Recent vulnerabilities

Vulnerabilities are sorted by update time (recent to old).
ID	Description	Publish Date	Update Date
ghsa-wh9p-qc46-94pw (github)	Delta Electronics ISPSoft version 3.20 is vulnerable to a Stack-Based buffer overflow vulnerabili...	2025-04-30T09:30:25Z	2025-04-30T09:30:25Z
ghsa-cjv5-cj2c-3fgv (github)	Delta Electronics ISPSoft version 3.20 is vulnerable to an Out-Of-Bounds Write vulnerability that...	2025-04-30T09:30:25Z	2025-04-30T09:30:25Z
ghsa-cf97-57jv-c39w (github)	The tagDiv Opt-In Builder plugin for WordPress is vulnerable to time-based SQL Injection via the ...	2025-04-30T09:30:25Z	2025-04-30T09:30:25Z
ghsa-6jjf-6382-x2fp (github)	Delta Electronics ISPSoft version 3.20 is vulnerable to an Out-Of-Bounds Write vulnerability that...	2025-04-30T09:30:25Z	2025-04-30T09:30:25Z
ghsa-h6hq-c28c-48r4 (github)	Delta Electronics ISPSoft version 3.20 is vulnerable to an Out-Of-Bounds Write vulnerability that...	2025-04-30T09:30:24Z	2025-04-30T09:30:24Z
ghsa-gjrg-9xwg-gxw7 (github)	Delta Electronics ISPSoft version 3.20 is vulnerable to a Stack-Based buffer overflow vulnerabili...	2025-04-30T09:30:24Z	2025-04-30T09:30:24Z
ghsa-4xpw-6594-8f5m (github)	When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate...	2025-01-22T15:32:34Z	2025-04-30T06:30:22Z
ghsa-9xpp-wh6r-3gmg (github)	The WP Statistics – The Most Popular Privacy-Friendly Analytics Plugin plugin for WordPress is vu...	2025-04-30T06:30:21Z	2025-04-30T06:30:21Z
ghsa-f636-fg7w-pc6g (github)	Rejected reason: Not used	2025-04-30T03:30:31Z	2025-04-30T03:30:31Z
ghsa-7f65-gf7m-344g (github)	Rejected reason: Not used	2025-04-30T03:30:31Z	2025-04-30T03:30:31Z
ghsa-425j-ff8c-j42j (github)	Rejected reason: Not used	2025-04-30T03:30:31Z	2025-04-30T03:30:31Z
ghsa-3hp3-228q-23gq (github)	Rejected reason: Not used	2025-04-30T03:30:31Z	2025-04-30T03:30:31Z
ghsa-2jpm-8cqp-7q87 (github)	Rejected reason: Not used	2025-04-30T03:30:31Z	2025-04-30T03:30:31Z
ghsa-2935-2wfm-hhpv (github)	Keycloak Denial of Service (DoS) Vulnerability via JWT Token Cache	2025-03-25T09:32:07Z	2025-04-30T03:30:31Z
ghsa-xjh3-mp8f-qvj4 (github)	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	2025-04-30T00:32:27Z	2025-04-30T00:32:27Z
ghsa-f554-8623-c3v2 (github)	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	2025-04-30T00:32:27Z	2025-04-30T00:32:27Z
ghsa-qffm-wchf-95hp (github)	A vulnerability has been found in PHPGurukul Online Nurse Hiring System 1.0 and classified as cri...	2025-04-29T21:31:56Z	2025-04-29T21:31:56Z
ghsa-p8jc-2h55-7w89 (github)	A vulnerability, which was classified as problematic, has been found in Wangshen SecGate 3600 240...	2025-04-29T21:31:55Z	2025-04-29T21:31:55Z
ghsa-9xq3-wmwq-jv6r (github)	A vulnerability, which was classified as critical, was found in PCMan FTP Server up to 2.0.7. Aff...	2025-04-29T21:31:54Z	2025-04-29T21:31:54Z
ghsa-73hp-3m9v-h54h (github)	Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user wi...	2025-04-24T03:31:32Z	2025-04-29T21:31:52Z
ghsa-5974-c6r6-2pv9 (github)	In the Linux kernel, the following vulnerability has been resolved: can: dev: can_get_echo_skb()...	2025-04-17T18:31:22Z	2025-04-29T21:31:50Z
ghsa-r764-27jf-q424 (github)	In the Linux kernel, the following vulnerability has been resolved: netlabel: Fix NULL pointer e...	2025-04-16T15:34:41Z	2025-04-29T21:31:48Z
ghsa-gxg5-6xg7-gc7q (github)	In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Don't take regi...	2025-04-16T15:34:46Z	2025-04-29T21:31:48Z
ghsa-843p-6jf4-c3r6 (github)	In the Linux kernel, the following vulnerability has been resolved: cpufreq/amd-pstate: Add miss...	2025-04-16T15:34:46Z	2025-04-29T21:31:48Z
ghsa-7mx5-64fm-676w (github)	In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_tunnel: fix g...	2025-04-16T15:34:41Z	2025-04-29T21:31:48Z
ghsa-5659-626r-mfvx (github)	In the Linux kernel, the following vulnerability has been resolved: thermal: int340x: Add NULL c...	2025-04-16T15:34:46Z	2025-04-29T21:31:48Z
ghsa-gvg4-xh6r-ggrp (github)	In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dere...	2025-04-16T15:34:40Z	2025-04-29T21:31:47Z
ghsa-gjvw-2pj9-fgr6 (github)	In the Linux kernel, the following vulnerability has been resolved: staging: gpib: Fix Oops afte...	2025-04-16T15:34:40Z	2025-04-29T21:31:47Z
ghsa-c8pq-47pf-5pgc (github)	In the Linux kernel, the following vulnerability has been resolved: staging: gpib: Fix Oops afte...	2025-04-16T15:34:40Z	2025-04-29T21:31:47Z
ghsa-8xw7-j864-h87q (github)	In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate zero num_sub...	2025-04-16T15:34:40Z	2025-04-29T21:31:47Z

Vulnerabilities are sorted by update time (recent to old).
ID	CVSS Base Score	Description	Vendor	Product	Publish Date	Update Date
cve-2021-25917 (NVD)	N/A	In OpenEMR, versions 5.0.2 to 6.0.0 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly and rendered in the U2F USB Device authentication method page. A highly privileged attacker could inject arbitrary code into input fields when creating a new user.	n/a	openemr	2021-03-22T19:36:10.000Z	2025-04-30T17:34:51.053Z
cve-2021-25926 (NVD)	N/A	In SiCKRAGE, versions 9.3.54.dev1 to 10.0.11.dev1 are vulnerable to Reflected Cross-Site-Scripting (XSS) due to user input not being validated properly in the `quicksearch` feature. Therefore, an attacker can steal a user's sessionID to masquerade as a victim user, to carry out any actions in the context of the user.	n/a	sickrage	2021-04-12T13:45:57.000Z	2025-04-30T17:34:46.041Z
cve-2021-25925 (NVD)	N/A	in SiCKRAGE, versions 4.2.0 to 10.0.11.dev1 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly when processed by the server. Therefore, an attacker can inject arbitrary JavaScript code inside the application, and possibly steal a user’s sensitive information.	n/a	sickrage	2021-04-12T13:48:51.000Z	2025-04-30T17:34:39.989Z
cve-2025-29906 (NVD)		Finit bundled getty can bypass /bin/login	troglobit	finit	2025-04-29T22:17:47.228Z	2025-04-30T17:33:20.258Z
cve-2025-44194 (NVD)	N/A	SourceCodester Simple Barangay Management System v1.0 has a SQL injection vulnerability in /barangay_management/admin/?page=view_household.	n/a	n/a	2025-04-30T00:00:00.000Z	2025-04-30T17:31:23.115Z
cve-2025-3471 (NVD)	N/A	SureForms < 1.4.4 - Contributor+ Settings Update	Unknown	SureForms	2025-04-30T06:00:04.092Z	2025-04-30T17:28:20.699Z
cve-2025-3599 (NVD)	CVSS-v3.1: 6.5	Symantec Endpoint Protection Elevation of Privilege	Symantec	Symantec Endpoint Protection	2025-04-30T16:49:18.064Z	2025-04-30T17:27:30.872Z
cve-2025-30391 (NVD)	CVSS-v3.1: 8.1	Microsoft Dynamics Information Disclosure Vulnerability	Microsoft	Dynamics 365 Customer Service	2025-04-30T17:14:49.584Z	2025-04-30T17:26:41.908Z
cve-2025-30389 (NVD)	CVSS-v3.1: 8.7	Azure Bot Framework SDK Elevation of Privilege Vulnerability	Microsoft	Azure AI Bot Service	2025-04-30T17:14:50.414Z	2025-04-30T17:26:09.927Z
cve-2025-33074 (NVD)	CVSS-v3.1: 7.5	Azure Functions Remote Code Execution Vulnerability	Microsoft	Azure Functions	2025-04-30T17:14:51.166Z	2025-04-30T17:25:41.856Z
cve-2025-30390 (NVD)	CVSS-v3.1: 9.9	Azure ML Compute Elevation of Privilege Vulnerability	Microsoft	Azure Machine Learning	2025-04-30T17:14:51.736Z	2025-04-30T17:25:06.912Z
cve-2025-30392 (NVD)	CVSS-v3.1: 9.8	Azure AI bot Elevation of Privilege Vulnerability	Microsoft	Azure AI Bot Service	2025-04-30T17:14:52.419Z	2025-04-30T17:24:21.804Z
cve-2025-21416 (NVD)	CVSS-v3.1: 8.5	Azure Virtual Desktop Elevation of Privilege Vulnerability	Microsoft	Azure Virtual Desktop	2025-04-30T17:14:53.010Z	2025-04-30T17:23:43.492Z
cve-2025-44193 (NVD)	N/A	SourceCodester Simple Barangay Management System v1.0 has a SQL injection vulnerability in /barangay_management/admin/?page=view_complaint.	n/a	n/a	2025-04-30T00:00:00.000Z	2025-04-30T17:22:09.716Z
cve-2025-44192 (NVD)	N/A	SourceCodester Simple Barangay Management System v1.0 has a SQL injection vulnerability in /barangay_management/admin/?page=view_clearance.	n/a	n/a	2025-04-30T00:00:00.000Z	2025-04-30T17:20:17.520Z
cve-2022-45391 (NVD)	N/A	Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.143 and earlier globally and unconditionally disables SSL/TLS certificate and hostname validation for the entire Jenkins controller JVM.	Jenkins project	Jenkins NS-ND Integration Performance Publisher Plugin	2022-11-15T00:00:00.000Z	2025-04-30T17:16:34.395Z
cve-2025-29834 (NVD)	CVSS-v3.1: 7.5	Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability	Microsoft	Microsoft Edge (Chromium-based)	2025-04-12T01:32:47.350Z	2025-04-30T17:14:48.254Z
cve-2025-26683 (NVD)	CVSS-v3.1: 8.1	Azure Playwright Elevation of Privilege Vulnerability	Microsoft	Azure Playwright	2025-03-31T21:51:12.603Z	2025-04-30T17:14:48.876Z
cve-2025-26682 (NVD)	CVSS-v3.1: 7.5	ASP.NET Core and Visual Studio Denial of Service Vulnerability	Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft	ASP.NET Core 8.0 Microsoft Visual Studio 2022 version 17.12 Microsoft Visual Studio 2022 version 17.13 Microsoft Visual Studio 2022 version 17.8 Microsoft Visual Studio 2022 version 17.10 ASP.NET Core 9.0	2025-04-08T17:24:22.748Z	2025-04-30T17:14:47.714Z
cve-2025-24062 (NVD)	CVSS-v3.1: 7.8	Microsoft DWM Core Library Elevation of Privilege Vulnerability	Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft	Windows Server 2022 Windows 10 Version 21H2 Windows 11 version 22H2 Windows 10 Version 22H2 Windows Server 2025 (Server Core installation) Windows 11 version 22H3 Windows 11 Version 23H2 Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 24H2 Windows Server 2025	2025-04-08T17:24:22.152Z	2025-04-30T17:14:47.129Z
cve-2025-24060 (NVD)	CVSS-v3.1: 7.8	Microsoft DWM Core Library Elevation of Privilege Vulnerability	Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft	Windows 10 Version 1809 Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server 2022 Windows 10 Version 21H2 Windows 11 version 22H2 Windows 10 Version 22H2 Windows Server 2025 (Server Core installation) Windows 11 version 22H3 Windows 11 Version 23H2 Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 24H2 Windows Server 2025	2025-04-08T17:24:21.635Z	2025-04-30T17:14:46.546Z
cve-2025-32726 (NVD)	CVSS-v3.1: 6.8	Visual Studio Code Elevation of Privilege Vulnerability	Microsoft	Visual Studio Code	2025-04-12T01:32:44.970Z	2025-04-30T17:14:45.886Z
cve-2025-29811 (NVD)	CVSS-v3.1: 7.8	Windows Mobile Broadband Driver Elevation of Privilege Vulnerability	Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft	Windows 11 version 22H2 Windows Server 2025 (Server Core installation) Windows 11 version 22H3 Windows 11 Version 23H2 Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 24H2 Windows Server 2025	2025-04-08T17:24:20.557Z	2025-04-30T17:14:45.200Z
cve-2025-29819 (NVD)	CVSS-v3.1: 6.2	Windows Admin Center in Azure Portal Information Disclosure Vulnerability	Microsoft Microsoft	Windows Admin Center in Azure Portal Windows Admin Center	2025-04-08T17:24:19.909Z	2025-04-30T17:14:44.523Z
cve-2025-29816 (NVD)	CVSS-v3.1: 7.5	Microsoft Word Security Feature Bypass Vulnerability	Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft	Microsoft Office 2019 Microsoft 365 Apps for Enterprise Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC 2021 Microsoft Office LTSC 2024 Microsoft Office LTSC for Mac 2024 Microsoft Office 2016 Microsoft Word 2016	2025-04-08T17:24:18.672Z	2025-04-30T17:14:43.246Z
cve-2025-29815 (NVD)	CVSS-v3.1: 7.6	Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability	Microsoft	Microsoft Edge (Chromium-based)	2025-04-04T00:00:15.107Z	2025-04-30T17:14:43.795Z
cve-2025-29812 (NVD)	CVSS-v3.1: 7.8	DirectX Graphics Kernel Elevation of Privilege Vulnerability	Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft	Windows Server 2022 Windows 11 version 22H2 Windows Server 2025 (Server Core installation) Windows 11 version 22H3 Windows 11 Version 23H2 Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 24H2 Windows Server 2025	2025-04-08T17:24:18.102Z	2025-04-30T17:14:42.638Z
cve-2025-29810 (NVD)	CVSS-v3.1: 7.5	Active Directory Domain Services Elevation of Privilege Vulnerability	Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft	Windows 10 Version 1809 Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server 2022 Windows 10 Version 21H2 Windows 11 version 22H2 Windows 10 Version 22H2 Windows Server 2025 (Server Core installation) Windows 11 version 22H3 Windows 11 Version 23H2 Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 24H2 Windows Server 2025 Windows 10 Version 1507 Windows 10 Version 1607 Windows Server 2016 Windows Server 2016 (Server Core installation) Windows Server 2008 Service Pack 2 Windows Server 2008 Service Pack 2 (Server Core installation) Windows Server 2008 Service Pack 2 Windows Server 2008 R2 Service Pack 1 Windows Server 2008 R2 Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation)	2025-04-08T17:24:17.578Z	2025-04-30T17:14:42.045Z
cve-2025-29805 (NVD)	CVSS-v3.1: 7.5	Outlook for Android Information Disclosure Vulnerability	Microsoft	Microsoft Outlook for Android	2025-04-08T17:24:17.031Z	2025-04-30T17:14:41.382Z
cve-2025-29809 (NVD)	CVSS-v3.1: 7.1	Windows Kerberos Security Feature Bypass Vulnerability	Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft	Windows 10 Version 1809 Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server 2022 Windows 10 Version 21H2 Windows 11 version 22H2 Windows 10 Version 22H2 Windows Server 2025 (Server Core installation) Windows 11 version 22H3 Windows 11 Version 23H2 Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 24H2 Windows Server 2025 Windows 10 Version 1507 Windows 10 Version 1607 Windows Server 2016 Windows Server 2016 (Server Core installation)	2025-04-08T17:24:15.812Z	2025-04-30T17:14:40.263Z

Vulnerabilities are sorted by update time (recent to old).
ID	CVSS Base Score	Description	Vendor	Product	Publish Date	Update Date
cve-2024-25164 (NVD)	N/A	iA Path Traversal vulnerability exists in iDURAR v2.0.0, that allows unauthenticated attackers to expose sensitive files via the download functionality.	n/a	n/a	2024-03-04T00:00:00	2024-08-16T15:54:59.977Z
cve-2024-27516 (NVD)	N/A	Server-Side Template Injection (SSTI) vulnerability in livehelperchat before 4.34v, allows remote attackers to execute arbitrary code and obtain sensitive information via the search parameter in lhc_web/modules/lhfaq/faqweight.php.	n/a	n/a	2024-02-28T00:00:00	2024-08-02T00:34:52.303Z
cve-2024-26473 (NVD)	N/A	A reflected cross-site scripting (XSS) vulnerability in SocialMediaWebsite v1.0.1 allows attackers to inject malicious JavaScript into the web browser of a victim via the poll parameter in poll.php.	n/a	n/a	2024-02-27T00:00:00	2024-11-06T15:36:36.785Z
cve-2024-26472 (NVD)	N/A	KLiK SocialMediaWebsite version 1.0.1 from msaad1999 has a reflected cross-site scripting (XSS) vulnerability which may allow remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'selector' or 'validator' parameters of 'create-new-pwd.php'.	n/a	n/a	2024-02-27T00:00:00	2024-10-31T15:20:51.953Z
cve-2024-26471 (NVD)	N/A	A reflected cross-site scripting (XSS) vulnerability in zhimengzhe iBarn v1.5 allows attackers to inject malicious JavaScript into the web browser of a victim via the search parameter in offer.php.	n/a	n/a	2024-02-27T00:00:00	2024-08-27T20:03:00.338Z
cve-2024-26470 (NVD)	N/A	A host header injection vulnerability in the forgot password function of FullStackHero's WebAPI Boilerplate v1.0.0 and v1.0.1 allows attackers to leak the password reset token via a crafted request.	n/a	n/a	2024-02-27T00:00:00	2024-08-28T15:41:54.657Z
cve-2024-25846 (NVD)	N/A	In the module "Product Catalog (CSV, Excel) Import" (simpleimportproduct) <= 6.7.0 from MyPrestaModules for PrestaShop, a guest can upload files with extensions .php.	n/a	n/a	2024-02-27T00:00:00	2024-08-08T20:10:19.815Z
cve-2024-42768 (NVD)	N/A	A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Hotel Management System v1.0 via /admin/delete_room.php.	n/a	n/a	2024-08-22T00:00:00	2024-08-22T18:11:08.849Z
cve-2024-42769 (NVD)	N/A	A Reflected Cross Site Scripting (XSS) vulnerability was found in "/core/signup_user.php " of Kashipara Hotel Management System v1.0, which allows remote attackers to execute arbitrary code via "user_fname" and "user_lname" parameters.	n/a	n/a	2024-08-22T00:00:00	2024-08-22T18:32:58.668Z
cve-2024-42770 (NVD)	N/A	A Stored Cross Site Scripting (XSS) vulnerability was found in "/core/signup_user.php" of Kashipara Hotel Management System v1.0, which allows remote attackers to execute arbitrary code via the "user_email" parameter.	n/a	n/a	2024-08-22T00:00:00	2024-08-22T15:58:44.840Z
cve-2024-42771 (NVD)	N/A	A Stored Cross Site Scripting (XSS) vulnerability was found in " /admin/edit_room_controller.php" of the Kashipara Hotel Management System v1.0, which allows remote attackers to execute arbitrary code via "room_name" parameter.	n/a	n/a	2024-08-22T00:00:00	2024-08-22T19:43:17.562Z
cve-2024-42772 (NVD)	N/A	An Incorrect Access Control vulnerability was found in /admin/rooms.php in Kashipara Hotel Management System v1.0, which allows an unauthenticated attacker to view valid hotel room entries in administrator section.	n/a	n/a	2024-08-22T00:00:00	2024-08-22T18:36:27.910Z
cve-2024-42773 (NVD)	N/A	An Incorrect Access Control vulnerability was found in /admin/edit_room_controller.php in Kashipara Hotel Management System v1.0, which allows an unauthenticated attacker to edit the valid hotel room entries in the administrator section.	n/a	n/a	2024-08-22T00:00:00	2024-11-06T14:34:37.039Z
cve-2024-42774 (NVD)	N/A	An Incorrect Access Control vulnerability was found in /admin/delete_room.php in Kashipara Hotel Management System v1.0, which allows an unauthenticated attacker to delete valid hotel room entries in the administrator section.	n/a	n/a	2024-08-22T00:00:00	2024-08-22T20:00:48.473Z
cve-2024-42775 (NVD)	N/A	An Incorrect Access Control vulnerability was found in /admin/add_room_controller.php in Kashipara Hotel Management System v1.0, which allows an unauthenticated attacker to add the valid hotel room entries in the administrator section via the direct URL access.	n/a	n/a	2024-08-22T00:00:00	2024-08-22T19:49:31.835Z
cve-2024-42776 (NVD)	N/A	Kashipara Hotel Management System v1.0 is vulnerable to Incorrect Access Control via /admin/users.php.	n/a	n/a	2024-08-22T00:00:00	2024-08-22T19:31:48.598Z
cve-2024-42767 (NVD)	N/A	Kashipara Hotel Management System v1.0 is vulnerable to Unrestricted File Upload RCE via /admin/add_room_controller.php.	n/a	n/a	2024-08-22T00:00:00	2024-08-22T18:45:03.863Z
cve-2025-43954 (NVD)		QMarkdown (aka quasar-ui-qmarkdown) before 2.0.5 allows XSS via headers even when when no-html is set.	Quasar	QMarkdown	2025-04-20T00:00:00.000Z	2025-04-21T13:43:34.198Z
cve-2024-25388 (NVD)	N/A	drivers/wlan/wlan_mgmt,c in RT-Thread through 5.0.2 has an integer signedness error and resultant buffer overflow.	n/a	n/a	2024-03-27T00:00:00	2024-08-01T23:44:09.359Z
cve-2024-24335 (NVD)	N/A	A heap buffer overflow occurs in the dfs_v2 romfs filesystem RT-Thread through 5.0.2.	n/a	n/a	2024-03-27T00:00:00	2024-08-01T23:19:52.335Z
cve-2024-24334 (NVD)	N/A	A heap buffer overflow occurs in dfs_v2 dfs_file in RT-Thread through 5.0.2.	n/a	n/a	2024-03-27T00:00:00	2024-08-01T23:19:52.143Z
cve-2024-23722 (NVD)	N/A	In Fluent Bit 2.1.8 through 2.2.1, a NULL pointer dereference can be caused via an invalid HTTP payload with the content type of x-www-form-urlencoded. It crashes and does not restart. This could result in logs not being delivered properly.	n/a	n/a	2024-03-26T00:00:00	2024-08-06T13:47:16.123Z
cve-2024-29644 (NVD)	N/A	Cross Site Scripting vulnerability in dcat-admin v.2.1.3 and before allows a remote attacker to execute arbitrary code via a crafted script to the user login box.	n/a	n/a	2024-03-26T00:00:00.000Z	2025-03-24T15:50:03.694Z
cve-2024-32418 (NVD)	N/A	An issue in flusity CMS v2.33 allows a remote attacker to execute arbitrary code via the add_addon.php component.	n/a	n/a	2024-04-22T00:00:00	2024-08-02T02:06:44.205Z
cve-2024-32391 (NVD)	N/A	Cross Site Scripting vulnerability in MacCMS v.10 v.2024.1000.3000 allows a remote attacker to execute arbitrary code via a crafted payload.	n/a	n/a	2024-04-19T00:00:00	2024-08-02T02:06:44.076Z
cve-2024-29434 (NVD)	N/A	An issue in the system image upload interface of Alldata v0.4.6 allows attackers to execute a directory traversal when uploading a file.	n/a	n/a	2024-04-02T00:00:00.000Z	2025-03-28T23:38:55.948Z
cve-2024-29432 (NVD)	N/A	Alldata v0.4.6 was discovered to contain a SQL injection vulnerability via the tablename parameter at /data/masterdata/datas.	n/a	n/a	2024-04-02T00:00:00	2024-09-04T16:04:34.416Z
cve-2024-27602 (NVD)	N/A	Alldata V0.4.6 is vulnerable to Incorrect Access Control. A total of many modules interface documents have been leaked.For example, the /api/system/v2/api-docs module.	n/a	n/a	2024-04-02T00:00:00	2024-09-04T16:03:38.277Z
cve-2024-29368 (NVD)	N/A	An arbitrary file upload vulnerability in the file handling module of moziloCMS v2.0 allows attackers to bypass extension restrictions via file renaming, potentially leading to unauthorized file execution or storage of malicious content.	n/a	n/a	2024-04-22T00:00:00	2024-11-05T17:07:48.608Z
cve-2024-30890 (NVD)	N/A	Cross Site Scripting vulnerability in ED01-CMS v.1.0 allows an attacker to obtain sensitive information via the categories.php component.	n/a	n/a	2024-04-25T00:00:00	2024-11-04T14:47:50.710Z

Vulnerabilities are sorted by update time (recent to old).
ID	Description	Publish Date	Update Date
pysec-2010-32	ZServer in Zope 2.10.x before 2.10.12 and 2.11.x before 2.11.7 allows remote attackers to cause a...	2010-09-08T20:00:00Z	2024-11-25T18:35:18.357593Z
pysec-2009-13	MoinMoin 1.6.2 and 1.7 does not properly enforce ACL checks when acl_hierarchic is set to True, w...	2009-04-03T18:30:00Z	2024-11-25T18:35:18.357593Z
pysec-2009-12	The password_checker function in config/multiconfig.py in MoinMoin 1.6.1 uses the cracklib and py...	2009-03-30T01:30:00Z	2024-11-25T18:35:18.357593Z
pysec-2008-14	Multiple cross-site request forgery (CSRF) vulnerabilities in Plone CMS 3.0.5 and 3.0.6 allow rem...	2008-03-20T00:44:00Z	2024-11-25T18:35:18.357593Z
pysec-2008-13	Multiple cross-site scripting (XSS) vulnerabilities in macro/AdvancedSearch.py in moin (and MoinM...	2008-07-30T18:41:00Z	2024-11-25T18:35:18.357593Z
pysec-2008-12	The user form processing (userform.py) in MoinMoin before 1.6.3, when using ACLs or a non-empty s...	2008-04-25T06:05:00Z	2024-11-25T18:35:18.357593Z
pysec-2007-4	Plone 2.5 through 2.5.4 and 3.0 through 3.0.2 allows remote attackers to execute arbitrary Python...	2007-11-07T21:46:00Z	2024-11-25T18:35:18.357593Z
pysec-2006-6	Unspecified vulnerability in PlonePAS in Plone 2.5 and 2.5.1, when anonymous member registration ...	2006-12-07T23:28:00Z	2024-11-25T18:35:18.357593Z
pysec-2006-5	Unspecified vulnerability in the Password Reset Tool before 0.4.1 on Plone 2.5 and 2.5.1 Release ...	2006-09-29T19:07:00Z	2024-11-25T18:35:18.357593Z
pysec-2022-43072	An inflation issue was discovered in Chia Network CAT1 Standard 1.0.0. Previously minted tokens m...	2022-07-29T21:15:00Z	2024-11-25T18:33:04.123836Z
pysec-2022-43068	A race condition flaw was found in ansible-runner, where an attacker could watch for rapid creati...	2022-08-23T16:15:00Z	2024-11-25T18:33:04.123836Z
pysec-2022-43067	A flaw was found in ansible-runner where the default temporary files configuration in ansible-2.0...	2022-08-23T16:15:00Z	2024-11-25T18:33:04.123836Z
pysec-2013-35	The clear_volume function in LVMVolumeDriver driver in OpenStack Cinder 2013.1.1 through 2013.1.2...	2013-09-16T19:14:00Z	2024-11-25T18:33:04.123836Z
pysec-2022-43063	Code injection in paddle.audio.functional.get_window in PaddlePaddle 2.4.0-rc0 allows arbitrary c...	2022-12-07T09:15:00+00:00	2024-11-22T12:27:25.862098+00:00
pysec-2022-43175	Drag and Drop XBlock v2 implements a drag-and-drop style problem, where a learner has to drag ite...	2022-11-28T21:15:00+00:00	2024-11-21T14:23:03.352390+00:00
pysec-2024-151	Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. Vyper compiler allo...	2024-01-30T21:15:00+00:00	2024-11-21T14:23:03.091183+00:00
pysec-2024-150	Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. Arrays can be keyed...	2024-02-07T17:15:00+00:00	2024-11-21T14:23:03.024978+00:00
pysec-2022-43176	The Zibal package in PyPI v1.0.0 was discovered to contain a code execution backdoor. This vulner...	2022-06-24T21:15:00Z	2024-11-21T14:23:03.404044Z
pysec-2022-43173	The wikifaces package in PyPI v1.0 included a code execution backdoor inserted by a third party.	2022-07-22T15:15:00Z	2024-11-21T14:23:03.244154Z
pysec-2022-43172	The Watertools package in PyPI v0.0.0 was discovered to contain a code execution backdoor via the...	2022-06-24T21:15:00Z	2024-11-21T14:23:03.143453Z
pysec-2019-256	In libwebp 0.5.1, there is a double free bug in libwebpmux.	2019-05-23T18:29:00Z	2024-11-21T14:23:03.194401Z
pysec-2017-148	Cross-site scripting (XSS) vulnerability in ZMI pages that use the manage_tabs_message in Zope 2....	2017-08-07T17:29:00Z	2024-11-21T14:23:03.459792Z
pysec-2006-8	The docutils module in Zope (Zope2) 2.7.0 through 2.7.9 and 2.8.0 through 2.8.8 does not properly...	2006-09-19T18:07:00Z	2024-11-21T14:23:03.63347Z
pysec-2006-7	Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does not disable the "raw" comman...	2006-07-07T23:05:00Z	2024-11-21T14:23:03.576588Z
pysec-2024-149	Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. In versions 0.3.10 ...	2024-02-01T17:15:00+00:00	2024-11-21T14:23:02.970591+00:00
pysec-2024-148	Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. When calls to exter...	2024-02-02T17:15:00+00:00	2024-11-21T14:23:02.917464+00:00
pysec-2024-147	Vyper is a Pythonic Smart Contract Language for the EVM. There is an error in the stack managemen...	2024-02-05T21:15:00+00:00	2024-11-21T14:23:02.864019+00:00
pysec-2023-307	Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine (EVM). Contracts con...	2023-12-13T20:15:00+00:00	2024-11-21T14:23:02.808922+00:00
pysec-2023-306	Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine (EVM). In version 0....	2023-09-18T21:16:00+00:00	2024-11-21T14:23:02.752932+00:00
pysec-2023-305	Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine (EVM). Starting in v...	2023-09-18T21:16:00+00:00	2024-11-21T14:23:02.698147+00:00

Vulnerabilities are sorted by update time (recent to old).
ID	Description
gsd-2024-33709	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33708	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33707	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33706	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33705	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33704	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33703	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33702	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33701	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33698	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33697	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33696	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33695	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33694	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33693	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33692	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33691	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33690	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33689	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33688	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33687	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33686	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33685	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33684	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33683	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33682	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33681	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33680	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33679	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33678	The format of the source doesn't require a description, click on the link for more details

Vulnerabilities are sorted by update time (recent to old).
ID	Description	Publish Date	Update Date
mal-2024-8713	Malicious code in dowload_ebok_il_codice_wildix_la_vera_storia_del_centralino_b_by_emiliano_tomasoni_laura_piaz_p70e8 (npm)	2024-09-03T08:25:32Z	2024-09-03T08:25:32Z
mal-2024-8711	Malicious code in dowload_ebok_everything_in_between_a_rocker_romance_by_melissa_toppen_fp7ge (npm)	2024-09-03T08:25:32Z	2024-09-03T08:25:32Z
mal-2024-8710	Malicious code in assistance-finder-ui (npm)	2024-09-03T08:11:50Z	2024-09-03T08:11:50Z
mal-2024-8723	Malicious code in wekan (npm)	2024-09-03T06:46:48Z	2024-09-03T06:46:48Z
mal-2024-8722	Malicious code in muthuthehacker (npm)	2024-09-03T06:46:48Z	2024-09-03T06:46:48Z
mal-2024-8721	Malicious code in muthuhackermc (npm)	2024-09-03T06:46:48Z	2024-09-03T06:46:48Z
mal-2024-8720	Malicious code in muthuhacker (npm)	2024-09-03T06:46:48Z	2024-09-03T06:46:48Z
mal-2024-8719	Malicious code in muthu (npm)	2024-09-03T06:46:48Z	2024-09-03T06:46:48Z
mal-2024-8690	Malicious code in @diotoborg/voluptas-nulla (npm)	2024-09-02T01:42:15Z	2024-09-02T01:42:24Z
mal-2024-8657	Malicious code in @diotoborg/temporibus-neque-quasi (npm)	2024-09-02T01:42:14Z	2024-09-02T01:42:24Z
mal-2024-8631	Malicious code in @diotoborg/similique-fugit (npm)	2024-09-02T01:42:15Z	2024-09-02T01:42:24Z
mal-2024-8610	Malicious code in @diotoborg/repellendus-autem-itaque (npm)	2024-09-02T01:42:15Z	2024-09-02T01:42:24Z
mal-2024-8533	Malicious code in @diotoborg/provident-tempore-nostrum (npm)	2024-09-02T01:42:15Z	2024-09-02T01:42:24Z
mal-2024-8334	Malicious code in @diotoborg/facere-nihil (npm)	2024-09-02T01:42:14Z	2024-09-02T01:42:24Z
mal-2024-8167	Malicious code in @diotoborg/autem-vero (npm)	2024-09-02T01:42:15Z	2024-09-02T01:42:24Z
mal-2024-8149	Malicious code in @diotoborg/assumenda-praesentium (npm)	2024-09-02T01:42:15Z	2024-09-02T01:42:24Z
mal-2024-8136	Malicious code in @diotoborg/aperiam-voluptatibus (npm)	2024-09-02T01:42:14Z	2024-09-02T01:42:24Z
mal-2024-8588	Malicious code in @diotoborg/ratione-ducimus-porro (npm)	2024-09-02T01:42:13Z	2024-09-02T01:42:23Z
mal-2024-8581	Malicious code in @diotoborg/quod-similique-iusto (npm)	2024-09-02T01:42:14Z	2024-09-02T01:42:23Z
mal-2024-8563	Malicious code in @diotoborg/quidem-commodi (npm)	2024-09-02T01:42:14Z	2024-09-02T01:42:23Z
mal-2024-8556	Malicious code in @diotoborg/quia-ad-a (npm)	2024-09-02T01:42:13Z	2024-09-02T01:42:23Z
mal-2024-8352	Malicious code in @diotoborg/hic-repellat (npm)	2024-09-02T01:42:13Z	2024-09-02T01:42:23Z
mal-2024-8195	Malicious code in @diotoborg/corrupti-beatae (npm)	2024-09-02T01:42:13Z	2024-09-02T01:42:23Z
mal-2024-8177	Malicious code in @diotoborg/consectetur-consequuntur (npm)	2024-09-02T01:42:13Z	2024-09-02T01:42:23Z
mal-2024-8142	Malicious code in @diotoborg/asperiores-placeat-officia (npm)	2024-09-02T01:42:13Z	2024-09-02T01:42:23Z
mal-2024-8121	Malicious code in @diotoborg/aliquam-dolorum-ipsa (npm)	2024-09-02T01:42:14Z	2024-09-02T01:42:23Z
mal-2024-8704	Malicious code in @diotoborg/voluptatum-repellendus-architecto (npm)	2024-09-02T01:42:15Z	2024-09-02T01:42:22Z
mal-2024-8689	Malicious code in @diotoborg/vitae-quo (npm)	2024-09-02T01:42:14Z	2024-09-02T01:42:22Z
mal-2024-8653	Malicious code in @diotoborg/temporibus-ea (npm)	2024-09-02T01:42:13Z	2024-09-02T01:42:22Z
mal-2024-8652	Malicious code in @diotoborg/temporibus-dicta (npm)	2024-09-02T01:42:14Z	2024-09-02T01:42:22Z

Vulnerabilities are sorted by update time (recent to old).
ID	Description	Publish Date	Update Date
wid-sec-w-2022-1846	Apple macOS: Mehrere Schwachstellen	2022-10-24T22:00:00.000+00:00	2024-09-16T22:00:00.000+00:00
wid-sec-w-2022-1374	Linux Kernel: Mehrere Schwachstellen	2022-09-11T22:00:00.000+00:00	2024-09-16T22:00:00.000+00:00
wid-sec-w-2022-0158	Linux Kernel: Schwachstelle ermöglicht Offenlegung von Informationen	2022-03-23T23:00:00.000+00:00	2024-09-16T22:00:00.000+00:00
wid-sec-w-2024-2149	Checkmk: Schwachstelle ermöglicht Cross-Site Scripting	2024-09-15T22:00:00.000+00:00	2024-09-15T22:00:00.000+00:00
wid-sec-w-2024-2148	Linux Kernel: Schwachstelle ermöglicht Denial of Service	2024-09-15T22:00:00.000+00:00	2024-09-15T22:00:00.000+00:00
wid-sec-w-2024-2147	Vaultwarden: Mehrere Schwachstellen ermöglichen	2024-09-15T22:00:00.000+00:00	2024-09-15T22:00:00.000+00:00
wid-sec-w-2024-2146	D-LINK Router: Mehrere Schwachstellen ermöglichen Codeausführung	2024-09-15T22:00:00.000+00:00	2024-09-15T22:00:00.000+00:00
wid-sec-w-2024-2145	Mattermost Mobile Apps: Schwachstelle ermöglicht Offenlegung von Informationen	2024-09-15T22:00:00.000+00:00	2024-09-15T22:00:00.000+00:00
wid-sec-w-2024-2143	MISP: Schwachstelle ermöglicht Offenlegung von Informationen	2024-09-15T22:00:00.000+00:00	2024-09-15T22:00:00.000+00:00
wid-sec-w-2024-2142	Mattermost Desktop App: Schwachstelle ermöglicht Codeausführung	2024-09-15T22:00:00.000+00:00	2024-09-15T22:00:00.000+00:00
wid-sec-w-2024-2141	AVG Anti-Virus: Schwachstelle ermöglicht Privilegieneskalation	2024-09-15T22:00:00.000+00:00	2024-09-15T22:00:00.000+00:00
wid-sec-w-2024-2140	Trend Micro Deep Discovery Email Inspector: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen	2024-09-15T22:00:00.000+00:00	2024-09-15T22:00:00.000+00:00
wid-sec-w-2024-2139	HP Samsung Universal Print Driver: Schwachstelle ermöglicht Privilegieneskalation	2024-09-15T22:00:00.000+00:00	2024-09-15T22:00:00.000+00:00
wid-sec-w-2024-2130	GitLab CE/EE: Mehrere Schwachstellen	2024-09-11T22:00:00.000+00:00	2024-09-15T22:00:00.000+00:00
wid-sec-w-2024-2123	Microsoft Windows: Mehrere Schwachstellen	2024-09-10T22:00:00.000+00:00	2024-09-15T22:00:00.000+00:00
wid-sec-w-2024-1736	cURL und libcurl: Schwachstelle ermöglicht Denial of Service	2024-07-30T22:00:00.000+00:00	2024-09-15T22:00:00.000+00:00
wid-sec-w-2024-1552	Linux Kernel: Schwachstelle ermöglicht nicht spezifizierten Angriff	2024-07-08T22:00:00.000+00:00	2024-09-15T22:00:00.000+00:00
wid-sec-w-2024-1528	Linux Kernel: Mehrere Schwachstellen	2024-07-04T22:00:00.000+00:00	2024-09-15T22:00:00.000+00:00
wid-sec-w-2024-1443	Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff	2024-06-24T22:00:00.000+00:00	2024-09-15T22:00:00.000+00:00
wid-sec-w-2024-1431	Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service	2024-06-23T22:00:00.000+00:00	2024-09-15T22:00:00.000+00:00
wid-sec-w-2024-1402	Linux Kernel: Mehrere Schwachstellen	2024-06-18T22:00:00.000+00:00	2024-09-15T22:00:00.000+00:00
wid-sec-w-2024-1394	Linux Kernel: Schwachstelle ermöglicht nicht spezifizierten Angriff	2024-06-17T22:00:00.000+00:00	2024-09-15T22:00:00.000+00:00
wid-sec-w-2024-1249	Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service und unspezifische Angriffe	2024-05-28T22:00:00.000+00:00	2024-09-15T22:00:00.000+00:00
wid-sec-w-2024-0776	Node.js: Mehrere Schwachstellen	2024-04-03T22:00:00.000+00:00	2024-09-15T22:00:00.000+00:00
wid-sec-w-2024-0598	Adobe ColdFusion: Mehrere Schwachstellen	2024-03-12T23:00:00.000+00:00	2024-09-15T22:00:00.000+00:00
wid-sec-w-2024-0393	Node.js: Mehrere Schwachstellen	2024-02-14T23:00:00.000+00:00	2024-09-15T22:00:00.000+00:00
wid-sec-w-2023-3182	OpenSSH: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen	2023-12-19T23:00:00.000+00:00	2024-09-15T22:00:00.000+00:00
wid-sec-w-2023-2828	Linux Kernel: Schwachstelle ermöglicht Denial of Service	2023-11-05T23:00:00.000+00:00	2024-09-15T22:00:00.000+00:00
wid-sec-w-2023-2024	Node.js: Mehrere Schwachstellen ermöglichen Umgehen von Sicherheitsvorkehrungen	2023-08-09T22:00:00.000+00:00	2024-09-15T22:00:00.000+00:00
wid-sec-w-2023-1523	Node.js: Mehrere Schwachstellen	2023-06-20T22:00:00.000+00:00	2024-09-15T22:00:00.000+00:00

Vulnerabilities are sorted by update time (recent to old).
ID	Description	Publish Date	Update Date
ssa-250085	SSA-250085: Multiple Vulnerabilities in SINEC NMS and SINEMA Server	2022-03-08T00:00:00Z	2023-10-10T00:00:00Z
ssa-134651	SSA-134651: Hard Coded SSH ID in CPCI85 Firmware of SICAM A8000 Devices	2023-10-10T00:00:00Z	2023-10-10T00:00:00Z
ssa-932528	SSA-932528: Multiple File Parsing Vulnerabilities in Solid Edge	2023-05-09T00:00:00Z	2023-08-08T00:00:00Z
ssa-988345	SSA-988345: Local Privilege Escalation Vulnerability in Xpedition Designer	2022-06-14T00:00:00Z	2023-06-13T00:00:00Z
ssa-538795	SSA-538795: Multiple File Parsing Vulnerabilities in Teamcenter Visualization and JT2Go	2023-06-13T00:00:00Z	2023-06-13T00:00:00Z
ssa-840188	SSA-840188: Multiple Vulnerabilities in SIMATIC WinCC Affecting Other SIMATIC Software Products	2021-11-09T00:00:00Z	2023-04-11T00:00:00Z
ssa-697140	SSA-697140: Denial of Service Vulnerability in the TCP Event Service of SCALANCE and RUGGEDCOM Products	2022-10-11T00:00:00Z	2023-03-14T00:00:00Z
ssa-274282	SSA-274282: Cross Site Scripting Vulnerability in PLM Help Server V4.2	2022-12-13T00:00:00Z	2022-12-13T00:00:00Z
ssa-400332	SSA-400332: Insufficient Design IP Protection in IEEE 1735 Recommended Practice - Impact to Questa and ModelSim	2021-12-14T00:00:00Z	2022-11-08T00:00:00Z
ssa-362164	SSA-362164: Predictable Initial Sequence Numbers in the TCP/IP Stack of Nucleus RTOS	2021-02-09T00:00:00Z	2022-11-08T00:00:00Z
ssa-178380	SSA-178380: Denial-of-Service Vulnerability in SINUMERIK Controllers	2021-10-12T00:00:00Z	2021-10-12T00:00:00Z
ssa-158827	SSA-158827: Denial-of-Service Vulnerability in Automation License Manager	2021-08-10T00:00:00Z	2021-08-10T00:00:00Z
ssa-448291	SSA-448291: Denial-of-Service Vulnerability in ARP Protocol of RWG Universal Controllers	2021-07-13T00:00:00Z	2021-07-13T00:00:00Z
ssa-292794	SSA-292794: Multiple Denial-of-Service Vulnerabilities in SINEMA Remote Connect Server	2021-04-13T00:00:00Z	2021-04-13T00:00:00Z

Vulnerabilities are sorted by update time (recent to old).
ID	Description	Publish Date	Update Date
rhsa-2024_7205	Red Hat Security Advisory: osbuild-composer security update	2024-09-26T12:17:55+00:00	2025-03-28T11:04:07+00:00
rhsa-2024_7791	Red Hat Security Advisory: podman security update	2024-10-08T11:16:06+00:00	2025-03-28T11:04:05+00:00
rhsa-2024_7351	Red Hat Security Advisory: git-lfs security update	2024-09-30T01:21:36+00:00	2025-03-28T11:04:04+00:00
rhsa-2024_7822	Red Hat Security Advisory: container-tools:rhel8 security update	2024-10-08T18:27:37+00:00	2025-03-28T11:04:02+00:00
rhsa-2024_11217	Red Hat Security Advisory: skopeo security update	2024-12-17T20:00:16+00:00	2025-03-28T11:03:59+00:00
rhsa-2024_7203	Red Hat Security Advisory: git-lfs security update	2024-09-26T12:31:00+00:00	2025-03-28T11:03:55+00:00
rhsa-2024_7793	Red Hat Security Advisory: buildah security update	2024-10-08T11:21:36+00:00	2025-03-28T11:03:54+00:00
rhsa-2024_7262	Red Hat Security Advisory: osbuild-composer security update	2024-09-26T18:39:11+00:00	2025-03-28T11:03:52+00:00
rhsa-2024_7821	Red Hat Security Advisory: skopeo security update	2024-10-08T18:36:02+00:00	2025-03-28T11:03:50+00:00
rhsa-2024_11216	Red Hat Security Advisory: containernetworking-plugins security update	2024-12-17T20:00:16+00:00	2025-03-28T11:03:48+00:00
rhsa-2024_7135	Red Hat Security Advisory: git-lfs security update	2024-09-25T18:34:23+00:00	2025-03-28T11:03:44+00:00
rhsa-2024_7769	Red Hat Security Advisory: container-tools:rhel8 security update	2024-10-07T18:21:24+00:00	2025-03-28T11:03:42+00:00
rhsa-2024_7261	Red Hat Security Advisory: osbuild-composer security update	2024-09-26T18:32:36+00:00	2025-03-28T11:03:41+00:00
rhsa-2024_7820	Red Hat Security Advisory: podman security update	2024-10-08T18:39:12+00:00	2025-03-28T11:03:37+00:00
rhsa-2024_10906	Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.8.5 security and bug fix update	2024-12-10T01:37:19+00:00	2025-03-28T11:03:36+00:00
rhsa-2024_7136	Red Hat Security Advisory: git-lfs security update	2024-09-25T18:42:03+00:00	2025-03-28T11:03:32+00:00
rhsa-2024_7487	Red Hat Security Advisory: go-toolset:rhel8 security update	2024-10-02T00:37:30+00:00	2025-03-28T11:03:31+00:00
rhsa-2024_7207	Red Hat Security Advisory: osbuild-composer security update	2024-09-26T12:27:13+00:00	2025-03-28T11:03:31+00:00
rhsa-2024_10883	Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (osp-director-operator) security update	2024-12-09T12:11:16+00:00	2025-03-28T11:03:24+00:00
rhsa-2024_7488	Red Hat Security Advisory: go-toolset:rhel8 security update	2024-10-02T00:36:42+00:00	2025-03-28T11:03:20+00:00
rhsa-2024_7208	Red Hat Security Advisory: osbuild-composer security update	2024-09-26T11:43:55+00:00	2025-03-28T11:03:20+00:00
rhsa-2024_7102	Red Hat Security Advisory: grafana security update	2024-09-25T11:30:13+00:00	2025-03-28T11:03:20+00:00
rhsa-2024_10186	Red Hat Security Advisory: ACS 4.5 enhancement update	2024-11-22T01:06:56+00:00	2025-03-28T11:03:13+00:00
rhsa-2024_7103	Red Hat Security Advisory: grafana-pcp security update	2024-09-25T11:30:12+00:00	2025-03-28T11:03:10+00:00
rhsa-2024_7485	Red Hat Security Advisory: golang security update	2024-10-02T00:40:32+00:00	2025-03-28T11:03:09+00:00
rhsa-2024_7206	Red Hat Security Advisory: osbuild-composer security update	2024-09-26T12:28:01+00:00	2025-03-28T11:03:09+00:00
rhsa-2024_10236	Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.17.0 release	2024-11-25T19:44:38+00:00	2025-03-28T11:03:01+00:00
rhsa-2024_6947	Red Hat Security Advisory: grafana security update	2024-09-23T18:50:01+00:00	2025-03-28T11:02:57+00:00
rhsa-2024_6908	Red Hat Security Advisory: go-toolset:rhel8 security update	2024-09-23T01:53:18+00:00	2025-03-28T11:02:49+00:00
rhsa-2024_6946	Red Hat Security Advisory: grafana-pcp security update	2024-09-23T18:42:26+00:00	2025-03-28T11:02:45+00:00

Vulnerabilities are sorted by update time (recent to old).
ID	Description	Publish Date	Update Date
cisco-sa-te-va-priv-esc-pudgrx8e	Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation Vulnerability	2023-08-16T16:00:00+00:00	2023-08-17T22:00:29+00:00
cisco-sa-thoueye-privesc-nvhhgwb3	Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation Vulnerability	2023-08-16T16:00:00+00:00	2023-08-17T21:54:23+00:00
cisco-sa-umbrella-tunnel-gjw5thge	Cisco Umbrella Virtual Appliance Undocumented Support Tunnel Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-uccx-wcp-jjeqdt3s	Cisco Unified Contact Center Express Finesse Portal Web Cache Poisoning Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-pi-epnm-storedxss-ttjo62r	Cisco Prime Infrastructure and Evolved Programmable Network Manager Stored Cross-Site Scripting Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-pi-epnm-bfjsrjp5	Cisco Prime Infrastructure and Evolved Programmable Network Manager Cross-Site Scripting Vulnerabilities	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-ivpa-cmdinj-c5xrbboy	Cisco Intersight Private Virtual Appliance Command Injection Vulnerabilities	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-ise-credentials-tkto3h3	Cisco Identity Services Engine Device Credential Information Disclosure Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-ipphone-csrf-hocmxw2c	Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Request Forgery Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-intersight-forward-c45ncgqb	Cisco Intersight Virtual Appliance Unauthenticated Port Forwarding Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-expressway-injection-x475ebtq	Cisco Expressway Series and Cisco TelePresence Video Communication Server Command Injection Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-duo-dha-filewrite-xpmbmzak	Cisco Duo Device Health Application for Windows Arbitrary File Write Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-cucm-injection-g6mbwh2	Cisco Unified Communications Manager SQL Injection Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-cucm-imp-xss-qtt4vdsk	Cisco Unified Communications Products Cross-Site Scripting Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-clamav-dos-ftkhqmwz	ClamAV AutoIt Module Denial of Service Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-ac-leak-sew6g2kd	Bypassing Tunnels: Leaking VPN Client Traffic by Abusing Routing Tables Affecting Cisco AnyConnect Secure Mobility Client and Cisco Secure Client	2023-08-08T15:00:00+00:00	2023-08-08T15:00:00+00:00
cisco-sa-ucm-file-read-h8h4hej3	Cisco Unified Communications Products Arbitrary File Read Vulnerability	2022-04-20T16:00:00+00:00	2023-08-02T20:18:45+00:00
cisco-sa-asaftd-aclconfig-wvk52f3z	Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software ACLs Not Installed upon Reload	2023-07-27T16:00:00+00:00	2023-07-27T16:38:54+00:00
cisco-sa-bw-priv-esc-qtguzosq	Cisco BroadWorks Privilege Escalation Vulnerability	2023-07-19T16:00:00+00:00	2023-07-20T17:42:21+00:00
cisco-sa-spa-web-multi-7kvpmu2f	Cisco Small Business SPA500 Series IP Phones Web UI Vulnerabilities	2023-07-19T16:00:00+00:00	2023-07-19T16:00:00+00:00
cisco-sa-esa-sma-wsa-xss-cp9duemq	Cisco Secure Email Gateway, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance Cross-Site Scripting Vulnerabilities	2023-06-21T16:00:00+00:00	2023-07-11T16:43:10+00:00
cisco-sa-aci-cloudsec-enc-vs5wn2sx	Cisco ACI Multi-Site CloudSec Encryption Information Disclosure Vulnerability	2023-07-05T16:00:00+00:00	2023-07-08T14:43:43+00:00
cisco-sa-duo-auth-info-jgkswblz	Cisco Duo Authentication Proxy Information Disclosure Vulnerability	2023-07-05T16:00:00+00:00	2023-07-07T15:45:19+00:00
cisco-sa-ac-csc-privesc-wx4u4kw	Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows Privilege Escalation Vulnerability	2023-06-07T16:00:00+00:00	2023-07-05T16:20:46+00:00
cisco-sa-sxsscsrf-2l24bbx6	Cisco Webex Meetings Web UI Vulnerabilities	2023-07-05T16:00:00+00:00	2023-07-05T16:00:00+00:00
cisco-sa-bw-privesc-yw4ekrxw	Cisco BroadWorks Privilege Escalation Vulnerability	2023-07-05T16:00:00+00:00	2023-07-05T16:00:00+00:00
cisco-sa-duo-replay-knunkd	Cisco Duo Authentication for macOS and Duo Authentication for Windows Logon Offline Credentials Replay Vulnerability	2023-04-05T16:00:00+00:00	2023-06-23T16:48:56+00:00
cisco-sa-duo-mac-bypass-oyzpvpnx	Cisco Duo Two-Factor Authentication for macOS Authentication Bypass Vulnerability	2023-06-21T16:00:00+00:00	2023-06-21T16:00:00+00:00
cisco-sa-sd-wan-fhqh8pkx	Cisco SD-WAN Software Information Disclosure Vulnerability	2021-09-22T16:00:00+00:00	2023-06-16T19:11:51+00:00
cisco-sa-smb-sxss-opyjzume	Cisco Small Business 200, 300, and 500 Series Switches Web-Based Management Stored Cross-Site Scripting Vulnerability	2023-06-07T16:00:00+00:00	2023-06-07T16:00:00+00:00

Vulnerabilities are sorted by update time (recent to old).
ID	Description
var-201806-1482	An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafted web site that leverages a race condition. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. WebKit is one of the web browser engine components. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201808-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: WebkitGTK+: Multiple vulnerabilities Date: August 22, 2018 Bugs: #652820, #658168, #662974 ID: 201808-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in WebKitGTK+, the worst of which may lead to arbitrary code execution. Background ========== WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-libs/webkit-gtk < 2.20.4 >= 2.20.4 Description =========== Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the referenced CVE identifiers for details. Workaround ========== There is no known workaround at this time. Resolution ========== All WebkitGTK+ users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.20.4" References ========== [ 1 ] CVE-2018-11646 https://nvd.nist.gov/vuln/detail/CVE-2018-11646 [ 2 ] CVE-2018-11712 https://nvd.nist.gov/vuln/detail/CVE-2018-11712 [ 3 ] CVE-2018-11713 https://nvd.nist.gov/vuln/detail/CVE-2018-11713 [ 4 ] CVE-2018-12293 https://nvd.nist.gov/vuln/detail/CVE-2018-12293 [ 5 ] CVE-2018-12294 https://nvd.nist.gov/vuln/detail/CVE-2018-12294 [ 6 ] CVE-2018-4101 https://nvd.nist.gov/vuln/detail/CVE-2018-4101 [ 7 ] CVE-2018-4113 https://nvd.nist.gov/vuln/detail/CVE-2018-4113 [ 8 ] CVE-2018-4114 https://nvd.nist.gov/vuln/detail/CVE-2018-4114 [ 9 ] CVE-2018-4117 https://nvd.nist.gov/vuln/detail/CVE-2018-4117 [ 10 ] CVE-2018-4118 https://nvd.nist.gov/vuln/detail/CVE-2018-4118 [ 11 ] CVE-2018-4119 https://nvd.nist.gov/vuln/detail/CVE-2018-4119 [ 12 ] CVE-2018-4120 https://nvd.nist.gov/vuln/detail/CVE-2018-4120 [ 13 ] CVE-2018-4121 https://nvd.nist.gov/vuln/detail/CVE-2018-4121 [ 14 ] CVE-2018-4122 https://nvd.nist.gov/vuln/detail/CVE-2018-4122 [ 15 ] CVE-2018-4125 https://nvd.nist.gov/vuln/detail/CVE-2018-4125 [ 16 ] CVE-2018-4127 https://nvd.nist.gov/vuln/detail/CVE-2018-4127 [ 17 ] CVE-2018-4128 https://nvd.nist.gov/vuln/detail/CVE-2018-4128 [ 18 ] CVE-2018-4129 https://nvd.nist.gov/vuln/detail/CVE-2018-4129 [ 19 ] CVE-2018-4133 https://nvd.nist.gov/vuln/detail/CVE-2018-4133 [ 20 ] CVE-2018-4146 https://nvd.nist.gov/vuln/detail/CVE-2018-4146 [ 21 ] CVE-2018-4162 https://nvd.nist.gov/vuln/detail/CVE-2018-4162 [ 22 ] CVE-2018-4163 https://nvd.nist.gov/vuln/detail/CVE-2018-4163 [ 23 ] CVE-2018-4165 https://nvd.nist.gov/vuln/detail/CVE-2018-4165 [ 24 ] CVE-2018-4190 https://nvd.nist.gov/vuln/detail/CVE-2018-4190 [ 25 ] CVE-2018-4192 https://nvd.nist.gov/vuln/detail/CVE-2018-4192 [ 26 ] CVE-2018-4199 https://nvd.nist.gov/vuln/detail/CVE-2018-4199 [ 27 ] CVE-2018-4200 https://nvd.nist.gov/vuln/detail/CVE-2018-4200 [ 28 ] CVE-2018-4201 https://nvd.nist.gov/vuln/detail/CVE-2018-4201 [ 29 ] CVE-2018-4204 https://nvd.nist.gov/vuln/detail/CVE-2018-4204 [ 30 ] CVE-2018-4214 https://nvd.nist.gov/vuln/detail/CVE-2018-4214 [ 31 ] CVE-2018-4218 https://nvd.nist.gov/vuln/detail/CVE-2018-4218 [ 32 ] CVE-2018-4222 https://nvd.nist.gov/vuln/detail/CVE-2018-4222 [ 33 ] CVE-2018-4232 https://nvd.nist.gov/vuln/detail/CVE-2018-4232 [ 34 ] CVE-2018-4233 https://nvd.nist.gov/vuln/detail/CVE-2018-4233 [ 35 ] CVE-2018-4261 https://nvd.nist.gov/vuln/detail/CVE-2018-4261 [ 36 ] CVE-2018-4262 https://nvd.nist.gov/vuln/detail/CVE-2018-4262 [ 37 ] CVE-2018-4263 https://nvd.nist.gov/vuln/detail/CVE-2018-4263 [ 38 ] CVE-2018-4264 https://nvd.nist.gov/vuln/detail/CVE-2018-4264 [ 39 ] CVE-2018-4265 https://nvd.nist.gov/vuln/detail/CVE-2018-4265 [ 40 ] CVE-2018-4266 https://nvd.nist.gov/vuln/detail/CVE-2018-4266 [ 41 ] CVE-2018-4267 https://nvd.nist.gov/vuln/detail/CVE-2018-4267 [ 42 ] CVE-2018-4270 https://nvd.nist.gov/vuln/detail/CVE-2018-4270 [ 43 ] CVE-2018-4272 https://nvd.nist.gov/vuln/detail/CVE-2018-4272 [ 44 ] CVE-2018-4273 https://nvd.nist.gov/vuln/detail/CVE-2018-4273 [ 45 ] CVE-2018-4278 https://nvd.nist.gov/vuln/detail/CVE-2018-4278 [ 46 ] CVE-2018-4284 https://nvd.nist.gov/vuln/detail/CVE-2018-4284 [ 47 ] WebKitGTK+ Security Advisory WSA-2018-0003 https://webkitgtk.org/security/WSA-2018-0003.html [ 48 ] WebKitGTK+ Security Advisory WSA-2018-0004 https://webkitgtk.org/security/WSA-2018-0004.html [ 49 ] WebKitGTK+ Security Advisory WSA-2018-0005 https://webkitgtk.org/security/WSA-2018-0005.html [ 50 ] WebKitGTK+ Security Advisory WSA-2018-0006 https://webkitgtk.org/security/WSA-2018-0006.html Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201808-04 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2018 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-7-23-3 Additional information for APPLE-SA-2018-06-01-4 iOS 11.4 iOS 11.4 addresses the following: Bluetooth Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to elevate privileges Description: A buffer overflow was addressed with improved size validation. CVE-2018-4215: Abraham Masri (@cheesecakeufo) Bluetooth Available for: iPhone X, iPhone 8, iPhone 8 Plus, iPad 6th generation, and iPad Air 2 Not impacted: HomePod Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic Description: An input validation issue existed in Bluetooth. CVE-2018-5383: Lior Neumann and Eli Biham Entry added July 23, 2018 Contacts Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted vcf file may lead to a denial of service Description: A validation issue existed in the handling of phone numbers. CVE-2018-4100: Abraham Masri (@cheesecakeufo) FontParser Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved validation. CVE-2018-4211: Proteas of Qihoo 360 Nirvan Team iBooks Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker in a privileged network position may be able to spoof password prompts in iBooks Description: An input validation issue was addressed with improved input validation. CVE-2018-4202: Jerry Decime Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker in a privileged position may be able to perform a denial of service attack Description: A denial of service issue was addressed with improved validation. CVE-2018-4249: Kevin Backhouse of Semmle Ltd. Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A buffer overflow was addressed with improved bounds checking. CVE-2018-4241: Ian Beer of Google Project Zero CVE-2018-4243: Ian Beer of Google Project Zero libxpc Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A logic issue was addressed with improved validation. CVE-2018-4237: Samuel GroA (@5aelo) working with Trend Micro's Zero Day Initiative Magnifier Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to an iOS device may be able to view the last image used in Magnifier from the lockscreen Description: A permissions issue existed in Magnifier. This was addressed with additional permission checks. CVE-2018-4239: an anonymous researcher Mail Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker may be able to exfiltrate the contents of S/MIME-encrypted e-mail Description: An issue existed in the handling of encrypted Mail. CVE-2018-4227: Damian Poddebniak of MA1/4nster University of Applied Sciences, Christian Dresen of MA1/4nster University of Applied Sciences, Jens MA1/4ller of Ruhr University Bochum, Fabian Ising of MA1/4nster University of Applied Sciences, Sebastian Schinzel of MA1/4nster University of Applied Sciences, Simon Friedberger of KU Leuven, Juraj Somorovsky of Ruhr University Bochum, JAPrg Schwenk of Ruhr University Bochum Messages Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to conduct impersonation attacks Description: An injection issue was addressed with improved input validation. CVE-2018-4235: Anurodh Pokharel of Salesforce.com Messages Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted message may lead to a denial of service Description: This issue was addressed with improved message validation. CVE-2018-4240: Sriram (@Sri_Hxor) of PrimeFort Pvt. Ltd CVE-2018-4250: Metehan YA+-lmaz of Sesim Sarpkaya Safari Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious website may be able to cause a denial of service Description: A denial of service issue was addressed with improved validation. CVE-2018-4247: FranASSois Renaud, Jesse Viviano of Verizon Enterprise Solutions Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to read a persistent account identifier Description: An authorization issue was addressed with improved state management. CVE-2018-4223: Abraham Masri (@cheesecakeufo) Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Users may be tracked by malicious websites using client certificates Description: An issue existed in the handling of S-MIME certificaties. CVE-2018-4221: Damian Poddebniak of MA1/4nster University of Applied Sciences, Christian Dresen of MA1/4nster University of Applied Sciences, Jens MA1/4ller of Ruhr University Bochum, Fabian Ising of MA1/4nster University of Applied Sciences, Sebastian Schinzel of MA1/4nster University of Applied Sciences, Simon Friedberger of KU Leuven, Juraj Somorovsky of Ruhr University Bochum, JAPrg Schwenk of Ruhr University Bochum Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to read a persistent device identifier Description: An authorization issue was addressed with improved state management. CVE-2018-4224: Abraham Masri (@cheesecakeufo) Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to modify the state of the Keychain Description: An authorization issue was addressed with improved state management. CVE-2018-4225: Abraham Masri (@cheesecakeufo) Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to view sensitive user information Description: An authorization issue was addressed with improved state management. CVE-2018-4226: Abraham Masri (@cheesecakeufo) Siri Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to an iOS device may be able to enable Siri from the lock screen Description: An issue existed with Siri permissions. CVE-2018-4238: Baljinder Singh, Muhammad khizer javed, Onur Can BIKMAZ (@CanBkmaz) of Mustafa Kemal University Siri Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to an iOS device may be able to use Siri to read notifications of content that is set not to be displayed at the lock screen Description: An issue existed with Siri permissions. CVE-2018-4252: Hunter Byrnes, Martin Winkelmann (@Winkelmannnn) Siri Contacts Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker with physical access to a device may be able to see private contact information Description: An issue existed with Siri permissions. CVE-2018-4244: an anonymous researcher UIKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted text file may lead to a denial of service Description: A validation issue existed in the handling of text. CVE-2018-4198: Hunter Byrnes WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2018-4188: YoKo Kho (@YoKoAcc) of Mitra Integrasi Informatika, PT WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4201: an anonymous researcher CVE-2018-4218: Natalie Silvanovich of Google Project Zero CVE-2018-4233: Samuel GroA (@5aelo) working with Trend Micro's Zero Day Initiative WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling. CVE-2018-4199: Alex Plaskett, Georgi Geshev, Fabi Beterke, and Nils of MWR Labs working with Trend Micro's Zero Day Initiative WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a maliciously crafted website may lead to cookies being overwritten Description: A permissions issue existed in the handling of web browser cookies. CVE-2018-4192: Markus Gaasedelen, Nick Burnett, and Patrick Biernat of Ret2 Systems, Inc working with Trend Micro's Zero Day Initiative WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4204: found by OSS-Fuzz, Richard Zhu (fluorescence) working with Trend Micro's Zero Day Initiative WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved memory handling. CVE-2018-4246: found by OSS-Fuzz WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a maliciously crafted website may leak sensitive data Description: Credentials were unexpectedly sent when fetching CSS mask images. CVE-2018-4222: Natalie Silvanovich of Google Project Zero Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "iOS 11.4". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEfcwwPWJ3e0Ig26mf8ecVjteJiCYFAltUshMACgkQ8ecVjteJ iCbspA//aVxu/EdiaNxNRmRDFB8LpqKa3xjJdfkK9cJRYZ+eBHJZjBfzj4BzABuG Xow7FkEE7LSQpCeJ08Ggo6vVQUdR4+etQ2UfjQWGX6qIvLZUXK0lw2x5XdTP0q4m WmNoZcdK3cmbVXGMWUZRUrYPTWwMnTMsPpPoDoptaQRseN+K/0kdwsQZtdqeN9sq GN3Qp6AW6WR1gUAgDriIyzFXTxJ8NmKx2+4B5O2w0TbmzxGa/F5ZUjw4D/wwJJPA /RXAwseJMghPfbi9tNcjUhbGFfcnr5JvyGfY2GESFc7odWt2XSpePHr6qaJzogBr KeJKOVpgTdS4PO37+KDUfQDIElSnYQVTff8Tinxg/Zojafp0PxYkDYRxw7i16YKU HsB7R0o5Yi5YD4uG5ioMj4RspQDWozzveVvvtah6/bWChQQwD3XHr6JRM6oJ106G wNx2EHfRRXFQCY680RfE8hN/98IJRrCF6nIdO9zBbzGM/Ihzr02F0qSrdB5/PXSq S6EwJi0M5ia/KMFSO7EY5qQ2aipyDC3WPkvQrHtpsqstMrktyJOYGbm/t39WmIBb gC92rxvNFr5mO8Owypu1/tloGr15zIxPGR6OXA/DVxdRm2/UmW1tsqQfKgporJMD de6uiZJb8p8X36KC7YmHLTApYL3CaZebJIIOmf8tKjQUxxbR9wE= =nII0 -----END PGP SIGNATURE----- . ------------------------------------------------------------------------ WebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0005 ------------------------------------------------------------------------ Date reported : June 13, 2018 Advisory ID : WSA-2018-0005 WebKitGTK+ Advisory URL : https://webkitgtk.org/security/WSA-2018-0005.html WPE WebKit Advisory URL : https://wpewebkit.org/security/WSA-2018-0005.html CVE identifiers : CVE-2018-4190, CVE-2018-4192, CVE-2018-4199, CVE-2018-4201, CVE-2018-4214, CVE-2018-4218, CVE-2018-4222, CVE-2018-4232, CVE-2018-4233, CVE-2018-11646, CVE-2018-11712, CVE-2018-11713, CVE-2018-12293, CVE-2018-12294. Several vulnerabilities were discovered in WebKitGTK+ and WPE WebKit. Credit to Jun Kokatsu (@shhnjk). Impact: Visiting a maliciously crafted website may leak sensitive data. Description: Credentials were unexpectedly sent when fetching CSS mask images. This was addressed by using a CORS-enabled fetch method. Credit to Markus Gaasedelen, Nick Burnett, and Patrick Biernat of Ret2 Systems, Inc working with Trend Micro's Zero Day Initiative. Description: A race condition was addressed with improved locking. Credit to Alex Plaskett, Georgi Geshev, Fabi Beterke, and Nils of MWR Labs working with Trend Micro's Zero Day Initiative. Description: A buffer overflow issue was addressed with improved memory handling. Credit to an anonymous researcher. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to OSS-Fuzz. Impact: Processing maliciously crafted web content may lead to an unexpected application crash. Description: A memory corruption issue was addressed with improved input validation. Credit to Natalie Silvanovich of Google Project Zero. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Natalie Silvanovich of Google Project Zero. Description: An out-of-bounds read was addressed with improved input validation. Credit to Aymeric Chaib. Impact: Visiting a maliciously crafted website may lead to cookies being overwritten. Description: A permissions issue existed in the handling of web browser cookies. This issue was addressed with improved restrictions. Credit to Samuel Gross (@5aelo) working with Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Mishra Dhiraj. Maliciously crafted web content could trigger an application crash in WebKitFaviconDatabase, caused by mishandling unexpected input. Credit to Metrological Group B.V. The libsoup network backend of WebKit failed to perform TLS certificate verification for WebSocket connections. Credit to Dirkjan Ochtman. The libsoup network backend of WebKit unexpectedly failed to use system proxy settings for WebSocket connections. As a result, users could be deanonymized by crafted web sites via a WebSocket connection. Credit to ADlab of Venustech. Maliciously crafted web content could achieve a heap buffer overflow in ImageBufferCairo by exploiting multiple integer overflow issues. Credit to ADlab of Venustech. Maliciously crafted web content could trigger a use-after-free of a TextureMapperLayer object. We recommend updating to the latest stable versions of WebKitGTK+ and WPE WebKit. It is the best way to ensure that you are running a safe version of WebKit. Please check our websites for information about the latest stable releases. Further information about WebKitGTK+ and WPE WebKit security advisories can be found at https://webkitgtk.org/security.html or https://wpewebkit.org/security/. The WebKitGTK+ and WPE WebKit team, June 13, 2018 . Alternatively, on your watch, select "My Watch > General > About"
var-202010-1295	An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. This vulnerability allows remote attackers to disclose sensitive information code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the getAnimations method. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. Apple iPadOS is an operating system for iPad tablets. WebKit is one of the web browser engine components. A security vulnerability exists in the WebKit component of several Apple products. The following products and versions are affected: Apple iOS prior to 13.6; iPadOS prior to 13.6; tvOS prior to 13.4.8; watchOS prior to 6.2.8; Safari prior to 13.1.2; Windows-based iTunes prior to 12.10.8. Description: Red Hat OpenShift Container Storage is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Container Storage is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Container Storage provisions a multicloud data management service with an S3 compatible API. These updated images include numerous security fixes, bug fixes, and enhancements. Bugs fixed (https://bugzilla.redhat.com/): 1806266 - Require an extension to the cephfs subvolume commands, that can return metadata regarding a subvolume 1813506 - Dockerfile not compatible with docker and buildah 1817438 - OSDs not distributed uniformly across OCS nodes on a 9-node AWS IPI setup 1817850 - [BAREMETAL] rook-ceph-operator does not reconcile when osd deployment is deleted when performed node replacement 1827157 - OSD hitting default CPU limit on AWS i3en.2xlarge instances limiting performance 1829055 - [RFE] add insecureEdgeTerminationPolicy: Redirect to noobaa mgmt route (http to https) 1833153 - add a variable for sleep time of rook operator between checks of downed OSD+Node. 1836299 - NooBaa Operator deploys with HPA that fires maxreplicas alerts by default 1842254 - [NooBaa] Compression stats do not add up when compression id disabled 1845976 - OCS 4.5 Independent mode: must-gather commands fails to collect ceph command outputs from external cluster 1849771 - [RFE] Account created by OBC should have same permissions as bucket owner 1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash 1854500 - [tracker-rhcs bug 1838931] mgr/volumes: add command to return metadata of a subvolume snapshot 1854501 - [Tracker-rhcs bug 1848494 ]pybind/mgr/volumes: Add the ability to keep snapshots of subvolumes independent of the source subvolume 1854503 - [tracker-rhcs-bug 1848503] cephfs: Provide alternatives to increase the total cephfs subvolume snapshot counts to greater than the current 400 across a Cephfs volume 1856953 - CVE-2020-15586 golang: data race in certain net/http servers including ReverseProxy can lead to DoS 1858195 - [GSS] registry pod stuck in ContainerCreating due to pvc from cephfs storage class fail to mount 1859183 - PV expansion is failing in retry loop in pre-existing PV after upgrade to OCS 4.5 (i.e. if the PV spec does not contain expansion params) 1859229 - Rook should delete extra MON PVCs in case first reconcile takes too long and rook skips "b" and "c" (spawned from Bug 1840084#c14) 1859478 - OCS 4.6 : Upon deployment, CSI Pods in CLBO with error - flag provided but not defined: -metadatastorage 1860022 - OCS 4.6 Deployment: LBP CSV and pod should not be deployed since ob/obc CRDs are owned from OCS 4.5 onwards 1860034 - OCS 4.6 Deployment in ocs-ci : Toolbox pod in ContainerCreationError due to key admin-secret not found 1860670 - OCS 4.5 Uninstall External: Openshift-storage namespace in Terminating state as CephObjectStoreUser had finalizers remaining 1860848 - Add validation for rgw-pool-prefix in the ceph-external-cluster-details-exporter script 1861780 - [Tracker BZ1866386][IBM s390x] Mount Failed for CEPH while running couple of OCS test cases. 1865938 - CSIDrivers missing in OCS 4.6 1867024 - [ocs-operator] operator v4.6.0-519.ci is in Installing state 1867099 - CVE-2020-16845 golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs 1868060 - [External Cluster] Noobaa-default-backingstore PV in released state upon OCS 4.5 uninstall (Secret not found) 1868703 - [rbd] After volume expansion, the new size is not reflected on the pod 1869411 - capture full crash information from ceph 1870061 - [RHEL][IBM] OCS un-install should make the devices raw 1870338 - OCS 4.6 must-gather : ocs-must-gather-xxx-helper pod in ContainerCreationError (couldn't find key admin-secret) 1870631 - OCS 4.6 Deployment : RGW pods went into 'CrashLoopBackOff' state on Z Platform 1872119 - Updates don't work on StorageClass which will keep PV expansion disabled for upgraded cluster 1872696 - [ROKS][RFE]NooBaa Configure IBM COS as default backing store 1873864 - Noobaa: On an baremetal RHCOS cluster, some backingstores are stuck in PROGRESSING state with INVALID_ENDPOINT TemporaryError 1874606 - CVE-2020-7720 nodejs-node-forge: prototype pollution via the util.setPath function 1875476 - Change noobaa logo in the noobaa UI 1877339 - Incorrect use of logr 1877371 - NooBaa UI warning message on Deploy Kubernetes Pool process - typo and shown number is incorrect 1878153 - OCS 4.6 must-gather: collect node information under cluster_scoped_resources/oc_output directory 1878714 - [FIPS enabled] BadDigest error on file upload to noobaa bucket 1878853 - [External Mode] ceph-external-cluster-details-exporter.py does not tolerate TLS enabled RGW 1879008 - ocs-osd-removal job fails because it can't find admin-secret in rook-ceph-mon secret 1879072 - Deployment with encryption at rest is failing to bring up OSD pods 1879919 - [External] Upgrade mechanism from OCS 4.5 to OCS 4.6 needs to be fixed 1880255 - Collect rbd info and subvolume info and snapshot info command output 1881028 - CVE-2020-8237 nodejs-json-bigint: Prototype pollution via `__proto__` assignment could result in DoS 1881071 - [External] Upgrade mechanism from OCS 4.5 to OCS 4.6 needs to be fixed 1882397 - MCG decompression problem with snappy on s390x arch 1883253 - CSV doesn't contain values required for UI to enable minimal deployment and cluster encryption 1883398 - Update csi sidecar containers in rook 1883767 - Using placement strategies in cluster-service.yaml causes ocs-operator to crash 1883810 - [External mode] RGW metrics is not available after OCS upgrade from 4.5 to 4.6 1883927 - Deployment with encryption at rest is failing to bring up OSD pods 1885175 - Handle disappeared underlying device for encrypted OSD 1885428 - panic seen in rook-ceph during uninstall - "close of closed channel" 1885648 - [Tracker for https://bugzilla.redhat.com/show_bug.cgi?id=1885700] FSTYPE for localvolumeset devices shows up as ext2 after uninstall 1885971 - ocs-storagecluster-cephobjectstore doesn't report true state of RGW 1886308 - Default VolumeSnapshot Classes not created in External Mode 1886348 - osd removal job failed with status "Error" 1886551 - Clone creation failed after timeout of 5 hours of Azure platrom for 3 CephFS PVCs ( PVC sizes: 1, 25 and 100 GB) 1886709 - [External] RGW storageclass disappears after upgrade from OCS 4.5 to 4.6 1886859 - OCS 4.6: Uninstall stuck indefinitely if any Ceph pods are in Pending state before uninstall 1886873 - [OCS 4.6 External/Internal Uninstall] - Storage Cluster deletion stuck indefinitely, "failed to delete object store", remaining users: [noobaa-ceph-objectstore-user] 1888583 - [External] When deployment is attempted without specifying the monitoring-endpoint while generating JSON, the CSV is stuck in installing state 1888593 - [External] Add validation for monitoring-endpoint and port in the exporter script 1888614 - [External] Unreachable monitoring-endpoint used during deployment causes ocs-operator to crash 1889441 - Traceback error message while running OCS 4.6 must-gather 1889683 - [GSS] Noobaa Problem when setting public access to a bucket 1889866 - Post node power off/on, an unused MON PVC still stays back in the cluster 1890183 - [External] ocs-operator logs are filled with "failed to reconcile metrics exporter" 1890638 - must-gather helper pod should be deleted after collecting ceph crash info 1890971 - [External] RGW metrics are not available if anything else except 9283 is provided as the monitoring-endpoint-port 1891856 - ocs-metrics-exporter pod should have tolerations for OCS taint 1892206 - [GSS] Ceph image/version mismatch 1892234 - clone #95 creation failed for CephFS PVC ( 10 GB PVC size) during multiple clones creation test 1893624 - Must Gather is not collecting the tar file from NooBaa diagnose 1893691 - OCS4.6 must_gather failes to complete in 600sec 1893714 - Bad response for upload an object with encryption 1895402 - Mon pods didn't get upgraded in 720 second timeout from OCS 4.5 upgrade to 4.6 1896298 - [RFE] Monitoring for Namespace buckets and resources 1896831 - Clone#452 for RBD PVC ( PVC size 1 GB) failed to be created for 600 secs 1898521 - [CephFS] Deleting cephfsplugin pod along with app pods will make PV remain in Released state after deleting the PVC 1902627 - must-gather should wait for debug pods to be in ready state 1904171 - RGW Service is unavailable for a short period during upgrade to OCS 4.6 5. Solution: Download the release images via: quay.io/redhat/quay:v3.3.3 quay.io/redhat/clair-jwt:v3.3.3 quay.io/redhat/quay-builder:v3.3.3 quay.io/redhat/clair:v3.3.3 4. Bugs fixed (https://bugzilla.redhat.com/): 1905758 - CVE-2020-27831 quay: email notifications authorization bypass 1905784 - CVE-2020-27832 quay: persistent XSS in repository notification display 5. JIRA issues fixed (https://issues.jboss.org/): PROJQUAY-1124 - NVD feed is broken for latest Clair v2 version 6. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202007-61 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: WebKitGTK+: Multiple vulnerabilities Date: July 31, 2020 Bugs: #734584 ID: 202007-61 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been found in WebKitGTK+, the worst of which could result in the arbitrary execution of code. Background ========= WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-libs/webkit-gtk < 2.28.4 >= 2.28.4 Description ========== Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the CVE identifiers referenced below for details. Impact ===== Please review the referenced CVE identifiers for details. Workaround ========= There is no known workaround at this time. Resolution ========= All WebKitGTK+ users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.28.4" References ========= [ 1 ] CVE-2020-9862 https://nvd.nist.gov/vuln/detail/CVE-2020-9862 [ 2 ] CVE-2020-9893 https://nvd.nist.gov/vuln/detail/CVE-2020-9893 [ 3 ] CVE-2020-9894 https://nvd.nist.gov/vuln/detail/CVE-2020-9894 [ 4 ] CVE-2020-9895 https://nvd.nist.gov/vuln/detail/CVE-2020-9895 [ 5 ] CVE-2020-9915 https://nvd.nist.gov/vuln/detail/CVE-2020-9915 [ 6 ] CVE-2020-9925 https://nvd.nist.gov/vuln/detail/CVE-2020-9925 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202007-61 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2020 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . The compliance-operator image updates are now available for OpenShift Container Platform 4.6. This advisory provides the following updates among others: * Enhances profile parsing time. * Fixes excessive resource consumption from the Operator. * Fixes default content image. * Fixes outdated remediation handling. Solution: For OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel ease-notes.html Details on how to access this content are available at https://docs.openshift.com/container-platform/4.6/updating/updating-cluster - -cli.html. Bugs fixed (https://bugzilla.redhat.com/): 1897635 - CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers 1918990 - ComplianceSuite scans use quay content image for initContainer 1919135 - [OCP v46] The autoApplyRemediation pauses the machineConfigPool if there is outdated complianceRemediation object present 1919846 - After remediation applied, the compliancecheckresults still reports Failed status for some rules 1920999 - Compliance operator is not displayed when disconnected mode is selected in the OpenShift Web-Console. Bugs fixed (https://bugzilla.redhat.com/): 1732329 - Virtual Machine is missing documentation of its properties in yaml editor 1783192 - Guest kernel panic when start RHEL6.10 guest with q35 machine type and virtio disk in cnv 1791753 - [RFE] [SSP] Template validator should check validations in template's parent template 1804533 - CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic 1848954 - KMP missing CA extensions in cabundle of mutatingwebhookconfiguration 1848956 - KMP requires downtime for CA stabilization during certificate rotation 1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash 1853911 - VM with dot in network name fails to start with unclear message 1854098 - NodeNetworkState on workers doesn't have "status" key due to nmstate-handler pod failure to run "nmstatectl show" 1856347 - SR-IOV : Missing network name for sriov during vm setup 1856953 - CVE-2020-15586 golang: data race in certain net/http servers including ReverseProxy can lead to DoS 1859235 - Common Templates - after upgrade there are 2 common templates per each os-workload-flavor combination 1860714 - No API information from `oc explain` 1860992 - CNV upgrade - users are not removed from privileged SecurityContextConstraints 1864577 - [v2v][RHV to CNV non migratable source VM fails to import to Ceph-rbd / File system due to overhead required for Filesystem 1866593 - CDI is not handling vm disk clone 1867099 - CVE-2020-16845 golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs 1868817 - Container-native Virtualization 2.6.0 Images 1873771 - Improve the VMCreationFailed error message caused by VM low memory 1874812 - SR-IOV: Guest Agent expose link-local ipv6 address for sometime and then remove it 1878499 - DV import doesn't recover from scratch space PVC deletion 1879108 - Inconsistent naming of "oc virt" command in help text 1881874 - openshift-cnv namespace is getting stuck if the user tries to delete it while CNV is running 1883232 - Webscale: kubevirt/CNV datavolume importer pod inability to disable sidecar injection if namespace has sidecar injection enabled but VM Template does NOT 1883371 - CVE-2020-26160 jwt-go: access restriction bypass vulnerability 1885153 - [v2v][RHV to CNv VM import] Wrong Network mapping do not show a relevant error message 1885418 - [openshift-cnv] issues with memory overhead calculation when limits are used 1887398 - [openshift-cnv][CNV] nodes need to exist and be labeled first, before the NodeNetworkConfigurationPolicy is applied 1889295 - [v2v][VMware to CNV VM import API] diskMappings: volumeMode Block is not passed on to PVC request. 1891285 - Common templates and kubevirt-config cm - update machine-type 1891440 - [v2v][VMware to CNV VM import API]Source VM with no network interface fail with unclear error 1892227 - [SSP] cluster scoped resources are not being reconciled 1893278 - openshift-virtualization-os-images namespace not seen by user 1893646 - [HCO] Pod placement configuration - dry run is not performed for all the configuration stanza 1894428 - Message for VMI not migratable is not clear enough 1894824 - [v2v][VM import] Pick the smallest template for the imported VM, and not always Medium 1894897 - [v2v][VMIO] VMimport CR is not reported as failed when target VM is deleted during the import 1895414 - Virt-operator is accepting updates to the placement of its workload components even with running VMs 1897635 - CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers 1898072 - Add Fedora33 to Fedora common templates 1898840 - [v2v] VM import VMWare to CNV Import 63 chars vm name should not fail 1899558 - CNV 2.6 - nmstate fails to set state 1901480 - VM disk io can't worked if namespace have label kubemacpool 1902046 - Not possible to edit CDIConfig (through CDI CR / CDIConfig) 1902111 - CVE-2020-27813 golang-github-gorilla-websocket: integer overflow leads to denial of service 1903014 - hco-webhook pod in CreateContainerError 1903585 - [v2v] Windows 2012 VM imported from RHV goes into Windows repair mode 1904797 - [VMIO][vmware] A migrated RHEL/Windows VM starts in emergency mode/safe mode when target storage is NFS and target namespace is NOT "default" 1906199 - [CNV-2.5] CNV Tries to Install on Windows Workers 1907151 - kubevirt version is not reported correctly via virtctl 1907352 - VM/VMI link changes to `kubevirt.io~v1~VirtualMachineInstance` on CNV 2.6 1907691 - [CNV] Configuring NodeNetworkConfigurationPolicy caused "Internal error occurred" for creating datavolume 1907988 - VM loses dynamic IP address of its default interface after migration 1908363 - Applying NodeNetworkConfigurationPolicy for different NIC than default disables br-ex bridge and nodes lose connectivity 1908421 - [v2v] [VM import RHV to CNV] Windows imported VM boot failed: INACCESSIBLE BOOT DEVICE error 1908883 - CVE-2020-29652 golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference 1909458 - [V2V][VMware to CNV VM import via api using VMIO] VM import to Ceph RBD/BLOCK fails on "qemu-img: /data/disk.img" error 1910857 - Provide a mechanism to enable the HotplugVolumes feature gate via HCO 1911118 - Windows VMI LiveMigration / shutdown fails on 'XML error: non unique alias detected: ua-') 1911396 - Set networkInterfaceMultiqueue false in rhel 6 template for e1000e interface 1911662 - el6 guests don't work properly if virtio bus is specified on various devices 1912908 - Allow using "scsi" bus for disks in template validation 1913248 - Creating vlan interface on top of a bond device via NodeNetworkConfigurationPolicy fails 1913320 - Informative message needed with virtctl image-upload, that additional step is needed from the user 1913717 - Users should have read permitions for golden images data volumes 1913756 - Migrating to Ceph-RBD + Block fails when skipping zeroes 1914177 - CNV does not preallocate blank file data volumes 1914608 - Obsolete CPU models (kubevirt-cpu-plugin-configmap) are set on worker nodes 1914947 - HPP golden images - DV shoudld not be created with WaitForFirstConsumer 1917908 - [VMIO] vmimport pod fail to create when using ceph-rbd/block 1917963 - [CNV 2.6] Unable to install CNV disconnected - requires kvm-info-nfd-plugin which is not mirrored 1919391 - CVE-2021-20206 containernetworking-cni: Arbitrary path injection via type field in CNI configuration 1920576 - HCO can report ready=true when it failed to create a CR for a component operator 1920610 - e2e-aws-4.7-cnv consistently failing on Hyperconverged Cluster Operator 1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation 1923979 - kubernetes-nmstate: nmstate-handler pod crashes when configuring bridge device using ip tool 1927373 - NoExecute taint violates pdb; VMIs are not live migrated 1931376 - VMs disconnected from nmstate-defined bridge after CNV-2.5.4->CNV-2.6.0 upgrade 5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-07-15-1 iOS 13.6 and iPadOS 13.6 iOS 13.6 and iPadOS 13.6 are now available and address the following: Audio Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9888: JunDong Xie and XingWei Li of Ant-financial Light-Year Security Lab CVE-2020-9890: JunDong Xie and XingWei Li of Ant-financial Light-Year Security Lab CVE-2020-9891: JunDong Xie and XingWei Li of Ant-financial Light-Year Security Lab Audio Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9889: JunDong Xie and XingWei Li of Ant-financial Light-Year Security Lab AVEVideoEncoder Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed by removing the vulnerable code. CVE-2020-9907: an anonymous researcher Bluetooth Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A remote attacker may cause an unexpected application termination Description: A denial of service issue was addressed with improved input validation. CVE-2020-9931: Dennis Heinze (@ttdennis) of TU Darmstadt, Secure Mobile Networking Lab CoreFoundation Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A local user may be able to view sensitive user information Description: An issue existed in the handling of environment variables. CVE-2020-9934: an anonymous researcher Crash Reporter Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A malicious application may be able to break out of its sandbox Description: A memory corruption issue was addressed by removing the vulnerable code. CVE-2020-9865: Zhuo Liang of Qihoo 360 Vulcan Team working with 360 BugCloud GeoServices Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A malicious application may be able to read sensitive location information Description: An authorization issue was addressed with improved state management. CVE-2020-9933: Min (Spark) Zheng and Xiaolong Bai of Alibaba Inc. iAP Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An attacker in a privileged network position may be able to execute arbitrary code Description: An input validation issue existed in Bluetooth. CVE-2020-9914: Andy Davis of NCC Group ImageIO Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9936: Mickey Jin of Trend Micro Kernel Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2020-9923: Proteas Kernel Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An attacker in a privileged network position may be able to inject into active connections within a VPN tunnel Description: A routing issue was addressed with improved restrictions. CVE-2019-14899: William J. Tolley, Beau Kujath, and Jedidiah R. Crandall Kernel Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9909: Brandon Azad of Google Project Zero Mail Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A remote attacker can cause a limited out-of-bounds write, resulting in a denial of service Description: An input validation issue was addressed. CVE-2019-19906 Messages Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A user that is removed from an iMessage group could rejoin the group Description: An issue existed in the handling of iMessage tapbacks. The issue was resolved with additional verification. CVE-2020-9885: an anonymous researcher, Suryansh Mansharamani, of WWP High School North (medium.com/@suryanshmansha) Model I/O Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling. CVE-2020-9878: Holger Fuhrmannek of Deutsche Telekom Security Safari Login AutoFill Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A malicious attacker may cause Safari to suggest a password for the wrong domain Description: A logic issue was addressed with improved restrictions. CVE-2020-9903: Nikhil Mittal (@c0d3G33k) of Payatu Labs (payatu.com) Safari Reader Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An issue in Safari Reader mode may allow a remote attacker to bypass the Same Origin Policy Description: A logic issue was addressed with improved restrictions. CVE-2020-9911: Nikhil Mittal (@c0d3G33k) of Payatu Labs (payatu.com) WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-9894: 0011 working with Trend Micro Zero Day Initiative WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing maliciously crafted web content may prevent Content Security Policy from being enforced Description: An access issue existed in Content Security Policy. CVE-2020-9915: an anonymous researcher WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2020-9893: 0011 working with Trend Micro Zero Day Initiative CVE-2020-9895: Wen Xu of SSLab, Georgia Tech WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue was addressed with improved state management. CVE-2020-9925: an anonymous researcher WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication Description: Multiple issues were addressed with improved logic. CVE-2020-9910: Samuel Groß of Google Project Zero WebKit Page Loading Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A malicious attacker may be able to conceal the destination of a URL Description: A URL Unicode encoding issue was addressed with improved state management. CVE-2020-9916: Rakesh Mane (@RakeshMane10) WebKit Web Inspector Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Copying a URL from Web Inspector may lead to command injection Description: A command injection issue existed in Web Inspector. CVE-2020-9862: Ophir Lojkine (@lovasoa) Wi-Fi Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-9918: Jianjun Dai of 360 Alpha Lab working with 360 BugCloud (bugcloud.360.cn) WiFi Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A remote attacker may be able to cause a denial of service Description: This issue was addressed with improved checks. CVE-2020-9917: an anonymous researcher, Pradeep Deokate of Harman Additional recognition Bluetooth We would like to acknowledge Andy Davis of NCC Group for their assistance. Kernel We would like to acknowledge Brandon Azad of Google Project Zero for their assistance. USB Audio We would like to acknowledge Andy Davis of NCC Group for their assistance. Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "iOS 13.6 and iPadOS 13.6". -----BEGIN PGP SIGNATURE----- iQIyBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl8POhUACgkQBz4uGe3y 0M3VAA/3ciev1rSP1w547PW3gsdGviEqUD6d5cNWfVKyIywIwqhXD24bNn471XPe ufoLyxB/SlH9yKcHjuNYmeL+tu+4Gqx+YvaNTrKkBlh0DP7bB7y1vKVDbHjTsSbx ecrPfDI3ZHXXux9+1fYZ47ISnJDakqVEI3bAw7JFtwL4DmQYdyk+xaUVTXTXksoV YwXin1usgQUZp921ygUNzP5kMwwdmbwenMS+U5s270TlSFPLflB61iykZCEOt7n4 sQqpv1A1GQPigTAPZOevl/TyfUAzRxXhOjXoBw6GSHXmfrLdkT72cw+VuIxZ2rpG 5VGkORd8S0PNDPndLYUb3VxKa4GucbuFd/f4YY4xhJuyZj1ANidPmSn1QkviqCjz 47pvdvWIQpRAQZv4yhlCfcZPYYwkHOPLsmSYbUdfKZvMHx+GneJp4T6ofZ5E7pvQ W354Asbg8fSFbx0jbmQpI0jJIgwLy8ydMVf1HsqToM/mSwTRQBjONNGQweHIdfXQ Z1PJ4cmOTutRmGLgDHIikVkq8mIu+1EOWBkLAXoZrn7d9pbosHZG/5OT3rpXpQU2 FykbSj7EkVyEJ978rAaynixaiuNbaw39osKaP4H5LcFhzyM8tF3paiR0gXKhizTB w57KB0YW0QrWBupRIdAd+yH2jt6iNviLfkq7fUAzZ3hb1iikVw== =Tlxk -----END PGP SIGNATURE----- . To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster - -between-minor.html#understanding-upgrade-channels_updating-cluster-between - -minor. Bugs fixed (https://bugzilla.redhat.com/): 1823765 - nfd-workers crash under an ipv6 environment 1838802 - mysql8 connector from operatorhub does not work with metering operator 1838845 - Metering operator can't connect to postgres DB from Operator Hub 1841883 - namespace-persistentvolumeclaim-usage query returns unexpected values 1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash 1868294 - NFD operator does not allow customisation of nfd-worker.conf 1882310 - CVE-2020-24750 jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration 1890672 - NFD is missing a build flag to build correctly 1890741 - path to the CA trust bundle ConfigMap is broken in report operator 1897346 - NFD worker pods not scheduler on a 3 node master/worker cluster 1898373 - Metering operator failing upgrade from 4.4 to 4.6 channel 1900125 - FIPS error while generating RSA private key for CA 1906129 - OCP 4.7: Node Feature Discovery (NFD) Operator in CrashLoopBackOff when deployed from OperatorHub 1908492 - OCP 4.7: Node Feature Discovery (NFD) Operator Custom Resource Definition file in olm-catalog is not in sync with the one in manifests dir leading to failed deployment from OperatorHub 1913837 - The CI and ART 4.7 metering images are not mirrored 1914869 - OCP 4.7 NFD - Operand configuration options for NodeFeatureDiscovery are empty, no supported image for ppc64le 1916010 - olm skip range is set to the wrong range 1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation 1923998 - NFD Operator is failing to update and remains in Replacing state 5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: GNOME security, bug fix, and enhancement update Advisory ID: RHSA-2020:4451-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:4451 Issue date: 2020-11-03 CVE Names: CVE-2019-8625 CVE-2019-8710 CVE-2019-8720 CVE-2019-8743 CVE-2019-8764 CVE-2019-8766 CVE-2019-8769 CVE-2019-8771 CVE-2019-8782 CVE-2019-8783 CVE-2019-8808 CVE-2019-8811 CVE-2019-8812 CVE-2019-8813 CVE-2019-8814 CVE-2019-8815 CVE-2019-8816 CVE-2019-8819 CVE-2019-8820 CVE-2019-8823 CVE-2019-8835 CVE-2019-8844 CVE-2019-8846 CVE-2020-3862 CVE-2020-3864 CVE-2020-3865 CVE-2020-3867 CVE-2020-3868 CVE-2020-3885 CVE-2020-3894 CVE-2020-3895 CVE-2020-3897 CVE-2020-3899 CVE-2020-3900 CVE-2020-3901 CVE-2020-3902 CVE-2020-9802 CVE-2020-9803 CVE-2020-9805 CVE-2020-9806 CVE-2020-9807 CVE-2020-9843 CVE-2020-9850 CVE-2020-9862 CVE-2020-9893 CVE-2020-9894 CVE-2020-9895 CVE-2020-9915 CVE-2020-9925 CVE-2020-10018 CVE-2020-11793 CVE-2020-14391 CVE-2020-15503 ==================================================================== 1. Summary: An update for GNOME is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: GNOME is the default desktop environment of Red Hat Enterprise Linux. The following packages have been upgraded to a later upstream version: gnome-remote-desktop (0.1.8), pipewire (0.3.6), vte291 (0.52.4), webkit2gtk3 (2.28.4), xdg-desktop-portal (1.6.0), xdg-desktop-portal-gtk (1.6.0). (BZ#1775345, BZ#1779691, BZ#1817143, BZ#1832347, BZ#1837406) Security Fix(es): * webkitgtk: Multiple security issues (CVE-2019-8625, CVE-2019-8710, CVE-2019-8720, CVE-2019-8743, CVE-2019-8764, CVE-2019-8766, CVE-2019-8769, CVE-2019-8771, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8823, CVE-2019-8835, CVE-2019-8844, CVE-2019-8846, CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868, CVE-2020-3885, CVE-2020-3894, CVE-2020-3895, CVE-2020-3897, CVE-2020-3899, CVE-2020-3900, CVE-2020-3901, CVE-2020-3902, CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806, CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9915, CVE-2020-9925, CVE-2020-10018, CVE-2020-11793) * gnome-settings-daemon: Red Hat Customer Portal password logged and passed as command line argument when user registers through GNOME control center (CVE-2020-14391) * LibRaw: lack of thumbnail size range check can lead to buffer overflow (CVE-2020-15503) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 GDM must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1207179 - Select items matching non existing pattern does not unselect already selected 1566027 - can't correctly compute contents size if hidden files are included 1569868 - Browsing samba shares using gvfs is very slow 1652178 - [RFE] perf-tool run on wayland 1656262 - The terminal's character display is unclear on rhel8 guest after installing gnome 1668895 - [RHEL8] Timedlogin Fails when Userlist is Disabled 1692536 - login screen shows after gnome-initial-setup 1706008 - Sound Effect sometimes fails to change to selected option. 