VARIoT IoT vulnerabilities database

HP Operations Manager 8.10 on Windows contains a "hidden account" in the XML file that specifies Tomcat users, which allows remote attackers to conduct unrestricted file upload attacks, and thereby execute arbitrary code, by using the org.apache.catalina.manager.HTMLManagerServlet class to make requests to manager/html/upload. Authentication is not required to exploit this vulnerability.The specific flaw exists due to a hidden account present within the Tomcat users XML file. Using this account a malicious user can access the org.apache.catalina.manager.HTMLManagerServlet class. This is defined within the catalina-manager.jar file installed with the product. This servlet allows a remote user to upload a file via a POST request to /manager/html/upload. If an attacker uploads malicious content it can then be accessed and executed on the server which leads to arbitrary code execution under the context of the SYSTEM user. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01931960 Version: 1 HPSBMA02478 SSRT090251 rev.1 - HP Operations Manager for Windows, Remote Unauthorized Access NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2009-11-18 Last Updated: 2009-11-18 Potential Security Impact: Remote unauthorized access Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP Operations Manager for Windows. The vulnerability could be exploited remotely to gain unauthorized access. References: CVE-2009-3843 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Operations Manager for Windows v8.10 BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2009-3843 (AV:N/AC:L/Au:N/C:C/I:C/A:N) 9.4 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 The Hewlett-Packard Company thanks Stephen Fewer of Harmony Security working with TippingPoint's Zero Day initiative for reporting this vulnerability to security-alert@hp.com. RESOLUTION HP has made the following patch available to resolve the vulnerability. The patch is available for download from http://support.openview.hp.com/selfsolve/patches Product Version Patch HP Operations Manager for Windows 8.10 OMW_00032 or subsequent PRODUCT SPECIFIC INFORMATION None HISTORY Version:1 (rev.1) - 18 November 2009 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For further information, contact normal HP Services support channel. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save. To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections. To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do * The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement." Copyright 2009 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAksERwAACgkQ4B86/C0qfVnibACgmYvkL5wCSUtU9mVpWPSwQWAY lx8AoL0P1iOjGRgCdvWxEnlNM9tKr71j =p9gT -----END PGP SIGNATURE----- . ZDI-09-085: Hewlett-Packard Operations Manager Server Backdoor Account Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-085 November 20, 2009 -- CVE ID: CVE-2009-3843 -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packard OpenView Operations Manager for Windows -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 9261. Authentication is not required to exploit this vulnerability. -- Vendor Response: Hewlett-Packard has issued an update to correct this vulnerability. More details can be found at: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01931960 -- Disclosure Timeline: 2009-11-09 - Vulnerability reported to vendor 2009-11-20 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * Stephen Fewer of Harmony Security (www.harmonysecurity.com) -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: HP Operations Manager Unauthorised Access SECUNIA ADVISORY ID: SA37444 VERIFY ADVISORY: http://secunia.com/advisories/37444/ DESCRIPTION: A vulnerability has been reported in HP Operations Manager, which can be exploited by malicious people to bypass certain security restrictions. Further information is currently not available. SOLUTION: Apply patch OMW_00032 or subsequent. http://support.openview.hp.com/selfsolve/patches PROVIDED AND/OR DISCOVERED BY: The vendor credits Stephen Fewer of Harmony Security working with the ZDI. ORIGINAL ADVISORY: HPSBMA02478 SSRT090251: http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01931960 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Multiple directory traversal vulnerabilities in Home FTP Server 1.10.1.139 allow remote authenticated users to (1) create arbitrary directories via directory traversal sequences in an MKD command or (2) create files with any contents in arbitrary directories via directory traversal sequences in a file upload request. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Home Ftp Server is an easy to use FTP server. Home FTP Server does not properly filter the input provided by the user in the MKD command. The authenticated user can create a directory outside the FTP root directory by following the steps below: 1.sock.connect((hostname, 21))2.sock. Send(\"user %s\" %username)3.sock.send(\"pass %s\" %passwd)4.sock.send(\"MKD ../A\")5.sock.close(). Successful exploits will allow the attacker to obtain sensitive information. ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: Home FTP Server "SITE INDEX" Denial of Service SECUNIA ADVISORY ID: SA37381 VERIFY ADVISORY: http://secunia.com/advisories/37381/ DESCRIPTION: A vulnerability has been discovered in Home FTP Server, which can be exploited by malicious users to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the handling of multiple "SITE INDEX" commands and can be exploited to stop the server. The vulnerability is confirmed in version 1.10.1.139. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: zhangmc ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Home FTP Server 1.10.1.139 allows remote attackers to cause a denial of service (daemon outage) via multiple invalid SITE INDEX commands. Home Ftp Server is an easy to use FTP server. After the user logs in to the Home FTP Server, performing the following steps will cause the server to stop responding: 1.sock.connect((hostname, 21))2.sock.send(\"user %s\" %username)3.sock.send (\"pass %s\" %passwd)4.for i in range(1,20): sock.send(\"SITE INDEX \"+ \"a\"*30*i +\"\")5.sock.close(). Home FTP Server is prone to a remote denial-of-service vulnerability because it fails to handle user-supplied input. Successfully exploiting this issue allows remote attackers to crash the affected application, denying service to legitimate users. ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. The vulnerability is confirmed in version 1.10.1.139. Other versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: zhangmc ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Unspecified vulnerability in HP Discovery & Dependency Mapping Inventory (DDMI) 2.5x, 7.5x, and 7.60 on Windows allows remote authenticated users to execute arbitrary code via unknown vectors. An attacker can exploit this issue to execute arbitrary code in the context of the application, resulting in a complete compromise of the affected system. The issue affects DDMI 2.5x, 7.5x, and 7.60 running on Windows. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01861595 Version: 1 HPSBMA02456 SSRT090188 rev.1 - HP Discovery & Dependency Mapping Inventory (DDMI) Running on Windows, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. References: CVE-2009-3841 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Discovery & Dependency Mapping Inventory (DDMI) v2.5x, v7.5x , v7.60 running on Windows BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2009-3841 (AV:N/AC:L/Au:S/C:C/I:C/A:C) 9.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 The Hewlett-Packard Company thanks Damian Frizza of Core Security Technologies for reporting this vulnerability to security-alert@hp.com. RESOLUTION HP has made the following software patches available to resolve the vulnerability. The patches can be downloaded from http://support.openview.hp.com/selfsolve/patches HP Discovery & Dependency Mapping Inventory (DDMI) Patch Number v2.5x HPED_00356 v7.5x HPED_00357 v7.60 HPED_00358 PRODUCT SPECIFIC INFORMATION None HISTORY Version:1 (rev.1) - 16 November 2009 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For further information, contact normal HP Services support channel. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save. To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections. To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do * The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement." Copyright 2009 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAksBsqsACgkQ4B86/C0qfVlc9wCfStAP/sHhVvHhRsJ0FZ6t1Gm3 gAcAoMqM6rgo81lgI+MHrG8LRgVOsJoH =P/PZ -----END PGP SIGNATURE----- . ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. SOLUTION: Apply patches: http://support.openview.hp.com/selfsolve/patches HP DDMI 2.5x: Apply patch HPED_00356. HP DDMI 7.5x: Apply patch HPED_00357. HP DDMI 7.60: Apply patch HPED_00358. PROVIDED AND/OR DISCOVERED BY: The vendor credits Damian Frizza of Core Security Technologies. ORIGINAL ADVISORY: HPSBMA02456 SSRT090188: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01861595 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Research In Motion (RIM) BlackBerry Browser on the BlackBerry 8800 allows remote attackers to cause a denial of service (application hang) via a JavaScript loop that configures the home page by using the setHomePage method and a DHTML behavior property. Blackberry Browser is prone to a denial-of-service vulnerability

Stack consumption vulnerability in Apple Safari 4.0.3 on Windows allows remote attackers to cause a denial of service (application crash) via a long URI value (aka url) in the Cascading Style Sheets (CSS) background property. Windows Run on Apple Safari In this case, a stack consumption state occurs, which disrupts service operation. Apple Safari is prone to a denial-of-service vulnerability because it fails to handle exceptional conditions. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. Safari 4.0.3 for Windows is vulnerable; other versions may also be affected. Safari is a web browser developed by Apple Inc

Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to cause a denial of service (dhost.exe crash) and possibly execute arbitrary code via a long string to /dhost/modules?I:. Novell eDirectory is a cross-platform directory server. Novell eDirectory has multiple security vulnerabilities that allow malicious users to perform denial of service or control system attacks. - Unexplained errors in NDSD when dealing with malformed verbs can cause an application to crash. - Submit a specially constructed GET request, dhost.exe processing has a boundary error, which can cause a buffer overflow. - Partial security scan operation on the service, Dhost has an unspecified error, which can cause the application to crash. Novell eDirectory is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause denial-of-service conditions. Novell eDirectory 8.8 SP5 is vulnerable; other versions may also be affected. Novell eDirectory is prone to multiple remote vulnerabilities. These issues affect eDirectory versions prior to 8.8 SP5 Patch 4. ---------------------------------------------------------------------- Secunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management Free webinars http://secunia.com/vulnerability_scanning/corporate/webinars/ ---------------------------------------------------------------------- TITLE: Novell eDirectory Multiple Vulnerabilities SECUNIA ADVISORY ID: SA40041 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/40041/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=40041 RELEASE DATE: 2010-06-04 DISCUSS ADVISORY: http://secunia.com/advisories/40041/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/40041/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=40041 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Novell eDirectory, which can be exploited by malicious users and malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. by running a certain security scan against the server. PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits ZDI. 2) HACKATTACK 3) Reported by the vendor. ORIGINAL ADVISORY: Novell: http://www.novell.com/support/viewContent.do?externalId=3426981 http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5076150.html http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5076151.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

HP ProCurve Switch web management interface is prone to multiple HTML-injection vulnerabilities. Attacker-supplied HTML and script code would execute in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user; other attacks are also possible.

The Atheros wireless driver, as used in Netgear WNDAP330 Wi-Fi access point with firmware 2.1.11 and other versions before 3.0.3 on the Atheros AR9160-BC1A chipset, and other products, allows remote authenticated users to cause a denial of service (device reboot or hang) and possibly execute arbitrary code via a truncated reserved management frame. NETGEAR WNDAP330 is prone to a denial-of-service vulnerability because it fails to properly parse malformed reserved management frames. Successful exploits will cause the affected device to crash or reboot, denying service to legitimate users. WNDAP330 with firmware 2.1.11 is vulnerable. Assigned CVE: ------------- * CVE-2009-0052 Details: -------- * The bug can be triggered by a malicious reserved management frame sent to the wireless access point (truncated packet). This can be achieved only after a successful 802.11 authentication (in "Open" mode according to the configuration of the wireless access point) and a successful 802.11 association with appropriate security parameters (e.g. WPA w/ TKIP unicast, TKIP multicast) which depends on the configuration of the wireless access point. Any other wireless device relying on this vulnerable wireless driver is likely to be vulnerable. Credits: -------- * This vulnerability was discovered by Laurent Butti from France Telecom / Orange . ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: Netgear WNDAP330 Management Frame Denial of Service SECUNIA ADVISORY ID: SA37344 VERIFY ADVISORY: http://secunia.com/advisories/37344/ DESCRIPTION: A vulnerability has been reported in Netgear WNDAP330, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error in the parsing of management frames, which can be exploited to reboot or hang an affected device. The vulnerability is reported in firmware version 2.1.11. Other versions may also be affected. SOLUTION: Update to version 3.0.3. http://kb.netgear.com/app/answers/detail/a_id/12199 PROVIDED AND/OR DISCOVERED BY: Laurent Butti from France Telecom / Orange ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/bugtraq/current/0070.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

The HTMLMediaElement::loadResource function in html/HTMLMediaElement.cpp in WebCore in WebKit before r49480, as used in Apple Safari before 4.0.4 on Mac OS X, does not perform the expected callbacks for HTML 5 media elements that have external URLs for media resources, which allows remote attackers to trigger sub-resource requests to arbitrary web sites via a crafted HTML document, as demonstrated by an HTML e-mail message that uses a media element for X-Confirm-Reading-To functionality, aka rdar problem 7271202. WebKit is prone to a remote information-disclosure weakness. An attacker may be able to exploit this issue to determine if a message was read, which may help the attacker enumerate valid email addresses. Other attacks are also possible. A remote attacker can use a specially crafted HTML file to trigger a request to any web site. For example an HTML e-mail message using a media element for the X-Confirm-Reading-To function. ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: Apple Safari Multiple Vulnerabilities SECUNIA ADVISORY ID: SA37346 VERIFY ADVISORY: http://secunia.com/advisories/37346/ DESCRIPTION: Some vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, or compromise a user's system. 1) An integer overflow error when processing ColorSync profiles embedded in images can be exploited to potentially execute arbitrary code. For more information see vulnerability #4 in: SA36701 2) An error exists when handling an "Open Image in New Tab", "Open Image in New Window", or "Open Link in New Tab" shortcut menu action performed on a link to a local file. This can be exploited to load a local HTML file and disclose sensitive information by tricking a user into performing the affected actions within a specially crafted webpage. 3) An error exists in WebKit when sending "preflight" requests originating from a page in a different origin. This can be exploited to facilitate cross-site request forgery attacks by injecting custom HTTP headers. 4) Multiple errors in WebKit when handling FTP directory listings on Windows can be exploited to disclose sensitive information, cause a crash, or potentially execute arbitrary code. 5) An error in WebKit when handling an HTML 5 Media Element on Mac OS X can be exploited to bypass remote image loading restrictions via e.g. HTML-formatted emails. NOTE: Some errors leading to crashes, caused by the included libxml2 library, have also been reported. SOLUTION: Update to version 4.0.4. PROVIDED AND/OR DISCOVERED BY: 1-3, 5) Reported by the vendor. 4) The vendor credits Michal Zalewski of Google Inc. ORIGINAL ADVISORY: http://support.apple.com/kb/HT3949 OTHER REFERENCES: SA36701: http://secunia.com/advisories/36701/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2011:039 http://www.mandriva.com/security/ _______________________________________________________________________ Package : webkit Date : March 2, 2011 Affected: 2010.1 _______________________________________________________________________ Problem Description: Multiple cross-site scripting, denial of service and arbitrary code execution security flaws were discovered in webkit. Please consult the CVE web links for further information. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2797 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2841 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0046 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0047 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0048 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0049 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0050 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0051 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0052 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0053 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0054 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0314 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0647 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0650 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0651 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0656 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1386 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1387 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1389 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1390 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1391 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1392 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1393 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1394 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1395 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1396 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1397 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1398 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1400 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1401 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1402 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1403 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1404 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1405 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1406 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1407 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1408 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1409 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1410 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1412 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1414 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1416 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1417 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1418 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1419 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1421 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1422 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1501 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1664 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1665 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1758 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1759 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1760 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1761 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1762 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1764 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1766 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1767 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1770 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1771 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1772 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1773 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1774 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1780 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1781 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1782 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1783 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1784 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1785 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1786 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1787 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1788 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1790 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1791 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1792 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1793 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1807 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1812 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1814 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1815 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2264 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2647 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2648 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3113 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3114 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3115 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3116 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3119 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3248 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3255 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3257 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3259 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3812 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3813 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4040 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4197 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4206 _______________________________________________________________________ Updated Packages: Mandriva Linux 2010.1: 141f3cd181b875d1bb40b67a507b6db1 2010.1/i586/libwebkitgtk1.0_2-1.2.7-0.1mdv2010.2.i586.rpm 054886a3c645b3ce710b9b9daec1d5f9 2010.1/i586/libwebkitgtk1.0-devel-1.2.7-0.1mdv2010.2.i586.rpm bef556ca3f281f6ef4086292c3b658d2 2010.1/i586/webkit1.0-1.2.7-0.1mdv2010.2.i586.rpm a1ff7ac638646aeb64e3bbdca9bc945d 2010.1/i586/webkit1.0-webinspector-1.2.7-0.1mdv2010.2.i586.rpm 3f40e3ebc62bad67097a9e102e0e79c2 2010.1/i586/webkit-1.2.7-0.1mdv2010.2.i586.rpm 50875cf1bc8718cedce1a45dc509b44b 2010.1/i586/webkit-gtklauncher-1.2.7-0.1mdv2010.2.i586.rpm 625d27780d1cc9edb935d4ac3521ae16 2010.1/i586/webkit-jsc-1.2.7-0.1mdv2010.2.i586.rpm 8d02c28d8f21a022130be4c49f9d27be 2010.1/SRPMS/webkit-1.2.7-0.1mdv2010.2.src.rpm Mandriva Linux 2010.1/X86_64: 5ce57cd6ab823f8084030033c7c230d7 2010.1/x86_64/lib64webkitgtk1.0_2-1.2.7-0.1mdv2010.2.x86_64.rpm 690d8718a97af93f58de3bb2357fbe9b 2010.1/x86_64/lib64webkitgtk1.0-devel-1.2.7-0.1mdv2010.2.x86_64.rpm 7cc1d4aa77e1901ccc92f27faf85c9ea 2010.1/x86_64/webkit1.0-1.2.7-0.1mdv2010.2.x86_64.rpm 2b77a77159529c55f64343aba98c15d9 2010.1/x86_64/webkit1.0-webinspector-1.2.7-0.1mdv2010.2.x86_64.rpm 475cf83c5ddd8f6809c2c73a1f5a71d1 2010.1/x86_64/webkit-1.2.7-0.1mdv2010.2.x86_64.rpm b0f1c76107c3d54241daa7e61bfb29a9 2010.1/x86_64/webkit-gtklauncher-1.2.7-0.1mdv2010.2.x86_64.rpm 97deff5e94a625a79842b4c240b0b00d 2010.1/x86_64/webkit-jsc-1.2.7-0.1mdv2010.2.x86_64.rpm 8d02c28d8f21a022130be4c49f9d27be 2010.1/SRPMS/webkit-1.2.7-0.1mdv2010.2.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFNbgbemqjQ0CJFipgRAs9YAJ92z2WSC2ijj34b/wr42OIYLtv65gCg7XgL Yv/ButpYAcXsmnJWUG4ayxQ= =GRM6 -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Ubuntu update for webkit SECUNIA ADVISORY ID: SA41856 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41856/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41856 RELEASE DATE: 2010-10-21 DISCUSS ADVISORY: http://secunia.com/advisories/41856/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41856/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41856 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for webkit. For more information: SA36677 SA37346 SA37769 SA37931 SA38545 SA38932 SA39091 SA39651 SA40105 SA40196 SA40479 SA40664 SA41014 SA41085 SA41242 SA41328 SOLUTION: Apply updated packages. ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM)

Apple Safari before 4.0.4 does not properly implement certain (1) Open Image and (2) Open Link menu options, which allows remote attackers to read local HTML files via a crafted web site. Apple Safari is prone to an information-disclosure vulnerability. A remote attacker can exploit this issue to obtain sensitive information that may aid in further attacks. This issue affects versions prior to Safari 4.0.4. Safari is the new browser in Mac OS X, Apple Computer's latest operating system. ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: Apple Safari Multiple Vulnerabilities SECUNIA ADVISORY ID: SA37346 VERIFY ADVISORY: http://secunia.com/advisories/37346/ DESCRIPTION: Some vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, or compromise a user's system. 1) An integer overflow error when processing ColorSync profiles embedded in images can be exploited to potentially execute arbitrary code. This can be exploited to load a local HTML file and disclose sensitive information by tricking a user into performing the affected actions within a specially crafted webpage. 3) An error exists in WebKit when sending "preflight" requests originating from a page in a different origin. This can be exploited to facilitate cross-site request forgery attacks by injecting custom HTTP headers. 4) Multiple errors in WebKit when handling FTP directory listings on Windows can be exploited to disclose sensitive information, cause a crash, or potentially execute arbitrary code. 5) An error in WebKit when handling an HTML 5 Media Element on Mac OS X can be exploited to bypass remote image loading restrictions via e.g. HTML-formatted emails. NOTE: Some errors leading to crashes, caused by the included libxml2 library, have also been reported. SOLUTION: Update to version 4.0.4. PROVIDED AND/OR DISCOVERED BY: 1-3, 5) Reported by the vendor. 4) The vendor credits Michal Zalewski of Google Inc. ORIGINAL ADVISORY: http://support.apple.com/kb/HT3949 OTHER REFERENCES: SA36701: http://secunia.com/advisories/36701/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

The implementation of Cross-Origin Resource Sharing (CORS) in WebKit, as used in Apple Safari before 4.0.4 and Google Chrome before 3.0.195.33, includes certain custom HTTP headers in the OPTIONS request during cross-origin operations with preflight, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via a crafted web page. Apple Safari Used in etc. WebKit is prone to a vulnerability that lets attackers bypass the same-origin policy. Attackers can exploit this issue to access resources from another origin in the context of another domain. This can facilitate cross-site request-forgery attacks. ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: Apple Safari Multiple Vulnerabilities SECUNIA ADVISORY ID: SA37346 VERIFY ADVISORY: http://secunia.com/advisories/37346/ DESCRIPTION: Some vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, or compromise a user's system. 1) An integer overflow error when processing ColorSync profiles embedded in images can be exploited to potentially execute arbitrary code. For more information see vulnerability #4 in: SA36701 2) An error exists when handling an "Open Image in New Tab", "Open Image in New Window", or "Open Link in New Tab" shortcut menu action performed on a link to a local file. This can be exploited to load a local HTML file and disclose sensitive information by tricking a user into performing the affected actions within a specially crafted webpage. 3) An error exists in WebKit when sending "preflight" requests originating from a page in a different origin. 4) Multiple errors in WebKit when handling FTP directory listings on Windows can be exploited to disclose sensitive information, cause a crash, or potentially execute arbitrary code. 5) An error in WebKit when handling an HTML 5 Media Element on Mac OS X can be exploited to bypass remote image loading restrictions via e.g. HTML-formatted emails. NOTE: Some errors leading to crashes, caused by the included libxml2 library, have also been reported. SOLUTION: Update to version 4.0.4. PROVIDED AND/OR DISCOVERED BY: 1-3, 5) Reported by the vendor. 4) The vendor credits Michal Zalewski of Google Inc. ORIGINAL ADVISORY: http://support.apple.com/kb/HT3949 OTHER REFERENCES: SA36701: http://secunia.com/advisories/36701/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . This is related to vulnerability #3 in: SA37346 The security issue is reported in versions prior to 3.0.195.33. For more information: SA37346 SOLUTION: Do not browse untrusted sites with an application using Qt components based on WebKit. ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: SUSE update for Multiple Packages SECUNIA ADVISORY ID: SA43068 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43068/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43068 RELEASE DATE: 2011-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/43068/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43068/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43068 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for multiple packages, which fixes multiple vulnerabilities

Multiple unspecified vulnerabilities in WebKit in Apple Safari before 4.0.4 on Windows allow remote FTP servers to execute arbitrary code, cause a denial of service (application crash), or obtain sensitive information via a crafted directory listing in a reply. WebKit is prone to multiple remote code-execution, denial-of-service, and information-disclosure vulnerabilities. An attacker may exploit these issues by enticing victims into connecting to a malicious FTP server. WebKit is an open source browser web page layout engine. ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: Apple Safari Multiple Vulnerabilities SECUNIA ADVISORY ID: SA37346 VERIFY ADVISORY: http://secunia.com/advisories/37346/ DESCRIPTION: Some vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, or compromise a user's system. 1) An integer overflow error when processing ColorSync profiles embedded in images can be exploited to potentially execute arbitrary code. For more information see vulnerability #4 in: SA36701 2) An error exists when handling an "Open Image in New Tab", "Open Image in New Window", or "Open Link in New Tab" shortcut menu action performed on a link to a local file. This can be exploited to load a local HTML file and disclose sensitive information by tricking a user into performing the affected actions within a specially crafted webpage. 3) An error exists in WebKit when sending "preflight" requests originating from a page in a different origin. This can be exploited to facilitate cross-site request forgery attacks by injecting custom HTTP headers. 5) An error in WebKit when handling an HTML 5 Media Element on Mac OS X can be exploited to bypass remote image loading restrictions via e.g. HTML-formatted emails. NOTE: Some errors leading to crashes, caused by the included libxml2 library, have also been reported. SOLUTION: Update to version 4.0.4. PROVIDED AND/OR DISCOVERED BY: 1-3, 5) Reported by the vendor. 4) The vendor credits Michal Zalewski of Google Inc. ORIGINAL ADVISORY: http://support.apple.com/kb/HT3949 OTHER REFERENCES: SA36701: http://secunia.com/advisories/36701/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . For more information: SA37346 SOLUTION: Do not browse untrusted sites with an application using Qt components based on WebKit. ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: SUSE update for Multiple Packages SECUNIA ADVISORY ID: SA43068 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43068/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43068 RELEASE DATE: 2011-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/43068/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43068/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43068 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for multiple packages, which fixes multiple vulnerabilities

Multiple buffer overflows in the Marvell wireless driver, as used in Linksys WAP4400N Wi-Fi access point with firmware 1.2.17 on the Marvell 88W8361P-BEM1 chipset, and other products, allow remote 802.11-authenticated users to cause a denial of service (wireless access point crash) and possibly execute arbitrary code via an association request with long (1) rates, (2) extended rates, and unspecified other information elements. Linksys WAP4400N wireless access point devices are prone to a denial-of-service vulnerability because they fail to adequately verify user-supplied input. Remote attackers can exploit this issue to hang or reboot a vulnerable device, denying service to legitimate users. Attackers may also be able to run arbitrary code, but this has not been confirmed. Linksys WAP4400N devices running firmware 1.2.17 are vulnerable. NOTE: Since the flaw is in the Marvell 88W8361P-BEM1 chipset driver, other devices and firmware versions using the same code may also be affected. This can be achieved only after a successful 802.11 authentication (in "Open" or "Shared" mode according to the configuration of the wireless access point). This security vulnerability was originally reported to Linksys, updated firmwares should be available on Cisco/Linksys web site. Any other wireless device relying on this vulnerable wireless driver is likely to be vulnerable. Credits: -------- * This vulnerability was discovered by Laurent Butti from France Telecom / Orange . ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: Linksys WAP4400N Association Request Denial of Service SECUNIA ADVISORY ID: SA37345 VERIFY ADVISORY: http://secunia.com/advisories/37345/ DESCRIPTION: A vulnerability has been reported in Linksys WAP4400N, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error when parsing information elements included in association requests and can be exploited to reboot or hang an affected device. The vulnerability is reported in firmware version 1.2.17. SOLUTION: Reportedly fixed in firmware version 1.2.19. PROVIDED AND/OR DISCOVERED BY: Laurent Butti, France Telecom / Orange ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/bugtraq/current/0074.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Multiple unspecified vulnerabilities in the Advanced Management Module firmware before 2.50G for the IBM BladeCenter T 8720-2xx and 8730-2xx have unknown impact and attack vectors. The impact of these issues is currently unknown. We will update this BID when more information emerges. Versions prior to BladeCenter Advanced Management Module 2.50G are vulnerable. IBM BladeCenter is IBM's blade server

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue. A vulnerability exists in SSL and TLS protocols that may allow attackers to execute an arbitrary HTTP transaction. ---------------------------------------------------------------------- http://secunia.com/research/ http://secunia.com/company/jobs/open_positions/reverse_engineer ---------------------------------------------------------------------- TITLE: Oracle WebLogic Server OpenSSL Plaintext Injection Vulnerability SECUNIA ADVISORY ID: SA44292 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44292/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44292 RELEASE DATE: 2011-04-24 DISCUSS ADVISORY: http://secunia.com/advisories/44292/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44292/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44292 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged a vulnerability in Weblogic Server, which can be exploited by malicious people to manipulate certain data. SOLUTION: Apply updates (please see the vendor's advisory for details). ORIGINAL ADVISORY: http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html#AppendixAS OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . ESX 3.5 ------- Samba http://download3.vmware.com/software/vi/ESX350-201012408-SG.zip md5sum: 53a427d5d2213c51d57e8e8f7e3d544c http://kb.vmware.com/kb/1029999 bzip http://download3.vmware.com/software/vi/ESX350-201012409-SG.zip md5sum: 0a688d7153380fcb5d7ca0ac098e2d03 http://kb.vmware.com/kb/1030000 openssl http://download3.vmware.com/software/vi/ESX350-201012401-SG.zip md5sum: a8b1d9e4eabd14b6822bd1f8bf6dbf69 http://kb.vmware.com/kb/1029993 5. * A boundary error in the "gnutls_session_get_data()" function in gnutls_session.c could cause a buffer overflow (CVE-2011-4128). =========================================================== Ubuntu Security Notice USN-923-1 April 07, 2010 openjdk-6 vulnerabilities CVE-2009-3555, CVE-2010-0082, CVE-2010-0084, CVE-2010-0085, CVE-2010-0088, CVE-2010-0091, CVE-2010-0092, CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837, CVE-2010-0838, CVE-2010-0840, CVE-2010-0845, CVE-2010-0847, CVE-2010-0848 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 Ubuntu 9.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: openjdk-6-jre 6b11-2ubuntu2.2 openjdk-6-jre-lib 6b11-2ubuntu2.2 Ubuntu 8.10: openjdk-6-jre 6b12-0ubuntu6.7 openjdk-6-jre-lib 6b12-0ubuntu6.7 Ubuntu 9.04: openjdk-6-jre 6b14-1.4.1-0ubuntu13 openjdk-6-jre-lib 6b14-1.4.1-0ubuntu13 Ubuntu 9.10: openjdk-6-jre 6b16-1.6.1-3ubuntu3 openjdk-6-jre-lib 6b16-1.6.1-3ubuntu3 After a standard system upgrade you need to restart all Java applications to effect the necessary changes. Details follow: Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. (CVE-2009-3555) It was discovered that Loader-constraint table, Policy/PolicyFile, Inflater/Deflater, drag/drop access, and deserialization did not correctly handle certain sensitive objects. If a user were tricked into running a specially crafted applet, private information could be leaked to a remote attacker, leading to a loss of privacy. (CVE-2010-0082, CVE-2010-0084, CVE-2010-0085, CVE-2010-0088, CVE-2010-0091, CVE-2010-0094) It was discovered that AtomicReferenceArray, System.arraycopy, InetAddress, and HashAttributeSet did not correctly handle certain situations. (CVE-2010-0092, CVE-2010-0093, CVE-2010-0095, CVE-2010-0845) It was discovered that Pack200, CMM readMabCurveData, ImagingLib, and the AWT library did not correctly check buffer lengths. It was discovered that applets did not correctly handle certain trust chains. (CVE-2010-0840) Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6_6b11-2ubuntu2.2.diff.gz Size/MD5: 183148 c52d5567be104b1ecf671fae43a15682 http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6_6b11-2ubuntu2.2.dsc Size/MD5: 1797 3733e7dce2f951b329b777fb097b853a http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6_6b11.orig.tar.gz Size/MD5: 51692912 a409bb4e935a22dcbd3529dc098c58de Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-doc_6b11-2ubuntu2.2_all.deb Size/MD5: 8465062 e8317e2c220626b5766ba857015f04e1 http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-lib_6b11-2ubuntu2.2_all.deb Size/MD5: 4721000 0dea03e5492b2a86e1b0a78df4acb46b http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-source_6b11-2ubuntu2.2_all.deb Size/MD5: 25593942 6fd45df7392ca30f33b4a282531eef12 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-dbg_6b11-2ubuntu2.2_amd64.deb Size/MD5: 47453206 eae77d94e79f5e4cb3c46cab6cd57c5c http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-demo_6b11-2ubuntu2.2_amd64.deb Size/MD5: 2364290 2baf34a6a7a5a094d4b4438dbbc7147b http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jdk_6b11-2ubuntu2.2_amd64.deb Size/MD5: 9447596 eef973ac531daaadf5ab760a265b41fe http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-headless_6b11-2ubuntu2.2_amd64.deb Size/MD5: 22508466 8b15c220adb38f64ae754800396d3a19 http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre_6b11-2ubuntu2.2_amd64.deb Size/MD5: 228484 a323f8696f9a5378a3a631a95109450f i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-dbg_6b11-2ubuntu2.2_i386.deb Size/MD5: 104058320 a95066e7f890da39eb7b8556f0a36977 http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-demo_6b11-2ubuntu2.2_i386.deb Size/MD5: 2345048 bde1fa6d004e73a6d097b7be02f4d9ae http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jdk_6b11-2ubuntu2.2_i386.deb Size/MD5: 9447476 7889de9b3b87f4a9f461b35e56ab64cf http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-headless_6b11-2ubuntu2.2_i386.deb Size/MD5: 23773682 619f57ae6a09fbc56d09e1a1a6d59e62 http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre_6b11-2ubuntu2.2_i386.deb Size/MD5: 217638 428e8670220b4fbf719a3a124e60d536 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-dbg_6b11-2ubuntu2.2_lpia.deb Size/MD5: 104062648 13e73eae4986b94270032c8f4e3ddcf8 http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-demo_6b11-2ubuntu2.2_lpia.deb Size/MD5: 2344972 795aa31006cccb06d818aff24a1f82b4 http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jdk_6b11-2ubuntu2.2_lpia.deb Size/MD5: 9448498 98cb40a0d788c3750247379a22bee067 http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jre-headless_6b11-2ubuntu2.2_lpia.deb Size/MD5: 23773060 8d8e89c8d4e801f9911de9d12c245875 http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jre_6b11-2ubuntu2.2_lpia.deb Size/MD5: 217316 6fcfbcff910e018a64ec9f76894c81ab sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-dbg_6b11-2ubuntu2.2_sparc.deb Size/MD5: 104450388 ce9db0e72401ee64ee59df0c816f9372 http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-demo_6b11-2ubuntu2.2_sparc.deb Size/MD5: 2352116 980d9aee28124513b8edacda713f1a31 http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jdk_6b11-2ubuntu2.2_sparc.deb Size/MD5: 9475864 71f0c82b94c1c75345067d419a265ebe http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jre-headless_6b11-2ubuntu2.2_sparc.deb Size/MD5: 23756416 ff20b7e7079455a796cac85e9553d88b http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jre_6b11-2ubuntu2.2_sparc.deb Size/MD5: 220918 2d9b81c6d6c71a1693c4d7d886a7bb74 Updated packages for Ubuntu 8.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b12-0ubuntu6.7.diff.gz Size/MD5: 1375087 10d1160d42871b6e8606373cbced4dc7 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b12-0ubuntu6.7.dsc Size/MD5: 2359 60d4e5bf13b4ce37812dbf188b7824ad http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b12.orig.tar.gz Size/MD5: 54363262 f3aa01206f2192464b998fb7cc550686 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-doc_6b12-0ubuntu6.7_all.deb Size/MD5: 8470746 29ef8fdb9c2c062a52b402d70dc692c7 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-lib_6b12-0ubuntu6.7_all.deb Size/MD5: 4711518 e678e345460278483fd3a9801f99d7f6 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-source_6b12-0ubuntu6.7_all.deb Size/MD5: 25635634 6b7261befbce12caabbc1e77b093e161 http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-source-files_6b12-0ubuntu6.7_all.deb Size/MD5: 49158148 53bcac8f60e7ee27ef10720137709f93 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea6-plugin_6b12-0ubuntu6.7_amd64.deb Size/MD5: 81034 9a0395e548e5899c74377f4a23992d71 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-dbg_6b12-0ubuntu6.7_amd64.deb Size/MD5: 47367112 ee7ed0d1c2bf41fb0ebb47f76111f090 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-demo_6b12-0ubuntu6.7_amd64.deb Size/MD5: 2365970 ac935137ac7ca66121a675e336014e63 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jdk_6b12-0ubuntu6.7_amd64.deb Size/MD5: 9982830 2d94c57fdf821cf81d34b71faa9963fa http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b12-0ubuntu6.7_amd64.deb Size/MD5: 24301504 c9a50074f40bcc93f0625c8dfb6baa1d http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre_6b12-0ubuntu6.7_amd64.deb Size/MD5: 241776 49722cd46d681443fe4c8e1ad99deb70 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea6-plugin_6b12-0ubuntu6.7_i386.deb Size/MD5: 71514 f7cf567e9c524867a32b0920a7761965 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-dbg_6b12-0ubuntu6.7_i386.deb Size/MD5: 101843712 722f0c60fef209bd901c60a609f7bddc http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-demo_6b12-0ubuntu6.7_i386.deb Size/MD5: 2348852 b6ee3b0392f5fe6bca46ae05a37782de http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jdk_6b12-0ubuntu6.7_i386.deb Size/MD5: 9988498 cacb6b8de48b6dbe2068d85ea4d44c42 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b12-0ubuntu6.7_i386.deb Size/MD5: 25384560 f071f739e8dbccf1ed2274165d9a317f http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre_6b12-0ubuntu6.7_i386.deb Size/MD5: 230916 d6c41f5b108d3bf35a642c82dd5b3d4a lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b12-0ubuntu6.7_lpia.deb Size/MD5: 72114 416d9761e7e77aaac7509bd70bf45acf http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b12-0ubuntu6.7_lpia.deb Size/MD5: 101928710 9f3b79fde15926026775861f589c37d3 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b12-0ubuntu6.7_lpia.deb Size/MD5: 2345378 d33dc1056d95ccba50993236102ca840 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b12-0ubuntu6.7_lpia.deb Size/MD5: 9985588 38f76e4a1762ed21f37eb590f053e589 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b12-0ubuntu6.7_lpia.deb Size/MD5: 25404434 5ebe205933aab2a9c67139ed671654bd http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b12-0ubuntu6.7_lpia.deb Size/MD5: 227702 3342a99a7c3a6d3b2df8b99a088a0af1 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b12-0ubuntu6.7_sparc.deb Size/MD5: 70106 1911c148e05427b55400a399f819c51a http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b12-0ubuntu6.7_sparc.deb Size/MD5: 103684952 0756ff303702b1541950068f3ef26a94 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b12-0ubuntu6.7_sparc.deb Size/MD5: 2355094 83c8a90c6fd62bf30904bc6414d363d1 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b12-0ubuntu6.7_sparc.deb Size/MD5: 9986064 bed1922cf2dc79e014860af321d5306a http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b12-0ubuntu6.7_sparc.deb Size/MD5: 25390306 d720246e4c85631745bb08d7f6a1d226 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b12-0ubuntu6.7_sparc.deb Size/MD5: 233156 1d700e023dfb790e6f9e7bb7e24d2c27 Updated packages for Ubuntu 9.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b14-1.4.1-0ubuntu13.diff.gz Size/MD5: 4320319 4021c8fcd4c1614a2451160790a85405 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b14-1.4.1-0ubuntu13.dsc Size/MD5: 2415 c7756818c527a60c1ae5a4ea1411813b http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b14-1.4.1.orig.tar.gz Size/MD5: 65306137 071e4d08171b577d3cb35ae3a09f4cb8 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-doc_6b14-1.4.1-0ubuntu13_all.deb Size/MD5: 8472854 340422a72c165a478129695b87a3decd http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-lib_6b14-1.4.1-0ubuntu13_all.deb Size/MD5: 4771496 23f3c880aa6f4d1ff5b4acdd1bcd6cb8 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-source_6b14-1.4.1-0ubuntu13_all.deb Size/MD5: 25681316 996af30b86be694c165d5a58852c99b5 http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-source-files_6b14-1.4.1-0ubuntu13_all.deb Size/MD5: 57004614 f4c7edfd8b1b2e2d53c98d31e29e603b amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b14-1.4.1-0ubuntu13_amd64.deb Size/MD5: 446312 98920eac0bb9aa7f4abb7fe5e40496c2 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea6-plugin_6b14-1.4.1-0ubuntu13_amd64.deb Size/MD5: 87810 277a7b218a36623cae073cca7449d8a4 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-dbg_6b14-1.4.1-0ubuntu13_amd64.deb Size/MD5: 87535158 65df1284d16dedcdf5751e1faf424b54 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-demo_6b14-1.4.1-0ubuntu13_amd64.deb Size/MD5: 2365580 92d2e716091cd87020102e6e3cb4b075 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jdk_6b14-1.4.1-0ubuntu13_amd64.deb Size/MD5: 10829214 4acb9fafb20f1bb228da14f1cc2da0b8 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b14-1.4.1-0ubuntu13_amd64.deb Size/MD5: 24670588 29e8e6207186557e03f7b64c3262c164 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre_6b14-1.4.1-0ubuntu13_amd64.deb Size/MD5: 267412 2b7eddeaf144c46ab38bc8712a12d138 http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b14-1.4.1-0ubuntu13_amd64.deb Size/MD5: 1794560 ba9a8cced38085eeb7fb040b4dfbf691 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b14-1.4.1-0ubuntu13_i386.deb Size/MD5: 498920 e02ca2da27e70599577a60c007be8493 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea6-plugin_6b14-1.4.1-0ubuntu13_i386.deb Size/MD5: 76838 92ed2b38936e10a0eab660f077bb1757 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-dbg_6b14-1.4.1-0ubuntu13_i386.deb Size/MD5: 149231132 db05ea43b092e89bb4028131bb276339 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-demo_6b14-1.4.1-0ubuntu13_i386.deb Size/MD5: 2348572 d1125ff6daa3f7974c065dcd41b942cb http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jdk_6b14-1.4.1-0ubuntu13_i386.deb Size/MD5: 10929528 136cf1f9245338787498b575fe83de07 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b14-1.4.1-0ubuntu13_i386.deb Size/MD5: 25900108 dd0cc85c2c122b0c3c51d92d35e88338 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre_6b14-1.4.1-0ubuntu13_i386.deb Size/MD5: 253256 c5ff4fa05eebc58a47db13a8d6065a79 http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b14-1.4.1-0ubuntu13_i386.deb Size/MD5: 1558272 01dc786c3de0cddfb8b8c719b9e31ba7 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b14-1.4.1-0ubuntu13_lpia.deb Size/MD5: 436134 9316505ae832a36dc09a1c83518ba8d9 http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b14-1.4.1-0ubuntu13_lpia.deb Size/MD5: 77330 5c6197772fcd49840fa7734452ed801d http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b14-1.4.1-0ubuntu13_lpia.deb Size/MD5: 149400248 d7dcc7705e50e2d7f7de5116856d4cb8 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b14-1.4.1-0ubuntu13_lpia.deb Size/MD5: 2345326 22076953b3af77f06692f7ac45483417 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b14-1.4.1-0ubuntu13_lpia.deb Size/MD5: 10848220 d6dcfe8087e5663944d594bac2995fed http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b14-1.4.1-0ubuntu13_lpia.deb Size/MD5: 25925550 47d8bd1984367794ef7f949171c1fb77 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b14-1.4.1-0ubuntu13_lpia.deb Size/MD5: 249588 89fe1d94a183806172bf5f93cba08d90 http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b14-1.4.1-0ubuntu13_lpia.deb Size/MD5: 1475474 b2d04c74193cac3504e546a10c21c688 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b14-1.4.1-0ubuntu13_powerpc.deb Size/MD5: 471620 e11ec836592b371cb674132e7beb0913 http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b14-1.4.1-0ubuntu13_powerpc.deb Size/MD5: 82192 2fd9797d1eb5811c2f93fbc1327b207b http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b14-1.4.1-0ubuntu13_powerpc.deb Size/MD5: 41322854 1eabcfe599bae6fd46703524d482c9dd http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b14-1.4.1-0ubuntu13_powerpc.deb Size/MD5: 2393316 c353cb8a1852f1e1da40dd0474145c74 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b14-1.4.1-0ubuntu13_powerpc.deb Size/MD5: 8651154 fa3878a77ed0d95da518c5d110a47c9c http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b14-1.4.1-0ubuntu13_powerpc.deb Size/MD5: 23432700 f9d15b89f89bd1fc046da4341653ce44 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b14-1.4.1-0ubuntu13_powerpc.deb Size/MD5: 282878 c360d272d178f1d5f8ad158646aee4b1 Updated packages for Ubuntu 9.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b16-1.6.1-3ubuntu3.diff.gz Size/MD5: 189626 f2bce81c432bd538792e5271b2199f34 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b16-1.6.1-3ubuntu3.dsc Size/MD5: 2347 f5e807f1f9bd85ac28ec9d00915369d0 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b16-1.6.1.orig.tar.gz Size/MD5: 63908782 4fe4fd2bc93074ff7a208265888a36b0 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-doc_6b16-1.6.1-3ubuntu3_all.deb Size/MD5: 8462214 43a2edb121514adf08ba9185cc135461 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-lib_6b16-1.6.1-3ubuntu3_all.deb Size/MD5: 4772052 604cabebd5e9c4eeae1d186984b56b4c http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-source_6b16-1.6.1-3ubuntu3_all.deb Size/MD5: 25684570 f002f587f0773833bce4893ae5019740 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b16-1.6.1-3ubuntu3_amd64.deb Size/MD5: 331476 b13401043a474794c9f363850a75036a http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea6-plugin_6b16-1.6.1-3ubuntu3_amd64.deb Size/MD5: 88444 07a7aca4c43029ab2536e813a141f098 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-dbg_6b16-1.6.1-3ubuntu3_amd64.deb Size/MD5: 93589046 caaefff32bde8ad5ef5048757fdfd0d6 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-demo_6b16-1.6.1-3ubuntu3_amd64.deb Size/MD5: 2369542 64dbab7480bdbda94f0e79e2d184a4e1 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jdk_6b16-1.6.1-3ubuntu3_amd64.deb Size/MD5: 10835892 04b03aa158add9a5ec4fb51e14e735b6 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b16-1.6.1-3ubuntu3_amd64.deb Size/MD5: 24801720 96d4c56f665da4c4439bd4e5ddca41cc http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre_6b16-1.6.1-3ubuntu3_amd64.deb Size/MD5: 270976 11bf2056bd8dc624fffcf99414a24abe http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b16-1.6.1-3ubuntu3_amd64.deb Size/MD5: 4700646 3ca67367189b5afb60c73783ab30519d i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b16-1.6.1-3ubuntu3_i386.deb Size/MD5: 295016 c35a01472676b0777d2efa148788cdb7 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea6-plugin_6b16-1.6.1-3ubuntu3_i386.deb Size/MD5: 77906 5726d9e09ef7cf6964dc1be85c7a1dbf http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-dbg_6b16-1.6.1-3ubuntu3_i386.deb Size/MD5: 154868278 665da097b3e8ec12298ce2ef4b24cac9 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-demo_6b16-1.6.1-3ubuntu3_i386.deb Size/MD5: 2352980 98a442b9ec469ab4c4ed718cdd360004 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jdk_6b16-1.6.1-3ubuntu3_i386.deb Size/MD5: 10953658 fe677db503bbf3dd45ed0c5ec84d1818 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b16-1.6.1-3ubuntu3_i386.deb Size/MD5: 26071290 6a46dbae9a611e7d868c414702918a81 http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre_6b16-1.6.1-3ubuntu3_i386.deb Size/MD5: 258644 60ae0f320a6cef87f1ce8e8d4b1b3657 http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b16-1.6.1-3ubuntu3_i386.deb Size/MD5: 4179062 1fafce1885ba7f4f1ac42d6834ad2ddb lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b16-1.6.1-3ubuntu3_lpia.deb Size/MD5: 295648 98a7c38778a14a58cc1b2ef8cc3fc6aa http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b16-1.6.1-3ubuntu3_lpia.deb Size/MD5: 78994 eacb841dc0f72601408472022475e4ea http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b16-1.6.1-3ubuntu3_lpia.deb Size/MD5: 155028880 3cd1909d1a0c6309db78f10ba2303e47 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b16-1.6.1-3ubuntu3_lpia.deb Size/MD5: 2349960 a4ed8cbe6b808d20b3905805a88ea8f6 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b16-1.6.1-3ubuntu3_lpia.deb Size/MD5: 10834376 27f3b73570d9b0966771b6dcda748ffe http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b16-1.6.1-3ubuntu3_lpia.deb Size/MD5: 26115464 5e987d96c2ee41ec0abac25a291f2b04 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b16-1.6.1-3ubuntu3_lpia.deb Size/MD5: 254844 7382c5d11d2964b28005b8aa033ac054 http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b16-1.6.1-3ubuntu3_lpia.deb Size/MD5: 4171478 97a4455fec8056d1c51758ed6498ed64 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b16-1.6.1-3ubuntu3_powerpc.deb Size/MD5: 320710 7e6f3f341c506ee102d55e0b0eeab3ec http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b16-1.6.1-3ubuntu3_powerpc.deb Size/MD5: 82728 7f74262de7084d8e02617ffa101a4c0d http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b16-1.6.1-3ubuntu3_powerpc.deb Size/MD5: 79465642 e4157d6a2e402289b5f59802e57daf35 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b16-1.6.1-3ubuntu3_powerpc.deb Size/MD5: 2368570 5fadc447b30b87a868a797f151f8a953 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b16-1.6.1-3ubuntu3_powerpc.deb Size/MD5: 8786542 e47528b55a38e7993ff0b9a8d8d94f0e http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b16-1.6.1-3ubuntu3_powerpc.deb Size/MD5: 23510102 d254a8014e50bfda3dae495007ffb3cf http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b16-1.6.1-3ubuntu3_powerpc.deb Size/MD5: 278238 e43b7f00294bcb017400afee75c61f09 http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b16-1.6.1-3ubuntu3_powerpc.deb Size/MD5: 4046108 babed0cdb15cde22daf171cefcaee9f0 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b16-1.6.1-3ubuntu3_sparc.deb Size/MD5: 75514 63122f5f2dc2ea5a22b6cc96e749e2ed http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b16-1.6.1-3ubuntu3_sparc.deb Size/MD5: 119361738 2b71a8764c11424b3d389c9a3d5f9422 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b16-1.6.1-3ubuntu3_sparc.deb Size/MD5: 2358884 4f7bf2738932ebec0f78e987ee71eb60 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b16-1.6.1-3ubuntu3_sparc.deb Size/MD5: 10858710 1368b7cede30e323cba35c8b103949f1 http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b16-1.6.1-3ubuntu3_sparc.deb Size/MD5: 26040612 2a4ed661590203bc0aa8ed119057012a http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b16-1.6.1-3ubuntu3_sparc.deb Size/MD5: 259016 1208328eb1a6bee5d87c0d28534767da . Such input strings represent valid numbers and can be contained in data supplied by an attacker over the network, leading to a denial-of-service attack. Note that this update introduces an OpenJDK package based on the IcedTea release 1.8.3 into the old stable distribution. This addresses several dozen security vulnerabilities, most of which are only exploitable by malicious mobile code. A notable exception is CVE-2009-3555, the TLS renegotiation vulnerability. This update implements the protocol extension described in RFC 5746, addressing this issue. This update also includes a new version of Hotspot, the Java virtual machine, which increases the default heap size on machines with several GB of RAM. If you run several JVMs on the same machine, you might have to reduce the heap size by specifying a suitable -Xmx argument in the invocation of the "java" command. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2010-0015 Synopsis: VMware ESX third party updates for Service Console Issue date: 2010-09-30 Updated on: 2010-09-30 (initial release of advisory) CVE numbers: CVE-2010-0826 CVE-2009-3767 CVE-2010-0734 CVE-2010-1646 CVE-2009-3555 CVE-2009-2409 CVE-2009-3245 CVE-2010-0433 - ------------------------------------------------------------------------ 1. Summary ESX 4.0 Console OS (COS) updates for NSS_db, OpenLDAP, cURL, sudo OpenSSL, GnuTLS, NSS and NSPR packages. 2. Relevant releases VMware ESX 4.0 without patches ESX400-201009407-SG, ESX400-201009408-SG, ESX400-201009409-SG, ESX400-201009410-SG, ESX400-201009401-SG Notes: Effective May 2010, VMware's patch and update release program during Extended Support will be continued with the condition that all subsequent patch and update releases will be based on the latest baseline release version as of May 2010 (i.e. ESX 3.0.3 Update 1, ESX 3.5 Update 5, and VirtualCenter 2.5 Update 6). Refer to section "End of Product Availability FAQs" at http://www.vmware.com/support/policies/lifecycle/vi/faq.html for details. Extended support for ESX 3.0.3 ends on 2011-12-10. Users should plan to upgrade to at least ESX 3.5 and preferably to the newest release available. 3. Problem Description a. Service Console update for NSS_db The service console package NSS_db is updated to version nss_db-2.2-35.4.el5_5. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-0826 to this issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX affected, patch pending ESX 4.0 ESX ESX400-201009407-SG ESX 3.5 ESX not applicable ESX 3.0.3 ESX not applicable * hosted products are VMware Workstation, Player, ACE, Server, Fusion. b. Service Console update for OpenLDAP The service console package OpenLDAP updated to version 2.3.43-12.el5. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2009-3767 to this issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX affected, patch pending ESX 4.0 ESX ESX400-201009408-SG ESX 3.5 ESX not applicable ESX 3.0.3 ESX not applicable * hosted products are VMware Workstation, Player, ACE, Server, Fusion. c. Service Console update for cURL The service console packages for cURL updated to version 7.15.5-9.el5. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-0734 to this issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX affected, patch pending ESX 4.0 ESX ESX400-201009409-SG ESX 3.5 ESX not applicable ESX 3.0.3 ESX not applicable * hosted products are VMware Workstation, Player, ACE, Server, Fusion. d. Service Console update for sudo The service console package sudo updated to version 1.7.2p1-7.el5_5. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-1646 to this issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX affected, patch pending ESX 4.0 ESX ESX400-201009410-SG ESX 3.5 ESX not applicable ESX 3.0.3 ESX not applicable * hosted products are VMware Workstation, Player, ACE, Server, Fusion. e. Service Console update for OpenSSL, GnuTLS, NSS and NSPR Service Console updates for OpenSSL to version 097a-0.9.7a-9.el5_4.2 and version 0.9.8e-12.el5_4.6, GnuTLS to version 1.4.1-3.el5_4.8, and NSS to version 3.12.6-1.3235.vmw and NSPR to version 4.8.4-1.3235.vmw. These four updates are bundled together due to their mutual dependencies. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2009-3555, CVE-2009-2409, CVE-2009-3245 and CVE-2010-0433 to the issues addressed in this update. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX affected, patch pending ESX 4.0 ESX ESX400-201009401-SG ** ESX 3.5 ESX not applicable ESX 3.0.3 ESX not applicable * hosted products are VMware Workstation, Player, ACE, Server, Fusion. ** Note: This patch also addresses non-security issues. See KB article 1023759 for details. 4. Solution Please review the patch/release notes for your product and version and verify the md5sum of your downloaded file. ESX 4.0 ------- ESX400-201009001 Download link: http://bit.ly/adhjEu md5sum: 988c593b7a7abf0be5b72970ac64a369 sha1sum: 26d875955b01c19f4e56703216e135257c08836f http://kb.vmware.com/kb/1025321 ESX400-201009001 contains the following security bulletins: ESX400-201009407-SG (NSS_db) | http://kb.vmware.com/kb/1023763 ESX400-201009408-SG (OpenLDAP) | http://kb.vmware.com/kb/1023764 ESX400-201009409-SG (cURL) | http://kb.vmware.com/kb/1023765 ESX400-201009410-SG (sudo) | http://kb.vmware.com/kb/1023766 ESX400-201009401-SG (OpenSSL, GnuTLS, NSS) | http://kb.vmware.com/kb/1023759 And contains the following security bundles from VMSA-2010-0013.1: ESX400-201009402-SG (cpio) | http://kb.vmware.com/kb/1023760 ESX400-201009406-SG (tar) | http://kb.vmware.com/kb/1023762 ESX400-201009403-SG (krb5) | http://kb.vmware.com/kb/1023761 ESX400-201009411-SG (perl) | http://kb.vmware.com/kb/1023767 And also contains ESX400-201009412-BG a non-security critical update. To install an individual bulletin use esxupdate with the -b option. 5. References CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0826 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3767 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0734 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1646 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2409 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3245 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0433 - ------------------------------------------------------------------------ 6. Change log 2010-09-30 VMSA-2010-0015 Initial security advisory after release of patches for ESX 4.0 on 2010-09-30 - ----------------------------------------------------------------------- 7. Contact E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce This Security Advisory is posted to the following lists: * security-announce at lists.vmware.com * bugtraq at securityfocus.com * full-disclosure at lists.grok.org.uk E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055 VMware Security Center http://www.vmware.com/security VMware Security Advisories http://www.vmware.com/security/advisoiries VMware security response policy http://www.vmware.com/support/policies/security_response.html General support life cycle policy http://www.vmware.com/support/policies/eos.html VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html Copyright 2010 VMware Inc. All rights reserved. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) iEYEARECAAYFAkykSsUACgkQS2KysvBH1xn89gCcCMcHvt1LDG9pNh5lbRmxphDg R2UAmQHIUDg4mWUStJolvh98eiTS140I =bM3K -----END PGP SIGNATURE----- . This update addresses these protocol vulnerabilities in lighttpd. CVE-2009-3555 Marsh Ray, Steve Dispensa, and Martin Rex discovered that the TLS and SSLv3 protocols do not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions. This issue is solved in lighttpd by disabling client initiated renegotiation by default. Those users that do actually need such renegotiations, can reenable them via the new 'ssl.disable-client-renegotiation' parameter. CVE-2012-4929 Juliano Rizzo and Thai Duong discovered a weakness in the TLS/SSL protocol when using compression. This side channel attack, dubbed 'CRIME', allows eavesdroppers to gather information to recover the original plaintext in the protocol. This update disables compression. For the stable distribution (squeeze), these problems have been fixed in version 1.4.28-2+squeeze1.2. For the testing distribution (wheezy), and the unstable distribution (sid) these problems have been fixed in version 1.4.30-1. We recommend that you upgrade your lighttpd packages. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201301-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Mozilla Products: Multiple vulnerabilities Date: January 08, 2013 Bugs: #180159, #181361, #207261, #238535, #246602, #251322, #255221, #255234, #255687, #257577, #260062, #261386, #262704, #267234, #273918, #277752, #280226, #280234, #280393, #282549, #284439, #286721, #290892, #292034, #297532, #305689, #307045, #311021, #312361, #312645, #312651, #312675, #312679, #312763, #313003, #324735, #326341, #329279, #336396, #341821, #342847, #348316, #357057, #360055, #360315, #365323, #373595, #379549, #381245, #388045, #390771, #395431, #401701, #403183, #404437, #408161, #413657, #419917, #427224, #433383, #437780, #439586, #439960, #444318 ID: 201301-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation. Background ========== Mozilla Firefox is an open-source web browser and Mozilla Thunderbird an open-source email client, both from the Mozilla Project. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the 'Mozilla Application Suite'. XULRunner is a Mozilla runtime package that can be used to bootstrap XUL+XPCOM applications such as Firefox and Thunderbird. NSS is Mozilla's Network Security Services library that implements PKI support. IceCat is the GNU version of Firefox. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/firefox < 10.0.11 >= 10.0.11 2 www-client/firefox-bin < 10.0.11 >= 10.0.11 3 mail-client/thunderbird < 10.0.11 >= 10.0.11 4 mail-client/thunderbird-bin < 10.0.11 >= 10.0.11 5 www-client/seamonkey < 2.14-r1 >= 2.14-r1 6 www-client/seamonkey-bin < 2.14 >= 2.14 7 dev-libs/nss < 3.14 >= 3.14 8 www-client/mozilla-firefox <= 3.6.8 Vulnerable! 9 www-client/mozilla-firefox-bin <= 3.5.6 Vulnerable! 10 mail-client/mozilla-thunderbird <= 3.0.4-r1 Vulnerable! 11 mail-client/mozilla-thunderbird-bin <= 3.0 Vulnerable! 12 www-client/icecat <= 10.0-r1 Vulnerable! 13 net-libs/xulrunner <= 2.0-r1 Vulnerable! 14 net-libs/xulrunner-bin <= 1.8.1.19 Vulnerable! ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. ------------------------------------------------------------------- 14 affected packages Description =========== Multiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, bypass restrictions and protection mechanisms, force file downloads, conduct XML injection attacks, conduct XSS attacks, bypass the Same Origin Policy, spoof URL's for phishing attacks, trigger a vertical scroll, spoof the location bar, spoof an SSL indicator, modify the browser's font, conduct clickjacking attacks, or have other unspecified impact. A local attacker could gain escalated privileges, obtain sensitive information, or replace an arbitrary downloaded file. Workaround ========== There is no known workaround at this time. Resolution ========== All Mozilla Firefox users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/firefox-10.0.11" All users of the Mozilla Firefox binary package should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-10.0.11"= All Mozilla Thunderbird users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=mail-client/thunderbird-10.0.11" All users of the Mozilla Thunderbird binary package should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=mail-client/thunderbird-bin-10.0.11" All Mozilla SeaMonkey users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/seamonkey-2.14-r1" All users of the Mozilla SeaMonkey binary package should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/seamonkey-bin-2.14" All NSS users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/nss-3.14" The "www-client/mozilla-firefox" package has been merged into the "www-client/firefox" package. To upgrade, please unmerge "www-client/mozilla-firefox" and then emerge the latest "www-client/firefox" package: # emerge --sync # emerge --unmerge "www-client/mozilla-firefox" # emerge --ask --oneshot --verbose ">=www-client/firefox-10.0.11" The "www-client/mozilla-firefox-bin" package has been merged into the "www-client/firefox-bin" package. To upgrade, please unmerge "www-client/mozilla-firefox-bin" and then emerge the latest "www-client/firefox-bin" package: # emerge --sync # emerge --unmerge "www-client/mozilla-firefox-bin" # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-10.0.11"= The "mail-client/mozilla-thunderbird" package has been merged into the "mail-client/thunderbird" package. To upgrade, please unmerge "mail-client/mozilla-thunderbird" and then emerge the latest "mail-client/thunderbird" package: # emerge --sync # emerge --unmerge "mail-client/mozilla-thunderbird" # emerge --ask --oneshot -v ">=mail-client/thunderbird-10.0.11" The "mail-client/mozilla-thunderbird-bin" package has been merged into the "mail-client/thunderbird-bin" package. To upgrade, please unmerge "mail-client/mozilla-thunderbird-bin" and then emerge the latest "mail-client/thunderbird-bin" package: # emerge --sync # emerge --unmerge "mail-client/mozilla-thunderbird-bin" # emerge --ask --oneshot -v ">=mail-client/thunderbird-bin-10.0.11" Gentoo discontinued support for GNU IceCat. We recommend that users unmerge GNU IceCat: # emerge --unmerge "www-client/icecat" Gentoo discontinued support for XULRunner. We recommend that users unmerge XULRunner: # emerge --unmerge "net-libs/xulrunner" Gentoo discontinued support for the XULRunner binary package. We recommend that users unmerge XULRunner: # emerge --unmerge "net-libs/xulrunner-bin" References ========== [ 1 ] CVE-2011-3101 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3101 [ 2 ] CVE-2007-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2436 [ 3 ] CVE-2007-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2437 [ 4 ] CVE-2007-2671 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2671 [ 5 ] CVE-2007-3073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3073 [ 6 ] CVE-2008-0016 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0016 [ 7 ] CVE-2008-0017 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0017 [ 8 ] CVE-2008-0367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0367 [ 9 ] CVE-2008-3835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3835 [ 10 ] CVE-2008-3836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3836 [ 11 ] CVE-2008-3837 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3837 [ 12 ] CVE-2008-4058 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4058 [ 13 ] CVE-2008-4059 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4059 [ 14 ] CVE-2008-4060 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4060 [ 15 ] CVE-2008-4061 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4061 [ 16 ] CVE-2008-4062 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4062 [ 17 ] CVE-2008-4063 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4063 [ 18 ] CVE-2008-4064 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4064 [ 19 ] CVE-2008-4065 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4065 [ 20 ] CVE-2008-4066 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4066 [ 21 ] CVE-2008-4067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4067 [ 22 ] CVE-2008-4068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4068 [ 23 ] CVE-2008-4069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4069 [ 24 ] CVE-2008-4070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4070 [ 25 ] CVE-2008-4582 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4582 [ 26 ] CVE-2008-5012 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5012 [ 27 ] CVE-2008-5013 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5013 [ 28 ] CVE-2008-5014 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5014 [ 29 ] CVE-2008-5015 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5015 [ 30 ] CVE-2008-5016 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5016 [ 31 ] CVE-2008-5017 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5017 [ 32 ] CVE-2008-5018 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5018 [ 33 ] CVE-2008-5019 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5019 [ 34 ] CVE-2008-5021 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5021 [ 35 ] CVE-2008-5022 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5022 [ 36 ] CVE-2008-5023 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5023 [ 37 ] CVE-2008-5024 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5024 [ 38 ] CVE-2008-5052 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5052 [ 39 ] CVE-2008-5500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5500 [ 40 ] CVE-2008-5501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5501 [ 41 ] CVE-2008-5502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5502 [ 42 ] CVE-2008-5503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5503 [ 43 ] CVE-2008-5504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5504 [ 44 ] CVE-2008-5505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5505 [ 45 ] CVE-2008-5506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5506 [ 46 ] CVE-2008-5507 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5507 [ 47 ] CVE-2008-5508 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5508 [ 48 ] CVE-2008-5510 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5510 [ 49 ] CVE-2008-5511 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5511 [ 50 ] CVE-2008-5512 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5512 [ 51 ] CVE-2008-5513 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5513 [ 52 ] CVE-2008-5822 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5822 [ 53 ] CVE-2008-5913 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5913 [ 54 ] CVE-2008-6961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-6961 [ 55 ] CVE-2009-0071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0071 [ 56 ] CVE-2009-0071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0071 [ 57 ] CVE-2009-0352 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0352 [ 58 ] CVE-2009-0353 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0353 [ 59 ] CVE-2009-0354 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0354 [ 60 ] CVE-2009-0355 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0355 [ 61 ] CVE-2009-0356 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0356 [ 62 ] CVE-2009-0357 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0357 [ 63 ] CVE-2009-0358 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0358 [ 64 ] CVE-2009-0652 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0652 [ 65 ] CVE-2009-0771 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0771 [ 66 ] CVE-2009-0772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0772 [ 67 ] CVE-2009-0773 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0773 [ 68 ] CVE-2009-0774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0774 [ 69 ] CVE-2009-0775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0775 [ 70 ] CVE-2009-0776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0776 [ 71 ] CVE-2009-0777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0777 [ 72 ] CVE-2009-1044 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1044 [ 73 ] CVE-2009-1169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1169 [ 74 ] CVE-2009-1302 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1302 [ 75 ] CVE-2009-1303 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1303 [ 76 ] CVE-2009-1304 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1304 [ 77 ] CVE-2009-1305 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1305 [ 78 ] CVE-2009-1306 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1306 [ 79 ] CVE-2009-1307 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1307 [ 80 ] CVE-2009-1308 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1308 [ 81 ] CVE-2009-1309 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1309 [ 82 ] CVE-2009-1310 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1310 [ 83 ] CVE-2009-1311 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1311 [ 84 ] CVE-2009-1312 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1312 [ 85 ] CVE-2009-1313 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1313 [ 86 ] CVE-2009-1392 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1392 [ 87 ] CVE-2009-1563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1563 [ 88 ] CVE-2009-1571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1571 [ 89 ] CVE-2009-1828 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1828 [ 90 ] CVE-2009-1832 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1832 [ 91 ] CVE-2009-1833 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1833 [ 92 ] CVE-2009-1834 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1834 [ 93 ] CVE-2009-1835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1835 [ 94 ] CVE-2009-1836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1836 [ 95 ] CVE-2009-1837 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1837 [ 96 ] CVE-2009-1838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1838 [ 97 ] CVE-2009-1839 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1839 [ 98 ] CVE-2009-1840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1840 [ 99 ] CVE-2009-1841 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1841 [ 100 ] CVE-2009-2043 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2043 [ 101 ] CVE-2009-2044 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2044 [ 102 ] CVE-2009-2061 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2061 [ 103 ] CVE-2009-2065 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2065 [ 104 ] CVE-2009-2210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2210 [ 105 ] CVE-2009-2404 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2404 [ 106 ] CVE-2009-2408 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2408 [ 107 ] CVE-2009-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2462 [ 108 ] CVE-2009-2463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2463 [ 109 ] CVE-2009-2464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2464 [ 110 ] CVE-2009-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2465 [ 111 ] CVE-2009-2466 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2466 [ 112 ] CVE-2009-2467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2467 [ 113 ] CVE-2009-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2469 [ 114 ] CVE-2009-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2470 [ 115 ] CVE-2009-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2471 [ 116 ] CVE-2009-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2472 [ 117 ] CVE-2009-2477 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2477 [ 118 ] CVE-2009-2478 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2478 [ 119 ] CVE-2009-2479 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2479 [ 120 ] CVE-2009-2535 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2535 [ 121 ] CVE-2009-2654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2654 [ 122 ] CVE-2009-2662 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2662 [ 123 ] CVE-2009-2664 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2664 [ 124 ] CVE-2009-2665 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2665 [ 125 ] CVE-2009-3069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3069 [ 126 ] CVE-2009-3070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3070 [ 127 ] CVE-2009-3071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3071 [ 128 ] CVE-2009-3072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3072 [ 129 ] CVE-2009-3074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3074 [ 130 ] CVE-2009-3075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3075 [ 131 ] CVE-2009-3076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3076 [ 132 ] CVE-2009-3077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3077 [ 133 ] CVE-2009-3078 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3078 [ 134 ] CVE-2009-3079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3079 [ 135 ] CVE-2009-3274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3274 [ 136 ] CVE-2009-3371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3371 [ 137 ] CVE-2009-3372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3372 [ 138 ] CVE-2009-3373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3373 [ 139 ] CVE-2009-3374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3374 [ 140 ] CVE-2009-3375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3375 [ 141 ] CVE-2009-3376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3376 [ 142 ] CVE-2009-3377 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3377 [ 143 ] CVE-2009-3378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3378 [ 144 ] CVE-2009-3379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3379 [ 145 ] CVE-2009-3380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3380 [ 146 ] CVE-2009-3381 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3381 [ 147 ] CVE-2009-3382 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3382 [ 148 ] CVE-2009-3383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3383 [ 149 ] CVE-2009-3388 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3388 [ 150 ] CVE-2009-3389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3389 [ 151 ] CVE-2009-3555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555 [ 152 ] CVE-2009-3978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3978 [ 153 ] CVE-2009-3979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3979 [ 154 ] CVE-2009-3980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3980 [ 155 ] CVE-2009-3981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3981 [ 156 ] CVE-2009-3982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3982 [ 157 ] CVE-2009-3983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3983 [ 158 ] CVE-2009-3984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3984 [ 159 ] CVE-2009-3985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3985 [ 160 ] CVE-2009-3986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3986 [ 161 ] CVE-2009-3987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3987 [ 162 ] CVE-2009-3988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3988 [ 163 ] CVE-2010-0159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0159 [ 164 ] CVE-2010-0160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0160 [ 165 ] CVE-2010-0162 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0162 [ 166 ] CVE-2010-0163 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0163 [ 167 ] CVE-2010-0164 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0164 [ 168 ] CVE-2010-0165 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0165 [ 169 ] CVE-2010-0166 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0166 [ 170 ] CVE-2010-0167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0167 [ 171 ] CVE-2010-0167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0167 [ 172 ] CVE-2010-0168 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0168 [ 173 ] CVE-2010-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0169 [ 174 ] CVE-2010-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0169 [ 175 ] CVE-2010-0170 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0170 [ 176 ] CVE-2010-0171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0171 [ 177 ] CVE-2010-0171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0171 [ 178 ] CVE-2010-0172 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0172 [ 179 ] CVE-2010-0173 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0173 [ 180 ] CVE-2010-0174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0174 [ 181 ] CVE-2010-0174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0174 [ 182 ] CVE-2010-0175 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0175 [ 183 ] CVE-2010-0175 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0175 [ 184 ] CVE-2010-0176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0176 [ 185 ] CVE-2010-0176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0176 [ 186 ] CVE-2010-0177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0177 [ 187 ] CVE-2010-0178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0178 [ 188 ] CVE-2010-0179 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0179 [ 189 ] CVE-2010-0181 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0181 [ 190 ] CVE-2010-0182 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0182 [ 191 ] CVE-2010-0183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0183 [ 192 ] CVE-2010-0220 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0220 [ 193 ] CVE-2010-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0648 [ 194 ] CVE-2010-0654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0654 [ 195 ] CVE-2010-1028 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1028 [ 196 ] CVE-2010-1121 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1121 [ 197 ] CVE-2010-1125 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1125 [ 198 ] CVE-2010-1196 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1196 [ 199 ] CVE-2010-1197 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1197 [ 200 ] CVE-2010-1198 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1198 [ 201 ] CVE-2010-1199 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1199 [ 202 ] CVE-2010-1200 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1200 [ 203 ] CVE-2010-1201 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1201 [ 204 ] CVE-2010-1202 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1202 [ 205 ] CVE-2010-1203 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1203 [ 206 ] CVE-2010-1205 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1205 [ 207 ] CVE-2010-1206 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1206 [ 208 ] CVE-2010-1207 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1207 [ 209 ] CVE-2010-1208 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1208 [ 210 ] CVE-2010-1209 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1209 [ 211 ] CVE-2010-1210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1210 [ 212 ] CVE-2010-1211 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1211 [ 213 ] CVE-2010-1212 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1212 [ 214 ] CVE-2010-1213 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1213 [ 215 ] CVE-2010-1214 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1214 [ 216 ] CVE-2010-1215 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1215 [ 217 ] CVE-2010-1585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1585 [ 218 ] CVE-2010-2751 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2751 [ 219 ] CVE-2010-2752 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2752 [ 220 ] CVE-2010-2753 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2753 [ 221 ] CVE-2010-2754 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2754 [ 222 ] CVE-2010-2755 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2755 [ 223 ] CVE-2010-2760 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2760 [ 224 ] CVE-2010-2762 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2762 [ 225 ] CVE-2010-2763 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2763 [ 226 ] CVE-2010-2764 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2764 [ 227 ] CVE-2010-2765 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2765 [ 228 ] CVE-2010-2766 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2766 [ 229 ] CVE-2010-2767 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2767 [ 230 ] CVE-2010-2768 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2768 [ 231 ] CVE-2010-2769 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2769 [ 232 ] CVE-2010-2770 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2770 [ 233 ] CVE-2010-3131 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3131 [ 234 ] CVE-2010-3166 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3166 [ 235 ] CVE-2010-3167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3167 [ 236 ] CVE-2010-3168 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3168 [ 237 ] CVE-2010-3169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3169 [ 238 ] CVE-2010-3170 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3170 [ 239 ] CVE-2010-3171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3171 [ 240 ] CVE-2010-3173 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3173 [ 241 ] CVE-2010-3174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3174 [ 242 ] CVE-2010-3175 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3175 [ 243 ] CVE-2010-3176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3176 [ 244 ] CVE-2010-3177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3177 [ 245 ] CVE-2010-3178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3178 [ 246 ] CVE-2010-3179 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3179 [ 247 ] CVE-2010-3180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3180 [ 248 ] CVE-2010-3182 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3182 [ 249 ] CVE-2010-3183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3183 [ 250 ] CVE-2010-3399 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3399 [ 251 ] CVE-2010-3400 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3400 [ 252 ] CVE-2010-3765 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3765 [ 253 ] CVE-2010-3766 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3766 [ 254 ] CVE-2010-3767 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3767 [ 255 ] CVE-2010-3768 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3768 [ 256 ] CVE-2010-3769 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3769 [ 257 ] CVE-2010-3770 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3770 [ 258 ] CVE-2010-3771 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3771 [ 259 ] CVE-2010-3772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3772 [ 260 ] CVE-2010-3773 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3773 [ 261 ] CVE-2010-3774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3774 [ 262 ] CVE-2010-3775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3775 [ 263 ] CVE-2010-3776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3776 [ 264 ] CVE-2010-3777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3777 [ 265 ] CVE-2010-3778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3778 [ 266 ] CVE-2010-4508 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4508 [ 267 ] CVE-2010-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-5074 [ 268 ] CVE-2011-0051 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0051 [ 269 ] CVE-2011-0053 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0053 [ 270 ] CVE-2011-0054 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0054 [ 271 ] CVE-2011-0055 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0055 [ 272 ] CVE-2011-0056 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0056 [ 273 ] CVE-2011-0057 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0057 [ 274 ] CVE-2011-0058 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0058 [ 275 ] CVE-2011-0059 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0059 [ 276 ] CVE-2011-0061 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0061 [ 277 ] CVE-2011-0062 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0062 [ 278 ] CVE-2011-0065 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0065 [ 279 ] CVE-2011-0066 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0066 [ 280 ] CVE-2011-0067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0067 [ 281 ] CVE-2011-0068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0068 [ 282 ] CVE-2011-0069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0069 [ 283 ] CVE-2011-0070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0070 [ 284 ] CVE-2011-0071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0071 [ 285 ] CVE-2011-0072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0072 [ 286 ] CVE-2011-0073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0073 [ 287 ] CVE-2011-0074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0074 [ 288 ] CVE-2011-0075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0075 [ 289 ] CVE-2011-0076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0076 [ 290 ] CVE-2011-0077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0077 [ 291 ] CVE-2011-0078 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0078 [ 292 ] CVE-2011-0079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0079 [ 293 ] CVE-2011-0080 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0080 [ 294 ] CVE-2011-0081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0081 [ 295 ] CVE-2011-0082 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0082 [ 296 ] CVE-2011-0083 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0083 [ 297 ] CVE-2011-0084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0084 [ 298 ] CVE-2011-0085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0085 [ 299 ] CVE-2011-1187 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1187 [ 300 ] CVE-2011-1202 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1202 [ 301 ] CVE-2011-1712 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1712 [ 302 ] CVE-2011-2362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2362 [ 303 ] CVE-2011-2363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2363 [ 304 ] CVE-2011-2364 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2364 [ 305 ] CVE-2011-2365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2365 [ 306 ] CVE-2011-2369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2369 [ 307 ] CVE-2011-2370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2370 [ 308 ] CVE-2011-2371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2371 [ 309 ] CVE-2011-2372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2372 [ 310 ] CVE-2011-2373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2373 [ 311 ] CVE-2011-2374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2374 [ 312 ] CVE-2011-2375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2375 [ 313 ] CVE-2011-2376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2376 [ 314 ] CVE-2011-2377 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2377 [ 315 ] CVE-2011-2378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2378 [ 316 ] CVE-2011-2605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2605 [ 317 ] CVE-2011-2980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2980 [ 318 ] CVE-2011-2981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2981 [ 319 ] CVE-2011-2982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2982 [ 320 ] CVE-2011-2983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2983 [ 321 ] CVE-2011-2984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2984 [ 322 ] CVE-2011-2985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2985 [ 323 ] CVE-2011-2986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2986 [ 324 ] CVE-2011-2987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2987 [ 325 ] CVE-2011-2988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2988 [ 326 ] CVE-2011-2989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2989 [ 327 ] CVE-2011-2990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2990 [ 328 ] CVE-2011-2991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2991 [ 329 ] CVE-2011-2993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2993 [ 330 ] CVE-2011-2995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2995 [ 331 ] CVE-2011-2996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2996 [ 332 ] CVE-2011-2997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2997 [ 333 ] CVE-2011-2998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2998 [ 334 ] CVE-2011-2999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2999 [ 335 ] CVE-2011-3000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3000 [ 336 ] CVE-2011-3001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3001 [ 337 ] CVE-2011-3002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3002 [ 338 ] CVE-2011-3003 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3003 [ 339 ] CVE-2011-3004 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3004 [ 340 ] CVE-2011-3005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3005 [ 341 ] CVE-2011-3026 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3026 [ 342 ] CVE-2011-3062 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3062 [ 343 ] CVE-2011-3232 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3232 [ 344 ] CVE-2011-3389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389 [ 345 ] CVE-2011-3640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3640 [ 346 ] CVE-2011-3647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3647 [ 347 ] CVE-2011-3648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3648 [ 348 ] CVE-2011-3649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3649 [ 349 ] CVE-2011-3650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3650 [ 350 ] CVE-2011-3651 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3651 [ 351 ] CVE-2011-3652 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3652 [ 352 ] CVE-2011-3653 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3653 [ 353 ] CVE-2011-3654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3654 [ 354 ] CVE-2011-3655 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3655 [ 355 ] CVE-2011-3658 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3658 [ 356 ] CVE-2011-3659 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3659 [ 357 ] CVE-2011-3660 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3660 [ 358 ] CVE-2011-3661 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3661 [ 359 ] CVE-2011-3663 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3663 [ 360 ] CVE-2011-3665 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3665 [ 361 ] CVE-2011-3670 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3670 [ 362 ] CVE-2011-3866 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3866 [ 363 ] CVE-2011-4688 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4688 [ 364 ] CVE-2012-0441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0441 [ 365 ] CVE-2012-0442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0442 [ 366 ] CVE-2012-0443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0443 [ 367 ] CVE-2012-0444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0444 [ 368 ] CVE-2012-0445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0445 [ 369 ] CVE-2012-0446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0446 [ 370 ] CVE-2012-0447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0447 [ 371 ] CVE-2012-0449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0449 [ 372 ] CVE-2012-0450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0450 [ 373 ] CVE-2012-0451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0451 [ 374 ] CVE-2012-0452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0452 [ 375 ] CVE-2012-0455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0455 [ 376 ] CVE-2012-0456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0456 [ 377 ] CVE-2012-0457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0457 [ 378 ] CVE-2012-0458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0458 [ 379 ] CVE-2012-0459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0459 [ 380 ] CVE-2012-0460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0460 [ 381 ] CVE-2012-0461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0461 [ 382 ] CVE-2012-0462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0462 [ 383 ] CVE-2012-0463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0463 [ 384 ] CVE-2012-0464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0464 [ 385 ] CVE-2012-0467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0467 [ 386 ] CVE-2012-0468 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0468 [ 387 ] CVE-2012-0469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0469 [ 388 ] CVE-2012-0470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0470 [ 389 ] CVE-2012-0471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0471 [ 390 ] CVE-2012-0473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0473 [ 391 ] CVE-2012-0474 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0474 [ 392 ] CVE-2012-0475 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0475 [ 393 ] CVE-2012-0477 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0477 [ 394 ] CVE-2012-0478 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0478 [ 395 ] CVE-2012-0479 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0479 [ 396 ] CVE-2012-1937 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1937 [ 397 ] CVE-2012-1938 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1938 [ 398 ] CVE-2012-1939 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1939 [ 399 ] CVE-2012-1940 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1940 [ 400 ] CVE-2012-1941 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1941 [ 401 ] CVE-2012-1945 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1945 [ 402 ] CVE-2012-1946 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1946 [ 403 ] CVE-2012-1947 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1947 [ 404 ] CVE-2012-1948 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1948 [ 405 ] CVE-2012-1949 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1949 [ 406 ] CVE-2012-1950 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1950 [ 407 ] CVE-2012-1951 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1951 [ 408 ] CVE-2012-1952 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1952 [ 409 ] CVE-2012-1953 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1953 [ 410 ] CVE-2012-1954 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1954 [ 411 ] CVE-2012-1955 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1955 [ 412 ] CVE-2012-1956 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1956 [ 413 ] CVE-2012-1957 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1957 [ 414 ] CVE-2012-1958 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1958 [ 415 ] CVE-2012-1959 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1959 [ 416 ] CVE-2012-1960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1960 [ 417 ] CVE-2012-1961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1961 [ 418 ] CVE-2012-1962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1962 [ 419 ] CVE-2012-1963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1963 [ 420 ] CVE-2012-1964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1964 [ 421 ] CVE-2012-1965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1965 [ 422 ] CVE-2012-1966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1966 [ 423 ] CVE-2012-1967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1967 [ 424 ] CVE-2012-1970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1970 [ 425 ] CVE-2012-1971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1971 [ 426 ] CVE-2012-1972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1972 [ 427 ] CVE-2012-1973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1973 [ 428 ] CVE-2012-1974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1974 [ 429 ] CVE-2012-1975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1975 [ 430 ] CVE-2012-1976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1976 [ 431 ] CVE-2012-1994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1994 [ 432 ] CVE-2012-3956 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3956 [ 433 ] CVE-2012-3957 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3957 [ 434 ] CVE-2012-3958 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3958 [ 435 ] CVE-2012-3959 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3959 [ 436 ] CVE-2012-3960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3960 [ 437 ] CVE-2012-3961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3961 [ 438 ] CVE-2012-3962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3962 [ 439 ] CVE-2012-3963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3963 [ 440 ] CVE-2012-3964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3964 [ 441 ] CVE-2012-3965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3965 [ 442 ] CVE-2012-3966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3966 [ 443 ] CVE-2012-3967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3967 [ 444 ] CVE-2012-3968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3968 [ 445 ] CVE-2012-3969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3969 [ 446 ] CVE-2012-3970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3970 [ 447 ] CVE-2012-3971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3971 [ 448 ] CVE-2012-3972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3972 [ 449 ] CVE-2012-3973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3973 [ 450 ] CVE-2012-3975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3975 [ 451 ] CVE-2012-3976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3976 [ 452 ] CVE-2012-3977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3977 [ 453 ] CVE-2012-3978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3978 [ 454 ] CVE-2012-3980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3980 [ 455 ] CVE-2012-3982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3982 [ 456 ] CVE-2012-3984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3984 [ 457 ] CVE-2012-3985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3985 [ 458 ] CVE-2012-3986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3986 [ 459 ] CVE-2012-3988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3988 [ 460 ] CVE-2012-3989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3989 [ 461 ] CVE-2012-3990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3990 [ 462 ] CVE-2012-3991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3991 [ 463 ] CVE-2012-3992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3992 [ 464 ] CVE-2012-3993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3993 [ 465 ] CVE-2012-3994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3994 [ 466 ] CVE-2012-3995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3995 [ 467 ] CVE-2012-4179 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4179 [ 468 ] CVE-2012-4180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4180 [ 469 ] CVE-2012-4181 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4181 [ 470 ] CVE-2012-4182 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4182 [ 471 ] CVE-2012-4183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4183 [ 472 ] CVE-2012-4184 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4184 [ 473 ] CVE-2012-4185 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4185 [ 474 ] CVE-2012-4186 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4186 [ 475 ] CVE-2012-4187 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4187 [ 476 ] CVE-2012-4188 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4188 [ 477 ] CVE-2012-4190 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4190 [ 478 ] CVE-2012-4191 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4191 [ 479 ] CVE-2012-4192 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4192 [ 480 ] CVE-2012-4193 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4193 [ 481 ] CVE-2012-4194 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4194 [ 482 ] CVE-2012-4195 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4195 [ 483 ] CVE-2012-4196 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4196 [ 484 ] CVE-2012-4201 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4201 [ 485 ] CVE-2012-4202 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4202 [ 486 ] CVE-2012-4204 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4204 [ 487 ] CVE-2012-4205 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4205 [ 488 ] CVE-2012-4206 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4206 [ 489 ] CVE-2012-4207 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4207 [ 490 ] CVE-2012-4208 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4208 [ 491 ] CVE-2012-4209 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4209 [ 492 ] CVE-2012-4210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4210 [ 493 ] CVE-2012-4212 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4212 [ 494 ] CVE-2012-4215 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4215 [ 495 ] CVE-2012-4216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4216 [ 496 ] CVE-2012-5354 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5354 [ 497 ] CVE-2012-5829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5829 [ 498 ] CVE-2012-5830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5830 [ 499 ] CVE-2012-5833 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5833 [ 500 ] CVE-2012-5835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5835 [ 501 ] CVE-2012-5836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5836 [ 502 ] CVE-2012-5838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5838 [ 503 ] CVE-2012-5839 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5839 [ 504 ] CVE-2012-5840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5840 [ 505 ] CVE-2012-5841 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5841 [ 506 ] CVE-2012-5842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5842 [ 507 ] CVE-2012-5843 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5843 [ 508 ] Firefox Blocking Fraudulent Certificates http://blog.mozilla.org/security/2011/03/22/firefox-blocking-fraudulent-c= ertificates/ [ 509 ] Mozilla Foundation Security Advisory 2011-11 http://www.mozilla.org/security/announce/2011/mfsa2011-11.html [ 510 ] Mozilla Foundation Security Advisory 2011-34 http://www.mozilla.org/security/announce/2011/mfsa2011-34.html Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201301-01.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . HP System Management Homepage v6.2 or subsequent for Linux (x86), Linux (AMD64/EM64T), and Windows can be downloaded from the following link. Corrected: 2009-12-03 09:18:40 UTC (RELENG_8, 8.0-STABLE) 2009-12-03 09:18:40 UTC (RELENG_8_0, 8.0-RELEASE-p1) 2009-12-03 09:18:40 UTC (RELENG_7, 7.2-STABLE) 2009-12-03 09:18:40 UTC (RELENG_7_2, 7.2-RELEASE-p5) 2009-12-03 09:18:40 UTC (RELENG_7_1, 7.1-RELEASE-p9) 2009-12-03 09:18:40 UTC (RELENG_6, 6.4-STABLE) 2009-12-03 09:18:40 UTC (RELENG_6_4, 6.4-RELEASE-p8) 2009-12-03 09:18:40 UTC (RELENG_6_3, 6.3-RELEASE-p14) CVE Name: CVE-2009-3555 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit <URL:http://security.FreeBSD.org/>. Background The SSL (Secure Sockets Layer) and TLS (Transport Layer Security) protocols provide a secure communications layer over which other protocols can be utilized. The most widespread use of SSL/TLS is to add security to the HTTP protocol, thus producing HTTPS. FreeBSD includes software from the OpenSSL Project which implements SSL and TLS. II. Problem Description The SSL version 3 and TLS protocols support session renegotiation without cryptographically tying the new session parameters to the old parameters. III. Impact An attacker who can intercept a TCP connection being used for SSL or TLS can cause the initial session negotiation to take the place of a session renegotiation. This can be exploited in several ways, including: * Causing a server to interpret incoming messages as having been sent under the auspices of a client SSL key when in fact they were not; * Causing a client request to be appended to an attacker-supplied request, potentially revealing to the attacker the contents of the client request (including any authentication parameters); and * Causing a client to receive a response to an attacker-supplied request instead of a response to the request sent by the client. IV. Solution NOTE WELL: This update causes OpenSSL to reject any attempt to renegotiate SSL / TLS session parameters. As a result, connections in which the other party attempts to renegotiate session parameters will break. In practice, however, session renegotiation is a rarely-used feature, so disabling this functionality is unlikely to cause problems for most systems. Perform one of the following: 1) Upgrade your vulnerable system to 6-STABLE, 7-STABLE, or 8-STABLE, or to the RELENG_8_0, RELENG_7_2, RELENG_7_1, RELENG_6_4, or RELENG_6_3 security branch dated after the correction date. 2) To patch your present system: The following patches have been verified to apply to FreeBSD 6.3, 6.4, 7.1, 7.2, and 8.0 systems. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch http://security.FreeBSD.org/patches/SA-09:15/ssl.patch # fetch http://security.FreeBSD.org/patches/SA-09:15/ssl.patch.asc b) Execute the following commands as root: # cd /usr/src # patch < /path/to/patch # cd /usr/src/secure/lib/libcrypto # make obj && make depend && make includes && make && make install NOTE: On the amd64 platform, the above procedure will not update the lib32 (i386 compatibility) libraries. On amd64 systems where the i386 compatibility libraries are used, the operating system should instead be recompiled as described in <URL:http://www.FreeBSD.org/handbook/makeworld.html> VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. CVS: Branch Revision Path - ------------------------------------------------------------------------- RELENG_6 src/crypto/openssl/ssl/s3_pkt.c 1.1.1.10.2.1 src/crypto/openssl/ssl/s3_srvr.c 1.1.1.14.2.3 src/crypto/openssl/ssl/s3_lib.c 1.1.1.10.2.1 RELENG_6_4 src/UPDATING 1.416.2.40.2.12 src/sys/conf/newvers.sh 1.69.2.18.2.14 src/crypto/openssl/ssl/s3_pkt.c 1.1.1.10.12.1 src/crypto/openssl/ssl/s3_srvr.c 1.1.1.14.2.1.6.2 src/crypto/openssl/ssl/s3_lib.c 1.1.1.10.12.1 RELENG_6_3 src/UPDATING 1.416.2.37.2.19 src/sys/conf/newvers.sh 1.69.2.15.2.18 src/crypto/openssl/ssl/s3_pkt.c 1.1.1.10.10.1 src/crypto/openssl/ssl/s3_srvr.c 1.1.1.14.2.1.4.2 src/crypto/openssl/ssl/s3_lib.c 1.1.1.10.10.1 RELENG_7 src/crypto/openssl/ssl/s3_pkt.c 1.1.1.12.2.1 src/crypto/openssl/ssl/s3_srvr.c 1.1.1.17.2.2 src/crypto/openssl/ssl/s3_lib.c 1.1.1.13.2.1 RELENG_7_2 src/UPDATING 1.507.2.23.2.8 src/sys/conf/newvers.sh 1.72.2.11.2.9 src/crypto/openssl/ssl/s3_pkt.c 1.1.1.12.8.1 src/crypto/openssl/ssl/s3_srvr.c 1.1.1.17.2.1.2.1 src/crypto/openssl/ssl/s3_lib.c 1.1.1.13.8.1 RELENG_7_1 src/UPDATING 1.507.2.13.2.12 src/sys/conf/newvers.sh 1.72.2.9.2.13 src/crypto/openssl/ssl/s3_pkt.c 1.1.1.12.6.1 src/crypto/openssl/ssl/s3_srvr.c 1.1.1.17.6.2 src/crypto/openssl/ssl/s3_lib.c 1.1.1.13.6.1 RELENG_8 src/crypto/openssl/ssl/s3_pkt.c 1.2.2.1 src/crypto/openssl/ssl/s3_srvr.c 1.3.2.1 src/crypto/openssl/ssl/s3_lib.c 1.2.2.1 RELENG_8_0 src/UPDATING 1.632.2.7.2.4 src/sys/conf/newvers.sh 1.83.2.6.2.4 src/crypto/openssl/ssl/s3_pkt.c 1.2.4.1 src/crypto/openssl/ssl/s3_srvr.c 1.3.4.1 src/crypto/openssl/ssl/s3_lib.c 1.2.4.1 - ------------------------------------------------------------------------- Subversion: Branch/path Revision - ------------------------------------------------------------------------- stable/6/ r200054 releng/6.4/ r200054 releng/6.3/ r200054 stable/7/ r200054 releng/7.2/ r200054 releng/7.1/ r200054 - ------------------------------------------------------------------------- VII. - Loader-constraint table allows arrays instead of only the b ase-classes (CVE-2010-0082). - Policy/PolicyFile leak dynamic ProtectionDomains. (CVE-2010-0084). - File TOCTOU deserialization vulnerability (CVE-2010-0085). - Inflater/Deflater clone issues (CVE-2010-0088). - Unsigned applet can retrieve the dragged information before drop action occurs (CVE-2010-0091). - AtomicReferenceArray causes SIGSEGV -> SEGV_MAPERR error (CVE-2010-0092). - System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes (CVE-2010-0093). - Deserialization of RMIConnectionImpl objects should enforce stricter checks (CVE-2010-0094). - Subclasses of InetAddress may incorrectly interpret network addresses (CVE-2010-0095). - JAR unpack200 must verify input parameters (CVE-2010-0837). - CMM readMabCurveData Buffer Overflow Vulnerability (CVE-2010-0838). - Applet Trusted Methods Chaining Privilege Escalation Vulner ability (CVE-2010-0840). - No ClassCastException for HashAttributeSet constructors if run with -Xcomp (CVE-2010-0845) - ImagingLib arbitrary code execution vulnerability (CVE-2010-0847). - AWT Library Invalid Index Vulnerability (CVE-2010-0848). Additional security issues that was fixed with IcedTea6 1.6.2: - deprecate MD2 in SSL cert validation (CVE-2009-2409). - ICC_Profile file existence detection information leak (CVE-2009-3728). - JRE AWT setDifflCM stack overflow (CVE-2009-3869). - JRE AWT setBytePixels heap overflow (CVE-2009-3871). - JPEG Image Writer quantization problem (CVE-2009-3873). - ImageI/O JPEG heap overflow (CVE-2009-3874). - MessageDigest.isEqual introduces timing attack vulnerabilities (CVE-2009-3875). - OpenJDK ASN.1/DER input stream parser denial of service (CVE-2009-3876, CVE-2009-3877) - GraphicsConfiguration information leak (CVE-2009-3879). - UI logging information leakage (CVE-2009-3880). - resurrected classloaders can still have children (CVE-2009-3881). - Numerous static security flaws in Swing (findbugs) (CVE-2009-3882). - Mutable statics in Windows PL&F (findbugs) (CVE-2009-3883). - zoneinfo file existence information leak (CVE-2009-3884). - BMP parsing DoS with UNC ICC links (CVE-2009-3885). Additionally Paulo Cesar Pereira de Andrade (pcpa) at Mandriva found and fixed a bug in IcedTea6 1.8 that is also applied to the provided packages: * plugin/icedteanp/IcedTeaNPPlugin.cc (plugin_filter_environment): Increment malloc size by one to account for NULL terminator. Bug# 474. Packages for 2009.0 are provided due to the Extended Maintenance Program. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2409 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3728 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3869 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3871 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3873 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3874 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3875 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3876 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3877 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3879 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3880 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3881 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3882 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3883 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3884 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3885 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0082 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0084 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0085 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0088 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0091 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0092 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0093 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0095 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0837 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0838 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0840 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0845 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0848 http://article.gmane.org/gmane.comp.java.openjdk.distro-packaging.devel/8938 http://blogs.sun.com/darcy/resource/OpenJDK_6/openjdk6-b18-changes-summary.html http://icedtea.classpath.org/hg/release/icedtea6-1.8/rev/a6a02193b073 _______________________________________________________________________ Updated Packages: Mandriva Linux 2009.0: 37c14ebea4b3ceccbecba4ffea2630a6 2009.0/i586/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.0.i586.rpm 3f7ba1d78aaf5f1ca56e86fcb48e7192 2009.0/i586/java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdv2009.0.i586.rpm 12963efa8b4ea6691ba68f4e72e81e5d 2009.0/i586/java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdv2009.0.i586.rpm 6387d4381c518c5658701c114c5fcb9d 2009.0/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdv2009.0.i586.rpm f90d2a22c10b6eb30aedef13207d346c 2009.0/i586/java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdv2009.0.i586.rpm 01e62b54974a3d1b5232de0baa196e41 2009.0/i586/java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdv2009.0.i586.rpm 212262f34829af20e53fb2076fa78d25 2009.0/SRPMS/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: 630941e679a033285ddf5cb3e4c1d092 2009.0/x86_64/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.0.x86_64.rpm 6330c6dda9cf7c59a90f529bceeee17b 2009.0/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdv2009.0.x86_64.rpm c7d708c5f14d710a6bdcc352bb18a55a 2009.0/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdv2009.0.x86_64.rpm edf4b1d8efeb157bb0f19b4c4cc55935 2009.0/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdv2009.0.x86_64.rpm ac9f8227297249940b1845f3ad95165f 2009.0/x86_64/java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdv2009.0.x86_64.rpm d1ed0ce1155c85c423d0cbe47eadfa5b 2009.0/x86_64/java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdv2009.0.x86_64.rpm 212262f34829af20e53fb2076fa78d25 2009.0/SRPMS/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.0.src.rpm Mandriva Linux 2009.1: 304bc2cab18b29781bfac69d4927ddce 2009.1/i586/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.1.i586.rpm 77f0d2e2b2c04288a5aae608a2f73f1a 2009.1/i586/java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdv2009.1.i586.rpm 7ff7542b4328fd978725f8e0b02590d9 2009.1/i586/java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdv2009.1.i586.rpm 3d1bf214209ea3aef86b58962e80901e 2009.1/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdv2009.1.i586.rpm f52cf5f8d3f85b98da246963d583f6bc 2009.1/i586/java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdv2009.1.i586.rpm 87b2fd7ac9883e624e71faa993559e78 2009.1/i586/java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdv2009.1.i586.rpm 0ff2ca4dfc122a3538349ed2dab6ed81 2009.1/SRPMS/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.1.src.rpm Mandriva Linux 2009.1/X86_64: 883105d4347bb0864c7c73e4f0865066 2009.1/x86_64/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.1.x86_64.rpm ac44d41806625e0be7a55ff30bf1f0e7 2009.1/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdv2009.1.x86_64.rpm 67db7247fbf1b5be5391f33603b9148c 2009.1/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdv2009.1.x86_64.rpm 0b6e7a93df49306976453daf29a29d96 2009.1/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdv2009.1.x86_64.rpm 67e679d7aa4545a968889dcbb1a3fa8e 2009.1/x86_64/java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdv2009.1.x86_64.rpm 4042e3ae7e3b2dbdcba0e73aadd219d5 2009.1/x86_64/java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdv2009.1.x86_64.rpm 0ff2ca4dfc122a3538349ed2dab6ed81 2009.1/SRPMS/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.1.src.rpm Mandriva Linux 2010.0: f3c1bb7b091d5889a856edf93e066367 2010.0/i586/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2010.0.i586.rpm 7f717091a34f98e9547c698bf08065f5 2010.0/i586/java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdv2010.0.i586.rpm 21b8532c934559100b0dbc498ba3c52e 2010.0/i586/java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdv2010.0.i586.rpm 8711fdef27cce9af73191903f85dbcd6 2010.0/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdv2010.0.i586.rpm 1905269f878bb1c6367dedc6797f6914 2010.0/i586/java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdv2010.0.i586.rpm c5f53d24770de6704f00fdf34c87a703 2010.0/i586/java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdv2010.0.i586.rpm b789ff663963ae8b60a0d189b870907c 2010.0/SRPMS/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2010.0.src.rpm Mandriva Linux 2010.0/X86_64: 100203d38e76348f262d69d2cae8a7ba 2010.0/x86_64/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2010.0.x86_64.rpm f155019a4a22d7bf7265c67024dcbc33 2010.0/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdv2010.0.x86_64.rpm 8eaf304d6eb93212d1045adc301de385 2010.0/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdv2010.0.x86_64.rpm 2e2082bd89db22cf5fa4be2ebaceb71c 2010.0/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdv2010.0.x86_64.rpm 3e7a1849db88a8b8ddcdf30441edfcb7 2010.0/x86_64/java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdv2010.0.x86_64.rpm fbc9da5e2080972f6f8c01f23e86890f 2010.0/x86_64/java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdv2010.0.x86_64.rpm b789ff663963ae8b60a0d189b870907c 2010.0/SRPMS/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2010.0.src.rpm Mandriva Enterprise Server 5: 742a7a6dcc82962a132eadb91a2b1736 mes5/i586/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdvmes5.1.i586.rpm 3acd32ccd1fee71f07ccb4b038434ffd mes5/i586/java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdvmes5.1.i586.rpm c3358ac84dbc950752655fee46fd5e4b mes5/i586/java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdvmes5.1.i586.rpm a30ef6b33fd9ba1403ab46ef9643efdb mes5/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdvmes5.1.i586.rpm 534f95a18c4798ec80cdfe47bd1148a8 mes5/i586/java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdvmes5.1.i586.rpm e79e4bd9462096222f5b07d681b3d418 mes5/i586/java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdvmes5.1.i586.rpm 0bc580c8d4d6e57cbee939bf68743170 mes5/SRPMS/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdvmes5.1.src.rpm Mandriva Enterprise Server 5/X86_64: 180566f92a5564c747c716ecdf082c8f mes5/x86_64/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdvmes5.1.x86_64.rpm 5e05d90fe32dfce7b15db7d9e5604227 mes5/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdvmes5.1.x86_64.rpm 09506c689ed0265023861e006fbcb624 mes5/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdvmes5.1.x86_64.rpm c9ff4a3a4695c56b13268d76c355cfbe mes5/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdvmes5.1.x86_64.rpm 0a70a54c2eed68e723cbc65de63bfbff mes5/x86_64/java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdvmes5.1.x86_64.rpm 166c980a8479cd915f3507070c25508e mes5/x86_64/java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdvmes5.1.x86_64.rpm 0bc580c8d4d6e57cbee939bf68743170 mes5/SRPMS/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdvmes5.1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFL1/vUmqjQ0CJFipgRAlcyAJ9+2v53cztdo8nXoixp0vg0IuQjrACbB/vW +oOtru3I2iYRjlx04fi7wMw= =rIwa -----END PGP SIGNATURE----- . - The SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely resulting in disclosure of information. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. The gnutls_x509_crt_get_serial function in the GnuTLS library before 1.2.1, when running on big-endian, 64-bit platforms, calls the asn1_read_value with a pointer to the wrong data type and the wrong length value, which allows remote attackers to bypass the certificate revocation list (CRL) check and cause a stack-based buffer overflow via a crafted X.509 certificate, related to extraction of a serial number (CVE-2010-0731). The updated packages have been patched to correct these issues. Impact ====== An attacker could perform man-in-the-middle attacks to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority or to inject an arbitrary amount of chosen plaintext into the beginning of the application protocol stream, allowing for further exploitation. Updates for all affected architectures are available since August 6, 2010. It is likely that your system is already no longer affected by this issue. Release Date: 2009-12-21 Last Updated: 2009-12-21 Potential Security Impact: Remote unauthorized data injection, Denial of Service (DoS) Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP-UX running Apache v2.0.59.12 and earlier. The vulnerability could be exploited remotely to inject unauthorized data or to create a Denial of Service (DoS). References: CVE-2009-3555 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, B.11.31 running Apache v2.0.59.12 and previous. BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2009-3555 (AV:N/AC:L/Au:N/C:N/I:P/A:P) 6.4 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has provided the following temporary software updates to resolve the vulnerability. NOTE: The vulnerability is resolved in OpenSSL 0.9.8l. HP-UX Apache v2.0.59.X versions use statically linked libraries. HP-UX Apache v2.0.59.13 is compiled with OpenSSL 0.9.8l. Other versions of HP-UX Apache require the HP-UX OpenSSL packages recommended in HPSBUX02482 SSRT090249, available here http://www.itrc.hp.com/service/cki/secBullArchive.do To review previously published Security Bulletins visit http://www.itrc.hp.com/service/cki/secBullArchive.do The depots are available are available using ftp. Host / Account / Password ftp.usa.hp.com / sb02498 / Secure12 HP-UX Release / Temporary Depot name / SHA-1 Sum B.11.11 (IPv4 and IPv6) / Apache 2.0.59.13 PA-64-32-1111.depot / 3B6BE547403C28926482192408D5D5AB603A403D B.11.23 PA-32 / Apache 2.0.59.13 IA-PA-32-1123.depot / 4809BAF0F83F78F60B7EC73FAF584D221B1CB4A7 B.11.23 IA-64 / Apache 2.0.59.13 IA-PA-64-1123.depot / 1D65F7D49883399F4D202E16754CF7DAE71E3B47 B.11.31 PA-32 / Apache 2.0.59.13 IA-PA-32-1131.depot / 943E21D4621B480B5E8E651ACB605B8F7EA47304 B.11.31 IA-64 / Apache 2.0.59.13 IA-PA-64-1131.depot / B8836FDB73434A3C26FB411E3F7CB3211129E5AC MANUAL ACTIONS: Yes Install Apache v2.0.59.13 or subsequent PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa The following text is for use by the HP-UX Software Assistant. AFFECTED VERSIONS For Apache IPv4 and IPv6 HP-UX B.11.11 ============= hpuxwsAPACHE.APACHE hpuxwsAPACHE.APACHE2 hpuxwsAPACHE.AUTH_LDAP hpuxwsAPACHE.AUTH_LDAP2 hpuxwsAPACHE.MOD_JK hpuxwsAPACHE.MOD_JK2 hpuxwsAPACHE.MOD_PERL hpuxwsAPACHE.MOD_PERL2 hpuxwsAPACHE.PHP hpuxwsAPACHE.PHP2 hpuxwsAPACHE.WEBPROXY action: install revision B.2.0.59.13 or subsequent HP-UX B.11.23 ============= hpuxwsAPCH32.APACHE hpuxwsAPCH32.APACHE2 hpuxwsAPCH32.AUTH_LDAP hpuxwsAPCH32.AUTH_LDAP2 hpuxwsAPCH32.MOD_JK hpuxwsAPCH32.MOD_JK2 hpuxwsAPCH32.MOD_PERL hpuxwsAPCH32.MOD_PERL2 hpuxwsAPCH32.PHP hpuxwsAPCH32.PHP2 hpuxwsAPCH32.WEBPROXY hpuxwsAPACHE.APACHE hpuxwsAPACHE.APACHE2 hpuxwsAPACHE.AUTH_LDAP hpuxwsAPACHE.AUTH_LDAP2 hpuxwsAPACHE.MOD_JK hpuxwsAPACHE.MOD_JK2 hpuxwsAPACHE.MOD_PERL hpuxwsAPACHE.MOD_PERL2 hpuxwsAPACHE.PHP hpuxwsAPACHE.PHP2 hpuxwsAPACHE.WEBPROXY action: install revision B.2.0.59.13 or subsequent HP-UX B.11.31 ============= hpuxwsAPCH32.APACHE hpuxwsAPCH32.APACHE2 hpuxwsAPCH32.AUTH_LDAP hpuxwsAPCH32.AUTH_LDAP2 hpuxwsAPCH32.MOD_JK hpuxwsAPCH32.MOD_JK2 hpuxwsAPCH32.MOD_PERL hpuxwsAPCH32.MOD_PERL2 hpuxwsAPCH32.PHP hpuxwsAPCH32.PHP2 hpuxwsAPCH32.WEBPROXY hpuxwsAPACHE.APACHE hpuxwsAPACHE.APACHE2 hpuxwsAPACHE.AUTH_LDAP hpuxwsAPACHE.AUTH_LDAP2 hpuxwsAPACHE.MOD_JK hpuxwsAPACHE.MOD_JK2 hpuxwsAPACHE.MOD_PERL hpuxwsAPACHE.MOD_PERL2 hpuxwsAPACHE.PHP hpuxwsAPACHE.PHP2 hpuxwsAPACHE.WEBPROXY action: install revision B.2.0.59.13 or subsequent END AFFECTED VERSIONS HISTORY Version:1 (rev.1) - 21 December 2009 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For further information, contact normal HP Services support channel. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save. To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections. To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do * The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement." Copyright 2009 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners

The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly handle (1) HTTP headers and (2) HTML templates, which allows remote attackers to conduct cross-site scripting (XSS) attacks and HTTP response splitting attacks via vectors related to (a) the product's web interface, (b) the configuration of the print system, and (c) the titles of printed jobs, as demonstrated by an XSS attack that uses the kerberos parameter to the admin program, and leverages attribute injection and HTTP Parameter Pollution (HPP) issues. CUPS is prone to a cross-site scripting vulnerability because the software fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. NOTE: This vulnerability was originally reported in BID 36956 (Apple Mac OS X 2009-006 Multiple Security Vulnerabilities), but has been given its own record to better document it. This issue affects versions prior to CUPS 1.4.2. Mac OS X is the operating system used by the Apple family of machines. For the stable distribution (lenny), this problem has been fixed in version 1.3.8-1+lenny7. For the oldstable distribution (etch), this problem has been fixed in version 1.2.7-4+etch9. For the testing distribution (squeeze) and the unstable distribution (sid), this problem will be fixed soon. We recommend that you upgrade your cups packages. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - ------------------------------- Debian GNU/Linux 5.0 alias lenny - -------------------------------- Debian (oldstable) - ------------------ Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7.orig.tar.gz Size/MD5 checksum: 4214272 c9ba33356e5bb93efbcf77b6e142e498 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9.diff.gz Size/MD5 checksum: 112995 fe3566daa6615bcd625288ce98e9384f http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9.dsc Size/MD5 checksum: 1095 804241054cda1301d183492ea5969649 Architecture independent packages: http://security.debian.org/pool/updates/main/c/cupsys/cupsys-common_1.2.7-4+etch9_all.deb Size/MD5 checksum: 917720 bc97c75dacbd345dfd07e9397c91c38f http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.2.7-4+etch9_all.deb Size/MD5 checksum: 46524 4f95c2485efda6dc7fc306162a5b1641 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_alpha.deb Size/MD5 checksum: 72990 bf27b53404f44fcea401f8ff88de8aa2 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_alpha.deb Size/MD5 checksum: 1095268 d25ffb1cdb0d32cb3d80d6a551b355c7 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_alpha.deb Size/MD5 checksum: 184818 00aa5f531b8c3a30c6c77b926be722d2 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_alpha.deb Size/MD5 checksum: 175652 d52f9ee130bbf84d5436a71bb526f56c http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_alpha.deb Size/MD5 checksum: 95922 8d80f7b83c755b59401fa7dd0b2ca81e http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_alpha.deb Size/MD5 checksum: 1605614 26620cc74617e392217a198fbde74860 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_alpha.deb Size/MD5 checksum: 86404 5cebb372c4230f6ec95f89be9183293c http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_alpha.deb Size/MD5 checksum: 39290 429780ee5c35d47504291877979b6a15 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_amd64.deb Size/MD5 checksum: 162858 1efc0ec7be9fc17ec25aab13eeb6e169 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_amd64.deb Size/MD5 checksum: 80712 2f639382f1e7767254a39358e7a79aed http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_amd64.deb Size/MD5 checksum: 1090142 e33720ca87a04a87fe9a23b281c1bac0 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_amd64.deb Size/MD5 checksum: 86648 7eacddf27156689a52fe3b620392f734 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_amd64.deb Size/MD5 checksum: 1578128 1726cfeb573c14d325bd7d3c6ec29188 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_amd64.deb Size/MD5 checksum: 53050 342387c9d81a32530263493d8a11eb86 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_amd64.deb Size/MD5 checksum: 142540 66ff1c8c7c2bae7320d208e1ac6748c5 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_amd64.deb Size/MD5 checksum: 36356 a752bf52d8c59b7e7b16a44e6265da78 arm architecture (ARM) http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_arm.deb Size/MD5 checksum: 78688 9ee5e250e8db317459cf64f0f4d2b9e9 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_arm.deb Size/MD5 checksum: 155024 2e0ba671643828c8a208647ffc267b64 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_arm.deb Size/MD5 checksum: 85562 05a0e3e5bbcc37c3a22e5e5343bbc44d http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_arm.deb Size/MD5 checksum: 1569288 8871122b1793c0e6f24e10fb781e0cb9 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_arm.deb Size/MD5 checksum: 48948 9c51ba4c36e7fc6c4dbd2da98be31557 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_arm.deb Size/MD5 checksum: 1024098 d942cccf63a8013a157f6cd8b8091a77 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_arm.deb Size/MD5 checksum: 36760 f4f9b00a6516aaad65423afdb7cc15c3 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_arm.deb Size/MD5 checksum: 131680 8ae7ad06a988b72ec037bd8576a5401b hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_hppa.deb Size/MD5 checksum: 57248 6ce4ddf236ef42bd67a8cbdfcd433a22 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_hppa.deb Size/MD5 checksum: 91630 2351fe0384a9aacfe47d2917fad5c373 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_hppa.deb Size/MD5 checksum: 86788 4f32c2829c4e067c47d2d403a7ce4f41 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_hppa.deb Size/MD5 checksum: 1038730 ae7853cba7ba8f46eb0b8f02b32afc01 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_hppa.deb Size/MD5 checksum: 1630072 270330a3a787ab952bb8c315bff4dea3 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_hppa.deb Size/MD5 checksum: 154678 0b97726ccaf51ff69b8f29159f3def07 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_hppa.deb Size/MD5 checksum: 172288 f62575c4d075147cdab3e2b3912a28d2 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_hppa.deb Size/MD5 checksum: 40378 7dfc68f3a0de6c6a0027cf3f82f28100 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_i386.deb Size/MD5 checksum: 1558554 20697fd1df339dfe66645e41f8fdab62 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_i386.deb Size/MD5 checksum: 53226 ed047b982bccef707582c5239e6c4529 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_i386.deb Size/MD5 checksum: 79704 defeadc51fe3b8e70c248e7f7cd78eeb http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_i386.deb Size/MD5 checksum: 87582 82b5f9adc2612c3d3818d9ee619e98c2 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_i386.deb Size/MD5 checksum: 161536 cc750090dea44733d5bfa4859768fd50 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_i386.deb Size/MD5 checksum: 137800 ced35b0270e6f9576a084a848097e56c http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_i386.deb Size/MD5 checksum: 998886 599796e90c29f4adfd032f7eced8dbd6 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_i386.deb Size/MD5 checksum: 36234 47bd2806f7fa212153053cf58bfa7f1b ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_ia64.deb Size/MD5 checksum: 192380 fac2ee8208cc62269d660293987722c4 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_ia64.deb Size/MD5 checksum: 46336 537bf35bd49b91a743511ae655ea98fa http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_ia64.deb Size/MD5 checksum: 106222 41d7dfbd5f5f8989c491dd7c6256d23c http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_ia64.deb Size/MD5 checksum: 1773934 ed2f57b9532dfdd17a487cc794674254 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_ia64.deb Size/MD5 checksum: 204566 e0b3ae3cb6dcf554600cd8a6282f31c3 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_ia64.deb Size/MD5 checksum: 1109732 dc2117102927617da49909c68a4c010d http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_ia64.deb Size/MD5 checksum: 107490 e755ddc16e79d95f5e717cdda6b8b66a http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_ia64.deb Size/MD5 checksum: 74382 2625f53f6a81c275e6b3600b6f83e40e mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_mips.deb Size/MD5 checksum: 158354 8c52640f70fd6bd724e48bf3aa5ddaf6 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_mips.deb Size/MD5 checksum: 1569908 6e4b324f3d4ef8630c4a8a1d8d373a10 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_mips.deb Size/MD5 checksum: 1100238 265ebdea306b57efaa192601902c6152 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_mips.deb Size/MD5 checksum: 76154 a2b996d1dced2ccf1d0b325e403ad76e http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_mips.deb Size/MD5 checksum: 57670 e7496d3c9ff40b21841004011d984ab0 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_mips.deb Size/MD5 checksum: 36110 2e6233c94a391e3c12a42fb242b90c0d http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_mips.deb Size/MD5 checksum: 150984 c4b5d5c3e84d1558a3a9779f8a44880e http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_mips.deb Size/MD5 checksum: 87150 252b222f10710ac818eaa39d0e62d1d0 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_mipsel.deb Size/MD5 checksum: 158900 8fef7b67a8b23b8410cad13581d3c87f http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_mipsel.deb Size/MD5 checksum: 1089172 4026204ebe8cd1e3aca31fabd5c4751d http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_mipsel.deb Size/MD5 checksum: 36056 72c3532a5db151edc04ddcf5230d10ae http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_mipsel.deb Size/MD5 checksum: 1555346 7d1c3413c07ce587bcbc6b0825b27aa1 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_mipsel.deb Size/MD5 checksum: 57798 e38bc41a4cee06be91e5ca90eaa834d6 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_mipsel.deb Size/MD5 checksum: 150896 010940ad9b6f216f58055dee0c05720e http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_mipsel.deb Size/MD5 checksum: 77452 1bf693a139ca808f0ddfde50daeb3951 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_mipsel.deb Size/MD5 checksum: 87318 e6aadf01613a8363e9a77dabda1cc7b0 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_powerpc.deb Size/MD5 checksum: 89456 ce774884f9f2d60d53b9738087b1997c http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_powerpc.deb Size/MD5 checksum: 41338 6470a2c554400bf5d76df57a10c59b1a http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_powerpc.deb Size/MD5 checksum: 163538 f312c95edac480e335383282e658afa4 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_powerpc.deb Size/MD5 checksum: 1148886 2867ed7850c711eb45802ee198667b6c http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_powerpc.deb Size/MD5 checksum: 136252 ead19e10b92e029542cf17b378a567fc http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_powerpc.deb Size/MD5 checksum: 89566 03ad548ff0f04c960eb4f242dc46251d http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_powerpc.deb Size/MD5 checksum: 51924 f25670cf80cd3d7558da75c315305725 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_powerpc.deb Size/MD5 checksum: 1584292 238dcd774ade788f8bd22094c45a1330 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_s390.deb Size/MD5 checksum: 37416 996dfcb6fb6f65d8f13b7dae44e19dcf http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_s390.deb Size/MD5 checksum: 144934 ce53888a5d6fb6546cea3a29554dc617 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_s390.deb Size/MD5 checksum: 1039580 aa0880a0c055113199e8f7c7bbdb2478 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_s390.deb Size/MD5 checksum: 167056 4a769af5c2d19121705021fa93f50754 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_s390.deb Size/MD5 checksum: 1589794 9dfd00c1deacfda509f538cee7713da4 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_s390.deb Size/MD5 checksum: 88248 1d05ee6ddb20e514e6c99fe31399f2d5 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_s390.deb Size/MD5 checksum: 52516 fb5a46492d2a20e430af75e816924b35 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_s390.deb Size/MD5 checksum: 82330 16608e47717961ab5ae7a00d73bed368 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_sparc.deb Size/MD5 checksum: 78514 690e8cc7cc8cec06cfbff7bce25484c5 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_sparc.deb Size/MD5 checksum: 994252 5085b682f7e0c7ec22be63843cd3f015 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_sparc.deb Size/MD5 checksum: 51784 9bd7bf8d93316b8a59d98541101cbc73 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_sparc.deb Size/MD5 checksum: 139562 c783267048e5410b6ab38dadf6b92fd7 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_sparc.deb Size/MD5 checksum: 36024 29fbb1ae8a6be5647d0d1eae4dbe35aa http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_sparc.deb Size/MD5 checksum: 159428 42067c27bab2c7e5dc0da63f92ce073b http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_sparc.deb Size/MD5 checksum: 1564572 83de8732694d0cc2aa0cd70636c89917 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_sparc.deb Size/MD5 checksum: 85628 a06afa2268b22d071eec37a6a0f558ad Debian (stable) - --------------- Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7.diff.gz Size/MD5 checksum: 188585 2f134119c9ab17213747ad55cd3abdf5 http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8.orig.tar.gz Size/MD5 checksum: 4796827 10efe9825c1a1dcd325be47a6cc21faf http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7.dsc Size/MD5 checksum: 1838 598e0194241cb4b10e6ea6264c620f11 Architecture independent packages: http://security.debian.org/pool/updates/main/c/cups/cupsys-client_1.3.8-1+lenny7_all.deb Size/MD5 checksum: 52150 fcd78609b6330b7cac8eebf77d90551b http://security.debian.org/pool/updates/main/c/cups/libcupsys2_1.3.8-1+lenny7_all.deb Size/MD5 checksum: 52148 64539574b4ba2f2bdde5cfe8a5bb404a http://security.debian.org/pool/updates/main/c/cups/cupsys-dbg_1.3.8-1+lenny7_all.deb Size/MD5 checksum: 52146 899bfa5316f20775298b3d05e2e66ce9 http://security.debian.org/pool/updates/main/c/cups/cupsys-bsd_1.3.8-1+lenny7_all.deb Size/MD5 checksum: 52148 7cf6e014adbf027f70c5be49eb8ca71d http://security.debian.org/pool/updates/main/c/cups/cupsys-common_1.3.8-1+lenny7_all.deb Size/MD5 checksum: 52150 0d536e8ea0f7bdbebe13163779e3d4f4 http://security.debian.org/pool/updates/main/c/cups/libcupsys2-dev_1.3.8-1+lenny7_all.deb Size/MD5 checksum: 52158 7876f928d67e4f50f752a1af537d5d96 http://security.debian.org/pool/updates/main/c/cups/cupsys_1.3.8-1+lenny7_all.deb Size/MD5 checksum: 52132 b55b302d127310628d5e5969828c90ba http://security.debian.org/pool/updates/main/c/cups/cups-common_1.3.8-1+lenny7_all.deb Size/MD5 checksum: 1174986 c6fed6d41ec1e486fc11ee5a632d4fb0 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_alpha.deb Size/MD5 checksum: 2100558 63e7858512acf957df56b998c2890862 http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_alpha.deb Size/MD5 checksum: 179252 8c451eb372aab1a00e5ab852bbb16aa1 http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_alpha.deb Size/MD5 checksum: 118462 891f827943c1fcd54a427bd69a5907f1 http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_alpha.deb Size/MD5 checksum: 37994 ce1a404f568126985fc9480e8f4d5d34 http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_alpha.deb Size/MD5 checksum: 1144620 3c164140815a4c6df3ddfc6ae93950b9 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_alpha.deb Size/MD5 checksum: 108568 eaaf105093f5f2ec429ccdc1064b6721 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_alpha.deb Size/MD5 checksum: 81502 b5437c0bf2576174a46fea03ea11a446 http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_alpha.deb Size/MD5 checksum: 446024 53ff55379c20c80ae0a63e70f43edf7a amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_amd64.deb Size/MD5 checksum: 398418 80f6b9037d8d40264bdd353c717bf316 http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_amd64.deb Size/MD5 checksum: 2053110 f64a171669c6f0fa931ef50a409771f0 http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_amd64.deb Size/MD5 checksum: 168524 713d8df4f1c3946bb40b604f49656d55 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_amd64.deb Size/MD5 checksum: 61044 0aa9904819ab2da5339a5b4e28ffe59a http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_amd64.deb Size/MD5 checksum: 1196946 978ae6594fb203b6d507220725854f98 http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_amd64.deb Size/MD5 checksum: 117084 1b712fc7ceaa991aec6066d17c3d8a03 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_amd64.deb Size/MD5 checksum: 99838 13e57d407ac2bac36c7077ebb5259748 http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_amd64.deb Size/MD5 checksum: 37148 9f2d8c0ca7a37a225d7ce1723eba3829 arm architecture (ARM) http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_arm.deb Size/MD5 checksum: 386376 57fc5eb1b60843db37cc1560b34657ba http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_arm.deb Size/MD5 checksum: 154852 cdfe93b0117b4d7ad86e097848f56a72 http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_arm.deb Size/MD5 checksum: 2059778 bc505f53c123e86f61e0208bd0a5d361 http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_arm.deb Size/MD5 checksum: 1119820 b567be834797c76ffb5a664e398bc34e http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_arm.deb Size/MD5 checksum: 112910 6f17df41cbb09df50155199f9be963a6 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_arm.deb Size/MD5 checksum: 55578 f4b763671e94082fbf85803d45ecd392 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_arm.deb Size/MD5 checksum: 96992 051d9fb6750b876d06191fb7e355e9ac http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_arm.deb Size/MD5 checksum: 36312 166cc83ac06c835703410efd4765deab armel architecture (ARM EABI) http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_armel.deb Size/MD5 checksum: 37670 81910b769bfbc1349c0b153ad9164d92 http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_armel.deb Size/MD5 checksum: 157710 aca520902431f9719aa580f098a03628 http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_armel.deb Size/MD5 checksum: 386566 d977a3c0fda5314a6c71484987949f73 http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_armel.deb Size/MD5 checksum: 117932 ba1d3d8a1858053b0183961d82a09ebe http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_armel.deb Size/MD5 checksum: 1132990 bb1d93250d6fca508cfff4997e605040 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_armel.deb Size/MD5 checksum: 55010 447b83ce0df1e08e3cbe914981ea413d http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_armel.deb Size/MD5 checksum: 2085014 f55b91ec749afcb1379aeca406b16f8f http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_armel.deb Size/MD5 checksum: 98412 b7cc38ea409402878d9b2e78fd627a42 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_hppa.deb Size/MD5 checksum: 119870 a9351e7030124a64654c5dbf2d748b57 http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_hppa.deb Size/MD5 checksum: 38172 02d9783ce625e884a7ffb5a6ea4fbdc2 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_hppa.deb Size/MD5 checksum: 103156 8d7ae253b7155cc5d230f0ac7d3c88e6 http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_hppa.deb Size/MD5 checksum: 1138966 b46cff43879618898839dc38f8c276de http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_hppa.deb Size/MD5 checksum: 63126 264faa52eb7b76b7ba3af3854f3ab6cc http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_hppa.deb Size/MD5 checksum: 172700 34bf188a372a5101789842c4b2bbd5c8 http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_hppa.deb Size/MD5 checksum: 2119306 a5b452236f9e35cb754c76105158114b http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_hppa.deb Size/MD5 checksum: 409118 0b899d323223726af53c0ac7f51fb98e i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_i386.deb Size/MD5 checksum: 396398 a0b5f18275849bf02dbdc626cf805c1d http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_i386.deb Size/MD5 checksum: 60438 59a35fa422c60d5adc9dff540706337a http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_i386.deb Size/MD5 checksum: 1095692 fc5f6cc06799f5c00c943f9379db64be http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_i386.deb Size/MD5 checksum: 99362 39bcf5f4db639ccd311870d9e90e7545 http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_i386.deb Size/MD5 checksum: 36492 febb3dc6f35605754664c84f0681cdd1 http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_i386.deb Size/MD5 checksum: 165512 f063ca52a622599e17be45bfda802830 http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_i386.deb Size/MD5 checksum: 2057466 86304106605edfb61db25d14a74429ea http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_i386.deb Size/MD5 checksum: 114902 954a28c392b37ded2ffc21bab16efaab ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_ia64.deb Size/MD5 checksum: 139092 9d9f826faf7a99009aafb25c7deb637e http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_ia64.deb Size/MD5 checksum: 123498 9377b05d42466021c1420362d3bb0157 http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_ia64.deb Size/MD5 checksum: 447534 783bb7f09f0dd7ebb82b168285ed3d2c http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_ia64.deb Size/MD5 checksum: 2283614 8c700df25e12cb4ac24d5884a77e8cef http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_ia64.deb Size/MD5 checksum: 1150652 e89ea87fa2fa750cf7385ef3f8efc9e5 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_ia64.deb Size/MD5 checksum: 86010 db2d06c843ddfdc86d75eaa6c8f07248 http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_ia64.deb Size/MD5 checksum: 209138 4fbbef77787d20f8c7f828a02a504757 http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_ia64.deb Size/MD5 checksum: 41290 854227929b82c27f1645f401ddd2ea08 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_mips.deb Size/MD5 checksum: 2049028 ba814726491cf18adc33b978cdf41ebf http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_mips.deb Size/MD5 checksum: 157944 2f2a6f1e03a329dd9bfe66aefc042e78 http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_mips.deb Size/MD5 checksum: 405610 0d67a4c1476444a5bb7da06f04b0fe1a http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_mips.deb Size/MD5 checksum: 1172578 d4329dafd5542e0128668a590898fb2e http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_mips.deb Size/MD5 checksum: 108484 9a4fcffe8fdaf374474c5ea0c8d7c8f5 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_mips.deb Size/MD5 checksum: 98750 51447de9ba4558914df798f65058b6c9 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_mips.deb Size/MD5 checksum: 65290 7879c6993282cc2cc1efb3d5872b06b8 http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_mips.deb Size/MD5 checksum: 36010 d670bc2bd607cc2625d4011fc8af900e mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_mipsel.deb Size/MD5 checksum: 1158288 d8b64c43ee3f0e59cc31660873f1834e http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_mipsel.deb Size/MD5 checksum: 158360 8197e028f08047fda6557b6b6fc9d3f3 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_mipsel.deb Size/MD5 checksum: 65214 715dcb4022b19252c1eea1b784884310 http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_mipsel.deb Size/MD5 checksum: 36160 c94fe31c9b1e23e5753806cf033bf34f http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_mipsel.deb Size/MD5 checksum: 98910 2da6b027dc7b588830d98e798f784f0b http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_mipsel.deb Size/MD5 checksum: 2030054 28c9e99b851466e97e50c5712fe3342f http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_mipsel.deb Size/MD5 checksum: 403242 f8b494cf670baee9b65c8e6cc39080d4 http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_mipsel.deb Size/MD5 checksum: 109970 bf6fc87864ec7230506e5fd7c7abcd8b powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_powerpc.deb Size/MD5 checksum: 136082 318d392ca604759afb280639cac8b03c http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_powerpc.deb Size/MD5 checksum: 61152 985c626435a88fd3446dc88a447d2c9b http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_powerpc.deb Size/MD5 checksum: 174320 57e2e7b2e6fd39ad63a1ba17e7194f40 http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_powerpc.deb Size/MD5 checksum: 394250 fde0e239f7e24e2ba4ee42e6596c60ba http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_powerpc.deb Size/MD5 checksum: 104862 51a12f1bb7a775ddca43c10945639dfb http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_powerpc.deb Size/MD5 checksum: 44204 f285bf023a4680b7da64118d586e1d5e http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_powerpc.deb Size/MD5 checksum: 2124674 d8c9de7eef052dd764d66188837d86c9 http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_powerpc.deb Size/MD5 checksum: 1191028 1b4729142f6cdda734027dda48752afd s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_s390.deb Size/MD5 checksum: 171654 0d53ed748c513498f55341ba19cfde32 http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_s390.deb Size/MD5 checksum: 2092930 7aef582c65b9873a66cd3e632acbec6e http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_s390.deb Size/MD5 checksum: 1190710 884a98297180cc5c5bace0204ac48148 http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_s390.deb Size/MD5 checksum: 118578 9ec07d8c2bdc5a9645d6d32c460357e7 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_s390.deb Size/MD5 checksum: 60714 a37d661adbf755636f2b1f9340d4a96a http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_s390.deb Size/MD5 checksum: 101620 bb3e1691cf3fa70e880823db340aa835 http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_s390.deb Size/MD5 checksum: 37804 5d817c9fa3eb1ebea486d0f0244384a5 http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_s390.deb Size/MD5 checksum: 399768 b1bdeedfe5bfe453de5ee9f065f169bf sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_sparc.deb Size/MD5 checksum: 2067200 1b832d51127c5a3cdf1d2f9f15fbbc9f http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_sparc.deb Size/MD5 checksum: 57760 9be4f682c78cce9c7d0e80a5d6ed3f61 http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_sparc.deb Size/MD5 checksum: 1049966 1c15bf61b0f26558c8d3eb49a8aaf682 http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_sparc.deb Size/MD5 checksum: 160982 6eda428d97d49e0b90d143599ac019f5 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_sparc.deb Size/MD5 checksum: 97212 d57b0db0765d63f354d44a3aa4799f56 http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_sparc.deb Size/MD5 checksum: 392614 124cc14e2eeceea46a513424d40860f5 http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_sparc.deb Size/MD5 checksum: 38826 ae41ac61dab018ddb25f84f517076d3e http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_sparc.deb Size/MD5 checksum: 116488 a91a68f4eaaf11f8666f0d07da26bf23 These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkr40h0ACgkQ62zWxYk/rQcmrQCfT/1a/+FSdezaW1pc/iHM/jLN jrgAoI1qnCASB/CO/zVZea8yTWpEXuc+ =mK8e -----END PGP SIGNATURE----- . Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information (CVE-2009-3553). Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7, 1.3.9, 1.3.10, and 1.4.1, when kqueue or epoll is used, allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-3553 (CVE-2010-0302). The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with format string specifiers (CVE-2010-0393). The updated packages have been patched to correct these issues. Update: Packages for Mandriva Linux 2010.0 was missing with MDVSA-2010:073. This advisory provides packages for 2010.0 as well. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2820 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3553 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0302 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0393 _______________________________________________________________________ Updated Packages: Mandriva Linux 2010.0: ba3d43f654fd15aea9f81eadb57c3022 2010.0/i586/cups-1.4.1-12.1mdv2010.0.i586.rpm b1f275796b029190380e40ae23ae8ed0 2010.0/i586/cups-common-1.4.1-12.1mdv2010.0.i586.rpm 296b30522aa7c008767c6b285aa4b715 2010.0/i586/cups-serial-1.4.1-12.1mdv2010.0.i586.rpm b3abb3c2299c1cb32848c0ee5954eed8 2010.0/i586/libcups2-1.4.1-12.1mdv2010.0.i586.rpm d91c255a1e42e5988f1d8d2d94ffd369 2010.0/i586/libcups2-devel-1.4.1-12.1mdv2010.0.i586.rpm ba336d918bbe9d03cf4fa823293bfb37 2010.0/i586/php-cups-1.4.1-12.1mdv2010.0.i586.rpm c3aee001d1629963053f475a49b7cd5d 2010.0/SRPMS/cups-1.4.1-12.1mdv2010.0.src.rpm Mandriva Linux 2010.0/X86_64: 7c089025f467e5b366e57a15e85857ce 2010.0/x86_64/cups-1.4.1-12.1mdv2010.0.x86_64.rpm 0e0e4ad3a4d42022d22a88ee8568f8bf 2010.0/x86_64/cups-common-1.4.1-12.1mdv2010.0.x86_64.rpm cb7b4cadce5a174bbd4027f478b38c26 2010.0/x86_64/cups-serial-1.4.1-12.1mdv2010.0.x86_64.rpm 653bd25375281b919c6438e71052359d 2010.0/x86_64/lib64cups2-1.4.1-12.1mdv2010.0.x86_64.rpm 7bebd27fa6ce2aa5667d28fd7b06702e 2010.0/x86_64/lib64cups2-devel-1.4.1-12.1mdv2010.0.x86_64.rpm 34452fc88d7a16591eb653a32c6daa28 2010.0/x86_64/php-cups-1.4.1-12.1mdv2010.0.x86_64.rpm c3aee001d1629963053f475a49b7cd5d 2010.0/SRPMS/cups-1.4.1-12.1mdv2010.0.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFLxclfmqjQ0CJFipgRAmhmAJ4qtZ7GxqbmNOSfJeozcsqRCBvAsACg2vG+ NRt/ytxq5LWHwOAGFnOKnIw= =ayqT -----END PGP SIGNATURE----- . =========================================================== Ubuntu Security Notice USN-856-1 November 10, 2009 cups, cupsys vulnerability CVE-2009-2820 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 Ubuntu 9.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: cupsys 1.2.2-0ubuntu0.6.06.15 Ubuntu 8.04 LTS: cupsys 1.3.7-1ubuntu3.6 Ubuntu 8.10: cups 1.3.9-2ubuntu9.3 Ubuntu 9.04: cups 1.3.9-17ubuntu3.4 Ubuntu 9.10: cups 1.4.1-5ubuntu2.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Aaron Sigel discovered that the CUPS web interface incorrectly protected against cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks. If an authenticated user were tricked into visiting a malicious website while logged into CUPS, a remote attacker could modify the CUPS configuration and possibly steal confidential data. Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.15.diff.gz Size/MD5: 104771 87e69cec16a6ce946d9596058c0261d1 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.15.dsc Size/MD5: 1060 87fa569bd9079b3f9ae30a7f5b1f3ed8 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2.orig.tar.gz Size/MD5: 4070384 2c99b8aa4c8dc25c8a84f9c06aa52e3e Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.2.2-0ubuntu0.6.06.15_all.deb Size/MD5: 996 5d9f34a7f057bea3779c75981ca1d7e5 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.15_amd64.deb Size/MD5: 36226 a186aaa1808f0fa03cff48951770b61b http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.15_amd64.deb Size/MD5: 81904 a73eba03491711b206001709bac3a550 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.15_amd64.deb Size/MD5: 2288926 bdb47ce648589b90bd4a10dbdc94f5bb http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.15_amd64.deb Size/MD5: 6096 0b87c751ab9a74660e413a0f69d68712 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.15_amd64.deb Size/MD5: 77794 0c51a6a20c0007ce2f8c3be394db475b http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.15_amd64.deb Size/MD5: 25744 c440f5af5a1d0be9283b80eb0f4d0c83 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.15_amd64.deb Size/MD5: 130490 06fa7d92ad32a77ea5199ba83d673f2a i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.15_i386.deb Size/MD5: 34774 829f4e4086e8adb0eba77bcb58ecee0b http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.15_i386.deb Size/MD5: 77974 a7bf3198c8b5fa6da7e857e6eb8416eb http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.15_i386.deb Size/MD5: 2256010 fcd1236998321b7a8c65b3d318ee7023 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.15_i386.deb Size/MD5: 6096 6bb5d1d19ec1fc2f1875805f17e779a6 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.15_i386.deb Size/MD5: 76904 c61e67f0700f841e2da1e5602268df71 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.15_i386.deb Size/MD5: 25742 9d736132828e8565b7d4f87fd06f9ae1 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.15_i386.deb Size/MD5: 122698 03f0cc40b9f63ad05067f977f1743afc powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.15_powerpc.deb Size/MD5: 40470 b13d7d7e2ebfd52f7935f230592b977a http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.15_powerpc.deb Size/MD5: 89554 fdf6dc49944611171160ca2e9b668886 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.15_powerpc.deb Size/MD5: 2303628 854768b41f63c26d0213a12c4bdcea6d http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.15_powerpc.deb Size/MD5: 6092 014972a73d49bcfc876b9f35b6a17ce4 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.15_powerpc.deb Size/MD5: 79440 7644cf7dd4d0ec99cddca2b0db13c510 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.15_powerpc.deb Size/MD5: 25744 b2fa52250a676c06edc8bfed7719fbb9 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.15_powerpc.deb Size/MD5: 128460 55fe9c48706da675b81bb83e4466be5a sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.15_sparc.deb Size/MD5: 35396 abe44a6d16984d98b3c3e5b4991d5fd6 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.15_sparc.deb Size/MD5: 78720 c84169c3254bb33d641641b80101dee6 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.15_sparc.deb Size/MD5: 2289862 1a82a4d1bda122225e1338ce3ec45962 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.15_sparc.deb Size/MD5: 6096 1b282763cbeea2fd8b5dff2e105eb3bc http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.15_sparc.deb Size/MD5: 76716 c7772687eaa66a7b68796c4105f01987 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.15_sparc.deb Size/MD5: 25746 39f480cdac828972f58628088263b84b http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.15_sparc.deb Size/MD5: 124188 df1f99d038d093827ad90caf192e6fe3 Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.6.diff.gz Size/MD5: 138908 1f4c6bba57e34c8b0445bd657f018518 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.6.dsc Size/MD5: 1441 ca6956a573222ee58f15c60a90782325 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7.orig.tar.gz Size/MD5: 4700333 383e556d9841475847da6076c88da467 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.7-1ubuntu3.6_all.deb Size/MD5: 1144326 600452c68fc842fa1137cd56cdb2cc95 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.6_amd64.deb Size/MD5: 37532 65e462f458840b27ee0aa3a828460c06 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.6_amd64.deb Size/MD5: 89990 fe90d7c0a97abe9cc428d80ddebaefa6 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.6_amd64.deb Size/MD5: 1882364 f756fa793fdb0374f5bbf08c711733a1 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.6_amd64.deb Size/MD5: 60810 8e03369bfad4b19fc04980faab219f3b http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.6_amd64.deb Size/MD5: 50220 3a9bf5779d6af022cb3ae7d18a8cd23e http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.6_amd64.deb Size/MD5: 344936 e8ab75c73b8afe80dea4a5e2edb25ff7 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.6_amd64.deb Size/MD5: 178260 b0980c5d1c4236a5ba8c65daf3a82045 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.6_i386.deb Size/MD5: 36948 f9a0258caa98d72b8ff90524c4b6838f http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.6_i386.deb Size/MD5: 88408 adde906bb679cae1d3ee998a3d17da65 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.6_i386.deb Size/MD5: 1864908 c3bd3e8f2ea8a061938fc832788322f2 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.6_i386.deb Size/MD5: 60086 31c04f13fc3f1ee19a98a3d55c57b664 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.6_i386.deb Size/MD5: 49862 58fffaafbf57e7cb948dcc7b90f5f686 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.6_i386.deb Size/MD5: 339358 0aa0767fe15c5b67de4acc5651cbda2b http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.6_i386.deb Size/MD5: 175110 e9a577ef206d7e0467a7344c237a774c lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.6_lpia.deb Size/MD5: 36656 1787515e8c02e5093a714361f0f9cc2f http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.6_lpia.deb Size/MD5: 88744 ae737319f0a10ddc0efe7b3d81c2e3d3 http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.6_lpia.deb Size/MD5: 1866968 6faef7d9fe0c114700d26a7d6a114e1d http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.6_lpia.deb Size/MD5: 60490 e604f70078c332415b5c4e736b9bf20f http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.6_lpia.deb Size/MD5: 50808 f18d90468c7de32208dcd755b7b1710f http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.6_lpia.deb Size/MD5: 337018 dd7a5ba2b1da8316655e01c6a15f2227 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.6_lpia.deb Size/MD5: 174036 2b92d3854cdd18ea9723cb20ba827a19 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.6_powerpc.deb Size/MD5: 46934 31b017c71fa40d9ebbd54eb9da83b00a http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.6_powerpc.deb Size/MD5: 110828 67cd5c1d59adc436f7ea8390e087fa71 http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.6_powerpc.deb Size/MD5: 1951172 29af30483fa378cc08687f8274b5820e http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.6_powerpc.deb Size/MD5: 59934 0ce64a7415f4a42890834e8615c4665a http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.6_powerpc.deb Size/MD5: 54920 9283343babb780c9524dc592de14292d http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.6_powerpc.deb Size/MD5: 341670 771bc58593ea3c07bdeb3df5f168ab5b http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.6_powerpc.deb Size/MD5: 184002 989fd37b0bf831eb847264a634fdf9ef sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.6_sparc.deb Size/MD5: 38028 174419b4c0abdd61484e425f01610210 http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.6_sparc.deb Size/MD5: 91028 31cd2ac8fd872d978edb21b975870e10 http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.6_sparc.deb Size/MD5: 1899750 51a378e29cbf0f8cf7660b2b56419199 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.6_sparc.deb Size/MD5: 57826 f19bbe276d3d2b6c77312256a1960efd http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.6_sparc.deb Size/MD5: 48216 76cdedba99120c1d30930dd230794010 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.6_sparc.deb Size/MD5: 341394 230070d09d4ef210d9cb346a1f2a191a http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.6_sparc.deb Size/MD5: 173922 5131154538109753d0bf8cbfc2541c99 Updated packages for Ubuntu 8.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.3.diff.gz Size/MD5: 333061 7330706de0300ff8fdf726f3947c8591 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.3.dsc Size/MD5: 2043 45087adf6eeff3c066199bb22f0fd2b0 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9.orig.tar.gz Size/MD5: 4809771 e6f2d90491ed050e5ff2104b617b88ea Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.3.9-2ubuntu9.3_all.deb Size/MD5: 1163036 0dc85ed980aec7d0ca47204a75509ae1 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-bsd_1.3.9-2ubuntu9.3_all.deb Size/MD5: 58406 481ebb8e769372ae687ab7ddf7327906 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-client_1.3.9-2ubuntu9.3_all.deb Size/MD5: 58414 e7ca2633acec5df8dab00059dde56b2c http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.3.9-2ubuntu9.3_all.deb Size/MD5: 58410 a9db719c1ce851adb8b6f1b3a0292fd3 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys_1.3.9-2ubuntu9.3_all.deb Size/MD5: 58402 963fab3a432f3fbaeed5bf7e75e93189 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsys2-dev_1.3.9-2ubuntu9.3_all.deb Size/MD5: 58414 6c6b2fbd1483536ce5b0b84f2942eac0 http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.3.9-2ubuntu9.3_all.deb Size/MD5: 4524 8a04eee20e31ba3d4db226b94e806ffa http://security.ubuntu.com/ubuntu/pool/universe/c/cups/libcupsys2_1.3.9-2ubuntu9.3_all.deb Size/MD5: 58410 f6d280e42e630216364ce4e9b3136117 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.3_amd64.deb Size/MD5: 37294 341fa919b705a94131b06993bc1306ca http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.3_amd64.deb Size/MD5: 119768 439a3382fd8b8f693067eea48c2fbb75 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.3_amd64.deb Size/MD5: 1684258 2a89e2b4214dc1c9655958f45c1e00ce http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.3_amd64.deb Size/MD5: 2174130 dd2f8e5999162a4a3ead263c52fa6a72 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.3_amd64.deb Size/MD5: 352190 d88f098ca2df6ca6550d54174de65f80 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.3_amd64.deb Size/MD5: 173382 733cac3f769a1c52558642fe10a1bfb5 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.3_amd64.deb Size/MD5: 61314 0d99a1cff97c0784d4696afaba555293 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.3_amd64.deb Size/MD5: 52314 10a5f5634ddea63b458f4238f66d3f99 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.3_i386.deb Size/MD5: 36214 72d3ce2e7cf9d7a56764957c507a622e http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.3_i386.deb Size/MD5: 115352 b55209a22d3e27ccdafdede9ef5377a8 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.3_i386.deb Size/MD5: 1544420 508fb74502494b68cb5bf3794aff56a6 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.3_i386.deb Size/MD5: 2141140 c3b8f6e371dcac9a00c8ee219ecb0da1 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.3_i386.deb Size/MD5: 345996 55f1960c0a948ec3ec1f6bb677122af7 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.3_i386.deb Size/MD5: 170330 09bbbc7e202e8a656a7a8629eb573cdc http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.3_i386.deb Size/MD5: 60544 bedf6b86e68b3de6fcf82cee0279cc7a http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.3_i386.deb Size/MD5: 51720 009a1818552a2b23b95718a42beb7525 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.3_lpia.deb Size/MD5: 36022 2096f92303c88a6fb46eaf667ee8c97b http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.3_lpia.deb Size/MD5: 114514 f57873ae6357e865ad727c1420d838a1 http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.3_lpia.deb Size/MD5: 1573394 b002825eba4a5a5aad9203e846f42a8d http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.3_lpia.deb Size/MD5: 2138032 aafe118649a62ef824a31747237863a3 http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.3_lpia.deb Size/MD5: 342976 9bf54204f2c3f4b580337478cc22c457 http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.3_lpia.deb Size/MD5: 168554 069c4f08a44b5e46c67394d8024e95eb http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.3_lpia.deb Size/MD5: 60628 dc313ec6bd4ad41888a34992064edcb7 http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.3_lpia.deb Size/MD5: 52392 5886c4bff162dc7c37dbab5fb8edc793 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.3_powerpc.deb Size/MD5: 43570 3acb58e49bdb265105c8c85d62b3c0f9 http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.3_powerpc.deb Size/MD5: 138178 2aec882da8d417fc0d697591f0615dfd http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.3_powerpc.deb Size/MD5: 1664346 3d7e4d2e7e013350b57353c855d516a9 http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.3_powerpc.deb Size/MD5: 2266006 729bfb459a25c0bf4ac77324fdcbda08 http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.3_powerpc.deb Size/MD5: 347978 420d3ef4ce4e26ff4c318148f8096438 http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.3_powerpc.deb Size/MD5: 177652 0ee07a4050ce0d3ac386367992baf460 http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.3_powerpc.deb Size/MD5: 61268 fb32593477a6556744d30c101a7e2d7f http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.3_powerpc.deb Size/MD5: 57450 259fe729e86bbb840397ab3ab743aa88 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.3_sparc.deb Size/MD5: 37208 186537b71f462834d7e0042f9854a2a8 http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.3_sparc.deb Size/MD5: 117628 84b8143dc57f77c22f1ced6de81e621a http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.3_sparc.deb Size/MD5: 1492506 8eb12df3c0fe54d2a451b8c7fdeacffd http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.3_sparc.deb Size/MD5: 2202788 6144f2913f70ea29abc24f94e747309f http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.3_sparc.deb Size/MD5: 344786 37263ca6477d26b0069bbe4d48107a16 http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.3_sparc.deb Size/MD5: 166470 5da8682bbcb6ae6a67bed5e3d19c745c http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.3_sparc.deb Size/MD5: 57860 470f78d4513016627a1a18659f054e0f http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.3_sparc.deb Size/MD5: 49794 3c99682d1fd2e494dadc9654fa452a17 Updated packages for Ubuntu 9.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.4.diff.gz Size/MD5: 335454 b82f7db3a8bcfa9d3e93d1534b88e4b9 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.4.dsc Size/MD5: 1994 c6ac782dbbb04a8a775f62541e76a31c http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9.orig.tar.gz Size/MD5: 4809771 e6f2d90491ed050e5ff2104b617b88ea Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.3.9-17ubuntu3.4_all.deb Size/MD5: 1165440 5e5bf6235af398e25167d85876b634c1 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.3.9-17ubuntu3.4_all.deb Size/MD5: 60696 37e4136782a9a165f13e8f3b94c4f9fe http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsys2-dev_1.3.9-17ubuntu3.4_all.deb Size/MD5: 60708 dd229fccbb8ccae2ccb054c25b4c5994 http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-bsd_1.3.9-17ubuntu3.4_all.deb Size/MD5: 60694 c657f3a0791603065a5cf67eb8e5e194 http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-client_1.3.9-17ubuntu3.4_all.deb Size/MD5: 60700 8ee570b8b489e97493e2d4d783d75ed9 http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.3.9-17ubuntu3.4_all.deb Size/MD5: 4522 08c65389dbb6f9626ada34ad06d9b2bf http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys_1.3.9-17ubuntu3.4_all.deb Size/MD5: 60692 5b51d759aa47528de1dfa7d9c42fc26c http://security.ubuntu.com/ubuntu/pool/universe/c/cups/libcupsys2_1.3.9-17ubuntu3.4_all.deb Size/MD5: 60696 db06a18f2cef2fc5c6f0495474d49add amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.4_amd64.deb Size/MD5: 37310 22991bc6d3baa0b3afa0db4532465284 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.4_amd64.deb Size/MD5: 119738 860a7bbf2861f4042832eb029c31a446 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.4_amd64.deb Size/MD5: 1659750 5e22db8ad5bd95b010563ae65ff3f228 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.4_amd64.deb Size/MD5: 2170068 cf6798e1de2477a3f8320bb5ecfbc589 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.4_amd64.deb Size/MD5: 352132 ec1e110dc766771b6c5fab0e39c59e40 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.4_amd64.deb Size/MD5: 177592 601031c57026090350eaf94c759a15eb http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.4_amd64.deb Size/MD5: 61268 60e1ff066280cc55800c18cb804f2f4e http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.4_amd64.deb Size/MD5: 52218 269daec8f3f73b8b4b16407498c1fd05 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.4_i386.deb Size/MD5: 36236 2ab79e7b6645e36dd7c2a4cbcb17b521 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.4_i386.deb Size/MD5: 115308 5b8bfbd49572609010ff85e4ecc40a6c http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.4_i386.deb Size/MD5: 1519390 c9695938dae4fe6073aef5392caf8a6c http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.4_i386.deb Size/MD5: 2136394 6b7bbb0d01cf0622410dd9d4c4376558 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.4_i386.deb Size/MD5: 345980 c2f9a9283d71dddc23e56b3e622d0c24 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.4_i386.deb Size/MD5: 174200 4108f0c04a0ec92a4194ed2df8c37f0f http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.4_i386.deb Size/MD5: 60500 e691c2405ed5cd5572a966914db68ade http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.4_i386.deb Size/MD5: 51540 39eb1f820a11ce3c25c9011e1ef98a9b lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.4_lpia.deb Size/MD5: 36040 cbce23be76ca47db07aa74a82102312a http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.4_lpia.deb Size/MD5: 114514 c183acb169b907cb5dbe7c4ba8b48a35 http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.4_lpia.deb Size/MD5: 1547628 817a2ea820c9f3f1dfc8794bcd1c69ee http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.4_lpia.deb Size/MD5: 2133908 e4c4d9f860d24e0c2f90fb6560db5057 http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.4_lpia.deb Size/MD5: 342932 be341b8686a73586144d028093fdaed7 http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.4_lpia.deb Size/MD5: 172396 da4f011567b8a08b48f549c91599b319 http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.4_lpia.deb Size/MD5: 60666 3be2eeaacbe6a47748ae963e5886385c http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.4_lpia.deb Size/MD5: 52342 5a98f1739f1f0415479613061432c6eb powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.4_powerpc.deb Size/MD5: 43562 534f1caca68a72a3e76710a9000f459a http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.4_powerpc.deb Size/MD5: 138140 d828d31864e344e2786928975c7c9f95 http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.4_powerpc.deb Size/MD5: 1635484 81b3e0169f72e4923bf4bb4daff26c13 http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.4_powerpc.deb Size/MD5: 2257642 0e339166b7323218a1085c0c82fd7a7c http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.4_powerpc.deb Size/MD5: 347900 a50d10218fce3b68203159bc371293f0 http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.4_powerpc.deb Size/MD5: 183046 f29e604a14a2bc69a9bd79cc51d52ae9 http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.4_powerpc.deb Size/MD5: 61312 e7b9ca29914ee9affec5e4d27e06e459 http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.4_powerpc.deb Size/MD5: 57406 68c55bbe03177f37c7dfba9936c68bea sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.4_sparc.deb Size/MD5: 37206 d7adafff178271caa1fb4589563d505d http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.4_sparc.deb Size/MD5: 117568 ea4127fb28b66a99869fe1a8e6db7175 http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.4_sparc.deb Size/MD5: 1464072 870d238bb2767b5a9b903ac0ac1c2dd3 http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.4_sparc.deb Size/MD5: 2203838 7325f07f8a427a5bbd50d6d1b00133aa http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.4_sparc.deb Size/MD5: 344720 a7caefd896fc92ef2973ff77e534551d http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.4_sparc.deb Size/MD5: 170030 53208da1a634caac02d1f9064e94ff7f http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.4_sparc.deb Size/MD5: 57856 42ebb0a99156e6e9cb8120b6ca085d95 http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.4_sparc.deb Size/MD5: 49694 cbd420eb793c89d633c15f7141493533 Updated packages for Ubuntu 9.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.1.diff.gz Size/MD5: 414079 ec1b2785e204040587d379dd0e641ad1 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.1.dsc Size/MD5: 2272 965843554a241b6a33a579a0e2a5d654 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1.orig.tar.gz Size/MD5: 5287327 4dc8f431ef50752dfd61d9d4959abd06 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.4.1-5ubuntu2.1_all.deb Size/MD5: 1418920 46b9803e26d485beb81d8a4f0dd59cc6 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.4.1-5ubuntu2.1_all.deb Size/MD5: 68976 8dba96de9fd5dddc605cb3a655125f8f http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsddk_1.4.1-5ubuntu2.1_all.deb Size/MD5: 68936 fb5282d11eca79ee314306b2ff3e047a http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-bsd_1.4.1-5ubuntu2.1_all.deb Size/MD5: 68970 521a313d0ba7caa9c1b1abe954cad9d2 http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-client_1.4.1-5ubuntu2.1_all.deb Size/MD5: 68974 db0c05a24ad39d36a3504e4001585339 http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.4.1-5ubuntu2.1_all.deb Size/MD5: 4548 2f09755aaeab6a7c55210f69056ef983 http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys_1.4.1-5ubuntu2.1_all.deb Size/MD5: 68964 ee633cb6426259e9040925c4c0bd9cb4 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.1_amd64.deb Size/MD5: 36728 99e15138c49f7647158ac567cea140f2 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.1_amd64.deb Size/MD5: 120314 b6a4fca33212ac0f3f0a0d28c284a0fa http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.1_amd64.deb Size/MD5: 88944 8e16293ce4bbee4d25452621a5d8bb3c http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.1_amd64.deb Size/MD5: 1909510 f4e99cb68478a7543045c5d96b2492f6 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.1_amd64.deb Size/MD5: 210280 4efe70259bd68bab99d6af37e3b83d44 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.1_amd64.deb Size/MD5: 218154 57ac48d56cf39cccafaa41c761ee0831 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.1_amd64.deb Size/MD5: 101138 cc401d5fe9eaebe5ccb3d05fc081fca5 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.1_amd64.deb Size/MD5: 31578 65cb6d0b7c31f42d1e4dc7a558cb6247 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.1_amd64.deb Size/MD5: 89540 c37c83f1307577413832478e6c530c7a http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.1_amd64.deb Size/MD5: 22190 3fc0bf084d35bd59b65d6b05564f616e http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.1_amd64.deb Size/MD5: 61526 8d87cbc9fdf86f9b3f36a31f885903ee http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.1_amd64.deb Size/MD5: 53162 22462bb90ed221ae87f3aaf82c6e15e6 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.1_amd64.deb Size/MD5: 80478 a196b04873b8a4538794141fb050f7c4 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.1_amd64.deb Size/MD5: 15500 d585e4169708c121fc331ad76bc6734c http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.1_amd64.deb Size/MD5: 142366 e8ed05502ab69c842622a8bd1c1ce2b6 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.1_amd64.deb Size/MD5: 60100 fa37462e2be306dc2e59941ad7152b16 http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.1_amd64.deb Size/MD5: 34534 135edf4eb2c710ff5223b465a2458a49 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.1_i386.deb Size/MD5: 35468 a4f9880fc829b12ff07236426f64fb9b http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.1_i386.deb Size/MD5: 115372 9e0333d6e7334936505eab56c7b40007 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.1_i386.deb Size/MD5: 88104 7e19734ed0db1a1d8a8037002171ea55 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.1_i386.deb Size/MD5: 1867734 7ed73f246e05368ebba018162cd290a2 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.1_i386.deb Size/MD5: 199348 d3ddbf19d7989889cf7719bdf991e509 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.1_i386.deb Size/MD5: 212228 149a9c34f3adff0b7477cd47b18637fd http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.1_i386.deb Size/MD5: 100414 7e2f5ffc6c1a6304d59ccdcdfec17b1a http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.1_i386.deb Size/MD5: 31372 476160c932e4f9f65c683ab895896694 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.1_i386.deb Size/MD5: 89752 a35544f5d710449bb1c4f976114c0d40 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.1_i386.deb Size/MD5: 22058 0e1b563c11d5f4557cdc6c7772c4ee52 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.1_i386.deb Size/MD5: 60316 af61360870c910dbe75ab3175bd79324 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.1_i386.deb Size/MD5: 52406 294706c65b211dc84b6303e7b6c8a621 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.1_i386.deb Size/MD5: 80458 8e2ff90e6d15b94c283f37353ad0b618 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.1_i386.deb Size/MD5: 15208 5e206398efb3de6f94ed622e5834ccd1 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.1_i386.deb Size/MD5: 140852 0b2dc7bc7be253083a1a8a5d3a82b166 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.1_i386.deb Size/MD5: 61432 4dfac9d783c15467c903c3c5f5e3ad10 http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.1_i386.deb Size/MD5: 32806 09aaa4f71966bca96c284e31d2ab50ab lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.1_lpia.deb Size/MD5: 35442 201aa82511a54c6faa7f658f6911f5ca http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.1_lpia.deb Size/MD5: 115232 36be681d1f598c5b063608da5e21b119 http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.1_lpia.deb Size/MD5: 88070 95ee10203129918b87f5981c0feb9e6f http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.1-5ubuntu2.1_lpia.deb Size/MD5: 1865396 df7a85287e16825a455fbe501f5f3aab http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.1_lpia.deb Size/MD5: 196694 9464af9dfe4aa84dd770ba4dc8840970 http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.1_lpia.deb Size/MD5: 210766 c68f89f92f843f3a22c8b15c308a2c24 http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.1_lpia.deb Size/MD5: 99822 b8ac152be2e01ba5fa140b467efcbbc5 http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.1_lpia.deb Size/MD5: 31204 2228b4e2d9b7c9bfa77f86975128838d http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.1_lpia.deb Size/MD5: 89176 bbedc8721d5e71b2f65b3a9b8fb8b559 http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.1_lpia.deb Size/MD5: 21772 fe557a92668bc1c56dd375b82a6631e3 http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.1_lpia.deb Size/MD5: 59954 3aba2f186b5d9fcd1904b16713530b36 http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.1_lpia.deb Size/MD5: 52568 73b85f807859d09b4642911b95bbac6c http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.1_lpia.deb Size/MD5: 80406 98585805ac88d962655a0ce9691124f7 http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.1_lpia.deb Size/MD5: 15300 b74531b670ea8e804e75c2787a718e55 http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.1_lpia.deb Size/MD5: 141194 c33231f3557dc58a3db03a5bc33b3993 http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.1_lpia.deb Size/MD5: 62662 d744fd1f968312b4cf6d8c43adb46be8 http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.1_lpia.deb Size/MD5: 33260 6c0faa6d9cbd47081129bc340b1df4dd powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.1_powerpc.deb Size/MD5: 37006 542560af6515508437474629720d23b5 http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.1_powerpc.deb Size/MD5: 121726 3ed4a4acad8e622600b15a548ece010f http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.1_powerpc.deb Size/MD5: 88690 b1751eaada5bfb6ef930cbf293a9820d http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.1-5ubuntu2.1_powerpc.deb Size/MD5: 1930968 f2141ef292d9d393f5b64611ac8d97c7 http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.1_powerpc.deb Size/MD5: 203490 99bef00a40b96891cda75f5bbc6d59a8 http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.1_powerpc.deb Size/MD5: 222890 847cc9438c701f8829e28f4c77013fc1 http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.1_powerpc.deb Size/MD5: 100380 65ce9fffb183b88fce1b07e896131957 http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.1_powerpc.deb Size/MD5: 33344 765416fd0fcc436f23a0132fc55ea1ee http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.1_powerpc.deb Size/MD5: 88948 ebbdf4d99d1f7a8b666ff790abed4e3c http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.1_powerpc.deb Size/MD5: 22312 1e144c65199ac01b65c6773754f44da6 http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.1_powerpc.deb Size/MD5: 60624 892688a051441152af7e32f5def6b6a0 http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.1_powerpc.deb Size/MD5: 55372 f855c16a48edddc765cce6fa833ef37b http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.1_powerpc.deb Size/MD5: 80910 109a28f3068a9d82b039582b8017fc61 http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.1_powerpc.deb Size/MD5: 15790 4264515ba0e3bb544b24de41d2b7097b http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.1_powerpc.deb Size/MD5: 140458 f108dcc4edfd300d2639e0e330a22ad3 http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.1_powerpc.deb Size/MD5: 64956 45f6e3d1aefa1e8a3577d3198a798357 http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.1_powerpc.deb Size/MD5: 34784 c431eef32a2b7858e9e6de4fe799ca0d sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.1_sparc.deb Size/MD5: 36064 7d325abd728d6110b71317174ebbb293 http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.1_sparc.deb Size/MD5: 117962 6120775c6ec78d8d16573e350b1562f2 http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.1_sparc.deb Size/MD5: 88522 bf8a9279b1119862d4622c4ca43b1687 http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.1-5ubuntu2.1_sparc.deb Size/MD5: 1954476 049fd252226ac45ba96ac0cd9e098035 http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.1_sparc.deb Size/MD5: 201448 5e04b7604a8bd88776dbe9e1ce772d47 http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.1_sparc.deb Size/MD5: 209786 7d96c58efb78c81c22978b9a6702060e http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.1_sparc.deb Size/MD5: 102028 70799968a9451b0f1ef69284c8fd2fb0 http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.1_sparc.deb Size/MD5: 31558 95e7d5e402fcba5354642e11a08b1020 http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.1_sparc.deb Size/MD5: 89148 d4449b25673539fe5a94c2fe62e3608c http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.1_sparc.deb Size/MD5: 21380 d9ebc7d03b38e102f4c22ec6defc3ecd http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.1_sparc.deb Size/MD5: 58158 f836d37fb4d6d173e8d8e5d2867b6a45 http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.1_sparc.deb Size/MD5: 50290 9026505395d96d5618a4174466a7f867 http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.1_sparc.deb Size/MD5: 79672 5a50031c8b0249ef07d0649c395ec80c http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.1_sparc.deb Size/MD5: 14382 dd754302ed02f4812bd09d939700aa67 http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.1_sparc.deb Size/MD5: 143678 ba37f34a8a06502b81730b6d2a01fee4 http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.1_sparc.deb Size/MD5: 61446 9a91de8d93701a2f9e2c282fe43748ed http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.1_sparc.deb Size/MD5: 33866 736cd09302ee78f8d6d7d05f207bc1dd

Buffer overflow in the UCCompareTextDefault API in International Components for Unicode in Apple Mac OS X 10.5.8 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. Successfully exploiting this issue may allow attackers to execute arbitrary code with the privileges of the affected application. Failed exploit attempts will likely result in a denial-of-service condition. This issue affects the following: Mac OS X 10.5.8 and prior Mac OS X Server 10.5.8 and prior NOTE: This issue was previously covered in BID 36956 (Apple Mac OS X 2009-006 Multiple Security Vulnerabilities), but has been assigned its own record to better document it

IOKit in Apple Mac OS X before 10.6.2 allows local users to modify the firmware of a (1) USB or (2) Bluetooth keyboard via unspecified vectors. Successful exploits may lead to other attacks

Buffer overflow in FTP Server in Apple Mac OS X before 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a CWD command specifying a pathname in a deeply nested hierarchy of directories, related to a "CWD command line tool.". Apple Mac OS X is prone to a buffer-overflow vulnerability that affects the FTP component. Successful exploits may allow attackers to execute arbitrary code within the context of the application. Failed exploit attempts will likely result in a denial-of-service condition. NOTE: This issue was previously covered in BID 36956 (Apple Mac OS X 2009-006 Multiple Security Vulnerabilities), but has been assigned its own record to better document it. Issuing CWD commands to deeply nested directory structures may lead to unexpected application termination or arbitrary code execution