Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > June 2006 > Four Debian Security Advisories - DSA 1091-1, DSA 1092-1, DSA 1093-1, DSA 1094-1

June 2006

Four Debian Security Advisories - DSA 1091-1, DSA 1092-1, DSA 1093-1, DSA 1094-1

ID: 00402
Ref: 391/06
Date: 09 June 2006:15:07:38
Version: 1
Title: Four Debian Security Advisories - DSA 1091-1, DSA 1092-1, DSA 1093-1, DSA 1094-1
Abstract:
Vendors affected: Debian
Operating systems affected: Debian
Applications affected: Debian

1.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1091-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
June 8th, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package : tiff
Vulnerability : buffer overflows
Problem type : none or remote
Debian-specific: no
CVE ID : CVE-2006-2656 CVE-2006-2193
Debian Bug : 369819

Several problems have been discovered in the TIFF library. The Common
Vulnerabilities and Exposures project identifies the following issues:

CVE-2006-2193

SuSE discovered a buffer overflow in the conversion of TIFF files
into PDF documents which could be exploited when tiff2pdf is used
e.g. in a printer filter.

CVE-2006-2656

The tiffsplit command from the TIFF library contains a buffer
overflow in the commandline handling which could be exploited when
the program is executed automatically on unknown filenames.

For the old stable distribution (woody) this problem has been fixed in
version 3.5.5-7woody2.

For the stable distribution (sarge) this problem has been fixed in
version 3.7.2-5.

For the unstable distribution (sid) this problem has been fixed in
version 3.8.2-4.

We recommend that you upgrade your tiff packages.


Upgrade Instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/t/tiff/tiff_3.5.5-7woody2.dsc
Size/MD5 checksum: 635 63c05c844a00a57f87f1804dc668ccbf
http://security.debian.org/pool/updates/main/t/tiff/tiff_3.5.5-7woody2.diff.gz
Size/MD5 checksum: 38682 5905ba8ea39b409b4aa2893b697f35bc
http://security.debian.org/pool/updates/main/t/tiff/tiff_3.5.5.orig.tar.gz
Size/MD5 checksum: 693641 3b7199ba793dec6ca88f38bb0c8cc4d8

Alpha architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_alpha.deb
Size/MD5 checksum: 141478 2e995b46f312ecf35858f06e50c2ae2e
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_alpha.deb
Size/MD5 checksum: 106182 c383b1a1f292525e60efa68750bda5ae
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_alpha.deb
Size/MD5 checksum: 423868 da0015dd297de4f4128488fca92c3a88

ARM architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_arm.deb
Size/MD5 checksum: 117012 fe039271e5e9a94f56a2ca4c8a38a373
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_arm.deb
Size/MD5 checksum: 91610 d52006c179bfc3a13a779dfab1afa8fd
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_arm.deb
Size/MD5 checksum: 404850 69dd0252a4e15f0bc84ddb0d53ce5c96

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_i386.deb
Size/MD5 checksum: 112058 cc978252d32d2e853ed08a655940b15b
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_i386.deb
Size/MD5 checksum: 82070 22733411e25f7fac444f148dcfb685a7
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_i386.deb
Size/MD5 checksum: 387442 dc8f36b0bfed0cc69d53c14f6b6e2fd4

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_ia64.deb
Size/MD5 checksum: 158834 dda97df687d64fef045e7dd425a9b01e
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_ia64.deb
Size/MD5 checksum: 136678 e43c8ca8bcbdb54d09cee79f7c2f5665
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_ia64.deb
Size/MD5 checksum: 447048 100db6566cc42766d93fd67913834096

HP Precision architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_hppa.deb
Size/MD5 checksum: 128284 43c94055d54efb3d3d0708f527617ca8
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_hppa.deb
Size/MD5 checksum: 107708 089f41dfe3629250ddc02cbe1c76c649
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_hppa.deb
Size/MD5 checksum: 420730 018d785c7890016dfab3cba41e949dc5

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_m68k.deb
Size/MD5 checksum: 107282 1719b7463ef81d07075c39453f793080
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_m68k.deb
Size/MD5 checksum: 80748 2020a4999f141c2b5ba47090c551de36
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_m68k.deb
Size/MD5 checksum: 380718 d75aa876cef53d488178caae1dc160f2

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_mips.deb
Size/MD5 checksum: 124022 7deeb5d1d0b5eb2c536143949e507fb0
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_mips.deb
Size/MD5 checksum: 88820 ef4eed05b2bb2f853c74997141bab9e6
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_mips.deb
Size/MD5 checksum: 411210 d9a0dd8ae266524ff80efcd88e74365a

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_mipsel.deb
Size/MD5 checksum: 123536 88738fa15be0cb199c006503a12e13df
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_mipsel.deb
Size/MD5 checksum: 89122 beaf555e5d72f290852777b750a676cc
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_mipsel.deb
Size/MD5 checksum: 411326 61a6b79d2fd527d1c3fcd41eac1bd408

PowerPC architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_powerpc.deb
Size/MD5 checksum: 116102 5bb725af64e1f4c2d4a9bc90ab2cc8e0
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_powerpc.deb
Size/MD5 checksum: 90618 2e4cfb7cd4e2dee6418fa7f88f01c68f
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_powerpc.deb
Size/MD5 checksum: 403142 39f179238a6d70f1a755c7a7751c6b1d

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_s390.deb
Size/MD5 checksum: 116912 a4c1ef170588a8be47985338e6f99074
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_s390.deb
Size/MD5 checksum: 92814 c33810f1cae1535ceb0d2f06a2cc4875
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_s390.deb
Size/MD5 checksum: 395670 0925a01ed6e686c24aecba121ee12a7f

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_sparc.deb
Size/MD5 checksum: 132896 653921fed0879588e859ec05555d25ad
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_sparc.deb
Size/MD5 checksum: 89798 7097a2950a1a40f46c91cccd97e9fef3
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_sparc.deb
Size/MD5 checksum: 397444 82752cc23951fc4e26838a704fd18561


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/t/tiff/tiff_3.7.2-5.dsc
Size/MD5 checksum: 736 a818c1d8f13bba145e33b79f5b476707
http://security.debian.org/pool/updates/main/t/tiff/tiff_3.7.2-5.diff.gz
Size/MD5 checksum: 11836 91da082b84456d159fcea664b99012d2
http://security.debian.org/pool/updates/main/t/tiff/tiff_3.7.2.orig.tar.gz
Size/MD5 checksum: 1252995 221679f6d5c15670b3c242cbfff79a00

Alpha architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_alpha.deb
Size/MD5 checksum: 46922 0c35a8df000764e528ae384ac325b8ad
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_alpha.deb
Size/MD5 checksum: 243676 b8745078cb5af1773f1b28e97a787343
http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_alpha.deb
Size/MD5 checksum: 478368 6aa0652b69c62bfc7e51c6781d06fa19
http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_alpha.deb
Size/MD5 checksum: 309918 adb7022423ccd165188e8071e19cc442
http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_alpha.deb
Size/MD5 checksum: 41048 72d163b97923c66a8b632e1907bc0865

AMD64 architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_amd64.deb
Size/MD5 checksum: 45848 f79893646f9c74fdef624f949fea88ad
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_amd64.deb
Size/MD5 checksum: 217914 b4abe50b4c24e899cbb961612ff3bdb2
http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_amd64.deb
Size/MD5 checksum: 459378 d01fdb8c0c066e5e4503b006b696658d
http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_amd64.deb
Size/MD5 checksum: 266960 a13564cc4b1ab7cfe8e956a556c8ee25
http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_amd64.deb
Size/MD5 checksum: 40618 9114caa1d68c7197f9fa24c1747cd99d

ARM architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_arm.deb
Size/MD5 checksum: 45362 fce43634a68f4a8867764f9b8649f07a
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_arm.deb
Size/MD5 checksum: 208490 64553848b27faef1fc6072623904db18
http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_arm.deb
Size/MD5 checksum: 453542 16cde56a8e4d74ff39fec6f1cc664171
http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_arm.deb
Size/MD5 checksum: 265224 c1e43bfa93d33ea20c970485c2559ec1
http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_arm.deb
Size/MD5 checksum: 40112 835f54888f47687d80bd283956b6a433

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_i386.deb
Size/MD5 checksum: 45226 fb6a72018e538b9c01be4f1d7b83f5ee
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_i386.deb
Size/MD5 checksum: 206256 bc2113c8fa422bfa43770aff225ef6a2
http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_i386.deb
Size/MD5 checksum: 452596 ecd7de1fd8b95c90a20e8418781c129b
http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_i386.deb
Size/MD5 checksum: 251726 5d7ab853c833dbf09fecb7da82a90f1d
http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_i386.deb
Size/MD5 checksum: 40666 94f82a8a5aa26e51e6cb5d8dd2b2d6d7

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_ia64.deb
Size/MD5 checksum: 48314 eced941bad1e44163b1732e7d140e47f
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_ia64.deb
Size/MD5 checksum: 268978 791e5bdfdc7ffc390156b80715c76511
http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_ia64.deb
Size/MD5 checksum: 511152 6c74c5b71ae314d7332e5c717edb4a0b
http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_ia64.deb
Size/MD5 checksum: 330884 e73f9cd34760e6e90705a22a082e701b
http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_ia64.deb
Size/MD5 checksum: 42252 6b66dd7679be12ffe5927e6fb4fea6df

HP Precision architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_hppa.deb
Size/MD5 checksum: 46654 d8f619cfa26dde8579513f6d0b81a0f1
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_hppa.deb
Size/MD5 checksum: 230166 1321bf6e1d105ddd339b7e5557aa5719
http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_hppa.deb
Size/MD5 checksum: 473080 ab55bbf0033b1b650ee927d21ce9c738
http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_hppa.deb
Size/MD5 checksum: 281620 93cf9c2dfa23e2c20e8795dd62dfc1ff
http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_hppa.deb
Size/MD5 checksum: 41294 6ff9f727d5da771f334f75d58e118bfe

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_m68k.deb
Size/MD5 checksum: 45238 4020963162aeba32e183855003f5282c
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_m68k.deb
Size/MD5 checksum: 193466 dd132dae95518b681b29f18dc72b5126
http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_m68k.deb
Size/MD5 checksum: 442750 64ec9d1c9e3cc0bcf916b685437af60d
http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_m68k.deb
Size/MD5 checksum: 234514 7a50d86d056760ff37bbd585b136df14
http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_m68k.deb
Size/MD5 checksum: 40270 491986255b51eaccb5ddcece25ecc732

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_mips.deb
Size/MD5 checksum: 46118 2a6f6b1f5e1557c3ef4297ee0eabc985
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_mips.deb
Size/MD5 checksum: 252258 a21f9c0fc9c53b13b14efd641a3cb8ae
http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_mips.deb
Size/MD5 checksum: 458604 30db35156ea16a19a75edfb35ad2a14d
http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_mips.deb
Size/MD5 checksum: 280506 53f30322a6fc900b4f0ebc5f3d492676
http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_mips.deb
Size/MD5 checksum: 40894 170ea7645a3c5543cc5caae43ad5c0a6

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_mipsel.deb
Size/MD5 checksum: 46080 43c5a8ea470cb03a0d2ef8b9933c7857
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_mipsel.deb
Size/MD5 checksum: 252690 857f1625966dbc12f508700a471ac831
http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_mipsel.deb
Size/MD5 checksum: 458972 6f4c7d7ffe16f8c99ab81924da944985
http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_mipsel.deb
Size/MD5 checksum: 280370 cd2a531fa482b3e48c539e2dd3561494
http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_mipsel.deb
Size/MD5 checksum: 40880 a81fef82f1d0a9d7d1001e7a325fee30

PowerPC architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_powerpc.deb
Size/MD5 checksum: 47288 24f1d1ac568afd55118a1fc57f903394
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_powerpc.deb
Size/MD5 checksum: 235464 69addcbeaeeba30abe98dcb1efc1a285
http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_powerpc.deb
Size/MD5 checksum: 460614 651e56b2fd88160d3a43b92aba8875eb
http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_powerpc.deb
Size/MD5 checksum: 272120 17b13db9ffe5f47941db64522210a26e
http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_powerpc.deb
Size/MD5 checksum: 42466 eaa2cce3db4913037c21d73e59cfed63

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_s390.deb
Size/MD5 checksum: 46240 826c2293b0729b990ee4e78f5d44d5c4
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_s390.deb
Size/MD5 checksum: 213880 b4caf3c3eec6f7261af4eaff0f764bbf
http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_s390.deb
Size/MD5 checksum: 466012 2371e8d875c366fe532d447f9e4d185a
http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_s390.deb
Size/MD5 checksum: 266758 7b6b6981382dccaede04ffef2f5cfea1
http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_s390.deb
Size/MD5 checksum: 40886 9e4f621bc83ac85dcf2a56fa7aa59e88

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_sparc.deb
Size/MD5 checksum: 45530 a6cc6e6db7136497800635f5cd991381
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_sparc.deb
Size/MD5 checksum: 205358 8f72175e2f33bc5ab15ea5e9b5c77b91
http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_sparc.deb
Size/MD5 checksum: 454782 229cc03ccc4397b839a9545cbe6e6500
http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_sparc.deb
Size/MD5 checksum: 257914 f99730a57980cf56a28dc1ce2a74e016
http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_sparc.deb
Size/MD5 checksum: 40616 8d38793d5c79a5498f7c5e0e2f9c37fe


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEh/hAW5ql+IAeqTIRAov9AKCWBpr1DJ93OkzAAblfwOJ8GI7S4gCcDCTy
ggrbN6fApkcg5Gwwqz6uQY0=
=gJ1I
-----END PGP SIGNATURE-----

2.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1092-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
June 8th, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package : mysql-dfsg-4.1
Vulnerability : programming error
Problem type : remote
Debian-specific: no
CVE ID : CVE-2006-2753
BugTraq ID : 18219

Josh Berkus and Tom Lane discovered that MySQL 4.1, a popular SQL
database, incorrectly parses astring escaped with mysql_real_escape()
which could lead to SQL injection. This problem does only exist in
versions 4.1 and 5.0.

The old stable distribution (woody) is not affected by this problem.

For the stable distribution (sarge) this problem has been fixed in
version 4.1.11a-4sarge4.

For the unstable distribution (sid) this problem has been fixed in
version 5.0.21-4.

Version 4.0 in the stable distribution (sarge) is also not affected by
this problem.

We recommend that you upgrade your mysql packages.


Upgrade Instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.11a-4sarge4.dsc
Size/MD5 checksum: 1021 af71d3e6da11441dfd8ed93c20ca8729
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.11a-4sarge4.diff.gz
Size/MD5 checksum: 167558 438fd6709d74cb614901d0ea9a965745
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.11a.orig.tar.gz
Size/MD5 checksum: 15771855 3c0582606a8903e758c2014c2481c7c3

Architecture independent components:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-common-4.1_4.1.11a-4sarge4_all.deb
Size/MD5 checksum: 36302 abaa8025885618451c598493b41d10bb

Alpha architecture:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge4_alpha.deb
Size/MD5 checksum: 1590578 754d9c9d253ba8488ee66efc92dcb1ca
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge4_alpha.deb
Size/MD5 checksum: 7965338 b623f43445b37b8af9f91c09ed31d4ae
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge4_alpha.deb
Size/MD5 checksum: 1000754 32ed105998bb4a23d52d861fac54e840
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge4_alpha.deb
Size/MD5 checksum: 17488018 d3cda036d9920c18de5849ab3dc024c8

AMD64 architecture:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge4_amd64.deb
Size/MD5 checksum: 1451828 06f3945b95051a12f9f155a268094dcf
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge4_amd64.deb
Size/MD5 checksum: 5551444 3663f19adb6b38a61682619ef19cfbc8
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge4_amd64.deb
Size/MD5 checksum: 849336 42c8d15b1329e901a845dc74626a0f3e
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge4_amd64.deb
Size/MD5 checksum: 14711198 aa976778d4cfdbfaab96fe4bcbeb8cb5

ARM architecture:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge4_arm.deb
Size/MD5 checksum: 1388714 4786d6136ff3d5d9d4258754eb64b356
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge4_arm.deb
Size/MD5 checksum: 5558586 796c478d90a750e0a577434512fdaeb6
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge4_arm.deb
Size/MD5 checksum: 836542 d62795e99b44d319626c15446c962d44
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge4_arm.deb
Size/MD5 checksum: 14557476 ac7a7d39805b00b27872cdc339f688d5

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge4_i386.deb
Size/MD5 checksum: 1417826 f8d012cb6a85554c0d94bfcac7f78791
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge4_i386.deb
Size/MD5 checksum: 5643870 d02bb09d6cb1ba6b8014055eec3fc3be
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge4_i386.deb
Size/MD5 checksum: 830518 f603306a8fec1c63b6e3ecc17107bd98
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge4_i386.deb
Size/MD5 checksum: 14558102 591c67e79d72dd63e02dc166d0cb5300

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge4_ia64.deb
Size/MD5 checksum: 1713084 09db38b7f9ff3567ef4d4ccc4c46ae3f
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge4_ia64.deb
Size/MD5 checksum: 7782286 0c75c782e7873a327d69421933f36732
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge4_ia64.deb
Size/MD5 checksum: 1050436 91bf76af1e2d978eb5472ddb84031bf1
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge4_ia64.deb
Size/MD5 checksum: 18475506 7d96940c7e7a0623de3702651cf8c8a2

HP Precision architecture:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge4_hppa.deb
Size/MD5 checksum: 1550998 e4c6ae38e9a5dc7aae7cc15dff9bc0c0
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge4_hppa.deb
Size/MD5 checksum: 6249966 91443fde830a3cbb343849afd6a2d0d8
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge4_hppa.deb
Size/MD5 checksum: 909886 3ed733077d25aefe18bcf1cc21ad2215
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge4_hppa.deb
Size/MD5 checksum: 15790412 bb7a33201295e66224bf4c491f0c56b9

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge4_m68k.deb
Size/MD5 checksum: 1397768 e3c536ac8323986b4165abe26928f36f
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge4_m68k.deb
Size/MD5 checksum: 5283732 bb01937d6e79d23947a89312cf160aa6
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge4_m68k.deb
Size/MD5 checksum: 803692 2613a1adb8174a24efa485ade794db85
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge4_m68k.deb
Size/MD5 checksum: 14071656 677a2a213c3fb5fe363f76625fe5e1c7

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge4_mips.deb
Size/MD5 checksum: 1478750 48583310a2c865cc938566c6cd08a824
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge4_mips.deb
Size/MD5 checksum: 6052854 dad954fb5c1cd13ad73cfd21c2819e5f
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge4_mips.deb
Size/MD5 checksum: 904326 44f8ae166e7b30694eaad583eba40666
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge4_mips.deb
Size/MD5 checksum: 15409878 5180ef322b2f6d4aa7dcc4fd60a521d4

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge4_mipsel.deb
Size/MD5 checksum: 1446178 bd5a7f2d224da45b1e24a6a23038744f
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge4_mipsel.deb
Size/MD5 checksum: 5971330 bedb92b0edc6e18dc83e504690c863c6
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge4_mipsel.deb
Size/MD5 checksum: 889962 c75f34bfc318ac4cca4c04cd0bbe2c10
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge4_mipsel.deb
Size/MD5 checksum: 15105354 e8100b4c7ba1de3c9e3b1afbaac0b825

PowerPC architecture:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge4_powerpc.deb
Size/MD5 checksum: 1476650 035fa1c4995fbc57d9b7ee6e20e85fde
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge4_powerpc.deb
Size/MD5 checksum: 6027482 98a9b182121a9747a0e6e9c8ef1531b2
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge4_powerpc.deb
Size/MD5 checksum: 907256 c8a0e5668a15b68aff1c108e7fc6afad
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge4_powerpc.deb
Size/MD5 checksum: 15402696 3e020285d43a361111278d558d95bd6d

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge4_s390.deb
Size/MD5 checksum: 1538332 604b1be5b4ca49165113d200cd3415c0
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge4_s390.deb
Size/MD5 checksum: 5461442 b5b4bfa92a5c7d4269238a00fc320057
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge4_s390.deb
Size/MD5 checksum: 884106 c1c2e15c37217bcbf96dfff23f19d5ab
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge4_s390.deb
Size/MD5 checksum: 15055316 2fe79ed0e0242a75f4ecb016d39e491d

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge4_sparc.deb
Size/MD5 checksum: 1460442 72b9ef109c9ef1951d8002b1dbe72735
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge4_sparc.deb
Size/MD5 checksum: 6207904 dd3e6e35dab09a603344a36b28916514
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge4_sparc.deb
Size/MD5 checksum: 868066 0cec4df9b02b3550fdf4a7c5f35af51b
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge4_sparc.deb
Size/MD5 checksum: 15391878 8f056ef97deef926d4b1ff843f762ced


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEiCsFW5ql+IAeqTIRAkVAAJ9rg2srqHlNySQmcnlGeuFDg8TWJgCePylO
uwDLaVwlMr0DTdt3qzFOOIA=
=RkIr
-----END PGP SIGNATURE-----

3.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1093-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
June 8th, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package : xine-ui
Vulnerability : format string
Problem type : local (remote)
Debian-specific: no
CVE ID : CVE-2006-2230

Several format string vulnerabilities have been discovered in xine-ui,
the user interface of the xine video player, which may cause a denial
of service.

The old stable distribution (woody) is not affected by these problems.

For the stable distribution (sarge) these problems have been fixed in
version 0.99.3-1sarge1.

For the unstable distribution (sid) these problems will be fixed soon.

We recommend that you upgrade your xine-ui package.


Upgrade Instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/x/xine-ui/xine-ui_0.99.3-1sarge1.dsc
Size/MD5 checksum: 746 527be88be68d5710bf5e0a5b09ffc839
http://security.debian.org/pool/updates/main/x/xine-ui/xine-ui_0.99.3-1sarge1.diff.gz
Size/MD5 checksum: 1288 64415eeb7634cc0dca6d7a44e7a8f404
http://security.debian.org/pool/updates/main/x/xine-ui/xine-ui_0.99.3.orig.tar.gz
Size/MD5 checksum: 2610080 aa7805a93e511e3d67dc1bf09a71fcdd

Alpha architecture:

http://security.debian.org/pool/updates/main/x/xine-ui/xine-ui_0.99.3-1sarge1_alpha.deb
Size/MD5 checksum: 1877496 56392abc6057d656c041bfbad49976ad

AMD64 architecture:

http://security.debian.org/pool/updates/main/x/xine-ui/xine-ui_0.99.3-1sarge1_amd64.deb
Size/MD5 checksum: 1766792 b093fcc76082ac6e95518f2ec9a27bd9

ARM architecture:

http://security.debian.org/pool/updates/main/x/xine-ui/xine-ui_0.99.3-1sarge1_arm.deb
Size/MD5 checksum: 1711066 856ce425a4db60d0d043b95ad0a7ec18

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/x/xine-ui/xine-ui_0.99.3-1sarge1_i386.deb
Size/MD5 checksum: 1731748 5f971967308012850fecd3c9362cec9b

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/x/xine-ui/xine-ui_0.99.3-1sarge1_ia64.deb
Size/MD5 checksum: 2041594 6f37253dad654f31f5bd12c2109e5726

HP Precision architecture:

http://security.debian.org/pool/updates/main/x/xine-ui/xine-ui_0.99.3-1sarge1_hppa.deb
Size/MD5 checksum: 1682926 1ac6f7faa43469e805c01be3d8756a2b

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/x/xine-ui/xine-ui_0.99.3-1sarge1_m68k.deb
Size/MD5 checksum: 1588564 baea2fa096194f491dcf2438cfa489c7

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/x/xine-ui/xine-ui_0.99.3-1sarge1_mips.deb
Size/MD5 checksum: 1762350 fbbaa304745c86021a0ffe463530a573

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/x/xine-ui/xine-ui_0.99.3-1sarge1_mipsel.deb
Size/MD5 checksum: 1762594 6399a62f5e919c04333a2c5533e64cc0

PowerPC architecture:

http://security.debian.org/pool/updates/main/x/xine-ui/xine-ui_0.99.3-1sarge1_powerpc.deb
Size/MD5 checksum: 1776176 387dfa9a66f0fa3e26e9d26b5cc3aed0

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/x/xine-ui/xine-ui_0.99.3-1sarge1_s390.deb
Size/MD5 checksum: 1742376 b41686f1d871c498d6f4185736317ff2

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/x/xine-ui/xine-ui_0.99.3-1sarge1_sparc.deb
Size/MD5 checksum: 1761044 f37b88d9d0a99ee2a6be783e403d634c


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEiFuZW5ql+IAeqTIRAsHoAJwOG55xMoMf0JNrQTSU4/uNdfVEVgCfeLsx
zfvwQpHmp7D9/42WzafrNjU=
=Ac3t
-----END PGP SIGNATURE-----

4.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1094-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
June 8th, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package : gforge
Vulnerability : missing input sanitising
Problem-Type : remote
Debian-specific: no
CVE ID : CVE-2005-2430
Debian Bug : 328224

Joxean Koret discovered several cross-site scripting vulnerabilities in
Gforge, an online collaboration suite for software development, which
allow injection of web script code.

The old stable distribution (woody) does not contain gforge packages.

For the stable distribution (sarge) this problem has been fixed in
version 3.1-31sarge1.

For the unstable distribution (sid) this problem has been fixed in
version 3.1-31sarge1.

We recommend that you upgrade your gforge package.


Upgrade Instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/g/gforge/gforge_3.1-31sarge1.dsc
Size/MD5 checksum: 868 0452baf77a8669801e5c218405eb4c9e
http://security.debian.org/pool/updates/main/g/gforge/gforge_3.1-31sarge1.diff.gz
Size/MD5 checksum: 288414 97f88bfe5581a40469e05ed66fc54568
http://security.debian.org/pool/updates/main/g/gforge/gforge_3.1.orig.tar.gz
Size/MD5 checksum: 1409879 c723b3a9efc016fd5449c4765d5de29c

Architecture independent components:

http://security.debian.org/pool/updates/main/g/gforge/gforge-common_3.1-31sarge1_all.deb
Size/MD5 checksum: 92806 ede5618a181e461a406de2dc50b6170a
http://security.debian.org/pool/updates/main/g/gforge/gforge-cvs_3.1-31sarge1_all.deb
Size/MD5 checksum: 98282 927bada7cf4d87f0963b6a0d4dbfb683
http://security.debian.org/pool/updates/main/g/gforge/gforge-db-postgresql_3.1-31sarge1_all.deb
Size/MD5 checksum: 146398 ae5600b12938d8bc47c947c48d408752
http://security.debian.org/pool/updates/main/g/gforge/gforge-dns-bind9_3.1-31sarge1_all.deb
Size/MD5 checksum: 72456 7408e95a4db4353731eacd8bf274e8bc
http://security.debian.org/pool/updates/main/g/gforge/gforge-ftp-proftpd_3.1-31sarge1_all.deb
Size/MD5 checksum: 59784 6e357bc18e5265c2f3ac302859a00892
http://security.debian.org/pool/updates/main/g/gforge/gforge-ldap-openldap_3.1-31sarge1_all.deb
Size/MD5 checksum: 70378 973ded7bd24d7aaa1dfd9cdc0d931ad5
http://security.debian.org/pool/updates/main/g/gforge/gforge-lists-mailman_3.1-31sarge1_all.deb
Size/MD5 checksum: 58032 1a6a3a1970ebc40751620f7eb9496143
http://security.debian.org/pool/updates/main/g/gforge/gforge-mta-exim4_3.1-31sarge1_all.deb
Size/MD5 checksum: 64966 a9e7b482891a637d92eb73e44f5b9550
http://security.debian.org/pool/updates/main/g/gforge/gforge-mta-exim_3.1-31sarge1_all.deb
Size/MD5 checksum: 64490 408e9f6f06dbfbcb766285a8dfc42d6c
http://security.debian.org/pool/updates/main/g/gforge/gforge-mta-postfix_3.1-31sarge1_all.deb
Size/MD5 checksum: 64580 16a2613639daa916d669cc376085e78a
http://security.debian.org/pool/updates/main/g/gforge/gforge-shell-ldap_3.1-31sarge1_all.deb
Size/MD5 checksum: 60932 5f9bd90fa83c17088fe250c5cd82b251
http://security.debian.org/pool/updates/main/g/gforge/gforge-sourceforge-transition_3.1-31sarge1_all.deb
Size/MD5 checksum: 59046 1614549a1d31c8f6054858c94043efa6
http://security.debian.org/pool/updates/main/g/gforge/gforge-web-apache_3.1-31sarge1_all.deb
Size/MD5 checksum: 1104456 7a7901b7a5561c81fa46791cbab68cb3
http://security.debian.org/pool/updates/main/g/gforge/gforge_3.1-31sarge1_all.deb
Size/MD5 checksum: 56332 318db8262b47625a9b356ff366743035
http://security.debian.org/pool/updates/main/g/gforge/sourceforge_3.1-31sarge1_all.deb
Size/MD5 checksum: 55784 7797f135a0456ee0366afe249ffdd4ce


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEiIY3Xm3vHE4uyloRAjP7AKCVFS1twpWKvvvOVbfNKngqqbZtQwCgwxli
BAlnED53MVKamSf8lMxxNrg=
=lrvS
-----END PGP SIGNATURE-----
  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |