Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > October 2005 > Debian - Three Security Advisories

October 2005

Debian - Three Security Advisories

ID: 00956
Ref: 894/05
Date: 28 October 2005:15:14:01
Version: 1
Title: Debian - Three Security Advisories
Abstract: 1. New lynx-ssl packages fix arbitrary code execution [DSA 876-1], 2. New gnump3d packages fix several vulnerabilities [DSA 877-1] , 3. New netpbm-free packages fix arbitrary code execution [DSA 878-1]
Vendors affected: Debian
Operating systems affected: Debian
Applications affected: Debian

Title
=====

Debian - Three Security Advisories:
1. New lynx-ssl packages fix arbitrary code execution [DSA 876-1]
2. New gnump3d packages fix several vulnerabilities [DSA 877-1]
3. New netpbm-free packages fix arbitrary code execution [DSA 878-1]


Detail
======

Security advisory summaries:

1. Ulf Härnhammar discovered a buffer overflow in lynx, a text-mode
browser for the WWW that can be remotely exploited. During the
handling of Asian characters when connecting to an NNTP server lynx
can be tricked to write past the boundary of a buffer which can lead
to the execution of arbitrary code.

2. Steve Kemp discovered two vulnerabilities in gnump3d, a streaming
server for MP3 and OGG files. The Common Vulnerabilities and
Exposures Project identifies the following problems:

3. A buffer overflow has been identified in the pnmtopng component of the
netpbm package, a set of graphics conversion tools. This
vulnerability could allow an attacker to execute arbitrary code as a
local user by providing a specially crafted PNM file.


Security advisory content follows:


1.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - --------------------------------------------------------------------------
Debian Security Advisory DSA 876-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
October 27th, 2005 http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package : lynx-ssl
Vulnerability : buffer overflow
Problem type : remote
Debian-specific: no
CVE ID : CVE-2005-3120

Ulf Härnhammar discovered a buffer overflow in lynx, a text-mode
browser for the WWW that can be remotely exploited. During the
handling of Asian characters when connecting to an NNTP server lynx
can be tricked to write past the boundary of a buffer which can lead
to the execution of arbitrary code.

For the old stable distribution (woody) this problem has been fixed in
version 2.8.4.1b-3.2.

For the stable distribution (sarge) this problem has been fixed in
version 2.8.5-2sarge1 of lynx.

For the unstable distribution (sid) this problem will be fixed soon.

We recommend that you upgrade your lynx-ssl package.


Upgrade Instructions
- - --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- - --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4.1b-3.2.dsc
Size/MD5 checksum: 609 6256bc48e63d9120301c6bdae3316675
http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4.1b-3.2.diff.gz
Size/MD5 checksum: 87627 69a835be9e783a6788fd3122ec4c51d4
http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4.1b.orig.tar.gz
Size/MD5 checksum: 2557510 053a10f76b871e3944c11c7776da7f7a

Alpha architecture:

http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4.1b-3.2_alpha.deb
Size/MD5 checksum: 1617392 d07cb6f46da183ab5c66860d90dd48c5

ARM architecture:

http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4.1b-3.2_arm.deb
Size/MD5 checksum: 1491792 b20c7575d54e86838ddeff94622ce5ff

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4.1b-3.2_i386.deb
Size/MD5 checksum: 1447102 0707d60cdc076a9078ecd198d9e185c5

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4.1b-3.2_ia64.deb
Size/MD5 checksum: 1769060 9f621d66228be950732846918afb9b22

HP Precision architecture:

http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4.1b-3.2_hppa.deb
Size/MD5 checksum: 1559592 c2c35718ba34d173fadefd3ba428695b

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4.1b-3.2_m68k.deb
Size/MD5 checksum: 1410534 86eff29224e043788f98a02f4af20402

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4.1b-3.2_mips.deb
Size/MD5 checksum: 1511892 7fa8c96a81238e524e870dee74d07fa4

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4.1b-3.2_mipsel.deb
Size/MD5 checksum: 1507808 5c7db52ed5910884679ec9ecc8606593

PowerPC architecture:

http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4.1b-3.2_powerpc.deb
Size/MD5 checksum: 1497302 f82ae7bc6ee25639bd8c18ab6c644fb5

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4.1b-3.2_s390.deb
Size/MD5 checksum: 1468622 72b310726d3baecfe26ba27ce9f9f46a

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4.1b-3.2_sparc.deb
Size/MD5 checksum: 1497394 83d65399cb15b48bcd9024f01e3f9400


These files will probably be moved into the stable distribution on
its next update.

- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDYMtkW5ql+IAeqTIRAhVoAJ9pKNsWYMEXdsX5aYnTieyf2mfWDwCghaQx
sRbTeSzDd6Z0mIIXOZiyVq0=
=kg5R
- -----END PGP SIGNATURE-----




2.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - --------------------------------------------------------------------------
Debian Security Advisory DSA 877-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
October 28th, 2005 http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package : gnump3d
Vulnerability : cross-site scripting, directory traversal
Problem type : remote
Debian-specific: no
CVE ID : CVE-2005-3122 CVE-2005-3123

Steve Kemp discovered two vulnerabilities in gnump3d, a streaming
server for MP3 and OGG files. The Common Vulnerabilities and
Exposures Project identifies the following problems:

CVE-2005-3122

The 404 error page does not strip malicious javascript content
from the resulting page, which would be executed in the victims
browser.

CVE-2005-3123

By using specially crafting URLs it is possible to read arbitary
files to which the user of the streaming server has access to.

The old stable distribution (woody) does not contain a gnump3d package.

For the stable distribution (sarge) these problems have been fixed in
version 2.9.3-1sarge2.

For the unstable distribution (sid) these problems have been fixed in
version 2.9.6-1.

We recommend that you upgrade your gnump3d package.


Upgrade Instructions
- - --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- - --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/g/gnump3d/gnump3d_2.9.3-1sarge2.dsc
Size/MD5 checksum: 575 16114607fe426691518743a80a15deda
http://security.debian.org/pool/updates/main/g/gnump3d/gnump3d_2.9.3.orig.tar.gz
Size/MD5 checksum: 616250 1a0d6a10f6ac2354e1f8c6000665f299
http://security.debian.org/pool/updates/main/g/gnump3d/gnump3d_2.9.3-1sarge2.diff.gz
Size/MD5 checksum: 14298 9fbb9305ab4282b7957be8203dd6fb35

Architecture independent components:

http://security.debian.org/pool/updates/main/g/gnump3d/gnump3d_2.9.3-1sarge2_all.deb
Size/MD5 checksum: 603662 a94ff8504be400030a5f5fdb08987da0


These files will probably be moved into the stable distribution on
its next update.

- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDYfRjW5ql+IAeqTIRAiSQAJ9J3KU5U/TV0XK6xPLNXlY8E9nhXgCeIKQI
KQjf5W+ekqi1NjEw71BXrLE=
=Je47
- -----END PGP SIGNATURE-----




3.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - --------------------------------------------------------------------------
Debian Security Advisory DSA 878-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
October 28th, 2005 http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package : netpbm-free
Vulnerability : buffer overflow
Problem type : local (remote)
Debian-specific: no
CVE ID : CVE-2005-2978

A buffer overflow has been identified in the pnmtopng component of the
netpbm package, a set of graphics conversion tools. This
vulnerability could allow an attacker to execute arbitrary code as a
local user by providing a specially crafted PNM file.

The old stable distribution (woody) it not vulnerable to this problem.

For the stable distribution (sarge) this problem has been fixed in
version 10.0-8sarge1.

For the unstable distribution (sid) this problem has been fixed in
version 10.0-10.

We recommend that you upgrade your netpbm-free packages.


Upgrade Instructions
- - --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- - --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm-free_10.0-8sarge1.dsc
Size/MD5 checksum: 749 826066a252124fc16f23cd484665a46f
http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm-free_10.0-8sarge1.diff.gz
Size/MD5 checksum: 44864 f797c3b500fc5255c3624973bce9b1c1
http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm-free_10.0.orig.tar.gz
Size/MD5 checksum: 1926538 985e9f6d531ac0b2004f5cbebdeea87d

Alpha architecture:

http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge1_alpha.deb
Size/MD5 checksum: 82612 e3808e3b400840d9a9cb6397f85bfe8e
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge1_alpha.deb
Size/MD5 checksum: 145896 57d3e7b0d77e72c94812affa8f55d5fe
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge1_alpha.deb
Size/MD5 checksum: 91526 a14de5dcfb2aa0698b25be38a656f036
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge1_alpha.deb
Size/MD5 checksum: 146312 cd518afd280793edf6de1642fe0bf131
http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge1_alpha.deb
Size/MD5 checksum: 1594754 8358e104e61d84614726d16db7d7dd44

AMD64 architecture:

http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge1_amd64.deb
Size/MD5 checksum: 68698 3f7cea0750ef84bc28b71e549d2a236b
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge1_amd64.deb
Size/MD5 checksum: 117940 e555e5219445a1513e08b9dd74f33be8
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge1_amd64.deb
Size/MD5 checksum: 77070 4072597c94858e3dc55d402a6a892e2b
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge1_amd64.deb
Size/MD5 checksum: 118338 c9ed97f95be1f82f15ab7ea55f660c7d
http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge1_amd64.deb
Size/MD5 checksum: 1277348 76f9a183926dc8147c8a3e534b13cff5

ARM architecture:

http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge1_arm.deb
Size/MD5 checksum: 61762 f09e9f6e310df8460df5c24956410557
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge1_arm.deb
Size/MD5 checksum: 114576 988371fd7acc8124d58220c0e41f715c
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge1_arm.deb
Size/MD5 checksum: 68828 f0ccd0d9dbc5167ca98bafdae9d0e281
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge1_arm.deb
Size/MD5 checksum: 115000 9afda9b7e72927c8777b12d89e9cd5e2
http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge1_arm.deb
Size/MD5 checksum: 1226590 6deb64cdaf7dca0b6806051cc2413d85

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge1_i386.deb
Size/MD5 checksum: 64900 e67ed2af944bf6bf1f47c6273882e1e4
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge1_i386.deb
Size/MD5 checksum: 110486 3e8778e39067e37f596aff3825ce4f20
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge1_i386.deb
Size/MD5 checksum: 71980 e4317b8c78c8ecf616aa4a88663efff7
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge1_i386.deb
Size/MD5 checksum: 110670 7554a1753416b9f8181bf1e901db1d37
http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge1_i386.deb
Size/MD5 checksum: 1199370 89b92c6db1e1c83ba67b0526af83202c

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge1_ia64.deb
Size/MD5 checksum: 96404 0dd071bd6d8e23fd0410bc019e4af21c
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge1_ia64.deb
Size/MD5 checksum: 154604 139421c3ff9e1d0452acd95527881c80
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge1_ia64.deb
Size/MD5 checksum: 107152 e6c29a86515968c3e25dd5dac02cdcbe
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge1_ia64.deb
Size/MD5 checksum: 154944 d86ac4d3a299478611987df9b3f5c3f5
http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge1_ia64.deb
Size/MD5 checksum: 1816258 88b2d95305265f79a79ae6fcc83d2e2f

HP Precision architecture:

http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge1_hppa.deb
Size/MD5 checksum: 77906 64dc5c615e2e08eea14e63ed0d2c7d64
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge1_hppa.deb
Size/MD5 checksum: 128022 631e0454bc5b6af236ea5e5367a517a8
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge1_hppa.deb
Size/MD5 checksum: 88550 d8f28ec0ead7cff9a102b4a33f4ddceb
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge1_hppa.deb
Size/MD5 checksum: 128476 d692c9ae37b89cba726d562da1fc67fe
http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge1_hppa.deb
Size/MD5 checksum: 1410098 20a2a03d36bdda73a41046f381024997

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge1_m68k.deb
Size/MD5 checksum: 62220 5a6bdfef95705506b487e0bd714461a7
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge1_m68k.deb
Size/MD5 checksum: 105320 ef901e9253a91724f49bbd89dca76858
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge1_m68k.deb
Size/MD5 checksum: 69546 edbeff4a313dbada606d02b689ce7340
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge1_m68k.deb
Size/MD5 checksum: 105552 2239fe471e08a1723b2dbc8a880598f3
http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge1_m68k.deb
Size/MD5 checksum: 1118998 22ca4cce7c7cea705a13469aa8741d93

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge1_mips.deb
Size/MD5 checksum: 68632 fa668ac909987ae3a67962c71d7e89fc
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge1_mips.deb
Size/MD5 checksum: 119972 4fdf6339e9a93dc3774c0f24d2cc20df
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge1_mips.deb
Size/MD5 checksum: 75434 688b39e02e20b00e69a9d4a5ddb522d5
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge1_mips.deb
Size/MD5 checksum: 120324 9988fa00dce2d70433a79455e410753b
http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge1_mips.deb
Size/MD5 checksum: 1671124 f43bfd87357a69ce2a895c419b5add32

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge1_mipsel.deb
Size/MD5 checksum: 68336 3557cfcf06a048a93ce5908110c03bf5
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge1_mipsel.deb
Size/MD5 checksum: 120066 b7aebf7f19258394dd033d3d3a355ab7
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge1_mipsel.deb
Size/MD5 checksum: 75096 2c9fde50576a752ade83a481febd97d4
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge1_mipsel.deb
Size/MD5 checksum: 120386 ea894ecc6f93e16ad3e1fc4eb3f4f08e
http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge1_mipsel.deb
Size/MD5 checksum: 1677952 4a1cc9f74dc560332ce416344cc19154

PowerPC architecture:

http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge1_powerpc.deb
Size/MD5 checksum: 71068 00d0741c15434913e71d01e51e2e0c6d
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge1_powerpc.deb
Size/MD5 checksum: 123548 f38add811d922e9dbfe76eab00926bb5
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge1_powerpc.deb
Size/MD5 checksum: 83270 963f88dcb0f361088546b88b83500dec
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge1_powerpc.deb
Size/MD5 checksum: 123850 6cfab6f90e89eda61e4c2bbf2043e74b
http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge1_powerpc.deb
Size/MD5 checksum: 1521270 1f73b1be18a046983600647ff5b18510

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge1_s390.deb
Size/MD5 checksum: 70380 958181f098270add6a248c92e928bcdd
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge1_s390.deb
Size/MD5 checksum: 115142 f4917540d6d715bc7f529ebd43a4670b
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge1_s390.deb
Size/MD5 checksum: 77554 8a5317a38dbf79861398e3397b22f980
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge1_s390.deb
Size/MD5 checksum: 115594 3cfc3d5c01ff2d31f24cbb3ae9d0fe6d
http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge1_s390.deb
Size/MD5 checksum: 1256716 e7aa9837a78d34e795047737e3a2485b

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge1_sparc.deb
Size/MD5 checksum: 67686 5be787ff8cc66de7eaa152485696661c
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge1_sparc.deb
Size/MD5 checksum: 117226 4944608ebfae97bac7f6ef35f2931faa
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge1_sparc.deb
Size/MD5 checksum: 74430 6db0f77ce24aa7df0c4d5cf3306fd837
http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge1_sparc.deb
Size/MD5 checksum: 117610 7a4293464c5613cb4ec32c720c2c7295
http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge1_sparc.deb
Size/MD5 checksum: 1279266 69bde0791094cfc352d5b5dc8d3680c6


These files will probably be moved into the stable distribution on
its next update.

- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDYhAFW5ql+IAeqTIRAlEbAKCCG7JwEVQkBNdPSa4McyFS81OZsgCeMWTl
wq+GPf10qiBirvw50xjU3sM=
=qrEK
- -----END PGP SIGNATURE-----



  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |