in the industry." Product Link: http://www.apple.com/quicktime/ ====================================================================== 4) Description of Vulnerability Secunia Research has discovered a vulnerability in Apple QuickTime, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by an error in the processing of MS ADPCM encoded audio data. ====================================================================== 5) Solution Update to version 7.6.2. ====================================================================== 6) Time Table 04/02/2009 - Vendor notified. 05/02/2009 - Vendor response. 25/05/2009 - Status update requested. 26/05/2009 - Vendor provides status update. 02/06/2009 - Public disclosure. ====================================================================== 7) Credits Discovered by Alin Rad Pop, Secunia Research. ====================================================================== 8) References The Common Vulnerabilities and Exposures (CVE) project has assigned CVE-2009-0185 for the vulnerability. Apple: http://support.apple.com/kb/HT3591 ====================================================================== 9) About Secunia Secunia offers vulnerability management solutions to corporate customers with verified and reliable vulnerability intelligence relevant to their specific system configuration: http://secunia.com/advisories/business_solutions/ Secunia also provides a publicly accessible and comprehensive advisory database as a service to the security community and private individuals, who are interested in or concerned about IT-security. http://secunia.com/advisories/ Secunia believes that it is important to support the community and to do active vulnerability research in order to aid improving the security and reliability of software in general: http://secunia.com/secunia_research/ Secunia regularly hires new skilled team members. Check the URL below to see currently vacant positions: http://secunia.com/corporate/jobs/ Secunia offers a FREE mailing list called Secunia Security Advisories: http://secunia.com/advisories/mailing_lists/ ====================================================================== 10) Verification Please verify this advisory by visiting the Secunia website: http://secunia.com/secunia_research/2009-6/ Complete list of vulnerability reports published by Secunia Research: http://secunia.com/secunia_research/ ====================================================================== . ---------------------------------------------------------------------- Are you missing: SECUNIA ADVISORY ID: Critical: Impact: Where: within the advisory below? This is now part of the Secunia commercial solutions. Click here to learn more about our commercial solutions: http://secunia.com/advisories/business_solutions/ Click here to trial our solutions: http://secunia.com/advisories/try_vi/ ---------------------------------------------------------------------- TITLE: Apple QuickTime PICT Parsing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA35091 VERIFY ADVISORY: http://secunia.com/advisories/35091/ DESCRIPTION: A vulnerability has been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system The vulnerability is caused due to an error in the processing of "0x77" tags within PICT images, which can be exploited to cause a heap-based buffer overflow when the user opens a specially crafted PICT image or visits a malicious web site. This is related to vulnerability #30 in: SA35074 SOLUTION: Do not browse untrusted web sites. Do not open files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Damian Put and Sebastian Apelt, reported via ZDI. ORIGINAL ADVISORY: http://www.zerodayinitiative.com/advisories/ZDI-09-021/ OTHER REFERENCES: SA35074: http://secunia.com/advisories/35074/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------