From sec-adv at secunia.com Tue Dec 1 09:11:51 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Dec 2009 18:11:51 +0100 Subject: [SEC] [SA37549] TYPO3 Calendar Base Extension SQL Injection Vulnerability Message-ID: <200912011711.nB1HBp4I020293@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: TYPO3 Calendar Base Extension SQL Injection Vulnerability SECUNIA ADVISORY ID: SA37549 VERIFY ADVISORY: http://secunia.com/advisories/37549/ DESCRIPTION: A vulnerability has been reported in the Calendar Base extension for TYPO3, which can be exploited by malicious users to conduct SQL injection attacks. Input passed to certain unspecified parameters is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in versions prior to 1.2.1. SOLUTION: Update to version 1.2.1. http://typo3.org/extensions/repository/view/cal/1.2.1/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Michael Tschannen. ORIGINAL ADVISORY: TYPO3-SA-2009-019: http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-019/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 1 09:28:58 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Dec 2009 18:28:58 +0100 Subject: [SEC] [SA37552] TYPO3 Direct Mail Extension Script Insertion Vulnerability Message-ID: <200912011728.nB1HSwuX007705@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: TYPO3 Direct Mail Extension Script Insertion Vulnerability SECUNIA ADVISORY ID: SA37552 VERIFY ADVISORY: http://secunia.com/advisories/37552/ DESCRIPTION: A vulnerability has been reported in the Direct Mail extension for TYPO3, which can be exploited by malicious users to conduct script insertion attacks. Input passed via unspecified parameters in the newsletter configuration section is not properly sanitised before being displayed to the user. This can be exploited to inject arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is viewed. The vulnerability is reported in versions prior to 2.6.5. SOLUTION: Update to version 2.6.5. http://typo3.org/extensions/repository/view/direct_mail/2.6.5/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Georg Ringer, TYPO3 Security Team. ORIGINAL ADVISORY: TYPO3-SA-2009-018: http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-018/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 1 09:45:45 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Dec 2009 18:45:45 +0100 Subject: [SEC] [SA37550] TYPO3 kk_downloader Extension Information Disclosure Message-ID: <200912011745.nB1HjjRW027519@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: TYPO3 kk_downloader Extension Information Disclosure SECUNIA ADVISORY ID: SA37550 VERIFY ADVISORY: http://secunia.com/advisories/37550/ DESCRIPTION: A vulnerability has been reported in the kk_downloader for TYPO3, which can be exploited by malicious people to disclose sensitive information. This vulnerability is caused due to unspecified errors. No additional information is currently available. The vulnerability is reported in versions prior to 1.2.2. SOLUTION: Updated to version 1.2.2. PROVIDED AND/OR DISCOVERED BY: The vendor credits Georg Ringer, TYPO3 Security Team. ORIGINAL ADVISORY: TYPO3-SA-2009-017: http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-017/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 1 10:02:53 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Dec 2009 19:02:53 +0100 Subject: [SEC] [SA37531] Red Hat update for bind Message-ID: <200912011802.nB1I2rO9014944@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Red Hat update for bind SECUNIA ADVISORY ID: SA37531 VERIFY ADVISORY: http://secunia.com/advisories/37531/ DESCRIPTION: Red Hat has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to poison the DNS cache. For more information: SA37426 SOLUTION: Updated packages are available via Red Hat Network. http://rhn.redhat.com ORIGINAL ADVISORY: RHSA-2009:1620-1: https://rhn.redhat.com/errata/RHSA-2009-1620.html OTHER REFERENCES: SA37426: http://secunia.com/advisories/37426/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 1 10:28:58 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Dec 2009 19:28:58 +0100 Subject: [SEC] [SA37532] Red Hat update for dstat Message-ID: <200912011828.nB1ISwjs002661@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Red Hat update for dstat SECUNIA ADVISORY ID: SA37532 VERIFY ADVISORY: http://secunia.com/advisories/37532/ DESCRIPTION: Red Hat has issued an update for dstat. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges. For more information: SA37445 SOLUTION: Updated packages are available via Red Hat Network. http://rhn.redhat.com ORIGINAL ADVISORY: RHSA-2009:1619-1: https://rhn.redhat.com/errata/RHSA-2009-1619.html OTHER REFERENCES: SA37445: http://secunia.com/advisories/37445/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 1 10:45:47 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Dec 2009 19:45:47 +0100 Subject: [SEC] [SA37534] ActivePerl Compress Modules Off-by-One Vulnerabilities Message-ID: <200912011845.nB1Ijleu022477@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: ActivePerl Compress Modules Off-by-One Vulnerabilities SECUNIA ADVISORY ID: SA37534 VERIFY ADVISORY: http://secunia.com/advisories/37534/ DESCRIPTION: Some vulnerabilities have been reported in ActivePerl, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise an application using the affected modules. The vulnerabilities are caused due to off-by-one errors within the "Compress::Raw::Zlib" and "Compress::Raw::Bzip2" modules. For more information: SA35422 SA36386 SOLUTION: Update to ActivePerl 5.10.1 build 1006. http://www.activestate.com/activeperl/ ORIGINAL ADVISORY: http://aspn.activestate.com/ASPN/Mail/Message/ActivePerl/3745416 OTHER REFERENCES: SA35422: http://secunia.com/advisories/35422/ SA36386: http://secunia.com/advisories/36386/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 1 11:03:12 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Dec 2009 20:03:12 +0100 Subject: [SEC] [SA37540] Fedora update for php-pear-Mail Message-ID: <200912011903.nB1J3Crc009910@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Fedora update for php-pear-Mail SECUNIA ADVISORY ID: SA37540 VERIFY ADVISORY: http://secunia.com/advisories/37540/ DESCRIPTION: Fedora has issued an update for php-pear-Mail. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions. For more information: SA37410 SOLUTION: Apply updated packages via the yum utility ("yum update php-pear-Mail"). ORIGINAL ADVISORY: FEDORA-2009-12348: https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00030.html FEDORA-2009-12395: https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00075.html FEDORA-2009-12439: https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00131.html OTHER REFERENCES: SA37410: http://secunia.com/advisories/37410/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 1 11:29:04 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Dec 2009 20:29:04 +0100 Subject: [SEC] [SA37526] IBM WebSphere Portal Unspecified Security Issue and Cross-Site Scripting Message-ID: <200912011929.nB1JT4qV030040@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: IBM WebSphere Portal Unspecified Security Issue and Cross-Site Scripting SECUNIA ADVISORY ID: SA37526 VERIFY ADVISORY: http://secunia.com/advisories/37526/ DESCRIPTION: A vulnerability and a security issue have been reported in IBM WebSphere Portal. The security issue has an unknown impact and the vulnerability can be exploited by malicious people to conduct cross-site scripting attacks. 1) Input passed via the "People Picker Tag" in Websphere Portal Collaboration is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) A security issue is caused due to an unspecified error related to "XMLACCESS". Further information is currently not available. SOLUTION: IBM WebSphere Portal 6.1: Update to version 6.1.0.3. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: IBM (PK93429, PK93783): http://www-01.ibm.com/support/docview.wss?uid=swg27014411 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 1 11:45:59 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Dec 2009 20:45:59 +0100 Subject: [SEC] [SA37546] RT Session Fixation Vulnerability Message-ID: <200912011945.nB1Jjx79017438@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: RT Session Fixation Vulnerability SECUNIA ADVISORY ID: SA37546 VERIFY ADVISORY: http://secunia.com/advisories/37546/ DESCRIPTION: A vulnerability has been reported in RT, which can be exploited by malicious people to conduct session fixation attacks. The vulnerability is caused due to an error in the handling of sessions and can be exploited to hijack another user's session by tricking the user into logging in after following a specially crafted link. The vulnerability is reported in versions 3.0.0 to 3.8.5. SOLUTION: Update to version 3.6.10 or apply security patches. PROVIDED AND/OR DISCOVERED BY: The vendor credits Mikal Gule and the University of Oslo. ORIGINAL ADVISORY: http://lists.bestpractical.com/pipermail/rt-announce/2009-November/000176.html http://lists.bestpractical.com/pipermail/rt-announce/2009-November/000177.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 1 12:02:50 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Dec 2009 21:02:50 +0100 Subject: [SEC] [SA37517] FreeBSD Dynamic Linker Privilege Escalation Vulnerability Message-ID: <200912012002.nB1K2oEA004853@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: FreeBSD Dynamic Linker Privilege Escalation Vulnerability SECUNIA ADVISORY ID: SA37517 VERIFY ADVISORY: http://secunia.com/advisories/37517/ DESCRIPTION: Nikolaos Rangos has discovered a vulnerability in FreeBSD, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to the "_rtld()" function in libexec/rtld-elf/rtld.c not correctly clearing certain dangerous environment variables before executing suid root processes, which can be exploited to execute arbitrary code with root privileges. The vulnerability is reported in version 7.1 and also confirmed in version 8.0. SOLUTION: The vendor has released a preliminary patch. http://people.freebsd.org/~cperciva/rtld.patch PROVIDED AND/OR DISCOVERED BY: Nikolaos Rangos aka Kingcope ORIGINAL ADVISORY: Kingcope: http://archives.neohapsis.com/archives/fulldisclosure/2009-11/0372.html FreeBSD: http://lists.freebsd.org/pipermail/freebsd-announce/2009-December/001286.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 1 12:29:28 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Dec 2009 21:29:28 +0100 Subject: [SEC] [SA37541] Fedora update for cups Message-ID: <200912012029.nB1KTSIl025009@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Fedora update for cups SECUNIA ADVISORY ID: SA37541 VERIFY ADVISORY: http://secunia.com/advisories/37541/ DESCRIPTION: Fedora has issued an update for cups. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks and to cause a DoS (Denial of Service). For more information: SA37308 SA37364 SOLUTION: Apply updated packages via the yum utility ("yum update cups"). ORIGINAL ADVISORY: FEDORA-2009-10891: https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00022.html FEDORA-2009-11314: https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00102.html OTHER REFERENCES: SA37308: http://secunia.com/advisories/37308/ SA37364: http://secunia.com/advisories/37364/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 1 12:45:47 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Dec 2009 21:45:47 +0100 Subject: [SEC] [SA37547] Red Hat update for mod_jk Message-ID: <200912012045.nB1KjlsS012386@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Red Hat update for mod_jk SECUNIA ADVISORY ID: SA37547 VERIFY ADVISORY: http://secunia.com/advisories/37547/ DESCRIPTION: Red Hat has issued an update for mod_jk. This fixes a vulnerability, which can be exploited by malicious people to disclose sensitive information. For more information: SA34621 SOLUTION: Updated packages are available via Red Hat Network. http://rhn.redhat.com ORIGINAL ADVISORY: RHSA-2009:1618-1: https://rhn.redhat.com/errata/RHSA-2009-1618.html OTHER REFERENCES: SA34621: http://secunia.com/advisories/34621/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 1 13:02:58 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Dec 2009 22:02:58 +0100 Subject: [SEC] [SA37551] TYPO3 DB Integration Extension Command Execution Vulnerability Message-ID: <200912012102.nB1L2wYG032229@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: TYPO3 DB Integration Extension Command Execution Vulnerability SECUNIA ADVISORY ID: SA37551 VERIFY ADVISORY: http://secunia.com/advisories/37551/ DESCRIPTION: A vulnerability has been reported in the DB Integration extension for TYPO3, which can be exploited by malicious people to compromise a vulnerable system. Certain unspecified input is not properly sanitised before being used. This can be exploited to execute arbitrary shell commands. The vulnerability is reported in versions prior to 1.3.2. SOLUTION: Update to version 1.3.2 or later. http://typo3.org/extensions/repository/view/wfqbe/1.3.2/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Felix B?nemann. ORIGINAL ADVISORY: TYPO3-SA-2009-017: http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-017/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 1 13:28:59 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Dec 2009 22:28:59 +0100 Subject: [SEC] [SA37548] Red Hat update for tomcat Message-ID: <200912012128.nB1LSxAE019947@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Red Hat update for tomcat SECUNIA ADVISORY ID: SA37548 VERIFY ADVISORY: http://secunia.com/advisories/37548/ DESCRIPTION: Red Hat has issued an update for tomcat. This fixes some vulnerabilities, which can be exploited by malicious users to disclose sensitive information or manipulate certain data and by malicious people to cause a DoS (Denial of Service) or disclose sensitive information. For more information: SA28878 SA35326 SOLUTION: Updated packages are available via Red Hat Network. http://rhn.redhat.com ORIGINAL ADVISORY: RHSA-2009:1616-1: https://rhn.redhat.com/errata/RHSA-2009-1616.html RHSA-2009:1617-1: https://rhn.redhat.com/errata/RHSA-2009-1617.html OTHER REFERENCES: SA28878: http://secunia.com/advisories/28878/ SA35326: http://secunia.com/advisories/35326/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 1 13:45:51 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Dec 2009 22:45:51 +0100 Subject: [SEC] [SA37530] Asterisk RTP Comfort Noise Payload Denial of Service Message-ID: <200912012145.nB1LjpGO007342@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Asterisk RTP Comfort Noise Payload Denial of Service SECUNIA ADVISORY ID: SA37530 VERIFY ADVISORY: http://secunia.com/advisories/37530/ DESCRIPTION: A vulnerability has been reported in Asterisk, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the handling of RTP comfort noise payloads. This can be exploited to cause a crash by sending an RTP comfort noise payload containing a data length of 24 bytes or greater. SOLUTION: Asterisk Open Source: Update to version 1.2.37, 1.4.27.1, 1.6.0.19, or 1.6.1.11 or apply patches. http://downloads.asterisk.org/pub/security/AST-2009-010-1.2.diff.txt http://downloads.asterisk.org/pub/security/AST-2009-010-1.4.diff.txt http://downloads.asterisk.org/pub/security/AST-2009-010-1.6.0.diff.txt http://downloads.asterisk.org/pub/security/AST-2009-010-1.6.1.diff.txt Asterisk Business Edition: Update to version B.2.5.13, C.2.4.6, or C.3.2.3. S800i (Asterisk Appliance): Update to version 1.3.0.6. PROVIDED AND/OR DISCOVERED BY: The vendor credits amorsen. ORIGINAL ADVISORY: http://downloads.asterisk.org/pub/security/AST-2009-010.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 1 14:02:46 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Dec 2009 23:02:46 +0100 Subject: [SEC] [SA37533] Red Hat update for xerces-j2 Message-ID: <200912012202.nB1M2kis027177@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Red Hat update for xerces-j2 SECUNIA ADVISORY ID: SA37533 VERIFY ADVISORY: http://secunia.com/advisories/37533/ DESCRIPTION: Red Hat has issued an update for xerces-j2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information see vulnerability #9 in: SA36159 SOLUTION: Updated packages are available via Red Hat Network. http://rhn.redhat.com ORIGINAL ADVISORY: RHSA-2009:1615-1: https://rhn.redhat.com/errata/RHSA-2009-1615.html OTHER REFERENCES: SA36159: http://secunia.com/advisories/36159/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Dec 2 09:11:51 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 2 Dec 2009 18:11:51 +0100 Subject: [SEC] [SA37349] Pligg Cross-Site Scripting and Cross-Site Request Forgery Message-ID: <200912021711.nB2HBpIv023316@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Pligg Cross-Site Scripting and Cross-Site Request Forgery SECUNIA ADVISORY ID: SA37349 VERIFY ADVISORY: http://secunia.com/advisories/37349/ DESCRIPTION: Russ McRee has discovered some vulnerabilities in Pligg, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks. 1) Input passed via the "Referer" HTTP header to various scripts (e.g. admin/admin_config.php, admin/admin_modules.php, delete.php, editlink.php, submit.php, submit_groups.php, user_add_remove_links.php, and user_settings.php) is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. create an arbitrary user with administrative privileges if a logged-in administrative user visits a malicious web site. The vulnerabilities are confirmed in version 1.0.2. Other versions may also be affected NOTE: Two other weaknesses related to redirection to external sites were also confirmed. SOLUTION: Both vulnerabilities along with one of the redirection weaknesses are fixed in version 1.0.3. PROVIDED AND/OR DISCOVERED BY: Reported by Russ McRee via Secunia. ORIGINAL ADVISORY: Pligg: http://www.pligg.com/blog/775/pligg-cms-1-0-3-release/ HolisticInfoSec: http://holisticinfosec.org/content/view/130/45/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Dec 2 09:29:08 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 2 Dec 2009 18:29:08 +0100 Subject: [SEC] [SA37535] Joomla Joaktree Component "treeId" SQL Injection Vulnerability Message-ID: <200912021729.nB2HT8vT010775@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Joomla Joaktree Component "treeId" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA37535 VERIFY ADVISORY: http://secunia.com/advisories/37535/ DESCRIPTION: Don Tukulesto has discovered a vulnerability in the Joaktree component for Joomla, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "treeId" parameter to index.php (when "option" is set to "com_joaktree") is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 1.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Don Tukulesto ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Dec 2 09:45:48 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 2 Dec 2009 18:45:48 +0100 Subject: [SEC] [SA37522] SweetRice File Inclusion Vulnerabilities Message-ID: <200912021745.nB2HjmdO030629@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: SweetRice File Inclusion Vulnerabilities SECUNIA ADVISORY ID: SA37522 VERIFY ADVISORY: http://secunia.com/advisories/37522/ DESCRIPTION: cr4wl3r has discovered multiple vulnerabilities in SweetRice, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the "root_dir" parameter in _plugin/subscriber/inc/post.php and in as/lib/news_modify.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local and remote resources. Successful exploitation requires that support for .htaccess files is disabled. Vulnerabilities are confirmed in version 0.5.4. Other versions may also be affected. SOLUTION: The vendor recommends to set register_globals to "Off". PROVIDED AND/OR DISCOVERED BY: cr4wl3r ORIGINAL ADVISORY: http://packetstormsecurity.org/0911-exploits/sweetrice-rfilfi.txt ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Dec 2 10:03:02 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 2 Dec 2009 19:03:02 +0100 Subject: [SEC] [SA37553] TEKUVA Password Reminder Hardcoded Password Security Issue Message-ID: <200912021803.nB2I32n9018095@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: TEKUVA Password Reminder Hardcoded Password Security Issue SECUNIA ADVISORY ID: SA37553 VERIFY ADVISORY: http://secunia.com/advisories/37553/ DESCRIPTION: A security issue has been discovered in TUKEVA Password Reminder, which can be exploited by malicious, local users to bypass certain security restrictions. The security issue is caused due to the application using a hard-coded password to access the credentials stored in rem.accdb. This allows accessing the credentials database without knowing the correct main password. The security issue is confirmed in version 1.0.0.1. Other versions may also be affected. SOLUTION: Restrict access to the rem.accdb file. PROVIDED AND/OR DISCOVERED BY: iqlusion ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/10201 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Dec 2 10:29:08 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 2 Dec 2009 19:29:08 +0100 Subject: [SEC] [SA36069] Roxio Creator Image Rendering Integer Overflow Vulnerability Message-ID: <200912021829.nB2IT8kY005893@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Roxio Creator Image Rendering Integer Overflow Vulnerability SECUNIA ADVISORY ID: SA36069 VERIFY ADVISORY: http://secunia.com/advisories/36069/ DESCRIPTION: Secunia Research has discovered a vulnerability in Roxio Creator, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to an integer overflow error when allocating memory for an image based on its dimensions and can be exploited to corrupt memory via a specially crafted image. Successful exploitation may allow execution of arbitrary code. The vulnerability is confirmed in version 9.0.136. Other versions may also be affected. SOLUTION: Apply Creator 2010 SP1. http://www.roxio.com/enu/support/c2010/software_updates.html PROVIDED AND/OR DISCOVERED BY: Carsten Eiram, Secunia Research. ORIGINAL ADVISORY: Secunia Research: http://secunia.com/secunia_research/2009-38/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Dec 2 10:45:50 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 2 Dec 2009 19:45:50 +0100 Subject: [SEC] [SA37554] Novell eDirectory NDS Verb 0x1 Request Integer Overflow Vulnerability Message-ID: <200912021845.nB2Ijo14025747@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Novell eDirectory NDS Verb 0x1 Request Integer Overflow Vulnerability SECUNIA ADVISORY ID: SA37554 VERIFY ADVISORY: http://secunia.com/advisories/37554/ DESCRIPTION: A vulnerability has been reported in Novell eDirectory, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an integer overflow when processing NDS Verb 0x1 service requests. This can be exploited to cause a heap-based buffer overflow via specially crafted requests. Successful exploitation may allow the execution of arbitrary code. The vulnerability is reported in version 8.7.3.10 ftf1 and 8.8.5 ftf1. Prior versions may also be affected. SOLUTION: Apply patches. eDirectory 8.7.3.X: Update to version 8.7.3.10 ftf2. eDirectory 8.8.X: Update to version 8.8.5.2. PROVIDED AND/OR DISCOVERED BY: Chris Valasek and John McDonald, IBM X-Force ORIGINAL ADVISORY: Novell: http://www.novell.com/support/viewContent.do?externalId=7004912 IBM X-Force: http://www.iss.net/threats/356.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Dec 2 11:02:52 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 2 Dec 2009 20:02:52 +0100 Subject: [SEC] [SA37492] Photobox Uploader ActiveX Control Buffer Overflow Vulnerability Message-ID: <200912021902.nB2J2qdl013210@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Photobox Uploader ActiveX Control Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA37492 VERIFY ADVISORY: http://secunia.com/advisories/37492/ DESCRIPTION: Secunia Research has discovered a vulnerability in Photobox Uploader ActiveX Control, which can be exploited by malicious people to compromise a user's system. For more information: SA37138 The vulnerability is confirmed in version 2.2.0.6. Other versions may also be affected. SOLUTION: Set the kill-bit for the affected ActiveX control. PROVIDED AND/OR DISCOVERED BY: Carsten Eiram, Secunia Research. ORIGINAL ADVISORY: Secunia Research: http://secunia.com/secunia_research/2009-41/ OTHER REFERENCES: SA37138: http://secunia.com/advisories/37138/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Dec 2 11:29:13 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 2 Dec 2009 20:29:13 +0100 Subject: [SEC] [SA37138] Lateral Arts Uploader ActiveX Control Buffer Overflow Vulnerability Message-ID: <200912021929.nB2JTDgJ000963@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Lateral Arts Uploader ActiveX Control Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA37138 VERIFY ADVISORY: http://secunia.com/advisories/37138/ DESCRIPTION: Secunia Research has discovered a vulnerability in Lateral Arts Uploader ActiveX Control, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when parsing URLs. This can be exploited to cause a stack-based buffer overflow via an overly long string assigned to a number of properties (e.g. "LogURL", "ConnectURL", "SkinURL", "AlbumCreateURL", "ErrorURL", and "httpsinglehost"). Successful exploitation allows execution of arbitrary code when a user e.g. visits a malicious website. SOLUTION: According to the vendor, the vulnerability has been fixed in version 1.3. PROVIDED AND/OR DISCOVERED BY: Carsten Eiram, Secunia Research. ORIGINAL ADVISORY: Secunia Research: http://secunia.com/secunia_research/2009-41/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Dec 2 11:45:54 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 2 Dec 2009 20:45:54 +0100 Subject: [SEC] [SA37459] dotDefender Cross-Site Request Forgery Message-ID: <200912021945.nB2Jjsx1020864@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: dotDefender Cross-Site Request Forgery SECUNIA ADVISORY ID: SA37459 VERIFY ADVISORY: http://secunia.com/advisories/37459/ DESCRIPTION: John Dos has discovered a vulnerability in dotDefender, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. execute arbitrary shell commands if a logged-in administrator visits a specially crafted web site. The vulnerability is confirmed in version 3.8-5 for Linux. SOLUTION: Do not browse untrusted websites or follow untrusted links while logged in to the application. PROVIDED AND/OR DISCOVERED BY: John Dos ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Dec 2 12:02:55 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 2 Dec 2009 21:02:55 +0100 Subject: [SEC] [SA37520] phpMyFAQ Multiple Cross-Site Scripting Vulnerabilities Message-ID: <200912022002.nB2K2tCn008330@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: phpMyFAQ Multiple Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA37520 VERIFY ADVISORY: http://secunia.com/advisories/37520/ DESCRIPTION: Amol Naik has discovered some vulnerabilities in phpMyFAQ, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via various parameters to multiple scripts is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Examples: http://[host]/index.php?action=sitemap&lang=[code] http://[host]/index.php?action=search&search=[code] http://[host]/index.php?action=search&tagging_id=[code] http://[host]/index.php?action=artikel&highlight=[code] http://[host]/index.php?action=artikel&artlang=[code] http://[host]/index.php?action=sitemap&letter=[code] http://[host]/index.php?action=show&lang=[code] http://[host]/index.php?action=show&cat=[code] http://[host]/index.php?action=news&newsid=1&newslang=[code] http://[host]/index.php?action=send2friend&artlang=[code] http://[host]/index.php?action=send2friend&cat=[code] http://[host]/index.php?action=send2friend&id=[code] http://[host]/index.php?action=translate&srclang=[code] http://[host]/index.php?action=translate&id=[code] http://[host]/index.php?action=translate&cat=[code] http://[host]/index.php?action=add&cat=[code] http://[host]/index.php?action=add&question=[code] The vulnerabilities are confirmed in version 2.5.4. Other versions may also be affected. SOLUTION: Update to version 2.5.5. PROVIDED AND/OR DISCOVERED BY: Amol Naik CHANGELOG: 2009-12-02: Updated "Description" section. ORIGINAL ADVISORY: http://www.phpmyfaq.de/advisory_2009-12-01.php ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Dec 2 12:29:09 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 2 Dec 2009 21:29:09 +0100 Subject: [SEC] [SA37523] SUSE update for bind Message-ID: <200912022029.nB2KT9ju028542@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: SUSE update for bind SECUNIA ADVISORY ID: SA37523 VERIFY ADVISORY: http://secunia.com/advisories/37523/ DESCRIPTION: SUSE has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to poison the DNS cache. For more information: SA37426 SOLUTION: Apply updated packages via YaST Online Update or the SUSE FTP server. ORIGINAL ADVISORY: SUSE-SA:2009:059: http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00000.html OTHER REFERENCES: SA37426: http://secunia.com/advisories/37426/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Dec 2 12:45:52 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 2 Dec 2009 21:45:52 +0100 Subject: [SEC] [SA37529] Theeta CMS "start" SQL Injection Vulnerability Message-ID: <200912022045.nB2Kjq9C015976@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Theeta CMS "start" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA37529 VERIFY ADVISORY: http://secunia.com/advisories/37529/ DESCRIPTION: c0dy has reported a vulnerability in Theeta CMS, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "start" parameter to blog/index.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. NOTE: This may further be used to conduct cross-site scripting attacks via SQL error messages. The vulnerability is reported in version 0.01. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: c0dy ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Dec 2 13:02:44 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 2 Dec 2009 22:02:44 +0100 Subject: [SEC] [SA37562] BlackBerry Products PDF Distiller Unspecified Vulnerabilities Message-ID: <200912022102.nB2L2iIS003441@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: BlackBerry Products PDF Distiller Unspecified Vulnerabilities SECUNIA ADVISORY ID: SA37562 VERIFY ADVISORY: http://secunia.com/advisories/37562/ DESCRIPTION: Some vulnerabilities have been reported in BlackBerry Enterprise Server and BlackBerry Professional Software, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The vulnerabilities are caused due to unspecified errors within the PDF distiller of the BlackBerry Attachment Service component. These can be exploited to cause a memory corruption when a specially crafted PDF file is opened for viewing on a BlackBerry smartphone. Successful exploitation may allow execution of arbitrary code. The vulnerabilities are reported in BlackBerry Enterprise Server version 5.0.0, BlackBerry Enterprise Server version 4.1 Service Pack 3 (4.1.3) through 4.1 Service Pack 7 (4.1.7), and BlackBerry Professional Software 4.1 Service Pack 4 (4.1.4). SOLUTION: Update to the latest version or apply the Interim Security Update. BlackBerry Enterprise Server version 5.0 for Microsoft Exchange and IBM Lotus Domino: Update to version 5.0.1. or later, or apply Interim Security Update 3 for BlackBerry Enterprise Server software version 5.0.0. http://www.blackberry.com/go/serverdownloads BlackBerry Enterprise Server version 4.1.7 for Microsoft Exchange and IBM Lotus Domino: Apply Interim Security Update 1 for BlackBerry Enterprise Server software version 4.1.7. http://www.blackberry.com/go/serverdownloads BlackBerry Enterprise Server version 4.1.6 for Microsoft Exchange and IBM Lotus Domino: Update to BlackBerry Enterprise Server Version 4.1.6 MR8 or later. http://www.blackberry.com/go/serverdownloads BlackBerry Enterprise Server version 4.1.6 for Novell GroupWise: Update to BlackBerry Enterprise Server Version 4.1.6 MR6 or later. http://www.blackberry.com/go/serverdownloads BlackBerry Enterprise Server version 4.1.4: Update to BlackBerry Enterprise Server Version 4.1.6 MR8 or later, or apply Interim Security Update 5 for BlackBerry Enterprise Server software version 4.1.4. http://www.blackberry.com/go/serverdownloads BlackBerry Professional Software: Apply Interim Security Update 5 for affected BlackBerry Professional Software versions. http://na.blackberry.com/eng/support/downloads/#tab_professional PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB19860 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Dec 2 13:29:03 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 2 Dec 2009 22:29:03 +0100 Subject: [SEC] [SA37558] Fedora update for cups Message-ID: <200912022129.nB2LT3Jw023648@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Fedora update for cups SECUNIA ADVISORY ID: SA37558 VERIFY ADVISORY: http://secunia.com/advisories/37558/ DESCRIPTION: Fedora has issued an update for cups. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information: SA37308 SOLUTION: Apply updated packages via the yum utility ("yum update cups"). ORIGINAL ADVISORY: FEDORA-2009-11062: https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00200.html OTHER REFERENCES: SA37308: http://secunia.com/advisories/37308/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Dec 2 13:45:54 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 2 Dec 2009 22:45:54 +0100 Subject: [SEC] [SA37560] HP NonStop Server Privilege Escalation Message-ID: <200912022145.nB2LjsDs011092@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: HP NonStop Server Privilege Escalation SECUNIA ADVISORY ID: SA37560 VERIFY ADVISORY: http://secunia.com/advisories/37560/ DESCRIPTION: A vulnerability has been reported in HP NonStop Server, which can be exploited by malicious, local users to bypass certain security restrictions, cause a DoS (Denial of Service), and to gain escalated privileges. The vulnerability is caused due to an unspecified error, which can be exploited to gain unauthorised access to certain data, cause a DoS, or to execute arbitrary code with escalated privileges. The vulnerability is reported in the following versions: * G06.12.00 through G06.32.00. * H06.08.00, H06.09.00, H06.10.00, H06.10.01, H06.11.00, H06.11.01, H06.11.02, H06.11.03, H06.12.00, H06.13.00, H06.14.00, H06.15.00, H06.15.01, H06.15.02, H06.16.00, H06.16.01, H06.17.00, H06.17.01, H06.17.02, H06.18.00, H06.18.01. * J06.04.00, J06.04.01, J06.04.02, J06.05.00, J06.05.01, J06.06.00, J06.06.01, J06.06.02, J06.07.00, J06.07.01. SOLUTION: Apply patches. Please see the vendor's advisory for more information. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: HPSBNS02475 SSRT090068: https://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01923646 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Dec 2 14:03:00 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 2 Dec 2009 23:03:00 +0100 Subject: [SEC] [SA37559] Fedora update for roundcubemail Message-ID: <200912022203.nB2M30Z5030973@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Fedora update for roundcubemail SECUNIA ADVISORY ID: SA37559 VERIFY ADVISORY: http://secunia.com/advisories/37559/ DESCRIPTION: Fedora has issued an update for roundcubemail. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site request forgery attacks. For more information: SA37235 SOLUTION: Apply updated packages via the yum utility ("yum update roundcubemail"). ORIGINAL ADVISORY: FEDORA-2009-12481: https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00162.html OTHER REFERENCES: SA37235: http://secunia.com/advisories/37235/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Dec 2 14:23:35 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 2 Dec 2009 23:23:35 +0100 Subject: [SEC] [SA37512] Gentoo update for openssl Message-ID: <200912022223.nB2MNZgi018549@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Gentoo update for openssl SECUNIA ADVISORY ID: SA37512 VERIFY ADVISORY: http://secunia.com/advisories/37512/ DESCRIPTION: Gentoo has issued an update for openssl. This fixes multiple vulnerabilities, which can be exploited by malicious people to manipulate certain data and to cause a DoS (Denial of Service). For more information: SA35128 SA37291 SOLUTION: Update to "dev-libs/openssl-0.9.8l-r2" or later. ORIGINAL ADVISORY: GLSA 200912-01: http://www.gentoo.org/security/en/glsa/glsa-200912-01.xml OTHER REFERENCES: SA35128: http://secunia.com/advisories/35128/ SA37291: http://secunia.com/advisories/37291/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From summary at secunia.com Thu Dec 3 07:55:58 2009 From: summary at secunia.com (Secunia) Date: Thu, 3 Dec 2009 16:55:58 +0100 Subject: [SEC] Secunia Weekly Summary - Issue: 2009-49 Message-ID: <200912031555.nB3FtwXn018335@CRON-IX-2.intnet> ======================================================================== The Secunia Weekly Advisory Summary 2009-11-26 - 2009-12-03 This week: 43 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4..................................................This Week in Numbers ======================================================================== 1) Word From Secunia: Fortune 500 companies turn to Secunia when a vulnerability poses a critical threat to their infrastructure, our Customer Support Center provides our customers the best support on how to eliminate vulnerability threats to avoid compromising network security. Do you have a provider you can contact when the threat is already in your network? Click here to learn more: http://secunia.com/advisories/business_solutions/ ======================================================================== 2) This Week in Brief: Secunia Research has discovered a vulnerability in Roxio Creator, which can be exploited by malicious people to potentially compromise a user's system. For more information, refer to: http://secunia.com/advisories/36069/ -- pyrokinesis has discovered a vulnerability in Adobe Illustrator, which can be exploited by malicious people to compromise a user's system. For more information, refer to: http://secunia.com/advisories/37563/ -- Some vulnerabilities have been reported in BlackBerry Enterprise Server and BlackBerry Professional Software, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information, refer to: http://secunia.com/advisories/37562/ ======================================================================== 3) This Weeks Top Ten Most Read Advisories: For more information on how to receive alerts on these vulnerabilities, subscribe to the Secunia business solutions: http://secunia.com/advisories/business_solutions/ 1. [SA37448] Internet Explorer Layout Handling Memory Corruption Vulnerability 2. [SA37318] Microsoft Windows Win32k Kernel-Mode Driver Multiple Vulnerabilities 3. [SA24314] Internet Explorer Charset Inheritance Cross-Site Scripting Vulnerability 4. [SA35948] Adobe Flash Player Multiple Vulnerabilities 5. [SA37314] Windows Web Services on Devices API Memory Corruption Vulnerability 6. [SA37273] Google Chrome Two Vulnerabilities 7. [SA36983] Adobe Reader/Acrobat Multiple Vulnerabilities 8. [SA37313] Apple Mac OS X Security Update Fixes Multiple Vulnerabilities 9. [SA37277] Microsoft Office Word File Information Block Parsing Buffer Overflow 10. [SA37309] Microsoft Windows Win32k Kernel-Mode Driver Privilege Escalation ======================================================================== 4) This Week in Numbers During the past week 43 Secunia Advisories have been released. All Secunia customers have received immediate notification on the alerts that affect their business. This weeks Secunia Advisories had the following spread across platforms and criticality ratings: Platforms: Windows : 5 Secunia Advisories Unix/Linux : 25 Secunia Advisories Other : 0 Secunia Advisories Cross platform : 13 Secunia Advisories Criticality Ratings: Extremely Critical : 0 Secunia Advisories Highly Critical : 7 Secunia Advisories Moderately Critical : 12 Secunia Advisories Less Critical : 24 Secunia Advisories Not Critical : 0 Secunia Advisories ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Subscribe: http://secunia.com/advisories/weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : support at secunia.com Tel : +45 70 20 51 44 Fax : +45 70 20 51 45 ======================================================================== To unsubscribe click following link: http://secunia.com/summary/unsubscribe/?email=caos-secbox%40lists.infiscale.org ======================================================================== From sec-adv at secunia.com Thu Dec 3 09:11:54 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 3 Dec 2009 18:11:54 +0100 Subject: [SEC] [SA37577] transfig ".fig" File Parsing Buffer Overflow Message-ID: <200912031711.nB3HBsBs007937@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: transfig ".fig" File Parsing Buffer Overflow SECUNIA ADVISORY ID: SA37577 VERIFY ADVISORY: http://secunia.com/advisories/37577/ DESCRIPTION: pedamachephepto liones has reported a vulnerability in transfig, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the "read_textobject()" function in fig2dev/read1_3.c. This can be exploited to cause a stack-based buffer overflow when a user is tricked to open a specially crafted .fig file with the "fig2dev" utility. Successful exploitation allows execution of arbitrary code. The vulnerability is reported in version 3.2.5a. Other versions may also be affected. SOLUTION: Do not process .fig files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: pedamachephepto liones ORIGINAL ADVISORY: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559274 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Dec 3 09:29:03 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 3 Dec 2009 18:29:03 +0100 Subject: [SEC] [SA37508] Joomla Kide Shoutbox Component Security Bypass Message-ID: <200912031729.nB3HT3Xn027812@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Joomla Kide Shoutbox Component Security Bypass SECUNIA ADVISORY ID: SA37508 VERIFY ADVISORY: http://secunia.com/advisories/37508/ DESCRIPTION: A security issue has been discovered in the Kide Shoutbox component for Joomla, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to improper authentication for posted messages. This can be exploited to bypass the "Only to registered users" configuration setting and post messages with an arbitrary user name via index.php (when "option" is set to "com_kide" and "task" is set to "insertar"). The vulnerability is confirmed in version 0.4.6. Other versions may also be vulnerable. SOLUTION: Do not rely on the product's user restriction. PROVIDED AND/OR DISCOVERED BY: An anonymous person ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Dec 3 09:46:01 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 3 Dec 2009 18:46:01 +0100 Subject: [SEC] [SA37571] Xfig ".fig" File Parsing Buffer Overflow Message-ID: <200912031746.nB3Hk1QY015257@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Xfig ".fig" File Parsing Buffer Overflow SECUNIA ADVISORY ID: SA37571 VERIFY ADVISORY: http://secunia.com/advisories/37571/ DESCRIPTION: pedamachephepto liones has discovered a vulnerability in Xfig, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the "read_1_3_textobject()" function in f_readold.c when parsing ".fig" files. This can be exploited to cause a stack-based buffer overflow when a user opens a specially crafted .fig file. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 3.2.5b. Other versions may also be affected. SOLUTION: Do not open ".fig" files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: pedamachephepto liones ORIGINAL ADVISORY: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559274 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Dec 3 10:02:54 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 3 Dec 2009 19:02:54 +0100 Subject: [SEC] [SA37544] FreeBSD OpenSSL TLS Session Renegotiation Plaintext Injection Vulnerability Message-ID: <200912031802.nB3I2sjL002717@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: FreeBSD OpenSSL TLS Session Renegotiation Plaintext Injection Vulnerability SECUNIA ADVISORY ID: SA37544 VERIFY ADVISORY: http://secunia.com/advisories/37544/ DESCRIPTION: FreeBSD has issued an update for openssl. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain data. For more information: SA37291 SOLUTION: Update FreeBSD or apply patch. 2009-12-03 09:18:40 UTC (RELENG_8, 8.0-STABLE) 2009-12-03 09:18:40 UTC (RELENG_8_0, 8.0-RELEASE-p1) 2009-12-03 09:18:40 UTC (RELENG_7, 7.2-STABLE) 2009-12-03 09:18:40 UTC (RELENG_7_2, 7.2-RELEASE-p5) 2009-12-03 09:18:40 UTC (RELENG_7_1, 7.1-RELEASE-p9) 2009-12-03 09:18:40 UTC (RELENG_6, 6.4-STABLE) 2009-12-03 09:18:40 UTC (RELENG_6_4, 6.4-RELEASE-p8) 2009-12-03 09:18:40 UTC (RELENG_6_3, 6.3-RELEASE-p14) Patch: http://security.FreeBSD.org/patches/SA-09:15/ssl.patch.asc ORIGINAL ADVISORY: http://security.freebsd.org/advisories/FreeBSD-SA-09:15.ssl.asc OTHER REFERENCES: SA37291: http://secunia.com/advisories/37291/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Dec 3 10:29:12 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 3 Dec 2009 19:29:12 +0100 Subject: [SEC] [SA37563] Adobe Illustrator Encapsulated Postscript Parsing Vulnerability Message-ID: <200912031829.nB3ITCGS022935@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Adobe Illustrator Encapsulated Postscript Parsing Vulnerability SECUNIA ADVISORY ID: SA37563 VERIFY ADVISORY: http://secunia.com/advisories/37563/ DESCRIPTION: pyrokinesis has discovered a vulnerability in Adobe Illustrator, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in the parsing of Encapsulated Postscript Files (.eps) and can be exploited to corrupt memory when a user opens a specially crafted .eps file. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version CS3 13.0.0 and CS4 14.0.0. Other versions may also be affected. SOLUTION: Do not open files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Nine:Situations:Group::pyrokinesis ORIGINAL ADVISORY: http://retrogod.altervista.org/9sg_adobe_illuso.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Dec 3 10:45:49 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 3 Dec 2009 19:45:49 +0100 Subject: [SEC] [SA37528] Slackware update for bind Message-ID: <200912031845.nB3IjnB8010365@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Slackware update for bind SECUNIA ADVISORY ID: SA37528 VERIFY ADVISORY: http://secunia.com/advisories/37528/ DESCRIPTION: Slackware has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to poison the DNS cache. For more information: SA37426 SOLUTION: Apply updated packages. Updated package for Slackware 8.1: ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/bind-9.4.3_P4-i386-1_slack8.1.tgz Updated package for Slackware 9.0: ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/bind-9.4.3_P4-i386-1_slack9.0.tgz Updated package for Slackware 9.1: ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/bind-9.4.3_P4-i486-1_slack9.1.tgz Updated package for Slackware 10.0: ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/bind-9.4.3_P4-i486-1_slack10.0.tgz Updated package for Slackware 10.1: ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/bind-9.4.3_P4-i486-1_slack10.1.tgz Updated package for Slackware 10.2: ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/bind-9.4.3_P4-i486-1_slack10.2.tgz Updated package for Slackware 11.0: ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/bind-9.4.3_P4-i486-1_slack11.0.tgz Updated package for Slackware 12.0: ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/bind-9.4.3_P4-i486-1_slack12.0.tgz Updated package for Slackware 12.1: ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/bind-9.4.3_P4-i486-1_slack12.1.tgz Updated package for Slackware 12.2: ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/bind-9.4.3_P4-i486-1_slack12.2.tgz Updated package for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bind-9.4.3_P4-i486-1_slack13.0.txz Updated package for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bind-9.4.3_P4-x86_64-1_slack13.0.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.4.3_P4-i486-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.4.3_P4-x86_64-1.txz ORIGINAL ADVISORY: SSA:2009-336-01: http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.583233 OTHER REFERENCES: SA37426: http://secunia.com/advisories/37426/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Dec 3 11:02:49 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 3 Dec 2009 20:02:49 +0100 Subject: [SEC] [SA37484] Cacti Cross-Site Request Forgery Message-ID: <200912031902.nB3J2njQ030253@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Cacti Cross-Site Request Forgery SECUNIA ADVISORY ID: SA37484 VERIFY ADVISORY: http://secunia.com/advisories/37484/ DESCRIPTION: A vulnerability has been discovered in Cacti, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. change graph view settings or create an arbitrary user with administrative privileges if a logged-in administrative user visits a malicious web site. The vulnerability is confirmed in version 0.8.7e. Other versions may also be affected. SOLUTION: Do not browse untrusted sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: Moritz Naumann ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/fulldisclosure/2009-11/0292.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Dec 3 11:29:06 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 3 Dec 2009 20:29:06 +0100 Subject: [SEC] [SA37521] SUSE update for kernel Message-ID: <200912031929.nB3JT6Hr018054@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: SUSE update for kernel SECUNIA ADVISORY ID: SA37521 VERIFY ADVISORY: http://secunia.com/advisories/37521/ DESCRIPTION: SUSE has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), potentially gain escalated privileges, disclose potentially sensitive information, and disclose certain system information, and by malicious people to cause a DoS (Denial of Service). For more information: SA36707 SA36927 SA37086 SA37233 SOLUTION: Apply updated packages via YaST Online Update or the SUSE FTP server. ORIGINAL ADVISORY: SUSE-SA:2009:060: http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00001.html OTHER REFERENCES: SA36707: http://secunia.com/advisories/36707/ SA36927: http://secunia.com/advisories/36927/ SA37086: http://secunia.com/advisories/37086/ SA37233: http://secunia.com/advisories/37233/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Dec 3 11:45:48 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 3 Dec 2009 20:45:48 +0100 Subject: [SEC] [SA37573] Drupal Taxonomy Timer Module SQL Injection Vulnerability Message-ID: <200912031945.nB3JjmCC005487@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Drupal Taxonomy Timer Module SQL Injection Vulnerability SECUNIA ADVISORY ID: SA37573 VERIFY ADVISORY: http://secunia.com/advisories/37573/ DESCRIPTION: Some vulnerabilities have been reported in the Taxonomy Timer module for Drupal, which can be exploited by malicious users to conduct SQL injection attacks. Certain input passed to unspecified parameters is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in version prior to 5.x-1.9 and 6.x-1.0-rc1. SOLUTION: Taxonomy Timer module 5.x: Update to version 5.x-1.9. http://drupal.org/node/641050 Taxonomy Timer module 6.x: Update to version 6.x-1.0-rc1. http://drupal.org/node/641064 PROVIDED AND/OR DISCOVERED BY: The vendor credits Dylan Wilder-Tack. ORIGINAL ADVISORY: SA-CONTRIB-2009-110: http://drupal.org/node/649396 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Dec 3 12:02:55 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 3 Dec 2009 21:02:55 +0100 Subject: [SEC] [SA37569] Debian update for openldap Message-ID: <200912032002.nB3K2tLO025377@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Debian update for openldap SECUNIA ADVISORY ID: SA37569 VERIFY ADVISORY: http://secunia.com/advisories/37569/ DESCRIPTION: Debian has issued an update for openldap. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks. The vulnerability is caused due to an error when processing X.509 certificates containing NULL ('\0') characters embedded in certain certificate fields and can be exploited to spoof certificates for legitimate domains. SOLUTION: Apply updated packages. -- Debian GNU/Linux 4.0 (etch) -- Source: http://security.debian.org/pool/updates/main/o/openldap2.3/openldap2.3_2.3.30.orig.tar.gz http://security.debian.org/pool/updates/main/o/openldap2.3/openldap2.3_2.3.30-5+etch3.dsc http://security.debian.org/pool/updates/main/o/openldap2.3/openldap2.3_2.3.30-5+etch3.diff.gz Alpha: http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_alpha.deb http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_alpha.deb http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_alpha.deb AMD64: http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_amd64.deb http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_amd64.deb http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_amd64.deb ARM: http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_arm.deb http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_arm.deb http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_arm.deb HP Precision: http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_hppa.deb http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_hppa.deb http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_hppa.deb Intel IA-32: http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_i386.deb http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_i386.deb http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_i386.deb Intel IA-64: http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_ia64.deb http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_ia64.deb http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_ia64.deb Big-endian MIPS: http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_mips.deb http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_mips.deb http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_mips.deb Little-endian MIPS: http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_mipsel.deb http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_mipsel.deb http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_mipsel.deb PowerPC: http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_powerpc.deb http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_powerpc.deb http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_powerpc.deb IBM S/390: http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_s390.deb http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_s390.deb http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_s390.deb Sun Sparc: http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_sparc.deb http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_sparc.deb http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_sparc.deb -- Debian GNU/Linux 5.0 (lenny) -- mips, mipsel, powerpc, s390 and sparc. Source: http://security.debian.org/pool/updates/main/o/openldap/openldap_2.4.11-1+lenny1.diff.gz http://security.debian.org/pool/updates/main/o/openldap/openldap_2.4.11-1+lenny1.dsc http://security.debian.org/pool/updates/main/o/openldap/openldap_2.4.11.orig.tar.gz Alpha: http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny1_alpha.deb http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny1_alpha.deb http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny1_alpha.deb http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny1_alpha.deb http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny1_alpha.deb http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny1_alpha.deb AMD64: http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny1_amd64.deb http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny1_amd64.deb http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny1_amd64.deb http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny1_amd64.deb http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny1_amd64.deb http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny1_amd64.deb ARM: http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny1_arm.deb http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny1_arm.deb http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny1_arm.deb http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny1_arm.deb http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny1_arm.deb http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny1_arm.deb HP Precision: http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny1_hppa.deb http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny1_hppa.deb http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny1_hppa.deb http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny1_hppa.deb http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny1_hppa.deb http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny1_hppa.deb Intel IA-32: http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny1_i386.deb http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny1_i386.deb http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny1_i386.deb http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny1_i386.deb http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny1_i386.deb http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny1_i386.deb Intel IA-64: http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny1_ia64.deb http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny1_ia64.deb http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny1_ia64.deb http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny1_ia64.deb http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny1_ia64.deb http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny1_ia64.deb Big-endian MIPS: http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny1_mips.deb http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny1_mips.deb http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny1_mips.deb http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny1_mips.deb http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny1_mips.deb http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny1_mips.deb PowerPC: http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny1_powerpc.deb http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny1_powerpc.deb http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny1_powerpc.deb http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny1_powerpc.deb http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny1_powerpc.deb http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny1_powerpc.deb Sun Sparc: http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny1_sparc.deb http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny1_sparc.deb http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny1_sparc.deb http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny1_sparc.deb http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny1_sparc.deb http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny1_sparc.deb ORIGINAL ADVISORY: DSA-1943-1: http://www.debian.org/security/2009/dsa-1943 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Dec 3 12:29:13 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 3 Dec 2009 21:29:13 +0100 Subject: [SEC] [SA37566] Sun Products NSS TLS Session Renegotiation Plaintext Injection Vulnerability Message-ID: <200912032029.nB3KTDEr013175@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Sun Products NSS TLS Session Renegotiation Plaintext Injection Vulnerability SECUNIA ADVISORY ID: SA37566 VERIFY ADVISORY: http://secunia.com/advisories/37566/ DESCRIPTION: Sun has acknowledged a vulnerability in Sun Solaris and Sun Java Enterprise System, which can be exploited by malicious people to manipulate certain data. For more information: SA37291 SOLUTION: The vulnerability is fixed in the following applications, which do not rely on TLS session renegotiation: -- Linux -- Sun Java Enterprise System 2005Q4 and Sun Java Enterprise System 5 (for RHEL2.1 and RHEL3.0): Apply patch 142506-03 or later Sun Java Enterprise System 5 (for RHEL4.0 and RHEL5.0): Apply patch 121656-21 or later -- HP-UX -- Sun Java Enterprise System 2005Q4 and Sun Java Enterprise System 5: Apply patch 124379-12 or later -- Windows -- Sun Java Enterprise System 2005Q4: Apply patch 124392-11 or later Sun Java Enterprise System 5: Apply patch 125923-10 or later Preliminary Temporary Patches have been released for the following applications, which disables TLS session renegotiation: http://sunsolve.sun.com/tpatches -- SPARC Platform -- Solaris 8: T-Patch T119209-22 Solaris 9: T-Patch T119211-22 Solaris 10: T-Patch T119213-21 Sun Java Enterprise System 5 (for Solaris 8, Solaris 9, and Solaris 10): T-Patch T125358-10 -- X86 Platform -- Solaris 9: T-Patch T119212-22 Solaris 10: T-Patch T119214-21 Sun Java Enterprise System 5 (for Solaris 8, Solaris 9, and Solaris 10): T-Patch T125359-10 ORIGINAL ADVISORY: http://sunsolve.sun.com/search/document.do?assetkey=1-66-273350-1 OTHER REFERENCES: SA37291: http://secunia.com/SA37291/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Dec 3 12:45:48 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 3 Dec 2009 21:45:48 +0100 Subject: [SEC] [SA37574] Sun Java System Portal Server Gateway Cross-Site Scripting Vulnerabilities Message-ID: <200912032045.nB3Kjmpp000557@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Sun Java System Portal Server Gateway Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA37574 VERIFY ADVISORY: http://secunia.com/advisories/37574/ DESCRIPTION: Some vulnerabilities have been reported in Sun Java System Portal Server, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via unspecified parameters to the Gateway component is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in versions 6.3.1, 7.1, and 7.2. SOLUTION: Apply Patches. -- SPARC Platform -- Sun Java System Portal Server 6.3.1 (for Solaris 8, 9, and 10): Apply patch 118950-39 or later. Sun Java System Portal Server 7.1 (for Solaris 9 and 10): Apply patch 124301-14 or later. Sun Java System Portal Server 7.2 (for Solaris 9 and 10): Apply patch 138686-04 or later. -- x86 Platform -- Sun Java System Portal Server 6.3.1 (for Solaris 8, 9 and, 10): Apply patch 118951-39 or later. Sun Java System Portal Server 7.1 (for Solaris 9 and 10): Apply patch 124302-14 or later. Sun Java System Portal Server 7.2 (for Solaris 9 and 10): Apply patch 138687-04 or later. -- Linux -- Sun Java System Portal Server 6.3.1: Apply patch 118952-39 or later. Sun Java System Portal Server 7.1: Apply patch 124303-14 or later. Sun Java System Portal Server 7.2: Apply patch 138688-04 or later. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://sunsolve.sun.com/search/document.do?assetkey=1-66-269368-1 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Dec 3 13:02:45 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 3 Dec 2009 22:02:45 +0100 Subject: [SEC] [SA37545] IBM WebSphere Application Server for z/OS Multiple Vulnerabilities Message-ID: <200912032102.nB3L2jir020495@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: IBM WebSphere Application Server for z/OS Multiple Vulnerabilities SECUNIA ADVISORY ID: SA37545 VERIFY ADVISORY: http://secunia.com/advisories/37545/ DESCRIPTION: A weakness and some vulnerabilities have been reported in IBM WebSphere Application Server for z/OS, which can be exploited by malicious people to manipulate certain data, cause a DoS (Denial of Service), or compromise a vulnerable system. 1) A weakness in the IBM HTTP Server can be exploited by malicious people to cause a DoS. For more information: SA35781 2) Some vulnerabilities are caused due to the IBM HTTP Server including a vulnerable Apache Portable Runtime version. For more information: SA37050 3) A vulnerability is caused due to a NULL pointer dereference error within mod_proxy_ftp when processing responses received from FTP servers. For more information: SA37116 4) A vulnerability is caused due to an error in the TLS protocol while handling session re-negotiations. For more information: SA37291 SOLUTION: Apply APAR PK96157. http://www-01.ibm.com/support/docview.wss?uid=swg1PK96157 APAR PK96157 is currently targeted for inclusion in Service Level (Fix Pack) 6.0.2.39. ORIGINAL ADVISORY: IBM (PK91361, PK93225, PK96858, PM00765): http://www-01.ibm.com/support/docview.wss?uid=swg1PK96157 OTHER REFERENCES: SA35781: http://secunia.com/advisories/35781/ SA37050: http://secunia.com/advisories/37050/ SA37116: http://secunia.com/advisories/37116/ SA37291: http://secunia.com/advisories/37291/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Dec 3 13:29:19 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 3 Dec 2009 22:29:19 +0100 Subject: [SEC] [SA37575] FreeBSD freebsd-update Insecure Directory Permissions Message-ID: <200912032129.nB3LTJix008300@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: FreeBSD freebsd-update Insecure Directory Permissions SECUNIA ADVISORY ID: SA37575 VERIFY ADVISORY: http://secunia.com/advisories/37575/ DESCRIPTION: A security issue has been reported in FreeBSD, which can be exploited by malicious, local users to disclose potentially sensitive information. The security issue is caused due to the freebsd-update utility not properly restricting read access to it's working directory (/var/db/freebsd-update by default), which can be exploited to e.g. access a backup of the master password file. SOLUTION: Update FreeBSD or apply patch. 2009-12-03 09:18:40 UTC (RELENG_8, 8.0-STABLE) 2009-12-03 09:18:40 UTC (RELENG_8_0, 8.0-RELEASE-p1) 2009-12-03 09:18:40 UTC (RELENG_7, 7.2-STABLE) 2009-12-03 09:18:40 UTC (RELENG_7_2, 7.2-RELEASE-p5) 2009-12-03 09:18:40 UTC (RELENG_7_1, 7.1-RELEASE-p9) 2009-12-03 09:18:40 UTC (RELENG_6, 6.4-STABLE) 2009-12-03 09:18:40 UTC (RELENG_6_4, 6.4-RELEASE-p8) 2009-12-03 09:18:40 UTC (RELENG_6_3, 6.3-RELEASE-p14) Patch: http://security.FreeBSD.org/patches/SA-09:17/freebsd-update.patch.asc PROVIDED AND/OR DISCOVERED BY: KAMADA Ken'ichi ORIGINAL ADVISORY: http://security.freebsd.org/advisories/FreeBSD-SA-09:17.freebsd-update.asc ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Dec 3 13:45:45 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 3 Dec 2009 22:45:45 +0100 Subject: [SEC] [SA37527] Golden FTP Server "DELE" Command Directory Traversal Vulnerability Message-ID: <200912032145.nB3LjjNY028148@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Golden FTP Server "DELE" Command Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA37527 VERIFY ADVISORY: http://secunia.com/advisories/37527/ DESCRIPTION: A vulnerability has been discovered in Golden FTP Server, which can be exploited by malicious users to delete arbitrary files. The vulnerability is caused due to an input validation error making it possible to escape the FTP root and delete arbitrary files on the system via directory traversal attacks. Successful exploitation requires that the user has been granted full control (not enabled by default) to an accessible share folder. The vulnerability is confirmed in version 4.50 of both the free and Pro branches. Other versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: sharpe ORIGINAL ADVISORY: http://packetstormsecurity.org/0912-exploits/goldenftp-delete.txt ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Dec 3 14:03:01 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 3 Dec 2009 23:03:01 +0100 Subject: [SEC] [SA37539] Fedora update for wget Message-ID: <200912032203.nB3M31ZG015623@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Fedora update for wget SECUNIA ADVISORY ID: SA37539 VERIFY ADVISORY: http://secunia.com/advisories/37539/ DESCRIPTION: Fedora has issued an update for wget. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks. For more information: SA36540 SOLUTION: Apply updated packages via the yum utility ("yum update wget"). ORIGINAL ADVISORY: FEDORA-2009-11739: https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00281.html FEDORA-2009-11740: https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00215.html FEDORA-2009-11836: https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00211.html OTHER REFERENCES: SA36540: http://secunia.com/advisories/36540/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Dec 3 14:23:37 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 3 Dec 2009 23:23:37 +0100 Subject: [SEC] [SA37538] Fedora update for libsndfile Message-ID: <200912032223.nB3MNbDq003205@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Fedora update for libsndfile SECUNIA ADVISORY ID: SA37538 VERIFY ADVISORY: http://secunia.com/advisories/37538/ DESCRIPTION: Fedora has issued an update for libsndfile. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise an application using the library. For more information: SA33980 SA35076 SOLUTION: Apply updated packages via the yum utility ("yum update libsndfile"). ORIGINAL ADVISORY: FEDORA-2009-11499: https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00238.html FEDORA-2009-11618: https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00251.html OTHER REFERENCES: SA33980: http://secunia.com/advisories/33980/ SA35076: http://secunia.com/advisories/35076/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Dec 4 09:11:46 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 4 Dec 2009 18:11:46 +0100 Subject: [SEC] [SA37583] Ubuntu update for qemu-kvm Message-ID: <200912041711.nB4HBkTc032672@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Ubuntu update for qemu-kvm SECUNIA ADVISORY ID: SA37583 VERIFY ADVISORY: http://secunia.com/advisories/37583/ DESCRIPTION: Ubuntu has issued an update for qemu-kvm. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to the application not correctly setting up virtio networking features for the guest operating systems. This can be exploited to crash the guest operating systems by sending large amounts of data on open ports. SOLUTION: Apply updated packages. -- Ubuntu 9.10 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/q/qemu-kvm/qemu-kvm_0.11.0-0ubuntu6.3.diff.gz Size/MD5: 48984 14fa43af0ed17b918c50803f91b1480d http://security.ubuntu.com/ubuntu/pool/main/q/qemu-kvm/qemu-kvm_0.11.0-0ubuntu6.3.dsc Size/MD5: 1377 18f25eed2408085a81ad70f39d74a835 http://security.ubuntu.com/ubuntu/pool/main/q/qemu-kvm/qemu-kvm_0.11.0.orig.tar.gz Size/MD5: 4382897 440837a062967102a68e634d57eaf719 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/q/qemu-kvm/kvm_84+dfsg-0ubuntu16+0.11.0+0ubuntu6.3_amd64.deb Size/MD5: 9106 b15b1b8a62f13822a3932abd54a5f924 http://security.ubuntu.com/ubuntu/pool/main/q/qemu-kvm/qemu-kvm_0.11.0-0ubuntu6.3_amd64.deb Size/MD5: 2813520 49b26fe83d6c4a5c9befd6716a3431a9 http://security.ubuntu.com/ubuntu/pool/universe/q/qemu-kvm/qemu-arm-static_0.11.0-0ubuntu6.3_amd64.deb Size/MD5: 636074 d9f0b9d5ff621c8b56b9fca53c0ae5d2 http://security.ubuntu.com/ubuntu/pool/universe/q/qemu-kvm/qemu-kvm-extras_0.11.0-0ubuntu6.3_amd64.deb Size/MD5: 15469258 dd6a9beb5c7d51b43785df232a3a3c40 http://security.ubuntu.com/ubuntu/pool/universe/q/qemu-kvm/qemu_0.11.0-0ubuntu6.3_amd64.deb Size/MD5: 8560 2bb181fcf769aafd08d26aa531bb24a4 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/q/qemu-kvm/kvm_84+dfsg-0ubuntu16+0.11.0+0ubuntu6.3_i386.deb Size/MD5: 9104 0a0a8a786ad29625fe5aa3de79c5cd98 http://security.ubuntu.com/ubuntu/pool/main/q/qemu-kvm/qemu-kvm_0.11.0-0ubuntu6.3_i386.deb Size/MD5: 2592100 3023e22d5e6b3ff51fcf3641cd039e93 http://security.ubuntu.com/ubuntu/pool/universe/q/qemu-kvm/qemu-arm-static_0.11.0-0ubuntu6.3_i386.deb Size/MD5: 558556 5d369da01ec40b1d79b7e015d9982302 http://security.ubuntu.com/ubuntu/pool/universe/q/qemu-kvm/qemu-kvm-extras_0.11.0-0ubuntu6.3_i386.deb Size/MD5: 13984728 5464f6de725b919cdb4bd7252d221016 http://security.ubuntu.com/ubuntu/pool/universe/q/qemu-kvm/qemu_0.11.0-0ubuntu6.3_i386.deb Size/MD5: 8562 3e34c884aff529f95a2975cdb08b2723 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/q/qemu-kvm/kvm_84+dfsg-0ubuntu16+0.11.0+0ubuntu6.3_lpia.deb Size/MD5: 9104 156a8ede19f2d65929e73f119415f1b7 http://ports.ubuntu.com/pool/main/q/qemu-kvm/qemu-kvm_0.11.0-0ubuntu6.3_lpia.deb Size/MD5: 2621316 02b4e9168fdacc9ab8955de557c64a7d http://ports.ubuntu.com/pool/universe/q/qemu-kvm/qemu-arm-static_0.11.0-0ubuntu6.3_lpia.deb Size/MD5: 578522 eb5a953dc2d59c2893656467bc879c25 http://ports.ubuntu.com/pool/universe/q/qemu-kvm/qemu-kvm-extras_0.11.0-0ubuntu6.3_lpia.deb Size/MD5: 14110238 ee2d23ca2c7d25f37e5cb4d315730ad4 http://ports.ubuntu.com/pool/universe/q/qemu-kvm/qemu_0.11.0-0ubuntu6.3_lpia.deb Size/MD5: 8560 7c2df17d8e67444172c9093c28a01d71 ORIGINAL ADVISORY: USN-863-1: http://www.ubuntu.com/usn/USN-863-1 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Dec 4 09:29:06 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 4 Dec 2009 18:29:06 +0100 Subject: [SEC] [SA37591] Jasc Paint Shop Pro PNG Buffer Overflow Vulnerability Message-ID: <200912041729.nB4HT63u020138@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Jasc Paint Shop Pro PNG Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA37591 VERIFY ADVISORY: http://secunia.com/advisories/37591/ DESCRIPTION: fl0 fl0w has discovered a vulnerability in Jasc Paint Shop Pro, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the processing of PNG files. This can be exploited to cause a stack-based buffer overflow when a PNG file with e.g. a specially crafted "pHYs" chunk is opened. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 8.10. Other versions may also be affected. SOLUTION: Do not open files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: fl0 fl0w ORIGINAL ADVISORY: http://aluigi.freeforums.org/post8780.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Dec 4 09:45:56 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 4 Dec 2009 18:45:56 +0100 Subject: [SEC] [SA37525] Joomla YJ Whois Module Cross-Site Scripting Vulnerability Message-ID: <200912041745.nB4HjudG007573@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Joomla YJ Whois Module Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA37525 VERIFY ADVISORY: http://secunia.com/advisories/37525/ DESCRIPTION: andresg888 has discovered a vulnerability in YJ Whois module for Joomla, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed in a HTTP POST request via the "domain" form field to index.php (when form field "top_com" is set to "on" and "submitBtn" is set to "Check") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 1.0. Prior versions may also be affected. SOLUTION: Update to version 1.1. PROVIDED AND/OR DISCOVERED BY: andresg888 ORIGINAL ADVISORY: Joomla YJ: http://extensions.joomla.org/extensions/external-contents/domain-search/5774 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Dec 4 10:02:59 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 4 Dec 2009 19:02:59 +0100 Subject: [SEC] [SA37557] Simple Machines Forum Cross-Site Request Forgery Message-ID: <200912041802.nB4I2xZ4027458@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Simple Machines Forum Cross-Site Request Forgery SECUNIA ADVISORY ID: SA37557 VERIFY ADVISORY: http://secunia.com/advisories/37557/ DESCRIPTION: Some vulnerabilities have been discovered in Simple Machines Forum, which can be exploited by malicious users and malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the request. This can be exploited to e.g. perform certain administrative actions when a logged-in user visits a malicious site. Successful exploitation allows e.g. to delete package servers, conduct script insertion attacks via censor lists and package manager, and execute arbitrary PHP code by uploading arbitrary modules, but requires a valid user account. The vulnerabilities are confirmed in version 1.1.10. Other versions may also be affected. SOLUTION: Update to version 1.1.11 PROVIDED AND/OR DISCOVERED BY: SimpleAudit team ORIGINAL ADVISORY: http://code.google.com/p/smf2-review/issues/detail?id=10 http://code.google.com/p/smf2-review/issues/detail?id=11 http://code.google.com/p/smf2-review/issues/detail?id=17 http://code.google.com/p/smf2-review/issues/detail?id=42 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Dec 4 10:29:24 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 4 Dec 2009 19:29:24 +0100 Subject: [SEC] [SA37576] Uiga Church Portal Multiple Vulnerabilities Message-ID: <200912041829.nB4ITOh8015259@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Uiga Church Portal Multiple Vulnerabilities SECUNIA ADVISORY ID: SA37576 VERIFY ADVISORY: http://secunia.com/advisories/37576/ DESCRIPTION: Nac Mac Feegle has discovered multiple vulnerabilities in Uiga Church Portal, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting, script insertion, and SQL injection attacks, bypass certain security restrictions, and compromise a vulnerable system. 1) Input passed to the "file_photo_name" parameter in admin/bible/biblegallery.php, admin/lifegroups/lifegallery.php, admin/minutes/minutesgallery.php, and admin/multimedia/multimediagallery.php, the "checkbox" parameter in admin/news/newsend.php and admin/news/testing.php, the "script[]" parameter in admin/news/userlist.php, admin/upload/userlist.php, and head.php, the "file_name" parameter in admin/photos/gallery.php and gallery.php, the "checkbox[]" and "message" parameters in admin/special.php, the "pagetitle" parameter in admin/template.php and include/template.php, the "img" parameter in anniv.php and famday.php, the "username", "photo_main", "title_desc", "par", "par1", "par2", and "par3" parameters in archivedetails.php and ar_det.php, the "email_from", "name_from", "telephone" and "message" parameters in contact.php, the "title_desc", "photo_main", "par1", "par2", "par3", and "username" parameters in exhortation.php, the "script[]" and "pagetitle" parameters in head2.php, the "pagetitle" parameter in template.php, the "case" parameter in login2.php, the "file_photo_name" parameter in multimediagallery.php, the "error" parameter in admin/user/modify.php, the "id" parameter in admin/time_date.php, the "id", "event_time", "event_name", "event_id", and "event_desc" parameters in admin/editevent.php, the "delete_id" parameter in admin/calendar.php, the "id", "a_title", and "a_details" parameters in admin/announcements/modifynews.php, the "cid", "image", cat_name", and "cat_desc" parameter in admin/photos/editcat.php, the "par", "par1", "par2", "par3", "title_desc", and "username" parameter in admin/exhortation/exhoredit.php, the "box" paremeter in admin/photos/edit.php, the "cid", "bib_name", and "bib_image" parameters in admin/bible/editcat.php, the "cid", "music_name", and "music_image" parameters in admin/music/editcat.php, the "cid", "mul_name", and "mul_image" parameters in admin/multimedia/editcat.php, the "cid", "life_name", and "life_image" parameters in admin/lifegroups/editcat.php, the "id" parameter in testimonisview.php, the "delete" parameter in admin/lifegroups/lifegroups.php, the "id" and "min_name" parameters in admin/minutes/upload.php, the "id" and "mul_name" parameters in admin/multimedia/upload.php, the "delete" parameter in admin/music/music.php, the "list" and "user_id" parameters in admin/news/uploadfile.php, the "id" and "cat_name" parameters in admin/photos/upload.php, the "txtuser" and "txtpassword" parameters in login2.php and admin/login.php, the "testi_image", "testi_name", "testi_des1", "testi_des2", "testi_des3", "testi_des4", "testi_des5", "testi_des6", "testi_des7", and "testi_complete" parameters in testimoniesview.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the URL to gallery.php, multimediagallery.php, and to the "filepaging()" and "paging_update()" functions in library/functions.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 3) Input passed to the "id" parameter in download.php, downloadlife.php, downloadminutes.php, downloadmultimedia.php, downloadmusic.php, multimediagallery.php, photoview.php, testimoniesview.php, and gallery.php, the "view" parameter in archivedetails.php, the "day", "month", and "year" parameters in events.php, the "offset" parameter in gallery.php, multimediagallery.php, and a_detail.php, the "media" parameter in "multimediaview.php, the "delete" parameter in music.php, and the "exhort" parameter in ar_det.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 4) Input passed to the "content" parameter in admin/template.php and include/template.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local or external resources. 5) Input passed to the "bib_image" and "id" parameters in download.php, the "life_image" parameter in downloadlife.php, the "min_image" parameter in downloadminutes.php, the "mul_image" and "id" parameters in downloadmultimedia.php, and the "music_image" and "id" parameters in downloadmusic.php is not properly verified before being used to download files. This can be exploited to e.g. download arbitrary files via directory traversal attacks. 6) The application does not properly restrict access to the admin/bible/biblegallery.php, admin/lifegroups/lifegallery.php, admin/minutes/minutesgallery.php, admin/multimedia/multimediagallery.php, admin/news/mail.php, admin/news/processUpload.php, admin/photos/gallery.php, admin/upload/download.php, admin/upload/processUpload.php, admin/user/download.php, and admin/user/processUpload.php scripts. This can be exploited to e.g. conduct SQL injection attacks or upload and execute malicious PHP files. 7) A backdoor exists in the application (admin/news/error.php) and can be exploited to e.g. execute arbitrary shell commands. 8) The "checkClientUser()" function does not properly check for valid user sessions, which can be exploited to bypass the authentication mechanism. 9) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the request. This can be exploited to perform actions with the privileges of a target user, who is tricked into visiting a malicious website. 10) Input passed via the "txtname", "txtcontact", or "txtevents" to special_event.php is not properly sanitised before being displayed to the user. This can be exploited to inject arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is viewed. 11) The application does not properly restrict access to multimediaview.php and ar_det.php, which can be exploited to access restricted content without valid user credentials. The vulnerabilities are confirmed in a version downloaded on 2009-12-04. Other versions may also be affected. SOLUTION: Use another product. PROVIDED AND/OR DISCOVERED BY: Nac Mac Feegle ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Dec 4 10:45:59 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 4 Dec 2009 19:45:59 +0100 Subject: [SEC] [SA37595] Red Hat update for kernel Message-ID: <200912041845.nB4IjxG1002685@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Red Hat update for kernel SECUNIA ADVISORY ID: SA37595 VERIFY ADVISORY: http://secunia.com/advisories/37595/ DESCRIPTION: Red Hat has issued an update for the kernel. This fixes some security issues and a vulnerability, which can be exploited by malicious, local users to manipulate certain data, cause a DoS (Denial of Service), or gain escalated privileges. 1) Two security issues are caused due to insecure permission for certain mageraid_sas driver attributes. For more information: SA32320 SA37590 2) A null pointer dereference error in the NFSv4 implementation can potentially be exploited to cause a DoS or gain escalated privileges on systems with a mounted NFSv4 share. SOLUTION: Updated packages are available via Red Hat Network. http://rhn.redhat.com ORIGINAL ADVISORY: https://rhn.redhat.com/errata/RHSA-2009-1635.html OTHER REFERENCES: SA32320: http://secunia.com/advisories/32320/ SA37590: http://secunia.com/advisories/37590/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Dec 4 11:03:09 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 4 Dec 2009 20:03:09 +0100 Subject: [SEC] [SA37514] Micronet SP1910 Network Access Controller "msg" Cross-Site Scripting Message-ID: <200912041903.nB4J39vG022579@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Micronet SP1910 Network Access Controller "msg" Cross-Site Scripting SECUNIA ADVISORY ID: SA37514 VERIFY ADVISORY: http://secunia.com/advisories/37514/ DESCRIPTION: K053 has reported a vulnerability in Micronet SP1910 Network Access Controller, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "msg" parameter (when "uname" is set) to the loginpages/error_user.shtml script is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected application. SOLUTION: Filter malicious characters and character sequences in a proxy. PROVIDED AND/OR DISCOVERED BY: K053 ORIGINAL ADVISORY: http://packetstormsecurity.org/0911-exploits/micronet-xss.txt ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Dec 4 11:29:27 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 4 Dec 2009 20:29:27 +0100 Subject: [SEC] [SA37587] Debian update for gforge Message-ID: <200912041929.nB4JTRQw010372@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Debian update for gforge SECUNIA ADVISORY ID: SA37587 VERIFY ADVISORY: http://secunia.com/advisories/37587/ DESCRIPTION: Debian has issued an update for gforge. This fixes a security issue, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The security issue is caused due to certain files being created in an insecure manner. This can be exploited via symlink attacks to overwrite arbitrary files in context of an affected application. SOLUTION: Apply updated packages. -- Debian GNU/Linux 4.0 alias etch -- Source archives: http://security.debian.org/pool/updates/main/g/gforge/gforge_4.5.14-22etch13.dsc Size/MD5 checksum: 953 a170b517b1d68ca0ad53a1b8b03c3317 http://security.debian.org/pool/updates/main/g/gforge/gforge_4.5.14.orig.tar.gz Size/MD5 checksum: 2161141 e85f82eff84ee073f80a2a52dd32c8a5 http://security.debian.org/pool/updates/main/g/gforge/gforge_4.5.14-22etch13.diff.gz Size/MD5 checksum: 204328 33081d2f6a0056b31091360db3002a9f Architecture independent packages: http://security.debian.org/pool/updates/main/g/gforge/gforge-shell-ldap_4.5.14-22etch13_all.deb Size/MD5 checksum: 86628 c6b62116a819fa9033335acae8df867d http://security.debian.org/pool/updates/main/g/gforge/gforge-common_4.5.14-22etch13_all.deb Size/MD5 checksum: 1012268 78dfb2931853c3f89d233cc9510199f2 http://security.debian.org/pool/updates/main/g/gforge/gforge-db-postgresql_4.5.14-22etch13_all.deb Size/MD5 checksum: 212786 1bc973b449b07020fbef4519fc8e074e http://security.debian.org/pool/updates/main/g/gforge/gforge-web-apache_4.5.14-22etch13_all.deb Size/MD5 checksum: 705446 286aba34673375cb8763765fd241d791 http://security.debian.org/pool/updates/main/g/gforge/gforge-ftp-proftpd_4.5.14-22etch13_all.deb Size/MD5 checksum: 86344 394f14f010e9de88145cc3251e7e8982 http://security.debian.org/pool/updates/main/g/gforge/gforge_4.5.14-22etch13_all.deb Size/MD5 checksum: 80562 52133da4596347d8c05e37643a959435 http://security.debian.org/pool/updates/main/g/gforge/gforge-mta-postfix_4.5.14-22etch13_all.deb Size/MD5 checksum: 88808 72ad3b9f7d9d1f8732551a99b5e74471 http://security.debian.org/pool/updates/main/g/gforge/gforge-mta-courier_4.5.14-22etch13_all.deb Size/MD5 checksum: 76368 c7ba219bac6560994c07dfb639801c99 http://security.debian.org/pool/updates/main/g/gforge/gforge-mta-exim4_4.5.14-22etch13_all.deb Size/MD5 checksum: 89414 095ca81a4671193cd5d822e967d36684 http://security.debian.org/pool/updates/main/g/gforge/gforge-shell-postgresql_4.5.14-22etch13_all.deb Size/MD5 checksum: 87434 8d960c7671eac2a480a43cd948a98d7d http://security.debian.org/pool/updates/main/g/gforge/gforge-mta-exim_4.5.14-22etch13_all.deb Size/MD5 checksum: 88904 8d3692ecc555ca40558d50333bf543a9 http://security.debian.org/pool/updates/main/g/gforge/gforge-lists-mailman_4.5.14-22etch13_all.deb Size/MD5 checksum: 82386 3bc6d055f6eb74edfd23ca8dbfb8fa3e http://security.debian.org/pool/updates/main/g/gforge/gforge-ldap-openldap_4.5.14-22etch13_all.deb Size/MD5 checksum: 95738 beee5393efe02def8071a78a3707244c http://security.debian.org/pool/updates/main/g/gforge/gforge-dns-bind9_4.5.14-22etch13_all.deb Size/MD5 checksum: 104062 a70e01f8055201519b14718555023abb -- Debian GNU/Linux 5.0 alias lenny -- Source archives: http://security.debian.org/pool/updates/main/g/gforge/gforge_4.7~rc2-7lenny3.diff.gz Size/MD5 checksum: 106204 cd0b909a3d31bc9a0649a6f16bd54478 http://security.debian.org/pool/updates/main/g/gforge/gforge_4.7~rc2-7lenny3.dsc Size/MD5 checksum: 1487 24e0ca65d2b17abd34328dd21994dd9a http://security.debian.org/pool/updates/main/g/gforge/gforge_4.7~rc2.orig.tar.gz Size/MD5 checksum: 10225404 bd24808ce79363d4c7c529778f6f5324 Architecture independent packages: http://security.debian.org/pool/updates/main/g/gforge/gforge-plugin-mediawiki_4.7~rc2-7lenny3_all.deb Size/MD5 checksum: 213590 e252b1c97bda1c020e89c30e5faacac8 http://security.debian.org/pool/updates/main/g/gforge/gforge-dns-bind9_4.7~rc2-7lenny3_all.deb Size/MD5 checksum: 106960 acdbec4148e84ccfaf6993cbbddf9dd2 http://security.debian.org/pool/updates/main/g/gforge/gforge-mta-courier_4.7~rc2-7lenny3_all.deb Size/MD5 checksum: 88822 cbc85f52ffca569001a0bb7b0ec8d3dc http://security.debian.org/pool/updates/main/g/gforge/gforge-shell-postgresql_4.7~rc2-7lenny3_all.deb Size/MD5 checksum: 95136 452be3de57f17866b0de3d3f19c0072f http://security.debian.org/pool/updates/main/g/gforge/gforge-common_4.7~rc2-7lenny3_all.deb Size/MD5 checksum: 1112248 25679e24ad18e5a910a8d43808ebac13 http://security.debian.org/pool/updates/main/g/gforge/gforge-db-postgresql_4.7~rc2-7lenny3_all.deb Size/MD5 checksum: 231056 3523089618564cec5703a4f8bf8eaa6e http://security.debian.org/pool/updates/main/g/gforge/gforge-mta-postfix_4.7~rc2-7lenny3_all.deb Size/MD5 checksum: 101588 30efdc5330cf09bf91afb2fe12c58db3 http://security.debian.org/pool/updates/main/g/gforge/gforge-mta-exim4_4.7~rc2-7lenny3_all.deb Size/MD5 checksum: 100824 8dcc63a9768d2dd192566dccf3c07a9e http://security.debian.org/pool/updates/main/g/gforge/gforge-web-apache_4.7~rc2-7lenny3_all.deb Size/MD5 checksum: 88550 b62b84da2aff9e56860667ce193f3351 http://security.debian.org/pool/updates/main/g/gforge/gforge-plugin-scmsvn_4.7~rc2-7lenny3_all.deb Size/MD5 checksum: 122072 bdd9b60445fdf1e1af9a943d9250af7b http://security.debian.org/pool/updates/main/g/gforge/gforge-web-apache2_4.7~rc2-7lenny3_all.deb Size/MD5 checksum: 1397376 6bd8964fea18f429267972ee471d8d06 http://security.debian.org/pool/updates/main/g/gforge/gforge_4.7~rc2-7lenny3_all.deb Size/MD5 checksum: 92884 9c1029863905773f982f524d5394b934 http://security.debian.org/pool/updates/main/g/gforge/gforge-lists-mailman_4.7~rc2-7lenny3_all.deb Size/MD5 checksum: 94654 dfb3d71e7ebdee27ec7bcf8a536477c4 http://security.debian.org/pool/updates/main/g/gforge/gforge-ftp-proftpd_4.7~rc2-7lenny3_all.deb Size/MD5 checksum: 97388 aee4295339ef21d98e8f067ab6625aea http://security.debian.org/pool/updates/main/g/gforge/gforge-plugin-scmcvs_4.7~rc2-7lenny3_all.deb Size/MD5 checksum: 129550 65f1fd24bda024f8ff2e4d87ca68c605 PROVIDED AND/OR DISCOVERED BY: The vendor credits Sylvain Beucler. ORIGINAL ADVISORY: DSA-1945-1: http://www.us.debian.org/security/2009/dsa-1945 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Dec 4 11:45:59 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 4 Dec 2009 20:45:59 +0100 Subject: [SEC] [SA37507] DevIL DICOM "GetUID()" Buffer Overflow Vulnerability Message-ID: <200912041945.nB4JjxvU030215@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: DevIL DICOM "GetUID()" Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA37507 VERIFY ADVISORY: http://secunia.com/advisories/37507/ DESCRIPTION: Secunia Research has discovered a vulnerability in DevIL, which can be exploited by malicious people to compromise an application using the library. The vulnerability is caused due to a boundary error within the "GetUID()" function in src-IL/src/il_dicom.c. This can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into opening a specially crafted DICOM file in an application using the library. The vulnerability is confirmed in version 1.7.8. Other versions may also be affected. SOLUTION: Do not open untrusted DICOM files. PROVIDED AND/OR DISCOVERED BY: Stefan Cornelius, Secunia Research. ORIGINAL ADVISORY: http://sourceforge.net/tracker/?func=detail&aid=2908728&group_id=4470&atid=304470 Secunia Research: http://secunia.com/secunia_research/2009-51/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Dec 4 12:02:53 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 4 Dec 2009 21:02:53 +0100 Subject: [SEC] [SA37590] Linux Kernel Multiple Vulnerabilities Message-ID: <200912042002.nB4K2rgc017683@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Linux Kernel Multiple Vulnerabilities SECUNIA ADVISORY ID: SA37590 VERIFY ADVISORY: http://secunia.com/advisories/37590/ DESCRIPTION: A security issue and some vulnerabilities have been reported in the Linux Kernel, which can be exploited by malicious, local users to manipulate certain data and cause a DoS (Denial of Service), and by malicious people to potentially compromise a vulnerable system. 1) The security issue is caused due to insecure permissions being set to driver attributes in sysfs ("/sys/bus/pci/drivers/megaraid_sas/poll_mode_io") and can be exploited to manipulate driver behaviour. 2) A locking error within the TTY subsystem can be exploited to cause a NULL pointer dereference. 3) A boundary error within the "hfs_bnode_read()" function in fs/hfs/bnode.c can be exploited to cause a buffer overflow by e.g. tricking a user into mounting and accessing a specially crafted HFS file system. SOLUTION: Restrict access to trusted users only. Do not mount untrusted file systems. PROVIDED AND/OR DISCOVERED BY: 1) Bryn M. Reeves, reported in a Red Hat bugreport. 2) Kyle Bader 3) Amerigo Wan, Red Hat ORIGINAL ADVISORY: 1) https://bugzilla.redhat.com/show_bug.cgi?id=526068 2) http://bugzilla.kernel.org/show_bug.cgi?id=14605 3) https://bugzilla.redhat.com/show_bug.cgi?id=540736 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Dec 4 12:29:12 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 4 Dec 2009 21:29:12 +0100 Subject: [SEC] [SA37570] DAZ Studio File Association Security Issue Message-ID: <200912042029.nB4KTCw9005474@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: DAZ Studio File Association Security Issue SECUNIA ADVISORY ID: SA37570 VERIFY ADVISORY: http://secunia.com/advisories/37570/ DESCRIPTION: Diego Juarez has reported a security issue in DAZ Studio, which can be exploited by malicious people to compromise a user's system. The security issue is caused due to the application being associated with the ".ds", ".dsa", ".dse", and the ".dsb" file extensions, which are interpreted as DAZ Script. This can be exploited to execute arbitrary code when a user is tricked into opening a malicious file. The security issue is reported in DAZ Studio 2.3.3.161, 2.3.3.163, and 3.0.1.135. Other versions may also be affected. SOLUTION: Disable the file association for ".ds", ".dsa", ".dse", and ".dsb" files and don't open files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Diego Juarez, Core Security Technologies ORIGINAL ADVISORY: http://www.coresecurity.com/content/dazstudio-scripting-injection ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Dec 4 12:46:00 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 4 Dec 2009 21:46:00 +0100 Subject: [SEC] [SA37594] Sun Solaris GNU tar Archive Parsing Vulnerabilities Message-ID: <200912042046.nB4Kjx4i025329@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Sun Solaris GNU tar Archive Parsing Vulnerabilities SECUNIA ADVISORY ID: SA37594 VERIFY ADVISORY: http://secunia.com/advisories/37594/ DESCRIPTION: Sun has acknowledged some vulnerabilities in Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a user's system. 1) An input validation error can be exploited to conduct directory traversal attacks. For more information: SA26573 2) An error when processing specially crafted tar archives can be exploited to cause a stack-based buffer overflow and crash the vulnerable application. SOLUTION: Apply patches. -- SPARC Platform -- Solaris 10: Apply patch 139099-03 or later. -- x86 Platform -- Solaris 10: Apply patch 139100-03 or later. A final resolution is pending completion for Solaris 9. ORIGINAL ADVISORY: http://sunsolve.sun.com/search/document.do?assetkey=1-66-273551-1 OTHER REFERENCES: SA26573: http://secunia.com/advisories/26573/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Dec 4 13:03:05 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 4 Dec 2009 22:03:05 +0100 Subject: [SEC] [SA37565] IIPImage Server Buffer Overflow Vulnerabilities Message-ID: <200912042103.nB4L35xX012799@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: IIPImage Server Buffer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA37565 VERIFY ADVISORY: http://secunia.com/advisories/37565/ DESCRIPTION: Some vulnerabilities have been reported in IIPImage Server, which potentially can be exploited by malicious people to compromise a vulnerable system. The vulnerabilities are caused due to boundary errors within the "RGN::run()", "JTLS::run()", and "SHD::run()" functions in src/Task.cc, which can be exploited to cause stack-based buffer overflows by e.g. passing specially crafted parameters to the FastCGI binary. The vulnerabilities are reported in versions prior to 0.9.8. SOLUTION: Update to version 0.9.8. PROVIDED AND/OR DISCOVERED BY: The vendor credits Willem Hengeveld. ORIGINAL ADVISORY: http://mac.freshmeat.net/projects/iipimage/releases/309013 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Dec 4 13:29:13 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 4 Dec 2009 22:29:13 +0100 Subject: [SEC] [SA37581] Apple Mac OS X update for Java Message-ID: <200912042129.nB4LTDHk000539@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Apple Mac OS X update for Java SECUNIA ADVISORY ID: SA37581 VERIFY ADVISORY: http://secunia.com/advisories/37581/ DESCRIPTION: Apple has issued an update for Java for Mac OS X. This fixes some vulnerabilities, which can be exploited by malicious people to potentially disclose sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), or to compromise a user's system. 1) Multiple vulnerabilities in Java can be exploited to potentially disclose sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), or to compromise a user's system. For more information: SA37231 2) An error in Java for Mac OS X can lead to an expired certificate for a Java applet being treated as valid. SOLUTION: Apply updates. Java for Mac OS X 10.6: Apply Update 1. http://support.apple.com/kb/DL972 Java for Mac OS X 10.5: Apply Update 6. http://support.apple.com/kb/DL971 PROVIDED AND/OR DISCOVERED BY: 2) The vendor credits Simon Heimlicher, ETH Zurich. ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT3969 http://support.apple.com/kb/HT3970 OTHER REFERENCES: SA37231: http://secunia.com/advisories/37231/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Dec 4 13:46:04 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 4 Dec 2009 22:46:04 +0100 Subject: [SEC] [SA37555] Sun Management Center XML Library Multiple Vulnerabilities Message-ID: <200912042146.nB4Lk4GD020446@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Sun Management Center XML Library Multiple Vulnerabilities SECUNIA ADVISORY ID: SA37555 VERIFY ADVISORY: http://secunia.com/advisories/37555/ DESCRIPTION: Sun has acknowledged some vulnerabilities in Sun Management Center, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the libxml2 library. For more information: SA31558 SA32773 SOLUTION: Apply patches. -- SPARC Platform -- Sun Management Center 3.6.1 (for Solaris 7): Apply patch 123919-12 or later. Sun Management Center 3.6.1 (for Solaris 8): Apply patch 123920-12 or later. Sun Management Center 3.6.1 (for Solaris 9): Apply patch 123921-12 or later. Sun Management Center 3.6.1 (for Solaris 10): Apply patch 123923-12 or later. Sun Management Center 4.0 (for Solaris 8): Apply patch 127680-07 or later. Sun Management Center 4.0 (for Solaris 9): Apply patch 127681-07 or later. Sun Management Center 4.0 (for Solaris 10): Apply patch 127683-07 or later. -- x86 Platform -- Sun Management Center 3.6.1 (for Solaris 9): Apply patch 123922-11 or later. Sun Management Center 3.6.1 (for Solaris 10): Apply patch 123924-11 or later. Sun Management Center 4.0 (for Solaris 9): Apply patch 127682-07 or later. Sun Management Center 4.0 (for Solaris 10): Apply patch 143324-01 or later. Users of Sun Management Center 3.61 (EOL) are encouraged to upgrade to SunMC 4.0, which can be downloaded at: http://www.sun.com/software/products/sunmanagementcenter/get.html ORIGINAL ADVISORY: http://sunsolve.sun.com/search/document.do?assetkey=1-66-266428-1 OTHER REFERENCES: SA31558#2: http://secunia.com/advisories/31558/ SA32773: http://secunia.com/advisories/32773/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Dec 4 14:03:07 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 4 Dec 2009 23:03:07 +0100 Subject: [SEC] [SA37593] Sun Solaris libexpat Library XML Parsing Denial of Service Message-ID: <200912042203.nB4M37n6007917@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Sun Solaris libexpat Library XML Parsing Denial of Service SECUNIA ADVISORY ID: SA37593 VERIFY ADVISORY: http://secunia.com/advisories/37593/ DESCRIPTION: Sun has acknowledged some vulnerabilities in Solaris, which can be exploited by malicious people to crash an application linked against the libexpat library. For more information: SA36425 SOLUTION: Apply T-Patches. http://sunsolve.sun.com/tpatches -- SPARC Platform -- Solaris 10: Apply T-Patch T137147-05. -- x86 Platform -- Solaris 10: Apply T-Patch T137148-05. ORIGINAL ADVISORY: http://sunsolve.sun.com/search/document.do?assetkey=1-66-273630-1 OTHER REFERENCES: SA36425: http://secunia.com/advisories/36425/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Dec 4 14:23:43 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 4 Dec 2009 23:23:43 +0100 Subject: [SEC] [SA37582] Sun Solaris wget SSL Certificate NULL Character Processing Vulnerability Message-ID: <200912042223.nB4MNhC2027912@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Sun Solaris wget SSL Certificate NULL Character Processing Vulnerability SECUNIA ADVISORY ID: SA37582 VERIFY ADVISORY: http://secunia.com/advisories/37582/ DESCRIPTION: Sun has acknowledged a vulnerability in Solaris, which can be exploited by malicious people to conduct spoofing attacks. For more information: SA36540 SOLUTION: Apply patches. -- SPARC Platform -- Solaris 10: Apply patch 125215-03 or later. -- x86 Platform -- Solaris 10: Apply patch 125216-03 or later. A final resolution is pending completion for Solaris 9. ORIGINAL ADVISORY: http://sunsolve.sun.com/search/document.do?assetkey=1-66-273590-1 OTHER REFERENCES: SA36540: http://secunia.com/advisories/36540/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Dec 4 14:43:31 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 4 Dec 2009 23:43:31 +0100 Subject: [SEC] [SA37586] Debian update for request-tracker Message-ID: <200912042243.nB4MhVN7015477@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Debian update for request-tracker SECUNIA ADVISORY ID: SA37586 VERIFY ADVISORY: http://secunia.com/advisories/37586/ DESCRIPTION: Debian has issued an update for request-tracker. This fixes a vulnerability, which can be exploited by malicious people to conduct session fixation attacks. For more information: SA37546 SOLUTION: Apply updated packages. -- Debian GNU/Linux 4.0 (etch) -- Source: http://security.debian.org/pool/updates/main/r/request-tracker3.4/request-tracker3.4_3.4.5-2+etch1.diff.gz http://security.debian.org/pool/updates/main/r/request-tracker3.6/request-tracker3.6_3.6.1-4+etch1.diff.gz http://security.debian.org/pool/updates/main/r/request-tracker3.6/request-tracker3.6_3.6.1-4+etch1.dsc http://security.debian.org/pool/updates/main/r/request-tracker3.4/request-tracker3.4_3.4.5-2+etch1.dsc http://security.debian.org/pool/updates/main/r/request-tracker3.4/request-tracker3.4_3.4.5.orig.tar.gz http://security.debian.org/pool/updates/main/r/request-tracker3.6/request-tracker3.6_3.6.1.orig.tar.gz Architecture-independent component: http://security.debian.org/pool/updates/main/r/request-tracker3.6/rt3.6-apache2_3.6.1-4+etch1_all.deb http://security.debian.org/pool/updates/main/r/request-tracker3.6/rt3.6-apache_3.6.1-4+etch1_all.deb http://security.debian.org/pool/updates/main/r/request-tracker3.4/rt3.4-clients_3.4.5-2+etch1_all.deb http://security.debian.org/pool/updates/main/r/request-tracker3.4/request-tracker3.4_3.4.5-2+etch1_all.deb http://security.debian.org/pool/updates/main/r/request-tracker3.4/rt3.4-apache_3.4.5-2+etch1_all.deb http://security.debian.org/pool/updates/main/r/request-tracker3.6/request-tracker3.6_3.6.1-4+etch1_all.deb http://security.debian.org/pool/updates/main/r/request-tracker3.6/rt3.6-clients_3.6.1-4+etch1_all.deb http://security.debian.org/pool/updates/main/r/request-tracker3.4/rt3.4-apache2_3.4.5-2+etch1_all.deb -- Debian GNU/Linux 5.0 (lenny) -- Source: http://security.debian.org/pool/updates/main/r/request-tracker3.6/request-tracker3.6_3.6.7.orig.tar.gz http://security.debian.org/pool/updates/main/r/request-tracker3.6/request-tracker3.6_3.6.7-5+lenny3.dsc http://security.debian.org/pool/updates/main/r/request-tracker3.6/request-tracker3.6_3.6.7-5+lenny3.diff.gz Architecture-independent component: http://security.debian.org/pool/updates/main/r/request-tracker3.6/rt3.6-db-mysql_3.6.7-5+lenny3_all.deb http://security.debian.org/pool/updates/main/r/request-tracker3.6/rt3.6-db-sqlite_3.6.7-5+lenny3_all.deb http://security.debian.org/pool/updates/main/r/request-tracker3.6/rt3.6-apache2_3.6.7-5+lenny3_all.deb http://security.debian.org/pool/updates/main/r/request-tracker3.6/rt3.6-db-postgresql_3.6.7-5+lenny3_all.deb http://security.debian.org/pool/updates/main/r/request-tracker3.6/request-tracker3.6_3.6.7-5+lenny3_all.deb http://security.debian.org/pool/updates/main/r/request-tracker3.6/rt3.6-clients_3.6.7-5+lenny3_all.deb ORIGINAL ADVISORY: DSA-1944-1: http://www.debian.org/security/2009/dsa-1944 OTHER REFERENCES: SA37546: http://secunia.com/advisories/37546/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Dec 7 09:11:42 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 7 Dec 2009 18:11:42 +0100 Subject: [SEC] [SA37572] IDEAL Administration ".ipj" File Processing Buffer Overflow Message-ID: <200912071711.nB7HBg04021851@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: IDEAL Administration ".ipj" File Processing Buffer Overflow SECUNIA ADVISORY ID: SA37572 VERIFY ADVISORY: http://secunia.com/advisories/37572/ DESCRIPTION: Dr_IDE has discovered a vulnerability in IDEAL Administration, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the processing of Ideal Project Files (".ipj"). This can be exploited to cause a stack-based buffer overflow when a user is tricked into opening a specially crafted ".ipj" file. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 9.7.1. Other versions may also be affected. SOLUTION: Do not open ".ipj" files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Dr_IDE ORIGINAL ADVISORY: http://pocoftheday.blogspot.com/2009/12/ideal-administration-2009-v97-local.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Dec 7 09:29:12 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 7 Dec 2009 18:29:12 +0100 Subject: [SEC] [SA37518] Joomla YOOtheme Template Cross-Site Scripting Vulnerability Message-ID: <200912071729.nB7HTCV4009322@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Joomla YOOtheme Template Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA37518 VERIFY ADVISORY: http://secunia.com/advisories/37518/ DESCRIPTION: andresg888 has reported a vulnerability in the YOOtheme template for Joomla, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "yt_color" parameter in index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: andresg888 ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/10318 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Dec 7 09:46:30 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 7 Dec 2009 18:46:30 +0100 Subject: [SEC] [SA37511] Ubuntu update for bind9 Message-ID: <200912071746.nB7HkUPP029193@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Ubuntu update for bind9 SECUNIA ADVISORY ID: SA37511 VERIFY ADVISORY: http://secunia.com/advisories/37511/ DESCRIPTION: Ubuntu has issued an update for bind9. This fixes a vulnerability, which can be exploited by malicious people to poison the DNS cache. For more information: SA37426 SOLUTION: Apply updated packages. -- Ubuntu 6.06 LTS -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.9.diff.gz Size/MD5: 107716 730ae2b522410ce9f626eba005274c43 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.9.dsc Size/MD5: 783 8d03dccc13984711f013d99347fbfd81 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2.orig.tar.gz Size/MD5: 5302112 55e709501a7780233c36e25ccd15ece2 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.3.2-2ubuntu1.9_all.deb Size/MD5: 181134 620434575b50b094e25aedfe625f2b7e amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.9_amd64.deb Size/MD5: 112426 d1c55e4daf55c05f25d5a3bb0fe88a02 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.9_amd64.deb Size/MD5: 312158 0c1a6c987c5661ce5841a76695e6e339 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.9_amd64.deb Size/MD5: 185254 1dcfa5747e6f0867f2aaee185c29a9ae http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.9_amd64.deb Size/MD5: 1130554 0447b204d98845bc111a22dbaaef5389 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.9_amd64.deb Size/MD5: 92482 417319253fd333f271000fb0fd87a19b http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.9_amd64.deb Size/MD5: 79432 292be4b6f66a34c34209d3eabf4b8706 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns23_9.3.2-2ubuntu1.9_amd64.deb Size/MD5: 557676 7579d343be8db126cfd6f3e7555c870a http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.9_amd64.deb Size/MD5: 190938 2a5184827cc63dfad73bbd721a6242f9 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.9_amd64.deb Size/MD5: 93600 df1d0b39a4bf57a77bfe0a8506997d78 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.9_amd64.deb Size/MD5: 109446 6fe6af0fa3136c5e112bceda444280ee http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.9_amd64.deb Size/MD5: 111854 5e6d8d6f9b2a3fe4f2fa3c58bdecc041 http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.9_amd64.deb Size/MD5: 220580 18edfdfcdc72488c65135aca17f4cda0 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.9_i386.deb Size/MD5: 109300 7c3942518041f13cd7d4b8873e0d5565 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.9_i386.deb Size/MD5: 290476 d8c8a863e6b1d6af6885384965daba98 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.9_i386.deb Size/MD5: 175938 49ac3b4fe8e243050a2bfa676a7d89d5 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.9_i386.deb Size/MD5: 997576 e7e29247e43fad08325224737f401bfd http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.9_i386.deb Size/MD5: 91710 4e00a1aa45402a48f90bc01c75587ca0 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.9_i386.deb Size/MD5: 79434 d95f0550ee4ff7f9544e33376aa299f1 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns23_9.3.2-2ubuntu1.9_i386.deb Size/MD5: 483418 317808ecce789ad079b89564acbb1b67 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.9_i386.deb Size/MD5: 172964 a720cf64ad4e6d3e320c221aea6f9807 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.9_i386.deb Size/MD5: 91152 7d4745652a117e98420204b718ee9ed4 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.9_i386.deb Size/MD5: 102930 236f07e99b07933a4717924bf7f417a3 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.9_i386.deb Size/MD5: 107606 b22bdd359aed2f1afbdda8b26eee96ff http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.9_i386.deb Size/MD5: 204006 3507ce61989b277905018388ff6cfe8b powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.9_powerpc.deb Size/MD5: 110934 6e43ca17520ee227064843d18549a679 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.9_powerpc.deb Size/MD5: 304198 f6fb83ea8d26cdad967efc7867dd8bdb http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.9_powerpc.deb Size/MD5: 182070 6af7663959349ef58a2bd0d8cce2ac08 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.9_powerpc.deb Size/MD5: 1204934 f6d8606bf3a0e3d4cb0812065fbfdc00 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.9_powerpc.deb Size/MD5: 93778 4bcd9d7010b99bb150f6dc6ab3fff2c7 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.9_powerpc.deb Size/MD5: 79440 98994c8d586eb159cdc92b53164d8ab5 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns23_9.3.2-2ubuntu1.9_powerpc.deb Size/MD5: 517322 dc19c08276afc5ce4626158a7cd110fb http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.9_powerpc.deb Size/MD5: 182738 1b2009a5c45fb1b714743c174e8492b0 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.9_powerpc.deb Size/MD5: 93972 b1525ff61ae71a3e93cccb5f5f7518f9 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.9_powerpc.deb Size/MD5: 106858 7d943af119321a1ef6ca95a34c0d2bbd http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.9_powerpc.deb Size/MD5: 111408 9c6dd11b59430aba7bfbd1876136db08 http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.9_powerpc.deb Size/MD5: 208442 14ee0e66c396a27cb6fc9a02d68f2065 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.9_sparc.deb Size/MD5: 111012 a9701b92126786713e3e3a85044aec4c http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.9_sparc.deb Size/MD5: 301976 d2e60aa7eee5b489d45cea886194f6bd http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.9_sparc.deb Size/MD5: 181332 ba36d5f822cbd3c8f951b45a5806e97b http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.9_sparc.deb Size/MD5: 1116618 923f6c0d1ecd3e3c5c042de82cac6a99 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.9_sparc.deb Size/MD5: 92096 1793e184ee9091749629ff4004dd7d85 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.9_sparc.deb Size/MD5: 79434 d39652bf4ef16602d658fb870028ef25 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns23_9.3.2-2ubuntu1.9_sparc.deb Size/MD5: 511646 d9c6da162acc951e7145d9b2ff071376 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.9_sparc.deb Size/MD5: 181680 b58316a65a3eef89b28d2bbf45e3b6ae http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.9_sparc.deb Size/MD5: 91596 7af590f02eda53c3a5f404a411c8ecfb http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.9_sparc.deb Size/MD5: 104258 81849e8f276c4f7ddf68986df49f8f24 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.9_sparc.deb Size/MD5: 107126 c5dd90d7714cab6540a7633807a9a12e http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.9_sparc.deb Size/MD5: 211774 64a6d2900f845ed3372f96894f336ca3 -- Ubuntu 8.04 LTS -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2.dfsg.P2-2ubuntu0.4.diff.gz Size/MD5: 234862 8fe53f5995d58044303b881205752018 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2.dfsg.P2-2ubuntu0.4.dsc Size/MD5: 1000 1ad32e9bd97f982d8340b92e202610c4 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2.dfsg.P2.orig.tar.gz Size/MD5: 5013832 9fe376b7121db146b19c6b5b248436df Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.4.2.dfsg.P2-2ubuntu0.4_all.deb Size/MD5: 240886 cd0800990ce29d04aa50da747bfb56a6 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.2.dfsg.P2-2ubuntu0.4_amd64.deb Size/MD5: 60644 66bfb37e7d2ef05455003c2b57edf5a4 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2.dfsg.P2-2ubuntu0.4_amd64.deb Size/MD5: 284106 4a20ea9e58428d3c730e090b08be2a2a http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.2.dfsg.P2-2ubuntu0.4_amd64.deb Size/MD5: 144248 ad1c4ffd6196f0fb79a3bd397efd7b16 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.2.dfsg.P2-2ubuntu0.4_amd64.deb Size/MD5: 1190266 df98048ef45224bff3075907803f1e11 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.2.dfsg.P2-2ubuntu0.4_amd64.deb Size/MD5: 27940 23a85809c1cd172593881deb62df34a7 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns35_9.4.2.dfsg.P2-2ubuntu0.4_amd64.deb Size/MD5: 11104 e08cc152b4391c6a303a1dd8b69eb2a2 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns36_9.4.2.dfsg.P2-2ubuntu0.4_amd64.deb Size/MD5: 550654 2f3425ef4fe7691b7a791305a6d5bda3 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc35_9.4.2.dfsg.P2-2ubuntu0.4_amd64.deb Size/MD5: 139346 1cfd7627e1f7e09b538600c5caf5e909 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.2.dfsg.P2-2ubuntu0.4_amd64.deb Size/MD5: 25416 07632e693c52c704ac10b69cc664aee0 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.2.dfsg.P2-2ubuntu0.4_amd64.deb Size/MD5: 45442 a7af3441e29887a19db5632eb3dba13f http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.2.dfsg.P2-2ubuntu0.4_amd64.deb Size/MD5: 43502 3ee7f2525289f7eadfc0a1182889e112 http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.2.dfsg.P2-2ubuntu0.4_amd64.deb Size/MD5: 172366 0f698b8c5a189698136aea1ffbd1e23b i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.2.dfsg.P2-2ubuntu0.4_i386.deb Size/MD5: 57198 ba1bd15be6ac17a350e6b009bfd6b45c http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2.dfsg.P2-2ubuntu0.4_i386.deb Size/MD5: 269024 35e686068ff26ed0287cbdad1bcd785f http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.2.dfsg.P2-2ubuntu0.4_i386.deb Size/MD5: 135602 303d12695c4884bc5bc703bba80f8b76 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.2.dfsg.P2-2ubuntu0.4_i386.deb Size/MD5: 1067356 cd4370164879cdd4fed7e86caf93d3af http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.2.dfsg.P2-2ubuntu0.4_i386.deb Size/MD5: 27984 2909c93399a32603d69e9cbe69ec754f http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns35_9.4.2.dfsg.P2-2ubuntu0.4_i386.deb Size/MD5: 11104 249d3ad714904f3fdcbb20e9da4b805b http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns36_9.4.2.dfsg.P2-2ubuntu0.4_i386.deb Size/MD5: 494262 1c56339d4b1650084d9507b82833a499 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc35_9.4.2.dfsg.P2-2ubuntu0.4_i386.deb Size/MD5: 127266 f24e3bf9c2a7c3bc944fc24e57234c62 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.2.dfsg.P2-2ubuntu0.4_i386.deb Size/MD5: 23622 b4b00836167ef05eb0a8f4027d5054ee http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.2.dfsg.P2-2ubuntu0.4_i386.deb Size/MD5: 38930 d5f363c0571ae0db6614283500f509d3 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.2.dfsg.P2-2ubuntu0.4_i386.deb Size/MD5: 40758 61613dbeeabfb80c06bac38381bdc7cb http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.2.dfsg.P2-2ubuntu0.4_i386.deb Size/MD5: 160506 b07aafa7941fbe8deb4e45a386ebf670 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.2.dfsg.P2-2ubuntu0.4_lpia.deb Size/MD5: 58152 db0292c7e8857cfd1d488d3ce79be574 http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.2.dfsg.P2-2ubuntu0.4_lpia.deb Size/MD5: 269312 df5b36be50a857a2179969b475265e6b http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.2.dfsg.P2-2ubuntu0.4_lpia.deb Size/MD5: 137550 2c3cdfa1f0191652bc0ad06e937cf040 http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.2.dfsg.P2-2ubuntu0.4_lpia.deb Size/MD5: 1070892 694fdb059bc505f2774f0ecd3fbb2e2c http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.2.dfsg.P2-2ubuntu0.4_lpia.deb Size/MD5: 27978 06f0ec66746ef34fe8a7e3c098f20487 http://ports.ubuntu.com/pool/main/b/bind9/libdns35_9.4.2.dfsg.P2-2ubuntu0.4_lpia.deb Size/MD5: 11106 1387347556ec52a44e86ef3057536e30 http://ports.ubuntu.com/pool/main/b/bind9/libdns36_9.4.2.dfsg.P2-2ubuntu0.4_lpia.deb Size/MD5: 489300 34a64c7be6a68d84c11738bc099c6eac http://ports.ubuntu.com/pool/main/b/bind9/libisc35_9.4.2.dfsg.P2-2ubuntu0.4_lpia.deb Size/MD5: 123950 c0c70e5bc691d74ec75964d70e1c2334 http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.2.dfsg.P2-2ubuntu0.4_lpia.deb Size/MD5: 23334 5bfd1c274c3b347ecef07d3b5df47ee7 http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.2.dfsg.P2-2ubuntu0.4_lpia.deb Size/MD5: 38364 098e5ce79c7d34df1de3a424f8ff8164 http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.2.dfsg.P2-2ubuntu0.4_lpia.deb Size/MD5: 40504 b4a4f4ab7c78638a4f6e71d6d858e4fe http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.2.dfsg.P2-2ubuntu0.4_lpia.deb Size/MD5: 160046 bb0e45ea1644a18fede68716c88fe6d0 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.2.dfsg.P2-2ubuntu0.4_powerpc.deb Size/MD5: 61920 066077cbb21fa109133a6280df63b450 http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.2.dfsg.P2-2ubuntu0.4_powerpc.deb Size/MD5: 298612 f49ac94309f8fab8c1507714e5ccab56 http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.2.dfsg.P2-2ubuntu0.4_powerpc.deb Size/MD5: 150484 74300ef39ea68fc5f086b8aa42c4ac25 http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.2.dfsg.P2-2ubuntu0.4_powerpc.deb Size/MD5: 1274074 3bc41ce9e0dd7b34a17b8d1b1291f7b5 http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.2.dfsg.P2-2ubuntu0.4_powerpc.deb Size/MD5: 30480 576e9403c2d96e248eac19da16c1dd5d http://ports.ubuntu.com/pool/main/b/bind9/libdns35_9.4.2.dfsg.P2-2ubuntu0.4_powerpc.deb Size/MD5: 11110 e7be9ff3e7b8c295d19c128f57b3b3ad http://ports.ubuntu.com/pool/main/b/bind9/libdns36_9.4.2.dfsg.P2-2ubuntu0.4_powerpc.deb Size/MD5: 530128 ad0b388dfaf4d17d3e1bdb8a3b8182a1 http://ports.ubuntu.com/pool/main/b/bind9/libisc35_9.4.2.dfsg.P2-2ubuntu0.4_powerpc.deb Size/MD5: 139078 e25bafa51e4b4f147f4825985f64b014 http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.2.dfsg.P2-2ubuntu0.4_powerpc.deb Size/MD5: 27112 e6d960fd4e62b88ae990fba2836d0f66 http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.2.dfsg.P2-2ubuntu0.4_powerpc.deb Size/MD5: 44280 7dbd72eda45ce147507b521a3fd287b5 http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.2.dfsg.P2-2ubuntu0.4_powerpc.deb Size/MD5: 44954 6fd18d1012da8bc814fa93c2c4045606 http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.2.dfsg.P2-2ubuntu0.4_powerpc.deb Size/MD5: 173008 7f9899782e1e304848ee811c84034f59 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.2.dfsg.P2-2ubuntu0.4_sparc.deb Size/MD5: 59882 86d97fb2ed53875540e6607113650c9c http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.2.dfsg.P2-2ubuntu0.4_sparc.deb Size/MD5: 283454 2b1405c3a3c184dc4e03fe3d179ec5db http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.2.dfsg.P2-2ubuntu0.4_sparc.deb Size/MD5: 142672 b58ef8edff365ab70bf3409c0e09a4bf http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.2.dfsg.P2-2ubuntu0.4_sparc.deb Size/MD5: 1180646 c03d1d096ccc20c18d6807d9cfa52fcb http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.2.dfsg.P2-2ubuntu0.4_sparc.deb Size/MD5: 27358 f21a8627289cc5afe338cdbac1e5c1a0 http://ports.ubuntu.com/pool/main/b/bind9/libdns35_9.4.2.dfsg.P2-2ubuntu0.4_sparc.deb Size/MD5: 11104 c765609107b09cec9df159ed8d15ce9e http://ports.ubuntu.com/pool/main/b/bind9/libdns36_9.4.2.dfsg.P2-2ubuntu0.4_sparc.deb Size/MD5: 500832 d3d8a2c119e53502a97ae2aed59b9b4a http://ports.ubuntu.com/pool/main/b/bind9/libisc35_9.4.2.dfsg.P2-2ubuntu0.4_sparc.deb Size/MD5: 128986 7a7a030082c9da5101af6146cd1ebb67 http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.2.dfsg.P2-2ubuntu0.4_sparc.deb Size/MD5: 23412 b7929973ca93c0910bdeca0c5a133c11 http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.2.dfsg.P2-2ubuntu0.4_sparc.deb Size/MD5: 39476 8fda08911ac19c20ed4af2e1ab5f9428 http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.2.dfsg.P2-2ubuntu0.4_sparc.deb Size/MD5: 39662 72ec9dcfb59211654781b5fb28998bd5 http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.2.dfsg.P2-2ubuntu0.4_sparc.deb Size/MD5: 171488 692ecd88c0d2b3591e21ff8af693e72c -- Ubuntu 8.10 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.5.0.dfsg.P2-1ubuntu3.4.diff.gz Size/MD5: 269095 8d53303c6cf8d9c65ebf1a7197dbd033 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.5.0.dfsg.P2-1ubuntu3.4.dsc Size/MD5: 1563 1afcac9fe0f644047cf62322a9965fc9 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.5.0.dfsg.P2.orig.tar.gz Size/MD5: 5186028 7159b73a02d69cbe741dd2e1d6b56e71 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.5.0.dfsg.P2-1ubuntu3.4_all.deb Size/MD5: 255722 7d69fff7befabc3472c2066924c024a5 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.5.0.dfsg.P2-1ubuntu3.4_amd64.deb Size/MD5: 50374 11d64650c37719d925a9117347ab342e http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.5.0.dfsg.P2-1ubuntu3.4_amd64.deb Size/MD5: 256418 fbdcba5db56dacb021aadf2f06cf9279 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9utils_9.5.0.dfsg.P2-1ubuntu3.4_amd64.deb Size/MD5: 96146 b81eead90c85174db2bdcf707f6814b2 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.5.0.dfsg.P2-1ubuntu3.4_amd64.deb Size/MD5: 125352 d7b907179def4980609604d74f7bf8a1 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.5.0.dfsg.P2-1ubuntu3.4_amd64.deb Size/MD5: 1311304 f441e4860c27b8e526aec3fdfd69a369 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-40_9.5.0.dfsg.P2-1ubuntu3.4_amd64.deb Size/MD5: 31184 85af13d6b3612b8a3a2002212a85d58c http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns43_9.5.0.dfsg.P2-1ubuntu3.4_amd64.deb Size/MD5: 13028 51a00c78b9000217294cd40c7860ad8e http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns44_9.5.0.dfsg.P2-1ubuntu3.4_amd64.deb Size/MD5: 590230 3c24c276d2a34aae0bf946392e7069a1 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc44_9.5.0.dfsg.P2-1ubuntu3.4_amd64.deb Size/MD5: 156522 210cffa5bf44824fd2fa00c93268e088 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc40_9.5.0.dfsg.P2-1ubuntu3.4_amd64.deb Size/MD5: 27654 85eb8d9d280517fa4c99c3c1818e7027 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg40_9.5.0.dfsg.P2-1ubuntu3.4_amd64.deb Size/MD5: 48834 3270cf7b310ce46ab35eea56a5fda123 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres40_9.5.0.dfsg.P2-1ubuntu3.4_amd64.deb Size/MD5: 46372 bea045857fb67dc6c2b3749c65396b07 http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.5.0.dfsg.P2-1ubuntu3.4_amd64.deb Size/MD5: 209462 59897cbbf5c225ae990a925c2876c539 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.5.0.dfsg.P2-1ubuntu3.4_i386.deb Size/MD5: 47850 34a566a439ecd36f4d0985e564fbafa6 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.5.0.dfsg.P2-1ubuntu3.4_i386.deb Size/MD5: 243834 14340514d201407ed07be4d39549a21e http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9utils_9.5.0.dfsg.P2-1ubuntu3.4_i386.deb Size/MD5: 90492 47dd21e11b762eb7fde452f66bb18556 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.5.0.dfsg.P2-1ubuntu3.4_i386.deb Size/MD5: 117698 325b55c3f114f003dd6a0708a3490c20 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.5.0.dfsg.P2-1ubuntu3.4_i386.deb Size/MD5: 1242446 5ffd77b8872af9622b90f7d84d4873e2 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-40_9.5.0.dfsg.P2-1ubuntu3.4_i386.deb Size/MD5: 31554 5a32e3119a4ba758d6bb4c73b792816a http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns43_9.5.0.dfsg.P2-1ubuntu3.4_i386.deb Size/MD5: 13030 00e5e1772d6b59aa51686183a077017b http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns44_9.5.0.dfsg.P2-1ubuntu3.4_i386.deb Size/MD5: 536608 b7d0fd5b94daf320894be2b248c3b0af http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc44_9.5.0.dfsg.P2-1ubuntu3.4_i386.deb Size/MD5: 143418 d1b501589a57c2e73d78012c92e399b0 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc40_9.5.0.dfsg.P2-1ubuntu3.4_i386.deb Size/MD5: 25856 907d1695f2605301b42445d907508674 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg40_9.5.0.dfsg.P2-1ubuntu3.4_i386.deb Size/MD5: 42450 45004b5eb53a1bd3004766425ff684de http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres40_9.5.0.dfsg.P2-1ubuntu3.4_i386.deb Size/MD5: 43814 fbe9a7d66e6197f38627a836932edd5d http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.5.0.dfsg.P2-1ubuntu3.4_i386.deb Size/MD5: 196500 ec787653ebcdd6d130c411bd0c6ef1f2 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.5.0.dfsg.P2-1ubuntu3.4_lpia.deb Size/MD5: 48240 c5d233a438e98c59c554fd02c6e33e5a http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.5.0.dfsg.P2-1ubuntu3.4_lpia.deb Size/MD5: 242784 8cfdad10cdd711ed64ae3a1349970ab7 http://ports.ubuntu.com/pool/main/b/bind9/bind9utils_9.5.0.dfsg.P2-1ubuntu3.4_lpia.deb Size/MD5: 90270 7d3d32f2c7806fc0403b0c45eae4d0f6 http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.5.0.dfsg.P2-1ubuntu3.4_lpia.deb Size/MD5: 118634 45e381d9787ee42a38ab0b4ded8b2353 http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.5.0.dfsg.P2-1ubuntu3.4_lpia.deb Size/MD5: 1225348 f140acf3c9b7ddd0b9a594e7bf2ff333 http://ports.ubuntu.com/pool/main/b/bind9/libbind9-40_9.5.0.dfsg.P2-1ubuntu3.4_lpia.deb Size/MD5: 31254 19c8be8b4fce728426adba25e6feffb8 http://ports.ubuntu.com/pool/main/b/bind9/libdns43_9.5.0.dfsg.P2-1ubuntu3.4_lpia.deb Size/MD5: 13024 234b2ed6cbab32c73716f89aec2ae8f6 http://ports.ubuntu.com/pool/main/b/bind9/libdns44_9.5.0.dfsg.P2-1ubuntu3.4_lpia.deb Size/MD5: 531660 44ac5b5c4d42f3b32c27e0e0e40dc4ef http://ports.ubuntu.com/pool/main/b/bind9/libisc44_9.5.0.dfsg.P2-1ubuntu3.4_lpia.deb Size/MD5: 139716 61ea8886b7732e9ac31ddd6d855a7f9a http://ports.ubuntu.com/pool/main/b/bind9/libisccc40_9.5.0.dfsg.P2-1ubuntu3.4_lpia.deb Size/MD5: 25532 f327b2de02c3df1d44929ab4c677d0ec http://ports.ubuntu.com/pool/main/b/bind9/libisccfg40_9.5.0.dfsg.P2-1ubuntu3.4_lpia.deb Size/MD5: 41830 ced02257a31bf1bd3757e326e6d81304 http://ports.ubuntu.com/pool/main/b/bind9/liblwres40_9.5.0.dfsg.P2-1ubuntu3.4_lpia.deb Size/MD5: 43446 a8bf74bb55aaeb2da4798f88cbcddf39 http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.5.0.dfsg.P2-1ubuntu3.4_lpia.deb Size/MD5: 195168 8133d8cce5203bc37395eec65db320f1 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.5.0.dfsg.P2-1ubuntu3.4_powerpc.deb Size/MD5: 52550 4f1ad949f17d2a3a5df1f52fcdd09a70 http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.5.0.dfsg.P2-1ubuntu3.4_powerpc.deb Size/MD5: 258198 c0a682aaff9e39b6c7f4f1f2c552c4cd http://ports.ubuntu.com/pool/main/b/bind9/bind9utils_9.5.0.dfsg.P2-1ubuntu3.4_powerpc.deb Size/MD5: 113462 2264a98b6e7f63cc236d9eed88080ae9 http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.5.0.dfsg.P2-1ubuntu3.4_powerpc.deb Size/MD5: 131650 fe455e02779779a700b4b2764b8db738 http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.5.0.dfsg.P2-1ubuntu3.4_powerpc.deb Size/MD5: 1214680 1dc2c1f5460eecc956276c895df724b5 http://ports.ubuntu.com/pool/main/b/bind9/libbind9-40_9.5.0.dfsg.P2-1ubuntu3.4_powerpc.deb Size/MD5: 33744 6877318c75c94f0aeac08a333866a094 http://ports.ubuntu.com/pool/main/b/bind9/libdns43_9.5.0.dfsg.P2-1ubuntu3.4_powerpc.deb Size/MD5: 13030 0dd822d1c4be3af1ad55c086ade84c13 http://ports.ubuntu.com/pool/main/b/bind9/libdns44_9.5.0.dfsg.P2-1ubuntu3.4_powerpc.deb Size/MD5: 565300 cd18c9bb2843d39407814e26f64f3fa5 http://ports.ubuntu.com/pool/main/b/bind9/libisc44_9.5.0.dfsg.P2-1ubuntu3.4_powerpc.deb Size/MD5: 155014 12ed1f5a1d8a04ed1361ab708d6cfd42 http://ports.ubuntu.com/pool/main/b/bind9/libisccc40_9.5.0.dfsg.P2-1ubuntu3.4_powerpc.deb Size/MD5: 29202 7d4923a08979e54175d753fc6af264aa http://ports.ubuntu.com/pool/main/b/bind9/libisccfg40_9.5.0.dfsg.P2-1ubuntu3.4_powerpc.deb Size/MD5: 47362 5dffab154f475c94de6ad7b39154405f http://ports.ubuntu.com/pool/main/b/bind9/liblwres40_9.5.0.dfsg.P2-1ubuntu3.4_powerpc.deb Size/MD5: 47028 603c5b1d1f307eb4073b85f1c6ce4272 http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.5.0.dfsg.P2-1ubuntu3.4_powerpc.deb Size/MD5: 211898 7f75aa15761e979858e84bb314352009 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.5.0.dfsg.P2-1ubuntu3.4_sparc.deb Size/MD5: 48592 1bd8ed8e6b953bd898469b141c4bdfcb http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.5.0.dfsg.P2-1ubuntu3.4_sparc.deb Size/MD5: 245390 5a89af0c93a4cab20bcf65a215b90cfd http://ports.ubuntu.com/pool/main/b/bind9/bind9utils_9.5.0.dfsg.P2-1ubuntu3.4_sparc.deb Size/MD5: 94374 166d62d0398158a66f4e5f3de40165ef http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.5.0.dfsg.P2-1ubuntu3.4_sparc.deb Size/MD5: 120328 207dc6ad5397f361c41d61e28d200f37 http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.5.0.dfsg.P2-1ubuntu3.4_sparc.deb Size/MD5: 1314488 63c572a54c5ae5c7722b17ea50f13f88 http://ports.ubuntu.com/pool/main/b/bind9/libbind9-40_9.5.0.dfsg.P2-1ubuntu3.4_sparc.deb Size/MD5: 30422 c40cb027da1924ec2aeb3e8c0bf0418f http://ports.ubuntu.com/pool/main/b/bind9/libdns43_9.5.0.dfsg.P2-1ubuntu3.4_sparc.deb Size/MD5: 13032 9720983f93c65716f12231c137fa9f95 http://ports.ubuntu.com/pool/main/b/bind9/libdns44_9.5.0.dfsg.P2-1ubuntu3.4_sparc.deb Size/MD5: 530136 4274412197725fa6a4eea473198474eb http://ports.ubuntu.com/pool/main/b/bind9/libisc44_9.5.0.dfsg.P2-1ubuntu3.4_sparc.deb Size/MD5: 143114 5815ae2914830e931efec40643739ecd http://ports.ubuntu.com/pool/main/b/bind9/libisccc40_9.5.0.dfsg.P2-1ubuntu3.4_sparc.deb Size/MD5: 25498 c2a343f73602c7ebdd84a1e8c22d49c0 http://ports.ubuntu.com/pool/main/b/bind9/libisccfg40_9.5.0.dfsg.P2-1ubuntu3.4_sparc.deb Size/MD5: 42638 e45f0ee210549b86ee9888512b595ef4 http://ports.ubuntu.com/pool/main/b/bind9/liblwres40_9.5.0.dfsg.P2-1ubuntu3.4_sparc.deb Size/MD5: 41716 9736339b7a4f5f2301572478f95ff030 http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.5.0.dfsg.P2-1ubuntu3.4_sparc.deb Size/MD5: 197752 af3fad6d0a274b79e1c3467e548c4f72 -- Ubuntu 9.04 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.5.1.dfsg.P2-1ubuntu0.3.diff.gz Size/MD5: 226750 6ea6aae5b89bfed9807fb596d7f1fc9d http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.5.1.dfsg.P2-1ubuntu0.3.dsc Size/MD5: 1593 8d437dd53108dd31d970191065de2a33 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.5.1.dfsg.P2.orig.tar.gz Size/MD5: 5213913 269d057c9a2a8f2ea3fc39b64330a3b7 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.5.1.dfsg.P2-1ubuntu0.3_all.deb Size/MD5: 262458 5fb335a6f407533f370d7c6b3792121f amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.5.1.dfsg.P2-1ubuntu0.3_amd64.deb Size/MD5: 64418 89edb3e25049f990c12ff3c7654055c6 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.5.1.dfsg.P2-1ubuntu0.3_amd64.deb Size/MD5: 253922 45ac8f71c3fd687fb0c9f189aa3818c1 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9utils_9.5.1.dfsg.P2-1ubuntu0.3_amd64.deb Size/MD5: 97120 b8607accc509a80f9a529e3f18e54666 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.5.1.dfsg.P2-1ubuntu0.3_amd64.deb Size/MD5: 154112 ee6a8ebd1260ee3f4f30d9d9ce545fad http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.5.1.dfsg.P2-1ubuntu0.3_amd64.deb Size/MD5: 1328972 8a9c6d2bb8df4a308a2b009da17ea828 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-40_9.5.1.dfsg.P2-1ubuntu0.3_amd64.deb Size/MD5: 32014 53139cef59c4dbd38fda63b8f8a6efc1 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns45_9.5.1.dfsg.P2-1ubuntu0.3_amd64.deb Size/MD5: 13834 683681d5796c38232fbcfea721c08ba0 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns46_9.5.1.dfsg.P2-1ubuntu0.3_amd64.deb Size/MD5: 597080 1ad301385885e3dbefa0b6be99cb2dca http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc45_9.5.1.dfsg.P2-1ubuntu0.3_amd64.deb Size/MD5: 160648 a8d54b4eb76a594e19f9f16d7cea4c0c http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc40_9.5.1.dfsg.P2-1ubuntu0.3_amd64.deb Size/MD5: 28412 d02b3050c27f673fcee08ed81b849caa http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg40_9.5.1.dfsg.P2-1ubuntu0.3_amd64.deb Size/MD5: 50214 506a35dac64473604fb77730d0ecd5c5 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres40_9.5.1.dfsg.P2-1ubuntu0.3_amd64.deb Size/MD5: 47040 b0ba2087ac5dfd1bc6718d0ae5bc46fd http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.5.1.dfsg.P2-1ubuntu0.3_amd64.deb Size/MD5: 211034 c17a629a5cde7fcaec0f69ce2329b8d1 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.5.1.dfsg.P2-1ubuntu0.3_i386.deb Size/MD5: 60954 ac3c238344dc0a5fa7de4ca929b0a9db http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.5.1.dfsg.P2-1ubuntu0.3_i386.deb Size/MD5: 241492 542dd6050482a143475eb6fc8bbf5920 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9utils_9.5.1.dfsg.P2-1ubuntu0.3_i386.deb Size/MD5: 91542 7c0b5dbc502a1c75db21f6e9a555c0f5 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.5.1.dfsg.P2-1ubuntu0.3_i386.deb Size/MD5: 143906 b1b250db3394b2533a7de13cd48b2b9a http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.5.1.dfsg.P2-1ubuntu0.3_i386.deb Size/MD5: 1261318 ef6076f6421ae63e565408304a930b17 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-40_9.5.1.dfsg.P2-1ubuntu0.3_i386.deb Size/MD5: 32456 d1fabfadb7f6276f6f786d82f0d22efc http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns45_9.5.1.dfsg.P2-1ubuntu0.3_i386.deb Size/MD5: 13836 03a69d3e301d7e414d2f147695d073df http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns46_9.5.1.dfsg.P2-1ubuntu0.3_i386.deb Size/MD5: 543356 d184722d54ab001a483e2d439220d363 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc45_9.5.1.dfsg.P2-1ubuntu0.3_i386.deb Size/MD5: 147036 8d0fef5fe8101b472d13ce00c86fd82a http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc40_9.5.1.dfsg.P2-1ubuntu0.3_i386.deb Size/MD5: 26608 6bb084b22e56c723427a3d97449872b8 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg40_9.5.1.dfsg.P2-1ubuntu0.3_i386.deb Size/MD5: 43836 5cdce05fad6234246c6b3bd3e22d5597 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres40_9.5.1.dfsg.P2-1ubuntu0.3_i386.deb Size/MD5: 44506 091421133b179deff4ffaa36ef26a8ea http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.5.1.dfsg.P2-1ubuntu0.3_i386.deb Size/MD5: 198404 1ec35666b1746c3bfa1cac9b7226e6ab lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.5.1.dfsg.P2-1ubuntu0.3_lpia.deb Size/MD5: 61552 24b059570406944db57d752488d767d7 http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.5.1.dfsg.P2-1ubuntu0.3_lpia.deb Size/MD5: 240576 7078700d2c4027d610addefb32f57fd7 http://ports.ubuntu.com/pool/main/b/bind9/bind9utils_9.5.1.dfsg.P2-1ubuntu0.3_lpia.deb Size/MD5: 91248 73d9210c78ff9ea7264f0df9aab0fa34 http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.5.1.dfsg.P2-1ubuntu0.3_lpia.deb Size/MD5: 144956 0fad47e8fc93301a3b4674ab44b1c026 http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.5.1.dfsg.P2-1ubuntu0.3_lpia.deb Size/MD5: 1245564 1660851b08df76aded5397e3cd081f62 http://ports.ubuntu.com/pool/main/b/bind9/libbind9-40_9.5.1.dfsg.P2-1ubuntu0.3_lpia.deb Size/MD5: 32080 35fb4e2da9ede64c00a0e8f2d1a6aa52 http://ports.ubuntu.com/pool/main/b/bind9/libdns45_9.5.1.dfsg.P2-1ubuntu0.3_lpia.deb Size/MD5: 13830 c0ac9ddd8add18807ee0e0ea6e200945 http://ports.ubuntu.com/pool/main/b/bind9/libdns46_9.5.1.dfsg.P2-1ubuntu0.3_lpia.deb Size/MD5: 538214 046e60bdbe6a2283fcb26a511dad3bd3 http://ports.ubuntu.com/pool/main/b/bind9/libisc45_9.5.1.dfsg.P2-1ubuntu0.3_lpia.deb Size/MD5: 143388 27f815923cc2087b5567f8f7c638e7e6 http://ports.ubuntu.com/pool/main/b/bind9/libisccc40_9.5.1.dfsg.P2-1ubuntu0.3_lpia.deb Size/MD5: 26284 49294b7be97936f388133972ecb25058 http://ports.ubuntu.com/pool/main/b/bind9/libisccfg40_9.5.1.dfsg.P2-1ubuntu0.3_lpia.deb Size/MD5: 43234 62094e91b8fed5acd13686ca0da35f92 http://ports.ubuntu.com/pool/main/b/bind9/liblwres40_9.5.1.dfsg.P2-1ubuntu0.3_lpia.deb Size/MD5: 44108 193dd058f2123fb9cb888a1538a2cafe http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.5.1.dfsg.P2-1ubuntu0.3_lpia.deb Size/MD5: 197246 c4f7d486f574e56fa5c71cee5886b772 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.5.1.dfsg.P2-1ubuntu0.3_powerpc.deb Size/MD5: 66784 17332d1c7e1f6f2915dacc2e237b7197 http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.5.1.dfsg.P2-1ubuntu0.3_powerpc.deb Size/MD5: 257032 6c773effeeaa0b5d74d13b744ca1a96e http://ports.ubuntu.com/pool/main/b/bind9/bind9utils_9.5.1.dfsg.P2-1ubuntu0.3_powerpc.deb Size/MD5: 115050 b7f3486c7bb73a90bf689e642a40258f http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.5.1.dfsg.P2-1ubuntu0.3_powerpc.deb Size/MD5: 160270 2ad08eeefa94856c1169dbc03335afcc http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.5.1.dfsg.P2-1ubuntu0.3_powerpc.deb Size/MD5: 1232482 aed07bb679f5890bf17c466463266675 http://ports.ubuntu.com/pool/main/b/bind9/libbind9-40_9.5.1.dfsg.P2-1ubuntu0.3_powerpc.deb Size/MD5: 34628 a6bbda6edc93b4397ee02acc62cb04b6 http://ports.ubuntu.com/pool/main/b/bind9/libdns45_9.5.1.dfsg.P2-1ubuntu0.3_powerpc.deb Size/MD5: 13836 e3ccd54152ed7711180a121ae026340d http://ports.ubuntu.com/pool/main/b/bind9/libdns46_9.5.1.dfsg.P2-1ubuntu0.3_powerpc.deb Size/MD5: 571468 90158108088e24dd8ef23c3af39c41b9 http://ports.ubuntu.com/pool/main/b/bind9/libisc45_9.5.1.dfsg.P2-1ubuntu0.3_powerpc.deb Size/MD5: 158910 e362891d579f06501acee9a35d3e7524 http://ports.ubuntu.com/pool/main/b/bind9/libisccc40_9.5.1.dfsg.P2-1ubuntu0.3_powerpc.deb Size/MD5: 29960 4cb7b9a85a467fa5508ae5eebcb9a968 http://ports.ubuntu.com/pool/main/b/bind9/libisccfg40_9.5.1.dfsg.P2-1ubuntu0.3_powerpc.deb Size/MD5: 48562 879a6f1d7c728b097ae2211186c4da27 http://ports.ubuntu.com/pool/main/b/bind9/liblwres40_9.5.1.dfsg.P2-1ubuntu0.3_powerpc.deb Size/MD5: 47988 7bb4a529f01a8410670ddd28edb054a5 http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.5.1.dfsg.P2-1ubuntu0.3_powerpc.deb Size/MD5: 214076 f28ccf502fd1c80cb1feadade034b4cc sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.5.1.dfsg.P2-1ubuntu0.3_sparc.deb Size/MD5: 62142 334765d3b6015fc1563b1d9bec9ef1fc http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.5.1.dfsg.P2-1ubuntu0.3_sparc.deb Size/MD5: 243450 39a2ad5fb93eaca5aabf311cc613ab51 http://ports.ubuntu.com/pool/main/b/bind9/bind9utils_9.5.1.dfsg.P2-1ubuntu0.3_sparc.deb Size/MD5: 93980 1e5221f105e296df4ae4600e6ff56fc8 http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.5.1.dfsg.P2-1ubuntu0.3_sparc.deb Size/MD5: 147642 4ae9c4b3050b05ad8ee0f9e8ca9724a7 http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.5.1.dfsg.P2-1ubuntu0.3_sparc.deb Size/MD5: 1336902 9754b3ca8a51340d2d1d55eb5773ff86 http://ports.ubuntu.com/pool/main/b/bind9/libbind9-40_9.5.1.dfsg.P2-1ubuntu0.3_sparc.deb Size/MD5: 31234 9e59beb8e1e2f41c9bdf8c7ff6387ed8 http://ports.ubuntu.com/pool/main/b/bind9/libdns45_9.5.1.dfsg.P2-1ubuntu0.3_sparc.deb Size/MD5: 13840 a9a13336c698e04aeab9413cafed2fec http://ports.ubuntu.com/pool/main/b/bind9/libdns46_9.5.1.dfsg.P2-1ubuntu0.3_sparc.deb Size/MD5: 535714 5e877cdcd28e9cbad0b6d6a4f3b3ca7e http://ports.ubuntu.com/pool/main/b/bind9/libisc45_9.5.1.dfsg.P2-1ubuntu0.3_sparc.deb Size/MD5: 147206 4f1b9e57ed0e5de19dd37b71669c74c1 http://ports.ubuntu.com/pool/main/b/bind9/libisccc40_9.5.1.dfsg.P2-1ubuntu0.3_sparc.deb Size/MD5: 26218 1695202ad94dbe5655771f9787a7b444 http://ports.ubuntu.com/pool/main/b/bind9/libisccfg40_9.5.1.dfsg.P2-1ubuntu0.3_sparc.deb Size/MD5: 43868 ead8c06959a952db5d083541a7a24f5d http://ports.ubuntu.com/pool/main/b/bind9/liblwres40_9.5.1.dfsg.P2-1ubuntu0.3_sparc.deb Size/MD5: 42432 e51ad2109f81cbea12780b2ca2229300 http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.5.1.dfsg.P2-1ubuntu0.3_sparc.deb Size/MD5: 200548 66d78673bb1fe58024c1ac62c17da462 -- Ubuntu 9.10 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.6.1.dfsg.P1-3ubuntu0.2.diff.gz Size/MD5: 223408 0522e67fb9ec375a1bbc6ad81d836c36 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.6.1.dfsg.P1-3ubuntu0.2.dsc Size/MD5: 1634 5b231c4a38f98d30d30a59cdac212f71 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.6.1.dfsg.P1.orig.tar.gz Size/MD5: 5111118 164a8f8147ded4bbf4b0e9328f124e9f Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.6.1.dfsg.P1-3ubuntu0.2_all.deb Size/MD5: 277852 d9529d819a6cc2ef01df1cdbb2785ce8 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.6.1.dfsg.P1-3ubuntu0.2_amd64.deb Size/MD5: 66220 99b6b46d4c17723f852780b33180a7e5 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.6.1.dfsg.P1-3ubuntu0.2_amd64.deb Size/MD5: 289164 9a492b98bd8751d644041f7687de9436 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9utils_9.6.1.dfsg.P1-3ubuntu0.2_amd64.deb Size/MD5: 102278 04b94da6aad7950da464d3afc02d2511 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.6.1.dfsg.P1-3ubuntu0.2_amd64.deb Size/MD5: 157320 a1c0bfc78aa674fd5bfa60d25cef71e0 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.6.1.dfsg.P1-3ubuntu0.2_amd64.deb Size/MD5: 1414090 9ca5fb69f3073c0278f8f3d1799231f7 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-50_9.6.1.dfsg.P1-3ubuntu0.2_amd64.deb Size/MD5: 33202 7649f97ebd320d701f487ab8021e6d31 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns50_9.6.1.dfsg.P1-3ubuntu0.2_amd64.deb Size/MD5: 14454 55202bb02eb2618571f3f10587853075 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns53_9.6.1.dfsg.P1-3ubuntu0.2_amd64.deb Size/MD5: 656402 6e0ff792e628d4d3ada716059bc9ce0a http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc50_9.6.1.dfsg.P1-3ubuntu0.2_amd64.deb Size/MD5: 167462 055cea29a9471b895a0a10940d706e79 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc50_9.6.1.dfsg.P1-3ubuntu0.2_amd64.deb Size/MD5: 29058 858d8e226e720abcdc00073581d1e020 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg50_9.6.1.dfsg.P1-3ubuntu0.2_amd64.deb Size/MD5: 51212 0c992cde24d0efbe7867eeb5c5054f20 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres50_9.6.1.dfsg.P1-3ubuntu0.2_amd64.deb Size/MD5: 47322 cd22c7a0b7e3ff7514ab1a711f8056e3 http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.6.1.dfsg.P1-3ubuntu0.2_amd64.deb Size/MD5: 225172 886e4a4c564184b525ccf12d0d12a3fc i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.6.1.dfsg.P1-3ubuntu0.2_i386.deb Size/MD5: 63060 6f0c79db6c727cf616feab3ca6a721b4 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.6.1.dfsg.P1-3ubuntu0.2_i386.deb Size/MD5: 274426 60b0de5e9c4801e21e045f78895dd96a http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9utils_9.6.1.dfsg.P1-3ubuntu0.2_i386.deb Size/MD5: 97134 7a014e1f651e0baae569205c58c98477 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.6.1.dfsg.P1-3ubuntu0.2_i386.deb Size/MD5: 147302 437929f4cd521875b1c3925e0e263755 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.6.1.dfsg.P1-3ubuntu0.2_i386.deb Size/MD5: 1344484 cc0bdb97c8f6f229767ba9c8ebc59237 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-50_9.6.1.dfsg.P1-3ubuntu0.2_i386.deb Size/MD5: 33422 e909d435e9bc94b3a8009b17830d379b http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns50_9.6.1.dfsg.P1-3ubuntu0.2_i386.deb Size/MD5: 14454 43993eccfdaa218b4a8f36ca1cc79e68 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns53_9.6.1.dfsg.P1-3ubuntu0.2_i386.deb Size/MD5: 601756 a4eab31e9b4b26a922c4fe567c8b3fa5 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc50_9.6.1.dfsg.P1-3ubuntu0.2_i386.deb Size/MD5: 152580 1ab67889a747c0fbe8dedf2c8b6c419c http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc50_9.6.1.dfsg.P1-3ubuntu0.2_i386.deb Size/MD5: 27534 9008c7c8417e3243a8c1e538fcce8a39 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg50_9.6.1.dfsg.P1-3ubuntu0.2_i386.deb Size/MD5: 44904 1b5e522b272781663abe8faaa1c39427 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres50_9.6.1.dfsg.P1-3ubuntu0.2_i386.deb Size/MD5: 45580 312f95b5dfc9446ac8b97be0e80d98a3 http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.6.1.dfsg.P1-3ubuntu0.2_i386.deb Size/MD5: 212070 50f71245c33678d8da87825ba6a6d959 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.6.1.dfsg.P1-3ubuntu0.2_lpia.deb Size/MD5: 63540 3e43442aeae847e69fdd26e30cc4167c http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.6.1.dfsg.P1-3ubuntu0.2_lpia.deb Size/MD5: 274704 b6fd811a6b85ee08fb5303d4430b65e1 http://ports.ubuntu.com/pool/main/b/bind9/bind9utils_9.6.1.dfsg.P1-3ubuntu0.2_lpia.deb Size/MD5: 97068 6289925f1194d9d92a396a7cd30ad620 http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.6.1.dfsg.P1-3ubuntu0.2_lpia.deb Size/MD5: 148604 c4fd68ddeaed8f1e03dc5bb7f86a7756 http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.6.1.dfsg.P1-3ubuntu0.2_lpia.deb Size/MD5: 1336408 e7e6936200d21945a11ab3be7a75b21e http://ports.ubuntu.com/pool/main/b/bind9/libbind9-50_9.6.1.dfsg.P1-3ubuntu0.2_lpia.deb Size/MD5: 33508 d78090fe84b6e0ed3c8de47d7e3e4dc6 http://ports.ubuntu.com/pool/main/b/bind9/libdns50_9.6.1.dfsg.P1-3ubuntu0.2_lpia.deb Size/MD5: 14454 76b73c61f3be4adecbd2a7bcaf28fe5e http://ports.ubuntu.com/pool/main/b/bind9/libdns53_9.6.1.dfsg.P1-3ubuntu0.2_lpia.deb Size/MD5: 601282 589d5c17a70066d975f7792afdc18672 http://ports.ubuntu.com/pool/main/b/bind9/libisc50_9.6.1.dfsg.P1-3ubuntu0.2_lpia.deb Size/MD5: 149518 d4ff067cdadd001df7fe14f057a1b0e4 http://ports.ubuntu.com/pool/main/b/bind9/libisccc50_9.6.1.dfsg.P1-3ubuntu0.2_lpia.deb Size/MD5: 27260 275b6e61a675d8ade1ac3fc57c0592e6 http://ports.ubuntu.com/pool/main/b/bind9/libisccfg50_9.6.1.dfsg.P1-3ubuntu0.2_lpia.deb Size/MD5: 44428 427da3a078da5ef4e8c8975746d90c10 http://ports.ubuntu.com/pool/main/b/bind9/liblwres50_9.6.1.dfsg.P1-3ubuntu0.2_lpia.deb Size/MD5: 45290 b4632aee60ee6aac9c77b180ede2c245 http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.6.1.dfsg.P1-3ubuntu0.2_lpia.deb Size/MD5: 211516 6f3e93fbb8fffc53796cae7943e63abc powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.6.1.dfsg.P1-3ubuntu0.2_powerpc.deb Size/MD5: 66252 f0a47b3ed478ffaf06c207326d40398e http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.6.1.dfsg.P1-3ubuntu0.2_powerpc.deb Size/MD5: 291860 bad6529f3665847d08299369f45e38b2 http://ports.ubuntu.com/pool/main/b/bind9/bind9utils_9.6.1.dfsg.P1-3ubuntu0.2_powerpc.deb Size/MD5: 102442 fdfd6fd0d4348bfcbe6be28f6ac4fb4f http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.6.1.dfsg.P1-3ubuntu0.2_powerpc.deb Size/MD5: 157076 b721522e8b7dae14da4497b7cf8e4721 http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.6.1.dfsg.P1-3ubuntu0.2_powerpc.deb Size/MD5: 1309776 a8382feda173c78fd51de4e1b270be8a http://ports.ubuntu.com/pool/main/b/bind9/libbind9-50_9.6.1.dfsg.P1-3ubuntu0.2_powerpc.deb Size/MD5: 33874 857e537841e3fb6b30640a60cdc2c91b http://ports.ubuntu.com/pool/main/b/bind9/libdns50_9.6.1.dfsg.P1-3ubuntu0.2_powerpc.deb Size/MD5: 14460 fd653ea7d45cea51b13c4b0b0d13adf1 http://ports.ubuntu.com/pool/main/b/bind9/libdns53_9.6.1.dfsg.P1-3ubuntu0.2_powerpc.deb Size/MD5: 629384 1e68aa51d83b450338181ea114298922 http://ports.ubuntu.com/pool/main/b/bind9/libisc50_9.6.1.dfsg.P1-3ubuntu0.2_powerpc.deb Size/MD5: 160462 fa88f6067b5dda31de8fa64f3bc450b5 http://ports.ubuntu.com/pool/main/b/bind9/libisccc50_9.6.1.dfsg.P1-3ubuntu0.2_powerpc.deb Size/MD5: 28566 3d789df94d7fbc729bc6c5fd1743f0d2 http://ports.ubuntu.com/pool/main/b/bind9/libisccfg50_9.6.1.dfsg.P1-3ubuntu0.2_powerpc.deb Size/MD5: 47544 b2492062367e93248dd93f74ac1da42b http://ports.ubuntu.com/pool/main/b/bind9/liblwres50_9.6.1.dfsg.P1-3ubuntu0.2_powerpc.deb Size/MD5: 46342 0ddb68b3e394f7c92259294137c21f49 http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.6.1.dfsg.P1-3ubuntu0.2_powerpc.deb Size/MD5: 228366 7b28e6f035f4a60180798ec645df79a8 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.6.1.dfsg.P1-3ubuntu0.2_sparc.deb Size/MD5: 63928 d415b384a7c2f1a2bb0b37887a82f3fe http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.6.1.dfsg.P1-3ubuntu0.2_sparc.deb Size/MD5: 276398 ad0410702bee28c446ae93775f530bb4 http://ports.ubuntu.com/pool/main/b/bind9/bind9utils_9.6.1.dfsg.P1-3ubuntu0.2_sparc.deb Size/MD5: 99582 6547cc300793e6f61e4962926b4c49fe http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.6.1.dfsg.P1-3ubuntu0.2_sparc.deb Size/MD5: 150908 ebf074fe35cf89ffa80c15b0b7ff7d4a http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.6.1.dfsg.P1-3ubuntu0.2_sparc.deb Size/MD5: 1420096 6b3ae3f8bf2144f683a6d41956eed329 http://ports.ubuntu.com/pool/main/b/bind9/libbind9-50_9.6.1.dfsg.P1-3ubuntu0.2_sparc.deb Size/MD5: 32684 1207e5eb76ae87dfe56955ea45a393fd http://ports.ubuntu.com/pool/main/b/bind9/libdns50_9.6.1.dfsg.P1-3ubuntu0.2_sparc.deb Size/MD5: 14456 17583a31d1203ae5297e96c22a4e4ca0 http://ports.ubuntu.com/pool/main/b/bind9/libdns53_9.6.1.dfsg.P1-3ubuntu0.2_sparc.deb Size/MD5: 591738 239fdd4a3b71cdf8c2ad49eaa17f0153 http://ports.ubuntu.com/pool/main/b/bind9/libisc50_9.6.1.dfsg.P1-3ubuntu0.2_sparc.deb Size/MD5: 151780 87fc0e87ff611f64f2b2c5d643d1d785 http://ports.ubuntu.com/pool/main/b/bind9/libisccc50_9.6.1.dfsg.P1-3ubuntu0.2_sparc.deb Size/MD5: 26832 a9cef58fbf2187501b02aed2fe6bc83a http://ports.ubuntu.com/pool/main/b/bind9/libisccfg50_9.6.1.dfsg.P1-3ubuntu0.2_sparc.deb Size/MD5: 44766 f1639f5ee92d0c6c4e73beb864af24db http://ports.ubuntu.com/pool/main/b/bind9/liblwres50_9.6.1.dfsg.P1-3ubuntu0.2_sparc.deb Size/MD5: 43448 6b96f4744c952f4ab9d6f7ffee4cc8c2 http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.6.1.dfsg.P1-3ubuntu0.2_sparc.deb Size/MD5: 214242 06bd14ac24897e49a1734723de1e0423 ORIGINAL ADVISORY: USN-865-1: http://www.ubuntu.com/usn/USN-865-1 OTHER REFERENCES: SA37426: http://secunia.com/advisories/37426/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Dec 7 10:02:46 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 7 Dec 2009 19:02:46 +0100 Subject: [SEC] [SA37610] Sun Solaris Python Multiple Vulnerabilities Message-ID: <200912071802.nB7I2kf1016620@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Sun Solaris Python Multiple Vulnerabilities SECUNIA ADVISORY ID: SA37610 VERIFY ADVISORY: http://secunia.com/advisories/37610/ DESCRIPTION: Sun has acknowledged multiple security issues and vulnerabilities in Solaris, some of which have an unknown impact and others that can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a user's system. For more information: SA26837 SA31305 SOLUTION: A final resolution is pending completion. ORIGINAL ADVISORY: http://sunsolve.sun.com/search/document.do?assetkey=1-66-273570-1 OTHER REFERENCES: SA26837: http://secunia.com/advisories/26837/ SA31305: http://secunia.com/advisories/31305/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Dec 7 10:29:22 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 7 Dec 2009 19:29:22 +0100 Subject: [SEC] [SA37567] AROUNDMe "language_path" File Inclusion Vulnerability Message-ID: <200912071829.nB7ITMXt004425@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: AROUNDMe "language_path" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA37567 VERIFY ADVISORY: http://secunia.com/advisories/37567/ DESCRIPTION: cr4wl3r has reported a vulnerability in AROUNDMe, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the "language_path" parameter in components/core/connect.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local or external resources. Successful exploitation requires that "register_globals" is enabled. The vulnerability is reported in version 1.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: cr4wl3r ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/10329 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Dec 7 10:45:50 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 7 Dec 2009 19:45:50 +0100 Subject: [SEC] [SA37603] EC-CUBE Security Bypass Vulnerability Message-ID: <200912071845.nB7IjoRG024261@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: EC-CUBE Security Bypass Vulnerability SECUNIA ADVISORY ID: SA37603 VERIFY ADVISORY: http://secunia.com/advisories/37603/ DESCRIPTION: A vulnerability has been reported in EC-CUBE, which can be exploited by malicious users to bypass certain security restrictions. The vulnerability is caused due to an error in data/class/pages/admin/customer/LC_Page_Admin_Customer_SearchCustomer.php when searching for customer data and can be exploited to disclose otherwise restricted customer information. The vulnerability is reported in versions prior to 2.4.2. SOLUTION: Updated to version 2.4.2. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: EC-CUBE: http://www.ec-cube.net/info/091127/ JVN: http://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000078.html http://jvn.jp/en/jp/JVN79762947/index.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Dec 7 11:02:46 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 7 Dec 2009 20:02:46 +0100 Subject: [SEC] [SA37620] Fedora update for dstat Message-ID: <200912071902.nB7J2kPC011716@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Fedora update for dstat SECUNIA ADVISORY ID: SA37620 VERIFY ADVISORY: http://secunia.com/advisories/37620/ DESCRIPTION: Fedora has issued an update for dstat. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges. For more information: SA37445 SOLUTION: Apply updated packages via the yum utility ("yum update dstat"). ORIGINAL ADVISORY: FEDORA-2009-12663: https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00343.html FEDORA-2009-12674: https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00358.html OTHER REFERENCES: SA37445: http://secunia.com/advisories/37445/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Dec 7 11:29:32 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 7 Dec 2009 20:29:32 +0100 Subject: [SEC] [SA37612] Chipmunk Newsletter Cross-Site Request Forgery Message-ID: <200912071929.nB7JTWGC031943@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Chipmunk Newsletter Cross-Site Request Forgery SECUNIA ADVISORY ID: SA37612 VERIFY ADVISORY: http://secunia.com/advisories/37612/ DESCRIPTION: A vulnerability has been discovered in Chipmunk Newsletter, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. add a new email list by tricking an administrative user into visiting a malicious web site. NOTE: This may further be used to conduct script insertion attacks. SOLUTION: Do not browse untrusted websites or follow untrusted links while logged in to the application. PROVIDED AND/OR DISCOVERED BY: mr_me ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/10337 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Dec 7 11:46:30 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 7 Dec 2009 20:46:30 +0100 Subject: [SEC] [SA37537] Fedora update for expat Message-ID: <200912071946.nB7JkUtt019381@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Fedora update for expat SECUNIA ADVISORY ID: SA37537 VERIFY ADVISORY: http://secunia.com/advisories/37537/ DESCRIPTION: Fedora has issued an update for expat. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA36425 SOLUTION: Apply updated packages via the yum utility ("yum update expat"). ORIGINAL ADVISORY: FEDORA-2009-12690: https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00370.html FEDORA-2009-12716: https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00394.html FEDORA-2009-12737: https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00413.html OTHER REFERENCES: SA36425: http://secunia.com/advisories/36425/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Dec 7 12:02:45 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 7 Dec 2009 21:02:45 +0100 Subject: [SEC] [SA37515] LightNEasy FCKeditor File Upload Security Issue Message-ID: <200912072002.nB7K2j1D006806@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: LightNEasy FCKeditor File Upload Security Issue SECUNIA ADVISORY ID: SA37515 VERIFY ADVISORY: http://secunia.com/advisories/37515/ DESCRIPTION: A security issue has been discovered in LightNEasy, which can be exploited by malicious people to bypass certain security restrictions. Access to the enabled FCKeditor component is not properly restricted, which can be exploited to e.g upload files of certain types. The security issue is confirmed in version 3.1 and 2.3 no database. Other versions may also be affected. SOLUTION: Restrict access to the FCKeditor directory. PROVIDED AND/OR DISCOVERED BY: Roberto Finamore ORIGINAL ADVISORY: http://www.lightneasy.org/punbb/viewtopic.php?id=853 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Dec 7 12:29:05 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 7 Dec 2009 21:29:05 +0100 Subject: [SEC] [SA37621] Fedora update for cups Message-ID: <200912072029.nB7KT54O027016@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Fedora update for cups SECUNIA ADVISORY ID: SA37621 VERIFY ADVISORY: http://secunia.com/advisories/37621/ DESCRIPTION: Fedora has issued an update for cups. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA37364 SOLUTION: Apply updated packages via the yum utility ("yum update cups"). ORIGINAL ADVISORY: FEDORA-2009-12652: https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00332.html OTHER REFERENCES: SA37364: http://secunia.com/advisories/37364/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Dec 7 12:46:11 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 7 Dec 2009 21:46:11 +0100 Subject: [SEC] [SA37619] Fedora update for nginx Message-ID: <200912072046.nB7KkBrt014466@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Fedora update for nginx SECUNIA ADVISORY ID: SA37619 VERIFY ADVISORY: http://secunia.com/advisories/37619/ DESCRIPTION: Fedora has issued an update for nginx. This fixes some vulnerabilities, which can be exploited by malicious people to manipulate certain data, cause a DoS (Denial of Service) or potentially compromise a vulnerable system. For more information: SA36751 SA37291 SOLUTION: Apply updated packages via the yum utility ("yum update nginx"). ORIGINAL ADVISORY: FEDORA-2009-12775: https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html FEDORA-2009-12782: https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html FEDORA-2009-12750: https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html OTHER REFERENCES: SA36751: http://secunia.com/advisories/36751/ SA37291: http://secunia.com/advisories/37291/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Dec 7 13:02:51 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 7 Dec 2009 22:02:51 +0100 Subject: [SEC] [SA37589] Wordpress Google Analytics Plugin Cross-Site Scripting Vulnerability Message-ID: <200912072102.nB7L2pcN001908@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Wordpress Google Analytics Plugin Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA37589 VERIFY ADVISORY: http://secunia.com/advisories/37589/ DESCRIPTION: MaXe has discovered a vulnerability in the Google Analytics plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "s" parameter in index.php is not properly sanitised before being returned to the user in googleanalytics.php. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 3.2.4. Other versions may be affected. SOLUTION: Update to version 3.2.5. PROVIDED AND/OR DISCOVERED BY: MaXe of InterN0T ORIGINAL ADVISORY: http://forum.intern0t.net/intern0t-advisories/1851-intern0t-google-analytics-plugin-wordpress-cross-site-scripting-vulnerability.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Dec 7 13:32:21 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 7 Dec 2009 22:32:21 +0100 Subject: [SEC] [SA37622] Fedora update for wireshark Message-ID: <200912072132.nB7LWLeH022232@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Fedora update for wireshark SECUNIA ADVISORY ID: SA37622 VERIFY ADVISORY: http://secunia.com/advisories/37622/ DESCRIPTION: Fedora has issued an update for wireshark. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA35884 SA37175 SOLUTION: Apply updated packages via the yum utility ("yum update wireshark"). ORIGINAL ADVISORY: FEDORA-2009-7998: https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00307.html OTHER REFERENCES: SA35884: http://secunia.com/advisories/35884/ SA37175: http://secunia.com/advisories/37175/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Dec 7 13:46:20 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 7 Dec 2009 22:46:20 +0100 Subject: [SEC] [SA37615] XML Security Library libtool Search Path Privilege Escalation Security Issue Message-ID: <200912072146.nB7LkKMB009555@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: XML Security Library libtool Search Path Privilege Escalation Security Issue SECUNIA ADVISORY ID: SA37615 VERIFY ADVISORY: http://secunia.com/advisories/37615/ DESCRIPTION: A security issue has been reported in XML Security Library, which can be exploited by malicious, local users to potentially gain escalated privileges. The security issue is caused due to the use of vulnerable libtool code. For more information: SA37414 SOLUTION: Update to version 1.2.14. http://www.aleksey.com/xmlsec/download.html ORIGINAL ADVISORY: http://www.aleksey.com/xmlsec/news.html OTHER REFERENCES: SA37414: http://secunia.com/advisories/37414/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Dec 7 14:03:07 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 7 Dec 2009 23:03:07 +0100 Subject: [SEC] [SA37609] Debian update for belpic Message-ID: <200912072203.nB7M37wp029403@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Debian update for belpic SECUNIA ADVISORY ID: SA37609 VERIFY ADVISORY: http://secunia.com/advisories/37609/ DESCRIPTION: Debian has issued an update for belpic. This fixes a vulnerability, which can potentially be exploited by malicious people to conduct spoofing attacks. For more information: SA34029 SOLUTION: Apply updated packages. --Debian GNU/Linux 4.0 alias etch -- Source archives: http://security.debian.org/pool/updates/main/b/belpic/belpic_2.5.9-7.etch.1.diff.gz Size/MD5 checksum: 20340 d0d4ce8373f2f49800971113432ab35e http://security.debian.org/pool/updates/main/b/belpic/belpic_2.5.9-7.etch.1.dsc Size/MD5 checksum: 778 6a552980e5274b74128f2b43d5eecd84 http://security.debian.org/pool/updates/main/b/belpic/belpic_2.5.9.orig.tar.gz Size/MD5 checksum: 1790274 517a8617e5919b3218acf2d5d859ea8e alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/b/belpic/libbeid2-dev_2.5.9-7.etch.1_alpha.deb Size/MD5 checksum: 87916 fce36aa5a4e516bece52ca1322328288 http://security.debian.org/pool/updates/main/b/belpic/beid-tools_2.5.9-7.etch.1_alpha.deb Size/MD5 checksum: 156018 4e75d5671006c371f4a5aeeb216d2749 http://security.debian.org/pool/updates/main/b/belpic/beidgui_2.5.9-7.etch.1_alpha.deb Size/MD5 checksum: 314606 2caa3f109ee32caabb5ef63702ff9536 http://security.debian.org/pool/updates/main/b/belpic/libbeidlibopensc2_2.5.9-7.etch.1_alpha.deb Size/MD5 checksum: 338216 75704f922f932f7453fd475af22bac15 http://security.debian.org/pool/updates/main/b/belpic/libbeid2_2.5.9-7.etch.1_alpha.deb Size/MD5 checksum: 153234 64e2984faecdb78f26566faa7b40c837 http://security.debian.org/pool/updates/main/b/belpic/libbeidlibopensc2-dev_2.5.9-7.etch.1_alpha.deb Size/MD5 checksum: 1013996 3a64d43f1fe914d0800b8cacb6a602ed amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/b/belpic/beid-tools_2.5.9-7.etch.1_amd64.deb Size/MD5 checksum: 151240 ff1be550e65c3c234ea0ae3e8fa3f39e http://security.debian.org/pool/updates/main/b/belpic/libbeid2_2.5.9-7.etch.1_amd64.deb Size/MD5 checksum: 150332 3dcdfb89cacf62cca1ffc3da471ff7c4 http://security.debian.org/pool/updates/main/b/belpic/libbeid2-dev_2.5.9-7.etch.1_amd64.deb Size/MD5 checksum: 87572 8a357ceb7f8a783d9fe127e0c0bfe943 http://security.debian.org/pool/updates/main/b/belpic/libbeidlibopensc2_2.5.9-7.etch.1_amd64.deb Size/MD5 checksum: 330802 0ea774426304964b8bf07ee176fb4c91 http://security.debian.org/pool/updates/main/b/belpic/beidgui_2.5.9-7.etch.1_amd64.deb Size/MD5 checksum: 305592 0d28550e3a3b2929c53057533726cb13 http://security.debian.org/pool/updates/main/b/belpic/libbeidlibopensc2-dev_2.5.9-7.etch.1_amd64.deb Size/MD5 checksum: 1013976 51c8584f0dcb8fd6b67727e13935f073 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/b/belpic/libbeidlibopensc2-dev_2.5.9-7.etch.1_hppa.deb Size/MD5 checksum: 1012984 3f52c668f80dac56d6eba30b092bfa09 http://security.debian.org/pool/updates/main/b/belpic/libbeidlibopensc2_2.5.9-7.etch.1_hppa.deb Size/MD5 checksum: 346390 8cce55c26535945b3c9ba13b6404142e http://security.debian.org/pool/updates/main/b/belpic/libbeid2_2.5.9-7.etch.1_hppa.deb Size/MD5 checksum: 160238 2d6e75fb4994110b2f5b1227f2269a77 http://security.debian.org/pool/updates/main/b/belpic/libbeid2-dev_2.5.9-7.etch.1_hppa.deb Size/MD5 checksum: 87678 b126cca6dfc088fc0b8cc6775f0f2e7c http://security.debian.org/pool/updates/main/b/belpic/beidgui_2.5.9-7.etch.1_hppa.deb Size/MD5 checksum: 318312 7d244309c1b1e8a82f467ed0f4b01a8f http://security.debian.org/pool/updates/main/b/belpic/beid-tools_2.5.9-7.etch.1_hppa.deb Size/MD5 checksum: 156784 062a94360e7af00b1d17a8883f2df33c i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/b/belpic/libbeid2_2.5.9-7.etch.1_i386.deb Size/MD5 checksum: 148666 780cf47c2c9a3262b2a3d6e749759d21 http://security.debian.org/pool/updates/main/b/belpic/libbeidlibopensc2_2.5.9-7.etch.1_i386.deb Size/MD5 checksum: 311998 d2ec1c416b6b94edff51b6a652ef03e5 http://security.debian.org/pool/updates/main/b/belpic/beid-tools_2.5.9-7.etch.1_i386.deb Size/MD5 checksum: 144724 5b731d7498e0c87cca36221c8c1152d9 http://security.debian.org/pool/updates/main/b/belpic/beidgui_2.5.9-7.etch.1_i386.deb Size/MD5 checksum: 299860 0d60e423f940317db6028ff814e0f787 http://security.debian.org/pool/updates/main/b/belpic/libbeidlibopensc2-dev_2.5.9-7.etch.1_i386.deb Size/MD5 checksum: 1014116 99fe999f58a645c88d1e859497215b50 http://security.debian.org/pool/updates/main/b/belpic/libbeid2-dev_2.5.9-7.etch.1_i386.deb Size/MD5 checksum: 87780 cf21f6df10e9b1b88ed35d858109b3ae ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/b/belpic/libbeid2-dev_2.5.9-7.etch.1_ia64.deb Size/MD5 checksum: 87626 d8d7df1a9d92a645d4c442579038998b http://security.debian.org/pool/updates/main/b/belpic/libbeidlibopensc2-dev_2.5.9-7.etch.1_ia64.deb Size/MD5 checksum: 1014022 f4b5ce0eceb87f3ca7fa6a21e7c476f6 http://security.debian.org/pool/updates/main/b/belpic/beid-tools_2.5.9-7.etch.1_ia64.deb Size/MD5 checksum: 169770 956d4fe1a91405f30c85e3b4089fd2cb http://security.debian.org/pool/updates/main/b/belpic/libbeidlibopensc2_2.5.9-7.etch.1_ia64.deb Size/MD5 checksum: 382222 5489754c01c0a12ad7ec421ad678e769 http://security.debian.org/pool/updates/main/b/belpic/beidgui_2.5.9-7.etch.1_ia64.deb Size/MD5 checksum: 329702 3ac3fcbaa77b88d4981a25afab035ca4 http://security.debian.org/pool/updates/main/b/belpic/libbeid2_2.5.9-7.etch.1_ia64.deb Size/MD5 checksum: 163648 35bc558bfb41eb1b15c2487624422ed4 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/b/belpic/beid-tools_2.5.9-7.etch.1_mips.deb Size/MD5 checksum: 153822 6925531d088aa05d1eef9cd5b9ece264 http://security.debian.org/pool/updates/main/b/belpic/beidgui_2.5.9-7.etch.1_mips.deb Size/MD5 checksum: 289498 4da6c0fbcddf102a7ec328060f8c7437 http://security.debian.org/pool/updates/main/b/belpic/libbeid2-dev_2.5.9-7.etch.1_mips.deb Size/MD5 checksum: 87622 5f615f96eba9272c8a6be068bb610f52 http://security.debian.org/pool/updates/main/b/belpic/libbeid2_2.5.9-7.etch.1_mips.deb Size/MD5 checksum: 146534 8dd5ed4c08c3d8c105aaa3342cd4cf2b http://security.debian.org/pool/updates/main/b/belpic/libbeidlibopensc2_2.5.9-7.etch.1_mips.deb Size/MD5 checksum: 305640 b356a3a69a8b8be76ff7bd220d436d7e http://security.debian.org/pool/updates/main/b/belpic/libbeidlibopensc2-dev_2.5.9-7.etch.1_mips.deb Size/MD5 checksum: 1014040 cb0ab32eeabe5a1a61cb85503f08724a mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/b/belpic/libbeid2_2.5.9-7.etch.1_mipsel.deb Size/MD5 checksum: 145358 fe04e7ea83258e37c889227d82c34598 http://security.debian.org/pool/updates/main/b/belpic/beid-tools_2.5.9-7.etch.1_mipsel.deb Size/MD5 checksum: 153556 7d5273ed7dff7ca723d84a24d79b474b http://security.debian.org/pool/updates/main/b/belpic/libbeid2-dev_2.5.9-7.etch.1_mipsel.deb Size/MD5 checksum: 87628 93f8e1c0860045f8115334a8ce6848a4 http://security.debian.org/pool/updates/main/b/belpic/libbeidlibopensc2_2.5.9-7.etch.1_mipsel.deb Size/MD5 checksum: 303616 6851fb4c0ef60c5ae093dceeb073343d http://security.debian.org/pool/updates/main/b/belpic/beidgui_2.5.9-7.etch.1_mipsel.deb Size/MD5 checksum: 288008 71477b21c578685d2c5d8bc4e637c110 http://security.debian.org/pool/updates/main/b/belpic/libbeidlibopensc2-dev_2.5.9-7.etch.1_mipsel.deb Size/MD5 checksum: 1014036 122780976ad58d4d677271eb2719f4ba sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/b/belpic/libbeidlibopensc2_2.5.9-7.etch.1_sparc.deb Size/MD5 checksum: 305840 f141f398a8307a139bb06a1404654e4b http://security.debian.org/pool/updates/main/b/belpic/libbeid2_2.5.9-7.etch.1_sparc.deb Size/MD5 checksum: 144866 b1585ec86c614963b303e50e6ff173e8 http://security.debian.org/pool/updates/main/b/belpic/beid-tools_2.5.9-7.etch.1_sparc.deb Size/MD5 checksum: 142334 62d8aa616675850b39eb2f4a6b6e6dd2 http://security.debian.org/pool/updates/main/b/belpic/libbeid2-dev_2.5.9-7.etch.1_sparc.deb Size/MD5 checksum: 87800 82e1751c7a5b6d5b79c85f224d2ceb22 http://security.debian.org/pool/updates/main/b/belpic/beidgui_2.5.9-7.etch.1_sparc.deb Size/MD5 checksum: 298366 8da65df356289e0c0e6ccfbda359d76a http://security.debian.org/pool/updates/main/b/belpic/libbeidlibopensc2-dev_2.5.9-7.etch.1_sparc.deb Size/MD5 checksum: 1013848 cc15434108f03beb6c2ebf4fc3920981 ORIGINAL ADVISORY: DSA-1946-1: http://www.us.debian.org/security/2009/dsa-1946 OTHER REFERENCES: SA34029: http://secunia.com/advisories/34029/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Dec 7 14:23:40 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 7 Dec 2009 23:23:40 +0100 Subject: [SEC] [SA37604] IBM HTTP Server TLS Session Renegotiation Plaintext Injection Message-ID: <200912072223.nB7MNeap016977@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: IBM HTTP Server TLS Session Renegotiation Plaintext Injection SECUNIA ADVISORY ID: SA37604 VERIFY ADVISORY: http://secunia.com/advisories/37604/ DESCRIPTION: IBM has acknowledged a vulnerability in IBM HTTP Server, which can be exploited by malicious people to manipulate certain data. The vulnerability is caused due to an error in the TLS protocol while handling session renegotiations. This can be exploited via Man-in-the-Middle (MitM) attacks to insert arbitrary plaintext before data sent by a legitimate client in an existing TLS session. The vulnerability is reported in version 6.0.2, 6.1, and 7.0. SOLUTION: Update the GSKit security library to version 7.0.4.27 (please see the vendor's advisory for details). ORIGINAL ADVISORY: IBM (PM00675): http://www-01.ibm.com/support/docview.wss?uid=swg24025312 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Dec 7 14:46:33 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 7 Dec 2009 23:46:33 +0100 Subject: [SEC] [SA37618] Ubuntu update for kernel Message-ID: <200912072246.nB7MkXNO004640@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Ubuntu update for kernel SECUNIA ADVISORY ID: SA37618 VERIFY ADVISORY: http://secunia.com/advisories/37618/ DESCRIPTION: Ubuntu has issued an update for the kernel. This fixes some security issues and vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, disclose system and potentially sensitive information, cause a DoS (Denial of Service), and potentially gain escalated privileges, and by malicious people to cause a DoS. For more information: SA32320 SA36617 SA36707 SA36763 SA36927 SA37086 SA37113 SA37233 SA37357 SA37435 SA37590 SOLUTION: Apply updated packages. -- Ubuntu 6.06 LTS -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15-55.81.diff.gz Size/MD5: 2935685 f02a9bae29050a193309e77ee42159be http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15-55.81.dsc Size/MD5: 2438 517a8ee285195a5ff321568c59f5bf6a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15.orig.tar.gz Size/MD5: 57403387 88ab0747cb8c2ceed662e0fd1b27d81d Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-doc-2.6.15_2.6.15-55.81_all.deb Size/MD5: 5169762 5aaebc8fc065a423115d182c5e827fa5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-kernel-devel_2.6.15-55.81_all.deb Size/MD5: 96268 278d2a71218ca9bf14c0666008e07e3e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15-55.81_all.deb Size/MD5: 44738268 ad52ee857cbd430327b0f4992319896c amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/acpi-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 22344 a64ecf31e61070d46b48dd3512ea3050 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 44780 ed4c2d6a34bfffcc50e3eefeace5c0bf http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 2314 223e3b70c8f186d4cfc34d722e525fcf http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 36294 41bd561155707c4d0040cbba52d540bd http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 102366 e49dbfa6c86a67aea0870813f2ad65e3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 38896 c4649145984881dc87d3e82a5d8bea6f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fb-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 49156 5a7492d95d0685f2411e963947427e06 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/firewire-core-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 176622 072ae033dcdbf100ddf9ef8dd7cdc395 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/floppy-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 36776 737c4138eba37b8e52091f5116bcfde8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 142356 2d8e8e06b65f991416a440ef3798358e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 51060 3fe055074212448af6f6932b4df2ec4a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 140706 6c06b4ccbe63938f6c0a984558389cc4 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/irda-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 287610 cabd37d9b352709d54cff1dc153da0f9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/jfs-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 97830 f6a7cd5678906c026ffbcfa11eadf4a4 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 1652044 0a016d1b9dcbb41586f1da7ceaa7b6c2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-amd64-generic_2.6.15-55.81_amd64.deb Size/MD5: 870518 560fa1e60e0db020bfa3364ab74d66ac http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-amd64-k8_2.6.15-55.81_amd64.deb Size/MD5: 870276 46d4e84e4f1ee39fed22643a0809e594 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-amd64-server_2.6.15-55.81_amd64.deb Size/MD5: 873616 4edcfe3bb3079dc6a35a720133820e2d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-amd64-xeon_2.6.15-55.81_amd64.deb Size/MD5: 869834 753c230bc907dd59445facca3b5e1026 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55_2.6.15-55.81_amd64.deb Size/MD5: 6926772 974d203583deb6ed8558b8196fb94365 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-amd64-generic_2.6.15-55.81_amd64.deb Size/MD5: 20817880 84659ab75e65f13d8d532e3b7edadada http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-amd64-k8_2.6.15-55.81_amd64.deb Size/MD5: 20797712 011132a3cca9526b0b08e441c8a51a75 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-amd64-server_2.6.15-55.81_amd64.deb Size/MD5: 21635602 85687c76e33fa6dd04ed8d580548dd50 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-amd64-xeon_2.6.15-55.81_amd64.deb Size/MD5: 19904842 98519486a58e8d47a8eb8b210cf1bd79 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 15632 f9dd1008c1be2af2f56ecc19dca84c60 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 240368 824deb0ea15a22b921980ace3f4a07b2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 202666 c99c240a9a556526e7d43b49da14987b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 1048612 85c729112e1301a89eeeca16940ab691 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 1543552 f99f369cf4bdb04f940cd76d80f0a5df http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-pcmcia-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 161690 c189c8ea4c0f3a47ef22cd02b13f57b5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 9836 6dfb0d2dd0babfe597cb44d6e4c54828 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-usb-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 80870 f900f2ea6fc7300b2ae6ec3092e7eb50 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ntfs-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 49292 90d94d9eb2c2ab2d87d4a2be33d3a434 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/parport-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 35160 ae0a0d97bc18df1f72278b04758cb070 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 70896 f9249ffa075b822beb1f3336d9c1c529 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-storage-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 6222 4b71e716ecbc3102b2ad864503a8fe31 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/plip-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 9060 68404ac8970062ec211bed8aed0edf7b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 57920 8459346a6884404ecfb2dab3ef1a3ed8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 123378 d3b31c9c831217c670e35f4f0d3f2e71 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/sata-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 101074 bd22448162bec1b099ee30c159a75ff3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 79276 85c77ee5e5a9459a1c724d90a9f05e3f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 1595360 51faa5aa6401b14be0a12dfa3ed4c104 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/serial-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 72358 78b96c5de835dffca6b66d5cb2d09a08 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/socket-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 12646 5c44a20f536fda99189254823d033a74 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ufs-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 33804 1218ee7fe2425b62366bde89b82153e0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 138520 e181a6c9b7b8324951501d6be875f20d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 38938 2558e8f83fba3cef739600021bd17a4b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-55-amd64-generic-di_2.6.15-55.81_amd64.udeb Size/MD5: 278876 9f33f50455bf32d8d9c2c516edbcf514 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/acpi-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 18974 f51490588cc0d50df30db8e57bd34bf1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 43490 5fa76c0ebf00aab3c3a934e85c70a2d7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 105210 e35436beb363c322dd656a5243c29099 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 2284 2d1d3fae39ec27e4e3b5be7e493a9392 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 34576 434f0e50894f72f15f50317a7b74450a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 97048 d2df8cf1db5cb357dc16a484897c91ef http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 37130 eba74b5dfa05d5f9afc4e00a6deed0bb http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fb-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 44114 bd0c1ded68cc32323f8c01d30ab8f66c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/firewire-core-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 167748 01d733322cf43e8ce24e5ae91a4ef7f9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/floppy-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 33958 fdc056db22be72457f653b64ef1b5f6d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 137978 ca10c22d6d4f0284e885577268c3f09a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 46906 ed9257013b336c0a5dda7bf76e9ebea5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 133164 5e4137ab0a78d922d2cb976dccba94a2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/irda-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 273788 02c6bf6bcaa13759a2aa9b5a3b230f96 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/jfs-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 102336 6a4c31f8000ec53d65c84b8909878833 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 1597622 d4eddbd4c6a5043f1a5508722f8021dd http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-386_2.6.15-55.81_i386.deb Size/MD5: 861450 b97274807d7dd03216304c28c54c6cbe http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-686_2.6.15-55.81_i386.deb Size/MD5: 861078 1f072db9add7db9027fef9739c11b6df http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-k7_2.6.15-55.81_i386.deb Size/MD5: 863038 df210f876968e11cd148e4a03c1889c9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-server-bigiron_2.6.15-55.81_i386.deb Size/MD5: 867886 d140160c3058f1116c7473bd4c187153 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-server_2.6.15-55.81_i386.deb Size/MD5: 865410 085f01426254744aee1760553cd24a0e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55_2.6.15-55.81_i386.deb Size/MD5: 6918372 f812d48e805f1ac79bd1b807733af1cd http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-386_2.6.15-55.81_i386.deb Size/MD5: 21724408 e48ae320333a6aa0216844ffcb42162e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-686_2.6.15-55.81_i386.deb Size/MD5: 22517334 47afd3b1801186fcc4e0940673fee4a6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-k7_2.6.15-55.81_i386.deb Size/MD5: 22263888 e896da34cfdf83f3e22c67852aed894e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-server-bigiron_2.6.15-55.81_i386.deb Size/MD5: 23627022 cfef50e70cb8cb74ae77ce9446e8902a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-server_2.6.15-55.81_i386.deb Size/MD5: 23179132 841092309f80b76bc44789796d865127 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 15512 075afc34939f93ec5a71278793dbf692 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 238508 48105a0fc64c40b7076ad6e64a3d95fa http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 197134 9f989fa8e02f521bcf24084124bc970b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 1048390 9c2fa2ad80ca36c67ed84ddb51c19c7b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 1741344 2c1de9f5fad31b59f759dde9c73cc5a9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-pcmcia-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 160896 5be7de021266a099bec03a7915f98fa5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 9168 aeca6a4cb4ca6b994e324c400548f987 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-usb-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 76468 130ea9ecb2512a11a34e70421caffb6d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ntfs-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 53552 3ffe6ce857fcb7956903b57119a8d5db http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/parport-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 33048 62920dc04689f0f526f2e3f9f45b0323 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 85624 ada1b3fd1802c18efe019dc6ca0b63ea http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-storage-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 6024 c2dd977a054700c1752b18c13691962a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/plip-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 8760 3a6cc477cf8ce01e5620274cd4b8a5c6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 53638 a50d7f70fb77f5bcd2658fd753026219 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 130968 55fb39360005be1e69d489736884d49e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/sata-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 98468 1b1ff6d797d518803eb2603db1c45642 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 77216 a2b6e29fb22eadf72b78e8eb5b5c52f9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 1768852 218108b6057487da1a7f607bd080b8bc http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/serial-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 69618 bc3ba4e6a2772849a540ae12b9591b0e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/socket-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 11768 6394883c954351652b01693ba00f0f31 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ufs-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 36104 de1b30734949cb0804561ff8c17ebe05 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 132672 a29e064f424e01e7762cf1b8b0383767 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 38576 ab3590603fb72881abcdec1b850ffedf http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-55-386-di_2.6.15-55.81_i386.udeb Size/MD5: 299158 9e2c3a94ac8d5211b3959f97783f416f powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/affs-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 23730 b5d3e994e65adb62f6b0ce488a7817c4 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/affs-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 26006 a681b1c055c24a085a92d0251522332f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 49322 87d68c94afff04e05764d4ed27a3e733 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 51532 223742321ffe94b336f94357432f0d47 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 2308 94f539c3ce6e465082796c8a9e23bdfd http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 2482 123c13d5536eb9415af80781c1ed19d8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 40306 c28e7cda2f38caf71b12950a8ce0ac65 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 43848 9ad92bff5e36cf314ac79ac18523f498 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 112602 3ff1577e2dd76d3b2baf16f153ba45ce http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 120738 725af40fb54924e7f63de75de33bba09 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 40902 d15977353cc473b676f6ca4e27eca2f7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 46000 996debcf5ba6953922316a14818261dd http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fb-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 29026 a247d21692fb5d238feb8fb8897b7bb6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fb-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 29892 b0a1919b18647f46180290b5a487e876 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/firewire-core-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 211388 172f7544e0dba2c15be93749e826cd40 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/firewire-core-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 225184 4d83d2d27ca8ee8b75c9fe485f95891a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/floppy-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 45056 adc0ea8242aef5c768d80f4a5487c5ef http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/floppy-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 40224 e9ece393c50aa4509bbc067d037a1964 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fs-common-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 1938 116a8c6e92f39048e5e5e8c7157ad816 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fs-common-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 2198 300eccf25d58840151ef17f9ffa0cd51 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/hfs-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 80718 23b95e81f03bc2f1945a68c95b5ca0c0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/hfs-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 86102 93538ed0e204bc73cd43c85fa35e1267 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 111582 f45b133044c56acda12644ba4078c8d8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 125746 64f893a4617d23ba71a4978073c69ea9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 53420 f3068829108e0f427319f8fc8d3583c5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 58488 355b067b6df8831ac4f1dc2fecc14eab http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 147958 cd32046627d7f13e714c221c53d40c55 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 161904 f93d8ca7512a551bd7398fc7cee6fd64 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/irda-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 318408 fa7d8c1e7d8bd76df307905f0196a400 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/irda-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 288040 4ebf0c29edf9524f522a04fb7de2bbed http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/jfs-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 115862 162e57d7c05efb230a5ee28166274d48 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/jfs-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 116548 e9043614b899415f0c8a76d36be2ddcf http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 1924852 d631cca9cd285ba34edd939dd3d218ad http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 2449056 1ea03fdc33ee2189028f9b52e23355d6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-powerpc-smp_2.6.15-55.81_powerpc.deb Size/MD5: 873942 a877a8f14eae6baef77586c797810f4c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-powerpc64-smp_2.6.15-55.81_powerpc.deb Size/MD5: 870274 c1e1e32e9582b473c23386f77147ecc8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-powerpc_2.6.15-55.81_powerpc.deb Size/MD5: 870700 fe1f4802c5d8a2cb91066db213f175c3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55_2.6.15-55.81_powerpc.deb Size/MD5: 6947602 9a849f1bc9c09edb3499aea9433eed86 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-powerpc-smp_2.6.15-55.81_powerpc.deb Size/MD5: 22782758 3e79981331154857556649efb26abaf9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-powerpc64-smp_2.6.15-55.81_powerpc.deb Size/MD5: 23693170 e91dee7348629406068dec10c6c2b2dd http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-powerpc_2.6.15-55.81_powerpc.deb Size/MD5: 22364868 34370def04122ec031be4173bed62727 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 17780 cf22ebf3da94d90923009ea9355d838e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 17388 2be01425709635adf8103d809a8b622f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 261364 6121691810560a112a83107438a56fb0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 282628 649559c29df4100977a9818936dfdc74 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 227814 bbc0627b3ced8d959517dd0d81ee0e5b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 248952 7165e9616d58b920e823c10bb26325d7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 1048468 986cc04488c2779efc2eae1ab0927187 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 1048608 27eb1a877ebc7de98ba02410427e0e3e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 1738540 974ab8b88abcb15adadfe8a5d4e83839 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 1878130 cfb730a0fdcdd1a54454ef7e5bdc8a54 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-pcmcia-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 250832 ad79f5bf42736201c75f750981c92be5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-pcmcia-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 233534 3ea350952cd7a38b4aed04d7a38255b7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 13056 4f3739b620b6d77e42a75c2f71e6bef4 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 13530 1814123cc4fc16643755bf1a3255263c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-usb-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 84798 d84ce928505166885acca4eff117e608 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-usb-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 52208 01cec0da15748ddda667b9bf4c9c2069 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 73928 f80b31ee8edb4c1dc5e28a6559f5e0da http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 85854 1bfd17aa829523974da2876d28c93125 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-storage-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 6620 a76df30ec69406cf733027f4a9f253f3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-storage-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 7056 507ac9695af0962f21c9d91bad7bf742 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 60380 ed89b7264955ce54cf4f6cf5fdf0be58 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 70424 8df1f966c2eebe02a4039cb3fa957528 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 128550 7702ec6233b23341846d0f8bffb3f4b5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 157946 971f6c7635269ffeb75b9b0c63df0978 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/sata-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 108156 57a946d5f2c18f668424925f60add6d5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/sata-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 126126 af5b8d870e0231aa9b3b1a511553ec1c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 87292 c8dedae2fdf99833b58f305a08dc2c8a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 93364 107e6724b8c5cbe7dafdbb5dbcf50593 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 2014714 06d3ad3441673a24dc500251f9d251a5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 1988682 d2accecc1fde3d56e2707abbe6bac535 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/serial-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 104122 42ffcfd11617dc1005c1cb871c13aa4a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/serial-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 115794 5e8e5c978560d2937f6bd7eb4090284a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/socket-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 12742 e9973d1bd1b59d7acc18c1992d01d430 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/socket-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 14444 9bd2ca6c950e62780985171467794638 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ufs-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 39948 fdeded797558637b2c1f6ae2a0b7c501 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ufs-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 41542 845c1be053a8f13412dfafcfb9c04648 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 149350 25d3b6ddd1ed8bb036d9cfc31dcdf2bd http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 168076 2277f7ae60c6d6762cb4427900b93b3a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 42310 a4ed5569c066899045d37a51488e1293 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 44916 9700e93f01fd05f9ecd63f87b025c131 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-55-powerpc-di_2.6.15-55.81_powerpc.udeb Size/MD5: 320332 ef48c34eb2c9f2eb22983b43174f3f1b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.81_powerpc.udeb Size/MD5: 324866 3e2ed8f88f2da0dec50a64fc3ab44c84 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-55-sparc64-di_2.6.15-55.81_sparc.udeb Size/MD5: 50476 01211803a0b50f2e41ac12d1e860a692 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-55-sparc64-di_2.6.15-55.81_sparc.udeb Size/MD5: 2360 5aeaf097f5626a2279b90e6c34f385fb http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-55-sparc64-di_2.6.15-55.81_sparc.udeb Size/MD5: 40376 4dea984c062ddca28c1c988d44379d93 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-55-sparc64-di_2.6.15-55.81_sparc.udeb Size/MD5: 110558 efcd4322669e1c652be432a1873c58b5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-55-sparc64-di_2.6.15-55.81_sparc.udeb Size/MD5: 41216 1333577e7eb7214eeb78c0f2225b25f5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-55-sparc64-di_2.6.15-55.81_sparc.udeb Size/MD5: 104216 5a7727e8e1b2ed6d5530ce2a009aa3c7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-55-sparc64-di_2.6.15-55.81_sparc.udeb Size/MD5: 7434 f4a49bda2f12cab77972543789a756ff http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-55-sparc64-di_2.6.15-55.81_sparc.udeb Size/MD5: 149304 d620efc0eb4e1b3cf53672ac721ece98 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-55-sparc64-di_2.6.15-55.81_sparc.udeb Size/MD5: 1712718 919c1fda81a3f802a5851963144cd442 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-sparc64-smp_2.6.15-55.81_sparc.deb Size/MD5: 773038 5c6764ec8ab3a682f2e2113da00fb012 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-sparc64_2.6.15-55.81_sparc.deb Size/MD5: 772518 6702f6f4a455db59b935b6f8490c3ff7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55_2.6.15-55.81_sparc.deb Size/MD5: 6963708 47de01105b88b1d370ffa2713e2923fc http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-sparc64-smp_2.6.15-55.81_sparc.deb Size/MD5: 15017102 f5575856ff8f5a2b3193a6f0fdb4e8f0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-sparc64_2.6.15-55.81_sparc.deb Size/MD5: 14832428 431004b76eb2a38fe8cf4c83cf470c18 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-55-sparc64-di_2.6.15-55.81_sparc.udeb Size/MD5: 7434 7fd40198fd66f470310aed40f74dc2a8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-55-sparc64-di_2.6.15-55.81_sparc.udeb Size/MD5: 248766 2aabbc8e0eff811a4b62cc13d9a8f163 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-55-sparc64-di_2.6.15-55.81_sparc.udeb Size/MD5: 212558 59751d34820c94bfb847857141cf5903 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-55-sparc64-di_2.6.15-55.81_sparc.udeb Size/MD5: 1048464 b6b4335a21ea983d3ad8fa78a2870ac1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-55-sparc64-di_2.6.15-55.81_sparc.udeb Size/MD5: 1482360 306850ff03346753f1ae5c7227aaa8fd http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-55-sparc64-di_2.6.15-55.81_sparc.udeb Size/MD5: 10114 4b077d19a5b32e76e80a750ecdfaa633 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/parport-modules-2.6.15-55-sparc64-di_2.6.15-55.81_sparc.udeb Size/MD5: 40178 2d4bbcb9f55c752e91136b518d83f009 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/plip-modules-2.6.15-55-sparc64-di_2.6.15-55.81_sparc.udeb Size/MD5: 9364 17455b9b47e1255f2c9623a1fe31a7c3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-55-sparc64-di_2.6.15-55.81_sparc.udeb Size/MD5: 61396 da1882f3af550ace8ffd8885dc3e2367 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-55-sparc64-di_2.6.15-55.81_sparc.udeb Size/MD5: 163276 96cb16fde7216ec7f752f98cbd886de1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-55-sparc64-di_2.6.15-55.81_sparc.udeb Size/MD5: 64094 f3ace7fba9caef24383525d365cfa06b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-55-sparc64-di_2.6.15-55.81_sparc.udeb Size/MD5: 1235386 660eea19c06e89f967812d9da5160b5f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-55-sparc64-di_2.6.15-55.81_sparc.udeb Size/MD5: 59320 680d9c7e3c7c937412b0a56ec32a7e76 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-55-sparc64-di_2.6.15-55.81_sparc.udeb Size/MD5: 37426 0a0a0f305b377dc1b08eb4355563f889 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-55-sparc64-di_2.6.15-55.81_sparc.udeb Size/MD5: 280134 ca2c5547427790471cbd1ba548f25ce9 -- Ubuntu 8.04 LTS -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.24-26.64.diff.gz Size/MD5: 4796705 d083c260d9af052d8b1ac628b09a4d85 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.24-26.64.dsc Size/MD5: 2257 884e9ea8ff0746ccb610f6cd7bac66fa http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.24.orig.tar.gz Size/MD5: 59085601 e4aad2f8c445505cbbfa92864f5941ab Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-doc-2.6.24_2.6.24-26.64_all.deb Size/MD5: 4930694 7cc0852a8df5d1235c47ecd4687d6d06 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-26_2.6.24-26.64_all.deb Size/MD5: 8145454 3fb62e0df3d7d6f93aa803c39bdd2994 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-kernel-devel_2.6.24-26.64_all.deb Size/MD5: 98898 2ae7be85a5893479016a2eeed65c2371 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-source-2.6.24_2.6.24-26.64_all.deb Size/MD5: 46988628 7272bedffdeef5aef7110cf66b826821 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/l/linux/acpi-modules-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 28618 b3f7df2c441ec0734a0d50deefd86fc4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 224204 382d6c17adc672920e61d11c9c23168f http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 52644 1bece0d119d788da8f1acaccbea6c9b8 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 40650 d543c0f8cbc255510040a52ff57d41da http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 48650 7105a73162e8764232da454b25b598dd http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 86336 d39b51f5af88b56ad487230e793dca3f http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 36314 24bfdaf7b6ea42ee4272b95c263d6f76 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 648754 0a45c26cdd627b5d14f5e2dd5491caeb http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 209916 56bbcf198fe9dd0c264964ab83da416f http://security.ubuntu.com/ubuntu/pool/main/l/linux/ide-modules-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 39194 a388d1e7e78a3c254165cbf97dd41bf3 http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 68002 46f14c124d06a9a3d38f64d0d5bafeee http://security.ubuntu.com/ubuntu/pool/main/l/linux/ipv6-modules-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 145460 4133255a5e561d3bec79cf40d9a6b14c http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 287272 90427d886b7d13262cb6b5fc7c02d1a7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 2130610 13d4eaee7c4e596c5fae2f2716d500a2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-26-generic_2.6.24-26.64_amd64.deb Size/MD5: 673476 b90779973ad9b4cbdeaeeb77a4541ddd http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-26-openvz_2.6.24-26.64_amd64.deb Size/MD5: 1252666 e179156a20fac570d14fefdb64ee80ec http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-26-rt_2.6.24-26.64_amd64.deb Size/MD5: 1274856 8e1be29f5c030346c208eb4c701c4503 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-26-server_2.6.24-26.64_amd64.deb Size/MD5: 674282 0ead5e8e7be5353419258071411f9649 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-26-xen_2.6.24-26.64_amd64.deb Size/MD5: 1084264 0af115ceb4b7b576502b770d22da9f4b http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.24-26-generic_2.6.24-26.64_amd64.deb Size/MD5: 17810596 df93588f4f8b07629f5f0a5b30870d0a http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.24-26-server_2.6.24-26.64_amd64.deb Size/MD5: 17777002 f30d240161551074d98689613c8f6aaf http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-debug-2.6.24-26-generic_2.6.24-26.64_amd64.deb Size/MD5: 21043588 a131a86da021133a7313a438b107ae92 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-debug-2.6.24-26-server_2.6.24-26.64_amd64.deb Size/MD5: 21421898 2d2bed96120e7c96f988760ca24e2dd8 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.24-26.64_amd64.deb Size/MD5: 707264 f514f906947ae651399929fe83636dbd http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 263674 05b189c58a58383f6872b22911d46063 http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 176420 b67a941984fecda8845151815310b658 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 254118 1366e40a9ad455b3818508377f4af3ee http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 1641208 0c0c74351cc342724732d25a8929acb5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 143720 a9966e20ea8d4191a1c56ebad861fe44 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 164478 609423b0169041fb9f0d5c8674ff0efc http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 115874 fa20ee7707d5ec8e5e89cb365189b063 http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 35056 61ad2622f9cbd6398e17f58cf16d2d3e http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 64410 835e4e40501acdc3f4f1d6aa7416a647 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 69710 53869d39e81ec01bcfe7adbdd674d65d http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 21596 10d4283663da10cec8d9b9684c18ec19 http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 8622 2a55559a9d62f21c71ac6d2c10dc8f50 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 57230 e903e3ea3a1be8cc7ba5c83b38f85f2f http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 103042 c42a2de3e8393968dc813f50bd28b77d http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 1212592 2bbc0aa9e0bc0497ea6a40b7312e32b6 http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 45502 a0b0654845343d003f87f9c2edb793d1 http://security.ubuntu.com/ubuntu/pool/main/l/linux/socket-modules-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 12772 84fe8a9ea2518fffc6c65c5ca2091c71 http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 498066 7a55d99e9326c3dc41fe4dabffa81c15 http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.24-26-generic-di_2.6.24-26.64_amd64.udeb Size/MD5: 75058 ad5e04975f8320bd3f4cf8afa3651284 http://security.ubuntu.com/ubuntu/pool/universe/l/linux/linux-image-2.6.24-26-openvz_2.6.24-26.64_amd64.deb Size/MD5: 19259814 87ca4d98505a53bfbd833c12f6805de2 http://security.ubuntu.com/ubuntu/pool/universe/l/linux/linux-image-2.6.24-26-rt_2.6.24-26.64_amd64.deb Size/MD5: 17912348 7bd772e54593f910a261e2f2f60f0862 http://security.ubuntu.com/ubuntu/pool/universe/l/linux/linux-image-2.6.24-26-xen_2.6.24-26.64_amd64.deb Size/MD5: 18913682 95f44b37c2638260091727900cb9db8c i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/l/linux/acpi-modules-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 23692 263ad2c31c3ee8de2a16262412c68471 http://security.ubuntu.com/ubuntu/pool/main/l/linux/acpi-modules-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 26798 84f8c1c6caaedd10b56cc126f0809676 http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 218820 99ca49cb3f2820f57c9c8b086652cfb7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 220492 d4449e0ea134b27bda38fe215c999842 http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 51928 ccdb4f878b55dcfc9bd38ddf1d3a4b79 http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 52070 3a5294a668f6a55c98adf137c8a73b27 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 38326 d59d33dc6fe96897534d843648a5007c http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 39082 a0a218b32ea203b9d3a88360923a1cb0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 45996 e18b4d8a899a77256cd1cc7e42f8bcf5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 46164 cc798a284738f343050b42b4b1529927 http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 83250 9138f2c9c2eb06a0f0a33e893ff12e14 http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 83654 ba683ff1f68bd116a61d541de037a5c3 http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 32394 a827895045875978eced3db31308c78c http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 32672 e09701581ef45c77f11f684412525f01 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 637694 f272533c6bd26bfc80e44298ee4329b8 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 656000 f54fb6bcdf21190cc53e4bd48c7cc832 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 209838 5672c677b254cd4bc0ad298e63f9a2f6 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 213616 43a51aa70c5ef0d55c14fe48bd19aa45 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ide-modules-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 46552 cfd965691b994c4064a69a7b11790043 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ide-modules-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 47602 7f1d961fb620bb44a662f7f8b268a008 http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 62274 5470e86c2ba3c9ab218cc6011d3bdc47 http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 63622 bf118127c7f40d41b8f21ef80493c701 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ipv6-modules-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 130544 6bbb50c3501f5f62ed447241d39a0b39 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ipv6-modules-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 137024 253d7ed9dfe90933fc278ab923f2cc3a http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 279084 3797d5b7623eefc378f7c3f10ba727c7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 277690 fa48b0ab2bb6c2f7493a10db3f611093 http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 2012662 43d00d0f90e03af2578e7505b9641baf http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 2087832 897cae80da548574e2a0e1e064290ab5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-26-386_2.6.24-26.64_i386.deb Size/MD5: 655080 aa936de2f800113080f9722f5c5c6c17 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-26-generic_2.6.24-26.64_i386.deb Size/MD5: 657848 054772c97c19c5f40005cbe6b9a8eef6 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-26-openvz_2.6.24-26.64_i386.deb Size/MD5: 1241710 8efd1eca8696e7f7e573e76474ef9966 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-26-rt_2.6.24-26.64_i386.deb Size/MD5: 1264152 957dd410d2d622295597e6e76cf2e62e http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-26-server_2.6.24-26.64_i386.deb Size/MD5: 659656 9bfd0315aefb2a7d80c4de02eb7a2c7f http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-26-virtual_2.6.24-26.64_i386.deb Size/MD5: 560372 dbdcb629759d764cddeecb0cf5c45c06 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-26-xen_2.6.24-26.64_i386.deb Size/MD5: 1059728 f0d0e2fcf2cd4aa3ec0d4c88579bdc79 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.24-26-386_2.6.24-26.64_i386.deb Size/MD5: 18380862 da175ececfa3687c55b45c4bd8ea1d00 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.24-26-generic_2.6.24-26.64_i386.deb Size/MD5: 18400938 eb8af02946f61ad8e777c91223cfea8a http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.24-26-server_2.6.24-26.64_i386.deb Size/MD5: 18512178 3952048a849797f7e378153096177c57 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.24-26-virtual_2.6.24-26.64_i386.deb Size/MD5: 8693286 906cd8455ea494dd307539fbe732853e http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-debug-2.6.24-26-386_2.6.24-26.64_i386.deb Size/MD5: 25527548 76ce1ba85bb01475fdaef0c15325aaab http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-debug-2.6.24-26-generic_2.6.24-26.64_i386.deb Size/MD5: 26336620 8a39fefe1e9646ba438702088e2e326f http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-debug-2.6.24-26-server_2.6.24-26.64_i386.deb Size/MD5: 27360828 00da5554d7d28e6dccd5351ff8044e90 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-debug-2.6.24-26-virtual_2.6.24-26.64_i386.deb Size/MD5: 24857362 97f4fed740e869683e664bf038c0837a http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.24-26.64_i386.deb Size/MD5: 707260 c8f5af8762e8d7316610190214c80e2e http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 258842 304ec6570fd0c86dd6e6869a87afb9a4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 264136 56363dc647890a160ca499cd01db1a33 http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 163266 fa54a9753627375b4b7da005c135faa6 http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 163026 872b7951fdd0e63060e64609d11543cd http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 236718 60397d3be29fc252306abb52309f04af http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 244978 b723973f3d0ec5b2f618d5eaad34a8ac http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 1810138 a975df5a4091e113523b5d298d25f9f7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 1827370 a9182c7bb09ffbdf6fcedbfed4a5327f http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 150844 f8abcbadf64e5f012a5fe5f99ef6b381 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 143016 fddd6469a48ed9d7b19f849d8da842a5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 156078 c9f3ac1776ebbbfec990a2bbca0c4770 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 157166 0b7243f4cc7d13cb61d70f91c601e4f0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 107216 b094611b1f7c629b049ac143995b3a67 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 108526 1ae4f4e0e5af6c8daec13fc6f5050d0c http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 32956 9fa12e13ad2a543a8b8a16a7c0c54397 http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 33388 749e0e0e827bd5b5d19fd88d5c1ab666 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 60700 4c84cb06b318d5e6cbd6074c5cc13396 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 61148 7f3c6ceb03b53b06746a84bff4e364df http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 82648 f50ffb0d375b7b9e67ab25430d77b6e0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 82960 fbca7d048045b365816ad8002ea8af9f http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 48568 517aecd7d1b7da5b737db3bb8425182f http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 48456 33771bb4d166095ce3f99ded224bca44 http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 8190 991790e8ead4b7e55f5ad321cace827c http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 8440 59ea1a5528adafab23b594d41021bf4d http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 51108 3dffbbdfea31592701c2918597b61b59 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 52944 9e7f748f927fdd3a31bf6b5b6405f35b http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 92152 5a3dc80ebe4f774ed99c03706494ed53 http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 92440 d8e845c6ef624fffd02a4f067a3aba17 http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 1443768 2727007e234b9bc0353f113ea3388eca http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 1427040 cc7b841576d4ae78aa6b075fdd6633c2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 43240 468b57de535b31245f3415c35e9af08b http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 42804 a686f9880343ab8e162536cc03ac18ee http://security.ubuntu.com/ubuntu/pool/main/l/linux/socket-modules-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 11402 160f91d46f636a2c039349911ca8a47c http://security.ubuntu.com/ubuntu/pool/main/l/linux/socket-modules-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 12014 a2b4936a35d9579aa5d848a55d040978 http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 470480 66935dc80cbea70ce4c4775ec946ea4a http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 472424 a02124d959989be1025cec8bbbf8cac8 http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.24-26-386-di_2.6.24-26.64_i386.udeb Size/MD5: 70520 c17997eda432f4c1b418e85e8bc448e2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.24-26-generic-di_2.6.24-26.64_i386.udeb Size/MD5: 71380 2a4352e2a2f8df243e879c53074d4d1f http://security.ubuntu.com/ubuntu/pool/universe/l/linux/linux-image-2.6.24-26-openvz_2.6.24-26.64_i386.deb Size/MD5: 20249184 c65fee420bbed74f45a5c7b87ff015de http://security.ubuntu.com/ubuntu/pool/universe/l/linux/linux-image-2.6.24-26-rt_2.6.24-26.64_i386.deb Size/MD5: 18545576 4337b582d9ac8e164a28017da28cbb91 http://security.ubuntu.com/ubuntu/pool/universe/l/linux/linux-image-2.6.24-26-xen_2.6.24-26.64_i386.deb Size/MD5: 18781730 a8a7c9d5b79f89c7871bfae231bb3bd3 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-26-lpia_2.6.24-26.64_lpia.deb Size/MD5: 639016 f0b80ca383f746c28b2e19a3300207b6 http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-26-lpiacompat_2.6.24-26.64_lpia.deb Size/MD5: 705262 c4c8ccf4e5ab56c059cdf0111ed218bc http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.24-26-lpia_2.6.24-26.64_lpia.deb Size/MD5: 14518788 3451d9f5e0b01ac4fb33b8e5c8a02ddc http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.24-26.64_lpia.deb Size/MD5: 707238 ed9e6abddba11219b64e5233ac152468 http://ports.ubuntu.com/pool/universe/l/linux/linux-image-2.6.24-26-lpiacompat_2.6.24-26.64_lpia.deb Size/MD5: 19818236 b91fd7f58de025b026dd8aef831d709c powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.24-26-powerpc-di_2.6.24-26.64_powerpc.udeb Size/MD5: 334060 49513675d0f49da8997e80e165e3e943 http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.24-26-powerpc64-smp-di_2.6.24-26.64_powerpc.udeb Size/MD5: 318536 483165905e0ac4de879307b44aeedc7f http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.24-26-powerpc-di_2.6.24-26.64_powerpc.udeb Size/MD5: 62722 bc5fe322b54641d0b89f11bcca4446c5 http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.24-26-powerpc64-smp-di_2.6.24-26.64_powerpc.udeb Size/MD5: 73006 921f0303a56e7d83a46ce2cb6ea89a73 http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.24-26-powerpc-di_2.6.24-26.64_powerpc.udeb Size/MD5: 41450 454377bdb43fa744033fb73d64f1d38c http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.24-26-powerpc64-smp-di_2.6.24-26.64_powerpc.udeb Size/MD5: 47828 d64df168ac3522c428bc445804b80ed8 http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.24-26-powerpc-di_2.6.24-26.64_powerpc.udeb Size/MD5: 89496 a20997b27729b8f10dc124f533d0620e http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.24-26-powerpc64-smp-di_2.6.24-26.64_powerpc.udeb Size/MD5: 105746 f6e4c917a4b7479296f19e9f5c974c3b http://ports.ubuntu.com/pool/main/l/linux/floppy-modules-2.6.24-26-powerpc-di_2.6.24-26.64_powerpc.udeb Size/MD5: 44826 365d1d06e7286c322c245ad0377535a9 http://ports.ubuntu.com/pool/main/l/linux/floppy-modules-2.6.24-26-powerpc64-smp-di_2.6.24-26.64_powerpc.udeb Size/MD5: 40934 a394afe9ca47811400bc77ab0149e24e http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.24-26-powerpc-di_2.6.24-26.64_powerpc.udeb Size/MD5: 704836 cf10395162bcb0ef80723ef99629353d http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.24-26-powerpc64-smp-di_2.6.24-26.64_powerpc.udeb Size/MD5: 770978 a4b45e4945b56c8134653b92b7a1d0de http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.24-26-powerpc-di_2.6.24-26.64_powerpc.udeb Size/MD5: 243278 3f37cc5e1ad690d4154cc806d3d33553 http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.24-26-powerpc64-smp-di_2.6.24-26.64_powerpc.udeb Size/MD5: 246282 2fec872410dd6e5b4bac756f5171b10b http://ports.ubuntu.com/pool/main/l/linux/ide-modules-2.6.24-26-powerpc-di_2.6.24-26.64_powerpc.udeb Size/MD5: 69156 4c5168a7f4348f10c242608123dd6446 http://ports.ubuntu.com/pool/main/l/linux/ide-modules-2.6.24-26-powerpc64-smp-di_2.6.24-26.64_powerpc.udeb Size/MD5: 132592 58bfddcdef8d0fad1d4ac7a662d80df1 http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.24-26-powerpc-di_2.6.24-26.64_powerpc.udeb Size/MD5: 70256 235d16e260d8431a75b9e68e32006303 http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.24-26-powerpc64-smp-di_2.6.24-26.64_powerpc.udeb Size/MD5: 77450 718a6ead612eee5569c3477b11def82a http://ports.ubuntu.com/pool/main/l/linux/ipv6-modules-2.6.24-26-powerpc-di_2.6.24-26.64_powerpc.udeb Size/MD5: 146272 cc46a63608ab6e62bd071632a69f092a http://ports.ubuntu.com/pool/main/l/linux/ipv6-modules-2.6.24-26-powerpc64-smp-di_2.6.24-26.64_powerpc.udeb Size/MD5: 165002 587ea06471e46f22829c9b4f015a9b36 http://ports.ubuntu.com/pool/main/l/linux/irda-modules-2.6.24-26-powerpc-di_2.6.24-26.64_powerpc.udeb Size/MD5: 388000 c321d40c4b1d9aac2caed2ec3e8f3f77 http://ports.ubuntu.com/pool/main/l/linux/irda-modules-2.6.24-26-powerpc64-smp-di_2.6.24-26.64_powerpc.udeb Size/MD5: 350456 9dce3649a41dc688a5908dce1f98cfc6 http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.24-26-powerpc-di_2.6.24-26.64_powerpc.udeb Size/MD5: 2431334 bd44923c88fb96b91418bc324c1bed38 http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.24-26-powerpc64-smp-di_2.6.24-26.64_powerpc.udeb Size/MD5: 3472922 1f9d78546ce42192b344f4072b66d80f http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-26-powerpc-smp_2.6.24-26.64_powerpc.deb Size/MD5: 653062 b09095ee500dfccd4e83c5fd5218c885 http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-26-powerpc64-smp_2.6.24-26.64_powerpc.deb Size/MD5: 656524 4302c1614d5b45c7fc07ac597f0631cc http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-26-powerpc_2.6.24-26.64_powerpc.deb Size/MD5: 652490 87101ae784d14852ac3dc0478d374def http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.24-26-powerpc-smp_2.6.24-26.64_powerpc.deb Size/MD5: 20169950 1218540c890d9abb0c2e95c971101a36 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.24-26-powerpc64-smp_2.6.24-26.64_powerpc.deb Size/MD5: 21376668 e1519a1e265d86d44810a2718b81b56e http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.24-26-powerpc_2.6.24-26.64_powerpc.deb Size/MD5: 19949654 028f52070acb49111a833ff5a4d47666 http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.24-26.64_powerpc.deb Size/MD5: 697432 976ab19ad01d68928b5d4e431534e3d3 http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.24-26-powerpc-di_2.6.24-26.64_powerpc.udeb Size/MD5: 266748 744be064f1505c32741567e2ca678001 http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.24-26-powerpc64-smp-di_2.6.24-26.64_powerpc.udeb Size/MD5: 307728 07a5966849eae24745c947e7154e1ac2 http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.24-26-powerpc-di_2.6.24-26.64_powerpc.udeb Size/MD5: 192252 96d379892e6c4b0f402e6623d096fdc9 http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.24-26-powerpc64-smp-di_2.6.24-26.64_powerpc.udeb Size/MD5: 201692 900481e5dd0acc90856f1096117cf5f7 http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.24-26-powerpc-di_2.6.24-26.64_powerpc.udeb Size/MD5: 272014 0dc5789f5faf4fd03ad363c0d07e6077 http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.24-26-powerpc64-smp-di_2.6.24-26.64_powerpc.udeb Size/MD5: 306008 2e6310875704dde358843ec744b48fae http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.24-26-powerpc-di_2.6.24-26.64_powerpc.udeb Size/MD5: 1807718 9cf3659e2114f022cf91b6111470e287 http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.24-26-powerpc64-smp-di_2.6.24-26.64_powerpc.udeb Size/MD5: 2119510 6df3690fdaa3bd989acdeb16959b3e5d http://ports.ubuntu.com/pool/main/l/linux/nic-pcmcia-modules-2.6.24-26-powerpc-di_2.6.24-26.64_powerpc.udeb Size/MD5: 235198 c71f847873076e52b42050a63dee6e38 http://ports.ubuntu.com/pool/main/l/linux/nic-pcmcia-modules-2.6.24-26-powerpc64-smp-di_2.6.24-26.64_powerpc.udeb Size/MD5: 225412 c5c6ee64b45fe8e1e0b5330b2d6d3a88 http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.24-26-powerpc-di_2.6.24-26.64_powerpc.udeb Size/MD5: 170436 d3aaea74ef5a51d206d379f4ee926002 http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.24-26-powerpc64-smp-di_2.6.24-26.64_powerpc.udeb Size/MD5: 199758 045435b5b5ab7e2721d5bfcaed1ffa87 http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.24-26-powerpc-di_2.6.24-26.64_powerpc.udeb Size/MD5: 117940 703312aa896b2b98a6b6847bbe4f9f27 http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.24-26-powerpc64-smp-di_2.6.24-26.64_powerpc.udeb Size/MD5: 139270 9e41ae8e65b1537d51d59a5a79ae4b36 http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.24-26-powerpc-di_2.6.24-26.64_powerpc.udeb Size/MD5: 45372 04021e959c6a16ad1e92a05f3aac10ff http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.24-26-powerpc64-smp-di_2.6.24-26.64_powerpc.udeb Size/MD5: 46842 1b3a5f15539a4ec805320ede34c1d827 http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.24-26-powerpc-di_2.6.24-26.64_powerpc.udeb Size/MD5: 51134 7c95785dba0c54134dfbdc2a19f978a4 http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.24-26-powerpc64-smp-di_2.6.24-26.64_powerpc.udeb Size/MD5: 60284 7bee493c012c7358896518dd8098165c http://ports.ubuntu.com/pool/main/l/linux/pcmcia-modules-2.6.24-26-powerpc-di_2.6.24-26.64_powerpc.udeb Size/MD5: 74184 768a7506d674949e26b2d2ff43068223 http://ports.ubuntu.com/pool/main/l/linux/pcmcia-modules-2.6.24-26-powerpc64-smp-di_2.6.24-26.64_powerpc.udeb Size/MD5: 87218 3ca7f5ff11674b617a1e2fc4489d6a79 http://ports.ubuntu.com/pool/main/l/linux/pcmcia-storage-modules-2.6.24-26-powerpc-di_2.6.24-26.64_powerpc.udeb Size/MD5: 76088 17ece790c40f5d263d8086682ce8b714 http://ports.ubuntu.com/pool/main/l/linux/pcmcia-storage-modules-2.6.24-26-powerpc64-smp-di_2.6.24-26.64_powerpc.udeb Size/MD5: 30230 2f67c93a26d0d5e3f05de7ea3cf47f0c http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.24-26-powerpc-di_2.6.24-26.64_powerpc.udeb Size/MD5: 8490 42752437f43c81c45afb0056f1f4a1eb http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.24-26-powerpc64-smp-di_2.6.24-26.64_powerpc.udeb Size/MD5: 10028 913150e8f74c3f6edb159ad652b75b3a http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.24-26-powerpc-di_2.6.24-26.64_powerpc.udeb Size/MD5: 57448 db10b637f067e75b5b5b24e544d08031 http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.24-26-powerpc64-smp-di_2.6.24-26.64_powerpc.udeb Size/MD5: 68746 5ecc29ef716b807cca83c4d94ca203d1 http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.24-26-powerpc-di_2.6.24-26.64_powerpc.udeb Size/MD5: 101180 61185dc888bb34faf279adcd6212ed22 http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.24-26-powerpc64-smp-di_2.6.24-26.64_powerpc.udeb Size/MD5: 147836 a0decb6034c76ede9c11a4ca8137fad5 http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.24-26-powerpc-di_2.6.24-26.64_powerpc.udeb Size/MD5: 1565750 73d90410638233769e549108cbc2d437 http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.24-26-powerpc64-smp-di_2.6.24-26.64_powerpc.udeb Size/MD5: 1514650 3f6538f3cb163f68bbae6a206f78f865 http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.24-26-powerpc-di_2.6.24-26.64_powerpc.udeb Size/MD5: 76672 f91da6315e929ade036ea178084116e2 http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.24-26-powerpc64-smp-di_2.6.24-26.64_powerpc.udeb Size/MD5: 85982 f632c962c82244b8643e1596caf0f8a6 http://ports.ubuntu.com/pool/main/l/linux/socket-modules-2.6.24-26-powerpc-di_2.6.24-26.64_powerpc.udeb Size/MD5: 12706 425d1166f3994b809a44a8b6f87382bd http://ports.ubuntu.com/pool/main/l/linux/socket-modules-2.6.24-26-powerpc64-smp-di_2.6.24-26.64_powerpc.udeb Size/MD5: 14560 58bdcee181e77ef419abf17666944434 http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.24-26-powerpc-di_2.6.24-26.64_powerpc.udeb Size/MD5: 449634 80bb17e04fee324aef11b885afd5f503 http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.24-26-powerpc64-smp-di_2.6.24-26.64_powerpc.udeb Size/MD5: 504156 cd80e7dabbea5e84e76bd8ed9c7c4c39 http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.24-26-powerpc-di_2.6.24-26.64_powerpc.udeb Size/MD5: 83690 935fadbede81fb908372a1c581521db1 http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.24-26-powerpc64-smp-di_2.6.24-26.64_powerpc.udeb Size/MD5: 108852 225dc6bc671a477b70b8deaaf8c3486e sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.24-26-sparc64-di_2.6.24-26.64_sparc.udeb Size/MD5: 59568 c2fb225938d8c02113d72361e4fc563f http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.24-26-sparc64-di_2.6.24-26.64_sparc.udeb Size/MD5: 71726 1bb670a90d032eef60aa4796155720e3 http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.24-26-sparc64-di_2.6.24-26.64_sparc.udeb Size/MD5: 42454 d88657b5dea17d4896087a12ebbe7dfc http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.24-26-sparc64-di_2.6.24-26.64_sparc.udeb Size/MD5: 91782 48f3526023196adba59f01ba378428c3 http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.24-26-sparc64-di_2.6.24-26.64_sparc.udeb Size/MD5: 587190 4ea258fab21986b4053f2d860ef8c6fa http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.24-26-sparc64-di_2.6.24-26.64_sparc.udeb Size/MD5: 171074 1599ee07d6b28fd12cc34af6bb317bad http://ports.ubuntu.com/pool/main/l/linux/ide-modules-2.6.24-26-sparc64-di_2.6.24-26.64_sparc.udeb Size/MD5: 22356 dd9c180c3bba70fe8564e456b236fdce http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.24-26-sparc64-di_2.6.24-26.64_sparc.udeb Size/MD5: 46060 8632fa1dad54854a5adc1b569203503c http://ports.ubuntu.com/pool/main/l/linux/ipv6-modules-2.6.24-26-sparc64-di_2.6.24-26.64_sparc.udeb Size/MD5: 152978 6cd485686fb97c074923b03fe4faeb6c http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.24-26-sparc64-di_2.6.24-26.64_sparc.udeb Size/MD5: 2135332 477b4afaa014e23efa934cd09cb14898 http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-26-sparc64-smp_2.6.24-26.64_sparc.deb Size/MD5: 565238 c327bab93d5baa5d236a894bf947d5e3 http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-26-sparc64_2.6.24-26.64_sparc.deb Size/MD5: 563606 d9e2f2f1b73f78adb642555a16e97480 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.24-26-sparc64-smp_2.6.24-26.64_sparc.deb Size/MD5: 14099672 f103455ca96847d70e36e98f6658375c http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.24-26-sparc64_2.6.24-26.64_sparc.deb Size/MD5: 13830720 b8b84b4fd3a6bbe86def5bdd6e897d7b http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.24-26.64_sparc.deb Size/MD5: 752338 78776be1adafb8428ede6da4eac1e948 http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.24-26-sparc64-di_2.6.24-26.64_sparc.udeb Size/MD5: 270062 72ba4e1f413e10e31a16a3113578f3d2 http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.24-26-sparc64-di_2.6.24-26.64_sparc.udeb Size/MD5: 190358 db69d94c7b10d77d5dc5a2c70f2530b0 http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.24-26-sparc64-di_2.6.24-26.64_sparc.udeb Size/MD5: 263026 440b43eca1bdd619910b7424d4323dc2 http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.24-26-sparc64-di_2.6.24-26.64_sparc.udeb Size/MD5: 1386412 ae20f0effd0bd6ee97dd4b905dce096d http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.24-26-sparc64-di_2.6.24-26.64_sparc.udeb Size/MD5: 175422 733132e6988e75273c88b2c81272b0d6 http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.24-26-sparc64-di_2.6.24-26.64_sparc.udeb Size/MD5: 122096 8f73c64f2d6a4c87fb7884330cf3ab72 http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.24-26-sparc64-di_2.6.24-26.64_sparc.udeb Size/MD5: 40398 34825a5b3daba611000cd81b7ed68bf8 http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.24-26-sparc64-di_2.6.24-26.64_sparc.udeb Size/MD5: 48058 c58bd7d561121147bd3e8adc26531ac3 http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.24-26-sparc64-di_2.6.24-26.64_sparc.udeb Size/MD5: 8696 012eed2618ea4cf6d231465bdef0979c http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.24-26-sparc64-di_2.6.24-26.64_sparc.udeb Size/MD5: 60510 689fc2bf4f74f2b8e5418db13c46c108 http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.24-26-sparc64-di_2.6.24-26.64_sparc.udeb Size/MD5: 106830 c5057960aef3023b9e23d1f728e20bbf http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.24-26-sparc64-di_2.6.24-26.64_sparc.udeb Size/MD5: 1002002 42137943ac82b20400492a4b53011606 http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.24-26-sparc64-di_2.6.24-26.64_sparc.udeb Size/MD5: 9518 d7a789771f2a10bfd16df3c67baad4dc http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.24-26-sparc64-di_2.6.24-26.64_sparc.udeb Size/MD5: 391514 1754789fa2f5e216066be01441f184c5 http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.24-26-sparc64-di_2.6.24-26.64_sparc.udeb Size/MD5: 75922 a70f0c0441d4602c534d40c711bbe16c -- Ubuntu 8.10 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.27-16.44.diff.gz Size/MD5: 3201881 c8d86a4f3dea755b24836e8367cda4e0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.27-16.44.dsc Size/MD5: 1529 72c6a430036e019404f02d0c19ea4a3e http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.27.orig.tar.gz Size/MD5: 63721466 482b04f680ce6676114ccfaaf8f66a55 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-doc-2.6.27_2.6.27-16.44_all.deb Size/MD5: 3492038 e0ebb960ae6f5e4ec236c3ac3af0f7b0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-16_2.6.27-16.44_all.deb Size/MD5: 5906264 08c1bc6a21cd190bf80b1aa8f6a2ce58 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-source-2.6.27_2.6.27-16.44_all.deb Size/MD5: 52094054 bc17982e9907aebd8946af208811aac6 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/l/linux/acpi-modules-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 36532 112622acd91a471418d6732053e8baf5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 265224 beabd1566f5a0bbfa0cf1c87e1824ee1 http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 53444 2c153f8059ac3b856f20c0556dc46429 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 43030 9f8b34984e1144981e1bb7c1d2b06ee8 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 52340 ecd4b9454e1db66241d6eef6e1701a54 http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 89838 12f635f5b6ca668a46d52153b24ce6fc http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 38178 3639a010445ba97a094fd5f30da1fad5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 677070 bb73a302b78be52c045db911157f721c http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 158610 545ccc68c986a7a7ddbdb2c26689b0a4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 46344 3b12cf05ef40e3d837ca80507543b80e http://security.ubuntu.com/ubuntu/pool/main/l/linux/ipv6-modules-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 154240 73b15ef43331d7113aa72bc0ee60a453 http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 313104 8fae72e1ccc9fede9dc31ab37bc1d13d http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 2603324 34cd387c1b084ba8df05acf7a9443b23 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-16-generic_2.6.27-16.44_amd64.deb Size/MD5: 661828 f3e97bb12290a0c4f8d205ab7ee78d8d http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-16-server_2.6.27-16.44_amd64.deb Size/MD5: 661728 11efe8fc288f10ebea6137c6ce7c7577 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-16-generic_2.6.27-16.44_amd64.deb Size/MD5: 23067680 d7b8f6bc98aaf572f64bd9d01e6eb538 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-16-server_2.6.27-16.44_amd64.deb Size/MD5: 23069508 3a6bd4bbe74c298c895080444849d7df http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-16-virtual_2.6.27-16.44_amd64.deb Size/MD5: 10480506 9ba50f7c343744631591c9073ac2a44c http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.27-16.44_amd64.deb Size/MD5: 675538 1bf76460a834c867ddbdb2ac2a8807ca http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 434896 3b1bd36664076e87282d8187d5a68821 http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 186496 855ec802049132bb72802850230f7a0c http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 275588 868d125f7ce23b31ad36f4f93e22de88 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 1810636 37f3e1583d99c76176cfaadcfd7074df http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 151328 6b2095760d3123fac76521bb78f69d3a http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 194286 2ff5b408c2846a07830847695ebdabce http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 168172 1a4f36f75d8363840447cca4a159276d http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 36428 6589899dfd94666a1cea158824f377f1 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 83434 9e3f0bf7a0f1bdbbcce1811c5cd1256f http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 71986 8944d6c014254e81425678291ee32c7a http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 23240 dea9e7e62f416cf8dc2ea8a0d7f2a9be http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 9012 ce860f67d7b84de6b61ff42f43a438b0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 68540 0ea6d5eac92ab0acbe98566d280848fd http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 110298 2c7e70b37cf18e7972d59163342f1af4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 1276174 38efb7fd1ad02875dbff9057eb4a5937 http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 47600 e155e8adffb54cc2bd35164add58556c http://security.ubuntu.com/ubuntu/pool/main/l/linux/socket-modules-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 13476 52bab00a74079067e9f1e379b8bcb371 http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 393948 50d5b579ea376ac6db83d4a87ad861ce http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 200800 7a564bf74ac21447b6c90c5ce70ecae4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.27-16-generic-di_2.6.27-16.44_amd64.udeb Size/MD5: 13610 bec405f8d0db274f1a864d4cb8c0b56c i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/l/linux/acpi-modules-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 33944 d8b2a591d5b5ad242d23344ecaf0e4de http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 244714 6732e587708940dac7bd054d8a4f67d9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 55390 1e3e00f121901d19156cd04a0407712f http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 41210 522941b057c33031f1492e30b1985f8b http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 48700 0e4cc7ebce99d086e7bea66ed1865609 http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 86938 ffa1fd1bae9ab232503398b61fa3541b http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 34062 cb7f0e43d3b2d284059838023167e286 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 675498 f9d13e4f10fdb6187cc12056cdec603a http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 158416 25d60afdb63edf9d5cb349c9a77b8b6d http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 43620 67a6a5861a4f40e08bd8d71cf1f30f2e http://security.ubuntu.com/ubuntu/pool/main/l/linux/ipv6-modules-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 145228 ddf89fde962fa3f9f41e2011f8b5b432 http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 302392 a790138f65589b5148ec8e96eea56d36 http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 2436654 ac0944d7f41d0db6400c138e60ce1571 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-16-generic_2.6.27-16.44_i386.deb Size/MD5: 643722 f76c1d99135ad4985a7d4a1f30923b42 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-16-server_2.6.27-16.44_i386.deb Size/MD5: 645688 84da5ecde8eee75dc1a69ae0bf5c1d00 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-16-generic_2.6.27-16.44_i386.deb Size/MD5: 23497918 3bf3a181f776cecea69c9d80401f20d9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-16-server_2.6.27-16.44_i386.deb Size/MD5: 23634556 bf9ace011e2ec57c9307d8b5f7253ddb http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-16-virtual_2.6.27-16.44_i386.deb Size/MD5: 10116262 d01d6132d55eb8ce7afd74d1378bc068 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.27-16.44_i386.deb Size/MD5: 675534 a1def1c58ae0c95a80eccb889d9db463 http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 433072 1a3c83b479bf4579306ec5583e4fb416 http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 171296 5dc09b6148efd039349cc361c2935ac9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 264100 ba78dadb731aa4da2418c8da2e21d872 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 1994440 91361abf24acb2ef9a44f8d6de859391 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 150950 18910fe2d42e97ea6c18166b320700dd http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 184044 5ecd26d5d0960265d7112df362892ce7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 157848 a8c4dcb70d971e090b67d393ac5d6ee1 http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 34498 902e0ef7f84986df67b3ff0a8ef08960 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 78282 61f33bd316ead48643247543a4922207 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 86188 48185d1d626fa14c5d83f697ee6c692c http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 51324 b8ab6b7befd07d505e7818eb4a2bd61b http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 8794 f6240e4ac26b1cb9b405ff19f13d9691 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 64312 6014bed4a0f3c78a0763e562819f4aaf http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 102100 6c42f550665d05b26383e9b1fb5a16cd http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 1450218 45698f920af70d010311b92349a2545b http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 44524 3330138f0ae6edf637b2944f74af24b1 http://security.ubuntu.com/ubuntu/pool/main/l/linux/socket-modules-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 12644 b0c4052c7d3d81c30c061d7bf46634a5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 373174 b79dc9a4840f032b7a553782e6973133 http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 189716 ad88cfa9ea740d19ef1c56046691b63a http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.27-16-generic-di_2.6.27-16.44_i386.udeb Size/MD5: 12990 cb60de4ad99e6feaebb9a013a8d7ae6e -- Ubuntu 9.04: -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.28-17.58.diff.gz Size/MD5: 7376644 d89b3951dcdbb3b03a9b170a323b1ffb http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.28-17.58.dsc Size/MD5: 3174 4b030df27e676e4b6b514555386c7ab0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.28.orig.tar.gz Size/MD5: 66766084 062c29b626a55f09a65532538a6184d4 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-doc-2.6.28_2.6.28-17.58_all.deb Size/MD5: 3636322 5367bfe0fb8b35e5af728e6634cb06fc http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.28-17_2.6.28-17.58_all.deb Size/MD5: 8701144 54e7027a023711da8a61dd2c4273be16 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-source-2.6.28_2.6.28-17.58_all.deb Size/MD5: 57006404 0f53c07059ac185ca0bb572444bf3309 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.28-17-generic-di_2.6.28-17.58_amd64.udeb Size/MD5: 234622 cea38c3e4f45f28f43bc0451c39de404 http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.28-17-generic-di_2.6.28-17.58_amd64.udeb Size/MD5: 44122 8e4dbf5b48b44392496d4d5d972f842e http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.28-17-generic-di_2.6.28-17.58_amd64.udeb Size/MD5: 43316 5c60ec77c1bc0e6c3912265e3ee4ef0b http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.28-17-generic-di_2.6.28-17.58_amd64.udeb Size/MD5: 51116 518ded99a053e40ae96c1ef1697fe2c9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.28-17-generic-di_2.6.28-17.58_amd64.udeb Size/MD5: 90070 0a904f435e1ae37c30dfad1066ce3940 http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.28-17-generic-di_2.6.28-17.58_amd64.udeb Size/MD5: 38012 6798b6ce98fe0affc0d070b4966dac00 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.28-17-generic-di_2.6.28-17.58_amd64.udeb Size/MD5: 521622 143eb9c19478cac2ad80580ddac93863 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.28-17-generic-di_2.6.28-17.58_amd64.udeb Size/MD5: 125782 c6a0f6f23a50f8e7cbf3d127bff32ba1 http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.28-17-generic-di_2.6.28-17.58_amd64.udeb Size/MD5: 58070 39595d6c317e87f17045e265b5ac7f8b http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.28-17-generic-di_2.6.28-17.58_amd64.udeb Size/MD5: 312504 6d79553432af786952d2aa6c646d4012 http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.28-17-generic-di_2.6.28-17.58_amd64.udeb Size/MD5: 3872978 0f90663ec31db444da01e89bf6f2d34e http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.28-17-generic_2.6.28-17.58_amd64.deb Size/MD5: 689524 8a3425905e9d0723e76c534c27661018 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.28-17-server_2.6.28-17.58_amd64.deb Size/MD5: 688900 ccb121dfa78f2c80bfa23efc963ce2b2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.28-17-generic_2.6.28-17.58_amd64.deb Size/MD5: 24345784 e938cdff3eca545cc8704aea6a9758d5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.28-17-server_2.6.28-17.58_amd64.deb Size/MD5: 24333452 20747653147b9d1a221a22dcd90605df http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.28-17-virtual_2.6.28-17.58_amd64.deb Size/MD5: 10550826 e690b4ff591544bc51770955f5c5e4e7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.28-17.58_amd64.deb Size/MD5: 765988 962e59be54d6f105452b566f9a5d5ff3 http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.28-17-generic-di_2.6.28-17.58_amd64.udeb Size/MD5: 215190 cb604bc6745b41c1bd45f0cd79801771 http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.28-17-generic-di_2.6.28-17.58_amd64.udeb Size/MD5: 189478 11ab49056da16d30ad495929f83481bf http://security.ubuntu.com/ubuntu/pool/main/l/linux/mouse-modules-2.6.28-17-generic-di_2.6.28-17.58_amd64.udeb Size/MD5: 29412 c7e49549f1449f5627779e2eeff4938b http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.28-17-generic-di_2.6.28-17.58_amd64.udeb Size/MD5: 274476 77ba6bdd9b946323dd1bcd0e195ad24e http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.28-17-generic-di_2.6.28-17.58_amd64.udeb Size/MD5: 1934034 bb053bf4b77e4d3d0d5d77e2a41587bf http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.28-17-generic-di_2.6.28-17.58_amd64.udeb Size/MD5: 163490 b31cd84bcd7320a9f61e356ee5fd38cb http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.28-17-generic-di_2.6.28-17.58_amd64.udeb Size/MD5: 194814 6c6c0f6fb2e41da937553b97968d255c http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.28-17-generic-di_2.6.28-17.58_amd64.udeb Size/MD5: 152960 efacd3bdacb375b26f1e8b7f2be79e66 http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.28-17-generic-di_2.6.28-17.58_amd64.udeb Size/MD5: 36494 2719fcde1b7d4eb329a6254447f5ff51 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.28-17-generic-di_2.6.28-17.58_amd64.udeb Size/MD5: 5844 d62bf9c35b46f7630787b8b91d3943d5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.28-17-generic-di_2.6.28-17.58_amd64.udeb Size/MD5: 72142 7c1c05ba3cff8a5b8e071f441255bf5f http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.28-17-generic-di_2.6.28-17.58_amd64.udeb Size/MD5: 22718 cfebcd8105423f6b7973da3302a4350b http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.28-17-generic-di_2.6.28-17.58_amd64.udeb Size/MD5: 8876 45f0c2a66be30fbce1ce3d0fe714cfe6 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.28-17-generic-di_2.6.28-17.58_amd64.udeb Size/MD5: 47444 229b704e12d942272808a3f82b78ced5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.28-17-generic-di_2.6.28-17.58_amd64.udeb Size/MD5: 15664 b6fb4f2a81b946ef7fd2a660962ff9e4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.28-17-generic-di_2.6.28-17.58_amd64.udeb Size/MD5: 1273626 9bbec1883f4ce84148915db92cbed8d9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.28-17-generic-di_2.6.28-17.58_amd64.udeb Size/MD5: 47216 65fbbfca6a46eedca9009c9134a7f00b http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.28-17-generic-di_2.6.28-17.58_amd64.udeb Size/MD5: 72706 314d23a4b766fdd73a69576ed96e8606 http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.28-17-generic-di_2.6.28-17.58_amd64.udeb Size/MD5: 126968 ae549c15c9151cf00f3b50c4b0abb1ac http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.28-17-generic-di_2.6.28-17.58_amd64.udeb Size/MD5: 13472 21af25fdca65f2f2914f5d60ce5a4a59 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.28-17-generic-di_2.6.28-17.58_i386.udeb Size/MD5: 215888 2481e4ffd977981c341cfe425e17e263 http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.28-17-generic-di_2.6.28-17.58_i386.udeb Size/MD5: 46662 956af08d1a1f52667cda1d8b80ebb385 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.28-17-generic-di_2.6.28-17.58_i386.udeb Size/MD5: 41346 11354ccf03e03d8188e0a258e73f908d http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.28-17-generic-di_2.6.28-17.58_i386.udeb Size/MD5: 47384 3473e26ef7e5bff9d1a58c2479ec8a09 http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.28-17-generic-di_2.6.28-17.58_i386.udeb Size/MD5: 86914 6aa59fe707ca503a2259329ce2d8f409 http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.28-17-generic-di_2.6.28-17.58_i386.udeb Size/MD5: 33576 d596a4d6524a75f88a142ec9eb439591 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.28-17-generic-di_2.6.28-17.58_i386.udeb Size/MD5: 525706 982b1695bef89d97ca2c60bf758a0acc http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.28-17-generic-di_2.6.28-17.58_i386.udeb Size/MD5: 125618 8abdfa9e9cb367c5d7662f1ef49ee541 http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.28-17-generic-di_2.6.28-17.58_i386.udeb Size/MD5: 54880 726bb4ac470c16ba38f686c800f1af69 http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.28-17-generic-di_2.6.28-17.58_i386.udeb Size/MD5: 301342 7a9724e67dbb9fe558f2c2590eea618a http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.28-17-generic-di_2.6.28-17.58_i386.udeb Size/MD5: 3746250 8193761abb304023949879b4ecf09aaf http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.28-17-generic_2.6.28-17.58_i386.deb Size/MD5: 673454 5ca945633bd844fd3599574b36afc39d http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.28-17-server_2.6.28-17.58_i386.deb Size/MD5: 675128 13f6dbeef01a73a552cb52d908d466d2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.28-17-generic_2.6.28-17.58_i386.deb Size/MD5: 24658304 183f32f40a52efec7ba4279e4f83b30d http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.28-17-server_2.6.28-17.58_i386.deb Size/MD5: 24772930 bf34be3669ac2f3345fcd94e64d57c3c http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.28-17-virtual_2.6.28-17.58_i386.deb Size/MD5: 10249278 337d3086606a3c15e6cc4bc55b9e4bc7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.28-17.58_i386.deb Size/MD5: 765952 cf4c1b3e4594b21e504d775abd7cb7dd http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.28-17-generic-di_2.6.28-17.58_i386.udeb Size/MD5: 218124 869f6a2c39d05b50f7aa4a27476e1638 http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.28-17-generic-di_2.6.28-17.58_i386.udeb Size/MD5: 174924 0729e49238c3576ec6efea97cf8dbd95 http://security.ubuntu.com/ubuntu/pool/main/l/linux/mouse-modules-2.6.28-17-generic-di_2.6.28-17.58_i386.udeb Size/MD5: 30068 d4369d7ffb73fcfe757cd23ff0e6bc08 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.28-17-generic-di_2.6.28-17.58_i386.udeb Size/MD5: 262858 e9a95e0173b61076d9c6f497f5165f70 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.28-17-generic-di_2.6.28-17.58_i386.udeb Size/MD5: 2109974 5513eb6a2171efc3b6cd37fbcb3d6768 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.28-17-generic-di_2.6.28-17.58_i386.udeb Size/MD5: 150212 8ef54811e9eb1e8ba435518fffaf33f9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.28-17-generic-di_2.6.28-17.58_i386.udeb Size/MD5: 184328 9149907442de0f580ecb2d1f673b9b64 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.28-17-generic-di_2.6.28-17.58_i386.udeb Size/MD5: 143586 8e1b3a3c06034d7a8abd96dbc447be78 http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.28-17-generic-di_2.6.28-17.58_i386.udeb Size/MD5: 34576 40a8c02f0ae769834eb0da69f98aed7f http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.28-17-generic-di_2.6.28-17.58_i386.udeb Size/MD5: 5500 f13b13596e364acb2dd42ec2ea0b6bc7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.28-17-generic-di_2.6.28-17.58_i386.udeb Size/MD5: 86012 c2183bfda93b415ccf41543f5fd46fe0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.28-17-generic-di_2.6.28-17.58_i386.udeb Size/MD5: 47626 a7cc406f42c1cf1a5e39ef0b32c4f293 http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.28-17-generic-di_2.6.28-17.58_i386.udeb Size/MD5: 8714 e597c9d6e42ded210872d5dabc819f99 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.28-17-generic-di_2.6.28-17.58_i386.udeb Size/MD5: 44684 d9595453e482f6a78b58fa9bc8cde879 http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.28-17-generic-di_2.6.28-17.58_i386.udeb Size/MD5: 14774 57d0f04a9a76f8a8f0db5fda0fa10fc0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.28-17-generic-di_2.6.28-17.58_i386.udeb Size/MD5: 1445944 a76b4ea08269dc986ab243c52483fa98 http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.28-17-generic-di_2.6.28-17.58_i386.udeb Size/MD5: 44090 34e316377a6addd4ee5767cc187c86e6 http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.28-17-generic-di_2.6.28-17.58_i386.udeb Size/MD5: 69284 722ccc764db4ac9e48b30530bc6ef84c http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.28-17-generic-di_2.6.28-17.58_i386.udeb Size/MD5: 119532 c48d7fb63171c018068c20562ef60930 http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.28-17-generic-di_2.6.28-17.58_i386.udeb Size/MD5: 12668 0d5f21ae496541d3bc748e9ab1266a42 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.28-17-lpia-di_2.6.28-17.58_lpia.udeb Size/MD5: 215278 0fbc33b8ea9584cb5759062eb81d9a30 http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.28-17-lpia-di_2.6.28-17.58_lpia.udeb Size/MD5: 46668 562af697752ee35902842379a72faf6f http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.28-17-lpia-di_2.6.28-17.58_lpia.udeb Size/MD5: 40958 319ef5f9cdc9e357a517b392101bcce5 http://ports.ubuntu.com/pool/main/l/linux/fb-modules-2.6.28-17-lpia-di_2.6.28-17.58_lpia.udeb Size/MD5: 47304 52378d850540166c195c3eb6e15c552a http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.28-17-lpia-di_2.6.28-17.58_lpia.udeb Size/MD5: 86530 da993d0b7894be022fb7fc6ac3d8cabb http://ports.ubuntu.com/pool/main/l/linux/floppy-modules-2.6.28-17-lpia-di_2.6.28-17.58_lpia.udeb Size/MD5: 33276 28719dd8ff358d3811a683d23b069bc3 http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.28-17-lpia-di_2.6.28-17.58_lpia.udeb Size/MD5: 523820 1815cb3112f51cf637935c416d21ce33 http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.28-17-lpia-di_2.6.28-17.58_lpia.udeb Size/MD5: 125250 76df29faff20aeb7c18e532ec946d82d http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.28-17-lpia-di_2.6.28-17.58_lpia.udeb Size/MD5: 63556 8d2336c7327797016ef6d38d14f5105a http://ports.ubuntu.com/pool/main/l/linux/irda-modules-2.6.28-17-lpia-di_2.6.28-17.58_lpia.udeb Size/MD5: 300716 805906ec9ea92d470e2db253e0b7a7ae http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.28-17-lpia-di_2.6.28-17.58_lpia.udeb Size/MD5: 3035458 8738d69f4f61da6ad241cdd0fe9e6827 http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.28-17-lpia_2.6.28-17.58_lpia.deb Size/MD5: 641032 4f63d4d08ce2702383c3a10edfe0ed64 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.28-17-lpia_2.6.28-17.58_lpia.deb Size/MD5: 21801442 1483b79d033a49c342f2fab590f8a140 http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.28-17.58_lpia.deb Size/MD5: 765938 731fe099f393b871466bf8305b3149ab http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.28-17-lpia-di_2.6.28-17.58_lpia.udeb Size/MD5: 304008 9eab6d619a8552dbbc931995daffa449 http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.28-17-lpia-di_2.6.28-17.58_lpia.udeb Size/MD5: 157420 2d607a7f7ff606d18fb39d5d01ca359c http://ports.ubuntu.com/pool/main/l/linux/mouse-modules-2.6.28-17-lpia-di_2.6.28-17.58_lpia.udeb Size/MD5: 24442 ace9171d45f91779a5593e913cad0f8b http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.28-17-lpia-di_2.6.28-17.58_lpia.udeb Size/MD5: 260470 585ceff92459983e005ad255fb269df8 http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.28-17-lpia-di_2.6.28-17.58_lpia.udeb Size/MD5: 2027604 561965e4b291ed79891991580287c874 http://ports.ubuntu.com/pool/main/l/linux/nic-pcmcia-modules-2.6.28-17-lpia-di_2.6.28-17.58_lpia.udeb Size/MD5: 149418 f540f989b002aa7ee05795e6d289a8ae http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.28-17-lpia-di_2.6.28-17.58_lpia.udeb Size/MD5: 184732 273353ace536ea958c79dd6ae9a132ff http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.28-17-lpia-di_2.6.28-17.58_lpia.udeb Size/MD5: 143254 3b914155639f6da46bc123727449a31f http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.28-17-lpia-di_2.6.28-17.58_lpia.udeb Size/MD5: 34474 9161defe8064c71a88a4b4954dbef4cc http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.28-17-lpia-di_2.6.28-17.58_lpia.udeb Size/MD5: 5496 20243697410ff32e998e57d881485d72 http://ports.ubuntu.com/pool/main/l/linux/pcmcia-modules-2.6.28-17-lpia-di_2.6.28-17.58_lpia.udeb Size/MD5: 85658 310ea3e877ac150e80863e05b3538abf http://ports.ubuntu.com/pool/main/l/linux/pcmcia-storage-modules-2.6.28-17-lpia-di_2.6.28-17.58_lpia.udeb Size/MD5: 47396 0dde865178ec60128112455058db634d http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.28-17-lpia-di_2.6.28-17.58_lpia.udeb Size/MD5: 8718 f4cbae478d613e6ea959f88538000325 http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.28-17-lpia-di_2.6.28-17.58_lpia.udeb Size/MD5: 63094 07e37488afdddc82fc4dd7bb811151fd http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.28-17-lpia-di_2.6.28-17.58_lpia.udeb Size/MD5: 14724 71d8d1411a4b86baead8c3a844466141 http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.28-17-lpia-di_2.6.28-17.58_lpia.udeb Size/MD5: 1447872 50051140be1d48addf19b93baeb388a0 http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.28-17-lpia-di_2.6.28-17.58_lpia.udeb Size/MD5: 43896 1a4e381a65ef3d2ab026304ed3611a50 http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.28-17-lpia-di_2.6.28-17.58_lpia.udeb Size/MD5: 155194 3ecf8ca862227056499b226709203e6f http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.28-17-lpia-di_2.6.28-17.58_lpia.udeb Size/MD5: 172704 67be404cec4f611aac2f5c95c830fcdf http://ports.ubuntu.com/pool/main/l/linux/virtio-modules-2.6.28-17-lpia-di_2.6.28-17.58_lpia.udeb Size/MD5: 8156 b1b57047743f7a97ea80d2e790f1477a -- Ubuntu 9.10 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.31-16.52.diff.gz Size/MD5: 2744435 94845c11c9688532cf63511e9eaa2a28 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.31-16.52.dsc Size/MD5: 3781 4c6ecedce952e8d2f0f59617fedb0f41 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.31.orig.tar.gz Size/MD5: 78278595 16c0355d3612806ef87addf7c9f8c9f9 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-doc_2.6.31-16.52_all.deb Size/MD5: 3788068 7d0493c9fbe017e86a8b2f7373d769fd http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.31-16_2.6.31-16.52_all.deb Size/MD5: 9527434 db98147e9387644faf6f25d21d7ef80f http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-source-2.6.31_2.6.31-16.52_all.deb Size/MD5: 62151868 a1a8de5554e0365dd2a1fe87e6bade38 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.31-16-generic-di_2.6.31-16.52_amd64.udeb Size/MD5: 221394 d967eb4cabe2fcb8cee1e1392fa198a0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/char-modules-2.6.31-16-generic-di_2.6.31-16.52_amd64.udeb Size/MD5: 15536 935256af81d287b27c32dfbe2d4adf9f http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.31-16-generic-di_2.6.31-16.52_amd64.udeb Size/MD5: 52130 c6ae869f484a64de02cd3533e721825f http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.31-16-generic-di_2.6.31-16.52_amd64.udeb Size/MD5: 44828 b8b48b84da08f4b6ff8d8b5dc70c92ec http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.31-16-generic-di_2.6.31-16.52_amd64.udeb Size/MD5: 50068 8956135e6bd0463976f4e905869291e9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.31-16-generic-di_2.6.31-16.52_amd64.udeb Size/MD5: 92514 47a49227eb7819145e8fe22f8c196ca0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.31-16-generic-di_2.6.31-16.52_amd64.udeb Size/MD5: 37774 82d5aa934565c99a4d0bb78765a8ecb5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.31-16-generic-di_2.6.31-16.52_amd64.udeb Size/MD5: 522822 9166f6976ea3598393eef6cc6356dff8 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.31-16-generic-di_2.6.31-16.52_amd64.udeb Size/MD5: 130546 9a78d956a842e425b7acd766b190f33f http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.31-16-generic-di_2.6.31-16.52_amd64.udeb Size/MD5: 53834 0e7d0a6b45ef348b5dc0c65e91bff015 http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.31-16-generic-di_2.6.31-16.52_amd64.udeb Size/MD5: 310138 c25c9bfe9956dcf387f7f98c739ab378 http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.31-16-generic-di_2.6.31-16.52_amd64.udeb Size/MD5: 4353278 b81269e2a5dcdbac292ad515c90f07ee http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.31-16-generic_2.6.31-16.52_amd64.deb Size/MD5: 691622 c93d9261c2b7cb9e55c993ec156b9c0b http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.31-16-server_2.6.31-16.52_amd64.deb Size/MD5: 692054 4efebd7f459e528f7e8a15c8b8787234 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.31-16-generic_2.6.31-16.52_amd64.deb Size/MD5: 28920234 1d8940138a37a91a85e8abca9cb8406f http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.31-16-server_2.6.31-16.52_amd64.deb Size/MD5: 28884586 7f2706f085c69f0c9707d613ef776b6c http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.31-16-virtual_2.6.31-16.52_amd64.deb Size/MD5: 11736544 8a08da9c0f34aef76ddfafae45c30a53 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.31-16.52_amd64.deb Size/MD5: 739268 a8d48a1f59b184ed4c0b13fd941534a7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.31-16-generic-di_2.6.31-16.52_amd64.udeb Size/MD5: 168274 0394cac072790d70b2c51527a48ec76c http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.31-16-generic-di_2.6.31-16.52_amd64.udeb Size/MD5: 202752 776206383528b0bf04eb046f64d405ff http://security.ubuntu.com/ubuntu/pool/main/l/linux/mouse-modules-2.6.31-16-generic-di_2.6.31-16.52_amd64.udeb Size/MD5: 27270 2c67e0cf156d6b18f997952024b06b8d http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.31-16-generic-di_2.6.31-16.52_amd64.udeb Size/MD5: 311806 923aedda85e21dd41b49aefca87a0e23 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.31-16-generic-di_2.6.31-16.52_amd64.udeb Size/MD5: 2281726 e25184b43f1dcc309d5cb53cf45d5e3e http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.31-16-generic-di_2.6.31-16.52_amd64.udeb Size/MD5: 158678 2970a2fb41dfb4e563b6f8a60dece233 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.31-16-generic-di_2.6.31-16.52_amd64.udeb Size/MD5: 203090 fff635b848a439ea9da34bcfa345e93d http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.31-16-generic-di_2.6.31-16.52_amd64.udeb Size/MD5: 161052 b159e7f4bfff823569f07e4f09a2c2a0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.31-16-generic-di_2.6.31-16.52_amd64.udeb Size/MD5: 38062 1719fbb25488352971b80663d051df2f http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.31-16-generic-di_2.6.31-16.52_amd64.udeb Size/MD5: 5766 0933d409bdbb053a9ce963f53e92e448 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.31-16-generic-di_2.6.31-16.52_amd64.udeb Size/MD5: 73504 4a9b596b81954fa6baf66ce5010239c5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.31-16-generic-di_2.6.31-16.52_amd64.udeb Size/MD5: 22242 2ae7d3eddfa5f3228133c104600e8dd5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.31-16-generic-di_2.6.31-16.52_amd64.udeb Size/MD5: 9546 2eccddb27f7be016850c9e2b338815a5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.31-16-generic-di_2.6.31-16.52_amd64.udeb Size/MD5: 39838 8934848996d32d254f5d95371237d152 http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.31-16-generic-di_2.6.31-16.52_amd64.udeb Size/MD5: 23500 e8c8ff274c330c24e33ae0d973ff9f62 http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.31-16-generic-di_2.6.31-16.52_amd64.udeb Size/MD5: 1389536 257fc23985650795fd940f11ccc491dd http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.31-16-generic-di_2.6.31-16.52_amd64.udeb Size/MD5: 47376 39bc7864de1f32ebb5ddedf174dee455 http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.31-16-generic-di_2.6.31-16.52_amd64.udeb Size/MD5: 51614 cb160034df946abd34834fa571853cb5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.31-16-generic-di_2.6.31-16.52_amd64.udeb Size/MD5: 128712 c6c3eade4780af4cec5c42aecf2dc210 http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.31-16-generic-di_2.6.31-16.52_amd64.udeb Size/MD5: 15820 9c8e8a0dadf4964a7f5e59a6b3ede6d9 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.31-16-generic-di_2.6.31-16.52_i386.udeb Size/MD5: 198838 4d18624495eb9f1bae26aa0cf521802d http://security.ubuntu.com/ubuntu/pool/main/l/linux/char-modules-2.6.31-16-generic-di_2.6.31-16.52_i386.udeb Size/MD5: 32458 6cbe8c9955b0061f62399bdae51b494c http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.31-16-generic-di_2.6.31-16.52_i386.udeb Size/MD5: 49938 ea6e8f936034f9dd5e9e07215c163db2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.31-16-generic-di_2.6.31-16.52_i386.udeb Size/MD5: 42116 28811d3140bfc2372a2aa987fdf9c67d http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.31-16-generic-di_2.6.31-16.52_i386.udeb Size/MD5: 45956 a7d3393e274021525c5cdebda2412960 http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.31-16-generic-di_2.6.31-16.52_i386.udeb Size/MD5: 87378 df5fca6ea1e0b32e165ef07d5cd065bc http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.31-16-generic-di_2.6.31-16.52_i386.udeb Size/MD5: 33756 cc1b0d5469ef627032a99acd198c1657 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.31-16-generic-di_2.6.31-16.52_i386.udeb Size/MD5: 519400 55820278e90fa5ad27ba927c7daffd9f http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.31-16-generic-di_2.6.31-16.52_i386.udeb Size/MD5: 128044 38f5304f24d1da63696547c58eb597e2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.31-16-generic-di_2.6.31-16.52_i386.udeb Size/MD5: 49740 9de2cc2c58deebd3bfc8b35dbcb4b337 http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.31-16-generic-di_2.6.31-16.52_i386.udeb Size/MD5: 295736 63d3b190ab3776c85e7d8f22601a23a9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.31-16-generic-di_2.6.31-16.52_i386.udeb Size/MD5: 4186250 b12b1ebd239d221a7a6ff4b32397cabf http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.31-16-386_2.6.31-16.52_i386.deb Size/MD5: 670440 f4a1411e295e01395bfee2a2dfc35638 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.31-16-generic-pae_2.6.31-16.52_i386.deb Size/MD5: 670678 b1320447215a6ac1022e5692af18b048 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.31-16-generic_2.6.31-16.52_i386.deb Size/MD5: 670884 3893c22c0325485ce4c29826480b74e4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.31-16-386_2.6.31-16.52_i386.deb Size/MD5: 28774698 31059bd44ee255dfb46ffebadd48b1fe http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.31-16-generic-pae_2.6.31-16.52_i386.deb Size/MD5: 28933102 bb9333dffaf106f191adbeba9e168661 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.31-16-generic_2.6.31-16.52_i386.deb Size/MD5: 28833330 38bcab73de9dcb3ca56165d03b48ce5f http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.31-16-virtual_2.6.31-16.52_i386.deb Size/MD5: 11189916 9d92fb7f57658451be116976286cf730 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.31-16.52_i386.deb Size/MD5: 739292 b072f3a2efa1fe4373be00738d3b1f35 http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.31-16-generic-di_2.6.31-16.52_i386.udeb Size/MD5: 172784 3d13ef13c213e926af755e7508b347b3 http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.31-16-generic-di_2.6.31-16.52_i386.udeb Size/MD5: 186132 83258b474480450fb87074abbeb7f7f5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/mouse-modules-2.6.31-16-generic-di_2.6.31-16.52_i386.udeb Size/MD5: 28370 4681cdda63df7c4e49adf81c7e10f318 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.31-16-generic-di_2.6.31-16.52_i386.udeb Size/MD5: 292772 91257772099a3d3941ea26ed9fafb691 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.31-16-generic-di_2.6.31-16.52_i386.udeb Size/MD5: 2400204 6370fcb8d467cc0e1367a6e5798335ca http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.31-16-generic-di_2.6.31-16.52_i386.udeb Size/MD5: 142010 febbd44cd61d1ef4e90e432fc6b36179 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.31-16-generic-di_2.6.31-16.52_i386.udeb Size/MD5: 189572 63c664d8c71fd8443d3b14fe8a5bbd9e http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.31-16-generic-di_2.6.31-16.52_i386.udeb Size/MD5: 148500 6c3f211e1e0ad486ec96870903293bcc http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.31-16-generic-di_2.6.31-16.52_i386.udeb Size/MD5: 35300 7fd160a7bd4a136e35d2e3dae674d8c8 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.31-16-generic-di_2.6.31-16.52_i386.udeb Size/MD5: 6844 8c682d2443f5c57733cd5dffc3b45558 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.31-16-generic-di_2.6.31-16.52_i386.udeb Size/MD5: 85692 a47b11e581c7b41ddd393a282b16c599 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.31-16-generic-di_2.6.31-16.52_i386.udeb Size/MD5: 46416 94691070be3a03860b5165b9ea3a5b79 http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.31-16-generic-di_2.6.31-16.52_i386.udeb Size/MD5: 8914 d8f70b15a81915dacef61eb3c5d86838 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.31-16-generic-di_2.6.31-16.52_i386.udeb Size/MD5: 36278 c00fae312275d6b1ac7b2519abfb1812 http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.31-16-generic-di_2.6.31-16.52_i386.udeb Size/MD5: 21684 38b64f3d69af9c62c3af8c74930d090f http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.31-16-generic-di_2.6.31-16.52_i386.udeb Size/MD5: 1495066 9754ca84f92f994feebbc22d2ae2d228 http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.31-16-generic-di_2.6.31-16.52_i386.udeb Size/MD5: 44078 690b283b63c92d84b70ec330d6e06320 http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.31-16-generic-di_2.6.31-16.52_i386.udeb Size/MD5: 48460 64a7017be7e203abfc59164fea63dcf7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.31-16-generic-di_2.6.31-16.52_i386.udeb Size/MD5: 117570 8140a22526f1d093c7cf9a9e3a4fd0e2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.31-16-generic-di_2.6.31-16.52_i386.udeb Size/MD5: 14510 41f9bd64725197b70aaff659b3b6af1e lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.31-16-lpia-di_2.6.31-16.52_lpia.udeb Size/MD5: 198812 9293250bc94de8002ec729ff4e879c45 http://ports.ubuntu.com/pool/main/l/linux/char-modules-2.6.31-16-lpia-di_2.6.31-16.52_lpia.udeb Size/MD5: 32448 4d3d1609306959a60be2f101d33afd1d http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.31-16-lpia-di_2.6.31-16.52_lpia.udeb Size/MD5: 49938 220782f3d2c5ec574552bee867da3729 http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.31-16-lpia-di_2.6.31-16.52_lpia.udeb Size/MD5: 42158 8b315ba685302c281b66ad579ae00224 http://ports.ubuntu.com/pool/main/l/linux/fb-modules-2.6.31-16-lpia-di_2.6.31-16.52_lpia.udeb Size/MD5: 45940 b5bd2aca59b138bf6c649834eaf7424d http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.31-16-lpia-di_2.6.31-16.52_lpia.udeb Size/MD5: 87374 5826804462e345407c2bb6bc3a7de1c3 http://ports.ubuntu.com/pool/main/l/linux/floppy-modules-2.6.31-16-lpia-di_2.6.31-16.52_lpia.udeb Size/MD5: 33750 decde124a26a729dbeae753297d8b42b http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.31-16-lpia-di_2.6.31-16.52_lpia.udeb Size/MD5: 519582 1f8b0081a03849b14b83a8ed3c903511 http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.31-16-lpia-di_2.6.31-16.52_lpia.udeb Size/MD5: 128098 2f5878453a1631e1cd938012b38ff1b8 http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.31-16-lpia-di_2.6.31-16.52_lpia.udeb Size/MD5: 49748 65ef4d16d36a1855854955589879ff80 http://ports.ubuntu.com/pool/main/l/linux/irda-modules-2.6.31-16-lpia-di_2.6.31-16.52_lpia.udeb Size/MD5: 295736 15cba19b3b2b34c35663c75f4392594f http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.31-16-lpia-di_2.6.31-16.52_lpia.udeb Size/MD5: 4187206 6d0d152361f70105514a357f685cddb8 http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.31-16-lpia_2.6.31-16.52_lpia.deb Size/MD5: 670140 5947b11dcbdb3460cc7d761b59ac63e9 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.31-16-lpia_2.6.31-16.52_lpia.deb Size/MD5: 28826268 8322ee492431bcd4b6c84a972c85ff99 http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.31-16.52_lpia.deb Size/MD5: 739260 7529f42215736f98da37a7ef1e7a8c5e http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.31-16-lpia-di_2.6.31-16.52_lpia.udeb Size/MD5: 172842 ece65e70de79de4e68a61989f4f0fe50 http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.31-16-lpia-di_2.6.31-16.52_lpia.udeb Size/MD5: 186108 582eb26e10157b65dea94d7f0d121cb1 http://ports.ubuntu.com/pool/main/l/linux/mouse-modules-2.6.31-16-lpia-di_2.6.31-16.52_lpia.udeb Size/MD5: 28366 6bda5b625302d6de36cb3ebee130a7ee http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.31-16-lpia-di_2.6.31-16.52_lpia.udeb Size/MD5: 292778 9f50e5582d08fabfab18b657c5d3304c http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.31-16-lpia-di_2.6.31-16.52_lpia.udeb Size/MD5: 2400346 f36abeeb1c56eb7d073d1f1e7ba8f447 http://ports.ubuntu.com/pool/main/l/linux/nic-pcmcia-modules-2.6.31-16-lpia-di_2.6.31-16.52_lpia.udeb Size/MD5: 141998 73fdf8517103915629874b0db5a10173 http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.31-16-lpia-di_2.6.31-16.52_lpia.udeb Size/MD5: 189562 ec97aaee235161b11b5c23d6cd55cdb8 http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.31-16-lpia-di_2.6.31-16.52_lpia.udeb Size/MD5: 148478 48004f394d3b69856ca106a338029c9b http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.31-16-lpia-di_2.6.31-16.52_lpia.udeb Size/MD5: 35294 9d367cacb1f9a37d5e0071bacc70fc30 http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.31-16-lpia-di_2.6.31-16.52_lpia.udeb Size/MD5: 6830 c25d3d408e34a8913b5ef5c4df4396f6 http://ports.ubuntu.com/pool/main/l/linux/pcmcia-modules-2.6.31-16-lpia-di_2.6.31-16.52_lpia.udeb Size/MD5: 85676 e33727bdddeb86abd5c92b8fe3902fed http://ports.ubuntu.com/pool/main/l/linux/pcmcia-storage-modules-2.6.31-16-lpia-di_2.6.31-16.52_lpia.udeb Size/MD5: 46414 4f928724e599bf16b705e865b8f85e9a http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.31-16-lpia-di_2.6.31-16.52_lpia.udeb Size/MD5: 8906 457d7434f2aa6d6e5a12e3df4883b2fc http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.31-16-lpia-di_2.6.31-16.52_lpia.udeb Size/MD5: 36272 5abdb242810c8351f7528a4c0dc1dbdd http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.31-16-lpia-di_2.6.31-16.52_lpia.udeb Size/MD5: 21682 4dc0ab6a3a2dec95f6d22d7b7c24271f http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.31-16-lpia-di_2.6.31-16.52_lpia.udeb Size/MD5: 1494798 145c76ac77c9564abd854a0a616d1924 http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.31-16-lpia-di_2.6.31-16.52_lpia.udeb Size/MD5: 44068 28fc2309d7530212c466d26dc674c2d1 http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.31-16-lpia-di_2.6.31-16.52_lpia.udeb Size/MD5: 48452 d9a4ca247eb5e81a7651515147ca475f http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.31-16-lpia-di_2.6.31-16.52_lpia.udeb Size/MD5: 117552 aba57b2f5944f5903582d405b94246d9 http://ports.ubuntu.com/pool/main/l/linux/virtio-modules-2.6.31-16-lpia-di_2.6.31-16.52_lpia.udeb Size/MD5: 14504 a534d4dd3500eef5dc701fb89465e252 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.31-16-powerpc-di_2.6.31-16.52_powerpc.udeb Size/MD5: 321460 75987ec257907b0aa799322a5766ba74 http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.31-16-powerpc64-smp-di_2.6.31-16.52_powerpc.udeb Size/MD5: 263626 26dad9ecc5afbe7a94c808a822b65a33 http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.31-16-powerpc-di_2.6.31-16.52_powerpc.udeb Size/MD5: 58854 be9324d8f61ce44444ff968491d6b58d http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.31-16-powerpc64-smp-di_2.6.31-16.52_powerpc.udeb Size/MD5: 67046 94704f7c0028227c0bf5120695b4af33 http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.31-16-powerpc-di_2.6.31-16.52_powerpc.udeb Size/MD5: 45918 3fbad4e4384b475117a00c92b944412d http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.31-16-powerpc64-smp-di_2.6.31-16.52_powerpc.udeb Size/MD5: 51296 3b246dd6879e5d09eb742f505b50c2ab http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.31-16-powerpc-di_2.6.31-16.52_powerpc.udeb Size/MD5: 90678 55e2027e5f3ba26d68bab356a2a13174 http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.31-16-powerpc64-smp-di_2.6.31-16.52_powerpc.udeb Size/MD5: 105150 970ded9fa6770895c7e4ca94d67deda3 http://ports.ubuntu.com/pool/main/l/linux/floppy-modules-2.6.31-16-powerpc-di_2.6.31-16.52_powerpc.udeb Size/MD5: 39494 193452ff30b8172b10777d52b3ed12c1 http://ports.ubuntu.com/pool/main/l/linux/floppy-modules-2.6.31-16-powerpc64-smp-di_2.6.31-16.52_powerpc.udeb Size/MD5: 39272 b2bee13b249ca7d5d7c3ecd83e43da8e http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.31-16-powerpc-di_2.6.31-16.52_powerpc.udeb Size/MD5: 565180 a6e185f431d32d36a7c8a71f71b12188 http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.31-16-powerpc64-smp-di_2.6.31-16.52_powerpc.udeb Size/MD5: 609024 e3f196542bf203061f2730933f26d49c http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.31-16-powerpc-di_2.6.31-16.52_powerpc.udeb Size/MD5: 149186 a961c45e1c5df29072ef8a5bfcbdbc6b http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.31-16-powerpc64-smp-di_2.6.31-16.52_powerpc.udeb Size/MD5: 147236 b7a2dd198ecccf6da968b815ad2b7d01 http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.31-16-powerpc-di_2.6.31-16.52_powerpc.udeb Size/MD5: 79750 bff600537833ec17db0641fd7ddb186e http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.31-16-powerpc64-smp-di_2.6.31-16.52_powerpc.udeb Size/MD5: 84132 5c7cef074ce31969621207f009d6bdf8 http://ports.ubuntu.com/pool/main/l/linux/irda-modules-2.6.31-16-powerpc-di_2.6.31-16.52_powerpc.udeb Size/MD5: 402954 4a244b2d5908e1aece7eea07127b3311 http://ports.ubuntu.com/pool/main/l/linux/irda-modules-2.6.31-16-powerpc64-smp-di_2.6.31-16.52_powerpc.udeb Size/MD5: 342522 b0314a009c65fef286e9eb2b9f9f7a14 http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.31-16-powerpc-di_2.6.31-16.52_powerpc.udeb Size/MD5: 3812402 6e7558ab65dc779f13db38744e4d5290 http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.31-16-powerpc64-smp-di_2.6.31-16.52_powerpc.udeb Size/MD5: 5192110 20e1c2204b045966ec3321236bb81840 http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.31-16-powerpc-smp_2.6.31-16.52_powerpc.deb Size/MD5: 779466 9f82be9422fcb4a061c85497c01a6896 http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.31-16-powerpc64-smp_2.6.31-16.52_powerpc.deb Size/MD5: 798236 3916ea254ede27ba613c4495644ad55c http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.31-16-powerpc_2.6.31-16.52_powerpc.deb Size/MD5: 778948 1b15b8e216620d259d27dc50f00ac407 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.31-16-powerpc-smp_2.6.31-16.52_powerpc.deb Size/MD5: 24818272 03dfa0619e58ffd8639341b3d2a45d4a http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.31-16-powerpc64-smp_2.6.31-16.52_powerpc.deb Size/MD5: 25825360 d1714f69f04ae2fc8129fb0db1953acf http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.31-16-powerpc_2.6.31-16.52_powerpc.deb Size/MD5: 24654354 249487bcae8117cbdf5b2674db6a0416 http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.31-16.52_powerpc.deb Size/MD5: 724360 fbb00a0b29211abbc7f272550004368e http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.31-16-powerpc-di_2.6.31-16.52_powerpc.udeb Size/MD5: 271868 2b14a8709c8b8f36e775648176f8534f http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.31-16-powerpc64-smp-di_2.6.31-16.52_powerpc.udeb Size/MD5: 294582 1a558fa129c27fddd0b0da21b8a5a644 http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.31-16-powerpc-di_2.6.31-16.52_powerpc.udeb Size/MD5: 210548 4bfae8c6ed58265d7aee624deaf8f532 http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.31-16-powerpc64-smp-di_2.6.31-16.52_powerpc.udeb Size/MD5: 216968 6d56d19568fdb992c4938109d55406d5 http://ports.ubuntu.com/pool/main/l/linux/mouse-modules-2.6.31-16-powerpc-di_2.6.31-16.52_powerpc.udeb Size/MD5: 25798 e779ddc47a0a4df0a7229acb6bc5cec4 http://ports.ubuntu.com/pool/main/l/linux/mouse-modules-2.6.31-16-powerpc64-smp-di_2.6.31-16.52_powerpc.udeb Size/MD5: 28986 c769a2949867d05cdb5d2165ddf52333 http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.31-16-powerpc-di_2.6.31-16.52_powerpc.udeb Size/MD5: 315000 2940e2550ed0c0ebccf908e177ce2442 http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.31-16-powerpc64-smp-di_2.6.31-16.52_powerpc.udeb Size/MD5: 357740 f508182b50fa0141ea228ad738f4028d http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.31-16-powerpc-di_2.6.31-16.52_powerpc.udeb Size/MD5: 2027538 13ebfcaf5136213ff41f1c25c464eb2a http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.31-16-powerpc64-smp-di_2.6.31-16.52_powerpc.udeb Size/MD5: 2247592 5e70f1b3fde48474e62122a110d6984f http://ports.ubuntu.com/pool/main/l/linux/nic-pcmcia-modules-2.6.31-16-powerpc-di_2.6.31-16.52_powerpc.udeb Size/MD5: 213560 f6a6399279fceb3798c6072fabb7f651 http://ports.ubuntu.com/pool/main/l/linux/nic-pcmcia-modules-2.6.31-16-powerpc64-smp-di_2.6.31-16.52_powerpc.udeb Size/MD5: 209808 ea828e2c078fc957fe161aa31a505abd http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.31-16-powerpc-di_2.6.31-16.52_powerpc.udeb Size/MD5: 210162 d1aff0ff44ed591c4012351b0141b75c http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.31-16-powerpc64-smp-di_2.6.31-16.52_powerpc.udeb Size/MD5: 244798 9dfb00939bdd6a05ff34a5e2b3b1bcf0 http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.31-16-powerpc-di_2.6.31-16.52_powerpc.udeb Size/MD5: 111844 1cf68ac2dca62e123ed1348f2afaf964 http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.31-16-powerpc64-smp-di_2.6.31-16.52_powerpc.udeb Size/MD5: 131604 66e6283dd0f57ee6e9a845e8364d4abf http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.31-16-powerpc-di_2.6.31-16.52_powerpc.udeb Size/MD5: 49032 ea27a84b964ee6d2fa9f514b939e6b10 http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.31-16-powerpc64-smp-di_2.6.31-16.52_powerpc.udeb Size/MD5: 44090 f855d0d997bff35fac0c9764264fec7d http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.31-16-powerpc-di_2.6.31-16.52_powerpc.udeb Size/MD5: 5850 e70e8e9fefea5a2c10d4244af668ab2c http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.31-16-powerpc64-smp-di_2.6.31-16.52_powerpc.udeb Size/MD5: 6506 33b7a61496f0bb936c8db555054e76fd http://ports.ubuntu.com/pool/main/l/linux/pcmcia-modules-2.6.31-16-powerpc-di_2.6.31-16.52_powerpc.udeb Size/MD5: 78786 b69808cdc69b6d2bff309d2fd8548e1b http://ports.ubuntu.com/pool/main/l/linux/pcmcia-modules-2.6.31-16-powerpc64-smp-di_2.6.31-16.52_powerpc.udeb Size/MD5: 84598 ea17c9580156ed7a52f62d329d6331e0 http://ports.ubuntu.com/pool/main/l/linux/pcmcia-storage-modules-2.6.31-16-powerpc-di_2.6.31-16.52_powerpc.udeb Size/MD5: 74320 4520fd6eb254f39cc3b0553fedea21f8 http://ports.ubuntu.com/pool/main/l/linux/pcmcia-storage-modules-2.6.31-16-powerpc64-smp-di_2.6.31-16.52_powerpc.udeb Size/MD5: 27226 b7fce18c00763fa52a65bbc66c0b89d1 http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.31-16-powerpc-di_2.6.31-16.52_powerpc.udeb Size/MD5: 8542 3a54ac96b2cf005544e20b0e13867bca http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.31-16-powerpc64-smp-di_2.6.31-16.52_powerpc.udeb Size/MD5: 9816 bd0ded7fb0999c8c32e8c9cc1d8acff8 http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.31-16-powerpc-di_2.6.31-16.52_powerpc.udeb Size/MD5: 58812 0941b7159d14c982f4f88513f73baaa9 http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.31-16-powerpc64-smp-di_2.6.31-16.52_powerpc.udeb Size/MD5: 70148 983186a2ef54d6faa2d0f0a68f6e7afb http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.31-16-powerpc-di_2.6.31-16.52_powerpc.udeb Size/MD5: 23724 bd9faafe0eed51e17806a261aaf2e520 http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.31-16-powerpc64-smp-di_2.6.31-16.52_powerpc.udeb Size/MD5: 30816 34760a4c30a02957e575ac38d2ca7148 http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.31-16-powerpc-di_2.6.31-16.52_powerpc.udeb Size/MD5: 1556864 69c9e77ff10cac34819f3d3a1f1e83e6 http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.31-16-powerpc64-smp-di_2.6.31-16.52_powerpc.udeb Size/MD5: 1509108 d0c0255e66bb270e6dbd6cdf88c28ad1 http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.31-16-powerpc-di_2.6.31-16.52_powerpc.udeb Size/MD5: 81690 9a14d2ff610d6cc8b49bef1aa80afea9 http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.31-16-powerpc64-smp-di_2.6.31-16.52_powerpc.udeb Size/MD5: 88530 cbd89612275392454f92bce74a5169a0 http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.31-16-powerpc-di_2.6.31-16.52_powerpc.udeb Size/MD5: 64394 bf429690a2213d24ffe347d3ea120315 http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.31-16-powerpc64-smp-di_2.6.31-16.52_powerpc.udeb Size/MD5: 77008 bc37dd106f367dc223c2202965f30c5a http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.31-16-powerpc-di_2.6.31-16.52_powerpc.udeb Size/MD5: 141266 407365c8e0b8c95115a4e660e837ea0c http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.31-16-powerpc64-smp-di_2.6.31-16.52_powerpc.udeb Size/MD5: 150878 bb8d303c39022a3c29ca2b8df0f3b95a sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.31-16-sparc64-di_2.6.31-16.52_sparc.udeb Size/MD5: 139438 f72f1055c9c41caac814564fc76560b8 http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.31-16-sparc64-di_2.6.31-16.52_sparc.udeb Size/MD5: 70116 61f9c3a8ae0870591dacb843f3336528 http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.31-16-sparc64-di_2.6.31-16.52_sparc.udeb Size/MD5: 46518 44e42f06fdc0be527dd4a5276f2d889e http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.31-16-sparc64-di_2.6.31-16.52_sparc.udeb Size/MD5: 93974 3e920766de3b8bb64e8033e7064df3de http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.31-16-sparc64-di_2.6.31-16.52_sparc.udeb Size/MD5: 572216 33291ed043f8407ea964b82e4a7a6904 http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.31-16-sparc64-di_2.6.31-16.52_sparc.udeb Size/MD5: 148316 810b0cbe48b37adf9b73996a208a6e3f http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.31-16-sparc64-di_2.6.31-16.52_sparc.udeb Size/MD5: 75860 6a3512717c18c5c38d465e37dac825a9 http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.31-16-sparc64-di_2.6.31-16.52_sparc.udeb Size/MD5: 2893336 c5a795d441e9a11379bf86e94dc020bc http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.31-16-sparc64-smp_2.6.31-16.52_sparc.deb Size/MD5: 596878 7bdf79890eb606d5147d28192a8a46b5 http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.31-16-sparc64_2.6.31-16.52_sparc.deb Size/MD5: 595760 bb7fa79d030de0a1563b5942b49e7288 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.31-16-sparc64-smp_2.6.31-16.52_sparc.deb Size/MD5: 20493282 a0111838ef4aa8e243557eddb2d6debc http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.31-16-sparc64_2.6.31-16.52_sparc.deb Size/MD5: 20186568 0ed04731c941a33ac251bbb976737618 http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.31-16.52_sparc.deb Size/MD5: 736502 5a2ab17ac0d2415d314c378eb386eeab http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.31-16-sparc64-di_2.6.31-16.52_sparc.udeb Size/MD5: 266054 6d30162b42da4e5ac9999fa41942bff7 http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.31-16-sparc64-di_2.6.31-16.52_sparc.udeb Size/MD5: 209166 706a80a06c6004554dce219bcd5d5471 http://ports.ubuntu.com/pool/main/l/linux/mouse-modules-2.6.31-16-sparc64-di_2.6.31-16.52_sparc.udeb Size/MD5: 26262 4c47aa1a5710f8259b97f05e39629450 http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.31-16-sparc64-di_2.6.31-16.52_sparc.udeb Size/MD5: 314152 e716c9675cfd07ed93a9700bb249a45e http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.31-16-sparc64-di_2.6.31-16.52_sparc.udeb Size/MD5: 1675462 0823a921f53122c2dc41ce66eda0aa8c http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.31-16-sparc64-di_2.6.31-16.52_sparc.udeb Size/MD5: 222814 e8fe17d67d7a1977ce625e7bfeec360a http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.31-16-sparc64-di_2.6.31-16.52_sparc.udeb Size/MD5: 121950 22e000eaec25d361fcb7c5145ad80980 http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.31-16-sparc64-di_2.6.31-16.52_sparc.udeb Size/MD5: 38800 ca04c56d5b439fd3d48b18bb0245e794 http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.31-16-sparc64-di_2.6.31-16.52_sparc.udeb Size/MD5: 100798 b26ac5349ff86e815e3801c0da9141ea http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.31-16-sparc64-di_2.6.31-16.52_sparc.udeb Size/MD5: 8936 07a3ebd66d068a15f8660ded97303d4f http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.31-16-sparc64-di_2.6.31-16.52_sparc.udeb Size/MD5: 62922 22bce1b22e36a9b05028f8246a70664a http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.31-16-sparc64-di_2.6.31-16.52_sparc.udeb Size/MD5: 120990 e2b5497924f394011b6d8aec43b75ae5 http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.31-16-sparc64-di_2.6.31-16.52_sparc.udeb Size/MD5: 1217896 e9f6fd3afcbe37fdbd3a95f22a0b0928 http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.31-16-sparc64-di_2.6.31-16.52_sparc.udeb Size/MD5: 101334 d5515f76276398a67c58efb31b2afda6 http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.31-16-sparc64-di_2.6.31-16.52_sparc.udeb Size/MD5: 200102 d13a24568b6beed5c9062abb1acd48a2 http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.31-16-sparc64-di_2.6.31-16.52_sparc.udeb Size/MD5: 184448 1b28fc4e2efef725b0521ba3a82767e6 ORIGINAL ADVISORY: USN-864-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2009-December/001005.html OTHER REFERENCES: SA32320: http://secunia.com/advisories/32320/ SA36617: http://secunia.com/advisories/36617/ SA36707: http://secunia.com/advisories/36707/ SA36763: http://secunia.com/advisories/36763/ SA36927: http://secunia.com/advisories/36927/ SA37086: http://secunia.com/advisories/37086/ SA37113: http://secunia.com/advisories/37113/ SA37233: http://secunia.com/advisories/37233/ SA37357: http://secunia.com/advisories/37357/ SA37435: http://secunia.com/advisories/37435/ SA37590: http://secunia.com/advisories/37590/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Dec 7 15:08:48 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 8 Dec 2009 00:08:48 +0100 Subject: [SEC] [SA37585] Achievo Script Insertion and Arbitrary File Upload Vulnerabilities Message-ID: <200912072308.nB7N8mHW024709@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Achievo Script Insertion and Arbitrary File Upload Vulnerabilities SECUNIA ADVISORY ID: SA37585 VERIFY ADVISORY: http://secunia.com/advisories/37585/ DESCRIPTION: Nahuel Grisol?a has discovered some vulnerabilities in Achievo, which can be exploited by malicious users to conduct script insertion attacks or compromise a vulnerable system. 1) Input passed via the "description" parameter to dispatch.php (when "atknodetype" is set to scheduler.scheduler_category") is not properly sanitised before being displayed to the user. This can be exploited to inject arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is viewed. Successful exploitation requires permissions to create scheduler categories. 2) The "modules/docmanager/attributes/class.documentfileattribute.inc" script allows uploading files with arbitrary extensions to a folder inside the webroot via the dispatch.php script (when "atknodetype" is set to "docmanager.documenttype"). This can be exploited to upload and execute files with arbitrary extensions. Successful exploitation requires permissions to create document templates. The vulnerabilities are confirmed in version 1.4.2. Other versions may also be affected. SOLUTION: Update to version 1.4.3. PROVIDED AND/OR DISCOVERED BY: Nahuel Grisol?a, Cybsec. ORIGINAL ADVISORY: Achievo: http://www.achievo.org/download/releasenotes/1_4_3 Cybsec: http://www.cybsec.com/vuln/Achievo_1_4_2_Permanent_XSS.pdf http://www.cybsec.com/vuln/Achievo_1_4_2_Arbitrary_File_Upload.pdf ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Dec 7 15:23:37 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 8 Dec 2009 00:23:37 +0100 Subject: [SEC] [SA37623] Fedora update for php Message-ID: <200912072323.nB7NNbZx012063@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Fedora update for php SECUNIA ADVISORY ID: SA37623 VERIFY ADVISORY: http://secunia.com/advisories/37623/ DESCRIPTION: Fedora has issued an update for php. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library. For more information: SA37069 SOLUTION: Apply updated packages via the yum utility ("yum update php"). ORIGINAL ADVISORY: FEDORA-2009-12017: https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00291.html OTHER REFERENCES: SA37069: http://secunia.com/advisories/37069/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 8 09:11:47 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 8 Dec 2009 18:11:47 +0100 Subject: [SEC] [SA37624] Fedora update for kernel Message-ID: <200912081711.nB8HBlI1006809@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Fedora update for kernel SECUNIA ADVISORY ID: SA37624 VERIFY ADVISORY: http://secunia.com/advisories/37624/ DESCRIPTION: Fedora has issued an update for the kernel. This fixes a vulnerability, which potentially can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the "ip_defrag()" function in net/ipv4/ip_fragment.c, which may be exploited to cause a NULL pointer dereference by sending overly large packets to a vulnerable system. SOLUTION: Apply updated packages using the yum utility ("yum update kernel"). PROVIDED AND/OR DISCOVERED BY: David Ford ORIGINAL ADVISORY: FEDORA-2009-12786: https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00453.html FEDORA-2009-12825: https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00496.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 8 09:28:54 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 8 Dec 2009 18:28:54 +0100 Subject: [SEC] [SA37602] Active! Mail 2003 Cross-Site Scripting and Session Hijacking Vulnerabilities Message-ID: <200912081728.nB8HSsQm026673@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Active! Mail 2003 Cross-Site Scripting and Session Hijacking Vulnerabilities SECUNIA ADVISORY ID: SA37602 VERIFY ADVISORY: http://secunia.com/advisories/37602/ DESCRIPTION: Some vulnerabilities have been reported in Active! Mail 2003, which can be exploited by malicious people to conduct cross-site scripting attacks or hijack a session. 1) Certain input passed via unspecified parameters is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) An unspecified error in the mobile feature may leak session ids. The vulnerabilities are reported in version 2003.0139.0871. Other versions may also be affected. SOLUTION: Upgrade to Active! Mail 6. PROVIDED AND/OR DISCOVERED BY: JVN Credits Maebashi Keniti, Ministry of Information Sciences Hosei University. ORIGINAL ADVISORY: JVN: http://jvn.jp/jp/JVN49083120/index.html http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000075.html http://jvn.jp/jp/JVN85821104/index.html http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000076.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 8 09:45:43 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 8 Dec 2009 18:45:43 +0100 Subject: [SEC] [SA37510] GeN3 "cat" SQL Injection Vulnerability Message-ID: <200912081745.nB8HjhDo014106@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: GeN3 "cat" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA37510 VERIFY ADVISORY: http://secunia.com/advisories/37510/ DESCRIPTION: A vulnerability has been reported in GeN3, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the "cat" parameter in main_forum.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in versions 1.3 and 1.4. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Dr.0rYX & Cr3w-DZ ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/10299 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 8 10:02:45 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 8 Dec 2009 19:02:45 +0100 Subject: [SEC] [SA37578] DISA SRR Unix Untrusted Directories Privilege Escalation Security Issue Message-ID: <200912081802.nB8I2jt0001559@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: DISA SRR Unix Untrusted Directories Privilege Escalation Security Issue SECUNIA ADVISORY ID: SA37578 VERIFY ADVISORY: http://secunia.com/advisories/37578/ DESCRIPTION: A security issue has been reported in U.S. Defense Information Systems Agency (DISA) Security Readiness Review (SRR) Unix, which can be exploited by malicious, local users to potentially gain escalated privileges. The security issue is caused due to the script executing binaries with certain names (e.g. java, openssl, php, snort, tshark, vncserver, and wireshark) in potentially untrusted directories with root privileges, which can be exploited to gain escalated privileges. Note: This may be exploited from remote if attackers are able to upload binaries (e.g. via FTP). The security issue is reported in the UNIX SRR from October 15, 2009 running on Solaris/x86. Other versions may also be affected. SOLUTION: There is no known workaround at this time. PROVIDED AND/OR DISCOVERED BY: Frank Stuart OTHER REFERENCES: US-CERT VU#433821: http://www.kb.cert.org/vuls/id/433821 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 8 10:29:25 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 8 Dec 2009 19:29:25 +0100 Subject: [SEC] [SA37556] IBM InfoSphere Information Server Multiple Vulnerabilities Message-ID: <200912081829.nB8ITPkV021772@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: IBM InfoSphere Information Server Multiple Vulnerabilities SECUNIA ADVISORY ID: SA37556 VERIFY ADVISORY: http://secunia.com/advisories/37556/ DESCRIPTION: Some vulnerabilities have been reported in IBM InfoSphere Information Server, which can be exploited by malicious, local users to potentially gain escalated privileges and by malicious people to conduct cross-site scripting attacks. 1) Certain input passed via unspecified parameters to the Information Server Web console is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) An error in some SETUID binaries in DataStage can be exploited to cause buffer overflows. SOLUTION: Update to version 8.1 Fix Pack 1. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www-01.ibm.com/support/docview.wss?uid=swg21406224 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 8 10:45:50 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 8 Dec 2009 19:45:50 +0100 Subject: [SEC] [SA37588] Microsoft Office Project Memory Validation Vulnerability Message-ID: <200912081845.nB8Ijo3X009195@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Microsoft Office Project Memory Validation Vulnerability SECUNIA ADVISORY ID: SA37588 VERIFY ADVISORY: http://secunia.com/advisories/37588/ DESCRIPTION: A vulnerability has been reported in Microsoft Office Project, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error when validating memory resource allocations during opening of a Project file. This can be exploited to corrupt memory via a specially crafted Project file. Successful exploitation may allow execution of arbitrary code. SOLUTION: Apply patches. Microsoft Project 2000 SR1: http://www.microsoft.com/downloads/details.aspx?familyid=135c010a-55f4-4385-b67d-96ea06ef881a Microsoft Project 2002 SP1: http://www.microsoft.com/downloads/details.aspx?familyid=c55ef8fe-8f66-42fc-a298-de6f8886b3e4 Microsoft Office Project 2003 SP3: http://www.microsoft.com/downloads/details.aspx?familyid=2ea8ca39-f130-439a-92d5-77e9ef050105 PROVIDED AND/OR DISCOVERED BY: The vendor credits Bing Liu, Fortinet's FortiGuard Labs. ORIGINAL ADVISORY: MS09-074 (KB961079, KB961082, KB961083, KB967183): http://www.microsoft.com/technet/security/Bulletin/MS09-074.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 8 11:02:44 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 8 Dec 2009 20:02:44 +0100 Subject: [SEC] [SA37516] Audio Workstation PLS Parsing Buffer Overflow Vulnerability Message-ID: <200912081902.nB8J2ilW029058@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Audio Workstation PLS Parsing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA37516 VERIFY ADVISORY: http://secunia.com/advisories/37516/ DESCRIPTION: A vulnerability has been discovered in Audio Workstation, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the use of a vulnerable version of a MultiMedia Soft component. For more information: SA33791 The vulnerability is reported in version 6.4.2.4.0 and confirmed in version 6.4.2.4.3. Other versions may also be affected. SOLUTION: Do not open untrusted PLS files. PROVIDED AND/OR DISCOVERED BY: Originally reported by h4ck3r#47 as a vulnerability in Euphonics Audio Player. Reported in Audio Workstation by germaya_x. ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/10353 OTHER REFERENCES: SA33791: http://secunia.com/advisories/33791/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 8 11:29:06 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 8 Dec 2009 20:29:06 +0100 Subject: [SEC] [SA37524] Microsoft Windows Local Security Authority Subsystem Denial of Service Message-ID: <200912081929.nB8JT6wJ016848@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Microsoft Windows Local Security Authority Subsystem Denial of Service SECUNIA ADVISORY ID: SA37524 VERIFY ADVISORY: http://secunia.com/advisories/37524/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious users to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the Local Security Authority Subsystem Service (LSASS) when handling ISAKMP messages. This can be exploited to exhaust system resources via a specially crafted ISAKMP message communicated through IPsec. SOLUTION: Apply updates. Microsoft Windows 2000 SP4: http://www.microsoft.com/downloads/details.aspx?familyid=560e01db-5f59-4ef1-9406-f5d7e0fd4128 Windows XP SP2 / SP3: http://www.microsoft.com/downloads/details.aspx?familyid=5448b168-6bf7-4bae-9627-b88d76c4d5c5 Windows XP Professional x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=c2bbf515-f81a-436b-947b-cbf2db85fdd9 Windows Server 2003 SP2: http://www.microsoft.com/downloads/details.aspx?familyid=a779aae1-7724-4458-94fb-a2343356ecae Windows Server 2003 x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=a8a9bf12-4ad6-49fd-b2b7-f379dc3309d2 Windows Server 2003 with SP2 for Itanium-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=f5b003ad-af25-488a-91fb-98835a0bfeac PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: MS09-069 (KB974392): http://www.microsoft.com/technet/security/Bulletin/MS09-069.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 8 11:45:44 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 8 Dec 2009 20:45:44 +0100 Subject: [SEC] [SA37580] Microsoft WordPad / Office Text Converters Memory Corruption Vulnerability Message-ID: <200912081945.nB8JjiIo004273@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Microsoft WordPad / Office Text Converters Memory Corruption Vulnerability SECUNIA ADVISORY ID: SA37580 VERIFY ADVISORY: http://secunia.com/advisories/37580/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows and Microsoft Office, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in Wordpad and Office text converters when parsing Word 97 documents. This can be exploited to corrupt memory by tricking a user into opening a specially crafted file. Successful exploitation may allow execution of arbitrary code. SOLUTION: Apply patches. Microsoft Windows 2000 SP4: http://www.microsoft.com/downloads/details.aspx?familyid=50936f51-b0a9-4e94-85bf-93f9ad74fdd1 Windows XP SP2/SP3: http://www.microsoft.com/downloads/details.aspx?familyid=c090c4c2-c277-4d8c-91e1-28286bc5443e Windows XP Professional x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=4b9bf156-cd34-460f-b4ad-571e37f54659 Windows Server 2003 SP2: http://www.microsoft.com/downloads/details.aspx?familyid=b9678229-2473-4aae-a814-eca9ea556d17 Windows Server 2003 x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=257facf3-20a1-49e2-ab4c-c1ae67fe05a0 Windows Server 2003 with SP2 for Itanium-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=1a7784ef-5d25-4de1-a293-f742b5a3473d Microsoft Office Word 2002 SP3: http://www.microsoft.com/downloads/details.aspx?familyid=bc3ec3ba-2cec-43ab-b184-c222794231f2 Microsoft Office Word 2003 SP3: http://www.microsoft.com/downloads/details.aspx?familyid=b4a4126c-b0b3-4db2-b6f5-0e67519c2a5f Microsoft Works 8.5: http://www.microsoft.com/downloads/details.aspx?familyid=807426a1-8b78-4681-a606-dc39f4d7b64a Microsoft Office Converter Pack: http://www.microsoft.com/downloads/details.aspx?familyid=f3ff8bb6-d047-42f1-9331-b6df85fff9fd PROVIDED AND/OR DISCOVERED BY: The vendor credits Sean Larsson and Jun Mao, VeriSign iDefense Labs. ORIGINAL ADVISORY: MS09-073 (KB973904, KB974882, KB975008, KB975051, KB975539): http://www.microsoft.com/technet/security/Bulletin/MS09-073.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 8 12:02:51 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 8 Dec 2009 21:02:51 +0100 Subject: [SEC] [SA37542] Windows Active Directory Federation Services Two Vulnerabilities Message-ID: <200912082002.nB8K2pHm024151@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Windows Active Directory Federation Services Two Vulnerabilities SECUNIA ADVISORY ID: SA37542 VERIFY ADVISORY: http://secunia.com/advisories/37542/ DESCRIPTION: Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious users to impersonate other users or to compromise a vulnerable system. 1) Improper session management in Active Directory Federation Services (ADFS) can be exploited to impersonate a user on a website that uses the single sign-on functionality. Successful exploitation requires that an attacker is able to obtain access to a used authentication token. 2) An unspecified error in ADFS when processing request headers can be exploited to execute arbitrary code with privileges of the Worker Process Identity (WPI) by sending a specially crafted HTTP request to an ADFS enabled web server. SOLUTION: Apply updates. Windows Server 2003 SP2: http://www.microsoft.com/downloads/details.aspx?familyid=31351b9e-b5bb-4618-990b-1089ea5a3bc2 Windows Server 2003 x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=b6eb9d9b-1a43-4b30-a033-19a1db786244 Windows Server 2008 for 32-bit Systems (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=f6715abb-fd93-44ba-9854-2ecc672622da Windows Server 2008 for x64-based Systems (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=7d1f5e9e-a7de-4f96-89c8-510fd51f16e7 PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: MS09-070 (KB971726): http://www.microsoft.com/technet/security/bulletin/MS09-070.mspx OTHER REFERENCES: http://support.microsoft.com/kb/971726 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 8 12:28:49 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 8 Dec 2009 21:28:49 +0100 Subject: [SEC] [SA37543] Microsoft Windows MS-CHAP Authentication Bypass Message-ID: <200912082028.nB8KSnxt011925@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Microsoft Windows MS-CHAP Authentication Bypass SECUNIA ADVISORY ID: SA37543 VERIFY ADVISORY: http://secunia.com/advisories/37543/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error in the handling of MS-CHAP v2 authentication requests. This can be exploited to gain access to network resources with privileges of a specific authorised user by sending a specially crafted MS-CHAP v2 authentication request to the Internet Authentication Service (IAS). SOLUTION: Apply updates. Microsoft Windows 2000 SP4: http://www.microsoft.com/downloads/details.aspx?familyid=5b02d10d-1abd-4d68-826b-71dad543657a Windows XP SP2 / SP3: http://www.microsoft.com/downloads/details.aspx?familyid=4d294be6-19d1-43b5-9c75-f9d30699a2e7 Windows XP Professional x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=17b5206d-61e9-4663-afc7-80e98bf4d618 Windows Server 2003 SP2: http://www.microsoft.com/downloads/details.aspx?familyid=3d49b386-133a-4d51-b6f0-cec0c70ef93e Windows Server 2003 x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=5a273b47-8a18-4778-9b60-8b560a1ce089 Windows Server 2003 with SP2 for Itanium-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=498f5eeb-d03e-42ee-ad6a-9d6f98c66acb Windows Vista (optionally with SP1): http://www.microsoft.com/downloads/details.aspx?familyid=3e4ae4d0-1060-4867-82c5-7e20ea93c2c6 Windows Vista x64 Edition (optionally with SP1): http://www.microsoft.com/downloads/details.aspx?familyid=2ca62ea8-67cb-40da-8a65-db6f3607bbab Windows Server 2008 for 32-bit Systems: http://www.microsoft.com/downloads/details.aspx?familyid=582a1b15-214e-4f5e-bb5b-95677f4d5968 Windows Server 2008 for x64-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=77e774b4-ec0c-481c-9e93-eee9f44ec71b Windows Server 2008 for Itanium-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=89defe77-7e82-4bfa-9693-66c93b930da1 PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: MS09-071 (KB974318): http://www.microsoft.com/technet/security/bulletin/MS09-071.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 8 12:45:45 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 8 Dec 2009 21:45:45 +0100 Subject: [SEC] [SA37601] Joomla You!Hostit! Template Cross-Site Scripting Vulnerability Message-ID: <200912082045.nB8KjjP7031769@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Joomla You!Hostit! Template Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA37601 VERIFY ADVISORY: http://secunia.com/advisories/37601/ DESCRIPTION: andresg888 has reported a vulnerability in the You!Hostit! template for Joomla, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "created_by_alias" parameter in index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in version 1.0.1. Other versions may also be vulnerable. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: andresg888 ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/10301 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 8 13:16:52 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 8 Dec 2009 22:16:52 +0100 Subject: [SEC] [SA37592] Microsoft Windows Indeo Codec Multiple Vulnerabilities Message-ID: <200912082116.nB8LGqsD012438@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Microsoft Windows Indeo Codec Multiple Vulnerabilities SECUNIA ADVISORY ID: SA37592 VERIFY ADVISORY: http://secunia.com/advisories/37592/ DESCRIPTION: Multiple vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to unspecified errors in the Indeo codec and can be exploited to corrupt memory by tricking a user into viewing specially crafted media content. Successful exploitation may allow execution of arbitrary code. SOLUTION: Microsoft has issued an update that reduces the attack surface by preventing loading of Indeo content from the Internet zone in general and via Internet Explorer and Windows Media Player. However, other third-party applications may still use it to render media content and thus present attack vectors. PROVIDED AND/OR DISCOVERED BY: The vendor credits: * Paul Byrne, NGS Software. * An anonymous person via Zero Day Initiative. * Bing Liu, Fortinet's FortiGuard Labs. * VeriSign iDefense Labs * Dave Lenoe, Adobe. ORIGINAL ADVISORY: Microsoft: http://www.microsoft.com/technet/security/advisory/954157.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 8 13:59:41 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 8 Dec 2009 22:59:41 +0100 Subject: [SEC] [SA37607] Polipo "httpClientDiscardBody()" Signedness Error Denial of Service Message-ID: <200912082159.nB8Lxfk5010340@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Polipo "httpClientDiscardBody()" Signedness Error Denial of Service SECUNIA ADVISORY ID: SA37607 VERIFY ADVISORY: http://secunia.com/advisories/37607/ DESCRIPTION: A vulnerability has been discovered in Polipo, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a signedness error within the "httpClientDiscardBody()" function in client.c. This can be exploited to crash the service by sending HTTP requests with an overly large value in the "Content-Length" header. The vulnerability is confirmed in version 1.0.4. Other versions may also be affected. SOLUTION: Filter malicious requests. PROVIDED AND/OR DISCOVERED BY: Jeremy Brown ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/10338 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 8 14:27:34 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 8 Dec 2009 23:27:34 +0100 Subject: [SEC] [SA37564] Ubuntu update for gnome-screensaver Message-ID: <200912082227.nB8MRYb5018420@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Ubuntu update for gnome-screensaver SECUNIA ADVISORY ID: SA37564 VERIFY ADVISORY: http://secunia.com/advisories/37564/ DESCRIPTION: Ubuntu has issued an update for gnome-screensaver. This fixes a security issue, which can be exploited by malicious people with physical access to bypass certain security restrictions. The security issue is caused due to an error in the idle timeout screen-locking mechanism. SOLUTION: Apply updated packages. -- Ubuntu 9.10 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/g/gnome-screensaver/gnome-screensaver_2.28.0-0ubuntu3.1.diff.gz Size/MD5: 13327 f2c77fbb875fa28d1c44d39936232927 http://security.ubuntu.com/ubuntu/pool/main/g/gnome-screensaver/gnome-screensaver_2.28.0-0ubuntu3.1.dsc Size/MD5: 1756 cdcdd23a16e1d25d6940e5340f6eb760 http://security.ubuntu.com/ubuntu/pool/main/g/gnome-screensaver/gnome-screensaver_2.28.0.orig.tar.gz Size/MD5: 5069053 cdf328a0443a3cc30b4b2b36d9a99236 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/g/gnome-screensaver/gnome-screensaver_2.28.0-0ubuntu3.1_amd64.deb Size/MD5: 4185376 942a077f04675c8d27c5d55e826b039b i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/g/gnome-screensaver/gnome-screensaver_2.28.0-0ubuntu3.1_i386.deb Size/MD5: 4168922 a3ca1ae6e3274795a0d2aff0a4b94a6f lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/g/gnome-screensaver/gnome-screensaver_2.28.0-0ubuntu3.1_lpia.deb Size/MD5: 4169780 e9e90dfe93ebd18c13808e5f0bf83f4c powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/g/gnome-screensaver/gnome-screensaver_2.28.0-0ubuntu3.1_powerpc.deb Size/MD5: 4179392 d0ae3da6337a4fb8b71dd0ef36f4692d sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/g/gnome-screensaver/gnome-screensaver_2.28.0-0ubuntu3.1_sparc.deb Size/MD5: 4177782 ee55f5f5f3ac0e4867cd9e8c1bc450f6 ORIGINAL ADVISORY: USN-866-1: http://www.ubuntu.com/usn/USN-866-1 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 8 14:44:54 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 8 Dec 2009 23:44:54 +0100 Subject: [SEC] [SA37599] Core FTP Server / SFTP Server Unexpected Disconnect Denial of Service Message-ID: <200912082244.nB8Mis1B005875@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Core FTP Server / SFTP Server Unexpected Disconnect Denial of Service SECUNIA ADVISORY ID: SA37599 VERIFY ADVISORY: http://secunia.com/advisories/37599/ DESCRIPTION: A vulnerability has been discovered in Core FTP Server / SFTP Server, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error when handling unexpected disconnects. This can be exploited to cause a high CPU load until the session times out by e.g. sending certain data to the server and then disconnecting. The vulnerability is reported in version Core FTP Server 1.0 Build 319 and confirmed in version Core FTP Server 1.0 Build 320. Other versions may also be affected. SOLUTION: Update to version 1.0 Build 321. http://www.coreftp.com/server/ PROVIDED AND/OR DISCOVERED BY: Mert SARICA ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/10303 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 8 15:08:47 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 9 Dec 2009 00:08:47 +0100 Subject: [SEC] [SA37456] Image Hosting Script DPI "date" Cross-Site Scripting Message-ID: <200912082308.nB8N8lPO025991@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Image Hosting Script DPI "date" Cross-Site Scripting SECUNIA ADVISORY ID: SA37456 VERIFY ADVISORY: http://secunia.com/advisories/37456/ DESCRIPTION: andresg888 has reported a vulnerability in Image Hosting Script DPI, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "date" parameter in images.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in version 1.1 Final. Other versions may also be affected. SOLUTION: Update to version 1.1 Final FIX 4. PROVIDED AND/OR DISCOVERED BY: andresg888 ORIGINAL ADVISORY: DPI: http://www.clixint.com/support/viewtopic.php?f=3&t=542 andresg888 http://www.exploit-db.com/exploits/10300 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 8 15:23:39 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 9 Dec 2009 00:23:39 +0100 Subject: [SEC] [SA37536] Red Hat update for acpid Message-ID: <200912082323.nB8NNdxw013351@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Red Hat update for acpid SECUNIA ADVISORY ID: SA37536 VERIFY ADVISORY: http://secunia.com/advisories/37536/ DESCRIPTION: Red Hat has issued an update for acpid. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges. The problem is caused due to the application creating its log file with random permissions on some systems. This can be exploited to escalate their privileges if the log file was created as world-writable and with the setuid or setgid bit set. SOLUTION: Updated packages are available via Red Hat Network. http://rhn.redhat.com ORIGINAL ADVISORY: RHSA-2009:1642-2: http://rhn.redhat.com/errata/RHSA-2009-1642.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Dec 8 15:43:51 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 9 Dec 2009 00:43:51 +0100 Subject: [SEC] [SA37579] Microsoft Windows Internet Authentication Service Vulnerability Message-ID: <200912082343.nB8Nhpxx000860@CRON-IX-2.intnet> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Microsoft Windows Internet Authentication Service Vulnerability SECUNIA ADVISORY ID: SA37579 VERIFY ADVISORY: http://secunia.com/advisories/37579/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an input validation error in the processing of PEAP authentication requests (Protected Extensible Authentication Protocol). This can be exploited to corrupt memory by sending a specially crafted PEAP authentication request to an Internet Authentication Service (IAS) server. Successful exploitation allows execution of arbitrary code. NOTE: By default, no vectors exist to exploit this vulnerability on Microsoft Windows Vista SP2 and Windows Server 2008 for Itanium-based Systems SP2. However, third-party applications can potentially render a system vulnerable. SOLUTION: Apply updates. Windows Vista SP2: http://www.microsoft.com/downloads/details.aspx?familyid=3e4ae4d0-1060-4867-82c5-7e20ea93c2c6 Windows Vista x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=2ca62ea8-67cb-40da-8a65-db6f3607bbab Windows Server 2008 for 32-bit Systems SP2: http://www.microsoft.com/downloads/details.aspx?familyid=582a1b15-214e-4f5e-bb5b-95677f4d5968 Windows Server 2008 for x64-based Systems SP2: http://www.microsoft.com/downloads/details.aspx?familyid=77e774b4-ec0c-481c-9e93-eee9f44ec71b Windows Server 2008 for Itanium-based Systems SP2: http://www.microsoft.com/downloads/details.aspx?familyid=89defe77-7e82-4bfa-9693-66c93b930da1 PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: MS09-071 (KB974318): http://www.microsoft.com/technet/security/bulletin/MS09-071.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ----------------------------------------------------