Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > August 2006 > SA 1130-1 sitebar, DSA 1131-1 apache, DSA 1132-1 apache2, DSA 1133-1 mantis, DSA 1134-1 mozilla-thunderbird, DSA 1135-1 libtunepimp

August 2006

SA 1130-1 sitebar, DSA 1131-1 apache, DSA 1132-1 apache2, DSA 1133-1 mantis, DSA 1134-1 mozilla-thunderbird, DSA 1135-1 libtunepimp

ID: 00523
Ref: 504/2006
Date: 02 August 2006:10:39:59
Version: 1
Title: SA 1130-1 sitebar, DSA 1131-1 apache, DSA 1132-1 apache2, DSA 1133-1 mantis, DSA 1134-1 mozilla-thunderbird, DSA 1135-1 libtunepimp
Abstract: Multiple updates for vulnerabilities found in sitebar, apache, apache2, mantis, mozilla-thunderbird, and libtunepimp
Vendors affected: Debian
Operating systems affected: Debian
Applications affected: Debian

1.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1130-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
July 30th, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package : sitebar
Vulnerability : missing input validation
Problem type : remote
Debian-specific: no
CVE ID : CVE-2006-3320
BugTraq ID : 18680
Debian Bug : 377299

A a cross-site scripting vulnerability has been discovered in sitebar,
a web based bookmark manager written in PHP, which allows remote
attackers to inject arbitrary web script or HTML.

For the stable distribution (sarge) this problem has been fixed in
version 3.2.6-7.1.

For the unstable distribution (sid) this problem has been fixed in
version 3.3.8-1.1.

We recommend that you upgrade your sitebar package.


Upgrade Instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/s/sitebar/sitebar_3.2.6-7.1.dsc
Size/MD5 checksum: 567 af6299567258255742c9289ead8618e4
http://security.debian.org/pool/updates/main/s/sitebar/sitebar_3.2.6-7.1.diff.gz
Size/MD5 checksum: 9214 2309667ac14ea821c7a1ba14b8a59916
http://security.debian.org/pool/updates/main/s/sitebar/sitebar_3.2.6.orig.tar.gz
Size/MD5 checksum: 333352 a86243f7a70a1a9ac80342fbcca14297

Architecture independent components:

http://security.debian.org/pool/updates/main/s/sitebar/sitebar_3.2.6-7.1_all.deb
Size/MD5 checksum: 339760 98d388ce2b2c8d746d333f6286e22c0b


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEz2z0W5ql+IAeqTIRAnRrAJ9IALHV10MpVab3Fflkmfx82mfCngCeLHCd
oXpZb7Bj2WJkHIec2iIadfs=
=2c7k
-----END PGP SIGNATURE-----


2.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1131-1 security@debian.org
http://www.debian.org/security/ Steve Kemp
Aug 1st, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package : apache
Vulnerability : buffer overflow
Problem-Type : remote
Debian-specific: no
CVE ID : CVE-2006-3747
CERT advisory : VU#395412
Debian Bug : 380231

Mark Dowd discovered a buffer overflow in the mod_rewrite component of
apache, a versatile high-performance HTTP server. In some situations a
remote attacker could exploit this to execute arbitary code.

For the stable distribution (sarge) this problem has been fixed in version 1.3.33-6sarge2.

For the unstable distribution (sid) this problems will be fixed shortly.

We recommend that you upgrade your apache package.


Upgrade Instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------


Source archives:

http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge2.dsc
Size/MD5 checksum: 1119 8188c2fe660d475970139af295b07b86
http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge2.diff.gz
Size/MD5 checksum: 372930 40c5ca3d91d1307a191915459bc94237
http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33.orig.tar.gz
Size/MD5 checksum: 3105683 1a34f13302878a8713a2ac760d9b6da8

Architecture independent components:

http://security.debian.org/pool/updates/main/a/apache/apache-dev_1.3.33-6sarge2_all.deb
Size/MD5 checksum: 334562 a6a506713c09c27143feffe738aed3f9
http://security.debian.org/pool/updates/main/a/apache/apache-doc_1.3.33-6sarge2_all.deb
Size/MD5 checksum: 1332888 f24fa9421e8dc9acec2467b58468f2dd
http://security.debian.org/pool/updates/main/a/apache/apache-utils_1.3.33-6sarge2_all.deb
Size/MD5 checksum: 212626 b9a5198ee442212cdd248be8827400a1

Alpha architecture:

http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge2_alpha.deb
Size/MD5 checksum: 428152 a58caae837e1025d97cf44bf8fb23f0f
http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge2_alpha.deb
Size/MD5 checksum: 904242 ce2a0e4b97c1926dafdf31e589883995
http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge2_alpha.deb
Size/MD5 checksum: 9223072 182f1789104e294f72fede75dc13b875
http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge2_alpha.deb
Size/MD5 checksum: 569406 185346b21b2adbc248a06f689f094b97
http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge2_alpha.deb
Size/MD5 checksum: 542576 dfe389cdb48d38ee2a27a3a622a6c6e0
http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge2_alpha.deb
Size/MD5 checksum: 505050 36759af8debeceeebdd083a337e590cb

AMD64 architecture:

http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge2_amd64.deb
Size/MD5 checksum: 401466 6d45b8e9a23382f6b2eadc28af28e4a4
http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge2_amd64.deb
Size/MD5 checksum: 876652 7474a08ccd74235787761b8e1ffe8c0e
http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge2_amd64.deb
Size/MD5 checksum: 9162572 b55d8df232edbd900372fe339a065fd1
http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge2_amd64.deb
Size/MD5 checksum: 524410 41142b30d22c99476977c339cf071504
http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge2_amd64.deb
Size/MD5 checksum: 513708 5377d3aa2ad92e07db2654d3fd3761d1
http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge2_amd64.deb
Size/MD5 checksum: 492544 2d15619f2db2d39d6abdaf25574fbf4c

ARM architecture:

http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge2_arm.deb
Size/MD5 checksum: 384260 7785f5fa4d814bd1a1ec946fe007ec53
http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge2_arm.deb
Size/MD5 checksum: 841372 83ed59ba296d64b5b6731c3a57902810
http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge2_arm.deb
Size/MD5 checksum: 8985914 50fc722807a399105950b15e5eaba3b3
http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge2_arm.deb
Size/MD5 checksum: 495910 f7d7a9218c3bdabbf0982b3ec563bca6
http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge2_arm.deb
Size/MD5 checksum: 489556 7645d9195f00f4bf0c655eefaf971dff
http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge2_arm.deb
Size/MD5 checksum: 479280 e689e83904766cf209049c39fe3ee2d1

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge2_i386.deb
Size/MD5 checksum: 386664 0f0192626abd5a456bf7b6d43f9f1708
http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge2_i386.deb
Size/MD5 checksum: 860158 60891f21e526885833f7f7fcf43c92e4
http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge2_i386.deb
Size/MD5 checksum: 9124844 9d2e020813d5298c3f4d62dcd8ec6aaa
http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge2_i386.deb
Size/MD5 checksum: 504860 a084ffd32a38948db9dd0692ead50eeb
http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge2_i386.deb
Size/MD5 checksum: 493690 c442e0c156f98044c20a665d989aeca0
http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge2_i386.deb
Size/MD5 checksum: 486804 3862e6781f044fc2c4ae24170f47fe6f

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge2_ia64.deb
Size/MD5 checksum: 463372 13eb11e0de167d54b6606605ae1ff0f6
http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge2_ia64.deb
Size/MD5 checksum: 971834 2be725f2e6b84c10c512a0d804480e33
http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge2_ia64.deb
Size/MD5 checksum: 9355772 3b5d28d3d2531719d46c23920dd3e94c
http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge2_ia64.deb
Size/MD5 checksum: 627356 247a7da511dae2d5e698f2b424fe24c5
http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge2_ia64.deb
Size/MD5 checksum: 585922 aa5d4b2f9bcefe026da9168170e0c819
http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge2_ia64.deb
Size/MD5 checksum: 532826 9b9c3b43b6e85e92dd2c064871f7d9f3

HP Precision architecture:

http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge2_hppa.deb
Size/MD5 checksum: 406614 50c84b8682cd3b8af4e0eceaf7fd505a
http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge2_hppa.deb
Size/MD5 checksum: 905560 b02464bd2a9c5ca732e0c4f9208baee0
http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge2_hppa.deb
Size/MD5 checksum: 9100908 4516c9ad78527b3cb2be9daef76e9566
http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge2_hppa.deb
Size/MD5 checksum: 536024 e8ab5a278d1424ef9d68c155ae3a7ab8
http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge2_hppa.deb
Size/MD5 checksum: 518824 c6befb0053d4ed7daa9e9f3d1538bbb6
http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge2_hppa.deb
Size/MD5 checksum: 508750 6beec32a45b93df126f4973619c6076a

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge2_m68k.deb
Size/MD5 checksum: 371072 d4f978e09502b619b7933e23290eaf5e
http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge2_m68k.deb
Size/MD5 checksum: 847234 8ca3d2d72183081217ae742327dd49f7
http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge2_m68k.deb
Size/MD5 checksum: 8973668 e6614fd4445efa2a29002d5f02d0b7c5
http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge2_m68k.deb
Size/MD5 checksum: 448692 e2024a331a75dabd3ff86927a1883cbc
http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge2_m68k.deb
Size/MD5 checksum: 477360 43f62ac274ccd93160d1db6d3110ebe6
http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge2_m68k.deb
Size/MD5 checksum: 489432 df5d49e0e858809966e4395cdfcab073

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge2_mips.deb
Size/MD5 checksum: 403276 4ff63b289978627f3db22de263e158ef
http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge2_mips.deb
Size/MD5 checksum: 851592 3e0d11bf481c1378ff776062dc2eed70
http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge2_mips.deb
Size/MD5 checksum: 9048564 aa4a667fdc83d41e739b69c949967929
http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge2_mips.deb
Size/MD5 checksum: 485152 0672cc250050d8e0e571ced7cb4420a0
http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge2_mips.deb
Size/MD5 checksum: 509872 09572aa1dd63bd7b1bff9b61d5752358
http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge2_mips.deb
Size/MD5 checksum: 443532 6efd073b42b13599960f29ff9263892a

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge2_mipsel.deb
Size/MD5 checksum: 403652 6906feb21ddb7af2a5ec9d4c2ccd874c
http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge2_mipsel.deb
Size/MD5 checksum: 849942 5786e24b7849df4eea36f3d3da80a82a
http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge2_mipsel.deb
Size/MD5 checksum: 9054052 f0d853c8399534429fcd2a3463016ef1
http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge2_mipsel.deb
Size/MD5 checksum: 485376 9001e3d37ac660635946eb066e50ec78
http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge2_mipsel.deb
Size/MD5 checksum: 510664 398e615c936d6e72bb443ce3550e57e2
http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge2_mipsel.deb
Size/MD5 checksum: 443422 e3a6f0ca68df1d8e8f26eef8f23b2822

PowerPC architecture:

http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge2_powerpc.deb
Size/MD5 checksum: 398666 29de2415f45cd033d04c28be500664ee
http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge2_powerpc.deb
Size/MD5 checksum: 921400 c36acb601638cb0a9961a2f5d95fcb28
http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge2_powerpc.deb
Size/MD5 checksum: 9252458 aa5f5cdc62365a6951cb6a67e005dc34
http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge2_powerpc.deb
Size/MD5 checksum: 515350 0d654fea1e92be4c2bb1375b6a51c060
http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge2_powerpc.deb
Size/MD5 checksum: 510372 15269ec946e59741172a69c8e7ea7557
http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge2_powerpc.deb
Size/MD5 checksum: 490708 2b1e1ae12a9cb2e8f59b6b8b219d7f9e

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge2_s390.deb
Size/MD5 checksum: 403204 73201862887af010def1edf24d22594d
http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge2_s390.deb
Size/MD5 checksum: 868450 b84df926a3235d152d8f7f35aa3394ae
http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge2_s390.deb
Size/MD5 checksum: 9183050 1cf5c335b2cf863898c0c84e4e150776
http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge2_s390.deb
Size/MD5 checksum: 490090 b361f3cf52b919b5e92d96f92a77270a
http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge2_s390.deb
Size/MD5 checksum: 514442 d3374e5f0d5cb468409795a1a7c9b8b3
http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge2_s390.deb
Size/MD5 checksum: 460466 bf56d745cf3b78e3ade0204a718417c6

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge2_sparc.deb
Size/MD5 checksum: 385534 020faf78c7c61702c94d10eb03a07e37
http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge2_sparc.deb
Size/MD5 checksum: 849304 2cffd052a21ba9306ebadf4af2f6b734
http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge2_sparc.deb
Size/MD5 checksum: 9046234 f32d81e7736df5b65bf9912506b03466
http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge2_sparc.deb
Size/MD5 checksum: 504168 e3a5510199db8f05f5a6f3028b82ef11
http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge2_sparc.deb
Size/MD5 checksum: 491970 4f9732af9bcf8e6ecc54cb24f65b7d0b
http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge2_sparc.deb
Size/MD5 checksum: 490256 9c6e61c66d2f8641680f6f7dfe7316fe


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFEzzCzwM/Gs81MDZ0RAqM9AJ9pezh9ub2VryJ8X13FpiWm0THOwQCgmd4w
Qf4EYm8EnwbI7VB7WmKq7V4=
=JjUs
-----END PGP SIGNATURE-----


3.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1132-1 security@debian.org
http://www.debian.org/security/ Steve Kemp
Aug 1st, 2005 http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package : apache2
Vulnerability : buffer overflow
Problem-Type : remote
Debian-specific: no
CVE ID : CVE-2006-3747
CERT advisory : VU#395412
Debian Bug : 380182

Mark Dowd discovered a buffer overflow in the mod_rewrite component of
apache, a versatile high-performance HTTP server. In some situations a
remote attacker could exploit this to execute arbitary code.

For the stable distribution (sarge) this problem has been fixed in
version 2.0.54-5sarge1.

For the unstable distribution (sid) this problem will be fixed shortly.

We recommend that you upgrade your apache2 package.


Upgrade Instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5sarge1.dsc
Size/MD5 checksum: 1153 4b2aeab1c5578a6879c1d036487c75a2
http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5sarge1.diff.gz
Size/MD5 checksum: 110080 57c824fbbbae3fa68d504797fa8e6341
http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54.orig.tar.gz
Size/MD5 checksum: 7493636 37d0d0a3e25ad93d37f0483021e70409

Architecture independent components:

http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.0.54-5sarge1_all.deb
Size/MD5 checksum: 3891046 f860e8207364bbbf05cfd81fa281508e
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-threadpool_2.0.54-5sarge1_all.deb
Size/MD5 checksum: 33564 7d974c7e0f38c6e31017e712f15214fd

Alpha architecture:

http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5sarge1_alpha.deb
Size/MD5 checksum: 33488 f36f397f92e8946d342d8b939a8e1f41
http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5sarge1_alpha.deb
Size/MD5 checksum: 865320 82e919111eccc60ed021aa196cc3cb00
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5sarge1_alpha.deb
Size/MD5 checksum: 246374 e6d9e455161bad25b178992b109c9375
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5sarge1_alpha.deb
Size/MD5 checksum: 241488 80524503bc76924132c26df38c61e5ad
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5sarge1_alpha.deb
Size/MD5 checksum: 245676 91eab40f8da34595f1a96c1b3c2254a3
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5sarge1_alpha.deb
Size/MD5 checksum: 167694 81b924d7aca297e86e600a3439d31d4a
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5sarge1_alpha.deb
Size/MD5 checksum: 168422 fa3bf3865b48d5a8324a6e6135ffaab1
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5sarge1_alpha.deb
Size/MD5 checksum: 97552 67c989219009488916ba16f399fa33fb
http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5sarge1_alpha.deb
Size/MD5 checksum: 155792 ff3355874d8b7fa7c6ad1c55f8eabb8c
http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5sarge1_alpha.deb
Size/MD5 checksum: 315260 ed3c2bc91b3be333c535aae01959f5f0

AMD64 architecture:

http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5sarge1_amd64.deb
Size/MD5 checksum: 33482 431da06ae2973e4ab7e6195652b4f8b6
http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5sarge1_amd64.deb
Size/MD5 checksum: 826686 3e2d13f95a82053ec6afa782ae62ffec
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5sarge1_amd64.deb
Size/MD5 checksum: 221350 7f3384834425befc9437ff16795fe827
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5sarge1_amd64.deb
Size/MD5 checksum: 216820 76034c08d148bf01b7eb72f5156fe2bc
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5sarge1_amd64.deb
Size/MD5 checksum: 220588 382bd5f3a47262c68c72566ae45aa005
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5sarge1_amd64.deb
Size/MD5 checksum: 167698 fb700ccba617ede30505a1a75f1528c1
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5sarge1_amd64.deb
Size/MD5 checksum: 168438 d0dd58b34bf5bb543f2bf9971bc30f17
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5sarge1_amd64.deb
Size/MD5 checksum: 92732 db6b4a3d3d2fa90a193c5d799b27161c
http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5sarge1_amd64.deb
Size/MD5 checksum: 137334 5318191c95c001866e475a9f8218a0d0
http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5sarge1_amd64.deb
Size/MD5 checksum: 278836 fd2955649002a6d3c4b6de7c9f18c794

ARM architecture:

http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5sarge1_arm.deb
Size/MD5 checksum: 33490 1584e54d81dbfc1d45f6208ad268903d
http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5sarge1_arm.deb
Size/MD5 checksum: 793694 233ea0fad9d5531cdc20182474c583fc
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5sarge1_arm.deb
Size/MD5 checksum: 202316 8916fa2da9d7740f4b1ac22f498bd47d
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5sarge1_arm.deb
Size/MD5 checksum: 197954 bbaefcea762f1600f0ba330d79d63b5e
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5sarge1_arm.deb
Size/MD5 checksum: 201344 c494ebb8a6662ebb777f9f615ea50579
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5sarge1_arm.deb
Size/MD5 checksum: 167706 ac66b709dbf32ea62406dd9131727f4b
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5sarge1_arm.deb
Size/MD5 checksum: 168440 bbb3c010fb98d9bc96da846cb57c1c80
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5sarge1_arm.deb
Size/MD5 checksum: 92652 92ac8c180bd95c8fcb4fbcc173fd93f9
http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5sarge1_arm.deb
Size/MD5 checksum: 122384 4802054d8d5b2f25d5b4ed32f2bbcad2
http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5sarge1_arm.deb
Size/MD5 checksum: 267920 02f1b191a308bdb9c4c9955a9a5170ea

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5sarge1_i386.deb
Size/MD5 checksum: 33486 7234f5717dbcbb800e90949d63cc1ddc
http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5sarge1_i386.deb
Size/MD5 checksum: 812294 87b7c53659af00252c76484d030b76dd
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5sarge1_i386.deb
Size/MD5 checksum: 206644 f27a272c1e7c8a64fe3099e81879afe5
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5sarge1_i386.deb
Size/MD5 checksum: 202834 e9c259b62700c20aa0a123aac7ef8468
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5sarge1_i386.deb
Size/MD5 checksum: 206402 0b12002711a684dee34a6f158c08b008
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5sarge1_i386.deb
Size/MD5 checksum: 168868 9905d2bd31aaf49cb4c522a7130fc53e
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5sarge1_i386.deb
Size/MD5 checksum: 169670 6bdf51222903fb1af0a1950e8f02e7e6
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5sarge1_i386.deb
Size/MD5 checksum: 90916 15031d3164bf986a7d321d67f6f872f7
http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5sarge1_i386.deb
Size/MD5 checksum: 130372 f3aa36ce42aca7c552630338b70c4147
http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5sarge1_i386.deb
Size/MD5 checksum: 260374 ffbe645e8c6762205148f7aa8656a3c7

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5sarge1_ia64.deb
Size/MD5 checksum: 33486 0cd1947abffb3793f6c0dc7690632573
http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5sarge1_ia64.deb
Size/MD5 checksum: 973648 7522385d947774e00a2b0f9c8586cc11
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5sarge1_ia64.deb
Size/MD5 checksum: 289276 bace1a0298d9336892bedbdc708f35ec
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5sarge1_ia64.deb
Size/MD5 checksum: 281296 6495947c25e20f5459d44980378420f7
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5sarge1_ia64.deb
Size/MD5 checksum: 287876 d63b895f7d31859642932ef11521120b
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5sarge1_ia64.deb
Size/MD5 checksum: 167676 ae253a0de588b5f3c75cd0139c23b94e
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5sarge1_ia64.deb
Size/MD5 checksum: 168418 b9a670874ff49ad8016ce34f65db75ca
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5sarge1_ia64.deb
Size/MD5 checksum: 106404 02c8d485338f0f86e61769bedfd1195e
http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5sarge1_ia64.deb
Size/MD5 checksum: 177836 5f1d653818331006ad992b9f29fec1c3
http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5sarge1_ia64.deb
Size/MD5 checksum: 328478 565500d14485fdfc229d31094477d79d

HP Precision architecture:

http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5sarge1_hppa.deb
Size/MD5 checksum: 33488 c097912333905a2634218aca2f925af4
http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5sarge1_hppa.deb
Size/MD5 checksum: 880192 bbf9181e42bf15946ea823bd4c60187a
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5sarge1_hppa.deb
Size/MD5 checksum: 228778 3f678491b1a4cdf7087ba3f7b579d2e4
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5sarge1_hppa.deb
Size/MD5 checksum: 222784 53c3247eb337389bf5610ffdc12101aa
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5sarge1_hppa.deb
Size/MD5 checksum: 227604 a55def8a3be473430a5add57f74a9e3e
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5sarge1_hppa.deb
Size/MD5 checksum: 167694 d986e8cc3ad0512e9e37d9d22209df6a
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5sarge1_hppa.deb
Size/MD5 checksum: 168436 77ed5eaaad9378052171f6317ba7f3b0
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5sarge1_hppa.deb
Size/MD5 checksum: 98822 048922c9ca8664f57b80c2f45f401d7f
http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5sarge1_hppa.deb
Size/MD5 checksum: 144996 20192edf00b0449ef13a9c104750c1fb
http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5sarge1_hppa.deb
Size/MD5 checksum: 285012 86cf97e94f01f18e3c2263d94eb3f4f2

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5sarge1_m68k.deb
Size/MD5 checksum: 33496 7ed8701d7c988c636a45eb66ea558b11
http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5sarge1_m68k.deb
Size/MD5 checksum: 783354 bbd0d75542a89db2b9af3fda0801251b
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5sarge1_m68k.deb
Size/MD5 checksum: 188908 1798d4afe93c070b947be8d80097a3a5
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5sarge1_m68k.deb
Size/MD5 checksum: 185514 1c0bf8a9a6f173753080c77af11fde0b
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5sarge1_m68k.deb
Size/MD5 checksum: 188314 c188c7e4ab5c0bd9af90e3cce04cb119
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5sarge1_m68k.deb
Size/MD5 checksum: 167770 7c804084f4c5104ea0e1759664bfc950
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5sarge1_m68k.deb
Size/MD5 checksum: 168494 46bb18ed1ad60faee0356fcf927a8d7e
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5sarge1_m68k.deb
Size/MD5 checksum: 88058 4dd93405f96d8a1504403b5e807ed11d
http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5sarge1_m68k.deb
Size/MD5 checksum: 117584 c02517bf4a19a576ceb5eb53788b8ddb
http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5sarge1_m68k.deb
Size/MD5 checksum: 250068 f9858a08d86d3c5da03ce9ab5742c807

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5sarge1_mips.deb
Size/MD5 checksum: 33492 99198a05154084edcf0a023b4178c174
http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5sarge1_mips.deb
Size/MD5 checksum: 807540 b5be0b94c36ef91ad37f8e97ee38da6b
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5sarge1_mips.deb
Size/MD5 checksum: 217966 40962c3bb0de39504e18a3e4d17960d4
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5sarge1_mips.deb
Size/MD5 checksum: 213184 17b42ce494efe8d695083b65c18bd04f
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5sarge1_mips.deb
Size/MD5 checksum: 217340 af8e8d55645e3f8515838cc6a4d0b96a
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5sarge1_mips.deb
Size/MD5 checksum: 167712 62bcc19fbe039422058de75fac9ef8a2
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5sarge1_mips.deb
Size/MD5 checksum: 168456 97347f55c5ca750159492a5e9fef0f05
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5sarge1_mips.deb
Size/MD5 checksum: 103016 7dfdbeb967d4db76535e326fe3bbe831
http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5sarge1_mips.deb
Size/MD5 checksum: 134456 fefc232dee0333abe758f480922e485a
http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5sarge1_mips.deb
Size/MD5 checksum: 286508 e450f3a5c862321728f126fd27e67da8

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5sarge1_mipsel.deb
Size/MD5 checksum: 33492 a0beae9521a8681328ed01833936c7e6
http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5sarge1_mipsel.deb
Size/MD5 checksum: 807356 efa828902d16f408dc2fb75344a02484
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5sarge1_mipsel.deb
Size/MD5 checksum: 217238 f61a494fe69366f8f0f319ec622c125d
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5sarge1_mipsel.deb
Size/MD5 checksum: 212602 1e168ac088ef73b5a9ae213eaed0e65b
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5sarge1_mipsel.deb
Size/MD5 checksum: 216474 4da5c94813eb4c75e4c39e464b459286
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5sarge1_mipsel.deb
Size/MD5 checksum: 167712 91d4f8ca1a018c1d772d2436a40c264a
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5sarge1_mipsel.deb
Size/MD5 checksum: 168454 810be6456b1b49e29c2ad063677df5d7
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5sarge1_mipsel.deb
Size/MD5 checksum: 102908 4053b03ba06284397e0a2e049ac0b07e
http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5sarge1_mipsel.deb
Size/MD5 checksum: 134504 4cf1d17baaceacbd49aff1a5f0386eb9
http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5sarge1_mipsel.deb
Size/MD5 checksum: 287146 327a38414b6477d2bfc899b6c36814a4

PowerPC architecture:

http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5sarge1_powerpc.deb
Size/MD5 checksum: 33488 a02c59618834f05f05875bfb44db86a8
http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5sarge1_powerpc.deb
Size/MD5 checksum: 856080 7f25f6e8e6e6861106e349f49de39f3f
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5sarge1_powerpc.deb
Size/MD5 checksum: 214658 4542ef6b2b9b2cad21c9b43cc090cc20
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5sarge1_powerpc.deb
Size/MD5 checksum: 209732 a77570da8616c950a61c3e1f1774d263
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5sarge1_powerpc.deb
Size/MD5 checksum: 213720 0187a654fc3972354c4b1ce9f25b298e
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5sarge1_powerpc.deb
Size/MD5 checksum: 167700 23b513fe1438e05bfb285c6b2ba5fa88
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5sarge1_powerpc.deb
Size/MD5 checksum: 168438 2fdbfc52471761f05ac81c88104df718
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5sarge1_powerpc.deb
Size/MD5 checksum: 102074 e3e2f1cce29967a7f16d482c5a12f31e
http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5sarge1_powerpc.deb
Size/MD5 checksum: 134326 a065ca58466cb424e6fdecf4916a34ab
http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5sarge1_powerpc.deb
Size/MD5 checksum: 272016 1036f4767ca54dcf7f9ea8a0ccd7219b

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5sarge1_s390.deb
Size/MD5 checksum: 33484 be5320d7ff7f2535f2c2afcc1c1a0017
http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5sarge1_s390.deb
Size/MD5 checksum: 836920 0217fc29e0cd0c73ffc16321ac76ee67
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5sarge1_s390.deb
Size/MD5 checksum: 223934 b8fe548deef75a8474c513ffeaef612b
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5sarge1_s390.deb
Size/MD5 checksum: 219814 03b24d5271b0d0392de3cae6a8b2cddc
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5sarge1_s390.deb
Size/MD5 checksum: 223316 b19825c6436769e45e9ff4b304893e0a
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5sarge1_s390.deb
Size/MD5 checksum: 167674 b927beaf64fcf061278749e9112f606b
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5sarge1_s390.deb
Size/MD5 checksum: 168406 2a691c0d5a113e67dbe4428f33850b55
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5sarge1_s390.deb
Size/MD5 checksum: 95882 f4f2d57ef253b639334593daee4ea458
http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5sarge1_s390.deb
Size/MD5 checksum: 145992 524ec24014483b5380e1f498fc96eb71
http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5sarge1_s390.deb
Size/MD5 checksum: 275226 812a50d7371049f438c8469dd72aaab7

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5sarge1_sparc.deb
Size/MD5 checksum: 33492 e1759ef13bc51722b31ac10f9469ab11
http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5sarge1_sparc.deb
Size/MD5 checksum: 802626 7936568d0f0220d40a0c24c020188e92
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5sarge1_sparc.deb
Size/MD5 checksum: 205614 75b026656494f526a4c53c7202ef4a85
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5sarge1_sparc.deb
Size/MD5 checksum: 200878 a9195c31cdba9cd787cad14eba216719
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5sarge1_sparc.deb
Size/MD5 checksum: 204536 f0f6b6b0b5e4222e35deb55b955c1241
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5sarge1_sparc.deb
Size/MD5 checksum: 167688 1f9b82c2aa5ef014de1a00279fba8acc
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5sarge1_sparc.deb
Size/MD5 checksum: 168428 1055661a5018ca3698a508dac343a5ef
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5sarge1_sparc.deb
Size/MD5 checksum: 91002 a2c433609f36de5d6d0e8ae5ad367fb2
http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5sarge1_sparc.deb
Size/MD5 checksum: 123598 5739e26b7619a2a36a0541288b45e91a
http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5sarge1_sparc.deb
Size/MD5 checksum: 260480 d21565096a339f3e4cbff58cf5deb352


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFEz091wM/Gs81MDZ0RAm7XAJ9RfePMZ5SeJj07/5hZRYJExSNs8QCfd7ak
XbcmFaJ79jabp0d3jvc2RQE=
=Gaio
-----END PGP SIGNATURE-----


4.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1133-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
August 1st, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package : mantis
Vulnerability : missing input sanitising
Problem-Type : remote
Debian-specific: no
CVE ID : CVE-2006-0664 CVE-2006-0665 CVE-2006-0841 CVE-2006-1577
Debian Bug : 361138 378353

Several remote vulnerabilities have been discovered in the Mantis bug
tracking system, which may lead to the execution of arbitrary web script.
The Common Vulnerabilities and Exposures project identifies the following
problems:

CVE-2006-0664

A cross-site scripting vulnerability was discovered in
config_defaults_inc.php.

CVE-2006-0665

Cross-site scripting vulnerabilities were discovered in query_store.php
and manage_proj_create.php.

CVE-2006-0841

Multiple cross-site scripting vulnerabilities were discovered in
view_all_set.php, manage_user_page.php, view_filters_page.php and
proj_doc_delete.php.

CVE-2006-1577

Multiple cross-site scripting vulnerabilities were discovered in
view_all_set.php.

For the stable distribution (sarge) these problems have been fixed in
version 0.19.2-5sarge4.1.

For the unstable distribution (sid) these problems have been fixed in
version 0.19.4-3.1.

We recommend that you upgrade your mantis package.


Upgrade Instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/m/mantis/mantis_0.19.2-5sarge4.1.dsc
Size/MD5 checksum: 586 186850cfa7493513907212591d8c550b
http://security.debian.org/pool/updates/main/m/mantis/mantis_0.19.2-5sarge4.1.diff.gz
Size/MD5 checksum: 42068 74a6598eff0b5f741df8c768c060edc4
http://security.debian.org/pool/updates/main/m/mantis/mantis_0.19.2.orig.tar.gz
Size/MD5 checksum: 1298615 042c42c6de3bc536181391c1e9b25db3

Architecture independent components:

http://security.debian.org/pool/updates/main/m/mantis/mantis_0.19.2-5sarge4.1_all.deb
Size/MD5 checksum: 897142 6a94215892b6efedd61e042973060022

These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEz7cQXm3vHE4uyloRArHrAJ0ciGLJ5PM/Uzdw3QqKJOQ6Cb9e5wCfUpe2
Na9wvKwxWl0wLXMD//7BQbY=
=n6Lj
-----END PGP SIGNATURE-----


5.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1134-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
August 2nd, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package : mozilla-thunderbird
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE IDs : CVE-2006-1942 CVE-2006-2775 CVE-2006-2776 CVE-2006-2777
CVE-2006-2778 CVE-2006-2779 CVE-2006-2780 CVE-2006-2781
CVE-2006-2782 CVE-2006-2783 CVE-2006-2784 CVE-2006-2785
CVE-2006-2786 CVE-2006-2787
CERT advisories: VU#237257 VU#243153 VU#421529 VU#466673 VU#575969
BugTraq ID : 18228

Several security related problems have been discovered in Mozilla
which are also present in Mozilla Thunderbird. The Common
Vulnerabilities and Exposures project identifies the following
vulnerabilities:

CVE-2006-1942

Eric Foley discovered that a user can be tricked to expose a local
file to a remote attacker by displaying a local file as image in
connection with other vulnerabilities. [MFSA-2006-39]

CVE-2006-2775

XUL attributes are associated with the wrong URL under certain
circumstances, which might allow remote attackers to bypass
restrictions. [MFSA-2006-35]

CVE-2006-2776

Paul Nickerson discovered that content-defined setters on an
object prototype were getting called by privileged user interface
code, and "moz_bug_r_a4" demonstrated that the higher privilege
level could be passed along to the content-defined attack code.
[MFSA-2006-37]

CVE-2006-2777

A vulnerability allows remote attackers to execute arbitrary code
and create notifications that are executed in a privileged
context. [MFSA-2006-43]

CVE-2006-2778

Mikolaj Habryn a buffer overflow in the crypto.signText function
that allows remote attackers to execute arbitrary code via certain
optional Certificate Authority name arguments. [MFSA-2006-38]

CVE-2006-2779

Mozilla team members discovered several crashes during testing of
the browser engine showing evidence of memory corruption which may
also lead to the execution of arbitrary code. This problem has
only partially been corrected. [MFSA-2006-32]

CVE-2006-2780

An integer overflow allows remote attackers to cause a denial of
service and may permit the execution of arbitrary code.
[MFSA-2006-32]

CVE-2006-2781

Masatoshi Kimura discovered a double-free vulnerability that
allows remote attackers to cause a denial of service and possibly
execute arbitrary code via a VCard. [MFSA-2006-40]

CVE-2006-2782

Chuck McAuley discovered that a text input box can be pre-filled
with a filename and then turned into a file-upload control,
allowing a malicious website to steal any local file whose name
they can guess. [MFSA-2006-41, MFSA-2006-23, CVE-2006-1729]

CVE-2006-2783

Masatoshi Kimura discovered that the Unicode Byte-order-Mark (BOM)
is stripped from UTF-8 pages during the conversion to Unicode
before the parser sees the web page, which allows remote attackers
to conduct cross-site scripting (XSS) attacks. [MFSA-2006-42]

CVE-2006-2784

Paul Nickerson discovered that the fix for CAN-2005-0752 can be
bypassed using nested javascript: URLs, allowing the attacker to
execute privileged code. [MFSA-2005-34, MFSA-2006-36]

CVE-2006-2785

Paul Nickerson demonstrated that if an attacker could convince a
user to right-click on a broken image and choose "View Image" from
the context menu then he could get JavaScript to
run. [MFSA-2006-34]

CVE-2006-2786

Kazuho Oku discovered that Mozilla's lenient handling of HTTP
header syntax may allow remote attackers to trick the browser to
interpret certain responses as if they were responses from two
different sites. [MFSA-2006-33]

CVE-2006-2787

The Mozilla researcher "moz_bug_r_a4" discovered that JavaScript
run via EvalInSandbox can escape the sandbox and gain elevated
privilege. [MFSA-2006-31]

For the stable distribution (sarge) these problems have been fixed in
version 1.0.2-2.sarge1.0.8a.

For the unstable distribution (sid) these problems have been fixed in
version 1.5.0.4-1 and xulrunner 1.5.0.4-1 for galeon and epiphany.

We recommend that you upgrade your Mozilla Thunderbird packages.


Upgrade Instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8a.dsc
Size/MD5 checksum: 999 a7547d54f6c987d16db915709bc5fe44
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8a.diff.gz
Size/MD5 checksum: 453026 eb2d71ba5d15fe803784950a13a47563
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2.orig.tar.gz
Size/MD5 checksum: 33288906 806175393a226670aa66060452d31df4

Alpha architecture:

http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8a_alpha.deb
Size/MD5 checksum: 12842296 fa614356eb934f90ae45fa3ed9dd1539
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8a_alpha.deb
Size/MD5 checksum: 3278130 4cb654733bfccea8cd3c0df00b5def8c
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8a_alpha.deb
Size/MD5 checksum: 151082 c07a4daabd1c05a637520f9a094dc074
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8a_alpha.deb
Size/MD5 checksum: 32502 80579d205020032c49770ce3fc7141f6
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8a_alpha.deb
Size/MD5 checksum: 88350 3b3e525e54326e8e2d9af8b69904c3a8

AMD64 architecture:

http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8a_amd64.deb
Size/MD5 checksum: 12251804 deb4396f8cd09c132ff78052ff534f8a
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8a_amd64.deb
Size/MD5 checksum: 3279014 7d2f64aba52ea20a7b8cf16a66fff252
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8a_amd64.deb
Size/MD5 checksum: 150050 77fdbefdcd0aedbdbccac24e7c81f943
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8a_amd64.deb
Size/MD5 checksum: 32488 867701a09fd5bbac7acc1865fbe064b8
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8a_amd64.deb
Size/MD5 checksum: 88190 5bdde29214cc86cf4340ed9dd43c68d3

ARM architecture:

http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8a_arm.deb
Size/MD5 checksum: 10339868 a60a1c13491b2a0771c8e3517cd25dd8
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8a_arm.deb
Size/MD5 checksum: 3270162 22724283f230b50cf6a173520c420fc1
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8a_arm.deb
Size/MD5 checksum: 142198 7008892dc0bb9bca14978a7e1f09fde9
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8a_arm.deb
Size/MD5 checksum: 32512 3ac5306abd8ecbdd9ba981df3d61db68
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8a_arm.deb
Size/MD5 checksum: 80218 5514acae240f08b8a061176131d2fdb8

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8a_i386.deb
Size/MD5 checksum: 11565160 23e9aaa2f8f1a62bf43efb7bc815fdcf
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8a_i386.deb
Size/MD5 checksum: 3506098 169af4eda4ae283d48a0b1523b05bdd7
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8a_i386.deb
Size/MD5 checksum: 145716 e63141ba6a893db986bd0e9cbcc575e9
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8a_i386.deb
Size/MD5 checksum: 32480 2d23870e404431d77f83601ec81a7fda
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8a_i386.deb
Size/MD5 checksum: 86962 ea63c9a6e99a6895ad7eb1fe70363b22

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8a_ia64.deb
Size/MD5 checksum: 14618962 f0ae93cc731f61beb0599fac54445460
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8a_ia64.deb
Size/MD5 checksum: 3290490 2d16d23f8042bad1273b992861011349
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8a_ia64.deb
Size/MD5 checksum: 154412 1b39804a27f4b7dae90e92d7a39d4bb9
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8a_ia64.deb
Size/MD5 checksum: 32490 818339f4a6d9e98182975f9d1a834939
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8a_ia64.deb
Size/MD5 checksum: 106058 6b1214ef1b42a53af54389da726fd478

HP Precision architecture:

http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8a_hppa.deb
Size/MD5 checksum: 13561594 b7eb45b4c8829370a58b2d870021024e
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8a_hppa.deb
Size/MD5 checksum: 3283714 f65b93a3a73a3dfc62d6f024c259a1db
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8a_hppa.deb
Size/MD5 checksum: 152280 06e23e82444cacea77afdc87699f5773
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8a_hppa.deb
Size/MD5 checksum: 32496 06a10d18ef8a1bc84b89b3cc50e8cad5
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8a_hppa.deb
Size/MD5 checksum: 96308 076063aee6cf91541585b08fdf73a801

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8a_m68k.deb
Size/MD5 checksum: 10786352 e5c9c4cb536f92fc2cab024541460b8f
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8a_m68k.deb
Size/MD5 checksum: 3269592 909c5464deba45d965f5a0612f04becd
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8a_m68k.deb
Size/MD5 checksum: 143968 6e45eef4d3241039abe41a638e9f34df
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8a_m68k.deb
Size/MD5 checksum: 32522 494885109459853538c84e47c21635ec
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8a_m68k.deb
Size/MD5 checksum: 81442 c978cb34ab778b06385814cd4ad51056

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8a_mips.deb
Size/MD5 checksum: 11941536 ddf753469c129bf3fd2681a9bbc5e81a
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8a_mips.deb
Size/MD5 checksum: 3277166 1f3efa2d140a400ad98b73ba33f6e35c
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8a_mips.deb
Size/MD5 checksum: 146966 a5e221ce8c30ee3a12c1a3d6603c52dd
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8a_mips.deb
Size/MD5 checksum: 32496 05e84094b89573c4aafac9b414bb0d34
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8a_mips.deb
Size/MD5 checksum: 83704 a1006bc20c63a7d51607cc3249a88677

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8a_mipsel.deb
Size/MD5 checksum: 11806560 dccdeef719f40ee45b6ea11a2e1d5675
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8a_mipsel.deb
Size/MD5 checksum: 3278332 12657ea860ed91f17750e30458526dc9
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8a_mipsel.deb
Size/MD5 checksum: 146522 b528200933d5bcb366959bfb21015b1b
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8a_mipsel.deb
Size/MD5 checksum: 32496 5956a48e052e31695346398197734eef
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8a_mipsel.deb
Size/MD5 checksum: 83552 a0a0035eadfb314ebd90a21f4e888275

PowerPC architecture:

http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8a_powerpc.deb
Size/MD5 checksum: 10903816 1590ee6c726500d5cb4f037d29e0a8f8
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8a_powerpc.deb
Size/MD5 checksum: 3268272 67789b6af42f2b76d578377cc4ff9f3d
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8a_powerpc.deb
Size/MD5 checksum: 144024 3617dbb5b65f5c1d4317b09626f0be5f
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8a_powerpc.deb
Size/MD5 checksum: 32500 5807e7e4389796a8dd1b79c9ae07f051
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8a_powerpc.deb
Size/MD5 checksum: 80232 5f4d117d2108a7c0ab683e6b2756a701

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8a_s390.deb
Size/MD5 checksum: 12697106 ba9085a2f7203579f62e288e3f1dd7ee
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8a_s390.deb
Size/MD5 checksum: 3278522 7b17ff2d80845368acdf7263c1affc50
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8a_s390.deb
Size/MD5 checksum: 150324 943c02d94e672ec2fe94c1303ee2679d
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8a_s390.deb
Size/MD5 checksum: 32484 2cbf34e4da8492fe773465378e069ca6
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8a_s390.deb
Size/MD5 checksum: 88194 e7ccfa32631e9acd0e96146f9c49a176

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8a_sparc.deb
Size/MD5 checksum: 11167620 d493999d1fe3f28b0adef98731003ad7
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8a_sparc.deb
Size/MD5 checksum: 3273616 2e75bfd4a38e0e92de802c7ed5560f90
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8a_sparc.deb
Size/MD5 checksum: 143680 402f90dc28004eb5c6777d1e13946c55
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8a_sparc.deb
Size/MD5 checksum: 32500 0534fcca42cbc508c633ec090b875bb1
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8a_sparc.deb
Size/MD5 checksum: 82040 ca4a06228ba6980a44b8df8c37b94b0c



These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFE0DxmW5ql+IAeqTIRAsp1AJ97nYmTTJkiBndiQOOgXsV+qpmykACfZJdd
ku2AHbUfjrYfmWIPmbXzCuA=
=Kh5x
-----END PGP SIGNATURE-----


6.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1135-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
August 2nd, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package : libtunepimp
Vulnerability : buffer overflow
Problem type : remote
Debian-specific: no
CVE ID : CVE-2006-3600
BugTraq ID : 18961
Debian Bug : 378091

Kevin Kofler discovered several stack-based buffer overflows in the
LookupTRM::lookup function in libtunepimp, a MusicBrainz tagging
library, which allows remote attacers to cause a denial of service or
execute arbitrary code.

For the stable distribution (sarge) these problems have been fixed in
version 0.3.0-3sarge2.

For the unstable distribution (sid) these problems have been fixed in
version 0.4.2-4.

We recommend that you upgrade your libtunepimp packages.


Upgrade Instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp_0.3.0-3sarge2.dsc
Size/MD5 checksum: 1030 9a4920fa648987c785ca7a90389e26d2
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp_0.3.0-3sarge2.diff.gz
Size/MD5 checksum: 6370 7398c09a7d071ae47a47d8cf439f98f4
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp_0.3.0.orig.tar.gz
Size/MD5 checksum: 524889 f1f506914150c4917ec730f847ad4709

Alpha architecture:

http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp-bin_0.3.0-3sarge2_alpha.deb
Size/MD5 checksum: 24890 2978735432d84c89ae7298388469f45b
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp-perl_0.3.0-3sarge2_alpha.deb
Size/MD5 checksum: 69628 caebe7ed98abb9434b8271a6a60bbcf3
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp2_0.3.0-3sarge2_alpha.deb
Size/MD5 checksum: 183756 59e0e4beba76a472ab2871ff560e43db
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp2-dev_0.3.0-3sarge2_alpha.deb
Size/MD5 checksum: 400968 14a5497f7e5a29c7428051f9ac1197db
http://security.debian.org/pool/updates/main/libt/libtunepimp/python-tunepimp_0.3.0-3sarge2_alpha.deb
Size/MD5 checksum: 7514 ed92833051c36f1834d4c2e8431a995b
http://security.debian.org/pool/updates/main/libt/libtunepimp/python2.2-tunepimp_0.3.0-3sarge2_alpha.deb
Size/MD5 checksum: 36986 3f20bf702c8afd5c515caedb3577d7c4
http://security.debian.org/pool/updates/main/libt/libtunepimp/python2.3-tunepimp_0.3.0-3sarge2_alpha.deb
Size/MD5 checksum: 37012 b397a318bf98a9b8a66e92d813ec1417

AMD64 architecture:

http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp-bin_0.3.0-3sarge2_amd64.deb
Size/MD5 checksum: 22574 ab767e6a192e3435808cdc3c0f2eba10
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp-perl_0.3.0-3sarge2_amd64.deb
Size/MD5 checksum: 64662 2b13c0f10121799469f5918b9457816c
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp2_0.3.0-3sarge2_amd64.deb
Size/MD5 checksum: 167846 c8a9826ed526df5f0b3db91671e86ff8
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp2-dev_0.3.0-3sarge2_amd64.deb
Size/MD5 checksum: 309342 989a04b1b26449ccef4534d3b573da3f
http://security.debian.org/pool/updates/main/libt/libtunepimp/python-tunepimp_0.3.0-3sarge2_amd64.deb
Size/MD5 checksum: 7062 3f59546ad6171eb57027961425008dda
http://security.debian.org/pool/updates/main/libt/libtunepimp/python2.2-tunepimp_0.3.0-3sarge2_amd64.deb
Size/MD5 checksum: 35350 85910d25472fd6cd765c5ec70eaec73a
http://security.debian.org/pool/updates/main/libt/libtunepimp/python2.3-tunepimp_0.3.0-3sarge2_amd64.deb
Size/MD5 checksum: 35350 ac75587d5816b4b7f4a8c297960c58de

ARM architecture:

http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp-bin_0.3.0-3sarge2_arm.deb
Size/MD5 checksum: 21328 f0edf637f04bc0569f7d817f7ac4c15f
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp-perl_0.3.0-3sarge2_arm.deb
Size/MD5 checksum: 60078 11945b07935b831ebc12850951da1814
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp2_0.3.0-3sarge2_arm.deb
Size/MD5 checksum: 252294 1dc8ce3cacbafd0e7724c25534e8c2ac
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp2-dev_0.3.0-3sarge2_arm.deb
Size/MD5 checksum: 429780 d4025de16da2eeba4daf3b8c373a1972
http://security.debian.org/pool/updates/main/libt/libtunepimp/python-tunepimp_0.3.0-3sarge2_arm.deb
Size/MD5 checksum: 7494 4bbe28e891a9bbcc4e45f7b0fcaf3a18
http://security.debian.org/pool/updates/main/libt/libtunepimp/python2.2-tunepimp_0.3.0-3sarge2_arm.deb
Size/MD5 checksum: 30692 deec987c46ef0036daf8da7950250beb
http://security.debian.org/pool/updates/main/libt/libtunepimp/python2.3-tunepimp_0.3.0-3sarge2_arm.deb
Size/MD5 checksum: 30704 e80752d9804d728e54cc21f213ebbc85

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp-bin_0.3.0-3sarge2_i386.deb
Size/MD5 checksum: 21680 0a120ab21f78a77bb59cb99ca1eb1b8f
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp-perl_0.3.0-3sarge2_i386.deb
Size/MD5 checksum: 64192 65733e6e2b007c958edddbaa2297ed8c
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp2_0.3.0-3sarge2_i386.deb
Size/MD5 checksum: 172848 aae66182b0509ed6e9b9ef8fc1efe8e9
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp2-dev_0.3.0-3sarge2_i386.deb
Size/MD5 checksum: 295464 bfab73e38dd99e38b6ed3ebc7872521c
http://security.debian.org/pool/updates/main/libt/libtunepimp/python-tunepimp_0.3.0-3sarge2_i386.deb
Size/MD5 checksum: 7384 6b0279cb428e28f0c25936f90c171e7e
http://security.debian.org/pool/updates/main/libt/libtunepimp/python2.2-tunepimp_0.3.0-3sarge2_i386.deb
Size/MD5 checksum: 32342 815c12dc0d0bda96bcc3e9e667acdfb1
http://security.debian.org/pool/updates/main/libt/libtunepimp/python2.3-tunepimp_0.3.0-3sarge2_i386.deb
Size/MD5 checksum: 32346 ead31d0b6cd458c681bee2d4fc894df0

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp-bin_0.3.0-3sarge2_ia64.deb
Size/MD5 checksum: 27032 4b4867843c38aec3e7d7cab211c50180
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp-perl_0.3.0-3sarge2_ia64.deb
Size/MD5 checksum: 70892 51a6fc495685aa15bca597ba5d49481d
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp2_0.3.0-3sarge2_ia64.deb
Size/MD5 checksum: 229114 30d7dd79ef08c59c3dccc707ed4c4149
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp2-dev_0.3.0-3sarge2_ia64.deb
Size/MD5 checksum: 404248 4417640aa53c74f2316f117788382668
http://security.debian.org/pool/updates/main/libt/libtunepimp/python-tunepimp_0.3.0-3sarge2_ia64.deb
Size/MD5 checksum: 7540 86e56a9b5ba5ebac8e1ce08415c81e5c
http://security.debian.org/pool/updates/main/libt/libtunepimp/python2.2-tunepimp_0.3.0-3sarge2_ia64.deb
Size/MD5 checksum: 41274 5d65583580941d6267755c95bacd6041
http://security.debian.org/pool/updates/main/libt/libtunepimp/python2.3-tunepimp_0.3.0-3sarge2_ia64.deb
Size/MD5 checksum: 41290 af3f7132986f4f4eea952b6bf48ab86b

HP Precision architecture:

http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp-bin_0.3.0-3sarge2_hppa.deb
Size/MD5 checksum: 23038 70f7ff16fa268b83ec8112ea0943eef7
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp-perl_0.3.0-3sarge2_hppa.deb
Size/MD5 checksum: 71002 d4b412a8e7367cbddde555e8bc12b5c4
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp2_0.3.0-3sarge2_hppa.deb
Size/MD5 checksum: 202392 b45edc22062afbc716299c70bbde5e62
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp2-dev_0.3.0-3sarge2_hppa.deb
Size/MD5 checksum: 372742 113319297131816655e0b4e9884c0512
http://security.debian.org/pool/updates/main/libt/libtunepimp/python-tunepimp_0.3.0-3sarge2_hppa.deb
Size/MD5 checksum: 7388 90e1630a60eebc1316185ad3f17ecfc2
http://security.debian.org/pool/updates/main/libt/libtunepimp/python2.2-tunepimp_0.3.0-3sarge2_hppa.deb
Size/MD5 checksum: 37312 9a1702305b151cc90c33fd037d211c40
http://security.debian.org/pool/updates/main/libt/libtunepimp/python2.3-tunepimp_0.3.0-3sarge2_hppa.deb
Size/MD5 checksum: 37322 e664954cc2797cb6b982234f36a947fc

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp-bin_0.3.0-3sarge2_m68k.deb
Size/MD5 checksum: 21260 ad6086a9b25ca8d5fde4dbc23ce9c692
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp-perl_0.3.0-3sarge2_m68k.deb
Size/MD5 checksum: 65180 ecaf5f32f118c3bea03ee72feb3a706a
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp2_0.3.0-3sarge2_m68k.deb
Size/MD5 checksum: 173120 94856cac57d86e7a03e3809965f0e788
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp2-dev_0.3.0-3sarge2_m68k.deb
Size/MD5 checksum: 294810 7f8a76aabf519488b7e6f566a80cbac4
http://security.debian.org/pool/updates/main/libt/libtunepimp/python-tunepimp_0.3.0-3sarge2_m68k.deb
Size/MD5 checksum: 7362 b4328d4446b3ac504452637a6fe6bd08
http://security.debian.org/pool/updates/main/libt/libtunepimp/python2.2-tunepimp_0.3.0-3sarge2_m68k.deb
Size/MD5 checksum: 33760 6fad71c1af6746f309fbe8ba2a6eebbe
http://security.debian.org/pool/updates/main/libt/libtunepimp/python2.3-tunepimp_0.3.0-3sarge2_m68k.deb
Size/MD5 checksum: 33790 10d2cbfb58b42889a2c163851e99751b

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp-bin_0.3.0-3sarge2_mips.deb
Size/MD5 checksum: 23990 dcda0902f1c1124f03e9120ebfde0bfd
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp-perl_0.3.0-3sarge2_mips.deb
Size/MD5 checksum: 41350 f7f8f4a0b7c25c235c6b9d8dad1d9d9c
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp2_0.3.0-3sarge2_mips.deb
Size/MD5 checksum: 161176 b7d6241896195d7f314a439b372b127e
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp2-dev_0.3.0-3sarge2_mips.deb
Size/MD5 checksum: 327600 eafb77ad18b8856fe45476197067b8e2
http://security.debian.org/pool/updates/main/libt/libtunepimp/python-tunepimp_0.3.0-3sarge2_mips.deb
Size/MD5 checksum: 7488 b93b17c16646f9d2c43d3b713f0e414e
http://security.debian.org/pool/updates/main/libt/libtunepimp/python2.2-tunepimp_0.3.0-3sarge2_mips.deb
Size/MD5 checksum: 30832 51f3c2b19ec9e12feca6094bfc1c234c
http://security.debian.org/pool/updates/main/libt/libtunepimp/python2.3-tunepimp_0.3.0-3sarge2_mips.deb
Size/MD5 checksum: 30830 075f88566e8bd20c7035ccb6bd5c75c1

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp-bin_0.3.0-3sarge2_mipsel.deb
Size/MD5 checksum: 24010 948df50ac97f84a3e87915cf8e2e1227
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp-perl_0.3.0-3sarge2_mipsel.deb
Size/MD5 checksum: 41174 58740675d89c0d3790ec8911e465e101
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp2_0.3.0-3sarge2_mipsel.deb
Size/MD5 checksum: 159904 17004743326aa4116d39a51f71205d10
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp2-dev_0.3.0-3sarge2_mipsel.deb
Size/MD5 checksum: 327466 227c0388ec56c7d150d0155ae37c4e70
http://security.debian.org/pool/updates/main/libt/libtunepimp/python-tunepimp_0.3.0-3sarge2_mipsel.deb
Size/MD5 checksum: 7506 bee85b2381fb78193452dd0b59a6ecae
http://security.debian.org/pool/updates/main/libt/libtunepimp/python2.2-tunepimp_0.3.0-3sarge2_mipsel.deb
Size/MD5 checksum: 30530 061f243e1eca9e6f26ef812964907a74
http://security.debian.org/pool/updates/main/libt/libtunepimp/python2.3-tunepimp_0.3.0-3sarge2_mipsel.deb
Size/MD5 checksum: 30550 d3e03c3944ecc11589d63c9f9cfed9f2

PowerPC architecture:

http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp-bin_0.3.0-3sarge2_powerpc.deb
Size/MD5 checksum: 24732 c9c38d154af36ad28637c763f8dcd117
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp-perl_0.3.0-3sarge2_powerpc.deb
Size/MD5 checksum: 65578 99ab71a5594f3f69c3e375da379dc530
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp2_0.3.0-3sarge2_powerpc.deb
Size/MD5 checksum: 163704 8f7a6aa6a353144c23a8eed9d364251e
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp2-dev_0.3.0-3sarge2_powerpc.deb
Size/MD5 checksum: 313058 e4b4d41dcea114933b79a2f0acf1e933
http://security.debian.org/pool/updates/main/libt/libtunepimp/python-tunepimp_0.3.0-3sarge2_powerpc.deb
Size/MD5 checksum: 7540 0a87f9037368c2326618c4fca8420823
http://security.debian.org/pool/updates/main/libt/libtunepimp/python2.2-tunepimp_0.3.0-3sarge2_powerpc.deb
Size/MD5 checksum: 34964 2a29738183724ddf8088457795a57044
http://security.debian.org/pool/updates/main/libt/libtunepimp/python2.3-tunepimp_0.3.0-3sarge2_powerpc.deb
Size/MD5 checksum: 34974 195aaf1a53f0419a6333e49e91b0b2cc

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp-bin_0.3.0-3sarge2_s390.deb
Size/MD5 checksum: 22526 1193ac69323d7c312cd75793087c91b9
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp-perl_0.3.0-3sarge2_s390.deb
Size/MD5 checksum: 47592 e072c4b460e330972eecc8056ffdf62e
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp2_0.3.0-3sarge2_s390.deb
Size/MD5 checksum: 164408 bacc4965dccb7825f71a52bf61216168
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp2-dev_0.3.0-3sarge2_s390.deb
Size/MD5 checksum: 293254 68deddeeff41080b0e13a8cab173dad0
http://security.debian.org/pool/updates/main/libt/libtunepimp/python-tunepimp_0.3.0-3sarge2_s390.deb
Size/MD5 checksum: 7492 1d23ac5ea74763a38833f933141dd0fa
http://security.debian.org/pool/updates/main/libt/libtunepimp/python2.2-tunepimp_0.3.0-3sarge2_s390.deb
Size/MD5 checksum: 37268 2cf940107c56c3864fa97013bd21598b
http://security.debian.org/pool/updates/main/libt/libtunepimp/python2.3-tunepimp_0.3.0-3sarge2_s390.deb
Size/MD5 checksum: 37252 ac915f3997f66e4c6a94ecee7c6cca37

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp-bin_0.3.0-3sarge2_sparc.deb
Size/MD5 checksum: 21478 93b66545509e935ce3a8be05e71a93c5
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp-perl_0.3.0-3sarge2_sparc.deb
Size/MD5 checksum: 64890 2bfba94ca4422855510dfd2cbdc6ce02
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp2_0.3.0-3sarge2_sparc.deb
Size/MD5 checksum: 163392 a65569a7c43e112ab422e0624a1e4bcb
http://security.debian.org/pool/updates/main/libt/libtunepimp/libtunepimp2-dev_0.3.0-3sarge2_sparc.deb
Size/MD5 checksum: 299368 c2075aa76dac67ab7c82196ae30a63c4
http://security.debian.org/pool/updates/main/libt/libtunepimp/python-tunepimp_0.3.0-3sarge2_sparc.deb
Size/MD5 checksum: 7518 9d9f6ecf4323f7416adb06ccc22c5533
http://security.debian.org/pool/updates/main/libt/libtunepimp/python2.2-tunepimp_0.3.0-3sarge2_sparc.deb
Size/MD5 checksum: 33272 a604ebd85536a7de80d1015114047451
http://security.debian.org/pool/updates/main/libt/libtunepimp/python2.3-tunepimp_0.3.0-3sarge2_sparc.deb
Size/MD5 checksum: 33280 3d50a7091fb5ed0038956a81c0bfd828


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFE0EpNW5ql+IAeqTIRAnPJAJ4oPLsqagIOfSbMv7E3Nkc853YBjQCgqj6T
TfThd625vxEiVERXLAZK+K8=
=esVD
-----END PGP SIGNATURE-----
  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |