[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 116/04 - Three Debian Security Advisories



 
-----BEGIN PGP SIGNED MESSAGE-----

- - ----------------------------------------------------------------------------------
   UNIRAS (UK Govt CERT) Briefing Notice - 116/04 dated 11.03.04  Time: 13:00  
  UNIRAS is part of NISCC (National Infrastructure Security Co-ordination Centre)
- - ---------------------------------------------------------------------------------- 
  UNIRAS material is also available from its website at www.uniras.gov.uk and
         Information about NISCC is available from www.niscc.gov.uk
- - ----------------------------------------------------------------------------------

Title
=====

Three Debian Security Advisories:

1. New python2.2 packages fix buffer overflow.

2. New kdelibs, kdelibs-crypto packages fix cookie traversal bug.

3. New sysstat packages fix insecure temporary file creation.



Detail
====== 

1. Sebastian Schmidt discovered a buffer overflow bug in Python's getaddrinfo function, 
which could allow an IPv6 address, supplied by a remote attacker via DNS, to overwrite memory on the stack.

2. A vulnerability was discovered in KDE where the path restrictions on cookies could be bypassed using encoded relative path components (e.g., "/../").  This means that a cookie which should only be sent by the browser to an application running at /app1, the browser could inadvertently include it with a request sent to /app2 on the same server.

3. Alan Cox discovered that the isag utility (which graphically displays data collected by the sysstat tools), creates a temporary file without taking proper precautions.  This vulnerability could allow a local attacker to overwrite files with the privileges of the 
user invoking isag.



1.

- - - --------------------------------------------------------------------------
Debian Security Advisory DSA 458-1                     security@xxxxxxxxxx
http://www.debian.org/security/                             Matt Zimmerman
March 9th, 2004                         http://www.debian.org/security/faq
- - - --------------------------------------------------------------------------

Package        : python2.2
Vulnerability  : buffer overflow
Problem-Type   : remote
Debian-specific: no
CVE Ids        : CAN-2004-0150

Sebastian Schmidt discovered a buffer overflow bug in Python's getaddrinfo function, which could allow an IPv6 address, supplied by a remote attacker via DNS, to overwrite memory on the stack.

This bug only exists in python 2.2 and 2.2.1, and only when IPv6 support is disabled.  The python2.2 package in Debian woody meets these conditions (the 'python' package does not).

For the stable distribution (woody), this bug has been fixed in version 2.2.1-4.3.

The unstable distribution (sid) is not affected by this bug.

We recommend that you update your python2.2 package.

Upgrade Instructions
- - - --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody
- - - --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/p/python2.2/python2.2_2.2.1-4.3.dsc
      Size/MD5 checksum:     1150 026cac287c887609b61eb9fa776d08e7
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2_2.2.1-4.3.diff.gz
      Size/MD5 checksum:    92168 5490c5305412b26e913ef0c9d3942f92
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2_2.2.1.orig.tar.gz
      Size/MD5 checksum:  6536167 88aa07574673ccfaf35904253c78fc7d

  Architecture independent components:

    http://security.debian.org/pool/updates/main/p/python2.2/idle-python2.2_2.2.1-4.3_all.deb
      Size/MD5 checksum:   112800 2f7bbe87cd65fc46d692549fdc2ae27a
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-doc_2.2.1-4.3_all.deb
      Size/MD5 checksum:  1307068 dda8d059664d4b8ee062ac3e10b844a9
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-elisp_2.2.1-4.3_all.deb
      Size/MD5 checksum:    49874 31d0c5a9eae3e2d3871bd6aabb36cbc0
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-examples_2.2.1-4.3_all.deb
      Size/MD5 checksum:   477558 50bad66b5dbceb48eea56527266290ec

  Alpha architecture:

    http://security.debian.org/pool/updates/main/p/python2.2/python2.2_2.2.1-4.3_alpha.deb
      Size/MD5 checksum:  2139014 4513103ad2a30bb36a5b6084770a33ad
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-dev_2.2.1-4.3_alpha.deb
      Size/MD5 checksum:   863556 f7a9616d790f93a4d91de3d2274d55b7
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-gdbm_2.2.1-4.3_alpha.deb
      Size/MD5 checksum:    17888 5a97553b3f1d739676284ce7589011d6
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-mpz_2.2.1-4.3_alpha.deb
      Size/MD5 checksum:    21522 4824c04e78ff693517f079aeb31facf8
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-tk_2.2.1-4.3_alpha.deb
      Size/MD5 checksum:    86040 36c357ee7a8d70f39185d896ec52d573
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-xmlbase_2.2.1-4.3_alpha.deb
      Size/MD5 checksum:    52100 484c5a2ccd5ec619efa21ee4e679b548

  ARM architecture:

    http://security.debian.org/pool/updates/main/p/python2.2/python2.2_2.2.1-4.3_arm.deb
      Size/MD5 checksum:  1951662 f74c8b28ecda2c514e590ef1caa85ac3
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-dev_2.2.1-4.3_arm.deb
      Size/MD5 checksum:   774368 500a8ad4163ce2fa9f1add1262f55b52
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-gdbm_2.2.1-4.3_arm.deb
      Size/MD5 checksum:    16714 147ef5558199d5549106fe7c14f9cc8d
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-mpz_2.2.1-4.3_arm.deb
      Size/MD5 checksum:    19960 fcb3839792b43f2cb1a62eadee44a077
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-tk_2.2.1-4.3_arm.deb
      Size/MD5 checksum:    84344 b1e4c75a260568cf6e5f9335b94fee49
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-xmlbase_2.2.1-4.3_arm.deb
      Size/MD5 checksum:    49558 e28e462a68fd73fc9851e43fcd1185a2

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/p/python2.2/python2.2_2.2.1-4.3_i386.deb
      Size/MD5 checksum:  1888568 6ebcdd281461135393079cc9b59f742d
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-dev_2.2.1-4.3_i386.deb
      Size/MD5 checksum:   683880 c5d021c851f5cf88dc489928520a5074
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-gdbm_2.2.1-4.3_i386.deb
      Size/MD5 checksum:    16512 c3d530709b3c99f52ad9093d19081717
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-mpz_2.2.1-4.3_i386.deb
      Size/MD5 checksum:    19908 1181e089f6cbf04efe40b573afd8a48a
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-tk_2.2.1-4.3_i386.deb
      Size/MD5 checksum:    83134 2c9e73c9715987ac084d1672e7721fd2
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-xmlbase_2.2.1-4.3_i386.deb
      Size/MD5 checksum:    48534 1348fa8ea71f7999d5b6c9267ebfc302

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/p/python2.2/python2.2_2.2.1-4.3_ia64.deb
      Size/MD5 checksum:  2489568 8faa7fd8c761ac49ab731c107fd07784
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-dev_2.2.1-4.3_ia64.deb
      Size/MD5 checksum:   936400 c262bedca5ab6306762d101a2dbeb4bf
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-gdbm_2.2.1-4.3_ia64.deb
      Size/MD5 checksum:    19320 91211edb804aa093ca70a50a63cf759f
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-mpz_2.2.1-4.3_ia64.deb
      Size/MD5 checksum:    25276 e115e92f0b544ce0f7d0cf8ce925befd
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-tk_2.2.1-4.3_ia64.deb
      Size/MD5 checksum:    90202 d83d56e29880977e094f379a54041f38
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-xmlbase_2.2.1-4.3_ia64.deb
      Size/MD5 checksum:    56246 ca2fee283c70ebc0acd9c9b5f72f5ef2

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/p/python2.2/python2.2_2.2.1-4.3_hppa.deb
      Size/MD5 checksum:  2356422 ba2c2bebb6e4a4b4817afcec0350188d
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-dev_2.2.1-4.3_hppa.deb
      Size/MD5 checksum:   924658 638e5d9a494e96e8fe5e1db32fbef478
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-gdbm_2.2.1-4.3_hppa.deb
      Size/MD5 checksum:    18052 8d884a8947b53e4027fa3c3694fe37fd
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-mpz_2.2.1-4.3_hppa.deb
      Size/MD5 checksum:    23884 1c8ae393857ee188b5b785cabe926551
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-tk_2.2.1-4.3_hppa.deb
      Size/MD5 checksum:    87912 10a7d7be90f4f367df6f9fd5f8381c4a
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-xmlbase_2.2.1-4.3_hppa.deb
      Size/MD5 checksum:    54808 a0e8c65e48defb2be6e445e260bbbd84

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/p/python2.2/python2.2_2.2.1-4.3_m68k.deb
      Size/MD5 checksum:  1894116 a9e13517442b21ec512192cc0361e11f
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-dev_2.2.1-4.3_m68k.deb
      Size/MD5 checksum:   660676 39ba81220147394a063c672b2b3c5b1c
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-gdbm_2.2.1-4.3_m68k.deb
      Size/MD5 checksum:    16636 bd068d58755442f7ef26399ed370732d
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-mpz_2.2.1-4.3_m68k.deb
      Size/MD5 checksum:    19590 10cefe6b181fe2b335befae20df73ae2
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-tk_2.2.1-4.3_m68k.deb
      Size/MD5 checksum:    84038 232b10864957eeb65e425d694e7703d2
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-xmlbase_2.2.1-4.3_m68k.deb
      Size/MD5 checksum:    49348 251d4e6cdde45cf99ea22a90dc0908fe

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/p/python2.2/python2.2_2.2.1-4.3_mips.deb
      Size/MD5 checksum:  1952988 afb78402c69aa4df4ab8a597bcd25f26
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-dev_2.2.1-4.3_mips.deb
      Size/MD5 checksum:   790028 ab7b4896fba685351a227f67b1791f9b
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-gdbm_2.2.1-4.3_mips.deb
      Size/MD5 checksum:    16716 27c20b8987197602be78b5f43da6c39c
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-mpz_2.2.1-4.3_mips.deb
      Size/MD5 checksum:    19986 65dc613e81dc6cb649d24b38922b1282
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-tk_2.2.1-4.3_mips.deb
      Size/MD5 checksum:    83134 61693a6577bad15625d8a5a2de5520fc
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-xmlbase_2.2.1-4.3_mips.deb
      Size/MD5 checksum:    48714 76562b2f2a98a01ff776e1f2e1dda7fd

