Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > March 2006 > Three Debian Security Adivisories: 1. DSA 1011-1 New kernel-patch-vserver packages fix root exploit 2. DSA 1012-1 New unzip packages fix arbitrary code execution 3. DSA 1013-1 New snmptrapfmt packages fix insecure temporary file

March 2006

Three Debian Security Adivisories: 1. DSA 1011-1 New kernel-patch-vserver packages fix root exploit 2. DSA 1012-1 New unzip packages fix arbitrary code execution 3. DSA 1013-1 New snmptrapfmt packages fix insecure temporary file

ID: 00222
Ref: 222
Date: 22 March 2006:10:23:06
Version: 1
Title: Three Debian Security Adivisories: 1. DSA 1011-1 New kernel-patch-vserver packages fix root exploit 2. DSA 1012-1 New unzip packages fix arbitrary code execution 3. DSA 1013-1 New snmptrapfmt packages fix insecure temporary file
Abstract:
Vendors affected: Debian
Operating systems affected: Debian
Applications affected: Debian
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1011-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
March 21st, 2005 http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package : kernel-patch-vserver, util-vserver
Vulnerability : missing attribute support
Problem type : local (remote)
Debian-specific: yes
CVE IDs : CVE-2005-4347 CVE-2005-4418
Debian Bugs : 329087 329090

Several vulnerabilities have been discovered in the Debian vserver
support for Linux. The Common Vulnerabilities and Exposures project
identifies the following problems:

CVE-2005-4347

Bjørn Steinbrink discovered that the chroot barrier is not set
correctly with util-vserver which may result in unauthorised
escapes from a vserver to the host system.

This vulnerability is limited to the 2.4 kernel patch included in
kernel-patch-vserver. The correction to this problem requires
updating the util-vserver package as well and installing a new
kernel built from the updated kernel-patch-vserver package.

CVE-2005-4418

The default policy of util-vserver is set to trust all unknown
capabilities instead of considering them as insecure.

The old stable distribution (woody) does not contain a
kernel-patch-vserver package.

For the stable distribution (sarge) this problem has been fixed in
version 1.9.5.5 of kernel-patch-vserver and in version
0.30.204-5sarge3 of util-vserver.

For the unstable distribution (sid) this problem has been fixed in
version 2.3 of kernel-patch-vserver and in version 0.30.208-1 of
util-vserver.

We recommend that you upgrade your util-vserver and
kernel-patch-vserver packages and build a new kernel immediately.


Upgrade Instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/k/kernel-patch-vserver/kernel-patch-vserver_1.9.5.5.dsc
Size/MD5 checksum: 637 415731be72a9cd966e2fdb5d4f408c4a
http://security.debian.org/pool/updates/main/k/kernel-patch-vserver/kernel-patch-vserver_1.9.5.5.tar.gz
Size/MD5 checksum: 950447 fe6b34612095d2fbdbaab5aefbd83264

http://security.debian.org/pool/updates/main/u/util-vserver/util-vserver_0.30.204-5sarge3.dsc
Size/MD5 checksum: 752 e32069a5ca2ef2bc87794cd6c2160821
http://security.debian.org/pool/updates/main/u/util-vserver/util-vserver_0.30.204-5sarge3.diff.gz
Size/MD5 checksum: 115947 d0bb2cd998a73905189ee24b5f46dd0d
http://security.debian.org/pool/updates/main/u/util-vserver/util-vserver_0.30.204.orig.tar.gz
Size/MD5 checksum: 677831 b315f375b1cef48da1b644dec18f22bd

Architecture independent components:

http://security.debian.org/pool/updates/main/k/kernel-patch-vserver/kernel-patch-vserver_1.9.5.5_all.deb
Size/MD5 checksum: 436934 b50048ea819d150d660ed96e3988613b

Alpha architecture:

http://security.debian.org/pool/updates/main/u/util-vserver/util-vserver_0.30.204-5sarge3_alpha.deb
Size/MD5 checksum: 600660 e52fe0ff93e4c9ca7d58fe8386ebab5a

AMD64 architecture:

http://security.debian.org/pool/updates/main/u/util-vserver/util-vserver_0.30.204-5sarge3_amd64.deb
Size/MD5 checksum: 429530 c4155982844c085b7d9bc59d7eaa02c4

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/u/util-vserver/util-vserver_0.30.204-5sarge3_i386.deb
Size/MD5 checksum: 398794 56831faa6fa6d76c601fee78251f50eb

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/u/util-vserver/util-vserver_0.30.204-5sarge3_ia64.deb
Size/MD5 checksum: 640332 ab2b2e4283ca5b62c9d9cf5776b6dadb

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/u/util-vserver/util-vserver_0.30.204-5sarge3_mips.deb
Size/MD5 checksum: 612918 e4a60532f25ce776880261de79278e85

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/u/util-vserver/util-vserver_0.30.204-5sarge3_mipsel.deb
Size/MD5 checksum: 614152 f3aee29aad2682878f8ed22064f3fafa

PowerPC architecture:

http://security.debian.org/pool/updates/main/u/util-vserver/util-vserver_0.30.204-5sarge3_powerpc.deb
Size/MD5 checksum: 425444 9a7542249c2b70661abab2afd5270462

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/u/util-vserver/util-vserver_0.30.204-5sarge3_s390.deb
Size/MD5 checksum: 440880 376560971a0d2db4bfd51beb67d42bff

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/u/util-vserver/util-vserver_0.30.204-5sarge3_sparc.deb
Size/MD5 checksum: 395640 51e24ac4754b1aa41277378ee9271a1f


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFEH6LrW5ql+IAeqTIRAowAAJ9eJIw4o3TGQrh4qaZnNaeXxdWBAACgjL4Q
fSjOS1GENxNR1PqBDHIoKmM=
=sVmy
-----END PGP SIGNATURE-----


2.


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1012-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
March 21st, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package : unzip
Vulnerability : buffer overflow
Problem type : local (remote)
Debian-specific: no
CVE ID : CVE-2005-4667
CERT advisory :
BugTraq ID : 15968
Debian Bug : 349794.

A buffer overflow in the command line argument parsing has been
discovered in unzip, the de-archiver for ZIP files that could lead to
the execution of arbitrary code.

For the old stable distribution (woody) this problem has been fixed in
version 5.50-1woody6.

For the stable distribution (sarge) this problem has been fixed in
version 5.52-1sarge4.

For the unstable distribution (sid) this problem has been fixed in
version 5.52-7.

We recommend that you upgrade your unzip package.


Upgrade Instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/u/unzip/unzip_5.50-1woody6.dsc
Size/MD5 checksum: 571 cc14465fbe413ef3a7f5c5d9ffc117ce
http://security.debian.org/pool/updates/main/u/unzip/unzip_5.50-1woody6.diff.gz
Size/MD5 checksum: 7373 6964744843adce4de0913f5ff9a0e710
http://security.debian.org/pool/updates/main/u/unzip/unzip_5.50.orig.tar.gz
Size/MD5 checksum: 1068379 6d27bcdf9b51d0ad0f78161d0f99582e

Alpha architecture:

http://security.debian.org/pool/updates/main/u/unzip/unzip_5.50-1woody6_alpha.deb
Size/MD5 checksum: 160670 5314de93efaf4eb391d151fc99b76385

ARM architecture:

http://security.debian.org/pool/updates/main/u/unzip/unzip_5.50-1woody6_arm.deb
Size/MD5 checksum: 139532 52ce821cdbeb1055acf4000adcbecf10

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/u/unzip/unzip_5.50-1woody6_i386.deb
Size/MD5 checksum: 122950 783758b4c93d0be1c2aad7b2cf41a4a4

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/u/unzip/unzip_5.50-1woody6_ia64.deb
Size/MD5 checksum: 191146 90a66edf48109c217d9da2615a99e32a

HP Precision architecture:

http://security.debian.org/pool/updates/main/u/unzip/unzip_5.50-1woody6_hppa.deb
Size/MD5 checksum: 147126 4b49f39b4fe4142716df95c08f61a66b

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/u/unzip/unzip_5.50-1woody6_m68k.deb
Size/MD5 checksum: 119684 51c36fc99310866c4158b4962f80354f

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/u/unzip/unzip_5.50-1woody6_mips.deb
Size/MD5 checksum: 143092 988785cbcb0ef2d656c82396b1a3d084

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/u/unzip/unzip_5.50-1woody6_mipsel.deb
Size/MD5 checksum: 143534 6f4ee2d9bcadf4aef4dadaf16c270024

PowerPC architecture:

http://security.debian.org/pool/updates/main/u/unzip/unzip_5.50-1woody6_powerpc.deb
Size/MD5 checksum: 136544 41839b724b2f0f5faee98bb410b92015

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/u/unzip/unzip_5.50-1woody6_s390.deb
Size/MD5 checksum: 137202 e55b19543ea9b5526daf45506e07a373

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/u/unzip/unzip_5.50-1woody6_sparc.deb
Size/MD5 checksum: 147670 9e0bcfaa072cf09b67b3af6361b6941c


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/u/unzip/unzip_5.52-1sarge4.dsc
Size/MD5 checksum: 528 fa94e70012ca87d3c47a32cc1a5ee8d1
http://security.debian.org/pool/updates/main/u/unzip/unzip_5.52-1sarge4.diff.gz
Size/MD5 checksum: 5970 d90c45ee99376216714a74619e9dd241
http://security.debian.org/pool/updates/main/u/unzip/unzip_5.52.orig.tar.gz
Size/MD5 checksum: 1140291 9d23919999d6eac9217d1f41472034a9

Alpha architecture:

http://security.debian.org/pool/updates/main/u/unzip/unzip_5.52-1sarge4_alpha.deb
Size/MD5 checksum: 175568 2c937f3342f888c177d14b508c5bcfc2

AMD64 architecture:

http://security.debian.org/pool/updates/main/u/unzip/unzip_5.52-1sarge4_amd64.deb
Size/MD5 checksum: 154984 a4b1a683d280713aa81e19b2b2576894

ARM architecture:

http://security.debian.org/pool/updates/main/u/unzip/unzip_5.52-1sarge4_arm.deb
Size/MD5 checksum: 155496 ae1fe7b4d009fa7cfb838e86e53c3017

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/u/unzip/unzip_5.52-1sarge4_i386.deb
Size/MD5 checksum: 145018 8e5def26db7c48b5c13374d8721c78f0

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/u/unzip/unzip_5.52-1sarge4_ia64.deb
Size/MD5 checksum: 206712 72bccff65305290aeb40a548ee134b72

HP Precision architecture:

http://security.debian.org/pool/updates/main/u/unzip/unzip_5.52-1sarge4_hppa.deb
Size/MD5 checksum: 162914 4e946c0b5fbdb669f9b4dcc7b04dcffa

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/u/unzip/unzip_5.52-1sarge4_m68k.deb
Size/MD5 checksum: 133792 5cb71bb725b0f0e12b14103ad31832d2

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/u/unzip/unzip_5.52-1sarge4_mips.deb
Size/MD5 checksum: 163458 c11e854b0131f93c9debf23b18e3e49a

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/u/unzip/unzip_5.52-1sarge4_mipsel.deb
Size/MD5 checksum: 164040 049471a42b402971801375b6bc40825a

PowerPC architecture:

http://security.debian.org/pool/updates/main/u/unzip/unzip_5.52-1sarge4_powerpc.deb
Size/MD5 checksum: 157426 d717ec6573055c17931206906dc8b580

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/u/unzip/unzip_5.52-1sarge4_s390.deb
Size/MD5 checksum: 156594 6e200ece0aa56e8c67958568e43ea33c

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/u/unzip/unzip_5.52-1sarge4_sparc.deb
Size/MD5 checksum: 155024 ebba4fa2a38e5be774a06288860a4757


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFEH7gxW5ql+IAeqTIRAjLJAJ9oEqOnyW2zSratMQbPszTx8+PPkACghnYe
9Br+3LC2nrRifCxVyH6Oox4=
=I8b7
-----END PGP SIGNATURE-----


3.


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1013-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
March 22nd, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package : snmptrapfmt
Vulnerability : insecure temporary file
Problem type : local
Debian-specific: no
CVE ID : CVE-2006-0050

Will Aoki discovered that snmptrapfmt, a configurable snmp trap
handler daemon for snmpd, does not prevent overwriting existing files
when writing to a temporary log file.

For the old stable distribution (woody) this problem has been fixed in
version 1.03woody1.

For the stable distribution (sarge) this problem has been fixed in
version 1.08sarge1.

For the unstable distribution (sid) this problem has been fixed in
version 1.10-1.

We recommend that you upgrade your snmptrapfmt package.


Upgrade Instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/s/snmptrapfmt/snmptrapfmt_1.03woody1.dsc
Size/MD5 checksum: 526 70bff136cf1671dba87b7c25b76b534c
http://security.debian.org/pool/updates/main/s/snmptrapfmt/snmptrapfmt_1.03woody1.tar.gz
Size/MD5 checksum: 16716 ac6bcf8eccfa4f71e0ef9ea14bdd4ef2

Alpha architecture:

http://security.debian.org/pool/updates/main/s/snmptrapfmt/snmptrapfmt_1.03woody1_alpha.deb
Size/MD5 checksum: 20836 85e594b0cba3135205290f6e9c9e45d8

ARM architecture:

http://security.debian.org/pool/updates/main/s/snmptrapfmt/snmptrapfmt_1.03woody1_arm.deb
Size/MD5 checksum: 15972 727d82a7bf68f33f058026608636179b

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/s/snmptrapfmt/snmptrapfmt_1.03woody1_i386.deb
Size/MD5 checksum: 15828 51cc452a5a4a34adf3eee8bd0f1cc931

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/s/snmptrapfmt/snmptrapfmt_1.03woody1_ia64.deb
Size/MD5 checksum: 23470 d88193f743bd931056ababfe186b406d

HP Precision architecture:

http://security.debian.org/pool/updates/main/s/snmptrapfmt/snmptrapfmt_1.03woody1_hppa.deb
Size/MD5 checksum: 17876 eb4bfab080f1e01f8c1c424b37e86d2e

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/s/snmptrapfmt/snmptrapfmt_1.03woody1_m68k.deb
Size/MD5 checksum: 15300 e5bc6331255c4d367b21fa33484a24df

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/s/snmptrapfmt/snmptrapfmt_1.03woody1_mips.deb
Size/MD5 checksum: 17414 706c890e463e40982115577d6366b38c

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/s/snmptrapfmt/snmptrapfmt_1.03woody1_mipsel.deb
Size/MD5 checksum: 17396 4b9549de0525237b7960fcc3fb7a7e34

PowerPC architecture:

http://security.debian.org/pool/updates/main/s/snmptrapfmt/snmptrapfmt_1.03woody1_powerpc.deb
Size/MD5 checksum: 17012 77a60b2618a0d6402b61505542def0c9

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/s/snmptrapfmt/snmptrapfmt_1.03woody1_s390.deb
Size/MD5 checksum: 16396 9c432c75e9ab8999f706cf5f44a3f912

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/s/snmptrapfmt/snmptrapfmt_1.03woody1_sparc.deb
Size/MD5 checksum: 20106 dba3eb8c1af9cd1cf4887b9f9f5dc919


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/s/snmptrapfmt/snmptrapfmt_1.08sarge1.dsc
Size/MD5 checksum: 516 b50422f5221e403d2050c14b7c66ce61
http://security.debian.org/pool/updates/main/s/snmptrapfmt/snmptrapfmt_1.08sarge1.tar.gz
Size/MD5 checksum: 18028 4272e8d4477b04fe767e81bf42100ddb

Alpha architecture:

http://security.debian.org/pool/updates/main/s/snmptrapfmt/snmptrapfmt_1.08sarge1_alpha.deb
Size/MD5 checksum: 20432 d6ac3ca520d385a287668f1052309ace

AMD64 architecture:

http://security.debian.org/pool/updates/main/s/snmptrapfmt/snmptrapfmt_1.08sarge1_amd64.deb
Size/MD5 checksum: 18940 b1569bc7eb07473243c3cb8d3ae39b0d

ARM architecture:

http://security.debian.org/pool/updates/main/s/snmptrapfmt/snmptrapfmt_1.08sarge1_arm.deb
Size/MD5 checksum: 17314 09efd328261c381c3d5820fd8694687f

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/s/snmptrapfmt/snmptrapfmt_1.08sarge1_i386.deb
Size/MD5 checksum: 17556 297688542b5ebc69a90d65eefcf91bf1

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/s/snmptrapfmt/snmptrapfmt_1.08sarge1_ia64.deb
Size/MD5 checksum: 23648 c09e71375846d03fcc055661a4fa5583

HP Precision architecture:

http://security.debian.org/pool/updates/main/s/snmptrapfmt/snmptrapfmt_1.08sarge1_hppa.deb
Size/MD5 checksum: 19622 43dd8b83363eabc50db98b94c8997669

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/s/snmptrapfmt/snmptrapfmt_1.08sarge1_m68k.deb
Size/MD5 checksum: 16940 538ee49ec5f773667ec7dd673685fb2b

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/s/snmptrapfmt/snmptrapfmt_1.08sarge1_mips.deb
Size/MD5 checksum: 20446 cd81b32736aed88be213a8b081b0c433

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/s/snmptrapfmt/snmptrapfmt_1.08sarge1_mipsel.deb
Size/MD5 checksum: 20528 c1c92e310b4d39d22b5fd322741c9375

PowerPC architecture:

http://security.debian.org/pool/updates/main/s/snmptrapfmt/snmptrapfmt_1.08sarge1_powerpc.deb
Size/MD5 checksum: 18244 e5ed9744340de79cab0f5b79638f0fbb

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/s/snmptrapfmt/snmptrapfmt_1.08sarge1_s390.deb
Size/MD5 checksum: 18436 be9b62e95c994b756200e868339d378e

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/s/snmptrapfmt/snmptrapfmt_1.08sarge1_sparc.deb
Size/MD5 checksum: 17450 d99f331ac8d556f359d45211a78cddf8


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFEIOtTW5ql+IAeqTIRAoTjAJ9JBST8vYtEoA17BmMriapCYaqlogCdFIWb
/oFqeRbFJO2oacu/kMcy5vw=
=rCmj
-----END PGP SIGNATURE-----
  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |