[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 305/04 - Debian Security Advisory DSA 520-1 - New krb5 packages fix buffer overflows



 
-----BEGIN PGP SIGNED MESSAGE-----

- ----------------------------------------------------------------------------------
   UNIRAS (UK Govt CERT) Briefing Notice - 305/04 dated 17.06.04  Time: 15:55  
  UNIRAS is part of NISCC (National Infrastructure Security Co-ordination Centre)
- ---------------------------------------------------------------------------------- 
  UNIRAS material is also available from its website at www.uniras.gov.uk and
         Information about NISCC is available from www.niscc.gov.uk
- ----------------------------------------------------------------------------------

Title
=====

Debian Security Advisory DSA 520-1 - New krb5 packages fix buffer overflows


Detail
====== 


In their advisory MITKRB5-SA-2004-001, the MIT Kerberos announced the existence 
of buffer overflow vulnerabilities in the krb5_aname_to_localname function.  
This function is only used if aname_to_localname is enabled in the configuration 
(this is not enabled by default).






- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
            

            ESB-2004.0416 -- Debian Security Advisory DSA 520-1
                  New krb5 packages fix buffer overflows
                               17 June 2004

===========================================================================

        

Product:                krb5
Publisher:              Debian
Operating System:       Debian GNU/Linux 3.0
                        Linux variants
Impact:                 Root Compromise
Access Required:        Remote
CVE Names:              CAN-2004-0523

Ref:                    ESB-2004.0396

- - --------------------------BEGIN INCLUDED TEXT--------------------

- - -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - - --------------------------------------------------------------------------
Debian Security Advisory DSA 520-1                     security@xxxxxxxxxx
http://www.debian.org/security/                             Matt Zimmerman
June 16th, 2004                         http://www.debian.org/security/faq
- - - --------------------------------------------------------------------------

Package        : krb5
Vulnerability  : buffer overflows
Problem-Type   : remote
Debian-specific: no
CVE Ids        : CAN-2004-0523

In their advisory MITKRB5-SA-2004-001, the MIT Kerberos announced the existence 
of buffer overflow vulnerabilities in the krb5_aname_to_localname function.  
This function is only used if aname_to_localname is enabled in the configuration 
(this is not enabled by default).

For the current stable distribution (woody), this problem has been fixed in 
version 1.2.4-5woody5.

For the unstable distribution (sid), this problem has been fixed in version 1.3.3-2.

We recommend that you update your krb5 package.

Upgrade Instructions
- - - --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody
- - - --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody5.dsc
      Size/MD5 checksum:      750 88922316a5c4dc4f54eedfc8d1b2b21e
    http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody5.diff.gz
      Size/MD5 checksum:    77079 1d99337aa5734ab47878c706c1cd16e7
    http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4.orig.tar.gz
      Size/MD5 checksum:  5443051 663add9b5942be74a86fa860a3fa4167

  Architecture independent components:

    http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.2.4-5woody5_all.deb
      Size/MD5 checksum:   514592 b608f9f7c599049696daa569a9a9c95b

  Alpha architecture:

    http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody5_alpha.deb
      Size/MD5 checksum:   253392 39dace8011ec70211cafe7482a464bef
    http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody5_alpha.deb
      Size/MD5 checksum:   217158 2eec6d86a559c9bf151b06bb55916347
    http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody5_alpha.deb
      Size/MD5 checksum:    62608 6ad21c730aa61227f335042c83057e35
    http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody5_alpha.deb
      Size/MD5 checksum:   251804 32c06efac81f7f875e993e7f6343ee10
    http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody5_alpha.deb
      Size/MD5 checksum:    76040 2e6e74208a9c7f401c23076d32e29d3d
    http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody5_alpha.deb
      Size/MD5 checksum:    58704 897ad549370be37234179d87084012e9
    http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody5_alpha.deb
      Size/MD5 checksum:   207166 60ec8f0d5f60af7e03f18d68bdd1bfc3
    http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody5_alpha.deb
      Size/MD5 checksum:    83328 49d5415c510a3b16b0c7e6831d6295d1
    http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody5_alpha.deb
      Size/MD5 checksum:   632940 b5feb5c5d4ffb4dcc36607fb6c094ddd
    http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody5_alpha.deb
      Size/MD5 checksum:   367114 1126cddacb3eb385c363cc24bd8ccf30

  ARM architecture:

    http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody5_arm.deb
      Size/MD5 checksum:   196910 00f2c6dc3b783b559418d3acaae9ccc4
    http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody5_arm.deb
      Size/MD5 checksum:   160204 6fbdbe00198ac08c127da7b605cb4401
    http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody5_arm.deb
      Size/MD5 checksum:    48382 06c5be009cd9391342dfc97e18cc1c11
    http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody5_arm.deb
      Size/MD5 checksum:   198234 7a6fc77bf7307de8f5cb7ab203586e94
    http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody5_arm.deb
      Size/MD5 checksum:    63316 8e5b77aaefc5319b730b24ebd39d4c6d
    http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody5_arm.deb
      Size/MD5 checksum:    48952 1c46d9156b91cfbe3bf2a7b2406c4d19
    http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody5_arm.deb
      Size/MD5 checksum:   165652 654f978cf8e21e1928b08ee344fda8da
    http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody5_arm.deb
      Size/MD5 checksum:    73122 f5052a8743c4fd1434fba81040c39dd2
    http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody5_arm.deb
      Size/MD5 checksum:   492900 fce4b2e7bd8c66896bf181900fb61ec7
    http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody5_arm.deb
      Size/MD5 checksum:   294728 f689f57b800b125f4ba3d3d5043dcb68

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody5_i386.deb
      Size/MD5 checksum:   178772 5088ddd2621dbab5c59dc5e249240a1b
    http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody5_i386.deb
      Size/MD5 checksum:   155952 07fce3180d9959b4dfee76c6c120b6c0
    http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody5_i386.deb
      Size/MD5 checksum:    45954 fe40c7fa5d4f67652b43df8e96ec3f17
    http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody5_i386.deb
      Size/MD5 checksum:   178500 774028ad020dea596125afc6d52a7085
    http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody5_i386.deb
      Size/MD5 checksum:    61142 6995fa078363df683f8f4bafab474733
    http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody5_i386.deb
      Size/MD5 checksum:    46264 d53bc6f536632e486599e65e9e36542e
    http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody5_i386.deb
      Size/MD5 checksum:   154706 1f2eeeed38ab36e5f2f7a523736505bf
    http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody5_i386.deb
      Size/MD5 checksum:    71530 a67b57f513523801f85c7b65f8963f8c
    http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody5_i386.deb
      Size/MD5 checksum:   433428 968fa83dd497f71dd640f8b4e6974375
    http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody5_i386.deb
      Size/MD5 checksum:   293446 53eeba2cb4ff3b08f75c9f7d368ee843

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody5_ia64.deb
      Size/MD5 checksum:   321946 6ca872f52aedae772327b697dfde71b6
    http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody5_ia64.deb
      Size/MD5 checksum:   266092 f41935d16d8afb9a472a10784c3a7553
    http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody5_ia64.deb
      Size/MD5 checksum:    73348 0436c2b34fb854802246cc38b4a9a4c3
    http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody5_ia64.deb
      Size/MD5 checksum:   321900 7d6ff9cb6b640a17a3dca04b641a879b
    http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody5_ia64.deb
      Size/MD5 checksum:    91638 98299fc14a6c8011348a6d67219636b7
    http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody5_ia64.deb
      Size/MD5 checksum:    70292 81cc3db5ee795199744e3d991eff172d
    http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody5_ia64.deb
      Size/MD5 checksum:   255894 bdd40f67173113249af37954a68925e6
    http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody5_ia64.deb
      Size/MD5 checksum:   106954 c2fa05c6b6899f53c5c7efbdaac3f0e7
    http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody5_ia64.deb
      Size/MD5 checksum:   705264 eeb1f09bf20f6f336da6b4c65e982e45
    http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody5_ia64.deb
      Size/MD5 checksum:   474326 834b32c98301ac138e00442262281f06

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody5_hppa.deb
      Size/MD5 checksum:   214284 152da60f5b2d3aadf5d34a90758b52e0
    http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody5_hppa.deb
      Size/MD5 checksum:   189510 d19d97ccc0096676387ecb66292e98a1
    http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody5_hppa.deb
      Size/MD5 checksum:    53670 21e95a71a01d673273bed6c7e960f577
    http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody5_hppa.deb
      Size/MD5 checksum:   213770 d04452049be7561471f2c0d7a839a74d
    http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody5_hppa.deb
      Size/MD5 checksum:    68366 9757bc2a367432d6287709920b5996b0
    http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody5_hppa.deb
      Size/MD5 checksum:    55492 9bb3a916db98c1001c8330751e6d8505
    http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody5_hppa.deb
      Size/MD5 checksum:   182678 c499c90b82536f7af26c79ccbdf7bb9f
    http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody5_hppa.deb
      Size/MD5 checksum:    84616 c6163555a4f4e93fb56eb19afab8970d
    http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody5_hppa.deb
      Size/MD5 checksum:   557526 46404537730a0fcd7e66ba20221004ba
    http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody5_hppa.deb
      Size/MD5 checksum:   361794 2247c6ec0ee126dce4280d317ea5fe4a

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody5_m68k.deb
      Size/MD5 checksum:   163994 64e2e6b310f729a633868e0dcff92cc5
    http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody5_m68k.deb
      Size/MD5 checksum:   144502 6d9020501770a02d1b5edf62d7187e58
    http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody5_m68k.deb
      Size/MD5 checksum:    44132 d4af8c3649f93e71c44a1b373e0b80c3
    http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody5_m68k.deb
      Size/MD5 checksum:   163732 c30ef8c45ef46b816b00336eed65a902
    http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody5_m68k.deb
      Size/MD5 checksum:    56650 85224bbf810310a04e0f254dd0e13bb4
    http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody5_m68k.deb
      Size/MD5 checksum:    44432 001261117d31c9e610b49066044fd438
    http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody5_m68k.deb
      Size/MD5 checksum:   145748 78d472cdafa35eb0bd7e4cb75b0623b0
    http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody5_m68k.deb
      Size/MD5 checksum:    69570 127110f20badf11f06b1fd09911b4975
    http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody5_m68k.deb
      Size/MD5 checksum:   408486 0f5ecf090b19fee6c02d8ee4f6f6b701
    http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody5_m68k.deb
      Size/MD5 checksum:   276790 ea346ea12c2f36680bbb73253e8a67ec

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody5_mips.deb
      Size/MD5 checksum:   206332 4f409bdcd19dbcd63a919158504330b6
    http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody5_mips.deb
      Size/MD5 checksum:   190876 da73ca10271b7ab992201fa1e8865e0b
    http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody5_mips.deb
      Size/MD5 checksum:    53108 e3697a84791b6c9c94dd2090d2393abc
    http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody5_mips.deb
      Size/MD5 checksum:   209248 cf57ebb6de38746cb2554185a86db959
    http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody5_mips.deb
      Size/MD5 checksum:    66188 c359609fa890dffdebb6bab042fa30f1
    http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody5_mips.deb
      Size/MD5 checksum:    54668 c95a9cc71275c1ffe74caed804e1e4e9
    http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody5_mips.deb
      Size/MD5 checksum:   175086 f14ebe5e1493c320ca5eabf7661d83d3
    http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody5_mips.deb
      Size/MD5 checksum:    71782 fcdf07c4a596cc203e69e1b3fa61a9b7
    http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody5_mips.deb
      Size/MD5 checksum:   540812 5fe78475feb1237afc53c9cfc6235ba0
    http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody5_mips.deb
      Size/MD5 checksum:   308072 a073afa9cb406e7e9b87c411fe71e7cf

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody5_mipsel.deb
      Size/MD5 checksum:   210428 c57ae1baeb412e9e39bffaf3e6eafc19
    http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody5_mipsel.deb
      Size/MD5 checksum:   190584 d9637a661a7d76b4d2ac7ce2d2ebdfe9
    http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody5_mipsel.deb
      Size/MD5 checksum:    53304 b748e107e9ae4c5c6b43d71ff0f1c82c
    http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody5_mipsel.deb
      Size/MD5 checksum:   212884 cf8b846996cc4dd9a563c164134dfcb9
    http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody5_mipsel.deb
      Size/MD5 checksum:    66512 82eda58a3c77d89563d230c2f4a471f2
    http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody5_mipsel.deb
      Size/MD5 checksum:    54538 6a80de80f46ad13cb4545991776c98fd
    http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody5_mipsel.deb
      Size/MD5 checksum:   176876 5bbd1da8fca246767e66d711630cb6b1
    http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody5_mipsel.deb
      Size/MD5 checksum:    71580 11dac89ceff65cc4da44337b3027e7b8
    http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody5_mipsel.deb
      Size/MD5 checksum:   540372 72c5320274b851ea31d485e8c9d07116
    http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody5_mipsel.deb
      Size/MD5 checksum:   306698 859c21ad06284485f0b7f1fead9da1b1

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody5_powerpc.deb
      Size/MD5 checksum:   188054 363da150a42cee7367583fdfc90c6bf9
    http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody5_powerpc.deb
      Size/MD5 checksum:   163744 b395a1a41eff5721d6351518ea572610
    http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody5_powerpc.deb
      Size/MD5 checksum:    48964 b3896b0ac107e00a5ab3da1098c6a4cf
    http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody5_powerpc.deb
      Size/MD5 checksum:   189144 fb6a9fcd6528aea01560c1ee4c94b2f1
    http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody5_powerpc.deb
      Size/MD5 checksum:    62322 f872293b6c1b9ba9e2e035ace829507d
    http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody5_powerpc.deb
      Size/MD5 checksum:    48928 a76a17aef53d694b4c560118f388cb03
    http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody5_powerpc.deb
      Size/MD5 checksum:   162398 cf177c01953e47e566de40280bd08b46
    http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody5_powerpc.deb
      Size/MD5 checksum:    73534 3dff6d87ccbc7b2fd66d98d483c7bb00
    http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody5_powerpc.deb
      Size/MD5 checksum:   490456 aad2e60648fb2fc71c8146d3404985b1
    http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody5_powerpc.deb
      Size/MD5 checksum:   303092 e2b1effe6d3946de748e35e386759ee4

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody5_s390.deb
      Size/MD5 checksum:   188904 6fc5f0333f635e8f047e17085abf3270
    http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody5_s390.deb
      Size/MD5 checksum:   166020 35b74993495f29d9bfa72d4aa988971d
    http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody5_s390.deb
      Size/MD5 checksum:    49892 cec7b75924c666072d43be9a87ae3dc4
    http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody5_s390.deb
      Size/MD5 checksum:   190238 f6bc7f11baea1fbee5c453877166f7ca
    http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody5_s390.deb
      Size/MD5 checksum:    66682 081a0113d851220733e9f6d208280a90
    http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody5_s390.deb
      Size/MD5 checksum:    49868 b920cb787b60dbbcbb89e43d8b6a4702
    http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody5_s390.deb
      Size/MD5 checksum:   164036 3416a67ab9ea1af7a39a8456f49c86df
    http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody5_s390.deb
      Size/MD5 checksum:    76076 fceff5bf712f16a0ea788e5f74ba21a5
    http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody5_s390.deb
      Size/MD5 checksum:   452962 29b7633718ca8389ab0c2e011e5f9be7
    http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody5_s390.deb
      Size/MD5 checksum:   319182 95ff63b6ea8ab3bf573c5efaea5334da

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody5_sparc.deb
      Size/MD5 checksum:   183032 341a9fb2d89ea7d685e3b5a3365c59ce
    http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody5_sparc.deb
      Size/MD5 checksum:   172630 023d4ea8ff07488b730d956443159d9c
    http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody5_sparc.deb
      Size/MD5 checksum:    49378 c575434808db59920f3463adfa046cfd
    http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody5_sparc.deb
      Size/MD5 checksum:   183982 0aa7443dd53e7f53cd1b872c6fcbabdb
    http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody5_sparc.deb
      Size/MD5 checksum:    63998 cbcd6b93ae18a1383ce8f8e2e5868ba9
    http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody5_sparc.deb
      Size/MD5 checksum:    49336 71527610b9405d3edcf4c7e0fa192334
    http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody5_sparc.deb
      Size/MD5 checksum:   159144 51fa34206e1a4de013fbb3991bdc33b2
    http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody5_sparc.deb
      Size/MD5 checksum:    72884 a209925e53a9d35354cef146aa7cf392
    http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody5_sparc.deb
      Size/MD5 checksum:   462462 1035d9e5f0450c933cf79add5540a646
    http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody5_sparc.deb
      Size/MD5 checksum:   300906 5333154983b684450cb5a4c702216542

  These files will probably be moved into the stable distribution on
  its next revision.

- - - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: 
ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: 
debian-security-announce@xxxxxxxxxxxxxxxx
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
- - -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFA0QJSArxCt0PiXR4RAn/1AJ44Z+oGkhWfO+M0Y15Wv/TBSdRYDACeIGLo
X2uJv+17KQFGR6KqZsSFse8=
=EXrB
- - -----END PGP SIGNATURE-----

- - --------------------------END INCLUDED TEXT--------------------


iQCVAwUBQNExEih9+71yA2DNAQLnsgP/be1CqYl8g16vf6VD4XwUvmvO/KFeJVQ6
sljgUwHSoPVOgtl66M+1MxuhViPtt9/2w/aQ258+e8Ns439q59WVOLkipho4CAQE
6kVA1zlLL+d/2e86N1zFpUHHLmQZVLe9feOXPCZG7wl65FC1TMr15bYfyy0K1WJs
BTxGuvigTmM=
=enTK
- -----END PGP SIGNATURE-----

- ----------------------------------------------------------------------------------

For additional information or assistance, please contact the HELP Desk by 
telephone or Not Protectively Marked information may be sent via 
EMail to: uniras@xxxxxxxxxxxx

Office Hours:
Mon - Fri: 08:30 - 17:00 Hrs
Tel: +44 (0) 20 7821 1330 Ext 4511
Fax: +44 (0) 20 7821 1686

Outside of Office Hours:
On Call Duty Officer:
Tel: +44 (0) 20 7821 1330 and follow the prompts

- ----------------------------------------------------------------------------------
UNIRAS wishes to acknowledge the contributions of Debian for the information 
contained in this Briefing. 
- ----------------------------------------------------------------------------------
This Briefing contains the information released by the original author. Some 
of the information may have changed since it was released. If the vulnerability 
affects you, it may be prudent to retrieve the advisory from the canonical site 
to ensure that you receive the most current information concerning that problem.

Reference to any specific commercial product, process, or service by trade 
name, trademark manufacturer, or otherwise, does not constitute or imply 
its endorsement, recommendation, or favouring by UNIRAS or NISCC.  The views 
and opinions of authors expressed within this notice shall not be used for 
advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors 
or omissions contained within this briefing notice. In particular, they shall 
not be liable for any loss or damage whatsoever, arising from or in connection 
with the usage of information contained within this notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams (FIRST) 
and has contacts with other international Incident Response Teams (IRTs) in 
order to foster cooperation and coordination in incident prevention, to prompt 
rapid reaction to incidents, and to promote information sharing amongst its 
members and the community at large. 
- ----------------------------------------------------------------------------------
<End of UNIRAS Briefing>

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQCVAwUBQNGvzIpao72zK539AQHSvAP+JZ3JjHIhTR+BPjXp7mjgj8BV+Fb//8Ss
ow3xDge2R808XBGL0TC/yBeo5ATFnpcn1ttNdbHvhtCGKOXu8NeZ3JJe6qF9F8fu
2kD4yYNHUrxrZjQ8HKF5FMeeS+IkyValsmt5pS7HFb4Mf0oQcEwNh7Mgbplyqz7T
JyyMa5igxz8=
=16Fj
-----END PGP SIGNATURE-----