[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 990/05 - Debian Security Advisory: DSA 911-1 - gtk+2.0



-----BEGIN PGP SIGNED MESSAGE-----

- ----------------------------------------------------------------------------------
   UNIRAS (UK Govt CERT) Briefing Notice - 990/05 dated 30.11.05  Time: 14:25  
  UNIRAS is part of NISCC (National Infrastructure Security Co-ordination Centre)
- ---------------------------------------------------------------------------------- 
  UNIRAS material is also available from its website at www.uniras.gov.uk and
         Information about NISCC is available from www.niscc.gov.uk
- ----------------------------------------------------------------------------------

Title
=====

Debian Security Advisory: DSA 911-1 - gtk+2.0    

Detail
====== 

Several vulnerabilities have been found in gtk+2.0, the Gtk+ GdkPixBuf 
XPM image rendering library.  The Common Vulnerabilities and Exposures 
project identifies the following problems.

- -----BEGIN PGP SIGNED MESSAGE----- 
Hash: SHA1 

- - -------------------------------------------------------------------------- 
Debian Security Advisory DSA 911-1                     security@xxxxxxxxxx 
http://www.debian.org/security/                             Martin Schulze 
November 29th, 2005                     http://www.debian.org/security/faq 
- - -------------------------------------------------------------------------- 

Package        : gtk+2.0 
Vulnerability  : several 
Problem type   : remote 
Debian-specific: no 
CVE IDs        : CVE-2005-2975 CVE-2005-2976 CVE-2005-3186 
BugTraq ID     : 15428 
Debian Bug     : 339431 

Several vulnerabilities have been found in gtk+2.0, the Gtk+ GdkPixBuf 
XPM image rendering library.  The Common Vulnerabilities and Exposures 
project identifies the following problems: 

CVE-2005-2975 

    Ludwig Nussel discovered an infinite loop when processing XPM 
    images that allows an attacker to cause a denial of service via a 
    specially crafted XPM file. 

CVE-2005-2976 

    Ludwig Nussel discovered an integer overflow in the way XPM images 
    are processed that could lead to the execution of arbitrary code 
    or crash the application via a specially crafted XPM file. 

CVE-2005-3186 

    "infamous41md" discovered an integer in the XPM processing routine 
    that can be used to execute arbitrary code via a traditional heap 
    overflow. 

The following matrix explains which versions fix these problems: 

             old stable (woody)    stable (sarge)   unstable (sid) 
gdk-pixbuf     0.17.0-2woody3        0.22.0-8.1       0.22.0-11 
gtk+2.0         2.0.2-5woody3         2.6.4-3.1        2.6.10-2 

We recommend that you upgrade your gtk+2.0 packages. 


Upgrade Instructions 
- - -------------------- 

wget url 
        will fetch the file for you 
dpkg -i file.deb 
        will install the referenced file. 

If you are using the apt-get package manager, use the line for 
sources.list as given below: 

apt-get update 
        will update the internal database 
apt-get upgrade 
        will install corrected packages 

You may use an automated update by adding the resources from the 
footer to the proper configuration. 


Debian GNU/Linux 3.0 alias woody 
- - -------------------------------- 

  Source archives: 

    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk+2.0_2.0.2-5woody3.dsc 
      Size/MD5 checksum:      863 2c19c0b3843d6003e5561830e80aec28 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk+2.0_2.0.2-5woody3.diff.gz 
      Size/MD5 checksum:    48155 4035c2ee98fd6c0dde2c6d73d252c6e4 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk+2.0_2.0.2.orig.tar.gz 
      Size/MD5 checksum:  7835836 dc80381b84458d944c5300a1672c099c 

  Architecture independent components: 

    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-doc_2.0.2-5woody3_all.deb 
      Size/MD5 checksum:  1379440 c1501024119c24ed506990384e52c660 

  Alpha architecture: 

    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.0.2-5woody3_alpha.deb 
      Size/MD5 checksum:   221376 ed09b3dbbed147b7be1820048f832593 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk-common_2.0.2-5woody3_alpha.deb 
      Size/MD5 checksum:     1104 ed3650ca259b534fc67c03a833a6a6f7 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.0.2-5woody3_alpha.deb 
      Size/MD5 checksum:  1586026 7bda54cc76e8eefbb2395f397d3cc7c6 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-common_2.0.2-5woody3_alpha.deb 
      Size/MD5 checksum:   595890 eca337b48cb5c2894bec95b0765ba65e 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dbg_2.0.2-5woody3_alpha.deb 
      Size/MD5 checksum:  5878258 5ea4f1fad5efe6d3344bfc13b3addc65 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dev_2.0.2-5woody3_alpha.deb 
      Size/MD5 checksum:   178326 285885ccfc39722d26950f0bada6c867 

  ARM architecture: 

    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.0.2-5woody3_arm.deb 
      Size/MD5 checksum:   215182 5be1bc9cfaa8086536f6e3a165fd930e 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk-common_2.0.2-5woody3_arm.deb 
      Size/MD5 checksum:     1100 0a29371fc6cac98e6545ff12b76d7847 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.0.2-5woody3_arm.deb 
      Size/MD5 checksum:  1420128 02ddea0ef1473ea7775d912fb1e3b91c 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-common_2.0.2-5woody3_arm.deb 
      Size/MD5 checksum:   595368 ff659a4540d523aac34decb6eff1f297 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dbg_2.0.2-5woody3_arm.deb 
      Size/MD5 checksum:  2903986 02aa5794bcfa4aa9599f7ce6f28f8d6d 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dev_2.0.2-5woody3_arm.deb 
      Size/MD5 checksum:   177280 309dd451617141fb027c9bcd033790ea 

  Intel IA-32 architecture: 

    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.0.2-5woody3_i386.deb 
      Size/MD5 checksum:   215480 c82e1af319f9f5949caab2938717b8e4 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk-common_2.0.2-5woody3_i386.deb 
      Size/MD5 checksum:     1106 9d59680c9fa9ba60219f296d7959726b 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.0.2-5woody3_i386.deb 
      Size/MD5 checksum:  1289508 e353ab4cf8ba7d8d3a85948d7160ce99 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-common_2.0.2-5woody3_i386.deb 
      Size/MD5 checksum:   595390 82104b484be3b874e0af857cb37a790b 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dbg_2.0.2-5woody3_i386.deb 
      Size/MD5 checksum:  2722172 be34f43c3d39e4df7c9ac4ec558d8e75 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dev_2.0.2-5woody3_i386.deb 
      Size/MD5 checksum:   177124 0c6e637485b5925c10180483ed989ba4 

  Intel IA-64 architecture: 

    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.0.2-5woody3_ia64.deb 
      Size/MD5 checksum:   231234 1ca5b216a2567c33ac780304dba4be5d 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk-common_2.0.2-5woody3_ia64.deb 
      Size/MD5 checksum:     1100 15327d5515c0d1a161cc5b61b86b22ce 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.0.2-5woody3_ia64.deb 
      Size/MD5 checksum:  2077588 901d4767fb27fe07d7ed13725ccdd2b8 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-common_2.0.2-5woody3_ia64.deb 
      Size/MD5 checksum:   596730 fd38392178172446f0bc716061be5209 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dbg_2.0.2-5woody3_ia64.deb 
      Size/MD5 checksum:  9450266 a17f9d4a6dab77314a1b93549f10a3bd 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dev_2.0.2-5woody3_ia64.deb 
      Size/MD5 checksum:   178702 a1f72b3672cd240cd911d6b3a451f80e 

  HP Precision architecture: 

    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.0.2-5woody3_hppa.deb 
      Size/MD5 checksum:   220956 edd51b44537f51e470d8b2943c309952 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk-common_2.0.2-5woody3_hppa.deb 
      Size/MD5 checksum:     1108 314dabcc5226bce8f63a8df5a252b584 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.0.2-5woody3_hppa.deb 
      Size/MD5 checksum:  1718118 ca53b11b4294c94ff8c4f9f72437b6e7 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-common_2.0.2-5woody3_hppa.deb 
      Size/MD5 checksum:   595688 50571f1e4793bdc9e169132defa1693a 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dbg_2.0.2-5woody3_hppa.deb 
      Size/MD5 checksum:  3317050 fef66e14343d589e06cb244b6374bb38 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dev_2.0.2-5woody3_hppa.deb 
      Size/MD5 checksum:   177778 718d0b01ad8a46e50dd28b7999a84231 

  Motorola 680x0 architecture: 

    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.0.2-5woody3_m68k.deb 
      Size/MD5 checksum:   215174 2fb7d0afdfac137895e5fb343f6861f9 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk-common_2.0.2-5woody3_m68k.deb 
      Size/MD5 checksum:     1106 fac1df7c4af7bc5b21680a3a6644ce67 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.0.2-5woody3_m68k.deb 
      Size/MD5 checksum:  1331670 f55e5b35c28b2639eb13dc9bb32f1347 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-common_2.0.2-5woody3_m68k.deb 
      Size/MD5 checksum:   595384 b36ebd35c01f490348ed9817079700d6 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dbg_2.0.2-5woody3_m68k.deb 
      Size/MD5 checksum:  2833584 c18bb1755fb31d6da4f8093fe3c03060 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dev_2.0.2-5woody3_m68k.deb 
      Size/MD5 checksum:   177022 a159f5a1121c260673aee75b2e5bea2d 

  Big endian MIPS architecture: 

    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.0.2-5woody3_mips.deb 
      Size/MD5 checksum:   216496 c38396a00cb755ddaddc8047329a664a 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk-common_2.0.2-5woody3_mips.deb 
      Size/MD5 checksum:     1104 23407e61f23a3021ebd5871871013773 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.0.2-5woody3_mips.deb 
      Size/MD5 checksum:  1384584 f740703f3077ecfce8c41f264a63cf1a 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-common_2.0.2-5woody3_mips.deb 
      Size/MD5 checksum:   595738 0ae33fcedb001ade8548419a11492707 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dbg_2.0.2-5woody3_mips.deb 
      Size/MD5 checksum:  4934158 4289111f54a5c6023dfe37b081a8a22a 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dev_2.0.2-5woody3_mips.deb 
      Size/MD5 checksum:   177506 e9f92a71bd505feb58ffe7e131e4244e 

  Little endian MIPS architecture: 

    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.0.2-5woody3_mipsel.deb 
      Size/MD5 checksum:   216170 16933f5e26cf8aa335958943e4a8bd98 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk-common_2.0.2-5woody3_mipsel.deb 
      Size/MD5 checksum:     1104 23657699ac0cced8d77adb7baffe1e78 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.0.2-5woody3_mipsel.deb 
      Size/MD5 checksum:  1375132 9d605722fdab1a9dd5f9830af7da0e67 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-common_2.0.2-5woody3_mipsel.deb 
      Size/MD5 checksum:   595706 648f12a77e737b06e14797407f6617ca 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dbg_2.0.2-5woody3_mipsel.deb 
      Size/MD5 checksum:  4789004 398536470f317e5e2d3f50fdfaab1bc5 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dev_2.0.2-5woody3_mipsel.deb 
      Size/MD5 checksum:   177480 12f2e0288223289532430e4c96f76fd2 

  PowerPC architecture: 

    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.0.2-5woody3_powerpc.deb 
      Size/MD5 checksum:   215246 bac105a786f6085110017cbfbc001ffb 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk-common_2.0.2-5woody3_powerpc.deb 
      Size/MD5 checksum:     1106 2e1df3200d2fa60f1480e8a62515d50d 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.0.2-5woody3_powerpc.deb 
      Size/MD5 checksum:  1505610 9560968696c020d1d4b0d76fa07844d0 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-common_2.0.2-5woody3_powerpc.deb 
      Size/MD5 checksum:   595432 12b496e50c8bd7c822d0e05fa378f6df 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dbg_2.0.2-5woody3_powerpc.deb 
      Size/MD5 checksum:  2980722 d112daa322581d876b7875f05f02aeca 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dev_2.0.2-5woody3_powerpc.deb 
      Size/MD5 checksum:   177308 b192c4a7e154ac33571a0c0b31a2f5ac 

  IBM S/390 architecture: 

    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.0.2-5woody3_s390.deb 
      Size/MD5 checksum:   218074 f82c50d7854a0b52005d702f6f969d64 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk-common_2.0.2-5woody3_s390.deb 
      Size/MD5 checksum:     1102 43c949763c6a96d0e6cb9ec1f24c388d 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.0.2-5woody3_s390.deb 
      Size/MD5 checksum:  1447638 47636343d961b7a0a64c006dd97a15a2 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-common_2.0.2-5woody3_s390.deb 
      Size/MD5 checksum:   595634 097a1c2b9090ede08fd57cd7c4b7c0bd 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dbg_2.0.2-5woody3_s390.deb 
      Size/MD5 checksum:  3004574 56fbb2eb95210ce8547ccbaab380df19 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dev_2.0.2-5woody3_s390.deb 
      Size/MD5 checksum:   177374 d6e449c54fa3ae768932382b09801ed8 

  Sun Sparc architecture: 

    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.0.2-5woody3_sparc.deb 
      Size/MD5 checksum:   216190 70d05edded855a56b8ed92b735a54e1b 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk-common_2.0.2-5woody3_sparc.deb 
      Size/MD5 checksum:     1104 35d308fd4d0171f8363f09cfce189f63 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.0.2-5woody3_sparc.deb 
      Size/MD5 checksum:  1434226 7b892592d104c9965240d6ac66bca9ba 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-common_2.0.2-5woody3_sparc.deb 
      Size/MD5 checksum:   595324 1392262c2a82832aae38b5c78f04f3bb 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dbg_2.0.2-5woody3_sparc.deb 
      Size/MD5 checksum:  2872174 6ead4c78c5cc9c008cd4f05ab3823ba3 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dev_2.0.2-5woody3_sparc.deb 
      Size/MD5 checksum:   177182 2be94de14832d7bf602c942fea220204 


Debian GNU/Linux 3.1 alias sarge 
- - -------------------------------- 

  Source archives: 

    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk+2.0_2.6.4-3.1.dsc 
      Size/MD5 checksum:     2000 876d42d456f4c65949fe326d4603d0a6 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk+2.0_2.6.4-3.1.diff.gz 
      Size/MD5 checksum:    49387 743d43246b74d208e704b0a8212625df 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk+2.0_2.6.4.orig.tar.gz 
      Size/MD5 checksum: 16354198 a3ab72c9c80384fb707b992eb8b43c13 

  Architecture independent components: 

    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-common_2.6.4-3.1_all.deb 
      Size/MD5 checksum:  2983652 b84d91a0e62bc5294208e39a10d8f875 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-doc_2.6.4-3.1_all.deb 
      Size/MD5 checksum:  2317798 2b12f72ddc801222745fba5784f0d30a 

  Alpha architecture: 

    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2-engines-pixbuf_2.6.4-3.1_alpha.deb 
      Size/MD5 checksum:    62274 8efa86fa72b71c8e1ffdcf569bdd3bf9 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.6.4-3.1_alpha.deb 
      Size/MD5 checksum:   268572 aa3ae47b77c14ae4e1763c8199994264 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.6.4-3.1_alpha.deb 
      Size/MD5 checksum:  2463284 b46cb55a251b626f39c88484175a4eda 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0-dbg_2.6.4-3.1_alpha.deb 
      Size/MD5 checksum: 17691386 e42711f63e75be8961dd277a882c6331 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-bin_2.6.4-3.1_alpha.deb 
      Size/MD5 checksum:    20884 a150efa24ea5521aac282fb289f7cb90 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dev_2.6.4-3.1_alpha.deb 
      Size/MD5 checksum:  8475038 57a1cdf6dd1a43188bdab145f472ee75 

  AMD64 architecture: 

    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2-engines-pixbuf_2.6.4-3.1_amd64.deb 
      Size/MD5 checksum:    55272 4807db987b4f1ae1a1ce83f995e15b85 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.6.4-3.1_amd64.deb 
      Size/MD5 checksum:   263204 ec67df85400b5970d1d983928537e5cf 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.6.4-3.1_amd64.deb 
      Size/MD5 checksum:  2199236 84e0e79ee05b3f8368e28a3f7566df45 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0-dbg_2.6.4-3.1_amd64.deb 
      Size/MD5 checksum: 17653866 b0c569bd51812ed574e59095637d6e73 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-bin_2.6.4-3.1_amd64.deb 
      Size/MD5 checksum:    19672 6909052aa7ba8ee968b58b8e89bf2388 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dev_2.6.4-3.1_amd64.deb 
      Size/MD5 checksum:  7615034 65cf59aefee1022990492a18d4a132ab 

  ARM architecture: 

    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2-engines-pixbuf_2.6.4-3.1_arm.deb 
      Size/MD5 checksum:    52910 b44bfd00c91685e787729ab6e3f7e9a6 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.6.4-3.1_arm.deb 
      Size/MD5 checksum:   255640 1e9e352aeaf2652cfe18dcfa69668543 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.6.4-3.1_arm.deb 
      Size/MD5 checksum:  2042744 f23c0f10108b093dd7159f2fc250f54e 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0-dbg_2.6.4-3.1_arm.deb 
      Size/MD5 checksum: 17599402 b2db72cde1646ff9c137db8d4c519e86 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-bin_2.6.4-3.1_arm.deb 
      Size/MD5 checksum:    18138 f77d55c822f498beefb001ec9cc469fa 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dev_2.6.4-3.1_arm.deb 
      Size/MD5 checksum:  7478104 89254e98a3da4f85de96a84b927cbde9 

  Intel IA-32 architecture: 

    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2-engines-pixbuf_2.6.4-3.1_i386.deb 
      Size/MD5 checksum:    51142 54ac82ff996e06087721a12edca85ca0 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.6.4-3.1_i386.deb 
      Size/MD5 checksum:   260184 9562defc5dd5d78d3eac97ac79c0f1b6 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.6.4-3.1_i386.deb 
      Size/MD5 checksum:  2097270 8dedb3a4d88d4aeb64f0b3be221b25e2 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0-dbg_2.6.4-3.1_i386.deb 
      Size/MD5 checksum: 17534636 1f90e641d602fb9aef7233c8f2fdc374 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-bin_2.6.4-3.1_i386.deb 
      Size/MD5 checksum:    18194 eb658bed31f5fa07d5ac7fe194dbd50e 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dev_2.6.4-3.1_i386.deb 
      Size/MD5 checksum:  7234930 bb53cc8a482cf455ea1b0c913d6cd2cb 

  Intel IA-64 architecture: 

    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2-engines-pixbuf_2.6.4-3.1_ia64.deb 
      Size/MD5 checksum:    68508 d73110728702e8c59323435310b78aa2 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.6.4-3.1_ia64.deb 
      Size/MD5 checksum:   276954 94f3ec8cdf10daa527e65993f39834ad 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.6.4-3.1_ia64.deb 
      Size/MD5 checksum:  2894720 05a6507d6de9eaebd36168a293b8077d 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0-dbg_2.6.4-3.1_ia64.deb 
      Size/MD5 checksum: 17741224 ad54e2f45926cd52618f0eecdd9ebe34 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-bin_2.6.4-3.1_ia64.deb 
      Size/MD5 checksum:    22406 bc869ec76246419c8d0921b8cd79942b 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dev_2.6.4-3.1_ia64.deb 
      Size/MD5 checksum:  8622734 06e087a2328df617cc742e301df62753 

  HP Precision architecture: 

    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2-engines-pixbuf_2.6.4-3.1_hppa.deb 
      Size/MD5 checksum:    60060 99a7e167fcba943ebeff9f4268055623 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.6.4-3.1_hppa.deb 
      Size/MD5 checksum:   263712 2cbbaede3e2498c6a7a27cf6b36186e2 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.6.4-3.1_hppa.deb 
      Size/MD5 checksum:  2464528 bbf763c89d4f57fcd9e00b679d5d28ac 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0-dbg_2.6.4-3.1_hppa.deb 
      Size/MD5 checksum: 17801132 f1ee34b603b0fd82d0f5c884a80b65c3 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-bin_2.6.4-3.1_hppa.deb 
      Size/MD5 checksum:    19744 13930708ce9c937d039755ee09a65324 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dev_2.6.4-3.1_hppa.deb 
      Size/MD5 checksum:  8408548 321bc004724d528e249865c03a4e6aab 

  Motorola 680x0 architecture: 

    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2-engines-pixbuf_2.6.4-3.1_m68k.deb 
      Size/MD5 checksum:    47752 8721dd7e1931aefd72ff6c23e667355a 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.6.4-3.1_m68k.deb 
      Size/MD5 checksum:   255414 b8e6fd4222ca20dec668bfab34024211 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.6.4-3.1_m68k.deb 
      Size/MD5 checksum:  2045046 a74b3ecc5d12d6566bb3def13eea2ee4 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0-dbg_2.6.4-3.1_m68k.deb 
      Size/MD5 checksum: 17822784 dccea1d9ae943c4efaf1f556c5e7d16c 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-bin_2.6.4-3.1_m68k.deb 
      Size/MD5 checksum:    18100 e2fcdfba8eae770d0d091a16147b02be 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dev_2.6.4-3.1_m68k.deb 
      Size/MD5 checksum:  7584802 a8f06db2e97fdca5d7131641cb87e6fc 

  Big endian MIPS architecture: 

    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2-engines-pixbuf_2.6.4-3.1_mips.deb 
      Size/MD5 checksum:    55698 2e233ae546e0e6bd0b0b0acdb97dc280 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.6.4-3.1_mips.deb 
      Size/MD5 checksum:   259924 3290adf3c203e0d44ba2a80f8bbb4f6e 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.6.4-3.1_mips.deb 
      Size/MD5 checksum:  2122598 205e050434251cc386a5ed78f1be4dec 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0-dbg_2.6.4-3.1_mips.deb 
      Size/MD5 checksum: 17885036 ef05b92517ee66fea11ad51e8737d9b6 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-bin_2.6.4-3.1_mips.deb 
      Size/MD5 checksum:    22858 58f33e26cba9e2c570aa3f71c4a86d1b 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dev_2.6.4-3.1_mips.deb 
      Size/MD5 checksum:  8298762 f5eb185ce2ff53a530ee35b7aadd0d69 

  Little endian MIPS architecture: 

    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2-engines-pixbuf_2.6.4-3.1_mipsel.deb 
      Size/MD5 checksum:    55630 3ffbc3c391c376a88b59127dbd3d9811 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.6.4-3.1_mipsel.deb 
      Size/MD5 checksum:   259836 605358dfcd79e6d26af498a71266df91 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.6.4-3.1_mipsel.deb 
      Size/MD5 checksum:  2123080 91894a08c3dc6607e27c373281b6d9c8 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0-dbg_2.6.4-3.1_mipsel.deb 
      Size/MD5 checksum: 17651848 1db2645552e19d37204c58a671ef89b6 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-bin_2.6.4-3.1_mipsel.deb 
      Size/MD5 checksum:    22924 d6f5ba287f9569a3c45d14253895cf22 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dev_2.6.4-3.1_mipsel.deb 
      Size/MD5 checksum:  7745414 985800b5a5e3ffab531efefa2b896d2b 

  PowerPC architecture: 

    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2-engines-pixbuf_2.6.4-3.1_powerpc.deb 
      Size/MD5 checksum:    56914 ab390a6e0de776bfe600d9fda732152a 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.6.4-3.1_powerpc.deb 
      Size/MD5 checksum:   260204 e89efb3f0c1b01d1230efbf4e40c7e8b 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.6.4-3.1_powerpc.deb 
      Size/MD5 checksum:  2187944 66fc71b309ffa82890c607cd99a4fdf2 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0-dbg_2.6.4-3.1_powerpc.deb 
      Size/MD5 checksum: 28593970 dc9734cbb0718815e33808ca4f82a143 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-bin_2.6.4-3.1_powerpc.deb 
      Size/MD5 checksum:    22188 1e9a28597a9b214424878199b40e9fef 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dev_2.6.4-3.1_powerpc.deb 
      Size/MD5 checksum:  8260248 d9407df720a9bc7ebfdfea5e9be20a2d 

  IBM S/390 architecture: 

    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2-engines-pixbuf_2.6.4-3.1_s390.deb 
      Size/MD5 checksum:    55302 5a77b24f45d5a31c0cdd4ad24a3e0666 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.6.4-3.1_s390.deb 
      Size/MD5 checksum:   262564 75f285e192a63e8342fcd59f7e4b503f 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.6.4-3.1_s390.deb 
      Size/MD5 checksum:  2294784 4781127b291fe5ece91dc62c32f89757 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0-dbg_2.6.4-3.1_s390.deb 
      Size/MD5 checksum: 18179652 087628d587f2c29d5a996778d99f1352 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-bin_2.6.4-3.1_s390.deb 
      Size/MD5 checksum:    19580 002d9074502272e35fb17f26cd1497a1 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dev_2.6.4-3.1_s390.deb 
      Size/MD5 checksum:  8354106 f86a8301975bbd943bba7af3bb625ae3 

  Sun Sparc architecture: 

    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2-engines-pixbuf_2.6.4-3.1_sparc.deb 
      Size/MD5 checksum:    50952 0670511a0028098bb2b7e8a91d195220 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.6.4-3.1_sparc.deb 
      Size/MD5 checksum:   256562 d35492a1f6de84c96ea0f31ebf250c4c 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.6.4-3.1_sparc.deb 
      Size/MD5 checksum:  2137976 d2d31e848e05dc062336f80d3bdb310a 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0-dbg_2.6.4-3.1_sparc.deb 
      Size/MD5 checksum: 17714380 0ae0a52d3c00e951b1b9d737d94d19a5 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-bin_2.6.4-3.1_sparc.deb 
      Size/MD5 checksum:    17894 b9628edefc91fa4101780b56c69c86a8 
    http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dev_2.6.4-3.1_sparc.deb 
      Size/MD5 checksum:  7951126 87b73953c3fa278472e0b4150c160326 


  These files will probably be moved into the stable distribution on 
  its next update. 

- - --------------------------------------------------------------------------------- 
For apt-get: deb http://security.debian.org/ stable/updates main 
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main 
Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx 
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> 

- -----BEGIN PGP SIGNATURE----- 
Version: GnuPG v1.4.2 (GNU/Linux) 

iD8DBQFDjHaQW5ql+IAeqTIRAlMLAKCAekILuNT3EybPcdy7e2mx799J8ACgrS3N 
77qFF4Y0NUfb3lc3o3fYIRo= 
=VBiG 
- -----END PGP SIGNATURE----- 





- ----------------------------------------------------------------------------------

For additional information or assistance, please contact the HELP Desk by 
telephone or Not Protectively Marked information may be sent via 
EMail to: uniras@xxxxxxxxxxxx

Office Hours:
Mon - Fri: 08:30 - 17:00 Hrs
Tel: +44 (0) 870 487 0748 Ext 4511
Fax: +44 (0) 870 487 0749

Outside of Office Hours:
On Call Duty Officer:
Tel: +44 (0) 870 487 0748 and follow the prompts

- ----------------------------------------------------------------------------------
UNIRAS wishes to acknowledge the contributions of Debian for the information 
contained in this Briefing. 
- ----------------------------------------------------------------------------------
This Briefing contains the information released by the original author. Some 
of the information may have changed since it was released. If the vulnerability 
affects you, it may be prudent to retrieve the advisory from the canonical site 
to ensure that you receive the most current information concerning that problem.

Reference to any specific commercial product, process, or service by trade 
name, trademark manufacturer, or otherwise, does not constitute or imply 
its endorsement, recommendation, or favouring by UNIRAS or NISCC.  The views 
and opinions of authors expressed within this notice shall not be used for 
advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors 
or omissions contained within this briefing notice. In particular, they shall 
not be liable for any loss or damage whatsoever, arising from or in connection 
with the usage of information contained within this notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams (FIRST) 
and has contacts with other international Incident Response Teams (IRTs) in 
order to foster cooperation and coordination in incident prevention, to prompt 
rapid reaction to incidents, and to promote information sharing amongst its 
members and the community at large. 
- ----------------------------------------------------------------------------------
<End of UNIRAS Briefing>

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQCVAwUBQ4210opao72zK539AQGxFgP/UFy9KWEbk9VTmrEXc4hIgegQrUa6GhTW
ZKRIHqSlhP7hHJZNKV7CG4jusEl65gp0UZWNGuAfJ4xJuWIW12DVWvqB0WkUy9o4
D2y1I2IEmunZwI6/Jb5SVw0ONDohq1DEpdCfab/f/kCWw1mFfdL5KQIUUycd3qOu
OA1ohzOLoko=
=fCg6
-----END PGP SIGNATURE-----


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________