VARIoT IoT vulnerabilities database
| VAR-200904-0511 | CVE-2009-1348 | McAfee VirusScan Used in products such as AV Vulnerabilities that can be avoided in the engine |
CVSS V2: 7.6 CVSS V3: - Severity: HIGH |
The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive. Multiple McAfee products are prone to a vulnerability that may allow certain compressed archives to bypass the scan engine.
Successful exploits will allow attackers to distribute files containing malicious code that the antivirus application will fail to detect.
The issue affects all McAfee software that uses DAT files. ----------------------------------------------------------------------
Secunia is pleased to announce the release of the annual Secunia
report for 2008.
Highlights from the 2008 report:
* Vulnerability Research
* Software Inspection Results
* Secunia Research Highlights
* Secunia Advisory Statistics
Request the full 2008 Report here:
http://secunia.com/advisories/try_vi/request_2008_report/
Stay Secure,
Secunia
----------------------------------------------------------------------
TITLE:
McAfee Products Archive Handling Security Bypass
SECUNIA ADVISORY ID:
SA34949
VERIFY ADVISORY:
http://secunia.com/advisories/34949/
DESCRIPTION:
Some weaknesses have been reported in various McAfee products, which
can be exploited by malware to bypass the scanning functionality.
The weaknesses are caused due to errors in the handling of archive
file formats (e.g.
SOLUTION:
Update .DAT files to DAT 5600 or later.
http://www.mcafee.com/apps/downloads/security_updates/dat.asp
PROVIDED AND/OR DISCOVERED BY:
* Thierry Zoller
* The vendor also credits Mickael Roger.
ORIGINAL ADVISORY:
McAfee:
https://kc.mcafee.com/corporate/index?page=content&id=SB10001&actp=LIST_RECENT
Thierry Zoller:
http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
. ________________________________________________________________________
From the low-hanging-fruit-department - Mcafee multiple generic evasions
________________________________________________________________________
Release mode: Coordinated but limited disclosure.
Ref : TZO-182009 - Mcafee multiple generic evasions
WWW : http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html
Vendor : http://www.mcafee.com
Status : Patched
CVE : CVE-2009-1348 (provided by mcafee)
https://kc.mcafee.com/corporate/index?page=content&id=SB10001&actp=LIST_RECENT
Security notification reaction rating : very good
Notification to patch window : +-27 days (Eastern holidays in between)
Disclosure Policy :
http://blog.zoller.lu/2008/09/notification-and-disclosure-policy.html
Affected products :
- McAfee VirusScan\xae Plus 2009
- McAfee Total Protection\x99 2009
- McAfee Internet Security
- McAfee VirusScan USB
- McAfee VirusScan Enterprise
- McAfee VirusScan Enterprise Linux
- McAfee VirusScan Enterprise for SAP
- McAfee VirusScan Enterprise for Storage
- McAfee VirusScan Commandline
- Mcafee SecurityShield for Microsoft ISA Server
- Mcafee Security for Microsoft Sharepoint
- Mcafee Security for Email Servers
- McAfee Email Gateyway
- McAfee Total Protection for Endpoint
- McAfee Active Virus Defense
- McAfee Active VirusScan
It is unkown whether SaaS were affected (tough likely) :
- McAfee Email Security Service
- McAfee Total Protection Service Advanced
I. Background
~~~~~~~~~~~~~
Quote: "McAfee proactively secures systems and networks from known
and as yet undiscovered threats worldwide. Home users, businesses,
service providers, government agencies, and our partners all trust
our unmatched security expertise and have confidence in our
comprehensive and proven solutions to effectively block attacks
and prevent disruptions."
II. Description
~~~~~~~~~~~~~~~
The parsing engine can be bypassed by a specially crafted and formated
RAR (Headflags and Packsize),ZIP (Filelenght) archive.
III. Impact
~~~~~~~~~~~
A general description of the impact and nature of AV Bypasses/evasions
can be read at :
http://blog.zoller.lu/2009/04/case-for-av-bypassesevasions.html
The bug results in denying the engine the possibility to inspect
code within RAR and ZIP archives. There is no inspection of the content
at all and hence the impossibility to detect malicious code.
IV. Disclosure timeline
~~~~~~~~~~~~~~~~~~~~~~~~~
DD/MM/YYYY
04/04/2009 : Send proof of concept RAR I, description the terms under which
I cooperate and the planned disclosure date
06/04/2009 : Send proof of concept RAR II, description the terms under which
I cooperate and the planned disclosure date
06/04/2009 : Mcafee acknowledges receipt and reproduction of RAR I, ack
acknowledges receipt of RARII
10/04/2009 : Send proof of concept ZIP I, description the terms under which
I cooperate and the planned disclosure date
21/04/2009 : Mcafee provides CVE number CVE-2009-1348
28/04/2009 : Mcafee informs me that the patch might be released on the 29th
29/04/2009 : Mcafee confirms patch release and provides URL
https://kc.mcafee.com/corporate/index?page=content&id=SB10001&actp=LIST_RECENT
29/04/2009 : Ask for affected versions
29/04/2009 : Mcafee replies " This issue does affect all vs engine products, including
both gateway and endpoint"
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/. Description
~~~~~~~~~~~~~~~
Improper parsing of the PDF structure leads to evasion of detection of
malicious PDF documents at scantime and runtime.
This has been tested with several malicious PDF files and represents
a generic evasion of all PDF signatures and heuristics.
General information about evasion/bypasses can be found at :
http://blog.zoller.lu/2009/04/case-for-av-bypassesevasions.html
III. Impact
~~~~~~~~~~~
Known PDF exploits/malware may evade signature detection, 0day exploits
may evade heuristics. Disclosure timeline
~~~~~~~~~~~~~~~~~~~~~~~~~
DD.MM.YYYY
01.06.2009 - Reported
20.10.2009 - McAfee informed us that they published the advisory on their website
< waiting for others vendors to patch >
27.10.2009 - G-SEC releases this advisory
About G-SEC
~~~~~~~~~~~
G-SEC\x99 is a vendor independent luxemburgish led IT security consulting
group. More information available at : http://www.g-sec.lu/
_______________________________________________
Full-Disclosure - We believe in it. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability
intelligence source on the market.
Implement it through Secunia
| VAR-200905-0194 | CVE-2009-1572 | Quagga of BGP Service disruption in daemon ( crash ) Vulnerabilities |
CVSS V2: 5.0 CVSS V3: - Severity: Medium |
The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote attackers to cause a denial of service (crash) via an AS path containing ASN elements whose string representation is longer than expected, which triggers an assert error. Quagga is prone to a remote denial-of-service vulnerability.
Exploiting this issue allows remote attackers to cause the vulnerable process to crash, denying further service to legitimate users.
Quagga 0.99.11 is vulnerable; other versions may also be affected. ----------------------------------------------------------------------
Are you missing:
SECUNIA ADVISORY ID:
Critical:
Impact:
Where:
within the advisory below?
This is now part of the Secunia commercial solutions.
-- Debian GNU/Linux 5.0 alias lenny --
Source archives:
http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10.orig.tar.gz
Size/MD5 checksum: 2424191 c7a2d92e1c42214afef9b2e1cd4b5d06
http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2.diff.gz
Size/MD5 checksum: 40070 b72e19ed913b32923cf4ef293c67f71c
http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2.dsc
Size/MD5 checksum: 1651 a8ef80d57fd5a5a5b08c7ccc70e6a179
Architecture independent packages:
http://security.debian.org/pool/updates/main/q/quagga/quagga-doc_0.99.10-1lenny2_all.deb
Size/MD5 checksum: 661226 720947423143cb35eb5c26a0d420066b
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_alpha.deb
Size/MD5 checksum: 1902736 570becd04ecb3dd8a0581010884928df
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_amd64.deb
Size/MD5 checksum: 1748838 f3fcd731d119c422463c36bb4f08be1a
arm architecture (ARM)
http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_arm.deb
Size/MD5 checksum: 1449222 6b654e2d4e1a4f00169309ebbbd3dbf9
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_hppa.deb
Size/MD5 checksum: 1681872 8894106d57df0a3d92bb84f148150c2d
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_i386.deb
Size/MD5 checksum: 1606310 80046937a2da8a949a8167f753a583ce
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_mipsel.deb
Size/MD5 checksum: 1600660 716f61415932929c2f668f99faea448e
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_powerpc.deb
Size/MD5 checksum: 1715848 995194031d563994b7d77018d8a4ca3e
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_s390.deb
Size/MD5 checksum: 1794568 b1b47e8dae153461f73c98a61c653e1e
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_sparc.deb
Size/MD5 checksum: 1670342 18f98f0978f510ac18636ca1ccc9dfe7
-- Debian GNU/Linux unstable alias sid --
Fixed in version 0.99.11-2.
Updated packages are available that bring Quagga to version 0.99.12
which provides numerous bugfixes over the previous 0.99.9 version,
and also corrects this issue.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1572
_______________________________________________________________________
Updated Packages:
Corporate 4.0:
48c1d2504e08d2a26ac6ace2bc01124d corporate/4.0/i586/libquagga0-0.99.12-0.1.20060mlcs4.i586.rpm
df93a452f47b8926f65a51231dd11f36 corporate/4.0/i586/libquagga0-devel-0.99.12-0.1.20060mlcs4.i586.rpm
d2386e488423fbb81e44cb6dda4de9df corporate/4.0/i586/quagga-0.99.12-0.1.20060mlcs4.i586.rpm
d4b9c5e2cec03ce49a76adcfe0e4a42e corporate/4.0/i586/quagga-contrib-0.99.12-0.1.20060mlcs4.i586.rpm
15e76c29c25f7730eae72c18da15b772 corporate/4.0/SRPMS/quagga-0.99.12-0.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
afc986d05e0bde73541f0cfe5b147d2c corporate/4.0/x86_64/lib64quagga0-0.99.12-0.1.20060mlcs4.x86_64.rpm
4cc0bec07f2b919abeac75dc06d7f3c0 corporate/4.0/x86_64/lib64quagga0-devel-0.99.12-0.1.20060mlcs4.x86_64.rpm
3d606fef235993483e9a448665e4e377 corporate/4.0/x86_64/quagga-0.99.12-0.1.20060mlcs4.x86_64.rpm
f549ced36115d6609ac835c5aca0863d corporate/4.0/x86_64/quagga-contrib-0.99.12-0.1.20060mlcs4.x86_64.rpm
15e76c29c25f7730eae72c18da15b772 corporate/4.0/SRPMS/quagga-0.99.12-0.1.20060mlcs4.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFKBsjAmqjQ0CJFipgRAkoyAJ4o+uz6I6p3tycZQfB5GbqTsTL5TwCgjJHK
lIRHZW4+jB0P4UXMSyVUpxo=
=2fxe
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
. ===========================================================
Ubuntu Security Notice USN-775-1 May 12, 2009
quagga vulnerability
CVE-2009-1572
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
quagga 0.99.2-1ubuntu3.5
Ubuntu 8.04 LTS:
quagga 0.99.9-2ubuntu1.2
Ubuntu 8.10:
quagga 0.99.9-6ubuntu0.1
Ubuntu 9.04:
quagga 0.99.11-1ubuntu0.1
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
It was discovered that the BGP service in Quagga did not correctly
handle certain AS paths containing 4-byte ASNs. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability
intelligence source on the market.
Implement it through Secunia.
For more information visit:
http://secunia.com/advisories/business_solutions/
Alternatively request a call from a Secunia representative today to
discuss how we can help you with our capabilities contact us at:
sales@secunia.com
----------------------------------------------------------------------
TITLE:
SUSE Update for Multiple Packages
SECUNIA ADVISORY ID:
SA35685
VERIFY ADVISORY:
http://secunia.com/advisories/35685/
DESCRIPTION:
SUSE has issued an update for multiple packages. This fixes some
vulnerabilities, which can be exploited by malicious users to
disclose sensitive information, manipulate certain data, and by
malicious people to disclose sensitive information, cause a DoS
(Denial of Service), and potentially compromise a vulnerable system.
For more information:
SA33338
SA33853
SA33884
SA34035
SA34481
SA34746
SA34797
SA35021
SA35128
SA35216
SA35296
SA35344
SA35422
1) A boundary error exists within the "pg_db_putline()" function in
perl-DBD-Pg's dbdimp.c. This can be exploited to cause a heap-based
buffer overflow if malicious rows are retrieved from the database
using the "pg_getline()" or "getline()" function.
2) A memory leak exists within the function "dequote_bytea()" in
perl-DBD-Pg's quote.c, which can be exploited to cause a memory
exhaustion.
3) Various integer overflow errors exist within the "pdftops"
application. This can be exploited to e.g. cause a crash or
potentially execute arbitrary code by printing a specially crafted
PDF file.
4) A vulnerability is caused due to an assertion error in bgpd when
handling an AS path containing multiple 4 byte AS numbers, which can
be exploited to crash to the daemon by advertising specially crafted
AS paths.
SOLUTION:
Apply updated packages via YaST Online Update or the SUSE FTP server.
ORIGINAL ADVISORY:
SUSE-SR:2009:012:
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
OTHER REFERENCES:
SA33338:
http://secunia.com/advisories/33338/
SA33853:
http://secunia.com/advisories/33853/
SA33884:
http://secunia.com/advisories/33884/
SA34035:
http://secunia.com/advisories/34035/
SA34481:
http://secunia.com/advisories/34481/
SA34746:
http://secunia.com/advisories/34746/
SA34797:
http://secunia.com/advisories/34797/
SA35021:
http://secunia.com/advisories/35021/
SA35128:
http://secunia.com/advisories/35128/
SA35216:
http://secunia.com/advisories/35216/
SA35296:
http://secunia.com/advisories/35296/
SA35344:
http://secunia.com/advisories/35344/
SA35422:
http://secunia.com/advisories/35422/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-200904-0687 | No CVE | Multiple Trend Micro Products RAR/ZIP/CAB Files Scan Evasion Vulnerability |
CVSS V2: - CVSS V3: - Severity: - |
Multiple Trend Micro products are prone to a vulnerability that may allow certain compressed archives to bypass the scan engine.
Successful exploits will allow attackers to distribute files containing malicious code that the antivirus application will fail to detect.
ServerProtect for Microsoft Windows/Novell NetWare
ServerProtect for EMC Celerra
ServerProtect for NetApp
ServerProtect for Linux
ServerProtect for Network Appliance Filers
Internet Security Pro Internet Security
OfficeScan Component
Worry Free Business Security - Standard
Worry Free Business Security - Advanced
Worry Free Business Security Hosted
Housecall
InterScan Web Security Suite
InterScan Web Protect for ISA
InterScan Messaging Security Appliance
Neatsuite Advanced
ScanMail for Exchange
ScanMail for Domino Suites
| VAR-200907-0162 | CVE-2009-2452 | Citrix Licensing Vulnerabilities in unknown details |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Multiple unspecified vulnerabilities in Citrix Licensing 11.5 have unknown impact and attack vectors, related to "underlying components of the License Management Console.".
The impact of this vulnerability is currently unknown.
Very few details are available regarding this issue. We will update this BID as more information emerges.
Citrix Licensing 11.5 is vulnerable. ----------------------------------------------------------------------
Secunia is pleased to announce the release of the annual Secunia
report for 2008.
SOLUTION:
Update to the latest version of the Licensing Server.
https://www.citrix.com/site/SS/downloads/
PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.
ORIGINAL ADVISORY:
http://support.citrix.com/article/CTX120742
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-200904-0554 | CVE-2009-1480 | index.php Pragyan CMS In SQL Injection vulnerability |
CVSS V2: 7.5 CVSS V3: - Severity: HIGH |
SQL injection vulnerability in index.php Pragyan CMS 2.6.4 allows remote attackers to execute arbitrary SQL commands via the fileget parameter in a view action and other unspecified vectors. Pragyan CMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Pragyan CMS 2.6.4 is vulnerable; other versions may also be affected
| VAR-200905-0178 | CVE-2009-1605 | SumatraPDF Heap-based buffer overflow vulnerability |
CVSS V2: 9.3 CVSS V3: 5.4 Severity: HIGH |
Heap-based buffer overflow in the loadexponentialfunc function in mupdf/pdf_function.c in MuPDF in the mupdf-20090223-win32 package, as used in SumatraPDF 0.9.3 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF file. NOTE: some of these details are obtained from third party information. MuPDF is prone to a remote code-execution vulnerability.
An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the application or crash the application, denying service to legitimate users. ----------------------------------------------------------------------
Secunia is pleased to announce the release of the annual Secunia
report for 2008.
Highlights from the 2008 report:
* Vulnerability Research
* Software Inspection Results
* Secunia Research Highlights
* Secunia Advisory Statistics
Request the full 2008 Report here:
http://secunia.com/advisories/try_vi/request_2008_report/
Stay Secure,
Secunia
----------------------------------------------------------------------
TITLE:
MuPDF "loadexponentialfunc()" Buffer Overflow Vulnerability
SECUNIA ADVISORY ID:
SA34916
VERIFY ADVISORY:
http://secunia.com/advisories/34916/
DESCRIPTION:
c has discovered a vulnerability in MuPDF, which can be exploited by
malicious people to potentially compromise an application using the
library.
The vulnerability is caused due to a boundary error within the
"loadexponentialfunc()" function in pdf_function.c.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is confirmed in the MuPDF library included in the
mupdf-20090223-win32 package. Other versions may also be affected.
SOLUTION:
Do not process untrusted PDF files using the library.
PROVIDED AND/OR DISCOVERED BY:
c
ORIGINAL ADVISORY:
http://archives.neohapsis.com/archives/fulldisclosure/2009-04/0258.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-200905-0190 | CVE-2009-1558 | Cisco Linksys WVC54GCA Wireless camcorder adm/file.cgi Vulnerable to directory traversal |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
Directory traversal vulnerability in adm/file.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allows remote attackers to read arbitrary files via a %2e. (encoded dot dot) or an absolute pathname in the next_file parameter. Linksys WVC54GCA Wireless-G Internet Home Monitoring Camera is prone to multiple directory-traversal vulnerabilities because the software fails to sufficiently sanitize user-supplied input.
An attacker can exploit these issues using directory-traversal strings ('../') to download arbitrary files with the privileges of the server process. Information obtained may aid in further attacks.
Linksys WVC54GCA Wireless-G Internet Home Monitoring Camera firmware 1.00R22 and 1.00R24 are affected; other versions may also be vulnerable. The Linksys WVC54GCA is a wireless network camera
| VAR-200904-0218 | CVE-2009-0064 | Symantec Brightmail Gateway Appliance of Control Center Vulnerability gained in |
CVSS V2: 9.0 CVSS V3: - Severity: HIGH |
Multiple unspecified vulnerabilities in the Control Center in Symantec Brightmail Gateway Appliance before 8.0.1 allow remote authenticated users to gain privileges, and possibly obtain sensitive information or hijack sessions of arbitrary users, via vectors involving (1) administrative scripts or (2) console functions. Symantec Brightmail Gateway is prone to a remote privilege-escalation vulnerability.
Remote authorized attackers who have access to the targeted host's local network can exploit this issue to gain elevated access. Successful exploits may compromise the affected computer and may aid in other attacks.
Versions prior to Brightmail Gateway 8.0.1 are vulnerable. Brightmail Gateway is Symantec's information security management platform. ----------------------------------------------------------------------
Secunia is pleased to announce the release of the annual Secunia
report for 2008.
Highlights from the 2008 report:
* Vulnerability Research
* Software Inspection Results
* Secunia Research Highlights
* Secunia Advisory Statistics
Request the full 2008 Report here:
http://secunia.com/advisories/try_vi/request_2008_report/
Stay Secure,
Secunia
----------------------------------------------------------------------
TITLE:
Symantec Brightmail Gateway Control Center Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA34885
VERIFY ADVISORY:
http://secunia.com/advisories/34885/
DESCRIPTION:
Some vulnerabilities have been reported in Symantec Brightmail
Gateway, which can be exploited by malicious people to conduct
cross-site scripting attacks and by malicious users to bypass certain
security restrictions.
1) Certain unspecified input passed to the Control Center is not
properly sanitised before being returned to the user. This can be
exploited to execute arbitrary HTML and script code in a user's
browser session in context of an affected site.
SOLUTION:
Update to version 8.0.1 or later.
PROVIDED AND/OR DISCOVERED BY:
Marian Ventuneac, Perot Systems
ORIGINAL ADVISORY:
SYM09-005:
http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090423_01
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-200905-0191 | CVE-2009-1559 | Cisco Linksys WVC54GCA On wireless camcorder adm/file.cgi Vulnerable to absolute path traversal |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
Absolute path traversal vulnerability in adm/file.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R24 and possibly 1.00R22 allows remote attackers to read arbitrary files via an absolute pathname in the this_file parameter. NOTE: traversal via a .. (dot dot) is probably also possible. Wvc54gca is prone to a directory traversal vulnerability. Linksys WVC54GCA Wireless-G Internet Home Monitoring Camera is prone to multiple directory-traversal vulnerabilities because the software fails to sufficiently sanitize user-supplied input.
An attacker can exploit these issues using directory-traversal strings ('../') to download arbitrary files with the privileges of the server process. Information obtained may aid in further attacks.
Linksys WVC54GCA Wireless-G Internet Home Monitoring Camera firmware 1.00R22 and 1.00R24 are affected; other versions may also be vulnerable. The Linksys WVC54GCA is a wireless network camera
| VAR-200905-0155 | CVE-2009-1632 |
Ipsec-tools Certificate validation and NAT-Traversal Service disruption in (DoS) Vulnerabilities
Related entries in the VARIoT exploits database: VAR-E-200904-0796, VAR-E-200904-0795 |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Multiple memory leaks in Ipsec-tools before 0.7.2 allow remote attackers to cause a denial of service (memory consumption) via vectors involving (1) signature verification during user authentication with X.509 certificates, related to the eay_check_x509sign function in src/racoon/crypto_openssl.c; and (2) the NAT-Traversal (aka NAT-T) keepalive implementation, related to src/racoon/nattraversal.c. IPsec-Tools is affected by multiple remote denial-of-service vulnerabilities because the software fails to properly handle certain network packets.
A successful attack allows a remote attacker to cause the application to crash or to consume excessive memory, denying further service to legitimate users.
Versions prior to IPsec-Tools 0.7.2 are vulnerable. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200905-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: IPSec Tools: Denial of Service
Date: May 24, 2009
Bugs: #267135
ID: 200905-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple errors in the IPSec Tools racoon daemon might allow remote
attackers to cause a Denial of Service.
Background
==========
The IPSec Tools are a port of KAME's IPsec utilities to the Linux-2.6
IPsec implementation. They include racoon, an Internet Key Exchange
daemon for automatically keying IPsec connections.
Impact
======
A remote attacker could send specially crafted fragmented ISAKMP
packets without a payload or exploit vectors related to X.509
certificate authentication and NAT traversal, possibly resulting in a
crash of the racoon daemon.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All IPSec Tools users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-firewall/ipsec-tools-0.7.2"
References
==========
[ 1 ] CVE-2009-1574
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1574
[ 2 ] CVE-2009-1632
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1632
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200905-03.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.
License
=======
Copyright 2009 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Debian Security Advisory DSA-1804-1 security@debian.org
http://www.debian.org/security/ Nico Golde
May 20th, 2009 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : ipsec-tools
Vulnerability : null pointer dereference, memory leaks
Problem type : remote
Debian-specific: no
Debian bug : 527634 528933
CVE ID : CVE-2009-1574 CVE-2009-1632
Several remote vulnerabilities have been discovered in racoon, the Internet Key
Exchange daemon of ipsec-tools. The The Common Vulnerabilities and Exposures
project identified the following problems:
Neil Kettle discovered a NULL pointer dereference on crafted fragmented packets
that contain no payload. This results in the daemon crashing which can be used
for denial of service attacks (CVE-2009-1574).
For the oldstable distribution (etch), this problem has been fixed in
version 0.6.6-3.1etch3.
For the stable distribution (lenny), this problem has been fixed in
version 0.7.1-1.3+lenny2.
For the testing distribution (squeeze), this problem will be fixed soon.
For the unstable distribution (sid), this problem has been fixed in
version 1:0.7.1-1.5.
We recommend that you upgrade your ipsec-tools packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- -------------------------------
Debian (oldstable)
- ------------------
Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3.dsc
Size/MD5 checksum: 722 8b561cf84ac9c46ec07b037ce3ad06f1
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3.diff.gz
Size/MD5 checksum: 49875 7444fb4ad448ccfffe878801a2b88d2e
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_amd64.deb
Size/MD5 checksum: 343790 9cee9f8c479a3a2952d2913d7bdc4c5d
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_amd64.deb
Size/MD5 checksum: 89184 5ccd4554eec28da6d933dc20a8a39393
arm architecture (ARM)
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_arm.deb
Size/MD5 checksum: 325706 9ce7988b74bccee252be7dac7ac8b5f7
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_arm.deb
Size/MD5 checksum: 89748 513ded0e4a33200710444e1bf4ab67d8
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_hppa.deb
Size/MD5 checksum: 353066 c56644b426ae945ca420d4ca37fc3f2a
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_hppa.deb
Size/MD5 checksum: 94092 80b46b6fd60e857c84c588432b098957
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_i386.deb
Size/MD5 checksum: 330258 b905d30958bd5c51d355f286f81b8be1
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_i386.deb
Size/MD5 checksum: 85046 294ccbc4b51e4942edaeec7cd746dfa3
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_ia64.deb
Size/MD5 checksum: 113356 111f0daa2075584c100efc9c11ecef73
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_ia64.deb
Size/MD5 checksum: 468296 bd4d69b5e0d4ee39ec564e1304f7649c
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_mips.deb
Size/MD5 checksum: 89018 b6af57d65d43a7433132bee9657ba608
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_mips.deb
Size/MD5 checksum: 344558 aba2d85d5196c2a46555ad9e478d338a
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_mipsel.deb
Size/MD5 checksum: 346856 97e04d97bdd55f852392d7461bad7f4d
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_mipsel.deb
Size/MD5 checksum: 90308 9e780cda3df3384d0f1e33637d003f21
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_powerpc.deb
Size/MD5 checksum: 91048 98174626d8ad1fba940c81001c337a4f
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_powerpc.deb
Size/MD5 checksum: 337266 9f636e6d8904103b0096a4eed99e9cae
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_s390.deb
Size/MD5 checksum: 341586 b42ddbad323dcdbd775d502f786ab449
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_s390.deb
Size/MD5 checksum: 90750 62d4c3e618a6c69d532b8d8d33bb27b9
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_sparc.deb
Size/MD5 checksum: 85710 9f1f526be4f2df4eb64d46023d87c6b3
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_sparc.deb
Size/MD5 checksum: 317136 38e50e9d97b46b51d12429b9ea727858
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Debian (stable)
- ---------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2.diff.gz
Size/MD5 checksum: 49472 4bc8ba2bd520a7514f2c33021c64e8ce
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1.orig.tar.gz
Size/MD5 checksum: 1039057 ddff5ec5a06b804ca23dc41268368853
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2.dsc
Size/MD5 checksum: 1144 46d3f28156ee183512a451588ef414e4
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_alpha.deb
Size/MD5 checksum: 428532 052c13540da3fab19fdca83e9a389a39
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_alpha.deb
Size/MD5 checksum: 114088 78065dd99d3732291e8d499383af17d9
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_amd64.deb
Size/MD5 checksum: 409514 a421f12270f5b22639d67be8d2cc8b4e
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_amd64.deb
Size/MD5 checksum: 104612 9ec93c697cf64232728d0dd5658efac8
arm architecture (ARM)
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_arm.deb
Size/MD5 checksum: 104604 78fa45a7e0503e4ee87e7508294cb0b0
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_arm.deb
Size/MD5 checksum: 381692 f1943edf9599189d16a2f936fa971abc
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_armel.deb
Size/MD5 checksum: 387510 63ebe895d019d2362a0a11a0de0842c6
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_armel.deb
Size/MD5 checksum: 104268 6c224349c910ffce5bb892f2a06dc243
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_i386.deb
Size/MD5 checksum: 375004 5a43cbb6106d576ab686e9e4eb78c245
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_i386.deb
Size/MD5 checksum: 99098 6c81df8c4653265f10ad6abf68091329
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_ia64.deb
Size/MD5 checksum: 131288 dfa8646655028ae53bddad7f41e9f3a4
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_ia64.deb
Size/MD5 checksum: 544150 8e274b6b73125efe0fa8392398e0c5ea
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_mips.deb
Size/MD5 checksum: 103502 5bd00dfdef0862a63bb666ed949e26ef
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_mips.deb
Size/MD5 checksum: 388820 46fc10315192943b912126fe68ffeea9
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_mipsel.deb
Size/MD5 checksum: 104216 a271cb33c891084479ed441945672f14
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_mipsel.deb
Size/MD5 checksum: 390562 352f78906e08ddb861053dfed30640bf
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_powerpc.deb
Size/MD5 checksum: 403162 0210fa37088d78ee9aa53395aa0148e8
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_powerpc.deb
Size/MD5 checksum: 109438 26f043be5fb248d33b605d1987fa472a
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_s390.deb
Size/MD5 checksum: 107474 aa6203b0e9e6dacbe39520be6b849eea
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_s390.deb
Size/MD5 checksum: 399386 e965abdcf32838fff7753e789e703205
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_sparc.deb
Size/MD5 checksum: 102486 57b2e115a15e08518f00158c1fe36cf2
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_sparc.deb
Size/MD5 checksum: 373916 7e2278ac7b4f0b352814ad2f55b1213a
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkoUDnMACgkQHYflSXNkfP8LtgCdF9LmW/TOn9JDPTVGlt+7dccI
3MYAoJVcwmqHztsGgCgBps9hyqzrQJ5l
=84V/
-----END PGP SIGNATURE-----
.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1632
_______________________________________________________________________
Updated Packages:
Corporate 4.0:
4ccc0eafc222a8a5976a0e9eebbc7499 corporate/4.0/i586/ipsec-tools-0.6.5-2.4.20060mlcs4.i586.rpm
f244df60a927a7aa4a539c2e8d9c699a corporate/4.0/i586/libipsec0-0.6.5-2.4.20060mlcs4.i586.rpm
95443caad35eb54d1f291f7368aac511 corporate/4.0/i586/libipsec0-devel-0.6.5-2.4.20060mlcs4.i586.rpm
0e9a4820ef81a4917d9c0a9c5befa27b corporate/4.0/SRPMS/ipsec-tools-0.6.5-2.4.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
a1ccfd8a891340f52aa2f64d69e46e47 corporate/4.0/x86_64/ipsec-tools-0.6.5-2.4.20060mlcs4.x86_64.rpm
44ed76407c8633fcea7f4a3ab94f1842 corporate/4.0/x86_64/lib64ipsec0-0.6.5-2.4.20060mlcs4.x86_64.rpm
d7a3ecf831ecfcbc1319558303a1be17 corporate/4.0/x86_64/lib64ipsec0-devel-0.6.5-2.4.20060mlcs4.x86_64.rpm
0e9a4820ef81a4917d9c0a9c5befa27b corporate/4.0/SRPMS/ipsec-tools-0.6.5-2.4.20060mlcs4.src.rpm
Multi Network Firewall 2.0:
f43aaba27d5ff88b38db39ebeaaaf5cd mnf/2.0/i586/ipsec-tools-0.2.5-0.7.M20mdk.i586.rpm
fb19d1e75fd8f08ce9dc1586cdf9fa3b mnf/2.0/i586/libipsec-tools0-0.2.5-0.7.M20mdk.i586.rpm
2db168e39d44b361bab9ada981edaa90 mnf/2.0/SRPMS/ipsec-tools-0.2.5-0.7.M20mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFKETmdmqjQ0CJFipgRAloWAJ9wHsc3F9b0lI8E87n8+gT7j4t+jACg8OD2
obN0TVwX9QBtElK0wQeibi8=
=dlxS
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability
intelligence source on the market.
Implement it through Secunia.
For more information visit:
http://secunia.com/advisories/business_solutions/
Alternatively request a call from a Secunia representative today to
discuss how we can help you with our capabilities contact us at:
sales@secunia.com
----------------------------------------------------------------------
TITLE:
SUSE Update for Multiple Packages
SECUNIA ADVISORY ID:
SA35685
VERIFY ADVISORY:
http://secunia.com/advisories/35685/
DESCRIPTION:
SUSE has issued an update for multiple packages. This fixes some
vulnerabilities, which can be exploited by malicious users to
disclose sensitive information, manipulate certain data, and by
malicious people to disclose sensitive information, cause a DoS
(Denial of Service), and potentially compromise a vulnerable system.
For more information:
SA33338
SA33853
SA33884
SA34035
SA34481
SA34746
SA34797
SA35021
SA35128
SA35216
SA35296
SA35344
SA35422
1) A boundary error exists within the "pg_db_putline()" function in
perl-DBD-Pg's dbdimp.c. This can be exploited to cause a heap-based
buffer overflow if malicious rows are retrieved from the database
using the "pg_getline()" or "getline()" function.
2) A memory leak exists within the function "dequote_bytea()" in
perl-DBD-Pg's quote.c, which can be exploited to cause a memory
exhaustion.
3) Various integer overflow errors exist within the "pdftops"
application. This can be exploited to e.g. cause a crash or
potentially execute arbitrary code by printing a specially crafted
PDF file.
4) A vulnerability is caused due to an assertion error in bgpd when
handling an AS path containing multiple 4 byte AS numbers, which can
be exploited to crash to the daemon by advertising specially crafted
AS paths.
SOLUTION:
Apply updated packages via YaST Online Update or the SUSE FTP server.
ORIGINAL ADVISORY:
SUSE-SR:2009:012:
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
OTHER REFERENCES:
SA33338:
http://secunia.com/advisories/33338/
SA33853:
http://secunia.com/advisories/33853/
SA33884:
http://secunia.com/advisories/33884/
SA34035:
http://secunia.com/advisories/34035/
SA34481:
http://secunia.com/advisories/34481/
SA34746:
http://secunia.com/advisories/34746/
SA34797:
http://secunia.com/advisories/34797/
SA35021:
http://secunia.com/advisories/35021/
SA35128:
http://secunia.com/advisories/35128/
SA35216:
http://secunia.com/advisories/35216/
SA35296:
http://secunia.com/advisories/35296/
SA35344:
http://secunia.com/advisories/35344/
SA35422:
http://secunia.com/advisories/35422/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
. ===========================================================
Ubuntu Security Notice USN-785-1 June 09, 2009
ipsec-tools vulnerabilities
CVE-2009-1574, CVE-2009-1632
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
racoon 1:0.6.5-4ubuntu1.3
Ubuntu 8.04 LTS:
racoon 1:0.6.7-1.1ubuntu1.2
Ubuntu 8.10:
racoon 1:0.7-2.1ubuntu1.8.10.1
Ubuntu 9.04:
racoon 1:0.7-2.1ubuntu1.9.04.1
In general, a standard system upgrade is sufficient to effect the
necessary changes. (CVE-2009-1574)
It was discovered that ipsec-tools did not properly handle memory usage
when verifying certificate signatures or processing nat-traversal
keep-alive messages. A remote attacker could send specially crafted packets
to the server and exhaust available memory, leading to a denial of service. ----------------------------------------------------------------------
Are you missing:
SECUNIA ADVISORY ID:
Critical:
Impact:
Where:
within the advisory below?
This is now part of the Secunia commercial solutions
| VAR-200905-0196 | CVE-2009-1574 |
Ipsec-tools Service disruption in packet processing (DoS) Vulnerabilities
Related entries in the VARIoT exploits database: VAR-E-200904-0796, VAR-E-200904-0795 |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of service (crash) via crafted fragmented packets without a payload, which triggers a NULL pointer dereference. Ipsec-tools of racoon/isakmp_frag.c Has a deficiency in handling fragmented packets with no payload, resulting in denial of service (DoS) There is a vulnerability that becomes a condition.Service operation disruption to a third party (DoS) There is a possibility of being put into a state. IPsec-Tools is affected by multiple remote denial-of-service vulnerabilities because the software fails to properly handle certain network packets.
Versions prior to IPsec-Tools 0.7.2 are vulnerable. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2010-12-16-1 Time Capsule and AirPort Base Station
(802.11n) Firmware 7.5.2
Time Capsule and AirPort Base Station (802.11n) Firmware 7.5.2 is
now available and addresses the following:
CVE-ID: CVE-2008-4309
Available for: AirPort Extreme Base Station with 802.11n,
AirPort Express Base Station with 802.11n, Time Capsule
Impact: A remote attacker may terminate the operation of the SNMP
service
Description: An integer overflow exists in the
netsnmp_create_subtree_cache function. By default, the
'WAN SNMP' configuration option is disabled, and the SNMP service is
accessible only to other devices on the local network. This issue is
addressed by applying the Net-SNMP patches.
CVE-ID: CVE-2009-2189
Available for: AirPort Extreme Base Station with 802.11n,
AirPort Express Base Station with 802.11n, Time Capsule
Impact: Receiving a large number of IPv6 Router Advertisement (RA)
and Neighbor Discovery (ND) packets from a system on the local
network may cause the base station to restart
Description: A resource consumption issue exists in the base
station's handling of Router Advertisement (RA) and Neighbor
Discovery (ND) packets. A system on the local network may send a
large number of RA and ND packets that could exhaust the base
station's resources, causing it to restart unexpectedly. This issue
is addressed by rate limiting incoming ICMPv6 packets. Credit to
Shoichi Sakane of the KAME project, Kanai Akira of Internet Multifeed
Co., Shirahata Shin and Rodney Van Meter of Keio University, and
Tatuya Jinmei of Internet Systems Consortium, Inc. for reporting this
issue.
CVE-ID: CVE-2010-0039
Available for: AirPort Extreme Base Station with 802.11n,
AirPort Express Base Station with 802.11n, Time Capsule
Impact: An attacker may be able to query services behind an AirPort
Base Station or Time Capsule's NAT from the source IP of the router,
if any system behind the NAT has a portmapped FTP server
Description: The AirPort Extreme Base Station and Time Capsule's
Application-Level Gateway (ALG) rewrites incoming FTP traffic,
including PORT commands, to appear as if it is the source. An
attacker with write access to an FTP server inside the NAT may issue
a malicious PORT command, causing the ALG to send attacker-supplied
data to an IP and port behind the NAT. As the data is resent from the
Base Station, it could potentially bypass any IP-based restrictions
for the service. This issue is addressed by not rewriting inbound
PORT commands via the ALG. Credit to Sabahattin Gucukoglu for
reporting this issue. This issue is addressed
through improved validation of fragmented ISAKMP packets.
CVE-ID: CVE-2010-1804
Available for: AirPort Extreme Base Station with 802.11n,
AirPort Express Base Station with 802.11n, Time Capsule
Impact: A remote attacker may cause the device to stop processing
network traffic
Description: An implementation issue exists in the network bridge.
Sending a maliciously crafted DHCP reply to the device may cause it
to stop responding to network traffic. This issue affects devices
that have been configured to act as a bridge, or are configured in
Network Address Translation (NAT) mode with a default host enabled.
By default, the device operates in NAT mode, and no default host is
configured. This update addresses the issue through improved handling
of DHCP packets on the network bridge. Credit to Stefan R. Filipek
for reporting this issue.
Installation note for Firmware version 7.5.2
Firmware version 7.5.2 is installed into Time Capsule or AirPort Base
Station with 802.11n via AirPort Utility, provided with the device.
It is recommended that AirPort Utility 5.5.2 be installed before
upgrading to Firmware version 7.5.2.
AirPort Utility 5.5.2 may be obtained through Apple's Software
Download site: http://www.apple.com/support/downloads/
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (Darwin)
iQEcBAEBAgAGBQJNCWXyAAoJEGnF2JsdZQeevTQH/0856gTUzzmL371/nSkhn3qq
MCPQVaEMe8O/jy96nlskwzp3X0X0QmXePok1enp6QhDhHm0YL3a4q7YHd4zjm6mM
JUoVR4JJRSKOb1bVdEXqo+qG/PH7/5ywfrGas+MjOshMa3gnhYVee39N7Xtz0pHD
3ZllZRwGwad1sQLL7DhJKZ92z6t2GfHoJyK4LZNemkQAL1HyUu7Hj9SlljcVB+Ub
xNnpmBXJcCZzp4nRQM+fbLf6bdZ1ua5DTc1pXC8vETtxyHc53G/vLCu8SKBnTBlK
JmkpGwG5fXNuYLL8ArFUuEu3zhE7kfdeftUrEez3YeL2DgU9iB8m8RkuuSrVJEY=
=WPH8
-----END PGP SIGNATURE-----
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200905-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: IPSec Tools: Denial of Service
Date: May 24, 2009
Bugs: #267135
ID: 200905-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple errors in the IPSec Tools racoon daemon might allow remote
attackers to cause a Denial of Service.
Background
==========
The IPSec Tools are a port of KAME's IPsec utilities to the Linux-2.6
IPsec implementation. They include racoon, an Internet Key Exchange
daemon for automatically keying IPsec connections.
* Multiple memory leaks exist in (1) the eay_check_x509sign()
function in racoon/crypto_openssl.c and (2) racoon/nattraversal.c
(CVE-2009-1632).
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All IPSec Tools users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-firewall/ipsec-tools-0.7.2"
References
==========
[ 1 ] CVE-2009-1574
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1574
[ 2 ] CVE-2009-1632
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1632
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200905-03.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.
License
=======
Copyright 2009 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Debian Security Advisory DSA-1804-1 security@debian.org
http://www.debian.org/security/ Nico Golde
May 20th, 2009 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : ipsec-tools
Vulnerability : null pointer dereference, memory leaks
Problem type : remote
Debian-specific: no
Debian bug : 527634 528933
CVE ID : CVE-2009-1574 CVE-2009-1632
Several remote vulnerabilities have been discovered in racoon, the Internet Key
Exchange daemon of ipsec-tools. This results in the daemon crashing which can be used
for denial of service attacks (CVE-2009-1574).
Various memory leaks in the X.509 certificate authentication handling and the
NAT-Traversal keepalive implementation can result in memory exhaustion and
thus denial of service (CVE-2009-1632).
For the oldstable distribution (etch), this problem has been fixed in
version 0.6.6-3.1etch3.
For the stable distribution (lenny), this problem has been fixed in
version 0.7.1-1.3+lenny2.
For the testing distribution (squeeze), this problem will be fixed soon.
For the unstable distribution (sid), this problem has been fixed in
version 1:0.7.1-1.5.
We recommend that you upgrade your ipsec-tools packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- -------------------------------
Debian (oldstable)
- ------------------
Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3.dsc
Size/MD5 checksum: 722 8b561cf84ac9c46ec07b037ce3ad06f1
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3.diff.gz
Size/MD5 checksum: 49875 7444fb4ad448ccfffe878801a2b88d2e
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_amd64.deb
Size/MD5 checksum: 343790 9cee9f8c479a3a2952d2913d7bdc4c5d
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_amd64.deb
Size/MD5 checksum: 89184 5ccd4554eec28da6d933dc20a8a39393
arm architecture (ARM)
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_arm.deb
Size/MD5 checksum: 325706 9ce7988b74bccee252be7dac7ac8b5f7
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_arm.deb
Size/MD5 checksum: 89748 513ded0e4a33200710444e1bf4ab67d8
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_hppa.deb
Size/MD5 checksum: 353066 c56644b426ae945ca420d4ca37fc3f2a
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_hppa.deb
Size/MD5 checksum: 94092 80b46b6fd60e857c84c588432b098957
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_i386.deb
Size/MD5 checksum: 330258 b905d30958bd5c51d355f286f81b8be1
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_i386.deb
Size/MD5 checksum: 85046 294ccbc4b51e4942edaeec7cd746dfa3
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_ia64.deb
Size/MD5 checksum: 113356 111f0daa2075584c100efc9c11ecef73
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_ia64.deb
Size/MD5 checksum: 468296 bd4d69b5e0d4ee39ec564e1304f7649c
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_mips.deb
Size/MD5 checksum: 89018 b6af57d65d43a7433132bee9657ba608
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_mips.deb
Size/MD5 checksum: 344558 aba2d85d5196c2a46555ad9e478d338a
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_mipsel.deb
Size/MD5 checksum: 346856 97e04d97bdd55f852392d7461bad7f4d
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_mipsel.deb
Size/MD5 checksum: 90308 9e780cda3df3384d0f1e33637d003f21
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_powerpc.deb
Size/MD5 checksum: 91048 98174626d8ad1fba940c81001c337a4f
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_powerpc.deb
Size/MD5 checksum: 337266 9f636e6d8904103b0096a4eed99e9cae
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_s390.deb
Size/MD5 checksum: 341586 b42ddbad323dcdbd775d502f786ab449
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_s390.deb
Size/MD5 checksum: 90750 62d4c3e618a6c69d532b8d8d33bb27b9
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_sparc.deb
Size/MD5 checksum: 85710 9f1f526be4f2df4eb64d46023d87c6b3
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_sparc.deb
Size/MD5 checksum: 317136 38e50e9d97b46b51d12429b9ea727858
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Debian (stable)
- ---------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2.diff.gz
Size/MD5 checksum: 49472 4bc8ba2bd520a7514f2c33021c64e8ce
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1.orig.tar.gz
Size/MD5 checksum: 1039057 ddff5ec5a06b804ca23dc41268368853
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2.dsc
Size/MD5 checksum: 1144 46d3f28156ee183512a451588ef414e4
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_alpha.deb
Size/MD5 checksum: 428532 052c13540da3fab19fdca83e9a389a39
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_alpha.deb
Size/MD5 checksum: 114088 78065dd99d3732291e8d499383af17d9
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_amd64.deb
Size/MD5 checksum: 409514 a421f12270f5b22639d67be8d2cc8b4e
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_amd64.deb
Size/MD5 checksum: 104612 9ec93c697cf64232728d0dd5658efac8
arm architecture (ARM)
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_arm.deb
Size/MD5 checksum: 104604 78fa45a7e0503e4ee87e7508294cb0b0
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_arm.deb
Size/MD5 checksum: 381692 f1943edf9599189d16a2f936fa971abc
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_armel.deb
Size/MD5 checksum: 387510 63ebe895d019d2362a0a11a0de0842c6
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_armel.deb
Size/MD5 checksum: 104268 6c224349c910ffce5bb892f2a06dc243
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_i386.deb
Size/MD5 checksum: 375004 5a43cbb6106d576ab686e9e4eb78c245
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_i386.deb
Size/MD5 checksum: 99098 6c81df8c4653265f10ad6abf68091329
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_ia64.deb
Size/MD5 checksum: 131288 dfa8646655028ae53bddad7f41e9f3a4
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_ia64.deb
Size/MD5 checksum: 544150 8e274b6b73125efe0fa8392398e0c5ea
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_mips.deb
Size/MD5 checksum: 103502 5bd00dfdef0862a63bb666ed949e26ef
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_mips.deb
Size/MD5 checksum: 388820 46fc10315192943b912126fe68ffeea9
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_mipsel.deb
Size/MD5 checksum: 104216 a271cb33c891084479ed441945672f14
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_mipsel.deb
Size/MD5 checksum: 390562 352f78906e08ddb861053dfed30640bf
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_powerpc.deb
Size/MD5 checksum: 403162 0210fa37088d78ee9aa53395aa0148e8
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_powerpc.deb
Size/MD5 checksum: 109438 26f043be5fb248d33b605d1987fa472a
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_s390.deb
Size/MD5 checksum: 107474 aa6203b0e9e6dacbe39520be6b849eea
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_s390.deb
Size/MD5 checksum: 399386 e965abdcf32838fff7753e789e703205
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_sparc.deb
Size/MD5 checksum: 102486 57b2e115a15e08518f00158c1fe36cf2
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_sparc.deb
Size/MD5 checksum: 373916 7e2278ac7b4f0b352814ad2f55b1213a
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkoUDnMACgkQHYflSXNkfP8LtgCdF9LmW/TOn9JDPTVGlt+7dccI
3MYAoJVcwmqHztsGgCgBps9hyqzrQJ5l
=84V/
-----END PGP SIGNATURE-----
.
Updated packages are available that brings ipsec-tools to version
0.7.2 for Mandriva Linux 2008.1/2009.0/2009.1 which provides numerous
bugfixes over the previous 0.7.1 version, and also corrects this
issue. ipsec-tools for Mandriva Linux Corporate Server 4 has been
patched to address this issue.
Additionally the flex package required for building ipsec-tools has
been fixed due to ipsec-tools build problems and is also available
with this update.
Update:
Packages for 2008.0 are being provided due to extended support for
Corporate products.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1574
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2008.0:
8256debb7fe84394de70499907060de6 2008.0/i586/flex-2.5.33-2.1mdv2008.0.i586.rpm
c03c0f9fe8f564ea777b82789ac95f41 2008.0/i586/ipsec-tools-0.7.2-0.1mdv2008.0.i586.rpm
9da2195c693a7fe40f7afb3c5806aaca 2008.0/i586/libipsec0-0.7.2-0.1mdv2008.0.i586.rpm
29dcc9414a59cba30ce801b9fef416a6 2008.0/i586/libipsec-devel-0.7.2-0.1mdv2008.0.i586.rpm
b3ceeee8a3a36388d02426b77a45d862 2008.0/SRPMS/flex-2.5.33-2.1mdv2008.0.src.rpm
b0cb7993f29eac3d5f170c7cd3cf0cb5 2008.0/SRPMS/ipsec-tools-0.7.2-0.1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64:
36c5d0eb92197c814b90c814d21d3372 2008.0/x86_64/flex-2.5.33-2.1mdv2008.0.x86_64.rpm
7a976c988badcb9fae93509acfe99aa2 2008.0/x86_64/ipsec-tools-0.7.2-0.1mdv2008.0.x86_64.rpm
85b8ed6e328b048c13eb503bfee8dcdc 2008.0/x86_64/lib64ipsec0-0.7.2-0.1mdv2008.0.x86_64.rpm
a22f34f1cfac38c9029eb032e3257285 2008.0/x86_64/lib64ipsec-devel-0.7.2-0.1mdv2008.0.x86_64.rpm
b3ceeee8a3a36388d02426b77a45d862 2008.0/SRPMS/flex-2.5.33-2.1mdv2008.0.src.rpm
b0cb7993f29eac3d5f170c7cd3cf0cb5 2008.0/SRPMS/ipsec-tools-0.7.2-0.1mdv2008.0.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you. ===========================================================
Ubuntu Security Notice USN-785-1 June 09, 2009
ipsec-tools vulnerabilities
CVE-2009-1574, CVE-2009-1632
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
racoon 1:0.6.5-4ubuntu1.3
Ubuntu 8.04 LTS:
racoon 1:0.6.7-1.1ubuntu1.2
Ubuntu 8.10:
racoon 1:0.7-2.1ubuntu1.8.10.1
Ubuntu 9.04:
racoon 1:0.7-2.1ubuntu1.9.04.1
In general, a standard system upgrade is sufficient to effect the
necessary changes. (CVE-2009-1574)
It was discovered that ipsec-tools did not properly handle memory usage
when verifying certificate signatures or processing nat-traversal
keep-alive messages
| VAR-200904-0235 | CVE-2009-0164 | CUPS In DNS Vulnerabilities that induce rebinding attacks |
CVSS V2: 6.4 CVSS V3: - Severity: MEDIUM |
The web interface for CUPS before 1.3.10 does not validate the HTTP Host header in a client request, which makes it easier for remote attackers to conduct DNS rebinding attacks. CUPS is prone to an insufficient 'Host' header validation weakness.
An attacker can use this weakness to carry out certain attacks such as DNS rebinding against the vulnerable server.
I.
II. Impact
The impacts of these vulnerabilities vary. Potential consequences
include arbitrary code execution, sensitive information disclosure,
denial of service, or privilege escalation.
III. These and other updates are available via Software
Update or via Apple Downloads.
IV. References
* Apple Security Update 2009-002 -
<http://support.apple.com/kb/HT3549>
* Safari 3.2.3 - <http://support.apple.com/kb/HT3550>
* Apple Downloads - <http://support.apple.com/downloads/>
* Software Update -
<https://support.apple.com/kb/HT1338?viewlocale=en_US>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-133A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-133A Feedback VU#175188" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
May 13, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSgsdiHIHljM+H4irAQIsGAf+IykbS/FD1X/R2ooezndAmZjrcT29XnpV
HO4DiMlKmqW+dUffk4mdJLVR7y8pwUuP4TbjwncoT39SDR9UoEankv7+Dao/qkM/
Jp0flkEpb5qtcIm9VnuWvpCE31OZZgwBwJ7f2WWzbBLqoZ5FIWAhCcW6E5v6mjVy
J+Z4BmHYUIapPLzGzV8+HT6/7LRNpg+mZoldEBUoXXjik8o78v5A7iGyMSXoaBlV
vL8N/3GG9a9xecLqbbv5N6ABsncHA9f/GzBnfJUqVHkUM1xnjqmgd7TZikObw+fJ
xcgWvmYmoRdCMzM3b1jPqWPDGJDbo0oHZM3J3hKE+opsLe9xChM1qA==
=dQ2L
-----END PGP SIGNATURE-----
. ----------------------------------------------------------------------
Are you missing:
SECUNIA ADVISORY ID:
Critical:
Impact:
Where:
within the advisory below?
This is now part of the Secunia commercial solutions.
Click here to learn more about our commercial solutions:
http://secunia.com/advisories/business_solutions/
Click here to trial our solutions:
http://secunia.com/advisories/try_vi/
----------------------------------------------------------------------
TITLE:
Apple Mac OS X Security Update Fixes Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA35074
VERIFY ADVISORY:
http://secunia.com/advisories/35074/
DESCRIPTION:
Apple has issued a security update for Mac OS X, which fixes multiple
vulnerabilities.
1) A vulnerability in Apache when handling FTP proxy requests can be
exploited by malicious people to conduct cross-site scripting
attacks.
For more information:
SA31384
2) A boundary error in the handling of Compact Font Format (CFF)
fonts in Apple Type Services can be exploited to cause a heap-based
buffer overflow when specially crafted document is downloaded or
viewed.
Successful exploitation allows execution of arbitrary code.
3) A vulnerability in BIND can potentially be exploited by malicious
people to conduct spoofing attacks.
For more information:
SA33404
4) An error in the parsing of Set-Cookie headers in CFNetwork can
result in applications using CFNetwork sending sensitive information
in unencrypted HTTP requests.
5) An unspecified error in the processing of HTTP headers in
CFNetwork can be exploited to cause a heap-based buffer overflow when
visiting a malicious web site.
Successful exploitation allows execution of arbitrary code.
6) Multiple errors exist in the processing of PDF files in
CoreGraphics, which can be exploited to corrupt memory and execute
arbitrary code via a specially crafted PDF file.
7) An integer underflow error in the processing of PDF files in
CoreGraphics can be exploited to cause a heap-based buffer overflow
when specially crafted PDF files is opened.
Successful exploitation allows execution of arbitrary code.
8) Multiple vulnerabilities in the processing of JBIG2 streams within
PDF files in CoreGraphics can be exploited by malicious people to
compromise a user's system.
For more information:
SA34291
9) Multiple vulnerabilities in cscope can be exploited by malicious
people to compromise a user's system.
For more information:
SA34978:
10) A boundary error in the handling of disk images can be exploited
to cause a stack-based buffer overflow when a specially crafted disk
image is mounted.
11) Multiple unspecified errors in the handling of disk images can be
exploited to cause memory corruptions when a specially crafted disk
image is mounted.
Successful exploitation of vulnerabilities #10 and #11 allows
execution of arbitrary code.
12) Multiple vulnerabilities in enscript can be exploited by
malicious people to compromise a vulnerable system.
For more information:
SA13968
SA32137
13) Multiple vulnerabilities in the Flash Player plugin can be
exploited by malicious people to compromise a user's system.
For more information:
SA34012
14) An error in Help Viewer when loading Cascading Style Sheets
referenced in URL parameters can be exploited to invoke arbitrary
AppleScript files.
15) A vulnerability exists due to Help Viewer not validating that
full paths to HTML documents are within registered help books, which
can be exploited to invoke arbitrary AppleScript files.
Successful exploitation of vulnerabilities #14 and #15 allows
execution of arbitrary code.
16) An error in iChat can result in AIM communication configured for
SSL to be sent in plaintext.
17) An error in the handling of certain character encodings in ICU
can be exploited to bypass filters on websites that attempt to
mitigate cross-site scripting.
18) Some vulnerabilities in IPSec can be exploited by malicious users
and malicious people to cause a DoS (Denial of Service).
For more information:
SA31450
SA31478
19) Multiple vulnerabilities in Kerberos can be exploited by
malicious people to potentially disclose sensitive information, cause
a DoS (Denial of Service), or potentially compromise a vulnerable
system.
For more information:
SA34347
20) An error in the handling of workqueues within the kernel can be
exploited by malicious, local users to cause a DoS or execute
arbitrary code with Kernel privileges.
21) An error in Launch Services can cause Finder to repeatedly
terminate and relaunch when a specially crafted Mach-O is
downloaded.
22) A vulnerability in libxml can be exploited by malicious people to
cause a DoS (Denial of Service) or potentially compromise an
application using the library.
For more information:
SA31558
23) A vulnerability in Net-SNMP can be exploited by malicious people
to cause a DoS (Denial of Service).
For more information:
SA32560
24) A vulnerability in Network Time can be exploited by malicious
people to conduct spoofing attacks.
For more information:
SA33406
25) A vulnerability in Network Time can be exploited by malicious
people to potentially compromise a user's system.
For more information:
SA34608
26) A vulnerability in Networking can be exploited by malicious
people to cause a DoS (Denial of Service).
For more information:
SA31745
27) A vulnerability in OpenSSL can be exploited by malicious people
to conduct spoofing attacks.
For more information:
SA33338
28) Some vulnerabilities in PHP can be exploited by malicious people
to cause a DoS (Denial of Service) or potentially compromise a
vulnerable system, and by malicious, local users to bypass certain
security restrictions.
For more information:
SA32964
29) An unspecified error in QuickDraw Manager can be exploited to
cause a memory corruption and potentially execute arbitrary code via
a specially crafted PICT image.
30) An integer underflow error in the handling of PICT images in
QuickDraw Manager can be exploited to cause a heap-based buffer
overflow via a specially crafted PICT file.
Successful exploitation allows execution of arbitrary code.
31) Multiple vulnerabilities in ruby can be exploited by malicious
people to bypass certain security restrictions, cause a DoS (Denial
of Service), and conduct spoofing attacks.
For more information:
SA31430
SA31602
32) An error in the use of the OpenSSL library in ruby can cause
revoked certificates to be accepted.
33) A vulnerability in Safari when handling "feed:" URLs can be
exploited to compromise a user's system.
For more information:
SA35056
34) Multiple unspecified errors in Spotlight can be exploited to
cause memory corruptions and execute arbitrary code when a specially
crafted Office document is downloaded.
35) An error when invoking the "login" command can result in
unexpected high privileges.
36) A boundary error in telnet can be exploited to cause a
stack-based buffer overflow when connecting to a server with an
overly long canonical name in its DNS address record.
Successful exploitation may allow execution of arbitrary code.
37) A vulnerability in WebKit when handling SVGList objects can be
exploited to corrupt memory and potentially execute arbitrary code.
For more information:
SA35056
38) Multiple vulnerabilities in FreeType can be exploited by
malicious people to cause a DoS (Denial of Service) and potentially
compromise applications using the library.
For more information:
SA20100
SA25350
SA34723
39) A vulnerability in xterm can be exploited by malicious people to
compromise a user's system.
For more information:
SA33318
40) Multiple vulnerabilities in libpng can be exploited by malicious
people to cause a DoS (Denial of Service) or to potentially
compromise an application using the library.
For more information:
SA29792
SA33970
SOLUTION:
Update to Mac OS X v10.5.7 or apply Security Update 2009-002.
Security Update 2009-002 (Server Tiger PPC):
http://support.apple.com/downloads/DL819/SecUpdSrvr2009-002PPC.dmg
Security Update 2009-002 (Tiger Intel):
http://support.apple.com/downloads/DL817/SecUpd2009-002Intel.dmg
Security Update 2009-002 (Server Universal):
http://support.apple.com/downloads/DL816/SecUpdSrvr2009-002Univ.dmg
Mac OS X Server 10.5.7 Update:
http://support.apple.com/downloads/DL828/MacOSXServerUpd10.5.7.dmg
Mac OS X Server Combo 10.5.7:
http://support.apple.com/downloads/DL829/MacOSXServerUpdCombo10.5.7.dmg
Security Update 2009-002 (Tiger PPC):
http://support.apple.com/downloads/DL818/SecUpd2009-002PPC.dmg
Mac OS X 10.5.7 Update:
http://support.apple.com/downloads/DL826/MacOSXUpd10.5.7.dmg
Mac OS X 10.5.7 Combo Update:
http://support.apple.com/downloads/DL827/MacOSXUpdCombo10.5.7.dmg
PROVIDED AND/OR DISCOVERED BY:
The vendor credits:
2) Charlie Miller of Independent Security Evaluators
4) Andrew Mortensen of the University of Michigan
5) Moritz Jodeit, n.runs AG
7) Barry K. Nathan
8) Alin Rad Pop, Secunia Research and Will Dormann, CERT/CC
10) Tiller Beauchamp, IOActive
14, 15) Brian Mastenbrook
17) Chris Weber of Casaba Security
20) An anonymous researcher working with Verisign iDefense VCP
30) Damian Put and Sebastian Apelt, working with ZDI, and Chris Ries
of Carnegie Mellon University Computing Services
38) Tavis Ormandy of the Google Security Team
OTHER REFERENCES:
SA13968:
http://secunia.com/advisories/13968/
SA20100:
http://secunia.com/advisories/20100/
SA25350:
http://secunia.com/advisories/25350/
SA29792:
http://secunia.com/advisories/29792/
SA31384:
http://secunia.com/advisories/31384/
SA31430:
http://secunia.com/advisories/31430/
SA31450:
http://secunia.com/advisories/31450/
SA31478:
http://secunia.com/advisories/31478/
SA31558:
http://secunia.com/advisories/31558/
SA31602:
http://secunia.com/advisories/31602/
SA31745:
http://secunia.com/advisories/31745/
SA32137:
http://secunia.com/advisories/32137/
SA32560:
http://secunia.com/advisories/32560/
SA32964:
http://secunia.com/advisories/32964/
SA33318:
http://secunia.com/advisories/33318/
SA33338:
http://secunia.com/advisories/33338/
SA33404:
http://secunia.com/advisories/33404/
SA33406:
http://secunia.com/advisories/33406/
SA33970:
http://secunia.com/advisories/33970/
SA34012:
http://secunia.com/advisories/34012/
SA34291:
http://secunia.com/advisories/34291/
SA34347:
http://secunia.com/advisories/34347/
SA34608:
http://secunia.com/advisories/34608/
SA34723:
http://secunia.com/advisories/34723/
SA34978:
http://secunia.com/advisories/34978/
SA35056:
http://secunia.com/advisories/35056/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200904-20
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: CUPS: Multiple vulnerabilities
Date: April 23, 2009
Bugs: #263070
ID: 200904-20
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple errors in CUPS might allow for the remote execution of
arbitrary code or DNS rebinding attacks.
Background
==========
CUPS, the Common Unix Printing System, is a full-featured print server.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-print/cups < 1.3.10 >= 1.3.10
Description
===========
The following issues were reported in CUPS:
* iDefense reported an integer overflow in the _cupsImageReadTIFF()
function in the "imagetops" filter, leading to a heap-based buffer
overflow (CVE-2009-0163).
* Braden Thomas and Drew Yao of Apple Product Security reported that
CUPS is vulnerable to CVE-2009-0146, CVE-2009-0147 and CVE-2009-0166,
found earlier in xpdf and poppler.
Impact
======
A remote attacker might send or entice a user to send a specially
crafted print job to CUPS, possibly resulting in the execution of
arbitrary code with the privileges of the configured CUPS user -- by
default this is "lp", or a Denial of Service.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All CUPS users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-print/cups-1.3.10"
References
==========
[ 1 ] CVE-2009-0146
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146
[ 2 ] CVE-2009-0147
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147
[ 3 ] CVE-2009-0163
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0163
[ 4 ] CVE-2009-0164
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0164
[ 5 ] CVE-2009-0166
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200904-20.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.
License
=======
Copyright 2009 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
| VAR-200904-0217 | CVE-2009-0063 | Symantec Brightmail Gateway Appliance of Control Center Vulnerable to cross-site scripting |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Cross-site scripting (XSS) vulnerability in the Control Center in Symantec Brightmail Gateway Appliance before 8.0.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Symantec Brightmail Gateway is prone to a cross-site scripting vulnerability.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and to steal cookie-based authentication credentials.
Versions prior to Brightmail Gateway 8.0.1 are vulnerable. Brightmail Gateway is Symantec's information security management platform. ----------------------------------------------------------------------
Secunia is pleased to announce the release of the annual Secunia
report for 2008.
Highlights from the 2008 report:
* Vulnerability Research
* Software Inspection Results
* Secunia Research Highlights
* Secunia Advisory Statistics
Request the full 2008 Report here:
http://secunia.com/advisories/try_vi/request_2008_report/
Stay Secure,
Secunia
----------------------------------------------------------------------
TITLE:
Symantec Brightmail Gateway Control Center Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA34885
VERIFY ADVISORY:
http://secunia.com/advisories/34885/
DESCRIPTION:
Some vulnerabilities have been reported in Symantec Brightmail
Gateway, which can be exploited by malicious people to conduct
cross-site scripting attacks and by malicious users to bypass certain
security restrictions.
1) Certain unspecified input passed to the Control Center is not
properly sanitised before being returned to the user.
2) An error when processing unspecified console functions can be
exploited by a Control Center user to gain administrative
privileges.
SOLUTION:
Update to version 8.0.1 or later.
PROVIDED AND/OR DISCOVERED BY:
Marian Ventuneac, Perot Systems
ORIGINAL ADVISORY:
SYM09-005:
http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090423_01
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-200904-0571 | No CVE | SAP cFolders Multiple Cross-Site Scripting and HTML Injection Vulnerabilities |
CVSS V2: 6.4 CVSS V3: - Severity: MEDIUM |
cFolders (Collaboration Folders) is SAP's web-based information collaboration sharing application. Cfolders does not properly validate the p_current_role parameter submitted by the col_table_filter.htm and me_ov.htm pages, and a remote attacker can perform a cross-site scripting attack by submitting a malicious request to the above page; in addition, if a malicious LINK field is submitted to the hyp_de_create.htm page or Submitting a file with a malicious file name in the document upload area can also result in infusion and execution of malicious code. SAP cFolders is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data.
Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials and to control how the site is rendered to the user; other attacks are also possible
| VAR-200905-0193 | CVE-2009-1561 |
Cisco Linksys WRT54GC Router administration.cgi Vulnerable to cross-site request forgery
Related entries in the VARIoT exploits database: VAR-E-200904-0438 |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
Cross-site request forgery (CSRF) vulnerability in administration.cgi on the Cisco Linksys WRT54GC router with firmware 1.05.7 allows remote attackers to hijack the intranet connectivity of arbitrary users for requests that change the administrator password via the sysPasswd and sysConfirmPasswd parameters. The Linksys WRT54GC router is prone to an access-validation vulnerability because of a lack of authentication when users access specific administration applications.
Successful attacks will lead to a compromise of the vulnerable device, which may lead to further attacks.
Linksys WRT54GC running firmware 1.05.7 is vulnerable; other versions may also be affected. Cisco Linksys WRT54GC is a small business/home wireless broadband router produced by Cisco. ----------------------------------------------------------------------
Secunia is pleased to announce the release of the annual Secunia
report for 2008.
Highlights from the 2008 report:
* Vulnerability Research
* Software Inspection Results
* Secunia Research Highlights
* Secunia Advisory Statistics
Request the full 2008 Report here:
http://secunia.com/advisories/try_vi/request_2008_report/
Stay Secure,
Secunia
----------------------------------------------------------------------
TITLE:
Linksys WRT54GC "administration.cgi" Security Bypass Vulnerability
SECUNIA ADVISORY ID:
SA34805
VERIFY ADVISORY:
http://secunia.com/advisories/34805/
DESCRIPTION:
Gabriel Lima has reported a vulnerability in Linksys WRT54GC, which
can be exploited by malicious people to bypass certain security
restrictions.
The vulnerability is caused due to the router allowing unrestricted
access to the administration.cgi web interface script. This can be
exploited to change the administrator's password by sending a
specially crafted HTTP request to the affected script.
SOLUTION:
Restrict internal network access to trusted users only.
PROVIDED AND/OR DISCOVERED BY:
Gabriel Lima
ORIGINAL ADVISORY:
http://archives.neohapsis.com/archives/bugtraq/2009-04/0198.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-200904-0824 | CVE-2009-0195 | Xpdf and CUPS Vulnerable to buffer overflow |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments. ===========================================================
Ubuntu Security Notice USN-973-1 August 17, 2010
koffice vulnerabilities
CVE-2009-0146, CVE-2009-0147, CVE-2009-0165, CVE-2009-0166,
CVE-2009-0195, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179,
CVE-2009-1180, CVE-2009-1181, CVE-2009-3606, CVE-2009-3608,
CVE-2009-3609
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 9.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 9.04:
kword 1:1.6.3-7ubuntu6.1
In general, a standard system update will make all the necessary changes.
Details follow:
Will Dormann, Alin Rad Pop, Braden Thomas, and Drew Yao discovered that the
Xpdf used in KOffice contained multiple security issues in its JBIG2
decoder. (CVE-2009-0146,
CVE-2009-0147, CVE-2009-0166, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179,
CVE-2009-1180, CVE-2009-1181)
It was discovered that the Xpdf used in KOffice contained multiple security
issues when parsing malformed PDF documents. (CVE-2009-3606, CVE-2009-3608, CVE-2009-3609)
KOffice in Ubuntu 9.04 uses a very old version of Xpdf to import PDFs into
KWord. Upstream KDE no longer supports PDF import in KOffice and as a
result it was dropped in Ubuntu 9.10. While an attempt was made to fix the
above issues, the maintenance burden for supporting this very old version
of Xpdf outweighed its utility, and PDF import is now also disabled in
Ubuntu 9.04.
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.6.3-7ubuntu6.1.diff.gz
Size/MD5: 622105 556aa62c50d527e60c1dff7b0f0aa0b1
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.6.3-7ubuntu6.1.dsc
Size/MD5: 2089 d42a7716e78fc690d256f8045017e7fa
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.6.3.orig.tar.gz
Size/MD5: 63221967 497a644adaf5d6531a0e32d14f88e5f5
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio-data_1.6.3-7ubuntu6.1_all.deb
Size/MD5: 682598 78a5406815a35440ac4480c2532f28ef
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-data_1.6.3-7ubuntu6.1_all.deb
Size/MD5: 735930 9d775bfa37c32d0ab934c25c721d6456
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-doc-html_1.6.3-7ubuntu6.1_all.deb
Size/MD5: 519734 7c05c1818b4baaa8167b6f84bbcab085
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-doc_1.6.3-7ubuntu6.1_all.deb
Size/MD5: 18982 465a569fb8bbd06f80e8b19e6acc1695
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.6.3-7ubuntu6.1_all.deb
Size/MD5: 21100 780be3fc6108770d271d89cac4869b10
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter-data_1.6.3-7ubuntu6.1_all.deb
Size/MD5: 1903802 bdb13a770966f7a5b2978f510ba58f10
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita-data_1.6.3-7ubuntu6.1_all.deb
Size/MD5: 28310364 0d115fe0dfc641efe2e04508324bd72a
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword-data_1.6.3-7ubuntu6.1_all.deb
Size/MD5: 1776368 f7781ed87a7c8c5ee1ba7636c519076d
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/karbon_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 1059936 fa5f33b7cd8d1d291834ad81768a55b3
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kchart_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 1363098 1ea1bd16846af1b718392fcc80f55456
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kexi_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 3634792 de50ca28c4ffe99f5c43369be2c28c53
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kformula_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 1022466 2680eb3b5eb1fe0b939dcc4d8698df93
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 586680 af2f128a08ad516dab5e0d9181c8fa05
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dbg_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 54301774 04ffb99c1da2e2d54a0320d4eb23a8bd
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dev_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 394472 2dd7347dda792d9a1a50831b20861f94
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-libs_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 2614706 1f4f29ae856d74a751d47d6a2c2e6317
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koshell_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 177638 bbcf8e0ef85478569dd212be191cf3d6
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kplato_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 939900 81b0c652c71a1cae573a984bc8192e9c
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 1332666 2cb497195e47d739e5c73eca50ba7f3a
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 3307610 4453ddce6e47950727883a37ed0cb02a
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kspread_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 2750674 14831989300bcb63f368291710a46510
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kthesaurus_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 314700 a68a9a2cc5299b957ef823971226117a
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kugar_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 443182 d7b8296294f89bb2df6c69ac554e9d16
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 2504138 0f58ca14ca066713c273c159f6e1295d
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/karbon_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 975268 1a3b2bb23cdf4fd7ae942e53672706f1
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kchart_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 1306222 c812ef558f13e43eb448aa56d6797ed4
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kexi_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 3563484 9a47762bf756eef0defe1a690017b361
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kformula_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 1015886 5f39c46934ad9dfb55b36acd135d5b59
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 527296 e4d1682301bf58d5df51792162671e1e
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dbg_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 53049888 7baa946b92618169cdee4eab005e2533
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dev_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 409804 ff440307934403aa404a2416a6fc00a2
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-libs_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 2423308 2933a46777c6be5dd6e588afb056ce83
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koshell_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 174422 65acfb083c6dcde10f29c22d7cb2891d
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kplato_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 868786 b0f68c2390f2761fed67ed9cee032add
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 1234468 b6f06fa397725d1b915683aa8850c600
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 3037920 00a2c6161359ed7a982186ae9f82af06
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kspread_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 2634754 9a631d806d414d56e03293e108cdd19a
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kthesaurus_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 312056 e51b7691be77c0ee20224ff524f120ac
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kugar_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 430552 fe51a92f6d4db43d4c9c12c8ddda16ed
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 2362696 92d4dc922ef2a920dd580b41493f7226
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/koffice/karbon_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 975296 dfe1b44a9c29a543fe6d76b5f0bdfbc2
http://ports.ubuntu.com/pool/main/k/koffice/kchart_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 1309438 05e8ca4579040c084f38a5a174055325
http://ports.ubuntu.com/pool/main/k/koffice/kexi_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 3579118 2e344131f0aaf4231c21af2fb8298833
http://ports.ubuntu.com/pool/main/k/koffice/kformula_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 1014884 c46aad3850fe256baf9ea38262d3a0d4
http://ports.ubuntu.com/pool/main/k/koffice/kivio_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 529176 d0ed2edaf57e2e02e73a22f15b86fdc6
http://ports.ubuntu.com/pool/main/k/koffice/koffice-dbg_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 53089422 ad89de6273a8f796239423c5b4b478e8
http://ports.ubuntu.com/pool/main/k/koffice/koffice-dev_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 394468 c410cb7ac1bfffabf2b2c0b0119e829c
http://ports.ubuntu.com/pool/main/k/koffice/koffice-libs_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 2438608 66fd9a1471e34c9a5baac9d6ec2b3bd4
http://ports.ubuntu.com/pool/main/k/koffice/koshell_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 174116 1d6410c4f8dddddc24d80666f8278c0c
http://ports.ubuntu.com/pool/main/k/koffice/kplato_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 865740 78ffc8a66fe0c555e35c71d4f8734a91
http://ports.ubuntu.com/pool/main/k/koffice/kpresenter_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 1240814 1c4d13855664db29a2e1923e929ceecc
http://ports.ubuntu.com/pool/main/k/koffice/krita_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 3036992 498218cbda6e3d3abac07ce88c6e0c2c
http://ports.ubuntu.com/pool/main/k/koffice/kspread_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 2650892 5950f9bc22ab50db430eac56d9f04697
http://ports.ubuntu.com/pool/main/k/koffice/kthesaurus_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 312060 005610b199a0d8ce05d1def703c890bb
http://ports.ubuntu.com/pool/main/k/koffice/kugar_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 432602 75b05844e99f7e2ad4ab6e20e5bed539
http://ports.ubuntu.com/pool/main/k/koffice/kword_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 2371784 607adbbcfd28fbe1a2750fc004418c14
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/k/koffice/karbon_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 1068778 523593d94079fba3e0364f908a1a1a57
http://ports.ubuntu.com/pool/main/k/koffice/kchart_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 1364554 258dc9b33e6d270ff719c91e3ef37db9
http://ports.ubuntu.com/pool/main/k/koffice/kexi_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 3709952 28d37bcb119b836c3a4e92407738fa7f
http://ports.ubuntu.com/pool/main/k/koffice/kformula_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 1027620 5e2309d118d267e9b692fec5ee16a0db
http://ports.ubuntu.com/pool/main/k/koffice/kivio_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 587256 bead26a9cc80d7bea3c00416b178377c
http://ports.ubuntu.com/pool/main/k/koffice/koffice-dbg_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 55955530 ed06d8fe4737caa802c47e83dbb466e1
http://ports.ubuntu.com/pool/main/k/koffice/koffice-dev_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 394498 c30a126fa23c2506750e211a4b126fa9
http://ports.ubuntu.com/pool/main/k/koffice/koffice-libs_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 2619418 5370a9dcf9f00cc78da20ee4adfb4c8b
http://ports.ubuntu.com/pool/main/k/koffice/koshell_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 180344 141e38c24581f2c8f023e57fca067cb4
http://ports.ubuntu.com/pool/main/k/koffice/kplato_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 903470 8abaab749117c77c22446495e59e309c
http://ports.ubuntu.com/pool/main/k/koffice/kpresenter_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 1321174 cac2871f1847863b4b2ebf565b25df19
http://ports.ubuntu.com/pool/main/k/koffice/krita_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 3394952 44a59865f180b3d5500dc0cd4e0b906e
http://ports.ubuntu.com/pool/main/k/koffice/kspread_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 2718124 479211cb5a9018ba6fa4000a280c77e1
http://ports.ubuntu.com/pool/main/k/koffice/kthesaurus_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 320612 9e2c1960e9fc010e6dcc25a0cb1574b4
http://ports.ubuntu.com/pool/main/k/koffice/kugar_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 454328 61ee3edf596ea67f4faa0974cd46be30
http://ports.ubuntu.com/pool/main/k/koffice/kword_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 2512304 43c6105b4fae1f63b48c449365e95087
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/k/koffice/karbon_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 962916 ad7e5830f033940223ed825226496183
http://ports.ubuntu.com/pool/main/k/koffice/kchart_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 1304972 050e2196a5c5ccb31c89741a9b0f2b6d
http://ports.ubuntu.com/pool/main/k/koffice/kexi_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 3410504 ec1e27da573bd6b2464edc8b45ba0814
http://ports.ubuntu.com/pool/main/k/koffice/kformula_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 1013536 ef4bda5f39caed0b5ca4144e49c1097a
http://ports.ubuntu.com/pool/main/k/koffice/kivio_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 528266 7d60ee9ce5489fce6aa0f87d8178ca0c
http://ports.ubuntu.com/pool/main/k/koffice/koffice-dbg_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 51732154 137a826d403b455408b815aea0f2104a
http://ports.ubuntu.com/pool/main/k/koffice/koffice-dev_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 394506 4cfc6172b52148a1f9de20997657c590
http://ports.ubuntu.com/pool/main/k/koffice/koffice-libs_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 2354854 8c1e19804067a2aa70409e334917070e
http://ports.ubuntu.com/pool/main/k/koffice/koshell_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 172078 77aa57456966572fd5e151fc3fdbf72c
http://ports.ubuntu.com/pool/main/k/koffice/kplato_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 855470 aba0765689e839609756f3eb27693058
http://ports.ubuntu.com/pool/main/k/koffice/kpresenter_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 1223480 94ba8198733e21a488c0d6da4493b1c2
http://ports.ubuntu.com/pool/main/k/koffice/krita_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 3002516 1a884308c7fb75403d49cf1ff73fe79f
http://ports.ubuntu.com/pool/main/k/koffice/kspread_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 2565326 1fa53d14437814a657c1fe81d7269a02
http://ports.ubuntu.com/pool/main/k/koffice/kthesaurus_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 311270 97d7cca2e2a75f15288e8725fd4b905e
http://ports.ubuntu.com/pool/main/k/koffice/kugar_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 426002 0c83afb3dbd67a10c11cc7d310e81511
http://ports.ubuntu.com/pool/main/k/koffice/kword_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 2311632 c449bd3fa59e22f9e32a884ffc3f81cf
. NOTE: some of these details are obtained
from third party information. NOTE: this issue reportedly exists
because of an incomplete fix for CVE-2009-1188 (CVE-2009-3603).
Additionally the kdegraphics package was rebuild to make
kdegraphics-kpdf link correctly to the new poppler libraries and are
also provided. (CVE-2009-0163)
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier,
as used in Poppler and other products, when running on Mac OS X,
has unspecified impact, related to g*allocn. NOTE:
the JBIG2Stream.cxx vector may overlap CVE-2009-1179. (CVE-2009-0800)
The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10
does not properly initialize memory for IPP request packets, which
allows remote attackers to cause a denial of service (NULL pointer
dereference and daemon crash) via a scheduler request with two
consecutive IPP_TAG_UNSUPPORTED tags. (CVE-2009-1183)
Two integer overflow flaws were found in the CUPS pdftops filter. (CVE-2009-3608, CVE-2009-3609)
This update corrects the problems.
Update:
Packages for 2008.0 are being provided due to extended support for
Corporate products.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0163
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0165
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0195
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0791
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0949
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2008.0:
6b17f59f63c062c017c78d459dd2d89a 2008.0/i586/cups-1.3.10-0.1mdv2008.0.i586.rpm
9bc5298d9895c356227fdda3a0ddb2c0 2008.0/i586/cups-common-1.3.10-0.1mdv2008.0.i586.rpm
e3583883df8532fc8c496866dac713f8 2008.0/i586/cups-serial-1.3.10-0.1mdv2008.0.i586.rpm
fac1fcb839ad53322a447d4d39f769e3 2008.0/i586/libcups2-1.3.10-0.1mdv2008.0.i586.rpm
3d65afc590fb8520d68b2a3e8e1da696 2008.0/i586/libcups2-devel-1.3.10-0.1mdv2008.0.i586.rpm
9e09ed22a2522ee45e93e0edc146193f 2008.0/i586/libpoppler2-0.6-3.5mdv2008.0.i586.rpm
7427b1f56387e84db5a15aad85b424d2 2008.0/i586/libpoppler-devel-0.6-3.5mdv2008.0.i586.rpm
67937a584d365d6b00ef688c88e8d7c5 2008.0/i586/libpoppler-glib2-0.6-3.5mdv2008.0.i586.rpm
410dc85c2c7b71ab316be5607c556682 2008.0/i586/libpoppler-glib-devel-0.6-3.5mdv2008.0.i586.rpm
64d6e14be8d93c7651ce5dc3e2ebc5bf 2008.0/i586/libpoppler-qt2-0.6-3.5mdv2008.0.i586.rpm
cc9af7e314b6eaa6a8f946fa2c27f298 2008.0/i586/libpoppler-qt4-2-0.6-3.5mdv2008.0.i586.rpm
0c6d3a6b5211e8506a89144b8c3a3cfb 2008.0/i586/libpoppler-qt4-devel-0.6-3.5mdv2008.0.i586.rpm
c985516638ed4d8f792daa13bd506023 2008.0/i586/libpoppler-qt-devel-0.6-3.5mdv2008.0.i586.rpm
8d05619dcef538092696ce70998abd20 2008.0/i586/php-cups-1.3.10-0.1mdv2008.0.i586.rpm
0bae2a3525b796882d2cc87853945e5a 2008.0/i586/poppler-0.6-3.5mdv2008.0.i586.rpm
f3b53f5fafa8af4d754a5985e5f93830 2008.0/SRPMS/cups-1.3.10-0.1mdv2008.0.src.rpm
11b021f4e5d21d199728b9a0a37a8230 2008.0/SRPMS/poppler-0.6-3.5mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64:
8249475feb3bdc74ea7060944baed6aa 2008.0/x86_64/cups-1.3.10-0.1mdv2008.0.x86_64.rpm
83951504acb783cfdb8ec4fe48d31e1e 2008.0/x86_64/cups-common-1.3.10-0.1mdv2008.0.x86_64.rpm
fa8a91e8e3bc8f11c19ab460d1f690fe 2008.0/x86_64/cups-serial-1.3.10-0.1mdv2008.0.x86_64.rpm
e061fdbeded2d97bb3ca6b34d33cb384 2008.0/x86_64/lib64cups2-1.3.10-0.1mdv2008.0.x86_64.rpm
893235ea8cf23295ae961ea2de0b9903 2008.0/x86_64/lib64cups2-devel-1.3.10-0.1mdv2008.0.x86_64.rpm
9844640563afdef4a870e2ed12e58136 2008.0/x86_64/lib64poppler2-0.6-3.5mdv2008.0.x86_64.rpm
06ea824a6a2cd9360a9e75a14718192a 2008.0/x86_64/lib64poppler-devel-0.6-3.5mdv2008.0.x86_64.rpm
bb0eb04fa906a352e6738d08f116f89b 2008.0/x86_64/lib64poppler-glib2-0.6-3.5mdv2008.0.x86_64.rpm
43d6a85dfdad7e969655ee4e2a377370 2008.0/x86_64/lib64poppler-glib-devel-0.6-3.5mdv2008.0.x86_64.rpm
eef29dde4b9e80d4c360e953cbe9110b 2008.0/x86_64/lib64poppler-qt2-0.6-3.5mdv2008.0.x86_64.rpm
c74dc9f245091f451441d8b88f0beed3 2008.0/x86_64/lib64poppler-qt4-2-0.6-3.5mdv2008.0.x86_64.rpm
60345458274afc6ff480317fc408ec52 2008.0/x86_64/lib64poppler-qt4-devel-0.6-3.5mdv2008.0.x86_64.rpm
0a880b9c0d655c10f5757882e30911f1 2008.0/x86_64/lib64poppler-qt-devel-0.6-3.5mdv2008.0.x86_64.rpm
eb6fde793ac0d7ea86df42aa22637807 2008.0/x86_64/php-cups-1.3.10-0.1mdv2008.0.x86_64.rpm
7f475f07368ed9158008f2891dce2cd6 2008.0/x86_64/poppler-0.6-3.5mdv2008.0.x86_64.rpm
f3b53f5fafa8af4d754a5985e5f93830 2008.0/SRPMS/cups-1.3.10-0.1mdv2008.0.src.rpm
11b021f4e5d21d199728b9a0a37a8230 2008.0/SRPMS/poppler-0.6-3.5mdv2008.0.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFLHXsgmqjQ0CJFipgRAu1fAKCINX1H5StX89GjMDWzGrEM1UiHeACeMLSY
a3mQtrfvoibfn29OFAfdSn0=
=lTbL
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
.
======================================================================
2) Severity
Rating: Highly critical
Impact: System access
Where: Remote
======================================================================
3) Vendor's Description of Software
"Xpdf is an open source viewer for Portable Document Format (PDF)
files. (These are also sometimes also called 'Acrobat' files, from the
name of Adobe's PDF software.) The Xpdf project also includes a PDF
text extractor, PDF-to-PostScript converter, and various other
utilities.".
Product Link:
http://www.foolabs.com/xpdf/
======================================================================
4) Description of Vulnerability
Secunia Research has discovered a vulnerability in Xpdf, which can be
exploited by malicious people to potentially compromise a user's
system.
The vulnerability is caused due to a boundary error while decoding
JBIG2 symbol dictionary segments.
Successful exploitation may allow execution of arbitrary code.
======================================================================
5) Solution
Apply xpdf-3.02pl3.patch.
======================================================================
6) Time Table
26/03/2009 - Vendor notified.
26/03/2009 - vendor-sec notified.
27/03/2009 - Vendor response.
17/04/2009 - Public disclosure.
======================================================================
7) Credits
Discovered by Alin Rad Pop, Secunia Research.
======================================================================
8) References
The Common Vulnerabilities and Exposures (CVE) project has assigned
CVE-2009-0195 for the vulnerability.
======================================================================
9) About Secunia
Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
individuals, who are interested in or concerned about IT-security.
http://secunia.com/advisories/
Secunia believes that it is important to support the community and to
do active vulnerability research in order to aid improving the
security and reliability of software in general:
http://secunia.com/secunia_research/
Secunia regularly hires new skilled team members. Check the URL below
to see currently vacant positions:
http://secunia.com/corporate/jobs/
Secunia offers a FREE mailing list called Secunia Security Advisories:
http://secunia.com/advisories/mailing_lists/
======================================================================
10) Verification
Please verify this advisory by visiting the Secunia website:
http://secunia.com/secunia_research/2009-17/
Complete list of vulnerability reports published by Secunia Research:
http://secunia.com/secunia_research/
======================================================================
_______________________________________________
Full-Disclosure - We believe in it
| VAR-200904-0651 | No CVE | MiniWeb Source Code Information Disclosure Vulnerability |
CVSS V2: - CVSS V3: - Severity: - |
MiniWeb is prone to a vulnerability that lets attackers access source code because it fails to properly sanitize user-supplied input.
An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable computer in the context of the webserver process. Information obtained may aid in further attacks.
We don't know which versions of MiniWeb are affected. We will update this BID when further details are available.
| VAR-200904-0652 | No CVE | MiniWeb Remote Buffer Overflow Vulnerability |
CVSS V2: - CVSS V3: - Severity: - |
MiniWeb is prone to a remote buffer-overflow vulnerability.
An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
| VAR-200904-0819 | CVE-2009-1182 | Xpdf and poppler contain multiple vulnerabilities in the processing of JBIG2 data |
CVSS V2: 7.5 CVSS V3: - Severity: HIGH |
Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file. Xpdf is prone to multiple security vulnerabilities. Failed exploit attempts will likely cause denial-of-service conditions.
These issues affect multiple applications on multiple platforms that use the affected library. Xpdf is an open source viewer for Portable Document Format (PDF) files.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
______________________________________________________________________________
SUSE Security Announcement
Package: cups
Announcement ID: SUSE-SA:2009:024
Date: Wed, 22 Apr 2009 13:00:00 +0000
Affected Products: openSUSE 10.3
openSUSE 11.0
openSUSE 11.1
SUSE SLES 9
Novell Linux Desktop 9
Open Enterprise Server
Novell Linux POS 9
SUSE Linux Enterprise Desktop 10 SP2
SUSE Linux Enterprise Server 10 SP2
SLE 11
Vulnerability Type: remote code execution
Severity (1-10): 8 (critical)
SUSE Default Package: yes
Cross-References: CVE-2009-0146, CVE-2009-0147, CVE-2009-0163
CVE-2009-0165, CVE-2009-0166, CVE-2009-0799
CVE-2009-0800, CVE-2009-1179, CVE-2009-1180
CVE-2009-1181, CVE-2009-1182, CVE-2009-1183
Content of This Advisory:
1) Security Vulnerability Resolved:
fixed remotely exploitable overflows
Problem Description
2) Solution or Work-Around
3) Special Instructions and Notes
4) Package Location and Checksums
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
none
6) Authenticity Verification and Additional Information
______________________________________________________________________________
1) Problem Description and Brief Discussion
The Common Unix Printing System, CUPS, is a printing server for unix-like
operating systems. It allows a local user to print documents as well as
remote users via port 631/tcp.
The first one can be triggered by a specially crafted tiff file. This
file could lead to an integer overflow in the 'imagetops' filter which
caused an heap overflow later.
This bug is probably exploitable remotely by users having remote access
to the CUPS server and allows the execution of arbitrary code with the
privileges of the cupsd process. (CVE-2009-0163)
The second issue affects the JBIG2 decoding of the 'pdftops' filter.
The JBIG2 decoding routines are vulnerable to various software failure
types like integer and buffer overflows and it is believed to be exploit-
able remotely to execute arbitrary code with the privileges of the cupsd
process.
(CVE-2009-0146, CVE-2009-0147, CVE-2009-0165, CVE-2009-0166, CVE-2009-0799,
CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-1182,
CVE-2009-1183)
2) Solution or Work-Around
none
3) Special Instructions and Notes
none
4) Package Location and Checksums
The preferred method for installing security updates is to use the YaST
Online Update (YOU) tool. YOU detects which updates are required and
automatically performs the necessary steps to verify and install them.
Alternatively, download the update packages for your distribution manually
and verify their integrity by the methods listed in Section 6 of this
announcement. Then install the packages using the command
rpm -Fhv <file.rpm>
to apply the update, replacing <file.rpm> with the filename of the
downloaded RPM package.
x86 Platform:
openSUSE 11.1:
http://download.opensuse.org/debug/update/11.1/rpm/i586/cups-debuginfo-1.3.9-7.2.1.i586.rpm
http://download.opensuse.org/debug/update/11.1/rpm/i586/cups-debugsource-1.3.9-7.2.1.i586.rpm
http://download.opensuse.org/update/11.1/rpm/i586/cups-1.3.9-7.2.1.i586.rpm
http://download.opensuse.org/update/11.1/rpm/i586/cups-client-1.3.9-7.2.1.i586.rpm
http://download.opensuse.org/update/11.1/rpm/i586/cups-devel-1.3.9-7.2.1.i586.rpm
http://download.opensuse.org/update/11.1/rpm/i586/cups-libs-1.3.9-7.2.1.i586.rpm
openSUSE 11.0:
http://download.opensuse.org/debug/update/11.0/rpm/i586/cups-debuginfo-1.3.7-25.8.i586.rpm
http://download.opensuse.org/debug/update/11.0/rpm/i586/cups-debugsource-1.3.7-25.8.i586.rpm
http://download.opensuse.org/update/11.0/rpm/i586/cups-1.3.7-25.8.i586.rpm
http://download.opensuse.org/update/11.0/rpm/i586/cups-client-1.3.7-25.8.i586.rpm
http://download.opensuse.org/update/11.0/rpm/i586/cups-devel-1.3.7-25.8.i586.rpm
http://download.opensuse.org/update/11.0/rpm/i586/cups-libs-1.3.7-25.8.i586.rpm
openSUSE 10.3:
http://download.opensuse.org/update/10.3/rpm/i586/cups-1.2.12-22.21.i586.rpm
http://download.opensuse.org/update/10.3/rpm/i586/cups-client-1.2.12-22.21.i586.rpm
http://download.opensuse.org/update/10.3/rpm/i586/cups-devel-1.2.12-22.21.i586.rpm
http://download.opensuse.org/update/10.3/rpm/i586/cups-libs-1.2.12-22.21.i586.rpm
Power PC Platform:
openSUSE 11.1:
http://download.opensuse.org/debug/update/11.1/rpm/ppc/cups-debuginfo-1.3.9-7.2.1.ppc.rpm
http://download.opensuse.org/debug/update/11.1/rpm/ppc/cups-debugsource-1.3.9-7.2.1.ppc.rpm
http://download.opensuse.org/update/11.1/rpm/ppc/cups-1.3.9-7.2.1.ppc.rpm
http://download.opensuse.org/update/11.1/rpm/ppc/cups-client-1.3.9-7.2.1.ppc.rpm
http://download.opensuse.org/update/11.1/rpm/ppc/cups-devel-1.3.9-7.2.1.ppc.rpm
http://download.opensuse.org/update/11.1/rpm/ppc/cups-libs-1.3.9-7.2.1.ppc.rpm
http://download.opensuse.org/update/11.1/rpm/ppc/cups-libs-64bit-1.3.9-7.2.1.ppc.rpm
openSUSE 11.0:
http://download.opensuse.org/debug/update/11.0/rpm/ppc/cups-debuginfo-1.3.7-25.8.ppc.rpm
http://download.opensuse.org/debug/update/11.0/rpm/ppc/cups-debugsource-1.3.7-25.8.ppc.rpm
http://download.opensuse.org/update/11.0/rpm/ppc/cups-1.3.7-25.8.ppc.rpm
http://download.opensuse.org/update/11.0/rpm/ppc/cups-client-1.3.7-25.8.ppc.rpm
http://download.opensuse.org/update/11.0/rpm/ppc/cups-devel-1.3.7-25.8.ppc.rpm
http://download.opensuse.org/update/11.0/rpm/ppc/cups-libs-1.3.7-25.8.ppc.rpm
http://download.opensuse.org/update/11.0/rpm/ppc/cups-libs-64bit-1.3.7-25.8.ppc.rpm
openSUSE 10.3:
http://download.opensuse.org/update/10.3/rpm/ppc/cups-1.2.12-22.21.ppc.rpm
http://download.opensuse.org/update/10.3/rpm/ppc/cups-client-1.2.12-22.21.ppc.rpm
http://download.opensuse.org/update/10.3/rpm/ppc/cups-devel-1.2.12-22.21.ppc.rpm
http://download.opensuse.org/update/10.3/rpm/ppc/cups-libs-1.2.12-22.21.ppc.rpm
http://download.opensuse.org/update/10.3/rpm/ppc/cups-libs-64bit-1.2.12-22.21.ppc.rpm
x86-64 Platform:
openSUSE 11.1:
http://download.opensuse.org/debug/update/11.1/rpm/x86_64/cups-debuginfo-1.3.9-7.2.1.x86_64.rpm
http://download.opensuse.org/debug/update/11.1/rpm/x86_64/cups-debugsource-1.3.9-7.2.1.x86_64.rpm
http://download.opensuse.org/update/11.1/rpm/x86_64/cups-1.3.9-7.2.1.x86_64.rpm
http://download.opensuse.org/update/11.1/rpm/x86_64/cups-client-1.3.9-7.2.1.x86_64.rpm
http://download.opensuse.org/update/11.1/rpm/x86_64/cups-devel-1.3.9-7.2.1.x86_64.rpm
http://download.opensuse.org/update/11.1/rpm/x86_64/cups-libs-1.3.9-7.2.1.x86_64.rpm
http://download.opensuse.org/update/11.1/rpm/x86_64/cups-libs-32bit-1.3.9-7.2.1.x86_64.rpm
openSUSE 11.0:
http://download.opensuse.org/debug/update/11.0/rpm/x86_64/cups-debuginfo-1.3.7-25.8.x86_64.rpm
http://download.opensuse.org/debug/update/11.0/rpm/x86_64/cups-debugsource-1.3.7-25.8.x86_64.rpm
http://download.opensuse.org/update/11.0/rpm/x86_64/cups-1.3.7-25.8.x86_64.rpm
http://download.opensuse.org/update/11.0/rpm/x86_64/cups-client-1.3.7-25.8.x86_64.rpm
http://download.opensuse.org/update/11.0/rpm/x86_64/cups-devel-1.3.7-25.8.x86_64.rpm
http://download.opensuse.org/update/11.0/rpm/x86_64/cups-libs-1.3.7-25.8.x86_64.rpm
http://download.opensuse.org/update/11.0/rpm/x86_64/cups-libs-32bit-1.3.7-25.8.x86_64.rpm
openSUSE 10.3:
http://download.opensuse.org/update/10.3/rpm/x86_64/cups-1.2.12-22.21.x86_64.rpm
http://download.opensuse.org/update/10.3/rpm/x86_64/cups-client-1.2.12-22.21.x86_64.rpm
http://download.opensuse.org/update/10.3/rpm/x86_64/cups-devel-1.2.12-22.21.x86_64.rpm
http://download.opensuse.org/update/10.3/rpm/x86_64/cups-libs-1.2.12-22.21.x86_64.rpm
http://download.opensuse.org/update/10.3/rpm/x86_64/cups-libs-32bit-1.2.12-22.21.x86_64.rpm
Sources:
openSUSE 11.1:
http://download.opensuse.org/update/11.1/rpm/src/cups-1.3.9-7.2.1.src.rpm
openSUSE 11.0:
http://download.opensuse.org/update/11.0/rpm/src/cups-1.3.7-25.8.src.rpm
openSUSE 10.3:
http://download.opensuse.org/update/10.3/rpm/src/cups-1.2.12-22.21.src.rpm
Our maintenance customers are notified individually. The packages are
offered for installation from the maintenance web:
Open Enterprise Server
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=403675f837530f047eb825dcb7428cf3
Novell Linux POS 9
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=403675f837530f047eb825dcb7428cf3
Novell Linux Desktop 9
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=403675f837530f047eb825dcb7428cf3
SUSE SLES 9
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=403675f837530f047eb825dcb7428cf3
SUSE Linux Enterprise Server 10 SP2
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=a777264f13a7d9d882a7d024d831be1f
SUSE Linux Enterprise Desktop 10 SP2
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=a777264f13a7d9d882a7d024d831be1f
SLES 11
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=22d7a0746f9c204f5ecc1395385739f7
SLED 11
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=22d7a0746f9c204f5ecc1395385739f7
SLE 11
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=22d7a0746f9c204f5ecc1395385739f7
SLES 11 DEBUGINFO
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=22d7a0746f9c204f5ecc1395385739f7
______________________________________________________________________________
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
none
______________________________________________________________________________
6) Authenticity Verification and Additional Information
- Announcement authenticity verification:
SUSE security announcements are published via mailing lists and on Web
sites. The authenticity and integrity of a SUSE security announcement is
guaranteed by a cryptographic signature in each announcement. All SUSE
security announcements are published with a valid signature.
To verify the signature of the announcement, save it as text into a file
and run the command
gpg --verify <file>
replacing <file> with the name of the file where you saved the
announcement. The output for a valid signature looks like:
gpg: Signature made <DATE> using RSA key ID 3D25D3D9
gpg: Good signature from "SuSE Security Team <security@suse.de>"
where <DATE> is replaced by the date the document was signed.
If the security team's key is not contained in your key ring, you can
import it from the first installation CD. To import the key, use the
command
gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc
- Package authenticity verification:
SUSE update packages are available on many mirror FTP servers all over the
world. While this service is considered valuable and important to the free
and open source software community, the authenticity and the integrity of
a package needs to be verified to ensure that it has not been tampered
with.
The internal rpm package signatures provide an easy way to verify the
authenticity of an RPM package. Use the command
rpm -v --checksig <file.rpm>
to verify the signature of the package, replacing <file.rpm> with the
filename of the RPM package downloaded. The package is unmodified if it
contains a valid signature from build@suse.de with the key ID 9C800ACA.
This key is automatically imported into the RPM database (on
RPMv4-based distributions) and the gpg key ring of 'root' during
installation. You can also find it on the first installation CD and at
the end of this announcement.
- SUSE runs two security mailing lists to which any interested party may
subscribe:
opensuse-security@opensuse.org
- General Linux and SUSE security discussion.
All SUSE security announcements are sent to this list.
To subscribe, send an e-mail to
<opensuse-security+subscribe@opensuse.org>.
opensuse-security-announce@opensuse.org
- SUSE's announce-only mailing list.
Only SUSE's security announcements are sent to this list.
To subscribe, send an e-mail to
<opensuse-security-announce+subscribe@opensuse.org>.
=====================================================================
SUSE's security contact is <security@suse.com> or <security@suse.de>.
The <security@suse.de> public key is listed below.
=====================================================================
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way. In particular, the
clear text signature should show proof of the authenticity of the text.
SUSE Linux Products GmbH provides no warranties of any kind whatsoever
with respect to the information contained in this security advisory.
Type Bits/KeyID Date User ID
pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security@suse.de>
pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build@suse.de>
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.2 (GNU/Linux)
mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA
BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz
JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh
1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U
P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+
cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg
VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b
yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7
tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ
xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63
Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo
choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI
BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u
v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+
x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0
Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq
MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2
saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o
L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU
F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS
FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW
tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It
Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF
AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+
3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk
YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP
+Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR
8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U
8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S
cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh
ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB
UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo
AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n
KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi
BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro
nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg
KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx
yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn
B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV
wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh
UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF
5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3
D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu
zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd
9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi
a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13
CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp
271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE
t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG
B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw
rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt
IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL
rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H
RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa
g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA
CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO
=ypVs
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSe8qrney5gA9JdPZAQI4aQf/e938Hr+O1QYi9y5cm9ycOcaFHWx0oZED
yyOc4lUYZrb7qjmErPHfpoMR9c2XZlmESwKY0RZjddxe+vINDrOcMuI4nrp12ObP
uYvSAAz3xgpXzVtW5B/90ihHJAqHAnwOsdO8adt6PtKCt7T2gMPuQV0RSz3BRy//
qtBHDNyTBRPK7ex/YKUyQAbNENQUa3r9BaHpTHWjscfCoQch4Wz5hmLKv/n7eYdj
CFetsr6zu3hn3isKD8EPTIMbkpaYBMxp53UnNiRmVRy0Gb7zlBz5ByYQaYY+YKf/
OZ+ZHRTuDsNbAT03QtkvML3yqr3Yobb39DFa+cSsH2c9xTdwWdzSAg==
=ZnS5
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
. NOTE: some of these details are obtained
from third party information. NOTE: this issue reportedly exists
because of an incomplete fix for CVE-2009-1188 (CVE-2009-3603).
Additionally the kdegraphics package was rebuild to make
kdegraphics-kpdf link correctly to the new poppler libraries and are
also provided. (CVE-2009-0165).
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- -------------------------------
Debian (oldstable)
- ------------------
Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.5-3etch3.diff.gz
Size/MD5 checksum: 432182 2053275597413021f87e328af7f43d0f
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.5-3etch3.dsc
Size/MD5 checksum: 1536 57806c433333025933014631c41e518a
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.5.orig.tar.gz
Size/MD5 checksum: 9012930 944e16dde53ffdb8c25a90d951a9d223
Architecture independent packages:
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-doc-html_3.5.5-3etch3_all.deb
Size/MD5 checksum: 156348 10d47436c7ad315663e54f5bef6956fe
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.5-3etch3_all.deb
Size/MD5 checksum: 19940 c4a51eb3d3eaf0de3e401e66d77093dd
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 82940 279fe5e4b03666f881f1a9d53fc49be9
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 198562 ee1af15d9d521f7508eda61000500330
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 856558 319b936aa8bbf8b2e7f38b16871d504c
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 780850 34e264cffbc7acec902cd985c1580d82
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 1146416 948e35d1a8c6a39b63ad036c8ac4807b
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 114074 a9ac69d9ffbdcc89146f990b16fcdc81
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 509372 cb5a8055bc0af7cbf33566d8147330fc
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 251380 4503f766d0a0fba671df9c45b632d6e6
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 255340 9b7321ad4b356ce7024bf9044c3ac0e0
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 887210 61802ba3026c338444c39e90daa2cfc8
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 152524 fdca706a9c72c744347851b3b1dabab8
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 19778 46e1c53f720d1113d760de97d7959e14
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 119238 9502ccbf2d0c6138758223ad4be3e602
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 439306 761c97f184e4b5b5f6561217f304cab3
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 67738 3329566f1606c4a5b22876d2e0b43f64
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 97698 1d545e748c4c87f690fa5b97d15faf43
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 100252 50b05eb39a39bf9ce9088d4082b169b6
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 179954 89023dbb012658381c434e6d3b7bf701
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 329172 77265d59ebfaa8c0fba02bcbae5e5cb5
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 153144 c23d64d5d6b3003c3f981888f5e3b555
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 34302218 2ab32f3faab33ad6777055cc60809084
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 2374958 14c5f1b7af6dd98e6e8c742e544d4cbc
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 548672 f2f2cd6115df10055485a49ba026b7a7
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch3_alpha.deb
Size/MD5 checksum: 1365378 5ea34f18f684eac4c47b7883316ec002
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 1221106 7064667752a9ba80fbb01ebc97159f59
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 1100682 51a7a1d62eaae040b089e5044e9a2171
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 499030 84d8d310e996083df53e67708abe71f1
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 149576 50488742c48273f9c487a38c1aacd018
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 243014 0b9688f7dd1d7ba64f17cbe2b750a3a4
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 292926 071bce4faeaf81992111cc71ad31b50f
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 111860 b38ef5ee22f8b4a99e3c54cebccd35f5
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 109344 eb13d634f9546fab21444ecbbc2c72a2
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 240432 14a1facecfe3fbd543733814a8dd9940
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 768332 7475be7d9f5dcb52d354f3087cae44ce
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 540444 23fc287b643cd057027ed6c3c3892c06
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 423860 b4bac054eb6c187f06658f686ffc284a
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 2290492 91008033d6ea0404baad997d070d8499
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 93608 73239125281fd9ab71e0e2c003f64c16
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 829848 cf8f0faecff0e9cb457d8e7876c5cb3c
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 144850 0523fe801015d735b533ebeb1d42af0b
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 19770 c15b3117e8f9d3ebad285f6d9fd30369
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 25829340 99731d961c5da4b33206b5d8e5ee6e65
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 176602 c4d728cff49c6378eedd7e6d51f08d89
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 792056 4bc31d4602b1f388176d679342e3b2e9
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 80366 595d9816ff2496d6107b300dad1d00a1
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 69172 a010e8f0752195840577f74225d4b8c1
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 184414 82a45153191311a867e8987b6856ac3a
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch3_amd64.deb
Size/MD5 checksum: 102092 49474d1629a1a8ae7f4440af50eeb386
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 557078 f93de4d9f6491d01219db0c8824c5995
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 1427090 89ecc1a0f7237c37e05301e357c920a7
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 178114 7b29a4e451f3baa76c3c8d31df45092e
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 101166 ab806cba6cc35d39fb99e4d9ecd5e623
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 111690 23250e8035e9a0f49d240adf4fd8bed0
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 190006 b1843a4fbe215c53099147bb4f5a499c
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 257218 140d3302cce2559f5bccca89d5d9c201
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 114510 5a914c1e0d2c44214bbfebac69e08f28
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 509576 a005951109ac32f9b3584328779f539b
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 1140932 d21a86fecc36400d19a5de668cb64113
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 67148 f837bc6a3e66a9d099a5b4665ec075de
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 19784 306bb35c95f55610ef54d4ac33b3d48a
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 150288 25372b68f1f04ebc7292399a82e6494b
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 860146 350bf86e1b9f1fe54f0d680c28dfc5d3
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 890216 45cadf66a4ba3ade00599a5424e31488
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 84352 38c1b63ec876bc1c7784fc115c42463b
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 97706 1fa7077224617b0c5316b2c650ce11f7
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 26248636 8fdef26d69949764e5622f092680e37e
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 445242 955cf320ee94cfff3d5dc57a32c3c960
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 152216 13ca704189205e2cb60d111e4570f6e6
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 316704 c474d130f7ab6238079c760b89b6fee1
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 253848 790ad439aa7bf2ff386cb95f30fd7dfe
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 769756 efb373759e1a813f330c57f570ade3ad
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch3_hppa.deb
Size/MD5 checksum: 2454094 159ffc0522b53414294b36ea2e9c829d
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 785190 14ddfe9a0d86cc8b93506d9202ebb242
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 103970 621234e9a9ce4a2241375c4ff8407b23
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 146376 4c1747c88b264290e38ada6514218775
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 108272 9394db8868121992889a43502841ad84
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 234612 d04cd6cecb73f366e88b7aa483241e4a
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 68122 885186d94cd806016d01d88e9fc82c0f
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 135552 68aaf8c0424a3e25594360ab58ea60ec
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 532588 8bc752bdbd54e298afd3f37a20f56d18
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 262490 a07ac3d740f874006b7e7194f5719e28
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 173904 80757bd6f6f56c4abd597accb87eaa06
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 90496 363d4446a465d740fd23c728469bcab1
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 177684 d508e51f067f10665f1edb78c8871c29
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 2228302 61201ff71df3528e30ddf66af532b604
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 401376 870948b3120613ab4b13cfc8bcfe33b7
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 223606 4f5e08323a73c2b5f100dac01c949d47
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 493804 569e64088add9c21e567b94b14372315
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 78866 09ccb537e64fbdbda588562666f8c5b3
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 19774 d1fb6a85662301ba752d8381c138270a
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 25359080 c907475dd78c8f69d8c099d140689ce7
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 758452 1dd0cf90b6f07059456eadc0cdf75a5d
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 745290 1cc39477c0ba3f8dd36346cdd8136033
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 102640 084fb69239a6e3a7d226f403153052f1
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 1074930 44e0e1869192fcb275e5e46b0aa9517b
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch3_i386.deb
Size/MD5 checksum: 1221078 e3b837e7596791b4da1377770822e122
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 73408 f6c137631b46af9aeb03ef7dc557e4ae
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 1471968 9131e67370a77e3806bbe0b919e1c3c5
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 220710 87a5463ac72906486a2b61c63a0d53db
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 291172 9247413922248b0eb5857e2614a39770
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 179016 0a214cb3c31f671bbe9a1f2d02c4eb2a
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 126772 36898efcdac049a8b923bd96485fa2c4
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 110466 f32a799db30d10fe0d313c8262295681
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 187896 a53bd37b6cd540610fc083f1328357e5
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 93782 bfc47bf81b97d8ee8be88c67a296a6e5
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 1120834 26b9f4873159ca602d18e45fd6c1b01e
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 2666616 1649d62de1f45e635a6d761694728d35
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 811332 f79b79ad7a99264c46c2d1e139ecf6f9
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 19774 f6a8d49b4d5eb2c43265af3a6ee973ac
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 1255290 30cb556975cb30d8164ff32ccd844dee
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 290436 f6845967d61901acd012d9a12f2e4f20
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 129184 040328f294b680724ca530e6149502fd
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 533796 1b89fd4d86619aebf1609232f2f077cb
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 25336890 686b93159840f28ffdce7e5e82f08660
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 100236 3af187da099b7aca0334955984b99f2d
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 603830 7905bac6125e1fd01d1e74a18456d71d
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 166168 a4acdefd377c2a1cc6fa1938cdcfab79
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 487248 068a09550168dc89a4a0428b6c602392
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 1060540 eff88d6d0eb489a6f4a68787c2541ef6
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch3_ia64.deb
Size/MD5 checksum: 391544 ba2c14c80e15590f2cce94e4f2cb85a2
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 1140412 183b91083f50b9ecd20196a19b17a19e
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 1131892 697dca14c8d94da8622322da6d3f1a5d
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 224632 18c48a36ac6629e9f4d0000b9a4e3b21
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 106302 ef9532eec779bb232b8deb8e03c0d660
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 519186 134af4a9d045880db1a50b65f9414502
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 188952 d60afec10dfdf6157e63699051228a64
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 754164 a8b24bb88ad52bac0ff4a06e40fed131
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 484610 ec756e2ffdf5a487c28c18fb27cbc296
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 767296 d526803bc8c09994edd1eb2a05263301
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 111414 0aeab8e50e1253f5099d4b1a603110d0
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 102602 0c57ec0a1b067b1918550c173b6b21a5
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 395164 83d122b792d35de525d7724056b5b39b
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 19776 3f2b0a6019e3c490e8eba7824ad0daa7
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 65262 5b48ff15fc2cfb2228813ed2522043a1
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 258664 04ab740de032ab6a15d230060edb0d07
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 26688298 399b3ace615307b865d2ac7b28602314
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 148536 a89b71306d1c2439a8b4f4ea09641fdd
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 211842 cd1b7934b50965cd91987642432bc7df
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 85204 7a5398cf57ac5df20abd9b91e8ceb77f
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 746558 4bffaca1db892452457b347155490cba
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 2106260 242385ba891ff767369dfa0e553166e0
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 128312 655cf40af6ae1d9107c64c77ba31fb34
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 74840 e47588f9745762c725c78ec8df2f3a81
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch3_mips.deb
Size/MD5 checksum: 178492 fbc899ad97cc13e1b693b17017d2e0f9
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 765926 66ac1d44f36f66f5fc64aced39103018
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 126342 2df55ff9ded124c6c4bdd8563caca849
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 65136 adeb54549cbf126af571280665ce91b6
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 188586 2184d4314971c76ca2036b5d08a7dcf0
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 517384 a564f7c7950337b46a5a3a3e149fdad2
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 100260 2051cc2952825a122c8a715e86dfd6d2
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 2091724 ec2d2ef066fd31399b2e68fa0a50e7c3
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 392068 5a46b0ec571b097850d737294dceade9
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 25821848 62f1b3c168ca0900cbc1e5fe91cb677e
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 148710 c47307bd43cce7a5c1916320cb5ba4cd
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 86010 456bc6b22580b6648ce45245d22ceed2
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 111438 eaad2c8bf2fb34160ea6cc15468ad8e3
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 177088 99467b0da643b13132fe39ce7f2e5a67
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 740870 ea9e815617e440490f79ba1bd9ace8ed
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 483584 225a1ee8ee0d0afd0790c09e2294602d
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 212046 978663fa001e40d159ac1003ca78f053
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 1106774 19a1d2cda4d5fcd5eb558a7ee1028c6b
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 107066 44bcfffcfaa4823cf7d590c016122460
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 223106 4be634e792cfae60f42063d4e00d07ec
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 262140 c88c8c912d26c5a90c140801471ae7e5
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 74882 b6825dd8a5ad1bf35123b1d0270f3e6f
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 743422 05848461c45b05bbf753d01b144903c8
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 19782 a87762a1c50fe7e358fa22036f72e1a2
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch3_mipsel.deb
Size/MD5 checksum: 1124846 f1984135dc5a75073ed9e840d6b86cb3
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 66434 5d7e6b9b3895069df8fbd4a768c2d4a7
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 19786 a9c97bde6ab30865ebeb593c8acec132
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 26599596 027c80f613185fa622c93e95250c697c
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 786912 b5e0b40caa836f2a74a64e6266e8c49c
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 134132 162ffae039b9e5283ee21445c472351b
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 90144 30d8dcc2e081b974234e6aa433e610ec
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 174226 48af80e053d76475082ff1cbec398208
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 765332 079f6eef570f24e529c9b69fb91bace9
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 2202446 4d47bdad70794e3c882fc4296d2ba18d
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 100256 c8093177108326e854f146d34ebf8e0d
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 1061814 30592a399b78d85cf5fc2ace2d2c8d5c
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 172598 94c7f49aeb4fb4e0214c124e7eef7e74
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 530444 03365cfc737ac8ae07067929fe330f7d
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 492880 87d3097a7517f81f969bf115d166446e
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 755036 1d068a06a2f60664beaab450d89651ec
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 110202 e076dfd2f42789a1dbc0ca61c6694c42
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 302834 6766f873a95247728ca9a323fb9ea405
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 1227622 b574aee279585aa73caa69ecfa1cedd4
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 104590 430c7964ac2f7f4ee5a6fb4d2923b6cd
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 233080 f5bacfe4df0d05bb9933e8f2613e4e9d
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 231012 cad8ae3f95fc9ae0c59bf32e9adb288e
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 421698 e67212c8312c1c0620218cde58e25753
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 78888 b220d49b9d56e8f65096830edac215db
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch3_powerpc.deb
Size/MD5 checksum: 146460 65fc9d9f6c8294cd0afee917b3efaa07
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 859602 162c7179b64c33ed4480d2ceb56123c9
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 96570 b209dec1a05647b0ed570b0685adbe85
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 246814 b955e5bd82b6531f747a733443bc695d
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 107550 914eb556b3bee056ad327b15faf75612
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 19772 77aa27185dbf6f757408a5271c0c623d
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 26250586 6076a92e94d95c1d8fa8bb002cbc7071
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 801650 6658c0396e5a8d6de1c4e7d193c75820
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 182526 457701e03be7ce20eecfe99bda1ecf2a
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 100238 2acaaad4b522c4dfee1209b88dd18074
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 1171508 cc07637979754d4dd5b255a378f88338
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 505052 8868f290a2d31aaa74f48e53271ade1f
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 67208 584f1d5fac81eb5c526cb60e2b5125be
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 276418 05b61198aa566973e9ad986298cdad59
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 150620 83109755c2a70e8ef6c29817e0b55597
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 2250466 8b8773e5ecd69a4e10ad13042294d382
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 113778 d051e12246ef62c0f8809827ccaf4c95
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 766286 7a30be4271d302b78878a65532e8ce4f
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 79622 bf684b7d281c51e0d67a0430292b9dcf
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 176910 5f54ebc13b4a83a485c20d2a23e3ecea
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 248970 026d08cbe5c1431167bc794b425aba35
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 422500 ad06b70ea11f632709ed8246166f0095
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 1098754 d7825b822af7b9ca66c00810dabbe411
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 538932 e4b9c7f2bc708be2c605592cb633c6d8
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch3_s390.deb
Size/MD5 checksum: 145720 44f93bfb197287ec7198abe597b8110d
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 383580 3aec5293af185ce63568093ba0ecdbba
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 1296694 1abb2d0b4fc69f61ebc9190db630ba50
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 744888 225c0c9143770806b1f82de218b1acb3
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 230828 09999550bed069c70073b7d14d4757b8
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 221344 5e174102b75e4d338b33d7352e03c99d
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 171278 192db1c34ab0e6c7610c8775b9c3381c
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 106054 3d842568d12a723a553746befc70edce
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 145126 85b00b723dc0c92eb2ded3f2ece3042e
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 490852 ab051db510616bcb892bcedda94f70f7
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 65438 c1dc639e2599e02c4cb5f42d6edc59b5
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 86980 6755b05a8d58e22bba56da8a3e46bb46
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 1048614 3910bb000a345f210be4d4d951d6e9b5
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 533764 782f0dbe17452fdc10fba93bd1dd8e8f
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 2248190 1116c0e7763ef5390751d9176316044c
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 100258 b3c912581052c899686bd480d5abfa14
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 25245436 0bb867fe36dcccd3b230db6b15980172
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 171400 83d446e4e9fb59ba9da3fc8e37729ae7
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 77462 f8c0bc452b55b77e9cc5cf43b04470c2
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 19784 fd3cff889068ab768a8e6851377de7b7
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 753538 86fb1612d658529d367e74f9b370a53a
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 782990 e61a5358cd8f24f7dbbbb6f5ac66ce04
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 100440 0e1cb47681f1401845f58cf8006a7310
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 131564 14f98cbc41ad2857422cb3c1cabe391c
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch3_sparc.deb
Size/MD5 checksum: 258514 1239f959b9c4db19eee511c7e2497ef6
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Debian (stable)
- ---------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.9-3+lenny1.dsc
Size/MD5 checksum: 2091 ada949f67070c17e401e4069e31b44c3
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.9-3+lenny1.diff.gz
Size/MD5 checksum: 328042 62c2c36a87f6a011ed95a6e0083d8b6e
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.9.orig.tar.gz
Size/MD5 checksum: 9058343 d66472f22db2dc5b706ed4f52d9b16f5
Architecture independent packages:
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.9-3+lenny1_all.deb
Size/MD5 checksum: 13668 37dd4bb1589c1575023096bbd084cb83
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-doc-html_3.5.9-3+lenny1_all.deb
Size/MD5 checksum: 150940 184b6fbb24202904bbf133dfd5880dae
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 442440 23e94dae017d3764c0bf93fca72e82c9
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 34271278 1df447459e0d937df008ddb38238c19a
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 97004 eb230ee19599ce456b08f0f690e6eec0
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 902240 f03678d83d0bb84507b4d19931a4cee0
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 62312 5951b2a2ae85123ac8fbaae36f83296d
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 772520 9955c1ca6950e6946f624f0f0100f56e
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 507224 9535798d64ca04cb92650c866475ca11
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 325884 b638b44dec11e5f6100b20c7088aa23e
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 1137860 36f1bf84aa9e72bbf2f64e5e5593e3e7
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 2415800 3738bd20e7f5ee1159d486d2a1cc1449
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 173662 f5a0f6b40ebc32514b00d97c2b2ab706
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 108646 792d1c04b977a23384b26dda7f443689
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 251922 02ee3f3fd45701241dac17bef1bd939c
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 546038 3a01a6b4cbd04342f518b214ab2cb562
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 1423914 7a67f9f923be83bf18be43d856cc0a32
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 113182 1e868d40f4504086f67958a92c8a0db1
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 93610 27c1fa3ba86ea4a81b5a128aa33a60c7
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 13494 04226fff334a9e1b6381a9c996c5a537
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 251638 a03ec2971838a966b7da491f9bfdcad2
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 950210 94bbc7d26039b9b1db22f5f8ec061676
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 77394 6d8660712f339f6c95b5c06ea66b2192
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 152360 cb76fefb8a85723b9455c5e3eb36f691
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 146284 59518001e9e3e6785562f29c84163ee1
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_alpha.deb
Size/MD5 checksum: 191566 1f006cea28fb9b12198e19dd2d44d689
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 1259102 4cfb0f1b2eaf2dba2e9c3e6a640fcb3a
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 183128 094fa14ad31bd95267e3a928d991a1f3
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 97108 994f9f367a563d15bdd799a6a386e1bf
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 241680 6a1220eb96a4e7640050d29a294fc46c
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 775400 bf0034e90256362258717e6b703a7c06
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 111294 ce334340b229f3cb66d5d7bdffa1fca6
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 247618 6119ac5bc223c81f06fba8c2e36f1c9f
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 13496 2ea8f9c5e57ad1f733f7d8b9c6c435c9
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 498278 f9a2e73f68133adc851e486664b4ab30
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 428276 fd6a4cf0f983ad0cee84443f0825007b
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 865506 a41a1dfd291f0ff30a465aa13db97280
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 64964 08e58ec64b3cd2008b586ef199ec6de7
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 172310 ac98973651c4b21edfb1871c4f4a00f3
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 899882 d3f89ab3f243e18a9eae140973e62da2
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 144930 cf79dcd65d6348b95135e87a14112231
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 1108136 0866fa5aa82bda7db5a8e5d06fbe45bb
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 25780436 25d5f9b45eab024572b513ebfcab1be4
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 287518 5c5e1eb46b216c6024ad7e30cfe50f25
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 144434 f6e80b8ef8183fe832d0a086f7302f8d
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 91372 53247974541b625d0bab5cbd70c26c76
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 76498 bb76e2a1166128926db84ec16b004192
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 106418 083becf2d57374e2518a52b95944cea3
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 2352368 ecb0bd500e99705b68db4a932be13692
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_amd64.deb
Size/MD5 checksum: 548418 d6df60b59871de20041b0153be6ad1da
arm architecture (ARM)
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 137458 8947d28932b7e4b5ab7cd89b6f81af08
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 101784 5725e00ed074682989c117fa8bd92bc5
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 391402 4464da8ddcf38d9c8196281dba608817
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 93836 964e161125a57b810f86114bca5e0555
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 746896 1d8ec12876b8b0ff8042848ff9189768
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 251798 300c55676681bb2fe11ce4e8a0e9a5d5
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 771096 8fd79382983a8b0a54ae4a5c608f7798
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 217932 e723ae36a2166880c5bd78ef192376a4
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 227632 252d9b6fcfc5154873aaea6b98a95087
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 526474 b91266ae395b249999a0d9c1dda08477
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 95612 402304685fac9beb7caa8acb89cbf4b0
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 123774 e1682b257a10e6115ab6d0302c9fd89d
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 163216 657917d64364cc2d87e3c82ff76918e8
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 754250 b8a6d2dc5b5c3ba601ba2b57f99def39
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 13512 038d2a27526f2620eecfdb2bdf507bce
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 83670 1e67c97765872cb33bf5fd8e6eb90994
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 2149602 e2dc467200af7059898eb9bb6c02c731
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 59756 3a74eb67515deb50cf2bcbcc0c91ef51
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 33565006 5d18ca0a4ae08914d58072a2349c649b
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 1223718 0d89da9c8976bf02aefe770e9a4d44d6
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 163926 51e346e2965d3f8777d69c38f528361b
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 1043130 16786b91a1edaadf7e3b2d036bb46f08
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 71382 95376cb88e8eb5d74e8d13a75171576b
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_arm.deb
Size/MD5 checksum: 482022 5c4e4e73dcf11e64865b9e2ceae9d7da
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 1050934 6d71fcb10454858355d28dbd90bf673b
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 136534 2943609b5a2f0dca57af7da9715cedff
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 13498 4b2ef9fa59e854c13264c415063c7858
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 482670 1b8abfb4d374527d2b02d5897e573520
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 83180 d5f62ad7602d4107bde68bb47381ca35
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 239546 097d24409aa70e1d4c86f56cf212347c
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 94288 6376a998f0a8352f7b906b74d968ee9f
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 386010 cdf39f24dbb3a34d58f87f959a20ba11
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 101458 58b67ac4f21014f2a89ecbf5fb21219b
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 227752 616e16119964046edd39ab94f4ba5295
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 527498 4b21ce4f9a57c56f22bedebc7f3764e0
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 71116 758667c7255452fc232577d14a834047
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 755684 a81fd2f6420afd7d1f07f0aadbb551e0
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 166162 351295a1937a81b7fb106ed888f6188a
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 124784 d0582fd6e9bb93273cbf9eaeab5b45ca
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 33006582 e352bebb68dff27df5a682cc80fda55d
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 59148 3980a9d0e717e584b0aab1be5087a134
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 747902 01ebc2692aa241aba7928cfbb2e9b03e
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 163658 b6a957488fdd938a2fb7f4f87c7a9ed0
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 803006 43cd282daefb7fea09f525023d0b4517
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 2170166 d25f3885f0721742e8ae066b62dfbe08
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 217648 5f76ce6485c81b9ee391270be92a2ae7
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 97638 67317ea8846a1f9675a10decc4a6bc15
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_armel.deb
Size/MD5 checksum: 1047420 9d6bdc51966950176f7d811ec1eb7fcd
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 60154 33092de39ee55c6189ca80c35da24405
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 300822 8b613712f554898562536e1e42f0a63a
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 101628 5b79a214b553d0c73c38edf68b58517e
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 760688 3b6fe31dcaf90d5441835bf3caf2b079
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 252780 41804512331d4903ccfdd22f5bea840f
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 79794 407be7817d2fbeadc9a2f1fca29e47d3
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 508388 6fb14c245fddf2ce919e7ca9ac51f792
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 95362 3b3991aed4739cd4b849112aea36ee09
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 449548 84ea2bacf837ce9ac7f808bc81a9b363
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 95770 ed1884db40b3971a0440c89c99184374
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 946800 cf4eeb0fe421ebc3e12a87873504595a
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 26286170 63ef41719ab12d66209beac43fb6cdb7
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 558726 0133793613690399845d568b647cbd95
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 110650 4d3c5c34ce026d1f0a88392ea9aec2cf
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 257908 73b2d5ccdc123436a21c40621115bffb
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 1382332 279a6810a9ffa21617a56577e5c155aa
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 176908 b12e01dac140811818480429a93eb2e3
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 169704 cbebb7d5083f6150203de697af3bf097
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 140626 f9cdc207f477b2a37c167f4eb2024f36
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 151306 29d5bcccbeffdbfc35a47e0b33183844
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 13504 59f49cb9881f15e337403ebd2e876bd2
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 888706 70be229ede5060052c7d5ab61b16cab6
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 1131082 84c09613d81e0e5d40b5a0599f57cc02
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_hppa.deb
Size/MD5 checksum: 2469602 6839152140bb071d7a7bbb84bac03e97
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 97078 9d3c94eb6cabf6a7f998fa9ffe954bfd
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 222912 b0854f86ada31ae3f908d9c077fda44e
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 88412 d177bdb59f8b4cd4286d6c6a7b9bb189
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 75186 a85996e931e769833905e4af3b29ce55
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 13496 47f3b944d8aa7cd0873e1702c48c92ba
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 405590 f3f7d8da99f00fb2906497e4f1a8b1f9
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 539406 ebe1c7685acd074513dcb1e7aaa27ca0
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 489702 ce7020623d559eea8668f9e1b884c54a
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 63090 861612b37ee2c706066a36f05693012d
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 141308 41a4f7ef14dc3c662b4a3f65920b731a
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 236202 2039aac262f83e800f51ed0a485eb139
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 107838 257d1703fe08a582ea097704882faa3e
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 172890 bdf4976a68ea1cf5c44fc1f589d0a5ef
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 808976 bd754e226c29c6d1fb977c4ea3f15d5c
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 167820 9f01143cda19e189de887a3b490cd49d
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 2256720 ac367b07e89f8e099b1d395f70d28c01
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 843108 50525329754e920e30f8bbbab4ee75b7
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 132234 ab1506f7ec28abd98e1498a9d907331d
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 1071012 98f28dc0ddaa53209108f0030dd7fb8e
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 25293598 1b962c64c9ccfe0850cdee4bee7b5c8e
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 99602 81c1fa875a2f5ba6a7d2e0c1bb57d340
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 1232936 11f8797743bbc344204f666ffe3647a6
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 760512 2be01413a549a4fd0ef635ed292a3a02
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_i386.deb
Size/MD5 checksum: 257816 55a8b05afdf2a5473040ca825ee1c777
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 818366 d4798a87cecfd7d9b927b41d772764c0
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 488828 328e215091b06ce8fde8cd1605609d43
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 25364564 7270883396b5744cba3add99df542ed6
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 89560 e656b7b87d96cc0e92694cd668f64859
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 531926 fcc8042638d887b979d8c83570e56320
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 2750750 0f6d8bb0ae98135a8f3b8a14fde8ef6d
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 182090 bfb4546bdd8f439d6fdb90f78c39b3e0
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 300348 424b48c496d4cbe8d0e0c24e6914fea8
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 215548 09024b64587df6ead69c5204e6255bea
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 111806 43f7401cc5dc7964205a3b5788529f5c
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 1171068 de964dfda59dba1844443e475356520d
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 616282 aa2e8fd43795d6807615aa44af520fc2
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 1256546 49be44462041195e17b979e1f172adf7
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 1492244 88db5646f1dbdfe2351f78140a91fa45
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 124244 d06bd039b56fbd39c389c7230645f6eb
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 294308 eda4f9d4887d37efea0c0606bd5e2630
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 178556 e1f5810ec224e47acfbbba53d6992b36
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 66722 1a8b5d1357c5bbb89e1b9a2616eca0b1
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 124302 79df484c9931c2183ebc7d5b501d8d58
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 94362 26fcdc67c6905f2490f5580a139556bd
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 13496 dbd590c1646ced4ce34062ef7f4bf0d4
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 1210464 f6a178b7a71c3696798b8815b8903b75
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 159082 e8507c229564e74fe446b51c10ab1c09
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_ia64.deb
Size/MD5 checksum: 383092 0f45cebe1880296fa1758cf4ddd6304b
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 102730 c09693e44150f94ba81d3210a9785b92
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 221564 8bf49438dc5b071f3b22a4e16fe145a1
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 1109202 7ea76e3bd1760775f57cc305286d3f9d
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 1089090 bef1dc08c615a5253f20772d4c150b2a
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 69894 28f5898a643a5da9ffe7f299d1f129b5
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 828526 d7c0696846f61ef882456cb442baafae
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 480092 9f8149b8c84fa4e95ec3ca5ea2429da5
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 757340 0594ca7f417410b4f99bfd32e8910fdb
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 99964 2f14d8446f2593375e7e73e8c7830555
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 517638 8b7e724ab60ab74a301e3a8573c2dde4
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 244618 d065664867e7fbaa1e79c140dca57a23
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 26705680 dc864930cacd486a2b90026cdce7bf63
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 13496 626c6009eb8ce9dd5025fa69c007ea36
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 94366 e573484ce71e9340767aa5130824df50
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 168490 b31fad69d903af2d994d3f39a02c4fb5
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 748942 8f97407542d66a31c66b5ac6d7a88039
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 82976 7c51b8a5c15110178e97955f62ec4b34
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 123894 8f637d55657e633ba57302191ef6abd1
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 2114234 dff1727a5c8ea95cf2657de32642c49d
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 177190 a99bd78ff7ffec4aeeedcdedb87e9e9f
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 138954 ab684399bfe4d3d0dda461978fd42f48
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 57942 d75a095256d0c00cea5452d794fcbcd1
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 390348 4b9456cffd018514a937ed5cb4124f13
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_mips.deb
Size/MD5 checksum: 206684 7132c18d8b6fa9535e0db252e91ad69b
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 138708 537c781567de6c7fb455f8c82883d95a
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 745694 4bae4c1456f675dab10bbfbfe691ecfc
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 94376 32e82a5d66a85afba17f2a0eb9a6bb0d
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 242664 a3430b75167fc0ce419ba2891fac8e3b
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 99282 0ce02e74c990a7472e3ab77aa7cdbc65
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 122230 9b66a2f3aa0f7a67b490b8688f80561a
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 13500 716a62675374a3d52f41e32ad571c1a9
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 1061316 5c56f881eb6aa0af1752f6bfe7bfa9aa
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 2097486 0e0f300f5a1f4f2c84aab6b12672aa14
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 82654 320a0e06aba597cfc568981ddddc2f5c
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 25680530 9c4205f7927bb3116bb1e31ee15d168f
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 69852 21f1eafbff78f8d424acceb1463b90c6
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 517148 b159a3acf0e49f9514a5381b35659497
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 168106 20e31b3080ffcde4901f808a91cfc161
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 57864 10a5d266e861d9ec35b9c4dd78cb4913
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 478516 03f90ba32184e87c561ac355ccec49ae
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 388378 1efa9ce64cf60b0795901bf35dc4e53f
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 814058 10769b430175e802c632b03dd6277e73
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 755640 e3b75cf4f593ec7d307989d77a5ca1ca
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 176084 33dcb7ee545a8b9eaa99325b06c928e5
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 1105362 085d429a8938af2babc1650db41b11f7
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 102568 30223561a7999ac53260ec4b4d32af50
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 205558 221c78de0ad22c2847c58cb74285a376
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_mipsel.deb
Size/MD5 checksum: 219406 2a3403fec05145529cda12b588a17a1a
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 320010 141601c2883cd7ad11185ca59557c171
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 138992 b8d9d86bde0921fa183afe0122812024
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 1331390 125ce1b459d937091bbf8df72cc5beda
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 96436 ce5725e282720dfbde022c37d56b4bf4
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 115882 1c3660d4430f874b5df972f8d65fc89c
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 245392 faf6f0c1d73faa7b18b567a992bf0ccf
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 77460 00437705fa464547d477e5787c5c4ab6
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 1079000 7ee79717437c23727d538d9be311fa1a
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 860746 1fc710f8ebd8bc901085239d9239a461
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 174706 69ff9738d14e93a08c0cf99610c272d9
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 499304 935611522d88526bbab0043a201fcc7d
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 2379254 0c4096e5f4ec0a2436e4e6cb4d0e964f
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 148264 f0a54f4705a85ba4872eb86752d3a3a1
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 109152 311f4ae4a6e389b74bbe402c025f6335
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 774148 22fe7312a5fb51ca29bd2aae9978e2f2
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 13502 50d978d665a3bf11d9b2ae3cfe0bb5a2
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 445506 1d14d9a19d25e0093cfdfba05fdfa297
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 889946 66918f0179c15859f58acd07960dfd8c
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 26522042 341acf33eaea52e3cc7ce4c0496be4f6
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 245192 49f4712771d91fc8334874622107c10a
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 92960 786b5a1faa9ac0b064e3f7c034cb1750
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 552320 c9152403f7f15a9e9f50b81955327851
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 65902 43acaf29b90c9b2ed6b20804fdab4d9e
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_powerpc.deb
Size/MD5 checksum: 183444 2cd74fcaa131e77772cd6246f30a6787
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 545552 5ecc4b81ed5a666b2d1badfd5f37ea2e
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 2316640 4309c27dbe563f7472cb21da7586cae8
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 63226 2b3694eb878128f5dae3d6a6468103fb
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 144820 d2f466e5d021e43f4c60abe73cbe2aa9
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 270630 d2d3bf53a18c1f77a505f891150a027d
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 113006 44e08268dad122fa8014081807c5bfb4
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 106236 07d0235cb8a47e3a67d771870fae0b32
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 251268 7640117e7b3ce3de2b6a8c4d4b8164dc
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 147742 9802165843c32f9a6ff6e8370ca87cbd
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 93564 b8bd35cb52760b51b37d66eb76e05dec
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 424942 5b80b03ae1a98c75b2fe456fcdbe9f21
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 877384 188e4a2bbf7cf70c2c0fda370134f8f7
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 775834 a6cc496f2aae5971bf22c7eb7dcef33a
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 75214 730a24933cf8b75b91ac20ceaee56611
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 247912 07fc597207d506959b1a06b24e72d22a
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 1107384 a295fb93c4dac09f9a811a7d657d953e
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 94358 1164bcac53e6fb3e441668d5d425f3b0
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 501788 558e7489907c25459d7f6f71e84c60ed
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 1201460 b69c1b31d59a0dbc08613a257126d31a
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 13494 6802989fced5f26ebbefc76a524c37f1
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 26212182 6c365927ca3b530fac689af8c251aa2d
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 901164 97b49f6789d8f0d1b4fad1c43a736b24
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 183490 51085c635eab8f84d823e130c104a7ec
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_s390.deb
Size/MD5 checksum: 174622 23f2c760e59c4f16618567bb05808c06
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 142312 4b95d21a81fe8acda3948b18a17e255b
http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 387444 ad8be325a6c214cfcee83e6231ebe282
http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 536484 14c7fc971a39c76034938ed20e282d0c
http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 487168 54a3ea6ea8e479c29ce6de334d20fe12
http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 2295810 886cc8756b8c88ae9f39a5663da41b66
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 251524 ce3fcf5dcea8dadb8a8340a9c8369484
http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 835054 fc902a88b1591c1167c7e15599262a7c
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 25134110 54499557e99be3114d2253c30878dfb8
http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 1054274 29c9a4b66b6ddadc214b26d4ac001a4d
http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 61522 51ac0faa96ec2a9a1ed408ccceded01e
http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 94364 71b741e9b9c864678bee978b9b782d13
http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 1288616 0efcba64c49ff8dee826fd5d19303389
http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 99064 8ab8e3cdb467a8f6012f44be07cdc6f2
http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 83342 cb6b0bd4e7b384500a5f061bcca852c9
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 13500 afd2790ea28d4edad211a7bed2817ddb
http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 791016 00c6dcd665a995486002f019372e19e1
http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 169150 cc6d29090b9d1eb1bc92bf4201d9eff8
http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 129360 f71a036c5a2a24fbf9f8e3923f00f0c3
http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 761142 885e60cc1694fb40f9ffe6280c756984
http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 230038 e03caca49d68f845ab81eab6a3a4e666
http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 105244 84f033793d4a42f0b6235565ad963251
http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 72270 c175dd0ec48337d70f3d1dc5ba26ed53
http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 172602 ee221972ebbec5844c3e8b5e112c1138
http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_sparc.deb
Size/MD5 checksum: 218246 35ef9dd3d2970b90341da2302cbcbdfe
These files will probably be moved into the stable distribution on
its next update. (CVE-2009-0163)
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier,
as used in Poppler and other products, when running on Mac OS X,
has unspecified impact, related to g*allocn. NOTE:
the JBIG2Stream.cxx vector may overlap CVE-2009-1179. (CVE-2009-0800)
The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10
does not properly initialize memory for IPP request packets, which
allows remote attackers to cause a denial of service (NULL pointer
dereference and daemon crash) via a scheduler request with two
consecutive IPP_TAG_UNSUPPORTED tags. An
attacker could create a malicious PDF file that would cause pdftops
to crash or, potentially, execute arbitrary code as the lp user if
the file was printed. (CVE-2009-3608, CVE-2009-3609)
This update corrects the problems.
Update:
Packages for 2008.0 are being provided due to extended support for
Corporate products.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0163
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0165
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0195
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0791
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0949
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2008.0:
6b17f59f63c062c017c78d459dd2d89a 2008.0/i586/cups-1.3.10-0.1mdv2008.0.i586.rpm
9bc5298d9895c356227fdda3a0ddb2c0 2008.0/i586/cups-common-1.3.10-0.1mdv2008.0.i586.rpm
e3583883df8532fc8c496866dac713f8 2008.0/i586/cups-serial-1.3.10-0.1mdv2008.0.i586.rpm
fac1fcb839ad53322a447d4d39f769e3 2008.0/i586/libcups2-1.3.10-0.1mdv2008.0.i586.rpm
3d65afc590fb8520d68b2a3e8e1da696 2008.0/i586/libcups2-devel-1.3.10-0.1mdv2008.0.i586.rpm
9e09ed22a2522ee45e93e0edc146193f 2008.0/i586/libpoppler2-0.6-3.5mdv2008.0.i586.rpm
7427b1f56387e84db5a15aad85b424d2 2008.0/i586/libpoppler-devel-0.6-3.5mdv2008.0.i586.rpm
67937a584d365d6b00ef688c88e8d7c5 2008.0/i586/libpoppler-glib2-0.6-3.5mdv2008.0.i586.rpm
410dc85c2c7b71ab316be5607c556682 2008.0/i586/libpoppler-glib-devel-0.6-3.5mdv2008.0.i586.rpm
64d6e14be8d93c7651ce5dc3e2ebc5bf 2008.0/i586/libpoppler-qt2-0.6-3.5mdv2008.0.i586.rpm
cc9af7e314b6eaa6a8f946fa2c27f298 2008.0/i586/libpoppler-qt4-2-0.6-3.5mdv2008.0.i586.rpm
0c6d3a6b5211e8506a89144b8c3a3cfb 2008.0/i586/libpoppler-qt4-devel-0.6-3.5mdv2008.0.i586.rpm
c985516638ed4d8f792daa13bd506023 2008.0/i586/libpoppler-qt-devel-0.6-3.5mdv2008.0.i586.rpm
8d05619dcef538092696ce70998abd20 2008.0/i586/php-cups-1.3.10-0.1mdv2008.0.i586.rpm
0bae2a3525b796882d2cc87853945e5a 2008.0/i586/poppler-0.6-3.5mdv2008.0.i586.rpm
f3b53f5fafa8af4d754a5985e5f93830 2008.0/SRPMS/cups-1.3.10-0.1mdv2008.0.src.rpm
11b021f4e5d21d199728b9a0a37a8230 2008.0/SRPMS/poppler-0.6-3.5mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64:
8249475feb3bdc74ea7060944baed6aa 2008.0/x86_64/cups-1.3.10-0.1mdv2008.0.x86_64.rpm
83951504acb783cfdb8ec4fe48d31e1e 2008.0/x86_64/cups-common-1.3.10-0.1mdv2008.0.x86_64.rpm
fa8a91e8e3bc8f11c19ab460d1f690fe 2008.0/x86_64/cups-serial-1.3.10-0.1mdv2008.0.x86_64.rpm
e061fdbeded2d97bb3ca6b34d33cb384 2008.0/x86_64/lib64cups2-1.3.10-0.1mdv2008.0.x86_64.rpm
893235ea8cf23295ae961ea2de0b9903 2008.0/x86_64/lib64cups2-devel-1.3.10-0.1mdv2008.0.x86_64.rpm
9844640563afdef4a870e2ed12e58136 2008.0/x86_64/lib64poppler2-0.6-3.5mdv2008.0.x86_64.rpm
06ea824a6a2cd9360a9e75a14718192a 2008.0/x86_64/lib64poppler-devel-0.6-3.5mdv2008.0.x86_64.rpm
bb0eb04fa906a352e6738d08f116f89b 2008.0/x86_64/lib64poppler-glib2-0.6-3.5mdv2008.0.x86_64.rpm
43d6a85dfdad7e969655ee4e2a377370 2008.0/x86_64/lib64poppler-glib-devel-0.6-3.5mdv2008.0.x86_64.rpm
eef29dde4b9e80d4c360e953cbe9110b 2008.0/x86_64/lib64poppler-qt2-0.6-3.5mdv2008.0.x86_64.rpm
c74dc9f245091f451441d8b88f0beed3 2008.0/x86_64/lib64poppler-qt4-2-0.6-3.5mdv2008.0.x86_64.rpm
60345458274afc6ff480317fc408ec52 2008.0/x86_64/lib64poppler-qt4-devel-0.6-3.5mdv2008.0.x86_64.rpm
0a880b9c0d655c10f5757882e30911f1 2008.0/x86_64/lib64poppler-qt-devel-0.6-3.5mdv2008.0.x86_64.rpm
eb6fde793ac0d7ea86df42aa22637807 2008.0/x86_64/php-cups-1.3.10-0.1mdv2008.0.x86_64.rpm
7f475f07368ed9158008f2891dce2cd6 2008.0/x86_64/poppler-0.6-3.5mdv2008.0.x86_64.rpm
f3b53f5fafa8af4d754a5985e5f93830 2008.0/SRPMS/cups-1.3.10-0.1mdv2008.0.src.rpm
11b021f4e5d21d199728b9a0a37a8230 2008.0/SRPMS/poppler-0.6-3.5mdv2008.0.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security
| VAR-200904-0809 | CVE-2009-1180 | Xpdf and poppler contain multiple vulnerabilities in the processing of JBIG2 data |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data. Xpdf is an open source viewer for Portable Document Format (PDF) files. A denial of service attack vulnerability exists in the JBIG2 decoder of Xpdf. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2011:175
http://www.mandriva.com/security/
_______________________________________________________________________
Package : poppler
Date : November 15, 2011
Affected: Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
Multiple security vulnerabilities has been discovered and corrected
in poppler:
An out-of-bounds reading flaw in the JBIG2 decoder allows remote
attackers to cause a denial of service (crash) via a crafted PDF file
(CVE-2009-0799). NOTE: some of these details are obtained
from third party information. NOTE: this issue reportedly exists
because of an incomplete fix for CVE-2009-1188 (CVE-2009-3603). NOTE: this may overlap CVE-2009-0791
(CVE-2009-3605). NOTE:
some of these details are obtained from third party information
(CVE-2009-3607).
The updated packages have been patched to correct these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3607
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3938
_______________________________________________________________________
Updated Packages:
Mandriva Enterprise Server 5:
783eaf3485f688288f070f1a9f911c4d mes5/i586/libpoppler3-0.8.7-2.5mdvmes5.2.i586.rpm
bd06380ed4b45d450389d1770276dccc mes5/i586/libpoppler-devel-0.8.7-2.5mdvmes5.2.i586.rpm
e1945537640307b76bcad253ebb73854 mes5/i586/libpoppler-glib3-0.8.7-2.5mdvmes5.2.i586.rpm
ff93afd4e687dfb8062360f7f7bfd347 mes5/i586/libpoppler-glib-devel-0.8.7-2.5mdvmes5.2.i586.rpm
7f7c3ea25304806c37306ed4f27335e8 mes5/i586/libpoppler-qt2-0.8.7-2.5mdvmes5.2.i586.rpm
ef9780095457b8efb52e961720c58052 mes5/i586/libpoppler-qt4-3-0.8.7-2.5mdvmes5.2.i586.rpm
d9080de0f92bb36a34ad010fe2ad2a4c mes5/i586/libpoppler-qt4-devel-0.8.7-2.5mdvmes5.2.i586.rpm
3d9d5d68cfdb63ff2668040fb0fd0e93 mes5/i586/libpoppler-qt-devel-0.8.7-2.5mdvmes5.2.i586.rpm
ff2f445d1e3942039c5f9b326c64b5e3 mes5/i586/poppler-0.8.7-2.5mdvmes5.2.i586.rpm
29cce020068d6ca7a651a273f9cf8595 mes5/SRPMS/poppler-0.8.7-2.5mdvmes5.2.src.rpm
Mandriva Enterprise Server 5/X86_64:
e534d6c09ebffd8e9a4f85cb35e15947 mes5/x86_64/lib64poppler3-0.8.7-2.5mdvmes5.2.x86_64.rpm
d71984d177742a10af4168adae141357 mes5/x86_64/lib64poppler-devel-0.8.7-2.5mdvmes5.2.x86_64.rpm
709c2fb028305c6038da922d4385a44b mes5/x86_64/lib64poppler-glib3-0.8.7-2.5mdvmes5.2.x86_64.rpm
46bf6bf33ab672b333d52078b37e3bf0 mes5/x86_64/lib64poppler-glib-devel-0.8.7-2.5mdvmes5.2.x86_64.rpm
bed66c55ec459b0a845ea4f0adf69c6f mes5/x86_64/lib64poppler-qt2-0.8.7-2.5mdvmes5.2.x86_64.rpm
bfdb0391cff52b910302f6c272223393 mes5/x86_64/lib64poppler-qt4-3-0.8.7-2.5mdvmes5.2.x86_64.rpm
6b0ec4b64459cdf517499703ebd21532 mes5/x86_64/lib64poppler-qt4-devel-0.8.7-2.5mdvmes5.2.x86_64.rpm
3f7f2f03348fa025df99564e5cf15665 mes5/x86_64/lib64poppler-qt-devel-0.8.7-2.5mdvmes5.2.x86_64.rpm
01bf66ad02b533cf4b6141058df40b62 mes5/x86_64/poppler-0.8.7-2.5mdvmes5.2.x86_64.rpm
29cce020068d6ca7a651a273f9cf8595 mes5/SRPMS/poppler-0.8.7-2.5mdvmes5.2.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFOwmCOmqjQ0CJFipgRAkA2AJ4idaGL0tc4rVBtwwiVbl27Em6xZwCgrJjl
ar8t2URRRlYmyIxMC/5cgAM=
=5FhG
-----END PGP SIGNATURE-----
. ===========================================================
Ubuntu Security Notice USN-973-1 August 17, 2010
koffice vulnerabilities
CVE-2009-0146, CVE-2009-0147, CVE-2009-0165, CVE-2009-0166,
CVE-2009-0195, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179,
CVE-2009-1180, CVE-2009-1181, CVE-2009-3606, CVE-2009-3608,
CVE-2009-3609
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 9.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 9.04:
kword 1:1.6.3-7ubuntu6.1
In general, a standard system update will make all the necessary changes.
Details follow:
Will Dormann, Alin Rad Pop, Braden Thomas, and Drew Yao discovered that the
Xpdf used in KOffice contained multiple security issues in its JBIG2
decoder. (CVE-2009-0146,
CVE-2009-0147, CVE-2009-0166, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179,
CVE-2009-1180, CVE-2009-1181)
It was discovered that the Xpdf used in KOffice contained multiple security
issues when parsing malformed PDF documents. (CVE-2009-3606, CVE-2009-3608, CVE-2009-3609)
KOffice in Ubuntu 9.04 uses a very old version of Xpdf to import PDFs into
KWord. Upstream KDE no longer supports PDF import in KOffice and as a
result it was dropped in Ubuntu 9.10. While an attempt was made to fix the
above issues, the maintenance burden for supporting this very old version
of Xpdf outweighed its utility, and PDF import is now also disabled in
Ubuntu 9.04.
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.6.3-7ubuntu6.1.diff.gz
Size/MD5: 622105 556aa62c50d527e60c1dff7b0f0aa0b1
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.6.3-7ubuntu6.1.dsc
Size/MD5: 2089 d42a7716e78fc690d256f8045017e7fa
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.6.3.orig.tar.gz
Size/MD5: 63221967 497a644adaf5d6531a0e32d14f88e5f5
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio-data_1.6.3-7ubuntu6.1_all.deb
Size/MD5: 682598 78a5406815a35440ac4480c2532f28ef
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-data_1.6.3-7ubuntu6.1_all.deb
Size/MD5: 735930 9d775bfa37c32d0ab934c25c721d6456
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-doc-html_1.6.3-7ubuntu6.1_all.deb
Size/MD5: 519734 7c05c1818b4baaa8167b6f84bbcab085
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-doc_1.6.3-7ubuntu6.1_all.deb
Size/MD5: 18982 465a569fb8bbd06f80e8b19e6acc1695
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.6.3-7ubuntu6.1_all.deb
Size/MD5: 21100 780be3fc6108770d271d89cac4869b10
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter-data_1.6.3-7ubuntu6.1_all.deb
Size/MD5: 1903802 bdb13a770966f7a5b2978f510ba58f10
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita-data_1.6.3-7ubuntu6.1_all.deb
Size/MD5: 28310364 0d115fe0dfc641efe2e04508324bd72a
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword-data_1.6.3-7ubuntu6.1_all.deb
Size/MD5: 1776368 f7781ed87a7c8c5ee1ba7636c519076d
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/karbon_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 1059936 fa5f33b7cd8d1d291834ad81768a55b3
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kchart_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 1363098 1ea1bd16846af1b718392fcc80f55456
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kexi_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 3634792 de50ca28c4ffe99f5c43369be2c28c53
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kformula_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 1022466 2680eb3b5eb1fe0b939dcc4d8698df93
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 586680 af2f128a08ad516dab5e0d9181c8fa05
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dbg_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 54301774 04ffb99c1da2e2d54a0320d4eb23a8bd
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dev_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 394472 2dd7347dda792d9a1a50831b20861f94
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-libs_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 2614706 1f4f29ae856d74a751d47d6a2c2e6317
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koshell_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 177638 bbcf8e0ef85478569dd212be191cf3d6
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kplato_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 939900 81b0c652c71a1cae573a984bc8192e9c
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 1332666 2cb497195e47d739e5c73eca50ba7f3a
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 3307610 4453ddce6e47950727883a37ed0cb02a
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kspread_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 2750674 14831989300bcb63f368291710a46510
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kthesaurus_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 314700 a68a9a2cc5299b957ef823971226117a
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kugar_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 443182 d7b8296294f89bb2df6c69ac554e9d16
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 2504138 0f58ca14ca066713c273c159f6e1295d
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/karbon_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 975268 1a3b2bb23cdf4fd7ae942e53672706f1
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kchart_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 1306222 c812ef558f13e43eb448aa56d6797ed4
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kexi_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 3563484 9a47762bf756eef0defe1a690017b361
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kformula_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 1015886 5f39c46934ad9dfb55b36acd135d5b59
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 527296 e4d1682301bf58d5df51792162671e1e
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dbg_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 53049888 7baa946b92618169cdee4eab005e2533
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dev_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 409804 ff440307934403aa404a2416a6fc00a2
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-libs_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 2423308 2933a46777c6be5dd6e588afb056ce83
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koshell_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 174422 65acfb083c6dcde10f29c22d7cb2891d
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kplato_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 868786 b0f68c2390f2761fed67ed9cee032add
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 1234468 b6f06fa397725d1b915683aa8850c600
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 3037920 00a2c6161359ed7a982186ae9f82af06
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kspread_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 2634754 9a631d806d414d56e03293e108cdd19a
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kthesaurus_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 312056 e51b7691be77c0ee20224ff524f120ac
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kugar_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 430552 fe51a92f6d4db43d4c9c12c8ddda16ed
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 2362696 92d4dc922ef2a920dd580b41493f7226
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/koffice/karbon_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 975296 dfe1b44a9c29a543fe6d76b5f0bdfbc2
http://ports.ubuntu.com/pool/main/k/koffice/kchart_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 1309438 05e8ca4579040c084f38a5a174055325
http://ports.ubuntu.com/pool/main/k/koffice/kexi_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 3579118 2e344131f0aaf4231c21af2fb8298833
http://ports.ubuntu.com/pool/main/k/koffice/kformula_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 1014884 c46aad3850fe256baf9ea38262d3a0d4
http://ports.ubuntu.com/pool/main/k/koffice/kivio_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 529176 d0ed2edaf57e2e02e73a22f15b86fdc6
http://ports.ubuntu.com/pool/main/k/koffice/koffice-dbg_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 53089422 ad89de6273a8f796239423c5b4b478e8
http://ports.ubuntu.com/pool/main/k/koffice/koffice-dev_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 394468 c410cb7ac1bfffabf2b2c0b0119e829c
http://ports.ubuntu.com/pool/main/k/koffice/koffice-libs_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 2438608 66fd9a1471e34c9a5baac9d6ec2b3bd4
http://ports.ubuntu.com/pool/main/k/koffice/koshell_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 174116 1d6410c4f8dddddc24d80666f8278c0c
http://ports.ubuntu.com/pool/main/k/koffice/kplato_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 865740 78ffc8a66fe0c555e35c71d4f8734a91
http://ports.ubuntu.com/pool/main/k/koffice/kpresenter_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 1240814 1c4d13855664db29a2e1923e929ceecc
http://ports.ubuntu.com/pool/main/k/koffice/krita_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 3036992 498218cbda6e3d3abac07ce88c6e0c2c
http://ports.ubuntu.com/pool/main/k/koffice/kspread_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 2650892 5950f9bc22ab50db430eac56d9f04697
http://ports.ubuntu.com/pool/main/k/koffice/kthesaurus_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 312060 005610b199a0d8ce05d1def703c890bb
http://ports.ubuntu.com/pool/main/k/koffice/kugar_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 432602 75b05844e99f7e2ad4ab6e20e5bed539
http://ports.ubuntu.com/pool/main/k/koffice/kword_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 2371784 607adbbcfd28fbe1a2750fc004418c14
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/k/koffice/karbon_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 1068778 523593d94079fba3e0364f908a1a1a57
http://ports.ubuntu.com/pool/main/k/koffice/kchart_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 1364554 258dc9b33e6d270ff719c91e3ef37db9
http://ports.ubuntu.com/pool/main/k/koffice/kexi_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 3709952 28d37bcb119b836c3a4e92407738fa7f
http://ports.ubuntu.com/pool/main/k/koffice/kformula_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 1027620 5e2309d118d267e9b692fec5ee16a0db
http://ports.ubuntu.com/pool/main/k/koffice/kivio_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 587256 bead26a9cc80d7bea3c00416b178377c
http://ports.ubuntu.com/pool/main/k/koffice/koffice-dbg_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 55955530 ed06d8fe4737caa802c47e83dbb466e1
http://ports.ubuntu.com/pool/main/k/koffice/koffice-dev_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 394498 c30a126fa23c2506750e211a4b126fa9
http://ports.ubuntu.com/pool/main/k/koffice/koffice-libs_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 2619418 5370a9dcf9f00cc78da20ee4adfb4c8b
http://ports.ubuntu.com/pool/main/k/koffice/koshell_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 180344 141e38c24581f2c8f023e57fca067cb4
http://ports.ubuntu.com/pool/main/k/koffice/kplato_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 903470 8abaab749117c77c22446495e59e309c
http://ports.ubuntu.com/pool/main/k/koffice/kpresenter_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 1321174 cac2871f1847863b4b2ebf565b25df19
http://ports.ubuntu.com/pool/main/k/koffice/krita_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 3394952 44a59865f180b3d5500dc0cd4e0b906e
http://ports.ubuntu.com/pool/main/k/koffice/kspread_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 2718124 479211cb5a9018ba6fa4000a280c77e1
http://ports.ubuntu.com/pool/main/k/koffice/kthesaurus_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 320612 9e2c1960e9fc010e6dcc25a0cb1574b4
http://ports.ubuntu.com/pool/main/k/koffice/kugar_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 454328 61ee3edf596ea67f4faa0974cd46be30
http://ports.ubuntu.com/pool/main/k/koffice/kword_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 2512304 43c6105b4fae1f63b48c449365e95087
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/k/koffice/karbon_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 962916 ad7e5830f033940223ed825226496183
http://ports.ubuntu.com/pool/main/k/koffice/kchart_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 1304972 050e2196a5c5ccb31c89741a9b0f2b6d
http://ports.ubuntu.com/pool/main/k/koffice/kexi_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 3410504 ec1e27da573bd6b2464edc8b45ba0814
http://ports.ubuntu.com/pool/main/k/koffice/kformula_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 1013536 ef4bda5f39caed0b5ca4144e49c1097a
http://ports.ubuntu.com/pool/main/k/koffice/kivio_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 528266 7d60ee9ce5489fce6aa0f87d8178ca0c
http://ports.ubuntu.com/pool/main/k/koffice/koffice-dbg_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 51732154 137a826d403b455408b815aea0f2104a
http://ports.ubuntu.com/pool/main/k/koffice/koffice-dev_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 394506 4cfc6172b52148a1f9de20997657c590
http://ports.ubuntu.com/pool/main/k/koffice/koffice-libs_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 2354854 8c1e19804067a2aa70409e334917070e
http://ports.ubuntu.com/pool/main/k/koffice/koshell_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 172078 77aa57456966572fd5e151fc3fdbf72c
http://ports.ubuntu.com/pool/main/k/koffice/kplato_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 855470 aba0765689e839609756f3eb27693058
http://ports.ubuntu.com/pool/main/k/koffice/kpresenter_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 1223480 94ba8198733e21a488c0d6da4493b1c2
http://ports.ubuntu.com/pool/main/k/koffice/krita_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 3002516 1a884308c7fb75403d49cf1ff73fe79f
http://ports.ubuntu.com/pool/main/k/koffice/kspread_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 2565326 1fa53d14437814a657c1fe81d7269a02
http://ports.ubuntu.com/pool/main/k/koffice/kthesaurus_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 311270 97d7cca2e2a75f15288e8725fd4b905e
http://ports.ubuntu.com/pool/main/k/koffice/kugar_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 426002 0c83afb3dbd67a10c11cc7d310e81511
http://ports.ubuntu.com/pool/main/k/koffice/kword_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 2311632 c449bd3fa59e22f9e32a884ffc3f81cf
.
Additionally the kdegraphics package was rebuild to make
kdegraphics-kpdf link correctly to the new poppler libraries and are
also provided.
This update provides fixes for that vulnerabilities. (CVE-2009-1183)
Two integer overflow flaws were found in the CUPS pdftops filter. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201310-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Poppler: Multiple vulnerabilities
Date: October 06, 2013
Bugs: #263028, #290430, #290464, #308017, #338878, #352581,
#459866, #480366
ID: 201310-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in Poppler, some of which may
allow execution of arbitrary code.
Background
==========
Poppler is a cross-platform PDF rendering library originally based on
Xpdf.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/poppler < 0.22.2-r1 >= 0.22.2-r1
Description
===========
Multiple vulnerabilities have been discovered in Poppler. Please review
the CVE identifiers referenced below for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Poppler users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/poppler-0.22.2-r1"
References
==========
[ 1 ] CVE-2009-0146
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0146
[ 2 ] CVE-2009-0147
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0147
[ 3 ] CVE-2009-0165
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0165
[ 4 ] CVE-2009-0166
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0166
[ 5 ] CVE-2009-0195
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0195
[ 6 ] CVE-2009-0799
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0799
[ 7 ] CVE-2009-0800
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0800
[ 8 ] CVE-2009-1179
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1179
[ 9 ] CVE-2009-1180
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1180
[ 10 ] CVE-2009-1181
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1181
[ 11 ] CVE-2009-1182
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1182
[ 12 ] CVE-2009-1183
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1183
[ 13 ] CVE-2009-1187
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1187
[ 14 ] CVE-2009-1188
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1188
[ 15 ] CVE-2009-3603
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3603
[ 16 ] CVE-2009-3604
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3604
[ 17 ] CVE-2009-3605
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3605
[ 18 ] CVE-2009-3606
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3606
[ 19 ] CVE-2009-3607
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3607
[ 20 ] CVE-2009-3608
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3608
[ 21 ] CVE-2009-3609
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3609
[ 22 ] CVE-2009-3938
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3938
[ 23 ] CVE-2010-3702
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3702
[ 24 ] CVE-2010-3703
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3703
[ 25 ] CVE-2010-3704
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3704
[ 26 ] CVE-2010-4653
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4653
[ 27 ] CVE-2010-4654
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4654
[ 28 ] CVE-2012-2142
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2142
[ 29 ] CVE-2013-1788
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1788
[ 30 ] CVE-2013-1789
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1789
[ 31 ] CVE-2013-1790
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1790
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201310-03.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2013 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
This update upgrades KDE in Mandriva Linux 2008.0 to version 3.5.10,
which brings many bugfixes, overall improvements and many security
fixes.
kdegraphics contains security fixes for
CVE-2009-3603,3604,3605,3606,3608,3609,0146,0147,0165,0166,0799,0800,1179,1180,1181,1182,1183
kdelibs contains security fixes for
CVE-2009-0689,1687,1690,1698,2702,1725,2537
Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers