Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > April 2006 > Four Debian Security Advisory

April 2006

Four Debian Security Advisory

ID: 00309
Ref: 305/2006
Date: 24 April 2006:13:50:43
Version: 1
Title: Four Debian Security Advisory
Abstract:
Vendors affected: Debian
Operating systems affected: Debian
Applications affected: Debian
Title
=====

Four Debian Security Advisory:

1. DSA 1037-1 - New zgv packages fix arbitrary code execution

2. DSA 1038-1 - New xzgv packages fix arbitrary code execution

3. DSA 1039-1 - New blender packages fix several vulnerabilities

4. DSA 1040-1 - New gdm packages fix local root exploit

Detail
======

1. Andrea Barisani discovered that zgv, an svgalib graphics viewer,
attempts to decode JPEG images within the CMYK/YCCK colour space
incorrectly, which could lead to the execution of arbitrary code.

2. Andrea Barisani discovered that xzgv, a picture viewer for X with a
thumbnail-based selector, attempts to decode JPEG images within the
CMYK/YCCK colour space incorrectly, which could lead to the execution
of arbitrary code.

3. Several vulnerabilities have been discoverd in in blender, a very fast
and versatile 3D modeller/renderer.

4. A vulnerability has been identified in gdm, a display manager for X,
that could allow a local attacker to gain elevated privileges by
exploiting a race condition in the handling of the .ICEauthority file.



1.



- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - --------------------------------------------------------------------------
Debian Security Advisory DSA 1037-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
April 21st, 2006 http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package : zgv
Vulnerability : programming error
Problem type : remote
Debian-specific: no
CVE ID : CVE-2006-1060

Andrea Barisani discovered that zgv, an svgalib graphics viewer,
attempts to decode JPEG images within the CMYK/YCCK colour space
incorrectly, which could lead to the execution of arbitrary code.

For the old stable distribution (woody) this problem has been fixed in
version 5.5-3woody3.

For the stable distribution (sarge) this problem has been fixed in
version 5.7-1.4.

For the unstable distribution (sid) this problem has been fixed soon.


We recommend that you upgrade your zgv package.


Upgrade Instructions
- - --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- - --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/z/zgv/zgv_5.5-3woody3.dsc
Size/MD5 checksum: 603 17ee0337d957181e091a5ab098cab68f
http://security.debian.org/pool/updates/main/z/zgv/zgv_5.5-3woody3.diff.gz
Size/MD5 checksum: 9037 fdf06ee05dda8d8804e41c77e9061e75
http://security.debian.org/pool/updates/main/z/zgv/zgv_5.5.orig.tar.gz
Size/MD5 checksum: 329235 629386a4df72f6ec007319bf12db1374

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/z/zgv/zgv_5.5-3woody3_i386.deb
Size/MD5 checksum: 211964 bfb2b46ca2d2009f2577c7ee88fe3693


Debian GNU/Linux 3.1 alias sarge
- - --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/z/zgv/zgv_5.7-1.4.dsc
Size/MD5 checksum: 604 2ca8cd8b405de9c7e63f047878292b77
http://security.debian.org/pool/updates/main/z/zgv/zgv_5.7-1.4.diff.gz
Size/MD5 checksum: 10353 f904838cdc843ca9928f416a5195bc4a
http://security.debian.org/pool/updates/main/z/zgv/zgv_5.7.orig.tar.gz
Size/MD5 checksum: 384977 50f0127c250b6efe9c5f8850b96f3841

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/z/zgv/zgv_5.7-1.4_i386.deb
Size/MD5 checksum: 227920 9666a9563aee30e0a5123c6e8c9fa682


These files will probably be moved into the stable distribution on
its next update.

- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFESP83W5ql+IAeqTIRAplRAJ9AmglUWMrD9l2qyBYEEegQhqnRsgCfUu6F
r3eHS3gfYiJLpq8pGLwCFeA=
=PECh
- -----END PGP SIGNATURE-----



2.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - --------------------------------------------------------------------------
Debian Security Advisory DSA 1038-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
April 22nd, 2006 http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package : xzgv
Vulnerability : programming error
Problem type : remote
Debian-specific: no
CVE ID : CVE-2006-1060

Andrea Barisani discovered that xzgv, a picture viewer for X with a
thumbnail-based selector, attempts to decode JPEG images within the
CMYK/YCCK colour space incorrectly, which could lead to the execution
of arbitrary code.

For the old stable distribution (woody) this problem has been fixed in
version 0.7-6woody3.

For the stable distribution (sarge) this problem has been fixed in
version 0.8-3sarge1.

For the unstable distribution (sid) this problem will be fixed soon.

We recommend that you upgrade your xzgv package.


Upgrade Instructions
- - --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- - --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/x/xzgv/xzgv_0.7-6woody3.dsc
Size/MD5 checksum: 581 1a95ff78280e98e448b19807e6dacd14
http://security.debian.org/pool/updates/main/x/xzgv/xzgv_0.7-6woody3.diff.gz
Size/MD5 checksum: 7188 3af533cd6791a61c35cac448cdf7bd86
http://security.debian.org/pool/updates/main/x/xzgv/xzgv_0.7.orig.tar.gz
Size/MD5 checksum: 296814 9a376cc01cf486a2a8901fbc8b040d29

Alpha architecture:

http://security.debian.org/pool/updates/main/x/xzgv/xzgv_0.7-6woody3_alpha.deb
Size/MD5 checksum: 199802 8d2c31ecea7c0821a463930a795e4363

ARM architecture:

http://security.debian.org/pool/updates/main/x/xzgv/xzgv_0.7-6woody3_arm.deb
Size/MD5 checksum: 187280 3e9a89fcb5bca1c3b0cd5afa88b0a628

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/x/xzgv/xzgv_0.7-6woody3_i386.deb
Size/MD5 checksum: 185464 60cc2843ea8611650074c3b6247c9a68

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/x/xzgv/xzgv_0.7-6woody3_ia64.deb
Size/MD5 checksum: 220106 81b23a2fef7ea3c0d1e45d531494acce

HP Precision architecture:

http://security.debian.org/pool/updates/main/x/xzgv/xzgv_0.7-6woody3_hppa.deb
Size/MD5 checksum: 195672 de3c3a653cee6c8a810554179e07dc22

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/x/xzgv/xzgv_0.7-6woody3_m68k.deb
Size/MD5 checksum: 181774 8a51dbe9d11e85c1a50831c2035c1a0d

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/x/xzgv/xzgv_0.7-6woody3_mips.deb
Size/MD5 checksum: 188680 10ff84344193db70d24e438f48554fc6

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/x/xzgv/xzgv_0.7-6woody3_mipsel.deb
Size/MD5 checksum: 187718 5ba8e5fa9b7e2b54cb1f11f867431ee5

PowerPC architecture:

http://security.debian.org/pool/updates/main/x/xzgv/xzgv_0.7-6woody3_powerpc.deb
Size/MD5 checksum: 189770 909d2af6f68d5d7c49ecbacd2b187293

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/x/xzgv/xzgv_0.7-6woody3_s390.deb
Size/MD5 checksum: 189282 22d9c8dad8cf2a577fca2a208e9ed745

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/x/xzgv/xzgv_0.7-6woody3_sparc.deb
Size/MD5 checksum: 189208 5daa878f409a61f2ea519ac8d1ca5730


Debian GNU/Linux 3.1 alias sarge
- - --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/x/xzgv/xzgv_0.8-3sarge1.dsc
Size/MD5 checksum: 642 ae7ee0519ba25087b0dbd809a5a1db43
http://security.debian.org/pool/updates/main/x/xzgv/xzgv_0.8-3sarge1.diff.gz
Size/MD5 checksum: 8762 2f40bca80610715c3a48c7cd68733cc4
http://security.debian.org/pool/updates/main/x/xzgv/xzgv_0.8.orig.tar.gz
Size/MD5 checksum: 302801 e392277f1447076402df2e3d9e782cb2

Alpha architecture:

http://security.debian.org/pool/updates/main/x/xzgv/xzgv_0.8-3sarge1_alpha.deb
Size/MD5 checksum: 210012 6938839b55f3a36a3732a9743ae1a7df

AMD64 architecture:

http://security.debian.org/pool/updates/main/x/xzgv/xzgv_0.8-3sarge1_amd64.deb
Size/MD5 checksum: 201782 6b4d5abca89ec0dd92e2f34dd21a51e8

ARM architecture:

http://security.debian.org/pool/updates/main/x/xzgv/xzgv_0.8-3sarge1_arm.deb
Size/MD5 checksum: 194364 a80549d3f3f2e05ad37b45ff087d19c6

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/x/xzgv/xzgv_0.8-3sarge1_i386.deb
Size/MD5 checksum: 195816 69b8d384068d9fc7061997c63bd3075e

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/x/xzgv/xzgv_0.8-3sarge1_ia64.deb
Size/MD5 checksum: 223934 eb187eba5a5aa8bada015cab8d50bde1

HP Precision architecture:

http://security.debian.org/pool/updates/main/x/xzgv/xzgv_0.8-3sarge1_hppa.deb
Size/MD5 checksum: 202856 931a992b298cc192afcd164f2c379148

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/x/xzgv/xzgv_0.8-3sarge1_m68k.deb
Size/MD5 checksum: 189288 61005b854fabb24ee582d66644e39e73

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/x/xzgv/xzgv_0.8-3sarge1_mips.deb
Size/MD5 checksum: 196818 a3ccaeb5207c03483ab2073134afff84

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/x/xzgv/xzgv_0.8-3sarge1_mipsel.deb
Size/MD5 checksum: 195800 7d63b90f48fda8dc6004ebd65f2b280c

PowerPC architecture:

http://security.debian.org/pool/updates/main/x/xzgv/xzgv_0.8-3sarge1_powerpc.deb
Size/MD5 checksum: 198764 ad327072b62b9901450585abd7d687a0

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/x/xzgv/xzgv_0.8-3sarge1_s390.deb
Size/MD5 checksum: 200516 4a1a716179571f70adb1fa1685b374a6

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/x/xzgv/xzgv_0.8-3sarge1_sparc.deb
Size/MD5 checksum: 195544 cc23e85b70d38954c3d0e92cc209e2dc


These files will probably be moved into the stable distribution on
its next update.

- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFESengW5ql+IAeqTIRAvQoAJ4zsax+2KVU1gLhcgWanTI3P7/qBgCaA5x0
JI7zwCVH/xWBKS4iJZICtT8=
=utK/
- -----END PGP SIGNATURE-----


3.

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - --------------------------------------------------------------------------
Debian Security Advisory DSA 1039-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
April 24th, 2006 http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package : blender
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE IDs : CVE-2005-3302 CVE-2005-4470
BugTraq ID : 15981
Debian Bugs : 330895 344398

Several vulnerabilities have been discoverd in in blender, a very fast
and versatile 3D modeller/renderer. The Common Vulnerability and
Exposures Project identifies the following problems:

CVE-2005-3302

Joxean Koret discovered that due to missing input validation a
provides script is vulnerable to arbitrary command execution.

CVE-2005-4470

Damian Put discovered a buffer overflow that allows remote
attackers to cause a denial of service and possibly execute
arbitrary code.

The old stable distribution (woody) is not affected by this problem.

For the stable distribution (sarge) this problem has been fixed in
version 2.36-1sarge1.

For the unstable distribution (sid) this problem has been fixed in
version 2.40-1.

We recommend that you upgrade your blender package.


Upgrade Instructions
- - --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- - --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/b/blender/blender_2.36-1sarge1.dsc
Size/MD5 checksum: 748 8d4a7880a3b1c0d1c2c2b7d67b1111c7
http://security.debian.org/pool/updates/main/b/blender/blender_2.36-1sarge1.diff.gz
Size/MD5 checksum: 13747 1731a5fd58dfbf6eacb4f2760be9dd27
http://security.debian.org/pool/updates/main/b/blender/blender_2.36.orig.tar.gz
Size/MD5 checksum: 6912828 8e2237c86b12e6061935632495aec875

Alpha architecture:

http://security.debian.org/pool/updates/main/b/blender/blender_2.36-1sarge1_alpha.deb
Size/MD5 checksum: 4827460 180eeefd1123722e7c4aa0a43cf47eeb

AMD64 architecture:

http://security.debian.org/pool/updates/main/b/blender/blender_2.36-1sarge1_amd64.deb
Size/MD5 checksum: 4118980 be9328fd278159f218a25763553e92be

ARM architecture:

http://security.debian.org/pool/updates/main/b/blender/blender_2.36-1sarge1_arm.deb
Size/MD5 checksum: 4089822 07513b5818e448697bfbc6b1bed51873

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/b/blender/blender_2.36-1sarge1_i386.deb
Size/MD5 checksum: 4142046 a263f52ac839648cee6e870b3d7e451e

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/b/blender/blender_2.36-1sarge1_ia64.deb
Size/MD5 checksum: 5684932 db0b5c13cd696115958e2efb528f1eed

HP Precision architecture:

http://security.debian.org/pool/updates/main/b/blender/blender_2.36-1sarge1_hppa.deb
Size/MD5 checksum: 4600312 c2241dbd8f88fbbf7ccdc164193dab60

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/b/blender/blender_2.36-1sarge1_m68k.deb
Size/MD5 checksum: 3655228 8728fcd27b3fb0c9bc7c1a9eaf417bd0

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/b/blender/blender_2.36-1sarge1_mips.deb
Size/MD5 checksum: 4310726 37dd5199543e5a9a20fae6abff093dc2

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/b/blender/blender_2.36-1sarge1_mipsel.deb
Size/MD5 checksum: 4303728 21f55618f8ee45ed18c848ebb3707dab

PowerPC architecture:

http://security.debian.org/pool/updates/main/b/blender/blender_2.36-1sarge1_powerpc.deb
Size/MD5 checksum: 4173870 1c2dc631d155be939696e67b1f8b2416

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/b/blender/blender_2.36-1sarge1_s390.deb
Size/MD5 checksum: 3977484 0b7f82038c3f61280c42c337188cfd47

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/b/blender/blender_2.36-1sarge1_sparc.deb
Size/MD5 checksum: 3940052 b64ac521aaa356b54f6a162f6c10bc4f


These files will probably be moved into the stable distribution on
its next update.

- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFETHBjW5ql+IAeqTIRAjD0AJ0aw0dhczTrG83pHZZ8UIKkFIs5SACdEyPg
/e6K5MGNuBieUdOEyluD1s4=
=LJME
- -----END PGP SIGNATURE-----


4.

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - --------------------------------------------------------------------------
Debian Security Advisory DSA 1040-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
April 24th, 2006 http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package : gdm
Vulnerability : programming error
Problem type : local
Debian-specific: no
CVE ID : CVE-2006-1057
BugTraq ID : 17635

A vulnerability has been identified in gdm, a display manager for X,
that could allow a local attacker to gain elevated privileges by
exploiting a race condition in the handling of the .ICEauthority file.

The old stable distribution (woody) is not affected by this problem.

For the stable distribution (sarge) this problem has been fixed in
version 2.6.0.8-1sarge2.

For the unstable distribution (sid) this problem will be fixed in
version 2.14.1-1.

We recommend that you upgrade your gdm package.


Upgrade Instructions
- - --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- - --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/g/gdm/gdm_2.6.0.8-1sarge2.dsc
Size/MD5 checksum: 732 5e615263c621f3166eab26233249934b
http://security.debian.org/pool/updates/main/g/gdm/gdm_2.6.0.8-1sarge2.diff.gz
Size/MD5 checksum: 258548 323d831f75f4a784b754ee4d6902120f
http://security.debian.org/pool/updates/main/g/gdm/gdm_2.6.0.8.orig.tar.gz
Size/MD5 checksum: 5619049 1417d176925a4a24c465c043df7b6a39

Alpha architecture:

http://security.debian.org/pool/updates/main/g/gdm/gdm_2.6.0.8-1sarge2_alpha.deb
Size/MD5 checksum: 3243636 3641c4ee397d6f70fa15b439da1ca29d

AMD64 architecture:

http://security.debian.org/pool/updates/main/g/gdm/gdm_2.6.0.8-1sarge2_amd64.deb
Size/MD5 checksum: 3178276 03057b54637e652dd37f98bf94e3b575

ARM architecture:

http://security.debian.org/pool/updates/main/g/gdm/gdm_2.6.0.8-1sarge2_arm.deb
Size/MD5 checksum: 3124804 beb9189cf49420259a51210c1864cc08

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/g/gdm/gdm_2.6.0.8-1sarge2_i386.deb
Size/MD5 checksum: 3144008 36c7dfed8ab7ece8d5b75fa720c6120d

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/g/gdm/gdm_2.6.0.8-1sarge2_ia64.deb
Size/MD5 checksum: 3328900 c6b11ef8670cb3f63d946e0779d65c3f

HP Precision architecture:

http://security.debian.org/pool/updates/main/g/gdm/gdm_2.6.0.8-1sarge2_hppa.deb
Size/MD5 checksum: 3185510 486b1377061ad3655a34d17abc9ece23

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/g/gdm/gdm_2.6.0.8-1sarge2_m68k.deb
Size/MD5 checksum: 3115464 a002336849c45be8d7a70630a9dbe714

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/g/gdm/gdm_2.6.0.8-1sarge2_mips.deb
Size/MD5 checksum: 3155474 dea4b0e6dbb2b1a4ac0b5a90e9a93035

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/g/gdm/gdm_2.6.0.8-1sarge2_mipsel.deb
Size/MD5 checksum: 3147934 19dc1118fec157e9ae4f7e40418a7cbb

PowerPC architecture:

http://security.debian.org/pool/updates/main/g/gdm/gdm_2.6.0.8-1sarge2_powerpc.deb
Size/MD5 checksum: 3172026 611508441a9bcd7df2bb3ac486a20da4

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/g/gdm/gdm_2.6.0.8-1sarge2_s390.deb
Size/MD5 checksum: 3185506 f03786d134fda10cfb7ce9c6b4e13044

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/g/gdm/gdm_2.6.0.8-1sarge2_sparc.deb
Size/MD5 checksum: 3137658 ea03ac108174033db47559465da66184


These files will probably be moved into the stable distribution on
its next update.

- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFETHh4W5ql+IAeqTIRAmlPAJsGzMzVdLIzP+TIAApv2KwGk5DvewCfXvkY
/IIixfg//EnflyUYGFnj/4E=
=T3U7
- -----END PGP SIGNATURE-----


  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |