[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 585/04 - Two Debian Security Advisories



 
-----BEGIN PGP SIGNED MESSAGE-----

- ----------------------------------------------------------------------------------
   UNIRAS (UK Govt CERT) Briefing Notice - 585/04 dated 22.10.04  Time: 14:40  
  UNIRAS is part of NISCC (National Infrastructure Security Co-ordination Centre)
- ---------------------------------------------------------------------------------- 
  UNIRAS material is also available from its website at www.uniras.gov.uk and
         Information about NISCC is available from www.niscc.gov.uk
- ----------------------------------------------------------------------------------

Title
=====

Two Debian Security Advisories:

1. Debian Security Advisory DSA 572-1: ecartis

2. Debian Security Advisory DSA 573-1: cupsys

Detail
====== 

1. A problem has been discovered in ecartis, a mailing-list manager, which allows an attacker in the same domain as the list admin to gain administrator privileges and alter list settings.

2. Chris Evans discovered several integer overflows in xpdf, that are also present in CUPS, the Common UNIX Printing System, which can be exploited remotely by a specially crafted PDF document.



1.
- - --------------------------------------------------------------------------
Debian Security Advisory DSA 572-1                     security@xxxxxxxxxx
http://www.debian.org/security/                             Martin Schulze
October 21st, 2004                      http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package        : ecartis
Vulnerability  : several
Problem-Type   : remote
Debian-specific: no
CVE ID         : CAN-2004-0913

A problem has been discovered in ecartis, a mailing-list manager, which allows an attacker in the same domain as the list admin to gain administrator privileges and alter list settings.

For the stable distribution (woody) this problem has been fixed in version 0.129a+1.0.0-snap20020514-1.3.

For the unstable distribution (sid) this problem has been fixed in version 1.0.0+cvs.20030911-8.

We recommend that you upgrade your ecartis package.


Upgrade Instructions
- - --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- - --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/e/ecartis/ecartis_0.129a+1.0.0-snap20020514-1.3.dsc
      Size/MD5 checksum:      633 3c5b01ccdb8efdd3f0b01ab1c420f0bd
    http://security.debian.org/pool/updates/main/e/ecartis/ecartis_0.129a+1.0.0-snap20020514-1.3.diff.gz
      Size/MD5 checksum:    11136 deb52dba3044f51a775687dc3de435d4
    http://security.debian.org/pool/updates/main/e/ecartis/ecartis_0.129a+1.0.0-snap20020514.orig.tar.gz
      Size/MD5 checksum:   326215 2772a595a3fe7ea5073874113da813ec

  Alpha architecture:

    http://security.debian.org/pool/updates/main/e/ecartis/ecartis_0.129a+1.0.0-snap20020514-1.3_alpha.deb
      Size/MD5 checksum:   256810 0756e2937a73c64e06a65001d7955877
    http://security.debian.org/pool/updates/main/e/ecartis/ecartis-cgi_0.129a+1.0.0-snap20020514-1.3_alpha.deb
      Size/MD5 checksum:    34084 ef3ac15efae9aaa6ef01083e535d96a6

  ARM architecture:

    http://security.debian.org/pool/updates/main/e/ecartis/ecartis_0.129a+1.0.0-snap20020514-1.3_arm.deb
      Size/MD5 checksum:   238590 c039d61d90f7163d0a5ae3a964fa28c6
    http://security.debian.org/pool/updates/main/e/ecartis/ecartis-cgi_0.129a+1.0.0-snap20020514-1.3_arm.deb
      Size/MD5 checksum:    34256 27530fa34db9ccfce0dea27d2367a581

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/e/ecartis/ecartis_0.129a+1.0.0-snap20020514-1.3_i386.deb
      Size/MD5 checksum:   199458 b486c027d445489c6fb27a705133e65f
    http://security.debian.org/pool/updates/main/e/ecartis/ecartis-cgi_0.129a+1.0.0-snap20020514-1.3_i386.deb
      Size/MD5 checksum:    26382 1a46d1a71f53b9cbe8ce774c308e0b63

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/e/ecartis/ecartis_0.129a+1.0.0-snap20020514-1.3_ia64.deb
      Size/MD5 checksum:   338176 f34f303a82c07e94fbc4f740615b285a
    http://security.debian.org/pool/updates/main/e/ecartis/ecartis-cgi_0.129a+1.0.0-snap20020514-1.3_ia64.deb
      Size/MD5 checksum:    44402 3d96424af960b67c1eff7ed8281a28cc

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/e/ecartis/ecartis_0.129a+1.0.0-snap20020514-1.3_hppa.deb
      Size/MD5 checksum:   237276 86be667295c0110787c48483935304a9
    http://security.debian.org/pool/updates/main/e/ecartis/ecartis-cgi_0.129a+1.0.0-snap20020514-1.3_hppa.deb
      Size/MD5 checksum:    34186 0427d04c72cd89788d7662e7ba84713b

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/e/ecartis/ecartis_0.129a+1.0.0-snap20020514-1.3_m68k.deb
      Size/MD5 checksum:   210846 6ef4f00bcf7eb6855dff350f4ed2d6eb
    http://security.debian.org/pool/updates/main/e/ecartis/ecartis-cgi_0.129a+1.0.0-snap20020514-1.3_m68k.deb
      Size/MD5 checksum:    29470 cfdbd27c6f172a1fa75890d7bab9be26

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/e/ecartis/ecartis_0.129a+1.0.0-snap20020514-1.3_mips.deb
      Size/MD5 checksum:   203434 37c63c68433b47af4773d9fd1620bd6d
    http://security.debian.org/pool/updates/main/e/ecartis/ecartis-cgi_0.129a+1.0.0-snap20020514-1.3_mips.deb
      Size/MD5 checksum:    26454 7b1212a12d462e5d02c59e4c80fb6120

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/e/ecartis/ecartis_0.129a+1.0.0-snap20020514-1.3_mipsel.deb
      Size/MD5 checksum:   203806 29b30b1f6a89f5f738fd6e2a25ce8e3f
    http://security.debian.org/pool/updates/main/e/ecartis/ecartis-cgi_0.129a+1.0.0-snap20020514-1.3_mipsel.deb
      Size/MD5 checksum:    26660 64352b9de65a0f873aa9bf8c3759b3df

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/e/ecartis/ecartis_0.129a+1.0.0-snap20020514-1.3_powerpc.deb
      Size/MD5 checksum:   231174 d50df0172c5dc7c7e00e8f195d2dedc2
    http://security.debian.org/pool/updates/main/e/ecartis/ecartis-cgi_0.129a+1.0.0-snap20020514-1.3_powerpc.deb
      Size/MD5 checksum:    33622 aeef33a2acbc11169f13a009fb44ca26

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/e/ecartis/ecartis_0.129a+1.0.0-snap20020514-1.3_s390.deb
      Size/MD5 checksum:   205476 c11ac6b9025f9579f5827f76521be398
    http://security.debian.org/pool/updates/main/e/ecartis/ecartis-cgi_0.129a+1.0.0-snap20020514-1.3_s390.deb
      Size/MD5 checksum:    28148 800f8d66e58b75a5d3348cea3758aedd

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/e/ecartis/ecartis_0.129a+1.0.0-snap20020514-1.3_sparc.deb
      Size/MD5 checksum:   244678 41a082da574d539b8fa9df57903ef0b9
    http://security.debian.org/pool/updates/main/e/ecartis/ecartis-cgi_0.129a+1.0.0-snap20020514-1.3_sparc.deb
      Size/MD5 checksum:    33772 28eadac58294fe1a73f95fb709619e27


  These files will probably be moved into the stable distribution on
  its next update.

- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFBd5GWW5ql+IAeqTIRAlWJAJ9MsDW5+99LohGzIFOq7ULlrARbfgCfXxR6
UqVOnBc/5Cd1voj++VF9NfI=
=vI+1
- -----END PGP SIGNATURE-----




2.
- - --------------------------------------------------------------------------
Debian Security Advisory DSA 573-1                     security@xxxxxxxxxx
http://www.debian.org/security/                             Martin Schulze
October 21st, 2004                      http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package        : cupsys
Vulnerability  : integer overflows
Problem-Type   : remote
Debian-specific: no
CVE ID         : CAN-2004-0888

Chris Evans discovered several integer overflows in xpdf, that are also present in CUPS, the Common UNIX Printing System, which can be exploited remotely by a specially crafted PDF document.

For the stable distribution (woody) these problems have been fixed in version 1.1.14-5woody10.

For the unstable distribution (sid) these problems have been fixed in version 1.1.20final+rc1-10.

We recommend that you upgrade your CUPS packages.


Upgrade Instructions
- - --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- - --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody10.dsc
      Size/MD5 checksum:      712 ae31959c46f48c5385b676f26a2e842d
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody10.diff.gz
      Size/MD5 checksum:    40124 baba5be8d7564311a27cb81ce914e035
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14.orig.tar.gz
      Size/MD5 checksum:  6150756 0dfa41f29fa73e7744903b2471d2ca2f

  Alpha architecture:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody10_alpha.deb
      Size/MD5 checksum:  1900822 a70479f7bb60a8286689480b6d308d25
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody10_alpha.deb
      Size/MD5 checksum:    74422 d98680769dc77eb8e87d1340a8168abf
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody10_alpha.deb
      Size/MD5 checksum:    93052 1fbb64fd54fe3b66fbf3e2f27842518f
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody10_alpha.deb
      Size/MD5 checksum:  2445890 333911b1b11bd1058c453f6190979da9
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody10_alpha.deb
      Size/MD5 checksum:   138086 fc159f99d5f10e551d05e56fe9385f34
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody10_alpha.deb
      Size/MD5 checksum:   181022 8aede5734f2bc35dff191664ca07481d

  ARM architecture:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody10_arm.deb
      Size/MD5 checksum:  1821796 d842e1185dd4a50cd9fa2f71fd7f216a
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody10_arm.deb
      Size/MD5 checksum:    68558 c575b8ba9a7bbe9ab4bd5ff003787c80
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody10_arm.deb
      Size/MD5 checksum:    85752 442b511623d5641ec33d0913e9756fe6
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody10_arm.deb
      Size/MD5 checksum:  2345934 64a06768229c53e681e5bdb0f9b56197
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody10_arm.deb
      Size/MD5 checksum:   113060 5677fdf18c89fe349fd18a1eecef562f
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody10_arm.deb
      Size/MD5 checksum:   150474 c8c4653a290a66724d717a709ae18a66

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody10_i386.deb
      Size/MD5 checksum:  1788626 9cb6367a1455987dfbbc03e26d4a0ab9
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody10_i386.deb
      Size/MD5 checksum:    68074 d5b263fabbe23c5714d43770ea81b612
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody10_i386.deb
      Size/MD5 checksum:    84244 e6cb1b13280664e12ded8709cfefebcc
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody10_i386.deb
      Size/MD5 checksum:  2312054 ab9511108a2281079e86da8e9e450349
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody10_i386.deb
      Size/MD5 checksum:   111096 7eb7f16bd74c6dba80c1dd3b39b697db
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody10_i386.deb
      Size/MD5 checksum:   136658 7c186791884a0733fea8f63c3bb189f5

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody10_ia64.deb
      Size/MD5 checksum:  2008270 ec8aeb2946896bbd26708b8adb539604
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody10_ia64.deb
      Size/MD5 checksum:    77478 148442739408fc6255d39292f135bec3
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody10_ia64.deb
      Size/MD5 checksum:    97202 8172c2f63908fb6cb23dbee41f8e2bec
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody10_ia64.deb
      Size/MD5 checksum:  2656844 b125add104054e6db76625fa0f661206
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody10_ia64.deb
      Size/MD5 checksum:   156076 9e2a814e3565a0303074baa1fec3a8ad
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody10_ia64.deb
      Size/MD5 checksum:   183024 0e6b10d730a19628fb5982e62cc9a037

