[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 89/04 - Eight Debian Security Bulletins - New gnupg packages fix cryptographic weakness/New mailman packages fix bug introduced in DSA 436-1/New Linux 2.4.18 packages fix local root exploit/New Linux 2.4.17 packages fix etc....



 
-----BEGIN PGP SIGNED MESSAGE-----

- ----------------------------------------------------------------------------------
   UNIRAS (UK Govt CERT) Briefing Notice - 89/04 dated 26.02.04  Time: 10:26
  UNIRAS is part of NISCC (National Infrastructure Security Co-ordination Centre)
- ---------------------------------------------------------------------------------- 
  UNIRAS material is also available from its website at www.uniras.gov.uk and
         Information about NISCC is available from www.niscc.gov.uk
- ----------------------------------------------------------------------------------

Title
=====

Debian Security Bulletins:

1.	New gnupg packages fix cryptographic weakness.

2.	New mailman packages fix bug introduced in DSA 436-1.

3.	New Linux 2.4.18 packages fix local root exploit. 

4.	New Linux 2.4.17 packages fix local root exploits and more.

5.	New xfree86 packages fix multiple vulnerabilities.

6.	New lbreakout2 packages fix buffer overflow.

7.	New synaesthesia packages fix insecure file creation.

8.	New hsftp packages fix format string vulnerability.

9.	New pwlib packages fix multiple vulnerabilities.


Detail
====== 

1.	Phong Nguyen identified a severe bug in the way GnuPG creates and uses ElGamal 
	keys for signing.  This is a significant security failure which can lead to a 
	compromise of almost all ElGamal keys used for signing. The update provided in 
	DSA 459-1 disables the use of this type of key, using an interim fix.  This 
	update, DSA 459-2, implements a more correct and permanent fix provided by 
	David Shaw. For the current stable distribution (woody) this problem has been 
	fixed in version 1.0.6-4woody3.We recommend that you update your gnupg package.

2.	Several vulnerabilities have been fixed in the mailman package. We recommend 
	that you update your mailman package.

3.	Paul Starzetz and Wojciech Purczynski of isec.pl discovered a critical security 
	vulnerability in the memory management code of Linux inside the mremap(2) system 
	call.  Due to missing function return value check of internal functions a local 
	attacker can gain root privileges. We recommend that you upgrade your Linux 
	kernel packages immediately.

4.	Several security related problems have been fixed in the Linux kernel 2.4.17 
	used for the S/390 architecture, mostly by backporting fixes from 2.4.18 and 
	incorporating recent security fixes. We recommend that you upgrade your Linux 
	kernel packages immediately.

5.	A number of vulnerabilities have been discovered in XFree86. We recommend that 
	you update your xfree86 package.

6.	During an audit, Ulf Harnhammar discovered a vulnerability in lbreakout2, a game, 
	where proper bounds checking was not performed on environment variables.  This bug 
	could be exploited by a local attacker to gain the privileges of group "games". 
	We recommend that you update your lbreakout2 package.

7.	During an audit, Ulf Harnhammar discovered a vulnerability in synaesthesia, a 
	program which represents sounds visually. synaesthesia created its configuration 
	file while holding root privileges, allowing a local user to create files owned 
	by root and writable by the user's primary group.  This type of vulnerability 
	can usually be easily exploited to execute arbitary code with root privileges 
	by various means. We recommend that you update your synaesthesia package.

8.	During an audit, Ulf Harnhammar discovered a format string vulnerability in hsftp.  
	This vulnerability could be exploited by an attacker able to create files on a 
	remote server with carefully crafted names, to which a user would connect using hsftp.  
	When the user requests a directory listing, particular bytes in memory could be 
	overwritten, potentially allowing arbitrary code to be executed with the privileges 
	of the user invoking hsftp. We recommend that you update your hsftp package.

9.	Multiple vulnerabilities were discovered in pwlib, a library used to aid in writing 
	portable applications, whereby a remote attacker could cause a denial of service or 
	potentially execute arbitrary code.  This library is most notably used in several 
	applications implementing the H.323 teleconferencing protocol, including the OpenH323 
	suite, gnomemeeting and asterisk. We recommend that you update your pwlib package.




- - --------------------------------------------------------------------------
1.
Debian Security Advisory DSA 429-2                     security@xxxxxxxxxx
http://www.debian.org/security/                             Matt Zimmerman
February 13th, 2004                     http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package        : gnupg
Vulnerability  : cryptographic weakness
Problem-Type   : local
Debian-specific: no
CVE Ids        : CAN-2003-0971

Phong Nguyen identified a severe bug in the way GnuPG creates and uses ElGamal keys 
for signing.  

This is a significant security failure which can lead to a compromise of almost all 
ElGamal keys used for signing.

The update provided in DSA 459-1 disables the use of this type of key, using an interim fix.  
This update, DSA 459-2, implements a more correct and permanent fix provided by David Shaw.

For the current stable distribution (woody) this problem has been fixed in version 1.0.6-4woody3.

We recommend that you update your gnupg package.

Upgrade Instructions
- - --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody
- - --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody3.dsc
      Size/MD5 checksum:      577 f5a742233c584754c479daf7dfe58a9e
    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody3.diff.gz
      Size/MD5 checksum:     5262 1ecf9f459e0b05c31128adac05ef2fe4
    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6.orig.tar.gz
      Size/MD5 checksum:  1941676 7c319a9e5e70ad9bc3bf0d7b5008a508

  Alpha architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody3_alpha.deb
      Size/MD5 checksum:  1150082 724d4fcb6f2ff0969b5ceba82e8aabe5

  ARM architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody3_arm.deb
      Size/MD5 checksum:   986748 8efdbc409f140c1aaefadb97646944d6

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody3_i386.deb
      Size/MD5 checksum:   966408 50e5e44b2efa34d7c7d3a8fd630dc96a

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody3_ia64.deb
      Size/MD5 checksum:  1271406 4c5e77defc13bf4bae3d11431257e6a3

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody3_hppa.deb
      Size/MD5 checksum:  1058822 02516b6984cf695ef31c970980d36864

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody3_m68k.deb
      Size/MD5 checksum:   942188 ed7d9d16820608b3172be64f6b470b97

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody3_mips.deb
      Size/MD5 checksum:  1035630 9b25dd3f06580549bfa93ee429605d0e

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody3_mipsel.deb
      Size/MD5 checksum:  1035864 740243a767cc1ff53f116d0e97aa66a7

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody3_powerpc.deb
      Size/MD5 checksum:  1009152 678b2fc28d01eac452d96f925d2d40b2

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody3_s390.deb
      Size/MD5 checksum:  1001666 c5a70add4dfa1cb3828d9892513d3c15

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody3_sparc.deb
      Size/MD5 checksum:  1003634 32490333505f1804e9fcf4a786fbc293

  These files will probably be moved into the stable distribution on
  its next revision.

__________________________________________________________________________________________






- ---------------------------------------------------------------------------
2.
Debian Security Advisory DSA 436-2                     security@xxxxxxxxxx
http://www.debian.org/security/                             Matt Zimmerman
February 21st, 2004                     http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package        : mailman
Vulnerability  : several
Problem-Type   : remote
Debian-specific: no
CVE Ids        : CAN-2003-0991 CAN-2003-0965 CAN-2003-0038

Several vulnerabilities have been fixed in the mailman package:

 - CAN-2003-0038 - potential cross-site scripting via certain CGI
   parameters (not known to be exploitable in this version)

 - CAN-2003-0965 - cross-site scripting in the administrative
   interface

 - CAN-2003-0991 - certain malformed email commands could cause the
   mailman process to crash

The cross-site scripting vulnerabilities could allow an attacker to perform administrative 
operations without authorization, by stealing a session cookie.

In the process of fixing these vulnerabilities for DSA 436-1, a bug was introduced which 
could cause mailman to crash on certain malformed messages.

For the current stable distribution (woody) this problem has been fixed in version 2.0.11-1woody8.

The update for the unstable distribution did not share the bug introduced in DSA 436-1.

We recommend that you update your mailman package.

Upgrade Instructions
- - --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody
- - --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody8.dsc
      Size/MD5 checksum:      595 bef710bf0b5805d0946473c19ac42bbc
    http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody8.diff.gz
      Size/MD5 checksum:    31818 1f5fae277367b06965b2dc3d38fac895
    http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11.orig.tar.gz
      Size/MD5 checksum:   415129 915264cb1ac8d7b78ea9eff3ba38ee04

  Alpha architecture:

    http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody8_alpha.deb
      Size/MD5 checksum:   461284 ea9daf95ebb6f6c15b64d93fc6a75dae

  ARM architecture:

    http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody8_arm.deb
      Size/MD5 checksum:   458966 89dc55b67c3f7b6156dfb93eeab2a209

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody8_i386.deb
      Size/MD5 checksum:   458964 63db95b7687b1b8f6a222b49dde4e584

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody8_ia64.deb
      Size/MD5 checksum:   461790 d651a19c06cba8ef5b12845df0cdf386

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody8_hppa.deb
      Size/MD5 checksum:   459512 afddeae9eff5820d7de74ad6a6753d16

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody8_m68k.deb
      Size/MD5 checksum:   459102 8266eaefb8e56631b3761e30e6bb3095

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody8_mips.deb
      Size/MD5 checksum:   459502 9896dbddb5704e7ecf6de3524ab6d225

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody7_mipsel.deb
      Size/MD5 checksum:   459336 a091672c96a16bfc42d807b4a2a99a11

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody8_powerpc.deb
      Size/MD5 checksum:   459788 4ef14c3ee4845e039f1143e897f42c12

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody8_s390.deb
      Size/MD5 checksum:   459790 b17c89f584242c502ff6b9ddac43814d

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody8_sparc.deb
      Size/MD5 checksum:   464280 27935cf8280a793d24fe8ea188f77de4

  These files will probably be moved into the stable distribution on
  its next revision.

_______________________________________________________________________________________________





- - --------------------------------------------------------------------------
3.
Debian Security Advisory DSA 438-1                     security@xxxxxxxxxx
http://www.debian.org/security/                             Martin Schulze
February 18th, 2004                     http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package        : kernel-source-2.4.18, kernel-image-2.4.18-1-alpha, 
		     kernel-image-2.4.18-1-i386, kernel-image-2.4.18-i386bf, 
                 kernel-patch-2.4.18-powerpc
Vulnerability  : missing function return value check
Problem-Type   : local
Debian-specific: no
CVE ID         : CAN-2004-0077

Paul Starzetz and Wojciech Purczynski of isec.pl discovered a critical security vulnerability 
in the memory management code of Linux inside the mremap(2) system call.  Due to missing 
function return value check of internal functions a local attacker can gain root privileges.

For the stable distribution (woody) this problem has been fixed in version 2.4.18-14.2 of 
kernel-source, version 2.4.18-14 of alpha images, version 2.4.18-12.2 of i386 images, 
version 2.4.18-5woody7 of i386bf images and version 2.4.18-1woody4 of powerpc images.

Other architectures will probably mentioned in a separate advisory or are not affected (m68k).

For the unstable distribution (sid) this problem is fixed in version 2.4.24-3 for source, i386 
and alpha images and version 2.4.22-10 for powerpc images.

This problem is also fixed in the upstream version of Linux 2.4.25 and 2.6.3.

We recommend that you upgrade your Linux kernel packages immediately.


Upgrade Instructions
- - --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- - --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-14.2.dsc
      Size/MD5 checksum:      664 38e578dda3dd54a5daa6b8badcac1a58
    http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-14.2.diff.gz
      Size/MD5 checksum:    67490 e1ef6246f639481dfd8b3c5b15d8668e
    http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18.orig.tar.gz
      Size/MD5 checksum: 29818323 24b4c45a04a23eb4ce465eb326a6ddf2

    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-alpha_2.4.18-14.dsc
      Size/MD5 checksum:      876 7774c946590a5a80332ca920f67cc8ec
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-alpha_2.4.18-14.tar.gz
      Size/MD5 checksum:    24477 b9c0ba46774c2da3be69851110d6f2f9

    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-i386_2.4.18-12.2.dsc
      Size/MD5 checksum:     1193 b44a4e8f803bb2214bd0c4c3e9f88d81
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-i386_2.4.18-12.2.tar.gz
      Size/MD5 checksum:    70044 f4caad005d02a1c7cadfa73bfc4952fb

    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-image-2.4.18-i386bf_2.4.18-5woody7.dsc
      Size/MD5 checksum:      656 e091295663f495df0ea8273703decef0
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-image-2.4.18-i386bf_2.4.18-5woody7.tar.gz
      Size/MD5 checksum:    26249 f84d855e356c1f5290f6fe96d9e039c8

    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-patch-2.4.18-powerpc_2.4.18-1woody4.dsc
      Size/MD5 checksum:      713 7f68980058d55c40a037c6666354ffe9
    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-patch-2.4.18-powerpc_2.4.18-1woody4.tar.gz
      Size/MD5 checksum:    79541 bff712e95a6960659a0e96dab9732ed4

  Architecture independent components:

    http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-doc-2.4.18_2.4.18-14.2_all.deb
      Size/MD5 checksum:  1719692 32cb6638a9be7e7f7332152c04854bba
    http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-14.2_all.deb
      Size/MD5 checksum: 24133918 306f15a8a6279221394b6a8ac2c5a69c

    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-patch-2.4.18-powerpc_2.4.18-1woody4_all.deb
      Size/MD5 checksum:    79274 8ea5d169fd45e464c1213e729e4e5368

  Alpha architecture:

    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-headers-2.4.18-1_2.4.18-14_alpha.deb
      Size/MD5 checksum:  3363042 9ee4da919ccec99281efdaaae303af73
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-headers-2.4.18-1-generic_2.4.18-14_alpha.deb
      Size/MD5 checksum:  3512422 47b306297211fd7079abb918bb10ef37
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-headers-2.4.18-1-smp_2.4.18-14_alpha.deb
      Size/MD5 checksum:  3515048 d0153184a825640d1fe64b905ab98de4
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-generic_2.4.18-14_alpha.deb
      Size/MD5 checksum: 12425644 aa320665938f55d33bfc8a9593e4639f
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-smp_2.4.18-14_alpha.deb
      Size/MD5 checksum: 12800414 2901b9a0ff3cabfbb4249ee2cbb94b43

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1_2.4.18-12.2_i386.deb
      Size/MD5 checksum:  3412982 cad64cfd789bfa49fe5463a3b4a8a5bd
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-386_2.4.18-12.2_i386.deb
      Size/MD5 checksum:  3503440 02c707f32c72f98df9002c04006aae6b
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-586tsc_2.4.18-12.2_i386.deb
      Size/MD5 checksum:  3504340 bd5e69e90ab3be3378f588abbfe23c79
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-686_2.4.18-12.2_i386.deb
      Size/MD5 checksum:  3504232 6ab9026a1484be3aaf7fa08217ae9c5c
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-686-smp_2.4.18-12.2_i386.deb
      Size/MD5 checksum:  3505300 2ffc58a24a13bf0991be5b982026b6c5
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-k6_2.4.18-12.2_i386.deb
      Size/MD5 checksum:  3504034 a448bb692b10914a3a7f7f1d9b16be96
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-k7_2.4.18-12.2_i386.deb
      Size/MD5 checksum:  3504256 349318073fbd9b6f3eae2b7bc5d65b54
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-386_2.4.18-12.2_i386.deb
      Size/MD5 checksum:  8797608 df96f2969970f149992e74cfd7838919
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-586tsc_2.4.18-12.2_i386.deb
      Size/MD5 checksum:  8704208 b29d3a133a3d5485645a1428045481f2
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-686_2.4.18-12.2_i386.deb
      Size/MD5 checksum:  8703628 fdf8ddc2c2fdc0c5ceffb9f34b8dc00f
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-686-smp_2.4.18-12.2_i386.deb
      Size/MD5 checksum:  8959706 da0efa81b152f5ce0e949ba00a58b1f0
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-k6_2.4.18-12.2_i386.deb
      Size/MD5 checksum:  8660826 78ee935b25e3cb8e1d6affc13e78aa35
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-k7_2.4.18-12.2_i386.deb
      Size/MD5 checksum:  8863038 8b0605e449390dfd819e5543c79fe0e3
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-386_2.4.18-12.2_i386.deb
      Size/MD5 checksum:   228532 83d533868f288d4bd7866cf4b3114321
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-586tsc_2.4.18-12.2_i386.deb
      Size/MD5 checksum:   228084 dca93798c731513d7f8908c591fc4992
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-686_2.4.18-12.2_i386.deb
      Size/MD5 checksum:   227546 99c579382f1c93af23cdedb9dfdce997
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-686-smp_2.4.18-12.2_i386.deb
      Size/MD5 checksum:   231188 cae74563956d0a8757994959b101e5c0
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-k6_2.4.18-12.2_i386.deb      
      Size/MD5 checksum:   227180 eb3383f20e4123b964a6143fae4be03b
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-k7_2.4.18-12.2_i386.deb      
      Size/MD5 checksum:   230440 e4875246851ee5dd470bf61af43e2ef6

    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-headers-2.4.18-bf2.4_2.4.18-5woody7_i386.deb
      Size/MD5 checksum:  3410436 8238f8f8d03b19071ca774e611c83cd5
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-image-2.4.18-bf2.4_2.4.18-5woody7_i386.deb
      Size/MD5 checksum:  6425110 e7e25ace06cd1edbb6967c3cae155e09

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-headers-2.4.18_2.4.18-1woody4_powerpc.deb
      Size/MD5 checksum:  3432656 4116a684a091bbc46a94fcafc03ba50a
    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-image-2.4.18-newpmac_2.4.18-1woody4_powerpc.deb
      Size/MD5 checksum:  9452588 ca305391d3dfe3aa0ab140a047d67df2
    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-image-2.4.18-powerpc_2.4.18-1woody4_powerpc.deb
      Size/MD5 checksum: 10101958 d427f943297e02355545d7fa1a2ab263
    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-image-2.4.18-powerpc-smp_2.4.18-1woody4_powerpc.deb
      Size/MD5 checksum: 10345492 4d6e160cb19df083c4d238f8ff1e4913


  These files will probably be moved into the stable distribution on
  its next revision.

____________________________________________________________________________________




- ---------------------------------------------------------------------------
4.
Debian Security Advisory DSA 442-1                     security@xxxxxxxxxx
http://www.debian.org/security/                             Martin Schulze
February 19th, 2004                     http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package        : kernel-patch-2.4.17-s390, kernel-image-2.4.17-s390
Vulnerability  : several
Problem-Type   : local, remote
Debian-specific: no
CVE ID         : CAN-2003-0001 CAN-2003-0244 CAN-2003-0246 CAN-2003-0247 
	           CAN-2003-0248 CAN-2003-0364 CAN-2003-0961 CAN-2003-0985 
                 CAN-2004-0077 CVE-2002-0429

Several security related problems have been fixed in the Linux kernel 2.4.17 used 
for the S/390 architecture, mostly by backporting fixes from 2.4.18 and incorporating 
recent security fixes.  The corrections are listed below with the identification from 
the Common Vulnerabilities and Exposures (CVE) project:

CAN-2002-0429:

   The iBCS routines in arch/i386/kernel/traps.c for Linux kernels
   2.4.18 and earlier on x86 systems allow local users to kill
   arbitrary processes via a a binary compatibility interface (lcall)

CAN-2003-0001:

   Multiple ethernet network interface card (NIC) device drivers do
   not pad frames with null bytes, which allows remote attackers to
   obtain information from previous packets or kernel memory by using
   malformed packets, as demonstrated by Etherleak.

CAN-2003-0244:

   The route cache implementation in Linux 2.4, and the Netfilter IP
   conntrack module, allows remote attackers to cause a denial of
   service (CPU consumption) via packets with forged source addresses
   that cause a large number of hash table collisions related to the
   PREROUTING chain

CAN-2003-0246:

   The ioperm system call in Linux kernel 2.4.20 and earlier does not
   properly restrict privileges, which allows local users to gain read
   or write access to certain I/O ports.

CAN-2003-0247:

   A vulnerability in the TTY layer of the Linux kernel 2.4 allows
   attackers to cause a denial of service ("kernel oops").

CAN-2003-0248:

   The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU
   state registers via a malformed address.

CAN-2003-0364:

   The TCP/IP fragment reassembly handling in the Linux kernel 2.4
   allows remote attackers to cause a denial of service (CPU
   consumption) via certain packets that cause a large number of hash
   table collisions

CAN-2003-0961:

   An integer overflow in brk() system call (do_brk() function) for
   Linux allows a local attacker to gain root privileges.  Fixed
   upstream in Linux 2.4.23.

CAN-2003-0985:

   Paul Starzetz discovered a flaw in bounds checking in mremap() in
   the Linux kernel (present in version 2.4.x and 2.6.x) which may
   allow a local attacker to gain root privileges.  Version 2.2 is not
   affected by this bug.  Fixed upstream in Linux 2.4.24.

CAN-2004-0077:

   Paul Starzetz and Wojciech Purczynski of isec.pl discovered a
   critical security vulnerability in the memory management code of
   Linux inside the mremap(2) system call.  Due to missing function
   return value check of internal functions a local attacker can gain
   root privileges.  Fixed upstream in Linux 2.4.25 and 2.6.3.

For the stable distribution (woody) these problems have been fixed in version 2.4.17-2.woody.3 
of s390 images and in version 0.0.20020816-0.woody.2 of the patch packages.

For the unstable distribution (sid) these problems will be fixed soon.

We recommend that you upgrade your Linux kernel packages immediately.


Upgrade Instructions
- - --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- - --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-s390/kernel-patch-2.4.17-s390_0.0.20020816-0.woody.2.dsc
      Size/MD5 checksum:      754 8f59252c74198c796f544ac312cbf522
    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-s390/kernel-patch-2.4.17-s390_0.0.20020816-0.woody.2.diff.gz
      Size/MD5 checksum:     5824 81d3c045df500f3e2da56de87b4c434d
    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-s390/kernel-patch-2.4.17-s390_0.0.20020816.orig.tar.gz
      Size/MD5 checksum:   338001 5979fbe7c3325033536dfd3914e22dbd

    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-s390/kernel-image-2.4.17-s390_2.4.17-2.woody.3.dsc
      Size/MD5 checksum:      793 fd4b67d1ba928ded93263c2d95327b65
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-s390/kernel-image-2.4.17-s390_2.4.17-2.woody.3.tar.gz
      Size/MD5 checksum:     7866 50f9e176f8d7fbf6eb6124bf864e6c48

  Architecture independent components:

    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-s390/kernel-patch-2.4.17-s390_0.0.20020816-0.woody.2_all.deb
      Size/MD5 checksum:   300766 03b0017cad1c479c4109c0ad5f072ab0

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-s390/kernel-headers-2.4.17_2.4.17-2.woody.3_s390.deb
      Size/MD5 checksum:  3335312 84663c81b952cfa9407c84985f5623d7
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-s390/kernel-image-2.4.17-s390_2.4.17-2.woody.3_s390.deb
      Size/MD5 checksum:  1342758 b5cd48b7cde59c3893c983d95e451a23


  These files will probably be moved into the stable distribution on
  its next revision.

___________________________________________________________________________________________




- - --------------------------------------------------------------------------
5.
Debian Security Advisory DSA 443-1                     security@xxxxxxxxxx
http://www.debian.org/security/                             Matt Zimmerman
February 19th, 2004                     http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package        : xfree86
Vulnerability  : several
Problem-Type   : remote
Debian-specific: no
CVE Ids        : CAN-2003-0690 CAN-2004-0083 CAN-2004-0084 
                 CAN-2004-0106 CAN-2004-0093 CAN-2004-0094

A number of vulnerabilities have been discovered in XFree86:

 CAN-2004-0083: Buffer overflow in ReadFontAlias from dirfile.c of
    XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to
    execute arbitrary code via a font alias file (font.alias) with a long
    token, a different vulnerability than CAN-2004-0084.

 CAN-2004-0084: Buffer overflow in the ReadFontAlias function in XFree86
    4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows
    local or remote authenticated users to execute arbitrary code via a
    malformed entry in the font alias (font.alias) file, a different
    vulnerability than CAN-2004-0083.

 CAN-2004-0106: Miscellaneous additional flaws in XFree86's handling of
    font files.

 CAN-2003-0690: xdm does not verify whether the pam_setcred function call
    succeeds, which may allow attackers to gain root privileges by
    triggering error conditions within PAM modules, as demonstrated in
    certain configurations of the MIT pam_krb5 module.

 CAN-2004-0093, CAN-2004-0094: Denial-of-service attacks against the X
    server by clients using the GLX extension and Direct Rendering
    Infrastructure are possible due to unchecked client data (out-of-bounds
    array indexes [CAN-2004-0093] and integer signedness errors
    [CAN-2004-0094]).

Exploitation of CAN-2004-0083, CAN-2004-0084, CAN-2004-0106, CAN-2004-0093 and CAN-2004-0094 
would require a connection to the X server.  By default, display managers in Debian start 
the X server with a configuration which only accepts local connections, but if the configuration 
is changed to allow remote connections, or X servers are started by other means, then these bugs could be exploited remotely. Since the X server usually runs with root privileges, these bugs 
could potentially be exploited to gain root privileges.

No attack vector for CAN-2003-0690 is known at this time.

For the stable distribution (woody) these problems have been fixed in version 4.1.0-16woody3.

For the unstable distribution (sid) these problems have been fixed in version 4.3.0-2.

We recommend that you update your xfree86 package.

Upgrade Instructions
- - --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody
- - --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.1.0-16woody3.dsc
      Size/MD5 checksum:     1512 596b339b1a1ab8c1aeebe949a7e77076
    http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.1.0-16woody3.diff.gz
      Size/MD5 checksum:  1600904 d0ab158eaf2b1a49d17470b138e99fe8
    http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.1.0.orig.tar.gz
      Size/MD5 checksum: 54433247 ea7a32e6a81a850e9f19428f3104c300

  Architecture independent components:

    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system_4.1.0-16woody3_all.deb
      Size/MD5 checksum:    60486 27fbccef0a1e87466eae49534b492f32
    http://security.debian.org/pool/updates/main/x/xfree86/xfonts-100dpi-transcoded_4.1.0-16woody3_all.deb
      Size/MD5 checksum:  8333716 23dcab5cbf8daffe02eb6cded5da96b4
    http://security.debian.org/pool/updates/main/x/xfree86/xfonts-100dpi_4.1.0-16woody3_all.deb
      Size/MD5 checksum:  4442612 379489c2b77427f1640525568e5ba4c0
    http://security.debian.org/pool/updates/main/x/xfree86/xfonts-75dpi-transcoded_4.1.0-16woody3_all.deb
      Size/MD5 checksum:  7225924 0e2b47660cbe103fbd67275e55c7da53
    http://security.debian.org/pool/updates/main/x/xfree86/xfonts-75dpi_4.1.0-16woody3_all.deb
      Size/MD5 checksum:  3931790 eb3ecbf1e2a453af48de6b9fb8e23f2f
    http://security.debian.org/pool/updates/main/x/xfree86/xfonts-base-transcoded_4.1.0-16woody3_all.deb
      Size/MD5 checksum:  1105542 30257b1f4ff435f24a1a96f0820f0119
    http://security.debian.org/pool/updates/main/x/xfree86/xfonts-base_4.1.0-16woody3_all.deb
      Size/MD5 checksum:  5028916 f0e09d48bd43a2ebdcb0da701a67ce7f
    http://security.debian.org/pool/updates/main/x/xfree86/xfonts-cyrillic_4.1.0-16woody3_all.deb
      Size/MD5 checksum:   438692 8615a5fcf78891348f4c50c313521ac3
    http://security.debian.org/pool/updates/main/x/xfree86/xfonts-pex_4.1.0-16woody3_all.deb
      Size/MD5 checksum:    69028 f1a392f48015c2a4f3d807e90b92206f
    http://security.debian.org/pool/updates/main/x/xfree86/xfonts-scalable_4.1.0-16woody3_all.deb
      Size/MD5 checksum:   796336 57c31f9b88ab300aa4e3e7ccc18ce295
    http://security.debian.org/pool/updates/main/x/xfree86/xfree86-common_4.1.0-16woody3_all.deb
      Size/MD5 checksum:   546502 82e23de457972fd31f730732b6f6a41c
    http://security.debian.org/pool/updates/main/x/xfree86/xlib6g-dev_4.1.0-16woody3_all.deb
      Size/MD5 checksum:    60446 66db4157ce3571aaf69431a9dc57b91d
    http://security.debian.org/pool/updates/main/x/xfree86/xlib6g_4.1.0-16woody3_all.deb
      Size/MD5 checksum:    60644 228d65986f75e12b67707cb3fe90026f
    http://security.debian.org/pool/updates/main/x/xfree86/xspecs_4.1.0-16woody3_all.deb
      Size/MD5 checksum:  4165232 81a67b7f40cf5c549de8127d19d5227d

  Alpha architecture:

    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:   165680 758b836dbfb7f2c085e40d5ae7984218
    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:   306952 48661b8fd6aabcf1c288d9d42583870e
    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:   198694 1a150e19d5ef4851cd2997fafccca1ae
    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:   779090 a2e7b4a2f552c547060e854ad3b918ae
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:   203980 bdefac84c3b2d45635e2823a48d97ac4
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:   649810 ebb71e7a58de24aacbfc122392249b25
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:   390776 911c46f8a39effb3b6536c24e0ceb2b1
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:   264384 35a40bc5e6369e95dfd62e2fa653a6aa
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:   820950 ffe2c0fcf0cef51b0ead1271058a6d85
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:   390656 dca373f97a0c6493c312150be3be9a15
    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:    79366 864aafa3b5951b9dd98bc67d7acb2ebb
    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:   178158 8fde65115aabda3504bf399e3080ae3c
    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:    60656 776f72c60827e8d6eafe0228c14c4302
    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:  1990968 4d26ed9165fd6412c96fd8159588f1d3
    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:   190388 5bd521173b248c7196da277693f5c51d
    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:   375680 e0dadacdb7cd9a250b553e16ad7ebb03
    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:    85230 b2eee55ea1e688b175bed917c259125c
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:   694628 be4881c1a3930bfd59a7d999d882b2f0
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:  4134766 53c0107f5bbceb19ce056b35ff0f9179
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:  1490576 eef06cb869c824039f6940d1ee492964
    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:   712440 8b270193112f6704250b9ee763b5c4e5
    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa3_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:   611834 485aa455de7b69a4d7adea891d73e871
    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa3-dbg_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:  1603908 a18ceb68d3f95eca22c0ede914dc7b2a
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:  1373258 039e153404dd8985d9d98cd9cb0d76c2
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:  4394370 05d684e56419761ae7232cf96fe145ee
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:  3226632 7b15127196cdf024935e989d5d890497
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:    84834 06cba2d8ff875dc06d042f1a77f5d765
    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:   151186 9f1ad90ee461e161766d3c87d3dedc89
    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:  1889484 8c996bd43cd14e6cc6b6393b26be93d8
    http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:  1476292 04cbea3ac9b0694922c985a146592aef
    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:   220582 4dc83c9cd03a7a0e02819880a828fe85
    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:  5721142 07bb980d44578089a37f288da4db12aa
    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:   525800 35b63d23c16de6383ed680e5908f4725
    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:   713418 7a1c97c098e97f074263561210bcf306
    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody3_alpha.deb
      Size/MD5 checksum:  2048198 bb88476c1a66924cb4f74c7ee9f76ce1

  ARM architecture:

    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody3_arm.deb
      Size/MD5 checksum:   145514 50ef0b1963f370a6dae7106c54b554b6
    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody3_arm.deb
      Size/MD5 checksum:   253408 0a2e7ec03163b1ac48ddcb3c112f5b80
    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody3_arm.deb
      Size/MD5 checksum:   179344 ba15b2866d0ce2c6ef53e1d220104ff6
    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody3_arm.deb
      Size/MD5 checksum:   444786 39dcedfadc5457c3df1c5be9a449e1db
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody3_arm.deb
      Size/MD5 checksum:   189156 ff27274d84a843f33573c3e98780fb15
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody3_arm.deb
      Size/MD5 checksum:   378330 581160df2865aa6f3d484d2993963d80
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody3_arm.deb
      Size/MD5 checksum:   348882 ad6eea6ae902cf8a8da69c499a74b46d
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody3_arm.deb
      Size/MD5 checksum:   241132 b608f9f5a94f2d3700c901bed3e46cba
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody3_arm.deb
      Size/MD5 checksum:   491534 1aa01715c540e2c8e1b75647677d5a89
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody3_arm.deb
      Size/MD5 checksum:   348766 532f7ed26edaa69fc5ce6791c4664278
    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody3_arm.deb
      Size/MD5 checksum:    76848 e5d2d40da1a82c2c5a465a64ee1d1bb7
    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody3_arm.deb
      Size/MD5 checksum:   169406 e35b21223a8175ca20337752aaf544ae
    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody3_arm.deb
      Size/MD5 checksum:    60662 70b3eff9de74afc0402d22828e207399
    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody3_arm.deb
      Size/MD5 checksum:  1624666 637e1f87f507300e108a47200a97ecc1
    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody3_arm.deb
      Size/MD5 checksum:   176004 a0f2be8e600c5719815914902e5f8320
    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody3_arm.deb
      Size/MD5 checksum:   325442 fc7406878bf6670431211d1989f321cb
    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody3_arm.deb
      Size/MD5 checksum:    82404 59c93b618eef92a7d30d1b3c3be51b98
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody3_arm.deb
      Size/MD5 checksum:   607214 0b4615e516baf7f29a5cbeb9967259f8
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody3_arm.deb
      Size/MD5 checksum:   352420 494c01d992c33b555daf2fcd2e107bf4
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody3_arm.deb
      Size/MD5 checksum:   932656 a7875518f73268b407ef31dd58504910
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody3_arm.deb
      Size/MD5 checksum:  1315448 adbbf5c312c74ede40cd57433efeacd8
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody3_arm.deb
      Size/MD5 checksum:  2757938 5ae240d172b40a9c3c7740e8af146dde
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody3_arm.deb
      Size/MD5 checksum:  3092958 d11c5b6ba53c93bac4ece82bfb6f838e
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody3_arm.deb
      Size/MD5 checksum:    84890 c57329ef4533fea7650bee62a78a3336
    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody3_arm.deb
      Size/MD5 checksum:   133772 866710d6310076823f01ec059c8c40b5
    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody3_arm.deb
      Size/MD5 checksum:  1656394 722cd125551b8e431ffdac35801e51fc
    http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody3_arm.deb
      Size/MD5 checksum:  1340506 afcb03b999638193f7b2feda71c75a7e
    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody3_arm.deb
      Size/MD5 checksum:   219812 b0b98151943972d17c647ad2decbd1b9
    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.1.0-16woody3_arm.deb
      Size/MD5 checksum:  4833036 5032aa718b3407f89a6c9c9cf0f734de
    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody3_arm.deb
      Size/MD5 checksum:   494966 b6f8580f8a68fe18720de0e088df286b
    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody3_arm.deb
      Size/MD5 checksum:   621638 18b9e56a3ca2d83f8584705dbdba1ad0
    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody3_arm.deb
      Size/MD5 checksum:  1787624 9426dafcb7099dc1b2300270db6c7652

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:   132670 8fd933be5148c54315e74b44a5deafe9
    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:   229904 6ae969a18d98034c4b4bd76bcaa94e1a
    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:   168686 afa404de8a8d5d1521a7eca0538ac9a3
    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:   409658 cbe7420b075b67da67b8789b6cbb725f
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:   166638 0bf399352601a5d85d045e54526141bf
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:   334448 b6a76734451cd4c7ef621a4ae19142da
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:   292824 a2e05d31cb36934678ab04e6349b8c96
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:   213508 82cbb021b93e8f8d034473216db30117
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:   434096 0ac9482dee086b2cfa654dc1510b16d2
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:   292706 5f20239b084db45e960436be23b2a27d
    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:    76620 b48f4d668795312c344346059b3657fa
    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:   151884 4d6bbf3c6f2f70f71d29170d69282758
    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:    60650 22964ce875683607f68adefae2529c0b
    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:  1456542 8d85a2eea80d8f53cac2d216b968b16e
    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:   171308 47d178a64a019cba82191586e57d0e18
    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:   275912 9e7d073d06ccddd54cbde2886ea183ad
    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:    81182 ac65ed49b9e75643a98c74f070af0140
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:   552776 3cf2ffa3778058979538d076e91764b2
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:  3422738 86c59b02ecc47fabfd9cfc465f13d8cb
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:   866048 7c1d5d921f3e9b04bb859f51a455dc1b
    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:   522760 03607d57e32fe11ea64c865d88ee0c7c
    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa3_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:   462858 61d026c97a2b4ad4c0ddc7c8b7d1f8b4
    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa3-dbg_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:   964398 168b6cca3a7beee21eacfe3d820e3522
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:  1224468 9fc5ccbdb5c6e233d395ef32e34e6aaa
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:  2534836 6ac8b666fbbf6fde1c7b65b59eee70c1
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:  2724422 d6a7c219d864f882c0f42ed0aaf20ef0
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:    73606 b3db648eda102508d53a919319dea950
    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:   124744 6389e463ac7d91a5d71a21942eb4fee2
    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:  1394032 69d96f30c7c8b2334f8592dcc4f0f74c
    http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:  1123578 26a6f080672016e7f0a6a0e785bda1a7
    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:   219886 ad204ec13b3e5c79e8090c3c48047579
    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:  4335684 fb63bf9f30f357d1121eaaebda34361a
    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:   484580 b59df2a7d91059e0489419b2beab425c
    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:   602530 e7cec6cb1f9d06746e069fe1b6592785
    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody3_i386.deb
      Size/MD5 checksum:  1497014 dd7a1edff3909eaa4f5e6830063082af

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:   191862 b0e26a6d972ca56739a008f708e79cbd
    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:   322322 8efa6a6dd0ab78e9c804e78e9ce3096d
    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:   241664 f36f7e60b33659059f51d61a3d9359dc
    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:   825300 5559772145b05a8abf8f74d84278a564
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:   258302 9e540630e31d9a9d8d28e4089100d53a
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:  1167700 8a6c8282d0a512857ec0695db1c4ea50
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:   444444 2a73f1e303d2341b6eccfbca8a93f48d
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:   340530 ee7b150a5332cd6cb5da90b33c338a04
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:  1334132 e6293df4266a98fa01f58c5e97bde225
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:   444324 5473ffa5fc3a7ad38b0b63437ebb6d2d
    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:    84112 c1147bd3716b240a33edaca241737fc8
    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:   207962 76be86fb1ee7154cfa3c56c03a1f5639
    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:    60654 19a6f96aa8449ba1087a907174ab46d1
    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:  2410264 923d6a075445dd08ebe5188208ed68b9
    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:   211194 0affffd8a3bb7234ed59c43932852abc
    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:   474174 ae66008eaffba47612e1126fdb5e9b99
    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:    91326 cf1453b5b8e1932efac89d050a05e5b8
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:   743766 376642583e7fafdbd3f339951c9f3624
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:  5185762 393bcb65f1e53c15f674f1385f1ae7e0
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:  2394946 93463be02304d99d802b0bc308db5157
    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:   832054 2419baa6e6f82a617ae7b0490fa1beb2
    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa3_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:   756148 13c38a409f1a12fbde78ba03f1a3bf52
    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa3-dbg_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:  3199636 93cd4ee45810a6874d3508a4b36db535
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:  1652690 3a670766774cf444763ecb7fdffb599d
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum: 18060914 f3dff607d9b04ebae9cadf03ab40887b
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:  3513724 fab56ad95c0a28a91ba2ad267fad8af9
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:    89486 f002ef04ec381975c11cb9e692c4e979
    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:   170518 b56e6894528921a66a7303f28e64c58a
    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:  2370960 58f690f738581599355399d0a84e22ed
    http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:  1895620 40941779d953b55094b5c899fa5b2948
    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:   221768 3ea69688bbba1e1bee66340ab48b4345
    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:  6901592 46f61248a972df174e1a5e835b4dcd16
    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:   566986 af122eca12678aa2a1ea7294381780db
    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:   816118 31229d60d97c0640500dc81f3465a577
    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody3_ia64.deb
      Size/MD5 checksum:  2572114 98d9f74691354843c779a52c7dbe151e

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody3_hppa.deb
      Size/MD5 checksum:   154782 9dee055000d8cb78e8b72d5844d6a8e6
    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody3_hppa.deb
      Size/MD5 checksum:   278692 7e504ab679b79a1cb1eeab83c3c6177a
    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody3_hppa.deb
      Size/MD5 checksum:   202694 8ab42e012af7ac8a6846339a9d81d4c3
    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody3_hppa.deb
      Size/MD5 checksum:   489140 bea5c3172b096fb01e2a3f9f03d821cf
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody3_hppa.deb
      Size/MD5 checksum:   204200 b300c964460a5b987aa370d457b59128
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody3_hppa.deb
      Size/MD5 checksum:   398060 8428f8a66438302ab2483e353f7c7d41
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody3_hppa.deb
      Size/MD5 checksum:   358712 7e2e71e1fe5a421d9fa456da4caf8ed8
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody3_hppa.deb
      Size/MD5 checksum:   264616 2c8c69cc302ff839d21ab622a18b9d60
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody3_hppa.deb
      Size/MD5 checksum:   517704 6c773d7c77ac8bb532d32e5b361238b1
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody3_hppa.deb
      Size/MD5 checksum:   358600 62700099e7514940da8728e0f71bd788
    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody3_hppa.deb
      Size/MD5 checksum:    78786 efbd89540b3c8fb4350c911b124e91b2
    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody3_hppa.deb
      Size/MD5 checksum:   172682 4d291580135a8a96da518727e9d4b1af
    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody3_hppa.deb
      Size/MD5 checksum:    60658 dd41cd59311d636b2cd84d4d31d189fd
    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody3_hppa.deb
      Size/MD5 checksum:  1700106 1c24ffc417dd5a8a764ed45c32213e6c
    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody3_hppa.deb
      Size/MD5 checksum:   181330 a7c1bb5aa2992c50b11dbc4000260002
    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody3_hppa.deb
      Size/MD5 checksum:   338810 a40b55fd748c80a0dba45b860967bb1f
    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody3_hppa.deb
      Size/MD5 checksum:    83824 ee5d9bf0cfc5ef859139020a6c567892
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody3_hppa.deb
      Size/MD5 checksum:   681798 1fb2717e21c515b62337c0abdc534ea3
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody3_hppa.deb
      Size/MD5 checksum:   434948 4ae4d6af4717c9e7e5379858d45155f5
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody3_hppa.deb
      Size/MD5 checksum:   995840 126d853388284738a8f84af621b4f322
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody3_hppa.deb
      Size/MD5 checksum:  1457044 b878e78f0e51049cf13946e0bb8010ab
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody3_hppa.deb
      Size/MD5 checksum:  2977882 b2517ca97aeec23eab04810a53734777
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody3_hppa.deb
      Size/MD5 checksum:  3192312 b15a539209f4aa7602e7af77e10c343b
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody3_hppa.deb
      Size/MD5 checksum:    81332 95399c1735af07bc1bf730de614aeed9
    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody3_hppa.deb
      Size/MD5 checksum:   138080 a6dbc84ce39bce1d892eaf4c5f9aac7a
    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody3_hppa.deb
      Size/MD5 checksum:  1924108 b25df0e0234963930570aa5b5401fe0c
    http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody3_hppa.deb
      Size/MD5 checksum:  1499654 f66ce5c6e4f98e70265f330732941712
    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody3_hppa.deb
      Size/MD5 checksum:   220354 06df97ea5ad2dd91ba0f270a74baea0a
    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.1.0-16woody3_hppa.deb
      Size/MD5 checksum:  3592726 a0f1134478aa8073a5f336fb2937f93a
    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody3_hppa.deb
      Size/MD5 checksum:   510394 053950f5abbfa6bc28d7aac27a9749ff
    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody3_hppa.deb
      Size/MD5 checksum:   665576 bc2c1f12532e2650b339d6338a26ff69
    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody3_hppa.deb
      Size/MD5 checksum:  2070616 88fb211acea00e6f18d64a630b655ee4

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody3_m68k.deb
      Size/MD5 checksum:   127820 1293e82d9b55d372d1f3a0a32f019f4c
    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody3_m68k.deb
      Size/MD5 checksum:   232652 dac200c786dc77823e9c7f507c6a5f5e
    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody3_m68k.deb
      Size/MD5 checksum:   176940 b8c8db6506f5adf570d8287a5ba78fe9
    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody3_m68k.deb
      Size/MD5 checksum:   433414 6b31554cb418ce558945f466b6d3a9a6
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody3_m68k.deb
      Size/MD5 checksum:   163818 fb556a204b635a50b16be7293bdfff49
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody3_m68k.deb
      Size/MD5 checksum:   341130 73b251c4890ba71a2b767dc800014ddf
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody3_m68k.deb
      Size/MD5 checksum:   283560 44df7ac0fb0a5e3c70678330421d1d28
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody3_m68k.deb
      Size/MD5 checksum:   208298 2fcbc5fc0e527fd8c12e91db71f53fab
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody3_m68k.deb
      Size/MD5 checksum:   443656 ac457427b4f04e56aaa2f1b3db5d0c58
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody3_m68k.deb
      Size/MD5 checksum:   283426 e1f8b6038ab9804a6b10b978a5382937
    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody3_m68k.deb
      Size/MD5 checksum:    75676 54a558013e05043e6bbc15dc8c9286cc
    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody3_m68k.deb
      Size/MD5 checksum:   148078 ff82e1fffd9862316aee8867246ebeb4
    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody3_m68k.deb
      Size/MD5 checksum:    60662 d3154f16ef212b87a7a02fc3159c3132
    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody3_m68k.deb
      Size/MD5 checksum:  1375852 62823a75d1dfd6cb58713e7a5cf94957
    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody3_m68k.deb
      Size/MD5 checksum:   168610 297d57ce20552eda54742f90e2655122
    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody3_m68k.deb
      Size/MD5 checksum:   256808 e4ab25f770c3c7fb960436f526df2ef1
    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody3_m68k.deb
      Size/MD5 checksum:    80098 7d0eb6d68cdf2eba32bcfd22b1ba8de5
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody3_m68k.deb
      Size/MD5 checksum:   519812 2d67b4f40d083dd9a946c864a3e0f340
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody3_m68k.deb
      Size/MD5 checksum:   335904 de8bb3b5b8563f5b80d6fa8be6e4c59d
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody3_m68k.deb
      Size/MD5 checksum:   864764 23ae0b045fa6d811a1dc7dc626d80628
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody3_m68k.deb
      Size/MD5 checksum:  1182654 f95b0c723199eb490a08662efcdd7ec5
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody3_m68k.deb
      Size/MD5 checksum:  2575502 a83222e634843d8468fd010bb6b0f5aa
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody3_m68k.deb
      Size/MD5 checksum:  2648076 f917692c37bee4d58b6266a7b25e64ea
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody3_m68k.deb
      Size/MD5 checksum:    72972 ff5a0e30a64742dc4ebd69ee75078aae
    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody3_m68k.deb
      Size/MD5 checksum:   122752 16e3921a112190f9362d24063e6b393f
    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody3_m68k.deb
      Size/MD5 checksum:  1235074 31e9e76f6f531255207fc65ff1b81c26
    http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody3_m68k.deb
      Size/MD5 checksum:  1006490 d5ef4446bcc696001424f7c786e2afc2
    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody3_m68k.deb
      Size/MD5 checksum:   219808 857603e37ae1af7f9b9e54f103eee56c
    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.1.0-16woody3_m68k.deb
      Size/MD5 checksum:  3535634 296d5444a5ffa635211b1099065e2439
    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody3_m68k.deb
      Size/MD5 checksum:   478898 21049f1158c5a445db468b9dcd77f495
    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody3_m68k.deb
      Size/MD5 checksum:   551570 c6991702f55d3e5a912cce5b11686ea6
    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody3_m68k.deb
      Size/MD5 checksum:  1325700 79d635417c007dbfe07d81ccde371fd9

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody2_mips.deb
      Size/MD5 checksum:   153212 6d5f9702da9dab5ed0378a3ab819a43e
    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody2_mips.deb
      Size/MD5 checksum:   277290 3b9f9f44d47c81730000a3275e0ce9ef
    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody2_mips.deb
      Size/MD5 checksum:   173988 75f175501b2fe12a4523900c85d2d979
    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody2_mips.deb
      Size/MD5 checksum:   576214 a3aefa4f7164a9e079de85d2c0bc4e90
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody2_mips.deb
      Size/MD5 checksum:   182612 f5fa07c654dd07b1e1fcbda103353452
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody2_mips.deb
      Size/MD5 checksum:   551082 e425df52848fc6a2dd2b72e65ad2e5d1
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody2_mips.deb
      Size/MD5 checksum:   350208 b57ee29c5769ea711cdaa2d42b5ffaf4
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody2_mips.deb
      Size/MD5 checksum:   233262 7dffb1fe9b9cf96a591eb99110d0ce92
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody2_mips.deb
      Size/MD5 checksum:   691170 814a428367e01f6e220966d691923749
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody2_mips.deb
      Size/MD5 checksum:   350108 fcbf81c206bea838135ddf666dfdca8f
    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody2_mips.deb
      Size/MD5 checksum:    77692 a4cbe8fad79542f9802db8f9543b4d5f
    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody2_mips.deb
      Size/MD5 checksum:   168114 d6661bb257ffb74a376e82654cd264f0
    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody2_mips.deb
      Size/MD5 checksum:    60368 b514ff2da04d73020a7dae707e4f0718
    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody2_mips.deb
      Size/MD5 checksum:  1653074 123f99116d4906ef3e5943fb583c5a9e
    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody2_mips.deb
      Size/MD5 checksum:   177170 a6d982023b5441c0241b014670f279fa
    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody2_mips.deb
      Size/MD5 checksum:   337970 fbb747dfdc464fb4eb0ab348a4899a0c
    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody2_mips.deb
      Size/MD5 checksum:    83230 78eda98df0f811e7a0969014dc3930fa
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody2_mips.deb
      Size/MD5 checksum:   633646 0dd4a6fc3c2c004d49d073aada66befd
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody2_mips.deb
      Size/MD5 checksum:   357858 078d8cde27d9395c334c53737ad5ab0e
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody2_mips.deb
      Size/MD5 checksum:  1077652 ff78096b06fd6dc37260caacd9a6b1f3
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody2_mips.deb
      Size/MD5 checksum:  1309586 a81e38c2fc91fc97f41e27acd3b5575c
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody2_mips.deb
      Size/MD5 checksum:  3734142 70db2acd17ae7bcf6835c17f27ec4370
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody2_mips.deb
      Size/MD5 checksum:  3124802 2e3e64ab1c1175cf0d40b8fe4fb76158
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody2_mips.deb
      Size/MD5 checksum:    78568 40a58af023332680c321c2ff0c720a78
    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody2_mips.deb
      Size/MD5 checksum:   140876 30d95a11237c4eea01010b23187559e8
    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody2_mips.deb
      Size/MD5 checksum:  1775288 ff157f3839c9a6dd4b3a7c88fa3f1750
    http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody2_mips.deb
      Size/MD5 checksum:  1440566 418337e17e15620ce1a4d2a515d6e2db
    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody2_mips.deb
      Size/MD5 checksum:   219406 63595f2305a1c9cfe37b106094899a77
    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.1.0-16woody2_mips.deb
      Size/MD5 checksum:  3386096 ee2ea9ff0c4fd1474c825c2c90754ed7
    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody2_mips.deb
      Size/MD5 checksum:   506276 e6aee27ba8bf106e43f4a832f394ac56
    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody2_mips.deb
      Size/MD5 checksum:   662138 951ff73c01a8b7d0aa28f8cfb933458c
    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody2_mips.deb
      Size/MD5 checksum:  1910570 ad4821fec6c32174f349cb233e2e4784

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody2_mipsel.deb
      Size/MD5 checksum:   152776 40a2a957fe97188eba5ba4fce1b4df4e
    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody2_mipsel.deb
      Size/MD5 checksum:   276640 6e3cb16cbbcf9e5f5e39313462884153
    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody2_mipsel.deb
      Size/MD5 checksum:   172496 918e2f13a7de48e25d47ada7f4e61177
    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody2_mipsel.deb
      Size/MD5 checksum:   559346 5d9da030238f714e445bae19fc1d6b87
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody2_mipsel.deb
      Size/MD5 checksum:   181008 93cf81cd500480869b35bb808180f31b
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody2_mipsel.deb
      Size/MD5 checksum:   535964 a2fb16f6692113a6eda68e3914093c5e
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody2_mipsel.deb
      Size/MD5 checksum:   349308 400d64d9fbdaf8c0a8fed39446138887
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody2_mipsel.deb
      Size/MD5 checksum:   230998 0bbef0e9475a688b1c18cc30b6e24731
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody2_mipsel.deb
      Size/MD5 checksum:   669140 edd07e66700c9b1d1908ca4e42dee9f9
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody2_mipsel.deb
      Size/MD5 checksum:   349202 c49d184aba233f3882f629f9b7ebba4a
    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody2_mipsel.deb
      Size/MD5 checksum:    77652 475b138e65a503670efa4997c910d7d9
    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody2_mipsel.deb
      Size/MD5 checksum:   167574 b76bac83cd140a3a9308f3ecc5303cd6
    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody2_mipsel.deb
      Size/MD5 checksum:    60374 2fcbe3914d32baf53ed7eae15b790c5f
    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody2_mipsel.deb
      Size/MD5 checksum:  1649548 33679a76710eff708db40c4e850d8cff
    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody2_mipsel.deb
      Size/MD5 checksum:   176992 79034ed04c0defbde085d5ddf9b46de6
    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody2_mipsel.deb
      Size/MD5 checksum:   337404 122d2c9bf15a5b8fdca1e6477ca2c5a8
    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody2_mipsel.deb
      Size/MD5 checksum:    83284 5731cf284f18d6325bfb16be76d4f613
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody2_mipsel.deb
      Size/MD5 checksum:   624380 0c0c9e982725771b6f129d752142f7bb
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody2_mipsel.deb
      Size/MD5 checksum:   354172 7b6d82d7286e46311cee87e0f629064c
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody2_mipsel.deb
      Size/MD5 checksum:  1044464 fa95d99db95734ad16c0ef9854976dc4
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody2_mipsel.deb
      Size/MD5 checksum:  1304116 736dcce56aa4542c85a84a27bfcae863
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody2_mipsel.deb
      Size/MD5 checksum:  3609594 74fbb128dee0dbd62b4a48287dcffbff
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody2_mipsel.deb
      Size/MD5 checksum:  3112862 6d20570d2be70a4c3860db94c4f22384
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody2_mipsel.deb
      Size/MD5 checksum:    78494 a4231b50bcf3db6a9d5b31d60dcc2d00
    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody2_mipsel.deb
      Size/MD5 checksum:   140750 d23a340e160f179ad436e912fe009e2a
    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody2_mipsel.deb
      Size/MD5 checksum:  1773402 54fbf41665f971975fa288bc8a2c5997
    http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody2_mipsel.deb
      Size/MD5 checksum:  1439366 35c36964923f918d8e8ea497d1d431d6
    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody2_mipsel.deb
      Size/MD5 checksum:   219406 eae84b04d22182c628f2247da2899871
    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.1.0-16woody2_mipsel.deb
      Size/MD5 checksum:  3383724 4109daea5a701eb7f33ba7c8354196f9
    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody2_mipsel.deb
      Size/MD5 checksum:   505700 9db7b1cd582f5177bef94bd06f51e40f
    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody2_mipsel.deb
      Size/MD5 checksum:   661988 1ce53794a506193dc96d784ced890db2
    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody2_mipsel.deb
      Size/MD5 checksum:  1906496 0b138a80210e81b2ae880f232d44d473

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:   141688 5d8f6ac912a0d6393d723c9f1fd7a30a
    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:   260342 459e5600dcd650f92dd0e3fc09298b97
    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:   188196 a2c1ce81c328bde25700f2bb686b9744
    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:   446284 f7387a966a0295877e1b73eafa01e7c4
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:   179146 6eb85b46e04c9ad87668617b76f14d77
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:   356494 1336f503499daf50e05c2a4d8ed8ab30
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:   331300 b6ad41d18c7c5f76aee16ae9d2257603
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:   232710 14c3641ab8b52685b124ce4a42b17244
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:   469672 646f1c7b4f6324bf6b29139a89f22b76
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:   331182 bc6972d7dab4233a1c3c425b3cf6d982
    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:    77170 6ed2aa23b6640dc12ea23d2d74ac5cd0
    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:   160680 7ede632462377c5b80a8c7ab1813f605
    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:    60662 1e1c14b6186264096045ad0e8e3d8be3
    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:  1609750 9c26eac8b97110a2b3d9dac3465a7d4a
    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:   172740 363beb5d4466731d0963705d18f438d7
    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:   305000 ef788be207b5b1882db5b1993fc4fc58
    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:    82622 d15650f220724693bcea3002bd93fab3
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:   606554 2226aba1b10c9bc5491e407286490202
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:  2449226 3589ed13a56663b0d878aba61258af85
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:   924090 f3600ca3d72ee4b97ad177ffb71f05a7
    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:   623642 5efd24ce16723f5806677e700d766c8d
    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa3_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:   530620 e8d4f240f9657023e683042251048b0f
    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa3-dbg_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:  1087642 cf82db9facb815cdd4a0c44f32053d3a
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:  1300056 637d64b4337390dcdc031ec0263198d3
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:  2702230 2cf672ff5c6fb7c0f892866af644802a
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:  2985720 19584d96a2b97df32e24960fa141e86e
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:    76884 28ca3422b9eb0e399cb78bb971589e14
    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:   132720 78ad7d60868ca6df44aed2dfdbdf3ab6
    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:  1580382 99f57982ce0159a3774622e55c5be87d
    http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:  1275154 203fa9dbca10b4ffdd7bff2875855d4e
    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:   219816 1cbe6acc3ac77a17a9e432379b67f0cc
    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:  4618298 b2699b6747636c06d994ac08c125929b
    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:   493434 68cedf02482d7ba2a94c60b1d48f3285
    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:   604600 2ecd74b15ba79ad00c4617cbfc06231a
    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody3_powerpc.deb
      Size/MD5 checksum:  1708798 329da11ba0737925e303e1fc7b7530dc

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody3_s390.deb
      Size/MD5 checksum:   140022 b9428b7b0de94b51e1317275b75628fe
    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody3_s390.deb
      Size/MD5 checksum:   235294 873bbd87083d9362bafbe0ce3b885170
    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody3_s390.deb
      Size/MD5 checksum:   177022 18e9f081719ec42f5026ceef35034c59
    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody3_s390.deb
      Size/MD5 checksum:   447756 e90bb8aa2c3249fe2c101092e4f5ff41
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody3_s390.deb
      Size/MD5 checksum:   184090 712ad57a8eef8701e3c502990248477d
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody3_s390.deb
      Size/MD5 checksum:   368874 efd45ceb167144e5b8ff21320a13e013
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody3_s390.deb
      Size/MD5 checksum:   308920 4395835f314299dedf64710a07c77aab
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody3_s390.deb
      Size/MD5 checksum:   235262 af297431b8649917e0c4bc189a15a4e2
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody3_s390.deb
      Size/MD5 checksum:   480910 d68b00808acba34e60db1b9ce51f0232
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody3_s390.deb
      Size/MD5 checksum:   308802 5c0173d6831e5e0a433b2c3d05be1db0
    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody3_s390.deb
      Size/MD5 checksum:    77334 ab0364de77281e6658aafda6373de47d
    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody3_s390.deb
      Size/MD5 checksum:   164156 61e2b88ee559c91b6dd22d679f3613c2
    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody3_s390.deb
      Size/MD5 checksum:    60646 89855dc7c4637c9baa9ca698427e38d6
    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody3_s390.deb
      Size/MD5 checksum:  1255586 d118b97ce2bae9232a14fb11e79a5451
    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody3_s390.deb
      Size/MD5 checksum:   175006 8ee37a329329ffb769ca7b469387cfb3
    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody3_s390.deb
      Size/MD5 checksum:   293066 8582ad833773277f4e9a59681dc08417
    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody3_s390.deb
      Size/MD5 checksum:    82826 034c0a1ce46451bff4ff937da2078d4b
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody3_s390.deb
      Size/MD5 checksum:   551122 003ed501dd557c6394910e7f474f631f
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody3_s390.deb
      Size/MD5 checksum:   361030 a58f799a9e1ea0d1aaaf364a243f7d26
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody3_s390.deb
      Size/MD5 checksum:   912606 46c8fea9d271db0aa174fa52e0c688b9
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody3_s390.deb
      Size/MD5 checksum:  1195444 5b0a962297ae57eaad88decd3267cc1d
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody3_s390.deb
      Size/MD5 checksum:  2483570 0eb4fee78e6be630aaa7bf36db1e5b87
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody3_s390.deb
      Size/MD5 checksum:  2622002 a274a8ef1f50d4f6a6b2f10959f552b4
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody3_s390.deb
      Size/MD5 checksum:    75666 1ad4e3d57864db36546c8b4f4d5df6ce
    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody3_s390.deb
      Size/MD5 checksum:   128702 6ea4422f324193b6a89c5ad1d51802cd
    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody3_s390.deb
      Size/MD5 checksum:  1180832 65f41ebe32f61d276228cdea5ebb8191
    http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody3_s390.deb
      Size/MD5 checksum:   871764 b0e6e6c02e6c85780f4fd0667cd39b0d
    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody3_s390.deb
      Size/MD5 checksum:   220292 75aa64b8031819131f799ffcb7b7d7d5
    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody3_s390.deb
      Size/MD5 checksum:   492862 a11f96531641cdc7843a5af5d8294c85
    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody3_s390.deb
      Size/MD5 checksum:   580666 eb62cc99439d757e8ea76c769a417db2
    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody3_s390.deb
      Size/MD5 checksum:  1293232 2215cff4823f43541c7c4f7b92bd2157

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:   140266 1901b6c900fc1847ca74a27f3dcaff32
    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:   247470 1b29a600f60a08dc278deb232ad20938
    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:   183052 42747bf59f87afcbd15ab7ffb50e31f0
    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:   444802 ae524b602729a2741e4a19cc29ee2732
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:   172578 e708203e6b8db0abdfa6747d5f6d4e17
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:   347922 9189e3d05f2860697ac559f9b59a4278
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:   309114 999436a5148deba3dd03eca7e762a68c
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:   221854 a8e99bc8ce4d742882b5ddd46efbe317
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:   454230 c5d49402afd30c81b17f26d154564d58
    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:   309012 eff40509997809e2a9e166969283455e
    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:    79222 e07fd96ff8264744f4eda9b58ece2269
    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:   163480 ce3ddb8156914751a90537a36617ec8d
    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:    60654 34c4130a00d9a7eb84b92454fc5fdbd1
    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:  1710872 43f30b7958cf1bef6724d54957b003a1
    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:   173852 301f001965c0d36f9d71a4354f4495a6
    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:   302708 51f2d344c70deb05b9e40e29b2252a6b
    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:    84370 0c3fb4a6ffde23d4d4563507869a422f
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:   586902 4bbfd4feb8f0021abd99d01a9a601a5a
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:   886132 ef589e854e0d17549a698a19ef204895
    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:   908598 d504c2631760c00d160afc50cd9d18ac
    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:   612972 3bfe528bb5ffe461484a27c0bfdb111f
    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa3_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:   553726 6436662a03963a803b5b7e47360477bb
    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa3-dbg_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:  1104206 fd383169e7c49a661b64309aec9f8e60
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:  1262736 fa1d07239a3e3f2c627b9f6e4ad49f62
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:  2647358 e2d115192b265cdf81feda9929bf5c6d
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:  2866814 1419f0f9e8e0868efc48e3c80dc51513
    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:    75850 eae08484865fe01657405ca3dfbf6603
    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:   130826 0f4efd7fb51016b302a86be6fb04b67a
    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:  1537094 36cd814a7da3ad3db158b1f3e658f0ec
    http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:  1203312 039e62f27d05dda3f7969fe675ada527
    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:   223034 dff119552b5f2a2c9cee09576c06f590
    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:  4050704 24c367c30dcd7454c389b2c76a75d00a
    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:   491866 145244d3f636b4f7971a02c7933b3183
    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:   645256 6d5be2cd318753ca37fe5334a8cd70c3
    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody3_sparc.deb
      Size/MD5 checksum:  1649604 a43b3c715c8a1f3c49965722edbae251

  These files will probably be moved into the stable distribution on
  its next revision.

_________________________________________________________________________________________________




- - --------------------------------------------------------------------------
6.
Debian Security Advisory DSA 445-1                     security@xxxxxxxxxx
http://www.debian.org/security/                             Matt Zimmerman
February 21st, 2004                     http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package        : lbreakout2
Vulnerability  : buffer overflow
Problem-Type   : local
Debian-specific: no
CVE Ids        : CAN-2004-0158

During an audit, Ulf Harnhammar discovered a vulnerability in lbreakout2, a game, where proper 
bounds checking was not performed on environment variables.  This bug could be exploited by a 
local attacker to gain the privileges of group "games".

For the current stable distribution (woody) this problem has been fixed in version 2.2.2-1woody1.

For the unstable distribution (sid), this problem will be fixed soon.

We recommend that you update your lbreakout2 package.

Upgrade Instructions
- - --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody
- - --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/l/lbreakout2/lbreakout2_2.2.2-1woody1.dsc
      Size/MD5 checksum:      638 c2e605263d4d0ca08218e667d1299efa
    http://security.debian.org/pool/updates/main/l/lbreakout2/lbreakout2_2.2.2-1woody1.diff.gz
      Size/MD5 checksum:     5688 692094c7a0705bfd5f5595a6ce750977
    http://security.debian.org/pool/updates/main/l/lbreakout2/lbreakout2_2.2.2.orig.tar.gz
      Size/MD5 checksum:  1215427 d5f0ef9371d7165723aa35a3e325a3ba

  Alpha architecture:

    http://security.debian.org/pool/updates/main/l/lbreakout2/lbreakout2_2.2.2-1woody1_alpha.deb
      Size/MD5 checksum:  1157816 7ef7a54e5b3803ca672b57731cb95f9a

  ARM architecture:

    http://security.debian.org/pool/updates/main/l/lbreakout2/lbreakout2_2.2.2-1woody1_arm.deb
      Size/MD5 checksum:  1126502 28bb2c780e0907c9d7f9862f459002f8

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/l/lbreakout2/lbreakout2_2.2.2-1woody1_i386.deb
      Size/MD5 checksum:  1112732 80fb5d46320ff2b8fae374a61b8ae5ba

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/l/lbreakout2/lbreakout2_2.2.2-1woody1_ia64.deb
      Size/MD5 checksum:  1182786 a899fab79519604d591c4a330783db64

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/l/lbreakout2/lbreakout2_2.2.2-1woody1_hppa.deb
      Size/MD5 checksum:  1136182 fa206bfef247e4a2feb48234f160bf49

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/l/lbreakout2/lbreakout2_2.2.2-1woody1_m68k.deb
      Size/MD5 checksum:  1110628 9bf1761c57b1fe866e32837cbcf99e71

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/l/lbreakout2/lbreakout2_2.2.2-1woody1_mips.deb
      Size/MD5 checksum:  1142782 d9d2dd4237685a9eec94e7c310e172db

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/l/lbreakout2/lbreakout2_2.2.2-1woody1_powerpc.deb
      Size/MD5 checksum:  1129844 f7bd1188ba6485798eb22e195ee938dd

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/l/lbreakout2/lbreakout2_2.2.2-1woody1_s390.deb
      Size/MD5 checksum:  1121760 5c49bbbfd9f582151bf3cb8b8a2e213a

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/l/lbreakout2/lbreakout2_2.2.2-1woody1_sparc.deb
      Size/MD5 checksum:  1124704 95231dbcc444a3f2e65603029e1f5e2c

  These files will probably be moved into the stable distribution on
  its next revision.

_________________________________________________________________________________________________



- - --------------------------------------------------------------------------
7.
Debian Security Advisory DSA 446-1                     security@xxxxxxxxxx
http://www.debian.org/security/                             Matt Zimmerman
February 21st, 2004                     http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package        : synaesthesia
Vulnerability  : insecure file creation
Problem-Type   : local
Debian-specific: no
CVE Ids        : CAN-2004-0160

During an audit, Ulf Harnhammar discovered a vulnerability in synaesthesia, 
a program which represents sounds visually. synaesthesia created its 
configuration file while holding root privileges, allowing a local user to 
create files owned by root and writable by the user's primary group.  This 
type of vulnerability can usually be easily exploited to execute arbitary 
code with root privileges by various means.

For the current stable distribution (woody) this problem has been fixed in version 2.1-2.1woody1.

The unstable distribution (sid) is not affected by this problem, because synaesthesia is no longer setuid.

We recommend that you update your synaesthesia package.

Upgrade Instructions
- - --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody
- - --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/s/synaesthesia/synaesthesia_2.1-2.1woody1.dsc
      Size/MD5 checksum:      635 ca8bc25afbb982dd10c40e5923c2e3c3
    http://security.debian.org/pool/updates/main/s/synaesthesia/synaesthesia_2.1-2.1woody1.diff.gz
      Size/MD5 checksum:     3443 f62b934ffb45a01c0c54fa02c76ea68b
    http://security.debian.org/pool/updates/main/s/synaesthesia/synaesthesia_2.1.orig.tar.gz
      Size/MD5 checksum:   129209 5bc166deb369a3c71efd61e1ad5e5475

  Alpha architecture:

    http://security.debian.org/pool/updates/main/s/synaesthesia/synaesthesia_2.1-2.1woody1_alpha.deb
      Size/MD5 checksum:    77836 7526ae1261ebb7c9ce6113e5e5ff0e00

  ARM architecture:

    http://security.debian.org/pool/updates/main/s/synaesthesia/synaesthesia_2.1-2.1woody1_arm.deb
      Size/MD5 checksum:    78138 e4a4770c9cb604e1f53b7f273acef38c

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/s/synaesthesia/synaesthesia_2.1-2.1woody1_i386.deb
      Size/MD5 checksum:    70656 e56242f5bd2639ae8ab6eed5c0f9a4f1

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/s/synaesthesia/synaesthesia_2.1-2.1woody1_ia64.deb
      Size/MD5 checksum:    85918 63f85dde186643f4ade2d28a8e0a9b1c

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/s/synaesthesia/synaesthesia_2.1-2.1woody1_hppa.deb
      Size/MD5 checksum:    77528 529d8f398a586c2da550d1f6516c3dd9

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/s/synaesthesia/synaesthesia_2.1-2.1woody1_m68k.deb
      Size/MD5 checksum:    67276 fd6dfc3edc2006c9ec5a6b7c178edbc0

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/s/synaesthesia/synaesthesia_2.1-2.1woody1_mips.deb
      Size/MD5 checksum:    75688 7ec5526fa01d8fd8d89e30132528e796

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/s/synaesthesia/synaesthesia_2.1-2.1woody1_powerpc.deb
      Size/MD5 checksum:    72086 8450c5664bc45e3ba415a4ae7dbfe04a

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/s/synaesthesia/synaesthesia_2.1-2.1woody1_s390.deb
      Size/MD5 checksum:    70246 04d89911bd4a830d10f09f67ff5215e2

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/s/synaesthesia/synaesthesia_2.1-2.1woody1_sparc.deb
      Size/MD5 checksum:    72078 a14d6100f23836795db0f3440e8f3c64

  These files will probably be moved into the stable distribution on
  its next revision.

_________________________________________________________________________________________________________




- - --------------------------------------------------------------------------
8.
Debian Security Advisory DSA 447-1                     security@xxxxxxxxxx
http://www.debian.org/security/                             Matt Zimmerman
February 22nd, 2004                     http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package        : hsftp
Vulnerability  : format string
Problem-Type   : remote
Debian-specific: no
CVE Id         : CAN-2004-0159

During an audit, Ulf Harnhammar discovered a format string vulnerability in hsftp.  
This vulnerability could be exploited by an attacker able to create files on a 
remote server with carefully crafted names, to which a user would connect using hsftp.  
When the user requests a directory listing, particular bytes in memory could be 
overwritten, potentially allowing arbitrary code to be executed with the privileges 
of the user invoking hsftp.

Note that while hsftp is installed setuid root, it only uses these privileges to 
acquire locked memory, and then relinquishes them.

For the current stable distribution (woody) this problem has been fixed in version 1.11-1woody1.

For the unstable distribution (sid), this problem will be fixed soon.

We recommend that you update your hsftp package.

Upgrade Instructions
- - --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody
- - --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/h/hsftp/hsftp_1.11-1woody1.dsc
      Size/MD5 checksum:      595 9cefb21b2527ae0bf6cf813edd470320
    http://security.debian.org/pool/updates/main/h/hsftp/hsftp_1.11-1woody1.diff.gz
      Size/MD5 checksum:     1850 9a62d6a8ca1b885e78b84d23978af15d
    http://security.debian.org/pool/updates/main/h/hsftp/hsftp_1.11.orig.tar.gz
      Size/MD5 checksum:    50859 0b9d3eff1b9fcc2ab44a970c3535f777

  Alpha architecture:

    http://security.debian.org/pool/updates/main/h/hsftp/hsftp_1.11-1woody1_alpha.deb
      Size/MD5 checksum:    19582 a7ae51d2bc5102f8a92a8d5e640ab198

  ARM architecture:

    http://security.debian.org/pool/updates/main/h/hsftp/hsftp_1.11-1woody1_arm.deb
      Size/MD5 checksum:    17410 bf432d578eb24f94ae423a38a8380f7c

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/h/hsftp/hsftp_1.11-1woody1_i386.deb
      Size/MD5 checksum:    17106 b638f3ab3bd577a8c287a77b57933ea1

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/h/hsftp/hsftp_1.11-1woody1_ia64.deb
      Size/MD5 checksum:    22808 2673a0bd78ec8341da16998b51feefcf

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/h/hsftp/hsftp_1.11-1woody1_hppa.deb
      Size/MD5 checksum:    18200 11c371b92821e461ac0179f3b7edfeb3

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/h/hsftp/hsftp_1.11-1woody1_m68k.deb
      Size/MD5 checksum:    16406 928c44582067a9b264f62d32408a9a46

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/h/hsftp/hsftp_1.11-1woody1_mips.deb
      Size/MD5 checksum:    17676 a6e150e08063dba73ff5a44f75f30a83

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/h/hsftp/hsftp_1.11-1woody1_powerpc.deb
      Size/MD5 checksum:    17620 ca2e00d4af42d2b19f48a2b71455b167

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/h/hsftp/hsftp_1.11-1woody1_s390.deb
      Size/MD5 checksum:    17686 366193042afb69b518ef20c1ae08444d

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/h/hsftp/hsftp_1.11-1woody1_sparc.deb
      Size/MD5 checksum:    17070 8788ef38808a6271c2a1ff2a1da6adff

  These files will probably be moved into the stable distribution on
  its next revision.

______________________________________________________________________________________________




- - --------------------------------------------------------------------------
9.
Debian Security Advisory DSA 448-1                     security@xxxxxxxxxx
http://www.debian.org/security/                             Matt Zimmerman
February 22nd, 2004                     http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package        : pwlib
Vulnerability  : several
Problem-Type   : remote
Debian-specific: no
CVE Id         : CAN-2004-0097
Debian bug     : 233888

Multiple vulnerabilities were discovered in pwlib, a library used to aid in writing 
portable applications, whereby a remote attacker could cause a denial of service or 
potentially execute arbitrary code.  This library is most notably used in several 
applications implementing the H.323 teleconferencing protocol, including the OpenH323 
suite, gnomemeeting and asterisk.

For the current stable distribution (woody) this problem has been fixed in version 
1.2.5-5woody1.

For the unstable distribution (sid), this problem will be fixed soon. Refer to Debian 
bug #233888 for details.

We recommend that you update your pwlib package.

Upgrade Instructions
- - --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody
- - --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/p/pwlib/pwlib_1.2.5-5woody1.dsc
      Size/MD5 checksum:      639 2e057d4bb38abbdfebe95ca2962a2733
    http://security.debian.org/pool/updates/main/p/pwlib/pwlib_1.2.5-5woody1.diff.gz
      Size/MD5 checksum:    34683 4f5b334e860eea238244d82d8084f6bb
    http://security.debian.org/pool/updates/main/p/pwlib/pwlib_1.2.5.orig.tar.gz
      Size/MD5 checksum:   749440 b320577dd1cff37cceea57c45de9de85

  Alpha architecture:

    http://security.debian.org/pool/updates/main/p/pwlib/asnparser_1.2.5-5woody1_alpha.deb
      Size/MD5 checksum:   130708 899913e27abbbaf9181e363fc5c00184
    http://security.debian.org/pool/updates/main/p/pwlib/libpt-1.2.0_1.2.5-5woody1_alpha.deb
      Size/MD5 checksum:   868610 579711836aa1cf6310b445f4f769074d
    http://security.debian.org/pool/updates/main/p/pwlib/libpt-dbg_1.2.5-5woody1_alpha.deb
      Size/MD5 checksum:  2270224 d51adae04e7caa1fb8c0c77c02ec366d
    http://security.debian.org/pool/updates/main/p/pwlib/libpt-dev_1.2.5-5woody1_alpha.deb
      Size/MD5 checksum:  1543738 9903ecfadacc28839ba71daebb2ce272

  ARM architecture:

    http://security.debian.org/pool/updates/main/p/pwlib/asnparser_1.2.5-5woody1_arm.deb
      Size/MD5 checksum:   133952 48cb63c89f21dad3e721bbc44d350824
    http://security.debian.org/pool/updates/main/p/pwlib/libpt-1.2.0_1.2.5-5woody1_arm.deb
      Size/MD5 checksum:   861230 a1d5d4f66be1c134039139e1d4b686fd
    http://security.debian.org/pool/updates/main/p/pwlib/libpt-dbg_1.2.5-5woody1_arm.deb
      Size/MD5 checksum:  1841968 a17d84ac845f1bd3ce70f6aab66026f6
    http://security.debian.org/pool/updates/main/p/pwlib/libpt-dev_1.2.5-5woody1_arm.deb
      Size/MD5 checksum:  1502856 d97cd24a9fca26db167d92ead0aa6077

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/p/pwlib/asnparser_1.2.5-5woody1_i386.deb
      Size/MD5 checksum:   112508 656f942f7909fb0d76f39973111d5839
    http://security.debian.org/pool/updates/main/p/pwlib/libpt-1.2.0_1.2.5-5woody1_i386.deb
      Size/MD5 checksum:   788502 c389e02adcf493e704c2a5a1b129a883
    http://security.debian.org/pool/updates/main/p/pwlib/libpt-dbg_1.2.5-5woody1_i386.deb
      Size/MD5 checksum:  1838780 aacb8d43274e1bed588659640d174a2d
    http://security.debian.org/pool/updates/main/p/pwlib/libpt-dev_1.2.5-5woody1_i386.deb
      Size/MD5 checksum:  1301568 c96d4b6b4004dd20dcf93f2b3081dcc3

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/p/pwlib/asnparser_1.2.5-5woody1_ia64.deb
      Size/MD5 checksum:   146510 f0f35a5d97c4e9c1bc4d71bc0c1f8d60
    http://security.debian.org/pool/updates/main/p/pwlib/libpt-1.2.0_1.2.5-5woody1_ia64.deb
      Size/MD5 checksum:   996212 e1bf67b0d5e64ba7910bc602b871e330
    http://security.debian.org/pool/updates/main/p/pwlib/libpt-dbg_1.2.5-5woody1_ia64.deb
      Size/MD5 checksum:  2466746 bf2a8caa6963954d1f7e95a978f76a5e
    http://security.debian.org/pool/updates/main/p/pwlib/libpt-dev_1.2.5-5woody1_ia64.deb
      Size/MD5 checksum:  1774658 7231677252682b0260e5c57469cb420f

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/p/pwlib/asnparser_1.2.5-5woody1_hppa.deb
      Size/MD5 checksum:   149596 707e83b5967383808e7f353754864cbd
    http://security.debian.org/pool/updates/main/p/pwlib/libpt-1.2.0_1.2.5-5woody1_hppa.deb
      Size/MD5 checksum:   991818 24b024ec88157f7d30bd853883b3aabd
    http://security.debian.org/pool/updates/main/p/pwlib/libpt-dbg_1.2.5-5woody1_hppa.deb
      Size/MD5 checksum:  2847570 b60a52e989ec6fe77edff22547013d13
    http://security.debian.org/pool/updates/main/p/pwlib/libpt-dev_1.2.5-5woody1_hppa.deb
      Size/MD5 checksum:  1993572 dafc6b5a2adec05e389489c344b70a75

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/p/pwlib/asnparser_1.2.5-5woody1_m68k.deb
      Size/MD5 checksum:   104312 e70cd451ac98f4d01615e1ec5096c816
    http://security.debian.org/pool/updates/main/p/pwlib/libpt-1.2.0_1.2.5-5woody1_m68k.deb
      Size/MD5 checksum:   858732 d513f7ca86a75a0b58cc2f120d47f05b
    http://security.debian.org/pool/updates/main/p/pwlib/libpt-dbg_1.2.5-5woody1_m68k.deb
      Size/MD5 checksum:  1891398 db5ec25f3f813da5be85a504ceae83bb
    http://security.debian.org/pool/updates/main/p/pwlib/libpt-dev_1.2.5-5woody1_m68k.deb
      Size/MD5 checksum:  1297004 b963c654b1cb7b66101b3cbe83c3494e

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/p/pwlib/asnparser_1.2.5-5woody1_mips.deb
      Size/MD5 checksum:   126130 86cb6659d891e1b9fecc915c1e06ea71
    http://security.debian.org/pool/updates/main/p/pwlib/libpt-1.2.0_1.2.5-5woody1_mips.deb
      Size/MD5 checksum:   758362 72c65ab5fd677f9a0f546f895142fe54
    http://security.debian.org/pool/updates/main/p/pwlib/libpt-dbg_1.2.5-5woody1_mips.deb
      Size/MD5 checksum:  1998404 15532db557ca3a7358330d30a3273cf1
    http://security.debian.org/pool/updates/main/p/pwlib/libpt-dev_1.2.5-5woody1_mips.deb
      Size/MD5 checksum:  1457282 248b40bcf4cb8a5a5c5b4074b457d001

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/p/pwlib/asnparser_1.2.5-5woody1_powerpc.deb
      Size/MD5 checksum:   107404 eadf9a2ae2a8672669b7692c53cf1e9e
    http://security.debian.org/pool/updates/main/p/pwlib/libpt-1.2.0_1.2.5-5woody1_powerpc.deb
      Size/MD5 checksum:   918814 3b180bd91862ae1f55f0d590359e6ffa
    http://security.debian.org/pool/updates/main/p/pwlib/libpt-dbg_1.2.5-5woody1_powerpc.deb
      Size/MD5 checksum:  2269394 12646912e9fead507821e021806b4dc5
    http://security.debian.org/pool/updates/main/p/pwlib/libpt-dev_1.2.5-5woody1_powerpc.deb
      Size/MD5 checksum:  1659834 9077a25b959e5a7b4d804936ee7f69bb

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/p/pwlib/asnparser_1.2.5-5woody1_s390.deb
      Size/MD5 checksum:    97532 1b421333f3099dc46539dc4df4078ce7
    http://security.debian.org/pool/updates/main/p/pwlib/libpt-1.2.0_1.2.5-5woody1_s390.deb
      Size/MD5 checksum:   832288 5f4ce30d3fc952317ca233dbd986ad3e
    http://security.debian.org/pool/updates/main/p/pwlib/libpt-dbg_1.2.5-5woody1_s390.deb
      Size/MD5 checksum:  1930542 e738de76f0665c761f5ff309ed238fa2
    http://security.debian.org/pool/updates/main/p/pwlib/libpt-dev_1.2.5-5woody1_s390.deb
      Size/MD5 checksum:  1307926 08e82668880d288c18f472bf291a187c

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/p/pwlib/asnparser_1.2.5-5woody1_sparc.deb
      Size/MD5 checksum:   105478 19ef591ed5fbd335e3a1d6cf33e177f6
    http://security.debian.org/pool/updates/main/p/pwlib/libpt-1.2.0_1.2.5-5woody1_sparc.deb
      Size/MD5 checksum:   781956 52cb039ef81f2ff5dd1e8b897063e304
    http://security.debian.org/pool/updates/main/p/pwlib/libpt-dbg_1.2.5-5woody1_sparc.deb
      Size/MD5 checksum:  1906046 049defa3090dc3a97a73c6e6d194d603
    http://security.debian.org/pool/updates/main/p/pwlib/libpt-dev_1.2.5-5woody1_sparc.deb
      Size/MD5 checksum:  1367208 b10e687e83792b0897872431bee9e118

  These files will probably be moved into the stable distribution on
  its next revision.

_____________________________________________________________________________________________

- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main 
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main 
Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> 

- ----------------------------------------------------------------------------------

For additional information or assistance, please contact the HELP Desk by 
telephone or Not Protectively Marked information may be sent via 
EMail to: uniras@xxxxxxxxxxxx

Office Hours:
Mon - Fri: 08:30 - 17:00 Hrs
Tel: +44 (0) 20 7821 1330 Ext 4511
Fax: +44 (0) 20 7821 1686

Outside of Office Hours:
On Call Duty Officer:
Tel: +44 (0) 20 7821 1330 and follow the prompts

- ----------------------------------------------------------------------------------
UNIRAS wishes to acknowledge the contributions of Debian for the information 
contained in this Briefing. 
- ----------------------------------------------------------------------------------
This Briefing contains the information released by the original author. Some 
of the information may have changed since it was released. If the vulnerability 
affects you, it may be prudent to retrieve the advisory from the canonical site 
to ensure that you receive the most current information concerning that problem.

Reference to any specific commercial product, process, or service by trade 
name, trademark manufacturer, or otherwise, does not constitute or imply 
its endorsement, recommendation, or favouring by UNIRAS or NISCC.  The views 
and opinions of authors expressed within this notice shall not be used for 
advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors 
or omissions contained within this briefing notice. In particular, they shall 
not be liable for any loss or damage whatsoever, arising from or in connection 
with the usage of information contained within this notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams (FIRST) 
and has contacts with other international Incident Response Teams (IRTs) in 
order to foster cooperation and coordination in incident prevention, to prompt 
rapid reaction to incidents, and to promote information sharing amongst its 
members and the community at large. 
- ----------------------------------------------------------------------------------
<End of UNIRAS Briefing>

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQCVAwUBQD3J24pao72zK539AQFgDQQAqXrqphWaGuJ+aeSeSO+CPojrGqkesxgh
mdtlnng3fpSjM5dFJTJnZ3L8xXDvLoQI6Qz9J6sBtoMKpLfjXNnnLptCTCE2+nLj
kqNKDEoFD5h5Ejoc5yq352zqVTIG3G/WTTca0Ttyo4OaGun1/yXXhLmjubbA+9uO
04lBOLQ8scU=
=l5Id
-----END PGP SIGNATURE-----