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/p/python2.2/python2.2_2.2.1-4.3_mipsel.deb
      Size/MD5 checksum:  1947982 a6c572ae19fb4010fed6eb4e4d73ede1
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-dev_2.2.1-4.3_mipsel.deb
      Size/MD5 checksum:   790012 f5d4a838b99dcf920c04a2c7583595a0
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-gdbm_2.2.1-4.3_mipsel.deb
      Size/MD5 checksum:    16736 205d834cec00e789080022e5090d1dfa
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-mpz_2.2.1-4.3_mipsel.deb
      Size/MD5 checksum:    20012 164a1eacfc13cfb395e0b26360e174ae
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-tk_2.2.1-4.3_mipsel.deb
      Size/MD5 checksum:    83098 029471a9db8e14c3cb351ae9b6ad406d
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-xmlbase_2.2.1-4.3_mipsel.deb
      Size/MD5 checksum:    48664 2b9c4fa8ab291a5b68063c2c7f29a1dd

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/p/python2.2/python2.2_2.2.1-4.3_powerpc.deb
      Size/MD5 checksum:  1998922 8d953c040dd92c534d05ad882df6e398
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-dev_2.2.1-4.3_powerpc.deb
      Size/MD5 checksum:   775176 7c45249dd6fa92ab5330b2a4650a7142
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-gdbm_2.2.1-4.3_powerpc.deb
      Size/MD5 checksum:    16838 4e4afda84b75ac3e1b42c7beb086894a
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-mpz_2.2.1-4.3_powerpc.deb
      Size/MD5 checksum:    20556 a0f9e12d04699ea4786d6321212b41fe
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-tk_2.2.1-4.3_powerpc.deb
      Size/MD5 checksum:    84772 1b52dc89d0bbf81a8e6e1d83bcf3c6a8
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-xmlbase_2.2.1-4.3_powerpc.deb
      Size/MD5 checksum:    50084 0419de4d8333513dfbb30270284d7f93

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/p/python2.2/python2.2_2.2.1-4.3_s390.deb
      Size/MD5 checksum:  1940700 587277953f96aa119a0175696ccb0bbd
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-dev_2.2.1-4.3_s390.deb
      Size/MD5 checksum:   692444 6aee6f113bd22f12b5a1effb98eebae0
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-gdbm_2.2.1-4.3_s390.deb
      Size/MD5 checksum:    17088 b6e1ff30cb3d4ad9bb7ba270dcdda9ab
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-mpz_2.2.1-4.3_s390.deb
      Size/MD5 checksum:    20332 e316a509e86fa1eb735542e56adcb5d3
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-tk_2.2.1-4.3_s390.deb
      Size/MD5 checksum:    85160 8f3e30216951722b482b92ff97106ac9
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-xmlbase_2.2.1-4.3_s390.deb
      Size/MD5 checksum:    49612 74d65b5062291f72027c65d7fff1a6ed

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/p/python2.2/python2.2_2.2.1-4.3_sparc.deb
      Size/MD5 checksum:  2036658 e34779d0638b6559b9a97d58440e75f2
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-dev_2.2.1-4.3_sparc.deb
      Size/MD5 checksum:   737962 1b2728ec03c593264eec517535e0297c
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-gdbm_2.2.1-4.3_sparc.deb
      Size/MD5 checksum:    19834 d9758964b6189d0b3fa6aba13728909a
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-mpz_2.2.1-4.3_sparc.deb
      Size/MD5 checksum:    19482 b5808423a21d12140a3822a4a293dd20
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-tk_2.2.1-4.3_sparc.deb
      Size/MD5 checksum:    83974 b71fd52e528ff367799540f7e353aacf
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2-xmlbase_2.2.1-4.3_sparc.deb
      Size/MD5 checksum:    49324 761b33efd131d432e3ca31105fc85918

  These files will probably be moved into the stable distribution on
  its next revision.

- - - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFATrVfArxCt0PiXR4RAnOFAKCEG+DB8mgvIQsjcHApf7Y18aBqRQCgoU+H
E+EfPnVdSc+WmKSUqflhTQA=
=41fn
- - -----END PGP SIGNATURE-----

- - ----------------------------------------------------------------------------------





2.


- - - --------------------------------------------------------------------------
Debian Security Advisory DSA 459-1                     security@xxxxxxxxxx
http://www.debian.org/security/                             Matt Zimmerman
March 10th, 2004                        http://www.debian.org/security/faq
- - - --------------------------------------------------------------------------

Package        : kdelibs, kdelibs-crypto
Vulnerability  : cookie path traversal
Problem-Type   : remote
Debian-specific: no
CVE Ids        : CAN-2003-0592

A vulnerability was discovered in KDE where the path restrictions on cookies could be bypassed using encoded relative path components (e.g., "/../").  This means that a cookie which should only be sent by the browser to an application running at /app1, the browser could inadvertently include it with a request sent to /app2 on the same server.

For the current stable distribution (woody) this problem has been fixed in kdelibs version 4:2.2.2-6woody3 and kdelibs-crypto version 4:2.2.2-13.woody.9.

For the unstable distribution (sid) this problem was fixed in kdelibs version 4:3.1.3-1.

We recommend that you update your kdelibs and kdelibs-crypto packages.

Upgrade Instructions
- - - --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody
- - - --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs_2.2.2-13.woody.9.dsc
      Size/MD5 checksum:     1353 259d1c3337e6421f5ecedfe15a5209f0
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs_2.2.2-13.woody.9.diff.gz
      Size/MD5 checksum:    57742 fbdb18745fadbd7d8a90afa9aa3767c5
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs_2.2.2.orig.tar.gz
      Size/MD5 checksum:  6396699 7a9277a2e727821338f751855c2ce5d3
    http://security.debian.org/pool/updates/main/k/kdelibs-crypto/kdelibs-crypto_2.2.2-6woody3.dsc
      Size/MD5 checksum:      717 ed37d69135a183a7fff7771cbed7334c
    http://security.debian.org/pool/updates/main/k/kdelibs-crypto/kdelibs-crypto_2.2.2-6woody3.diff.gz
      Size/MD5 checksum:    27998 31b6014b42c63879a1d20277ae255d67
    http://security.debian.org/pool/updates/main/k/kdelibs-crypto/kdelibs-crypto_2.2.2.orig.tar.gz
      Size/MD5 checksum:   643622 5ef84fed86c7984f99f8e44e9d5a216a

  Architecture independent components:

    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-doc_2.2.2-13.woody.9_all.deb
      Size/MD5 checksum:  2564192 513f8bdfe75d951190f9dacbee767bd8

  Alpha architecture:

    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.9_alpha.deb
      Size/MD5 checksum:   757356 f0217378d9ce13a22652de6e10dfc803
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.9_alpha.deb
      Size/MD5 checksum:  7553310 5ed5612401a9e8221f74a2c728d84b10
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.9_alpha.deb
      Size/MD5 checksum:   137334 a5681e4f36f3ce5afac8a7cc83051d3b
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.9_alpha.deb
      Size/MD5 checksum:   201912 52fd860524415d33ac3a7fcb55372075
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.9_alpha.deb
      Size/MD5 checksum:  1022278 c5af6f967923ba2b42101f51ba761789
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.9_alpha.deb
      Size/MD5 checksum:  1029252 487937ab90a6f4901d5ccb3ce797a791
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.9_alpha.deb
      Size/MD5 checksum:   198146 fb0b344662b1f3670f368d176932eee9
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.9_alpha.deb
      Size/MD5 checksum:   174606 1fb8e8f2b97cf368e3212f06cccbcf5c
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.9_alpha.deb
      Size/MD5 checksum:   178042 ca6839e78ada20e5ec5aedeea2941ed2
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.9_alpha.deb
      Size/MD5 checksum:    37178 954880c404f917b0c4d52fab495a2d2a
    http://security.debian.org/pool/updates/main/k/kdelibs-crypto/kdelibs3-crypto_2.2.2-6woody3_alpha.deb
      Size/MD5 checksum:   132308 c45ff6ad0e59ffbde75f60e881bb7f33

  ARM architecture:

    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.9_arm.deb
      Size/MD5 checksum:   743636 582822a51e0791c14bb61a88d4c532a8
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.9_arm.deb
      Size/MD5 checksum:  6589260 e51c1b45581802ac29535b2502f7e68b
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.9_arm.deb
      Size/MD5 checksum:   104500 d257d75028eaf7fa60044a1ef65395b7
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.9_arm.deb
      Size/MD5 checksum:   186484 f8bcc08992cad0bdfc42aaa889c43dca
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.9_arm.deb
      Size/MD5 checksum:   651698 790e861dbdebd7a8aa03e4b701262893
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.9_arm.deb
      Size/MD5 checksum:   655320 0f87c4357cb2c97f6f86f84df6139219
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.9_arm.deb
      Size/MD5 checksum:   155470 76adc91ee1ca2458ada23f93eaeb6e40
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.9_arm.deb
      Size/MD5 checksum:   124756 3195fcbfd52acec5953e0bbcedca8aa0
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.9_arm.deb
      Size/MD5 checksum:   127850 c88e0ed19a673a5a6695e068f3d42a1e
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.9_arm.deb
      Size/MD5 checksum:    37178 b627b18081d64f9847dfcc3cf950540c
    http://security.debian.org/pool/updates/main/k/kdelibs-crypto/kdelibs3-crypto_2.2.2-6woody3_arm.deb
      Size/MD5 checksum:   116866 112f16beafbfb5c3f6e84a0f82fbf47a

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.9_i386.deb
      Size/MD5 checksum:   742904 511b173eff43852f5b46809d308b4f39
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.9_i386.deb
      Size/MD5 checksum:  6618718 7541c48564991d9d5b5725e8a24a8e28
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.9_i386.deb
      Size/MD5 checksum:   106020 54ffc6f500613edee112b9c35d3ab63e
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.9_i386.deb
      Size/MD5 checksum:   182914 dbe4e1b8d4b0fdf8400a6a0fbb286556
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.9_i386.deb
      Size/MD5 checksum:   625082 0197017288a6182ebfe712ddd04df181
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.9_i386.deb
      Size/MD5 checksum:   629410 fc68ebc71fa909d98ea1f059d0e6b7c4
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.9_i386.deb
      Size/MD5 checksum:   154838 059ccfee34f7eeda897b8c70573ab353
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.9_i386.deb
      Size/MD5 checksum:   123372 1a948355c2721b3e7920eec893c24d09
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.9_i386.deb
      Size/MD5 checksum:   126480 04909219fb87f1b15c14c260e2d82b4f
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.9_i386.deb
      Size/MD5 checksum:    37168 452a8e68c12911bfb5f7538c4335d578
    http://security.debian.org/pool/updates/main/k/kdelibs-crypto/kdelibs3-crypto_2.2.2-6woody3_i386.deb
      Size/MD5 checksum:   114786 9376b045821bc1b73bbb203b501417bb

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.9_ia64.deb
      Size/MD5 checksum:   767694 159fd0faccec79ca4c9b1699082d0b84
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.9_ia64.deb
      Size/MD5 checksum:  8858496 4cc7032dbe64b7863312c184873063c3
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.9_ia64.deb
      Size/MD5 checksum:   153648 cf8aa387c1e95e0e9d4e4720a28b3622
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.9_ia64.deb
      Size/MD5 checksum:   256978 bf1511ab930a97161589e8aecfd0bfc4
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.9_ia64.deb
      Size/MD5 checksum:  1045296 a46b70370e2923bab6a6379de1131c8a
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.9_ia64.deb
      Size/MD5 checksum:  1050706 4c51730c63329946668b91ff50513a68
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.9_ia64.deb
      Size/MD5 checksum:   199444 72d92c0d58db43e349707d826e844272
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.9_ia64.deb
      Size/MD5 checksum:   185482 ae1ac258f56cbb8a6131a49775b24dba
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.9_ia64.deb
      Size/MD5 checksum:   190976 3e8e86ec9327e259dfdc8af1dc36f344
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.9_ia64.deb
      Size/MD5 checksum:    37174 d11bf96dff94f242f3d47825e88b2bd0
    http://security.debian.org/pool/updates/main/k/kdelibs-crypto/kdelibs3-crypto_2.2.2-6woody3_ia64.deb
      Size/MD5 checksum:   165430 7fb005c26b4bf760a2fab8dbda194490

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.9_hppa.deb
      Size/MD5 checksum:   749730 377e9a162901ffa8d58bfd1d4a62eef9
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.9_hppa.deb
      Size/MD5 checksum:  7343976 16d7806ec26962b7edd820e227d4f28a
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.9_hppa.deb
      Size/MD5 checksum:   117364 a5122c00fc269f54b41c817fa0821759
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.9_hppa.deb
      Size/MD5 checksum:   217872 578aa0d21d3ab85b5ce56be95f993e87
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.9_hppa.deb
      Size/MD5 checksum:  1111506 b0127b2f0f9b49fcc255125f66245e3b
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.9_hppa.deb
      Size/MD5 checksum:  1115366 e1b32777d376e3da71a2ec85e13007f2
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.9_hppa.deb
      Size/MD5 checksum:   207442 9b1ed0a36db94d37c9e95755b9235717
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.9_hppa.deb
      Size/MD5 checksum:   171920 1f4456c6d1ccec2e978393a34c8ae770
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.9_hppa.deb
      Size/MD5 checksum:   176012 882ebdacc219244144b28b6b6abe1478
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.9_hppa.deb
      Size/MD5 checksum:    37174 c78ca39cd1a5b14b4ffdb63ae3f04212
    http://security.debian.org/pool/updates/main/k/kdelibs-crypto/kdelibs3-crypto_2.2.2-6woody3_hppa.deb
      Size/MD5 checksum:   136082 ab486e68cfed055f7fcf5b04fb834a42

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.9_m68k.deb
      Size/MD5 checksum:   740024 33dad83286e7c582a6e83d182f9220f5
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.9_m68k.deb
      Size/MD5 checksum:  6484306 78004afecfecae86eec161b51a7b3f74
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.9_m68k.deb
      Size/MD5 checksum:   103554 5a2e7e38451b360ebe8008ee6b12efa1
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.9_m68k.deb
      Size/MD5 checksum:   178502 1e6e5866b5fa54ace57b07870c3a88cd
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.9_m68k.deb
      Size/MD5 checksum:   628710 9d9c488ee98a5e25e1bb126136bed18d
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.9_m68k.deb
      Size/MD5 checksum:   633156 937998911a44df94f482371bb3d0ceb1
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.9_m68k.deb
      Size/MD5 checksum:   151070 a612e9dd2a85848c222213edc655aed0
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.9_m68k.deb
      Size/MD5 checksum:   120702 a972a5b5e842021fa4536e03dbef5681
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.9_m68k.deb
      Size/MD5 checksum:   123618 a824bd1f7f83bca1a22b1fd8efd89e97
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.9_m68k.deb
      Size/MD5 checksum:    37188 b04dc0535aee7110e7e047ef09de6ba6
    http://security.debian.org/pool/updates/main/k/kdelibs-crypto/kdelibs3-crypto_2.2.2-6woody3_m68k.deb
      Size/MD5 checksum:   113428 d42081bda7a9ade52bbfcb77a5076640

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.9_mips.deb
      Size/MD5 checksum:   739864 9e68616ce1e5ed09f6e520767cf5dc9b
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.9_mips.deb
      Size/MD5 checksum:  6283770 6ea6b0354641ab2fc12b8b2ae6d9c345
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.9_mips.deb
      Size/MD5 checksum:   106828 e6d3a1178ee158a8651f01a1549b8473
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.9_mips.deb
      Size/MD5 checksum:   160998 f037bac1ba81714e09c657b5242057c0
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.9_mips.deb
      Size/MD5 checksum:   620850 b24accb7ed931c280e853a84e593682b
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.9_mips.deb
      Size/MD5 checksum:   625050 c984356fbcddcd3f31be6b2f72f1945a
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.9_mips.deb
      Size/MD5 checksum:   175800 4bf8533e37b93664897c9671f9c88b52
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.9_mips.deb
      Size/MD5 checksum:   124194 ae9f6c3f3744e787ad2ec925c7be3a3e
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.9_mips.deb
      Size/MD5 checksum:   127232 b93084e097c138a4b719bfbe27048283
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.9_mips.deb
      Size/MD5 checksum:    37176 07bfd5a431bb357b291599ff0221a27b
    http://security.debian.org/pool/updates/main/k/kdelibs-crypto/kdelibs3-crypto_2.2.2-6woody3_mips.deb
      Size/MD5 checksum:   100440 3c3a1317d2d7a833fa784ff2215b45db

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.9_mipsel.deb
      Size/MD5 checksum:   739198 18695e0b106bb0aa3098bcbaa4411860
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.9_mipsel.deb
      Size/MD5 checksum:  6190086 a9b504129ea5bc94756f05708317d8e2
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.9_mipsel.deb
      Size/MD5 checksum:   105800 483bbc8d7a6c868b16a4b5c913f4b925
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.9_mipsel.deb
      Size/MD5 checksum:   159206 3d2c9e620e1618e9724659f70ebd5122
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.9_mipsel.deb
      Size/MD5 checksum:   613640 fd0164388b5804a897310e4dcb6642d2
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.9_mipsel.deb
      Size/MD5 checksum:   617270 febf61be2c478965446c76a0743cfd0d
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.9_mipsel.deb
      Size/MD5 checksum:   175038 9ff953264d6efa3c3b46febe80a180f3
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.9_mipsel.deb
      Size/MD5 checksum:   123222 151d5cbfdd8976869b76833bf9c41485
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.9_mipsel.deb
      Size/MD5 checksum:   126198 e47a006ab02abc014ff9c811da24e733
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.9_mipsel.deb
      Size/MD5 checksum:    37172 9ec9dfba98a66eee4c71bee3636db5cf
    http://security.debian.org/pool/updates/main/k/kdelibs-crypto/kdelibs3-crypto_2.2.2-6woody3_mipsel.deb
      Size/MD5 checksum:    99306 b715a076f96445f7f67ea9337504e036

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.9_powerpc.deb
      Size/MD5 checksum:   740848 9ad09506cf1162d3e48077a610d20091
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.9_powerpc.deb
      Size/MD5 checksum:  6742148 cde3d23e432da394ab05d1d6916cdcbf
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.9_powerpc.deb
      Size/MD5 checksum:   105940 71cd753218d69532de5705302590ce1f
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.9_powerpc.deb
      Size/MD5 checksum:   182596 de2766fadd2000691c8c13804386b6bf
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.9_powerpc.deb
      Size/MD5 checksum:   691116 4c96fec5e0ada5a87e0457e913a2404c
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.9_powerpc.deb
      Size/MD5 checksum:   694560 83b5390dc4817071cea8ba334b42ac3f
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.9_powerpc.deb
      Size/MD5 checksum:   153766 431b3242db9bb4bbae261a796abc198c
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.9_powerpc.deb
      Size/MD5 checksum:   127554 a8b106907ae26f93dfc16258fcb95b8c
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.9_powerpc.deb
      Size/MD5 checksum:   130474 80fb2411ec76ad973639affbf8bb8156
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.9_powerpc.deb
      Size/MD5 checksum:    37176 aa155df2bb3d7b804a2b3844d8411c8f
    http://security.debian.org/pool/updates/main/k/kdelibs-crypto/kdelibs3-crypto_2.2.2-6woody3_powerpc.deb
      Size/MD5 checksum:   114264 55378be9dccb08796f89afa22a28b0d4

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.9_s390.deb
      Size/MD5 checksum:   742338 87712134f20ebc0ab6bb6c34978b0e77
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.9_s390.deb
      Size/MD5 checksum:  6740546 df95ca45a806695626117791ca5eb0ae
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.9_s390.deb
      Size/MD5 checksum:   110478 0a1a22812ce54d4b95857321fb0c4899
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.9_s390.deb
      Size/MD5 checksum:   176980 d57eb74b88eb46e1f5a3f42d54b41ff7
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.9_s390.deb
      Size/MD5 checksum:   642230 6bdeb69d9c84ca786226a9b65bc9e22c
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.9_s390.deb
      Size/MD5 checksum:   647372 68d937fd21123718b0579498a8de0717
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.9_s390.deb
      Size/MD5 checksum:   151416 51e5a3f4e373743170c3aece69b607dd
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.9_s390.deb
      Size/MD5 checksum:   129900 b409fbac5e6d52ac25533682c99c42d1
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.9_s390.deb
      Size/MD5 checksum:   133348 e649882d6df4d6b93936167cfa58b997
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.9_s390.deb
      Size/MD5 checksum:    37178 458e02d4c967b1b5df7986cc1d1df285
    http://security.debian.org/pool/updates/main/k/kdelibs-crypto/kdelibs3-crypto_2.2.2-6woody3_s390.deb
      Size/MD5 checksum:   115540 49c39c4b74b36cdd7ad0dc31731e9b36

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.9_sparc.deb
      Size/MD5 checksum:   741710 2d53eb502413a78518b6faff10fd6f87
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.9_sparc.deb
      Size/MD5 checksum:  6578762 3a56f1bb8543ce795d1ded8f210b009a
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.9_sparc.deb
      Size/MD5 checksum:   117752 fc5b23c8f18472388c7983a85ea1425b
    http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.9_sparc.deb
      Size/MD5 checksum:   184220 01f18665e792bacc7c069050c37f5a1c
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.9_sparc.deb
      Size/MD5 checksum:   664976 95ef602ec002bc602d2165a846341014
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.9_sparc.deb
      Size/MD5 checksum:   668858 fd1485e80081297e3421c26f36b8a6e7
    http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.9_sparc.deb
      Size/MD5 checksum:   151792 d0b0f8ce4021d45541420ceb7fcb134f
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.9_sparc.deb
      Size/MD5 checksum:   128658 1a54b9ab4865fc7b79b353b49501330a
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.9_sparc.deb
      Size/MD5 checksum:   131372 019e6578b99f058db3b9667bd99cda52
    http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.9_sparc.deb
      Size/MD5 checksum:    37174 ab26367c83295111c9c23f990d7f176e
    http://security.debian.org/pool/updates/main/k/kdelibs-crypto/kdelibs3-crypto_2.2.2-6woody3_sparc.deb
      Size/MD5 checksum:   114686 7f2aa8271117819957064ae204684697

  These files will probably be moved into the stable distribution on
  its next revision.





3.


- - - --------------------------------------------------------------------------
Debian Security Advisory DSA 460-1                     security@xxxxxxxxxx
http://www.debian.org/security/                             Matt Zimmerman
March 10th, 2004                        http://www.debian.org/security/faq
- - - --------------------------------------------------------------------------

Package        : sysstat
Vulnerability  : insecure temporary file
Problem-Type   : local
Debian-specific: no
CVE Ids        : CAN-2004-0108

Alan Cox discovered that the isag utility (which graphically displays data collected by the sysstat tools), creates a temporary file without taking proper precautions.  This vulnerability could allow a local attacker to overwrite files with the privileges of the user invoking isag.

For the current stable distribution (woody) this problem has been fixed in version 5.0.1-1.

For the unstable distribution (sid) this problem will be fixed soon.

We recommend that you update your sysstat package.

Upgrade Instructions
- - - --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody
- - - --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/s/sysstat/sysstat_4.0.4-1woody1.dsc
      Size/MD5 checksum:      646 a5040b1b689670af75bc8135ebec50da
    http://security.debian.org/pool/updates/main/s/sysstat/sysstat_4.0.4-1woody1.diff.gz
      Size/MD5 checksum:     8645 2edda9778b575cf59a32888a65bc3789
    http://security.debian.org/pool/updates/main/s/sysstat/sysstat_4.0.4.orig.tar.gz
      Size/MD5 checksum:    99410 9bab6bb01949ba36ce0e5520699ebdf2

  Architecture independent components:

    http://security.debian.org/pool/updates/main/s/sysstat/isag_4.0.4-1woody1_all.deb
      Size/MD5 checksum:    15920 84586d337482345b6333ed3cca81ff76

  Alpha architecture:

    http://security.debian.org/pool/updates/main/s/sysstat/sysstat_4.0.4-1woody1_alpha.deb
      Size/MD5 checksum:   101682 4cee5c4be51673e9c1a92c97ac6ee269

  ARM architecture:

    http://security.debian.org/pool/updates/main/s/sysstat/sysstat_4.0.4-1woody1_arm.deb
      Size/MD5 checksum:    86300 1f1df8a9de4107fab4380c740bbf6229

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/s/sysstat/sysstat_4.0.4-1woody1_i386.deb
      Size/MD5 checksum:    78078 e167208600a95a414438d9b2ec97070a

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/s/sysstat/sysstat_4.0.4-1woody1_ia64.deb
      Size/MD5 checksum:   115154 323b9724eb6b58c471806662f807d3a8

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/s/sysstat/sysstat_4.0.4-1woody1_hppa.deb
      Size/MD5 checksum:    95428 23ea1584bcb00d78a83193b43e0135b5

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/s/sysstat/sysstat_4.0.4-1woody1_m68k.deb
      Size/MD5 checksum:    74858 973dbfb3593919902b8364ffdc780be9

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/s/sysstat/sysstat_4.0.4-1woody1_mips.deb
      Size/MD5 checksum:    87796 496f1c560fd3bb907e9e84d90cc5a28f

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/s/sysstat/sysstat_4.0.4-1woody1_mipsel.deb
      Size/MD5 checksum:    87592 490cdbe90de212f602d161feafa03cde

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/s/sysstat/sysstat_4.0.4-1woody1_powerpc.deb
      Size/MD5 checksum:    86926 1d031e26e5a8a91ee887967995692864

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/s/sysstat/sysstat_4.0.4-1woody1_s390.deb
      Size/MD5 checksum:    83068 571f11004a9865497cdb454084cdce40

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/s/sysstat/sysstat_4.0.4-1woody1_sparc.deb
      Size/MD5 checksum:    99288 a390e93d83008691833956ad7c41dc87

  These files will probably be moved into the stable distribution on
  its next revision.

- - - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFAT4LaArxCt0PiXR4RAv6mAJ4iXfAnhQBXmNBHRX9cgIpI4ZTeAACgnICL
iJVg0Oq00wWhAoip4sNj4MI=
=K7BT
- - -----END PGP SIGNATURE-----


- - - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFAT34yArxCt0PiXR4RAoC/AKCe0P+Og/cYcSeJopdt6mk2JFo6RwCgyReH
wPK+PwZe45XFHPMRE3k8Ahg=
=VB9b
- - -----END PGP SIGNATURE-----

For additional information or assistance, please contact the HELP Desk by 
telephone or Not Protectively Marked information may be sent via 
EMail to: uniras@xxxxxxxxxxxx

Office Hours:
Mon - Fri: 08:30 - 17:00 Hrs
Tel: +44 (0) 20 7821 1330 Ext 4511
Fax: +44 (0) 20 7821 1686

Outside of Office Hours:
On Call Duty Officer:
Tel: +44 (0) 20 7821 1330 and follow the prompts

- - ----------------------------------------------------------------------------------
UNIRAS wishes to acknowledge the contributions of Debian for the information 
contained in this Briefing. 
- - ----------------------------------------------------------------------------------
This Briefing contains the information released by the original author. Some 
of the information may have changed since it was released. If the vulnerability 
affects you, it may be prudent to retrieve the advisory from the canonical site 
to ensure that you receive the most current information concerning that problem.

Reference to any specific commercial product, process, or service by trade 
name, trademark manufacturer, or otherwise, does not constitute or imply 
its endorsement, recommendation, or favouring by UNIRAS or NISCC.  The views 
and opinions of authors expressed within this notice shall not be used for 
advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors 
or omissions contained within this briefing notice. In particular, they shall 
not be liable for any loss or damage whatsoever, arising from or in connection 
with the usage of information contained within this notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams (FIRST) 
and has contacts with other international Incident Response Teams (IRTs) in 
order to foster cooperation and coordination in incident prevention, to prompt 
rapid reaction to incidents, and to promote information sharing amongst its 
members and the community at large. 
- - ----------------------------------------------------------------------------------
<End of UNIRAS Briefing>


-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQCVAwUBQFB73Ipao72zK539AQFT0gP/cSAz3aB9wJJHYzqm5Q1LnGVl68mhsbiC
H57ePvxkA33SNNypzEe7vHv3VDqlePU7fG9nLTCYV5iKER+UnhL6NXU/GLEioPgQ
0ljDBmpyRlj5CbuNh2YGlI8IHu0XAOrjpsfjd4pCgCSFpYc64zzfEusp7s/Ajyg/
yKAWwvqXjlM=
=IpxQ
-----END PGP SIGNATURE-----