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody10_hppa.deb
      Size/MD5 checksum:  1881842 30933a611e124b53496a1eaa6e78ead6
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody10_hppa.deb
      Size/MD5 checksum:    70888 a627539e4c17fcb53c81a4a524aa9b6d
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody10_hppa.deb
      Size/MD5 checksum:    89912 2121010bef372effdc7b5df87f19c14c
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody10_hppa.deb
      Size/MD5 checksum:  2456114 d7f144753a6ef2dfd30b804a496b266a
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody10_hppa.deb
      Size/MD5 checksum:   126552 59a4876e8430211df619bfbba7192c4f
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody10_hppa.deb
      Size/MD5 checksum:   159622 14750861065ede6ba4fb1779385125ee

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody10_m68k.deb
      Size/MD5 checksum:  1755320 e772fc6e575816204d24d65b93b233d5
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody10_m68k.deb
      Size/MD5 checksum:    66368 ae622df8d8310ed713e21fcff06e861b
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody10_m68k.deb
      Size/MD5 checksum:    81460 316c268fe6263463ffa70650cf0b727a
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody10_m68k.deb
      Size/MD5 checksum:  2261474 6f73920c2550f1f49fe4e8c93d6bc836
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody10_m68k.deb
      Size/MD5 checksum:   106314 001809ddc9a6e03054e096b6f4f30885
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody10_m68k.deb
      Size/MD5 checksum:   128858 17e57bbefae47ff07db3e6eac08fd651

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody10_mips.deb
      Size/MD5 checksum:  1811706 356e49aca2dd13198f1e8528bd410d53
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody10_mips.deb
      Size/MD5 checksum:    67978 5f0a6cbf68d05696537ab036c877baf3
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody10_mips.deb
      Size/MD5 checksum:    81422 fd91fe740b055e8ea764a2309704c385
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody10_mips.deb
      Size/MD5 checksum:  2404692 f5a42ecff952b876db268ba46b1f9297
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody10_mips.deb
      Size/MD5 checksum:   112844 a957508600052e33c04372114ba0d6e8
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody10_mips.deb
      Size/MD5 checksum:   151276 c36b4acdd08b3dbfc20f6d8e20f72684

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody10_mipsel.deb
      Size/MD5 checksum:  1812220 1c1515aa26c641f7a0c652187a763b3f
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody10_mipsel.deb
      Size/MD5 checksum:    67954 7704b6cda625f1543cfed3fa7807a71d
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody10_mipsel.deb
      Size/MD5 checksum:    81446 fb012b9d0b1f016820be28c237c1d1c7
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody10_mipsel.deb
      Size/MD5 checksum:  2407024 9ff53f42aff59fbf5050e7bf045af0c7
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody10_mipsel.deb
      Size/MD5 checksum:   112630 6b96071e8be67ad72ccd14395e472224
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody10_mipsel.deb
      Size/MD5 checksum:   151098 f6bfedf92870b76638ef16f52c8f185f

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody10_powerpc.deb
      Size/MD5 checksum:  1800710 3b1a280e2c0504303fcefed1f1487540
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody10_powerpc.deb
      Size/MD5 checksum:    67996 6feace4eadb9a7e53d81fb6f77d1df59
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody10_powerpc.deb
      Size/MD5 checksum:    83558 940e4461997283996cd62c07b9456f53
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody10_powerpc.deb
      Size/MD5 checksum:  2359890 f612a6bcb3c52147398fd6b0b7972a2d
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody10_powerpc.deb
      Size/MD5 checksum:   116866 9f1e4c94ce84e65f20ee7ac2a65d28bc
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody10_powerpc.deb
      Size/MD5 checksum:   145298 d5e77aad9f5e67acc715b4250d705873

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody10_s390.deb
      Size/MD5 checksum:  1795792 08de62dd48dd94d3ff3b2fee9a7fc044
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody10_s390.deb
      Size/MD5 checksum:    69368 eaa0849593f8132eb3128a4d5e91bb98
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody10_s390.deb
      Size/MD5 checksum:    86100 7037788341cbf3a5294ac771bea83519
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody10_s390.deb
      Size/MD5 checksum:  2337736 a11a41b78d3ee10608803b29d2ebdf2a
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody10_s390.deb
      Size/MD5 checksum:   115398 40a4137f1dfc8beff7ef6ee20853e897
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody10_s390.deb
      Size/MD5 checksum:   140918 747abc057dccf3cc061f142ca16b8f20

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody10_sparc.deb
      Size/MD5 checksum:  1845462 b413070f1f98f540a6a7cf78ad4cf1c0
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody10_sparc.deb
      Size/MD5 checksum:    70948 c77a09b25782f511430ac73420358a35
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody10_sparc.deb
      Size/MD5 checksum:    84376 1446a20a1664c349db050d90f8319580
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody10_sparc.deb
      Size/MD5 checksum:  2354776 c430d70b36aaa7bc279fd9631658d713
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody10_sparc.deb
      Size/MD5 checksum:   120548 c51a797aa901917d759ce116d3afd2ee
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody10_sparc.deb
      Size/MD5 checksum:   146862 92e2f650e7b8156b51c2d8d0bfb68e15


  These files will probably be moved into the stable distribution on
  its next update.

- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFBd8UuW5ql+IAeqTIRAiIhAKCcPO8v77Mr8yhoEz8R2Ttp0EI0VwCgp6IE
sxADLxKio99q4rjQG4p/ubI=
=fKqL
- -----END PGP SIGNATURE-----


- ----------------------------------------------------------------------------------

For additional information or assistance, please contact the HELP Desk by 
telephone or Not Protectively Marked information may be sent via 
EMail to: uniras@xxxxxxxxxxxx

Office Hours:
Mon - Fri: 08:30 - 17:00 Hrs
Tel: +44 (0) 870 487 0748 Ext 4511
Fax: +44 (0) 870 487 0749

Outside of Office Hours:
On Call Duty Officer:
Tel: +44 (0) 870 487 0748 and follow the prompts

- ----------------------------------------------------------------------------------
UNIRAS wishes to acknowledge the contributions of Debian for the information 
contained in this Briefing. 
- ----------------------------------------------------------------------------------
This Briefing contains the information released by the original author. Some 
of the information may have changed since it was released. If the vulnerability 
affects you, it may be prudent to retrieve the advisory from the canonical site 
to ensure that you receive the most current information concerning that problem.

Reference to any specific commercial product, process, or service by trade 
name, trademark manufacturer, or otherwise, does not constitute or imply 
its endorsement, recommendation, or favouring by UNIRAS or NISCC.  The views 
and opinions of authors expressed within this notice shall not be used for 
advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors 
or omissions contained within this briefing notice. In particular, they shall 
not be liable for any loss or damage whatsoever, arising from or in connection 
with the usage of information contained within this notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams (FIRST) 
and has contacts with other international Incident Response Teams (IRTs) in 
order to foster cooperation and coordination in incident prevention, to prompt 
rapid reaction to incidents, and to promote information sharing amongst its 
members and the community at large. 
- ----------------------------------------------------------------------------------
<End of UNIRAS Briefing>

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQCVAwUBQXkNi4pao72zK539AQHRswQAnB5sBwKjEjxepTIfCi4rylKsCu6ezzdj
gr6al6xW3PiRS8gO46aJ+G4gBu8ASwjFyUxaL8VG2D8kOthQzITGSd5xIIU+C5y8
1oTrkIZFP0OPW7sDjEFxvNN+K6B7eEHQ7UGHwlqHIjf/ph1aoA7Vtup8y8h7ipFq
euJHZOrqva8=
=sCND
-----END PGP SIGNATURE-----