1706076 - Automatic suspend for 90 minutes is set for 80 minutes instead. 1715845 - JS ERROR: TypeError: this._workspacesViews[i] is undefined 1719937 - GNOME Extension: Auto-Move-Windows Not Working Properly 1758891 - tracker-devel subpackage missing from el8 repos 1775345 - Rebase xdg-desktop-portal to 1.6 1778579 - Nautilus does not respect umask settings. 1779691 - Rebase xdg-desktop-portal-gtk to 1.6 1794045 - There are two different high contrast versions of desktop icons 1804719 - Update vte291 to 0.52.4 1805929 - RHEL 8.1 gnome-shell-extension errors 1811721 - CVE-2020-10018 webkitgtk: Use-after-free issue in accessibility/AXObjectCache.cpp 1814820 - No checkbox to install updates in the shutdown dialog 1816070 - "search for an application to open this file" dialog broken 1816678 - CVE-2019-8846 webkitgtk: Use after free issue may lead to remote code execution 1816684 - CVE-2019-8835 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution 1816686 - CVE-2019-8844 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution 1817143 - Rebase WebKitGTK to 2.28 1820759 - Include IO stall fixes 1820760 - Include IO fixes 1824362 - [BZ] Setting in gnome-tweak-tool Window List will reset upon opening 1827030 - gnome-settings-daemon: subscription notification on CentOS Stream 1829369 - CVE-2020-11793 webkitgtk: use-after-free via crafted web content 1832347 - [Rebase] Rebase pipewire to 0.3.x 1833158 - gdm-related dconf folders and keyfiles are not found in fresh 8.2 install 1837381 - Backport screen cast improvements to 8.3 1837406 - Rebase gnome-remote-desktop to PipeWire 0.3 version 1837413 - Backport changes needed by xdg-desktop-portal-gtk-1.6 1837648 - Vendor.conf should point to https://access.redhat.com/site/solutions/537113 1840080 - Can not control top bar menus via keys in Wayland 1840788 - [flatpak][rhel8] unable to build potrace as dependency 1843486 - Software crash after clicking Updates tab 1844578 - anaconda very rarely crashes at startup with a pygobject traceback 1846191 - usb adapters hotplug crashes gnome-shell 1847051 - JS ERROR: TypeError: area is null 1847061 - File search doesn't work under certain locales 1847062 - gnome-remote-desktop crash on QXL graphics 1847203 - gnome-shell: get_top_visible_window_actor(): gnome-shell killed by SIGSEGV 1853477 - CVE-2020-15503 LibRaw: lack of thumbnail size range check can lead to buffer overflow 1854734 - PipeWire 0.2 should be required by xdg-desktop-portal 1866332 - Remove obsolete libusb-devel dependency 1868260 - [Hyper-V][RHEL8] VM starts GUI failed on Hyper-V 2019/2016, hangs at "Started GNOME Display Manager" - GDM regression issue. 1872270 - WebKit renderer hangs on Cockpit 1873093 - CVE-2020-14391 gnome-settings-daemon: Red Hat Customer Portal password logged and passed as command line argument when user registers through GNOME control center 1873963 - Failed to start session: org.gnome.Mutter.ScreenCast API version 2 lower than minimum supported version 3 1876462 - CVE-2020-3885 webkitgtk: Incorrect processing of file URLs 1876463 - CVE-2020-3894 webkitgtk: Race condition allows reading of restricted memory 1876465 - CVE-2020-3895 webkitgtk: Memory corruption triggered by a malicious web content 1876468 - CVE-2020-3897 webkitgtk: Type confusion leading to arbitrary code execution 1876470 - CVE-2020-3899 webkitgtk: Memory consumption issue leading to arbitrary code execution 1876472 - CVE-2020-3900 webkitgtk: Memory corruption triggered by a malicious web content 1876473 - CVE-2020-3901 webkitgtk: Type confusion leading to arbitrary code execution 1876476 - CVE-2020-3902 webkitgtk: Input validation issue leading to cross-site script attack 1876516 - CVE-2020-3862 webkitgtk: Denial of service via incorrect memory handling 1876518 - CVE-2020-3864 webkitgtk: Non-unique security origin for DOM object contexts 1876521 - CVE-2020-3865 webkitgtk: Incorrect security check for a top-level DOM object context 1876522 - CVE-2020-3867 webkitgtk: Incorrect state management leading to universal cross-site scripting 1876523 - CVE-2020-3868 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution 1876536 - CVE-2019-8710 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution 1876537 - CVE-2019-8743 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution 1876540 - CVE-2019-8764 webkitgtk: Incorrect state management leading to universal cross-site scripting 1876543 - CVE-2019-8766 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution 1876545 - CVE-2019-8782 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution 1876548 - CVE-2019-8783 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution 1876549 - CVE-2019-8808 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution 1876550 - CVE-2019-8811 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution 1876552 - CVE-2019-8812 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution 1876553 - CVE-2019-8813 webkitgtk: Incorrect state management leading to universal cross-site scripting 1876554 - CVE-2019-8814 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution 1876555 - CVE-2019-8815 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution 1876556 - CVE-2019-8816 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution 1876590 - CVE-2019-8819 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution 1876591 - CVE-2019-8820 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution 1876594 - CVE-2019-8823 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution 1876607 - CVE-2019-8625 webkitgtk: Incorrect state management leading to universal cross-site scripting 1876611 - CVE-2019-8720 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution 1876617 - CVE-2019-8769 webkitgtk: Websites could reveal browsing history 1876619 - CVE-2019-8771 webkitgtk: Violation of iframe sandboxing policy 1877853 - File descriptors are being left behind on logout of RHEL 8 session 1879532 - CVE-2020-9862 webkitgtk: Command injection in web inspector 1879535 - CVE-2020-9893 webkitgtk: Use-after-free may lead to application termination or arbitrary code execution 1879536 - CVE-2020-9894 webkitgtk: Out-of-bounds read may lead to unexpected application termination or arbitrary code execution 1879538 - CVE-2020-9895 webkitgtk: Use-after-free may lead to application termination or arbitrary code execution 1879540 - CVE-2020-9915 webkitgtk: Access issue in content security policy 1879541 - CVE-2020-9925 webkitgtk: A logic issue may lead to cross site scripting 1879545 - CVE-2020-9802 webkitgtk: Logic issue may lead to arbitrary code execution 1879557 - CVE-2020-9803 webkitgtk: Memory corruption may lead to arbitrary code execution 1879559 - CVE-2020-9805 webkitgtk: Logic issue may lead to cross site scripting 1879563 - CVE-2020-9806 webkitgtk: Memory corruption may lead to arbitrary code execution 1879564 - CVE-2020-9807 webkitgtk: Memory corruption may lead to arbitrary code execution 1879566 - CVE-2020-9843 webkitgtk: Input validation issue may lead to cross site scripting 1879568 - CVE-2020-9850 webkitgtk: Logic issue may lead to arbitrary code execution 1880339 - Right GLX stereo texture is potentially leaked for each closed window 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: LibRaw-0.19.5-2.el8.src.rpm PackageKit-1.1.12-6.el8.src.rpm dleyna-renderer-0.6.0-3.el8.src.rpm frei0r-plugins-1.6.1-7.el8.src.rpm gdm-3.28.3-34.el8.src.rpm gnome-control-center-3.28.2-22.el8.src.rpm gnome-photos-3.28.1-3.el8.src.rpm gnome-remote-desktop-0.1.8-3.el8.src.rpm gnome-session-3.28.1-10.el8.src.rpm gnome-settings-daemon-3.32.0-11.el8.src.rpm gnome-shell-3.32.2-20.el8.src.rpm gnome-shell-extensions-3.32.1-11.el8.src.rpm gnome-terminal-3.28.3-2.el8.src.rpm gtk3-3.22.30-6.el8.src.rpm gvfs-1.36.2-10.el8.src.rpm mutter-3.32.2-48.el8.src.rpm nautilus-3.28.1-14.el8.src.rpm pipewire-0.3.6-1.el8.src.rpm pipewire0.2-0.2.7-6.el8.src.rpm potrace-1.15-3.el8.src.rpm tracker-2.1.5-2.el8.src.rpm vte291-0.52.4-2.el8.src.rpm webkit2gtk3-2.28.4-1.el8.src.rpm webrtc-audio-processing-0.3-9.el8.src.rpm xdg-desktop-portal-1.6.0-2.el8.src.rpm xdg-desktop-portal-gtk-1.6.0-1.el8.src.rpm aarch64: PackageKit-1.1.12-6.el8.aarch64.rpm PackageKit-command-not-found-1.1.12-6.el8.aarch64.rpm PackageKit-command-not-found-debuginfo-1.1.12-6.el8.aarch64.rpm PackageKit-cron-1.1.12-6.el8.aarch64.rpm PackageKit-debuginfo-1.1.12-6.el8.aarch64.rpm PackageKit-debugsource-1.1.12-6.el8.aarch64.rpm PackageKit-glib-1.1.12-6.el8.aarch64.rpm PackageKit-glib-debuginfo-1.1.12-6.el8.aarch64.rpm PackageKit-gstreamer-plugin-1.1.12-6.el8.aarch64.rpm PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.aarch64.rpm PackageKit-gtk3-module-1.1.12-6.el8.aarch64.rpm PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.aarch64.rpm frei0r-plugins-1.6.1-7.el8.aarch64.rpm frei0r-plugins-debuginfo-1.6.1-7.el8.aarch64.rpm frei0r-plugins-debugsource-1.6.1-7.el8.aarch64.rpm frei0r-plugins-opencv-1.6.1-7.el8.aarch64.rpm frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.aarch64.rpm gdm-3.28.3-34.el8.aarch64.rpm gdm-debuginfo-3.28.3-34.el8.aarch64.rpm gdm-debugsource-3.28.3-34.el8.aarch64.rpm gnome-control-center-3.28.2-22.el8.aarch64.rpm gnome-control-center-debuginfo-3.28.2-22.el8.aarch64.rpm gnome-control-center-debugsource-3.28.2-22.el8.aarch64.rpm gnome-remote-desktop-0.1.8-3.el8.aarch64.rpm gnome-remote-desktop-debuginfo-0.1.8-3.el8.aarch64.rpm gnome-remote-desktop-debugsource-0.1.8-3.el8.aarch64.rpm gnome-session-3.28.1-10.el8.aarch64.rpm gnome-session-debuginfo-3.28.1-10.el8.aarch64.rpm gnome-session-debugsource-3.28.1-10.el8.aarch64.rpm gnome-session-wayland-session-3.28.1-10.el8.aarch64.rpm gnome-session-xsession-3.28.1-10.el8.aarch64.rpm gnome-settings-daemon-3.32.0-11.el8.aarch64.rpm gnome-settings-daemon-debuginfo-3.32.0-11.el8.aarch64.rpm gnome-settings-daemon-debugsource-3.32.0-11.el8.aarch64.rpm gnome-shell-3.32.2-20.el8.aarch64.rpm gnome-shell-debuginfo-3.32.2-20.el8.aarch64.rpm gnome-shell-debugsource-3.32.2-20.el8.aarch64.rpm gnome-terminal-3.28.3-2.el8.aarch64.rpm gnome-terminal-debuginfo-3.28.3-2.el8.aarch64.rpm gnome-terminal-debugsource-3.28.3-2.el8.aarch64.rpm gnome-terminal-nautilus-3.28.3-2.el8.aarch64.rpm gnome-terminal-nautilus-debuginfo-3.28.3-2.el8.aarch64.rpm gsettings-desktop-schemas-devel-3.32.0-5.el8.aarch64.rpm gtk-update-icon-cache-3.22.30-6.el8.aarch64.rpm gtk-update-icon-cache-debuginfo-3.22.30-6.el8.aarch64.rpm gtk3-3.22.30-6.el8.aarch64.rpm gtk3-debuginfo-3.22.30-6.el8.aarch64.rpm gtk3-debugsource-3.22.30-6.el8.aarch64.rpm gtk3-devel-3.22.30-6.el8.aarch64.rpm gtk3-devel-debuginfo-3.22.30-6.el8.aarch64.rpm gtk3-immodule-xim-3.22.30-6.el8.aarch64.rpm gtk3-immodule-xim-debuginfo-3.22.30-6.el8.aarch64.rpm gtk3-immodules-debuginfo-3.22.30-6.el8.aarch64.rpm gtk3-tests-debuginfo-3.22.30-6.el8.aarch64.rpm gvfs-1.36.2-10.el8.aarch64.rpm gvfs-afc-1.36.2-10.el8.aarch64.rpm gvfs-afc-debuginfo-1.36.2-10.el8.aarch64.rpm gvfs-afp-1.36.2-10.el8.aarch64.rpm gvfs-afp-debuginfo-1.36.2-10.el8.aarch64.rpm gvfs-archive-1.36.2-10.el8.aarch64.rpm gvfs-archive-debuginfo-1.36.2-10.el8.aarch64.rpm gvfs-client-1.36.2-10.el8.aarch64.rpm gvfs-client-debuginfo-1.36.2-10.el8.aarch64.rpm gvfs-debuginfo-1.36.2-10.el8.aarch64.rpm gvfs-debugsource-1.36.2-10.el8.aarch64.rpm gvfs-devel-1.36.2-10.el8.aarch64.rpm gvfs-fuse-1.36.2-10.el8.aarch64.rpm gvfs-fuse-debuginfo-1.36.2-10.el8.aarch64.rpm gvfs-goa-1.36.2-10.el8.aarch64.rpm gvfs-goa-debuginfo-1.36.2-10.el8.aarch64.rpm gvfs-gphoto2-1.36.2-10.el8.aarch64.rpm gvfs-gphoto2-debuginfo-1.36.2-10.el8.aarch64.rpm gvfs-mtp-1.36.2-10.el8.aarch64.rpm gvfs-mtp-debuginfo-1.36.2-10.el8.aarch64.rpm gvfs-smb-1.36.2-10.el8.aarch64.rpm gvfs-smb-debuginfo-1.36.2-10.el8.aarch64.rpm libsoup-debuginfo-2.62.3-2.el8.aarch64.rpm libsoup-debugsource-2.62.3-2.el8.aarch64.rpm libsoup-devel-2.62.3-2.el8.aarch64.rpm mutter-3.32.2-48.el8.aarch64.rpm mutter-debuginfo-3.32.2-48.el8.aarch64.rpm mutter-debugsource-3.32.2-48.el8.aarch64.rpm mutter-tests-debuginfo-3.32.2-48.el8.aarch64.rpm nautilus-3.28.1-14.el8.aarch64.rpm nautilus-debuginfo-3.28.1-14.el8.aarch64.rpm nautilus-debugsource-3.28.1-14.el8.aarch64.rpm nautilus-extensions-3.28.1-14.el8.aarch64.rpm nautilus-extensions-debuginfo-3.28.1-14.el8.aarch64.rpm pipewire-0.3.6-1.el8.aarch64.rpm pipewire-alsa-debuginfo-0.3.6-1.el8.aarch64.rpm pipewire-debuginfo-0.3.6-1.el8.aarch64.rpm pipewire-debugsource-0.3.6-1.el8.aarch64.rpm pipewire-devel-0.3.6-1.el8.aarch64.rpm pipewire-doc-0.3.6-1.el8.aarch64.rpm pipewire-gstreamer-debuginfo-0.3.6-1.el8.aarch64.rpm pipewire-libs-0.3.6-1.el8.aarch64.rpm pipewire-libs-debuginfo-0.3.6-1.el8.aarch64.rpm pipewire-utils-0.3.6-1.el8.aarch64.rpm pipewire-utils-debuginfo-0.3.6-1.el8.aarch64.rpm pipewire0.2-debugsource-0.2.7-6.el8.aarch64.rpm pipewire0.2-devel-0.2.7-6.el8.aarch64.rpm pipewire0.2-libs-0.2.7-6.el8.aarch64.rpm pipewire0.2-libs-debuginfo-0.2.7-6.el8.aarch64.rpm potrace-1.15-3.el8.aarch64.rpm potrace-debuginfo-1.15-3.el8.aarch64.rpm potrace-debugsource-1.15-3.el8.aarch64.rpm pygobject3-debuginfo-3.28.3-2.el8.aarch64.rpm pygobject3-debugsource-3.28.3-2.el8.aarch64.rpm python3-gobject-3.28.3-2.el8.aarch64.rpm python3-gobject-base-debuginfo-3.28.3-2.el8.aarch64.rpm python3-gobject-debuginfo-3.28.3-2.el8.aarch64.rpm tracker-2.1.5-2.el8.aarch64.rpm tracker-debuginfo-2.1.5-2.el8.aarch64.rpm tracker-debugsource-2.1.5-2.el8.aarch64.rpm vte-profile-0.52.4-2.el8.aarch64.rpm vte291-0.52.4-2.el8.aarch64.rpm vte291-debuginfo-0.52.4-2.el8.aarch64.rpm vte291-debugsource-0.52.4-2.el8.aarch64.rpm vte291-devel-debuginfo-0.52.4-2.el8.aarch64.rpm webkit2gtk3-2.28.4-1.el8.aarch64.rpm webkit2gtk3-debuginfo-2.28.4-1.el8.aarch64.rpm webkit2gtk3-debugsource-2.28.4-1.el8.aarch64.rpm webkit2gtk3-devel-2.28.4-1.el8.aarch64.rpm webkit2gtk3-devel-debuginfo-2.28.4-1.el8.aarch64.rpm webkit2gtk3-jsc-2.28.4-1.el8.aarch64.rpm webkit2gtk3-jsc-debuginfo-2.28.4-1.el8.aarch64.rpm webkit2gtk3-jsc-devel-2.28.4-1.el8.aarch64.rpm webkit2gtk3-jsc-devel-debuginfo-2.28.4-1.el8.aarch64.rpm webrtc-audio-processing-0.3-9.el8.aarch64.rpm webrtc-audio-processing-debuginfo-0.3-9.el8.aarch64.rpm webrtc-audio-processing-debugsource-0.3-9.el8.aarch64.rpm xdg-desktop-portal-1.6.0-2.el8.aarch64.rpm xdg-desktop-portal-debuginfo-1.6.0-2.el8.aarch64.rpm xdg-desktop-portal-debugsource-1.6.0-2.el8.aarch64.rpm xdg-desktop-portal-gtk-1.6.0-1.el8.aarch64.rpm xdg-desktop-portal-gtk-debuginfo-1.6.0-1.el8.aarch64.rpm xdg-desktop-portal-gtk-debugsource-1.6.0-1.el8.aarch64.rpm noarch: gnome-classic-session-3.32.1-11.el8.noarch.rpm gnome-control-center-filesystem-3.28.2-22.el8.noarch.rpm gnome-shell-extension-apps-menu-3.32.1-11.el8.noarch.rpm gnome-shell-extension-auto-move-windows-3.32.1-11.el8.noarch.rpm gnome-shell-extension-common-3.32.1-11.el8.noarch.rpm gnome-shell-extension-dash-to-dock-3.32.1-11.el8.noarch.rpm gnome-shell-extension-desktop-icons-3.32.1-11.el8.noarch.rpm gnome-shell-extension-disable-screenshield-3.32.1-11.el8.noarch.rpm gnome-shell-extension-drive-menu-3.32.1-11.el8.noarch.rpm gnome-shell-extension-horizontal-workspaces-3.32.1-11.el8.noarch.rpm gnome-shell-extension-launch-new-instance-3.32.1-11.el8.noarch.rpm gnome-shell-extension-native-window-placement-3.32.1-11.el8.noarch.rpm gnome-shell-extension-no-hot-corner-3.32.1-11.el8.noarch.rpm gnome-shell-extension-panel-favorites-3.32.1-11.el8.noarch.rpm gnome-shell-extension-places-menu-3.32.1-11.el8.noarch.rpm gnome-shell-extension-screenshot-window-sizer-3.32.1-11.el8.noarch.rpm gnome-shell-extension-systemMonitor-3.32.1-11.el8.noarch.rpm gnome-shell-extension-top-icons-3.32.1-11.el8.noarch.rpm gnome-shell-extension-updates-dialog-3.32.1-11.el8.noarch.rpm gnome-shell-extension-user-theme-3.32.1-11.el8.noarch.rpm gnome-shell-extension-window-grouper-3.32.1-11.el8.noarch.rpm gnome-shell-extension-window-list-3.32.1-11.el8.noarch.rpm gnome-shell-extension-windowsNavigator-3.32.1-11.el8.noarch.rpm gnome-shell-extension-workspace-indicator-3.32.1-11.el8.noarch.rpm ppc64le: LibRaw-0.19.5-2.el8.ppc64le.rpm LibRaw-debuginfo-0.19.5-2.el8.ppc64le.rpm LibRaw-debugsource-0.19.5-2.el8.ppc64le.rpm LibRaw-samples-debuginfo-0.19.5-2.el8.ppc64le.rpm PackageKit-1.1.12-6.el8.ppc64le.rpm PackageKit-command-not-found-1.1.12-6.el8.ppc64le.rpm PackageKit-command-not-found-debuginfo-1.1.12-6.el8.ppc64le.rpm PackageKit-cron-1.1.12-6.el8.ppc64le.rpm PackageKit-debuginfo-1.1.12-6.el8.ppc64le.rpm PackageKit-debugsource-1.1.12-6.el8.ppc64le.rpm PackageKit-glib-1.1.12-6.el8.ppc64le.rpm PackageKit-glib-debuginfo-1.1.12-6.el8.ppc64le.rpm PackageKit-gstreamer-plugin-1.1.12-6.el8.ppc64le.rpm PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.ppc64le.rpm PackageKit-gtk3-module-1.1.12-6.el8.ppc64le.rpm PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.ppc64le.rpm dleyna-renderer-0.6.0-3.el8.ppc64le.rpm dleyna-renderer-debuginfo-0.6.0-3.el8.ppc64le.rpm dleyna-renderer-debugsource-0.6.0-3.el8.ppc64le.rpm frei0r-plugins-1.6.1-7.el8.ppc64le.rpm frei0r-plugins-debuginfo-1.6.1-7.el8.ppc64le.rpm frei0r-plugins-debugsource-1.6.1-7.el8.ppc64le.rpm frei0r-plugins-opencv-1.6.1-7.el8.ppc64le.rpm frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.ppc64le.rpm gdm-3.28.3-34.el8.ppc64le.rpm gdm-debuginfo-3.28.3-34.el8.ppc64le.rpm gdm-debugsource-3.28.3-34.el8.ppc64le.rpm gnome-control-center-3.28.2-22.el8.ppc64le.rpm gnome-control-center-debuginfo-3.28.2-22.el8.ppc64le.rpm gnome-control-center-debugsource-3.28.2-22.el8.ppc64le.rpm gnome-photos-3.28.1-3.el8.ppc64le.rpm gnome-photos-debuginfo-3.28.1-3.el8.ppc64le.rpm gnome-photos-debugsource-3.28.1-3.el8.ppc64le.rpm gnome-photos-tests-3.28.1-3.el8.ppc64le.rpm gnome-remote-desktop-0.1.8-3.el8.ppc64le.rpm gnome-remote-desktop-debuginfo-0.1.8-3.el8.ppc64le.rpm gnome-remote-desktop-debugsource-0.1.8-3.el8.ppc64le.rpm gnome-session-3.28.1-10.el8.ppc64le.rpm gnome-session-debuginfo-3.28.1-10.el8.ppc64le.rpm gnome-session-debugsource-3.28.1-10.el8.ppc64le.rpm gnome-session-wayland-session-3.28.1-10.el8.ppc64le.rpm gnome-session-xsession-3.28.1-10.el8.ppc64le.rpm gnome-settings-daemon-3.32.0-11.el8.ppc64le.rpm gnome-settings-daemon-debuginfo-3.32.0-11.el8.ppc64le.rpm gnome-settings-daemon-debugsource-3.32.0-11.el8.ppc64le.rpm gnome-shell-3.32.2-20.el8.ppc64le.rpm gnome-shell-debuginfo-3.32.2-20.el8.ppc64le.rpm gnome-shell-debugsource-3.32.2-20.el8.ppc64le.rpm gnome-terminal-3.28.3-2.el8.ppc64le.rpm gnome-terminal-debuginfo-3.28.3-2.el8.ppc64le.rpm gnome-terminal-debugsource-3.28.3-2.el8.ppc64le.rpm gnome-terminal-nautilus-3.28.3-2.el8.ppc64le.rpm gnome-terminal-nautilus-debuginfo-3.28.3-2.el8.ppc64le.rpm gsettings-desktop-schemas-devel-3.32.0-5.el8.ppc64le.rpm gtk-update-icon-cache-3.22.30-6.el8.ppc64le.rpm gtk-update-icon-cache-debuginfo-3.22.30-6.el8.ppc64le.rpm gtk3-3.22.30-6.el8.ppc64le.rpm gtk3-debuginfo-3.22.30-6.el8.ppc64le.rpm gtk3-debugsource-3.22.30-6.el8.ppc64le.rpm gtk3-devel-3.22.30-6.el8.ppc64le.rpm gtk3-devel-debuginfo-3.22.30-6.el8.ppc64le.rpm gtk3-immodule-xim-3.22.30-6.el8.ppc64le.rpm gtk3-immodule-xim-debuginfo-3.22.30-6.el8.ppc64le.rpm gtk3-immodules-debuginfo-3.22.30-6.el8.ppc64le.rpm gtk3-tests-debuginfo-3.22.30-6.el8.ppc64le.rpm gvfs-1.36.2-10.el8.ppc64le.rpm gvfs-afc-1.36.2-10.el8.ppc64le.rpm gvfs-afc-debuginfo-1.36.2-10.el8.ppc64le.rpm gvfs-afp-1.36.2-10.el8.ppc64le.rpm gvfs-afp-debuginfo-1.36.2-10.el8.ppc64le.rpm gvfs-archive-1.36.2-10.el8.ppc64le.rpm gvfs-archive-debuginfo-1.36.2-10.el8.ppc64le.rpm gvfs-client-1.36.2-10.el8.ppc64le.rpm gvfs-client-debuginfo-1.36.2-10.el8.ppc64le.rpm gvfs-debuginfo-1.36.2-10.el8.ppc64le.rpm gvfs-debugsource-1.36.2-10.el8.ppc64le.rpm gvfs-devel-1.36.2-10.el8.ppc64le.rpm gvfs-fuse-1.36.2-10.el8.ppc64le.rpm gvfs-fuse-debuginfo-1.36.2-10.el8.ppc64le.rpm gvfs-goa-1.36.2-10.el8.ppc64le.rpm gvfs-goa-debuginfo-1.36.2-10.el8.ppc64le.rpm gvfs-gphoto2-1.36.2-10.el8.ppc64le.rpm gvfs-gphoto2-debuginfo-1.36.2-10.el8.ppc64le.rpm gvfs-mtp-1.36.2-10.el8.ppc64le.rpm gvfs-mtp-debuginfo-1.36.2-10.el8.ppc64le.rpm gvfs-smb-1.36.2-10.el8.ppc64le.rpm gvfs-smb-debuginfo-1.36.2-10.el8.ppc64le.rpm libsoup-debuginfo-2.62.3-2.el8.ppc64le.rpm libsoup-debugsource-2.62.3-2.el8.ppc64le.rpm libsoup-devel-2.62.3-2.el8.ppc64le.rpm mutter-3.32.2-48.el8.ppc64le.rpm mutter-debuginfo-3.32.2-48.el8.ppc64le.rpm mutter-debugsource-3.32.2-48.el8.ppc64le.rpm mutter-tests-debuginfo-3.32.2-48.el8.ppc64le.rpm nautilus-3.28.1-14.el8.ppc64le.rpm nautilus-debuginfo-3.28.1-14.el8.ppc64le.rpm nautilus-debugsource-3.28.1-14.el8.ppc64le.rpm nautilus-extensions-3.28.1-14.el8.ppc64le.rpm nautilus-extensions-debuginfo-3.28.1-14.el8.ppc64le.rpm pipewire-0.3.6-1.el8.ppc64le.rpm pipewire-alsa-debuginfo-0.3.6-1.el8.ppc64le.rpm pipewire-debuginfo-0.3.6-1.el8.ppc64le.rpm pipewire-debugsource-0.3.6-1.el8.ppc64le.rpm pipewire-devel-0.3.6-1.el8.ppc64le.rpm pipewire-doc-0.3.6-1.el8.ppc64le.rpm pipewire-gstreamer-debuginfo-0.3.6-1.el8.ppc64le.rpm pipewire-libs-0.3.6-1.el8.ppc64le.rpm pipewire-libs-debuginfo-0.3.6-1.el8.ppc64le.rpm pipewire-utils-0.3.6-1.el8.ppc64le.rpm pipewire-utils-debuginfo-0.3.6-1.el8.ppc64le.rpm pipewire0.2-debugsource-0.2.7-6.el8.ppc64le.rpm pipewire0.2-devel-0.2.7-6.el8.ppc64le.rpm pipewire0.2-libs-0.2.7-6.el8.ppc64le.rpm pipewire0.2-libs-debuginfo-0.2.7-6.el8.ppc64le.rpm potrace-1.15-3.el8.ppc64le.rpm potrace-debuginfo-1.15-3.el8.ppc64le.rpm potrace-debugsource-1.15-3.el8.ppc64le.rpm pygobject3-debuginfo-3.28.3-2.el8.ppc64le.rpm pygobject3-debugsource-3.28.3-2.el8.ppc64le.rpm python3-gobject-3.28.3-2.el8.ppc64le.rpm python3-gobject-base-debuginfo-3.28.3-2.el8.ppc64le.rpm python3-gobject-debuginfo-3.28.3-2.el8.ppc64le.rpm tracker-2.1.5-2.el8.ppc64le.rpm tracker-debuginfo-2.1.5-2.el8.ppc64le.rpm tracker-debugsource-2.1.5-2.el8.ppc64le.rpm vte-profile-0.52.4-2.el8.ppc64le.rpm vte291-0.52.4-2.el8.ppc64le.rpm vte291-debuginfo-0.52.4-2.el8.ppc64le.rpm vte291-debugsource-0.52.4-2.el8.ppc64le.rpm vte291-devel-debuginfo-0.52.4-2.el8.ppc64le.rpm webkit2gtk3-2.28.4-1.el8.ppc64le.rpm webkit2gtk3-debuginfo-2.28.4-1.el8.ppc64le.rpm webkit2gtk3-debugsource-2.28.4-1.el8.ppc64le.rpm webkit2gtk3-devel-2.28.4-1.el8.ppc64le.rpm webkit2gtk3-devel-debuginfo-2.28.4-1.el8.ppc64le.rpm webkit2gtk3-jsc-2.28.4-1.el8.ppc64le.rpm webkit2gtk3-jsc-debuginfo-2.28.4-1.el8.ppc64le.rpm webkit2gtk3-jsc-devel-2.28.4-1.el8.ppc64le.rpm webkit2gtk3-jsc-devel-debuginfo-2.28.4-1.el8.ppc64le.rpm webrtc-audio-processing-0.3-9.el8.ppc64le.rpm webrtc-audio-processing-debuginfo-0.3-9.el8.ppc64le.rpm webrtc-audio-processing-debugsource-0.3-9.el8.ppc64le.rpm xdg-desktop-portal-1.6.0-2.el8.ppc64le.rpm xdg-desktop-portal-debuginfo-1.6.0-2.el8.ppc64le.rpm xdg-desktop-portal-debugsource-1.6.0-2.el8.ppc64le.rpm xdg-desktop-portal-gtk-1.6.0-1.el8.ppc64le.rpm xdg-desktop-portal-gtk-debuginfo-1.6.0-1.el8.ppc64le.rpm xdg-desktop-portal-gtk-debugsource-1.6.0-1.el8.ppc64le.rpm s390x: PackageKit-1.1.12-6.el8.s390x.rpm PackageKit-command-not-found-1.1.12-6.el8.s390x.rpm PackageKit-command-not-found-debuginfo-1.1.12-6.el8.s390x.rpm PackageKit-cron-1.1.12-6.el8.s390x.rpm PackageKit-debuginfo-1.1.12-6.el8.s390x.rpm PackageKit-debugsource-1.1.12-6.el8.s390x.rpm PackageKit-glib-1.1.12-6.el8.s390x.rpm PackageKit-glib-debuginfo-1.1.12-6.el8.s390x.rpm PackageKit-gstreamer-plugin-1.1.12-6.el8.s390x.rpm PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.s390x.rpm PackageKit-gtk3-module-1.1.12-6.el8.s390x.rpm PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.s390x.rpm frei0r-plugins-1.6.1-7.el8.s390x.rpm frei0r-plugins-debuginfo-1.6.1-7.el8.s390x.rpm frei0r-plugins-debugsource-1.6.1-7.el8.s390x.rpm frei0r-plugins-opencv-1.6.1-7.el8.s390x.rpm frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.s390x.rpm gdm-3.28.3-34.el8.s390x.rpm gdm-debuginfo-3.28.3-34.el8.s390x.rpm gdm-debugsource-3.28.3-34.el8.s390x.rpm gnome-control-center-3.28.2-22.el8.s390x.rpm gnome-control-center-debuginfo-3.28.2-22.el8.s390x.rpm gnome-control-center-debugsource-3.28.2-22.el8.s390x.rpm gnome-remote-desktop-0.1.8-3.el8.s390x.rpm gnome-remote-desktop-debuginfo-0.1.8-3.el8.s390x.rpm gnome-remote-desktop-debugsource-0.1.8-3.el8.s390x.rpm gnome-session-3.28.1-10.el8.s390x.rpm gnome-session-debuginfo-3.28.1-10.el8.s390x.rpm gnome-session-debugsource-3.28.1-10.el8.s390x.rpm gnome-session-wayland-session-3.28.1-10.el8.s390x.rpm gnome-session-xsession-3.28.1-10.el8.s390x.rpm gnome-settings-daemon-3.32.0-11.el8.s390x.rpm gnome-settings-daemon-debuginfo-3.32.0-11.el8.s390x.rpm gnome-settings-daemon-debugsource-3.32.0-11.el8.s390x.rpm gnome-shell-3.32.2-20.el8.s390x.rpm gnome-shell-debuginfo-3.32.2-20.el8.s390x.rpm gnome-shell-debugsource-3.32.2-20.el8.s390x.rpm gnome-terminal-3.28.3-2.el8.s390x.rpm gnome-terminal-debuginfo-3.28.3-2.el8.s390x.rpm gnome-terminal-debugsource-3.28.3-2.el8.s390x.rpm gnome-terminal-nautilus-3.28.3-2.el8.s390x.rpm gnome-terminal-nautilus-debuginfo-3.28.3-2.el8.s390x.rpm gsettings-desktop-schemas-devel-3.32.0-5.el8.s390x.rpm gtk-update-icon-cache-3.22.30-6.el8.s390x.rpm gtk-update-icon-cache-debuginfo-3.22.30-6.el8.s390x.rpm gtk3-3.22.30-6.el8.s390x.rpm gtk3-debuginfo-3.22.30-6.el8.s390x.rpm gtk3-debugsource-3.22.30-6.el8.s390x.rpm gtk3-devel-3.22.30-6.el8.s390x.rpm gtk3-devel-debuginfo-3.22.30-6.el8.s390x.rpm gtk3-immodule-xim-3.22.30-6.el8.s390x.rpm gtk3-immodule-xim-debuginfo-3.22.30-6.el8.s390x.rpm gtk3-immodules-debuginfo-3.22.30-6.el8.s390x.rpm gtk3-tests-debuginfo-3.22.30-6.el8.s390x.rpm gvfs-1.36.2-10.el8.s390x.rpm gvfs-afp-1.36.2-10.el8.s390x.rpm gvfs-afp-debuginfo-1.36.2-10.el8.s390x.rpm gvfs-archive-1.36.2-10.el8.s390x.rpm gvfs-archive-debuginfo-1.36.2-10.el8.s390x.rpm gvfs-client-1.36.2-10.el8.s390x.rpm gvfs-client-debuginfo-1.36.2-10.el8.s390x.rpm gvfs-debuginfo-1.36.2-10.el8.s390x.rpm gvfs-debugsource-1.36.2-10.el8.s390x.rpm gvfs-devel-1.36.2-10.el8.s390x.rpm gvfs-fuse-1.36.2-10.el8.s390x.rpm gvfs-fuse-debuginfo-1.36.2-10.el8.s390x.rpm gvfs-goa-1.36.2-10.el8.s390x.rpm gvfs-goa-debuginfo-1.36.2-10.el8.s390x.rpm gvfs-gphoto2-1.36.2-10.el8.s390x.rpm gvfs-gphoto2-debuginfo-1.36.2-10.el8.s390x.rpm gvfs-mtp-1.36.2-10.el8.s390x.rpm gvfs-mtp-debuginfo-1.36.2-10.el8.s390x.rpm gvfs-smb-1.36.2-10.el8.s390x.rpm gvfs-smb-debuginfo-1.36.2-10.el8.s390x.rpm libsoup-debuginfo-2.62.3-2.el8.s390x.rpm libsoup-debugsource-2.62.3-2.el8.s390x.rpm libsoup-devel-2.62.3-2.el8.s390x.rpm mutter-3.32.2-48.el8.s390x.rpm mutter-debuginfo-3.32.2-48.el8.s390x.rpm mutter-debugsource-3.32.2-48.el8.s390x.rpm mutter-tests-debuginfo-3.32.2-48.el8.s390x.rpm nautilus-3.28.1-14.el8.s390x.rpm nautilus-debuginfo-3.28.1-14.el8.s390x.rpm nautilus-debugsource-3.28.1-14.el8.s390x.rpm nautilus-extensions-3.28.1-14.el8.s390x.rpm nautilus-extensions-debuginfo-3.28.1-14.el8.s390x.rpm pipewire-0.3.6-1.el8.s390x.rpm pipewire-alsa-debuginfo-0.3.6-1.el8.s390x.rpm pipewire-debuginfo-0.3.6-1.el8.s390x.rpm pipewire-debugsource-0.3.6-1.el8.s390x.rpm pipewire-devel-0.3.6-1.el8.s390x.rpm pipewire-gstreamer-debuginfo-0.3.6-1.el8.s390x.rpm pipewire-libs-0.3.6-1.el8.s390x.rpm pipewire-libs-debuginfo-0.3.6-1.el8.s390x.rpm pipewire-utils-0.3.6-1.el8.s390x.rpm pipewire-utils-debuginfo-0.3.6-1.el8.s390x.rpm pipewire0.2-debugsource-0.2.7-6.el8.s390x.rpm pipewire0.2-devel-0.2.7-6.el8.s390x.rpm pipewire0.2-libs-0.2.7-6.el8.s390x.rpm pipewire0.2-libs-debuginfo-0.2.7-6.el8.s390x.rpm potrace-1.15-3.el8.s390x.rpm potrace-debuginfo-1.15-3.el8.s390x.rpm potrace-debugsource-1.15-3.el8.s390x.rpm pygobject3-debuginfo-3.28.3-2.el8.s390x.rpm pygobject3-debugsource-3.28.3-2.el8.s390x.rpm python3-gobject-3.28.3-2.el8.s390x.rpm python3-gobject-base-debuginfo-3.28.3-2.el8.s390x.rpm python3-gobject-debuginfo-3.28.3-2.el8.s390x.rpm tracker-2.1.5-2.el8.s390x.rpm tracker-debuginfo-2.1.5-2.el8.s390x.rpm tracker-debugsource-2.1.5-2.el8.s390x.rpm vte-profile-0.52.4-2.el8.s390x.rpm vte291-0.52.4-2.el8.s390x.rpm vte291-debuginfo-0.52.4-2.el8.s390x.rpm vte291-debugsource-0.52.4-2.el8.s390x.rpm vte291-devel-debuginfo-0.52.4-2.el8.s390x.rpm webkit2gtk3-2.28.4-1.el8.s390x.rpm webkit2gtk3-debuginfo-2.28.4-1.el8.s390x.rpm webkit2gtk3-debugsource-2.28.4-1.el8.s390x.rpm webkit2gtk3-devel-2.28.4-1.el8.s390x.rpm webkit2gtk3-devel-debuginfo-2.28.4-1.el8.s390x.rpm webkit2gtk3-jsc-2.28.4-1.el8.s390x.rpm webkit2gtk3-jsc-debuginfo-2.28.4-1.el8.s390x.rpm webkit2gtk3-jsc-devel-2.28.4-1.el8.s390x.rpm webkit2gtk3-jsc-devel-debuginfo-2.28.4-1.el8.s390x.rpm webrtc-audio-processing-0.3-9.el8.s390x.rpm webrtc-audio-processing-debuginfo-0.3-9.el8.s390x.rpm webrtc-audio-processing-debugsource-0.3-9.el8.s390x.rpm xdg-desktop-portal-1.6.0-2.el8.s390x.rpm xdg-desktop-portal-debuginfo-1.6.0-2.el8.s390x.rpm xdg-desktop-portal-debugsource-1.6.0-2.el8.s390x.rpm xdg-desktop-portal-gtk-1.6.0-1.el8.s390x.rpm xdg-desktop-portal-gtk-debuginfo-1.6.0-1.el8.s390x.rpm xdg-desktop-portal-gtk-debugsource-1.6.0-1.el8.s390x.rpm x86_64: LibRaw-0.19.5-2.el8.i686.rpm LibRaw-0.19.5-2.el8.x86_64.rpm LibRaw-debuginfo-0.19.5-2.el8.i686.rpm LibRaw-debuginfo-0.19.5-2.el8.x86_64.rpm LibRaw-debugsource-0.19.5-2.el8.i686.rpm LibRaw-debugsource-0.19.5-2.el8.x86_64.rpm LibRaw-samples-debuginfo-0.19.5-2.el8.i686.rpm LibRaw-samples-debuginfo-0.19.5-2.el8.x86_64.rpm PackageKit-1.1.12-6.el8.x86_64.rpm PackageKit-command-not-found-1.1.12-6.el8.x86_64.rpm PackageKit-command-not-found-debuginfo-1.1.12-6.el8.i686.rpm PackageKit-command-not-found-debuginfo-1.1.12-6.el8.x86_64.rpm PackageKit-cron-1.1.12-6.el8.x86_64.rpm PackageKit-debuginfo-1.1.12-6.el8.i686.rpm PackageKit-debuginfo-1.1.12-6.el8.x86_64.rpm PackageKit-debugsource-1.1.12-6.el8.i686.rpm PackageKit-debugsource-1.1.12-6.el8.x86_64.rpm PackageKit-glib-1.1.12-6.el8.i686.rpm PackageKit-glib-1.1.12-6.el8.x86_64.rpm PackageKit-glib-debuginfo-1.1.12-6.el8.i686.rpm PackageKit-glib-debuginfo-1.1.12-6.el8.x86_64.rpm PackageKit-gstreamer-plugin-1.1.12-6.el8.x86_64.rpm PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.i686.rpm PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.x86_64.rpm PackageKit-gtk3-module-1.1.12-6.el8.i686.rpm PackageKit-gtk3-module-1.1.12-6.el8.x86_64.rpm PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.i686.rpm PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.x86_64.rpm dleyna-renderer-0.6.0-3.el8.x86_64.rpm dleyna-renderer-debuginfo-0.6.0-3.el8.x86_64.rpm dleyna-renderer-debugsource-0.6.0-3.el8.x86_64.rpm frei0r-plugins-1.6.1-7.el8.x86_64.rpm frei0r-plugins-debuginfo-1.6.1-7.el8.x86_64.rpm frei0r-plugins-debugsource-1.6.1-7.el8.x86_64.rpm frei0r-plugins-opencv-1.6.1-7.el8.x86_64.rpm frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.x86_64.rpm gdm-3.28.3-34.el8.i686.rpm gdm-3.28.3-34.el8.x86_64.rpm gdm-debuginfo-3.28.3-34.el8.i686.rpm gdm-debuginfo-3.28.3-34.el8.x86_64.rpm gdm-debugsource-3.28.3-34.el8.i686.rpm gdm-debugsource-3.28.3-34.el8.x86_64.rpm gnome-control-center-3.28.2-22.el8.x86_64.rpm gnome-control-center-debuginfo-3.28.2-22.el8.x86_64.rpm gnome-control-center-debugsource-3.28.2-22.el8.x86_64.rpm gnome-photos-3.28.1-3.el8.x86_64.rpm gnome-photos-debuginfo-3.28.1-3.el8.x86_64.rpm gnome-photos-debugsource-3.28.1-3.el8.x86_64.rpm gnome-photos-tests-3.28.1-3.el8.x86_64.rpm gnome-remote-desktop-0.1.8-3.el8.x86_64.rpm gnome-remote-desktop-debuginfo-0.1.8-3.el8.x86_64.rpm gnome-remote-desktop-debugsource-0.1.8-3.el8.x86_64.rpm gnome-session-3.28.1-10.el8.x86_64.rpm gnome-session-debuginfo-3.28.1-10.el8.x86_64.rpm gnome-session-debugsource-3.28.1-10.el8.x86_64.rpm gnome-session-wayland-session-3.28.1-10.el8.x86_64.rpm gnome-session-xsession-3.28.1-10.el8.x86_64.rpm gnome-settings-daemon-3.32.0-11.el8.x86_64.rpm gnome-settings-daemon-debuginfo-3.32.0-11.el8.x86_64.rpm gnome-settings-daemon-debugsource-3.32.0-11.el8.x86_64.rpm gnome-shell-3.32.2-20.el8.x86_64.rpm gnome-shell-debuginfo-3.32.2-20.el8.x86_64.rpm gnome-shell-debugsource-3.32.2-20.el8.x86_64.rpm gnome-terminal-3.28.3-2.el8.x86_64.rpm gnome-terminal-debuginfo-3.28.3-2.el8.x86_64.rpm gnome-terminal-debugsource-3.28.3-2.el8.x86_64.rpm gnome-terminal-nautilus-3.28.3-2.el8.x86_64.rpm gnome-terminal-nautilus-debuginfo-3.28.3-2.el8.x86_64.rpm gsettings-desktop-schemas-3.32.0-5.el8.i686.rpm gsettings-desktop-schemas-devel-3.32.0-5.el8.i686.rpm gsettings-desktop-schemas-devel-3.32.0-5.el8.x86_64.rpm gtk-update-icon-cache-3.22.30-6.el8.x86_64.rpm gtk-update-icon-cache-debuginfo-3.22.30-6.el8.i686.rpm gtk-update-icon-cache-debuginfo-3.22.30-6.el8.x86_64.rpm gtk3-3.22.30-6.el8.i686.rpm gtk3-3.22.30-6.el8.x86_64.rpm gtk3-debuginfo-3.22.30-6.el8.i686.rpm gtk3-debuginfo-3.22.30-6.el8.x86_64.rpm gtk3-debugsource-3.22.30-6.el8.i686.rpm gtk3-debugsource-3.22.30-6.el8.x86_64.rpm gtk3-devel-3.22.30-6.el8.i686.rpm gtk3-devel-3.22.30-6.el8.x86_64.rpm gtk3-devel-debuginfo-3.22.30-6.el8.i686.rpm gtk3-devel-debuginfo-3.22.30-6.el8.x86_64.rpm gtk3-immodule-xim-3.22.30-6.el8.x86_64.rpm gtk3-immodule-xim-debuginfo-3.22.30-6.el8.i686.rpm gtk3-immodule-xim-debuginfo-3.22.30-6.el8.x86_64.rpm gtk3-immodules-debuginfo-3.22.30-6.el8.i686.rpm gtk3-immodules-debuginfo-3.22.30-6.el8.x86_64.rpm gtk3-tests-debuginfo-3.22.30-6.el8.i686.rpm gtk3-tests-debuginfo-3.22.30-6.el8.x86_64.rpm gvfs-1.36.2-10.el8.x86_64.rpm gvfs-afc-1.36.2-10.el8.x86_64.rpm gvfs-afc-debuginfo-1.36.2-10.el8.i686.rpm gvfs-afc-debuginfo-1.36.2-10.el8.x86_64.rpm gvfs-afp-1.36.2-10.el8.x86_64.rpm gvfs-afp-debuginfo-1.36.2-10.el8.i686.rpm gvfs-afp-debuginfo-1.36.2-10.el8.x86_64.rpm gvfs-archive-1.36.2-10.el8.x86_64.rpm gvfs-archive-debuginfo-1.36.2-10.el8.i686.rpm gvfs-archive-debuginfo-1.36.2-10.el8.x86_64.rpm gvfs-client-1.36.2-10.el8.i686.rpm gvfs-client-1.36.2-10.el8.x86_64.rpm gvfs-client-debuginfo-1.36.2-10.el8.i686.rpm gvfs-client-debuginfo-1.36.2-10.el8.x86_64.rpm gvfs-debuginfo-1.36.2-10.el8.i686.rpm gvfs-debuginfo-1.36.2-10.el8.x86_64.rpm gvfs-debugsource-1.36.2-10.el8.i686.rpm gvfs-debugsource-1.36.2-10.el8.x86_64.rpm gvfs-devel-1.36.2-10.el8.i686.rpm gvfs-devel-1.36.2-10.el8.x86_64.rpm gvfs-fuse-1.36.2-10.el8.x86_64.rpm gvfs-fuse-debuginfo-1.36.2-10.el8.i686.rpm gvfs-fuse-debuginfo-1.36.2-10.el8.x86_64.rpm gvfs-goa-1.36.2-10.el8.x86_64.rpm gvfs-goa-debuginfo-1.36.2-10.el8.i686.rpm gvfs-goa-debuginfo-1.36.2-10.el8.x86_64.rpm gvfs-gphoto2-1.36.2-10.el8.x86_64.rpm gvfs-gphoto2-debuginfo-1.36.2-10.el8.i686.rpm gvfs-gphoto2-debuginfo-1.36.2-10.el8.x86_64.rpm gvfs-mtp-1.36.2-10.el8.x86_64.rpm gvfs-mtp-debuginfo-1.36.2-10.el8.i686.rpm gvfs-mtp-debuginfo-1.36.2-10.el8.x86_64.rpm gvfs-smb-1.36.2-10.el8.x86_64.rpm gvfs-smb-debuginfo-1.36.2-10.el8.i686.rpm gvfs-smb-debuginfo-1.36.2-10.el8.x86_64.rpm libsoup-debuginfo-2.62.3-2.el8.i686.rpm libsoup-debuginfo-2.62.3-2.el8.x86_64.rpm libsoup-debugsource-2.62.3-2.el8.i686.rpm libsoup-debugsource-2.62.3-2.el8.x86_64.rpm libsoup-devel-2.62.3-2.el8.i686.rpm libsoup-devel-2.62.3-2.el8.x86_64.rpm mutter-3.32.2-48.el8.i686.rpm mutter-3.32.2-48.el8.x86_64.rpm mutter-debuginfo-3.32.2-48.el8.i686.rpm mutter-debuginfo-3.32.2-48.el8.x86_64.rpm mutter-debugsource-3.32.2-48.el8.i686.rpm mutter-debugsource-3.32.2-48.el8.x86_64.rpm mutter-tests-debuginfo-3.32.2-48.el8.i686.rpm mutter-tests-debuginfo-3.32.2-48.el8.x86_64.rpm nautilus-3.28.1-14.el8.x86_64.rpm nautilus-debuginfo-3.28.1-14.el8.i686.rpm nautilus-debuginfo-3.28.1-14.el8.x86_64.rpm nautilus-debugsource-3.28.1-14.el8.i686.rpm nautilus-debugsource-3.28.1-14.el8.x86_64.rpm nautilus-extensions-3.28.1-14.el8.i686.rpm nautilus-extensions-3.28.1-14.el8.x86_64.rpm nautilus-extensions-debuginfo-3.28.1-14.el8.i686.rpm nautilus-extensions-debuginfo-3.28.1-14.el8.x86_64.rpm pipewire-0.3.6-1.el8.i686.rpm pipewire-0.3.6-1.el8.x86_64.rpm pipewire-alsa-debuginfo-0.3.6-1.el8.i686.rpm pipewire-alsa-debuginfo-0.3.6-1.el8.x86_64.rpm pipewire-debuginfo-0.3.6-1.el8.i686.rpm pipewire-debuginfo-0.3.6-1.el8.x86_64.rpm pipewire-debugsource-0.3.6-1.el8.i686.rpm pipewire-debugsource-0.3.6-1.el8.x86_64.rpm pipewire-devel-0.3.6-1.el8.i686.rpm pipewire-devel-0.3.6-1.el8.x86_64.rpm pipewire-doc-0.3.6-1.el8.x86_64.rpm pipewire-gstreamer-debuginfo-0.3.6-1.el8.i686.rpm pipewire-gstreamer-debuginfo-0.3.6-1.el8.x86_64.rpm pipewire-libs-0.3.6-1.el8.i686.rpm pipewire-libs-0.3.6-1.el8.x86_64.rpm pipewire-libs-debuginfo-0.3.6-1.el8.i686.rpm pipewire-libs-debuginfo-0.3.6-1.el8.x86_64.rpm pipewire-utils-0.3.6-1.el8.x86_64.rpm pipewire-utils-debuginfo-0.3.6-1.el8.i686.rpm pipewire-utils-debuginfo-0.3.6-1.el8.x86_64.rpm pipewire0.2-debugsource-0.2.7-6.el8.i686.rpm pipewire0.2-debugsource-0.2.7-6.el8.x86_64.rpm pipewire0.2-devel-0.2.7-6.el8.i686.rpm pipewire0.2-devel-0.2.7-6.el8.x86_64.rpm pipewire0.2-libs-0.2.7-6.el8.i686.rpm pipewire0.2-libs-0.2.7-6.el8.x86_64.rpm pipewire0.2-libs-debuginfo-0.2.7-6.el8.i686.rpm pipewire0.2-libs-debuginfo-0.2.7-6.el8.x86_64.rpm potrace-1.15-3.el8.i686.rpm potrace-1.15-3.el8.x86_64.rpm potrace-debuginfo-1.15-3.el8.i686.rpm potrace-debuginfo-1.15-3.el8.x86_64.rpm potrace-debugsource-1.15-3.el8.i686.rpm potrace-debugsource-1.15-3.el8.x86_64.rpm pygobject3-debuginfo-3.28.3-2.el8.i686.rpm pygobject3-debuginfo-3.28.3-2.el8.x86_64.rpm pygobject3-debugsource-3.28.3-2.el8.i686.rpm pygobject3-debugsource-3.28.3-2.el8.x86_64.rpm python3-gobject-3.28.3-2.el8.i686.rpm python3-gobject-3.28.3-2.el8.x86_64.rpm python3-gobject-base-3.28.3-2.el8.i686.rpm python3-gobject-base-debuginfo-3.28.3-2.el8.i686.rpm python3-gobject-base-debuginfo-3.28.3-2.el8.x86_64.rpm python3-gobject-debuginfo-3.28.3-2.el8.i686.rpm python3-gobject-debuginfo-3.28.3-2.el8.x86_64.rpm tracker-2.1.5-2.el8.i686.rpm tracker-2.1.5-2.el8.x86_64.rpm tracker-debuginfo-2.1.5-2.el8.i686.rpm tracker-debuginfo-2.1.5-2.el8.x86_64.rpm tracker-debugsource-2.1.5-2.el8.i686.rpm tracker-debugsource-2.1.5-2.el8.x86_64.rpm vte-profile-0.52.4-2.el8.x86_64.rpm vte291-0.52.4-2.el8.i686.rpm vte291-0.52.4-2.el8.x86_64.rpm vte291-debuginfo-0.52.4-2.el8.i686.rpm vte291-debuginfo-0.52.4-2.el8.x86_64.rpm vte291-debugsource-0.52.4-2.el8.i686.rpm vte291-debugsource-0.52.4-2.el8.x86_64.rpm vte291-devel-debuginfo-0.52.4-2.el8.i686.rpm vte291-devel-debuginfo-0.52.4-2.el8.x86_64.rpm webkit2gtk3-2.28.4-1.el8.i686.rpm webkit2gtk3-2.28.4-1.el8.x86_64.rpm webkit2gtk3-debuginfo-2.28.4-1.el8.i686.rpm webkit2gtk3-debuginfo-2.28.4-1.el8.x86_64.rpm webkit2gtk3-debugsource-2.28.4-1.el8.i686.rpm webkit2gtk3-debugsource-2.28.4-1.el8.x86_64.rpm webkit2gtk3-devel-2.28.4-1.el8.i686.rpm webkit2gtk3-devel-2.28.4-1.el8.x86_64.rpm webkit2gtk3-devel-debuginfo-2.28.4-1.el8.i686.rpm webkit2gtk3-devel-debuginfo-2.28.4-1.el8.x86_64.rpm webkit2gtk3-jsc-2.28.4-1.el8.i686.rpm webkit2gtk3-jsc-2.28.4-1.el8.x86_64.rpm webkit2gtk3-jsc-debuginfo-2.28.4-1.el8.i686.rpm webkit2gtk3-jsc-debuginfo-2.28.4-1.el8.x86_64.rpm webkit2gtk3-jsc-devel-2.28.4-1.el8.i686.rpm webkit2gtk3-jsc-devel-2.28.4-1.el8.x86_64.rpm webkit2gtk3-jsc-devel-debuginfo-2.28.4-1.el8.i686.rpm webkit2gtk3-jsc-devel-debuginfo-2.28.4-1.el8.x86_64.rpm webrtc-audio-processing-0.3-9.el8.i686.rpm webrtc-audio-processing-0.3-9.el8.x86_64.rpm webrtc-audio-processing-debuginfo-0.3-9.el8.i686.rpm webrtc-audio-processing-debuginfo-0.3-9.el8.x86_64.rpm webrtc-audio-processing-debugsource-0.3-9.el8.i686.rpm webrtc-audio-processing-debugsource-0.3-9.el8.x86_64.rpm xdg-desktop-portal-1.6.0-2.el8.x86_64.rpm xdg-desktop-portal-debuginfo-1.6.0-2.el8.x86_64.rpm xdg-desktop-portal-debugsource-1.6.0-2.el8.x86_64.rpm xdg-desktop-portal-gtk-1.6.0-1.el8.x86_64.rpm xdg-desktop-portal-gtk-debuginfo-1.6.0-1.el8.x86_64.rpm xdg-desktop-portal-gtk-debugsource-1.6.0-1.el8.x86_64.rpm Red Hat Enterprise Linux BaseOS (v. 8): Source: gsettings-desktop-schemas-3.32.0-5.el8.src.rpm libsoup-2.62.3-2.el8.src.rpm pygobject3-3.28.3-2.el8.src.rpm aarch64: gsettings-desktop-schemas-3.32.0-5.el8.aarch64.rpm libsoup-2.62.3-2.el8.aarch64.rpm libsoup-debuginfo-2.62.3-2.el8.aarch64.rpm libsoup-debugsource-2.62.3-2.el8.aarch64.rpm pygobject3-debuginfo-3.28.3-2.el8.aarch64.rpm pygobject3-debugsource-3.28.3-2.el8.aarch64.rpm python3-gobject-base-3.28.3-2.el8.aarch64.rpm python3-gobject-base-debuginfo-3.28.3-2.el8.aarch64.rpm python3-gobject-debuginfo-3.28.3-2.el8.aarch64.rpm ppc64le: gsettings-desktop-schemas-3.32.0-5.el8.ppc64le.rpm libsoup-2.62.3-2.el8.ppc64le.rpm libsoup-debuginfo-2.62.3-2.el8.ppc64le.rpm libsoup-debugsource-2.62.3-2.el8.ppc64le.rpm pygobject3-debuginfo-3.28.3-2.el8.ppc64le.rpm pygobject3-debugsource-3.28.3-2.el8.ppc64le.rpm python3-gobject-base-3.28.3-2.el8.ppc64le.rpm python3-gobject-base-debuginfo-3.28.3-2.el8.ppc64le.rpm python3-gobject-debuginfo-3.28.3-2.el8.ppc64le.rpm s390x: gsettings-desktop-schemas-3.32.0-5.el8.s390x.rpm libsoup-2.62.3-2.el8.s390x.rpm libsoup-debuginfo-2.62.3-2.el8.s390x.rpm libsoup-debugsource-2.62.3-2.el8.s390x.rpm pygobject3-debuginfo-3.28.3-2.el8.s390x.rpm pygobject3-debugsource-3.28.3-2.el8.s390x.rpm python3-gobject-base-3.28.3-2.el8.s390x.rpm python3-gobject-base-debuginfo-3.28.3-2.el8.s390x.rpm python3-gobject-debuginfo-3.28.3-2.el8.s390x.rpm x86_64: gsettings-desktop-schemas-3.32.0-5.el8.x86_64.rpm libsoup-2.62.3-2.el8.i686.rpm libsoup-2.62.3-2.el8.x86_64.rpm libsoup-debuginfo-2.62.3-2.el8.i686.rpm libsoup-debuginfo-2.62.3-2.el8.x86_64.rpm libsoup-debugsource-2.62.3-2.el8.i686.rpm libsoup-debugsource-2.62.3-2.el8.x86_64.rpm pygobject3-debuginfo-3.28.3-2.el8.x86_64.rpm pygobject3-debugsource-3.28.3-2.el8.x86_64.rpm python3-gobject-base-3.28.3-2.el8.x86_64.rpm python3-gobject-base-debuginfo-3.28.3-2.el8.x86_64.rpm python3-gobject-debuginfo-3.28.3-2.el8.x86_64.rpm Red Hat CodeReady Linux Builder (v. 8): Source: gtk-doc-1.28-2.el8.src.rpm aarch64: PackageKit-command-not-found-debuginfo-1.1.12-6.el8.aarch64.rpm PackageKit-debuginfo-1.1.12-6.el8.aarch64.rpm PackageKit-debugsource-1.1.12-6.el8.aarch64.rpm PackageKit-glib-debuginfo-1.1.12-6.el8.aarch64.rpm PackageKit-glib-devel-1.1.12-6.el8.aarch64.rpm PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.aarch64.rpm PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.aarch64.rpm frei0r-devel-1.6.1-7.el8.aarch64.rpm frei0r-plugins-debuginfo-1.6.1-7.el8.aarch64.rpm frei0r-plugins-debugsource-1.6.1-7.el8.aarch64.rpm frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.aarch64.rpm gtk-doc-1.28-2.el8.aarch64.rpm mutter-debuginfo-3.32.2-48.el8.aarch64.rpm mutter-debugsource-3.32.2-48.el8.aarch64.rpm mutter-devel-3.32.2-48.el8.aarch64.rpm mutter-tests-debuginfo-3.32.2-48.el8.aarch64.rpm nautilus-debuginfo-3.28.1-14.el8.aarch64.rpm nautilus-debugsource-3.28.1-14.el8.aarch64.rpm nautilus-devel-3.28.1-14.el8.aarch64.rpm nautilus-extensions-debuginfo-3.28.1-14.el8.aarch64.rpm pygobject3-debuginfo-3.28.3-2.el8.aarch64.rpm pygobject3-debugsource-3.28.3-2.el8.aarch64.rpm pygobject3-devel-3.28.3-2.el8.aarch64.rpm python3-gobject-base-debuginfo-3.28.3-2.el8.aarch64.rpm python3-gobject-debuginfo-3.28.3-2.el8.aarch64.rpm tracker-debuginfo-2.1.5-2.el8.aarch64.rpm tracker-debugsource-2.1.5-2.el8.aarch64.rpm tracker-devel-2.1.5-2.el8.aarch64.rpm vte291-debuginfo-0.52.4-2.el8.aarch64.rpm vte291-debugsource-0.52.4-2.el8.aarch64.rpm vte291-devel-0.52.4-2.el8.aarch64.rpm vte291-devel-debuginfo-0.52.4-2.el8.aarch64.rpm ppc64le: LibRaw-debuginfo-0.19.5-2.el8.ppc64le.rpm LibRaw-debugsource-0.19.5-2.el8.ppc64le.rpm LibRaw-devel-0.19.5-2.el8.ppc64le.rpm LibRaw-samples-debuginfo-0.19.5-2.el8.ppc64le.rpm PackageKit-command-not-found-debuginfo-1.1.12-6.el8.ppc64le.rpm PackageKit-debuginfo-1.1.12-6.el8.ppc64le.rpm PackageKit-debugsource-1.1.12-6.el8.ppc64le.rpm PackageKit-glib-debuginfo-1.1.12-6.el8.ppc64le.rpm PackageKit-glib-devel-1.1.12-6.el8.ppc64le.rpm PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.ppc64le.rpm PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.ppc64le.rpm frei0r-devel-1.6.1-7.el8.ppc64le.rpm frei0r-plugins-debuginfo-1.6.1-7.el8.ppc64le.rpm frei0r-plugins-debugsource-1.6.1-7.el8.ppc64le.rpm frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.ppc64le.rpm gtk-doc-1.28-2.el8.ppc64le.rpm mutter-debuginfo-3.32.2-48.el8.ppc64le.rpm mutter-debugsource-3.32.2-48.el8.ppc64le.rpm mutter-devel-3.32.2-48.el8.ppc64le.rpm mutter-tests-debuginfo-3.32.2-48.el8.ppc64le.rpm nautilus-debuginfo-3.28.1-14.el8.ppc64le.rpm nautilus-debugsource-3.28.1-14.el8.ppc64le.rpm nautilus-devel-3.28.1-14.el8.ppc64le.rpm nautilus-extensions-debuginfo-3.28.1-14.el8.ppc64le.rpm pygobject3-debuginfo-3.28.3-2.el8.ppc64le.rpm pygobject3-debugsource-3.28.3-2.el8.ppc64le.rpm pygobject3-devel-3.28.3-2.el8.ppc64le.rpm python3-gobject-base-debuginfo-3.28.3-2.el8.ppc64le.rpm python3-gobject-debuginfo-3.28.3-2.el8.ppc64le.rpm tracker-debuginfo-2.1.5-2.el8.ppc64le.rpm tracker-debugsource-2.1.5-2.el8.ppc64le.rpm tracker-devel-2.1.5-2.el8.ppc64le.rpm vte291-debuginfo-0.52.4-2.el8.ppc64le.rpm vte291-debugsource-0.52.4-2.el8.ppc64le.rpm vte291-devel-0.52.4-2.el8.ppc64le.rpm vte291-devel-debuginfo-0.52.4-2.el8.ppc64le.rpm s390x: PackageKit-command-not-found-debuginfo-1.1.12-6.el8.s390x.rpm PackageKit-debuginfo-1.1.12-6.el8.s390x.rpm PackageKit-debugsource-1.1.12-6.el8.s390x.rpm PackageKit-glib-debuginfo-1.1.12-6.el8.s390x.rpm PackageKit-glib-devel-1.1.12-6.el8.s390x.rpm PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.s390x.rpm PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.s390x.rpm frei0r-devel-1.6.1-7.el8.s390x.rpm frei0r-plugins-debuginfo-1.6.1-7.el8.s390x.rpm frei0r-plugins-debugsource-1.6.1-7.el8.s390x.rpm frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.s390x.rpm gtk-doc-1.28-2.el8.s390x.rpm mutter-debuginfo-3.32.2-48.el8.s390x.rpm mutter-debugsource-3.32.2-48.el8.s390x.rpm mutter-devel-3.32.2-48.el8.s390x.rpm mutter-tests-debuginfo-3.32.2-48.el8.s390x.rpm nautilus-debuginfo-3.28.1-14.el8.s390x.rpm nautilus-debugsource-3.28.1-14.el8.s390x.rpm nautilus-devel-3.28.1-14.el8.s390x.rpm nautilus-extensions-debuginfo-3.28.1-14.el8.s390x.rpm pygobject3-debuginfo-3.28.3-2.el8.s390x.rpm pygobject3-debugsource-3.28.3-2.el8.s390x.rpm pygobject3-devel-3.28.3-2.el8.s390x.rpm python3-gobject-base-debuginfo-3.28.3-2.el8.s390x.rpm python3-gobject-debuginfo-3.28.3-2.el8.s390x.rpm tracker-debuginfo-2.1.5-2.el8.s390x.rpm tracker-debugsource-2.1.5-2.el8.s390x.rpm tracker-devel-2.1.5-2.el8.s390x.rpm vte291-debuginfo-0.52.4-2.el8.s390x.rpm vte291-debugsource-0.52.4-2.el8.s390x.rpm vte291-devel-0.52.4-2.el8.s390x.rpm vte291-devel-debuginfo-0.52.4-2.el8.s390x.rpm x86_64: LibRaw-debuginfo-0.19.5-2.el8.i686.rpm LibRaw-debuginfo-0.19.5-2.el8.x86_64.rpm LibRaw-debugsource-0.19.5-2.el8.i686.rpm LibRaw-debugsource-0.19.5-2.el8.x86_64.rpm LibRaw-devel-0.19.5-2.el8.i686.rpm LibRaw-devel-0.19.5-2.el8.x86_64.rpm LibRaw-samples-debuginfo-0.19.5-2.el8.i686.rpm LibRaw-samples-debuginfo-0.19.5-2.el8.x86_64.rpm PackageKit-command-not-found-debuginfo-1.1.12-6.el8.i686.rpm PackageKit-command-not-found-debuginfo-1.1.12-6.el8.x86_64.rpm PackageKit-debuginfo-1.1.12-6.el8.i686.rpm PackageKit-debuginfo-1.1.12-6.el8.x86_64.rpm PackageKit-debugsource-1.1.12-6.el8.i686.rpm PackageKit-debugsource-1.1.12-6.el8.x86_64.rpm PackageKit-glib-debuginfo-1.1.12-6.el8.i686.rpm PackageKit-glib-debuginfo-1.1.12-6.el8.x86_64.rpm PackageKit-glib-devel-1.1.12-6.el8.i686.rpm PackageKit-glib-devel-1.1.12-6.el8.x86_64.rpm PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.i686.rpm PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.x86_64.rpm PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.i686.rpm PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.x86_64.rpm frei0r-devel-1.6.1-7.el8.i686.rpm frei0r-devel-1.6.1-7.el8.x86_64.rpm frei0r-plugins-1.6.1-7.el8.i686.rpm frei0r-plugins-debuginfo-1.6.1-7.el8.i686.rpm frei0r-plugins-debuginfo-1.6.1-7.el8.x86_64.rpm frei0r-plugins-debugsource-1.6.1-7.el8.i686.rpm frei0r-plugins-debugsource-1.6.1-7.el8.x86_64.rpm frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.i686.rpm frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.x86_64.rpm gtk-doc-1.28-2.el8.x86_64.rpm gvfs-1.36.2-10.el8.i686.rpm gvfs-afc-debuginfo-1.36.2-10.el8.i686.rpm gvfs-afp-debuginfo-1.36.2-10.el8.i686.rpm gvfs-archive-debuginfo-1.36.2-10.el8.i686.rpm gvfs-client-debuginfo-1.36.2-10.el8.i686.rpm gvfs-debuginfo-1.36.2-10.el8.i686.rpm gvfs-debugsource-1.36.2-10.el8.i686.rpm gvfs-fuse-debuginfo-1.36.2-10.el8.i686.rpm gvfs-goa-debuginfo-1.36.2-10.el8.i686.rpm gvfs-gphoto2-debuginfo-1.36.2-10.el8.i686.rpm gvfs-mtp-debuginfo-1.36.2-10.el8.i686.rpm gvfs-smb-debuginfo-1.36.2-10.el8.i686.rpm mutter-debuginfo-3.32.2-48.el8.i686.rpm mutter-debuginfo-3.32.2-48.el8.x86_64.rpm mutter-debugsource-3.32.2-48.el8.i686.rpm mutter-debugsource-3.32.2-48.el8.x86_64.rpm mutter-devel-3.32.2-48.el8.i686.rpm mutter-devel-3.32.2-48.el8.x86_64.rpm mutter-tests-debuginfo-3.32.2-48.el8.i686.rpm mutter-tests-debuginfo-3.32.2-48.el8.x86_64.rpm nautilus-3.28.1-14.el8.i686.rpm nautilus-debuginfo-3.28.1-14.el8.i686.rpm nautilus-debuginfo-3.28.1-14.el8.x86_64.rpm nautilus-debugsource-3.28.1-14.el8.i686.rpm nautilus-debugsource-3.28.1-14.el8.x86_64.rpm nautilus-devel-3.28.1-14.el8.i686.rpm nautilus-devel-3.28.1-14.el8.x86_64.rpm nautilus-extensions-debuginfo-3.28.1-14.el8.i686.rpm nautilus-extensions-debuginfo-3.28.1-14.el8.x86_64.rpm pygobject3-debuginfo-3.28.3-2.el8.i686.rpm pygobject3-debuginfo-3.28.3-2.el8.x86_64.rpm pygobject3-debugsource-3.28.3-2.el8.i686.rpm pygobject3-debugsource-3.28.3-2.el8.x86_64.rpm pygobject3-devel-3.28.3-2.el8.i686.rpm pygobject3-devel-3.28.3-2.el8.x86_64.rpm python3-gobject-base-debuginfo-3.28.3-2.el8.i686.rpm python3-gobject-base-debuginfo-3.28.3-2.el8.x86_64.rpm python3-gobject-debuginfo-3.28.3-2.el8.i686.rpm python3-gobject-debuginfo-3.28.3-2.el8.x86_64.rpm tracker-debuginfo-2.1.5-2.el8.i686.rpm tracker-debuginfo-2.1.5-2.el8.x86_64.rpm tracker-debugsource-2.1.5-2.el8.i686.rpm tracker-debugsource-2.1.5-2.el8.x86_64.rpm tracker-devel-2.1.5-2.el8.i686.rpm tracker-devel-2.1.5-2.el8.x86_64.rpm vte291-debuginfo-0.52.4-2.el8.i686.rpm vte291-debuginfo-0.52.4-2.el8.x86_64.rpm vte291-debugsource-0.52.4-2.el8.i686.rpm vte291-debugsource-0.52.4-2.el8.x86_64.rpm vte291-devel-0.52.4-2.el8.i686.rpm vte291-devel-0.52.4-2.el8.x86_64.rpm vte291-devel-debuginfo-0.52.4-2.el8.i686.rpm vte291-devel-debuginfo-0.52.4-2.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-8625 https://access.redhat.com/security/cve/CVE-2019-8710 https://access.redhat.com/security/cve/CVE-2019-8720 https://access.redhat.com/security/cve/CVE-2019-8743 https://access.redhat.com/security/cve/CVE-2019-8764 https://access.redhat.com/security/cve/CVE-2019-8766 https://access.redhat.com/security/cve/CVE-2019-8769 https://access.redhat.com/security/cve/CVE-2019-8771 https://access.redhat.com/security/cve/CVE-2019-8782 https://access.redhat.com/security/cve/CVE-2019-8783 https://access.redhat.com/security/cve/CVE-2019-8808 https://access.redhat.com/security/cve/CVE-2019-8811 https://access.redhat.com/security/cve/CVE-2019-8812 https://access.redhat.com/security/cve/CVE-2019-8813 https://access.redhat.com/security/cve/CVE-2019-8814 https://access.redhat.com/security/cve/CVE-2019-8815 https://access.redhat.com/security/cve/CVE-2019-8816 https://access.redhat.com/security/cve/CVE-2019-8819 https://access.redhat.com/security/cve/CVE-2019-8820 https://access.redhat.com/security/cve/CVE-2019-8823 https://access.redhat.com/security/cve/CVE-2019-8835 https://access.redhat.com/security/cve/CVE-2019-8844 https://access.redhat.com/security/cve/CVE-2019-8846 https://access.redhat.com/security/cve/CVE-2020-3862 https://access.redhat.com/security/cve/CVE-2020-3864 https://access.redhat.com/security/cve/CVE-2020-3865 https://access.redhat.com/security/cve/CVE-2020-3867 https://access.redhat.com/security/cve/CVE-2020-3868 https://access.redhat.com/security/cve/CVE-2020-3885 https://access.redhat.com/security/cve/CVE-2020-3894 https://access.redhat.com/security/cve/CVE-2020-3895 https://access.redhat.com/security/cve/CVE-2020-3897 https://access.redhat.com/security/cve/CVE-2020-3899 https://access.redhat.com/security/cve/CVE-2020-3900 https://access.redhat.com/security/cve/CVE-2020-3901 https://access.redhat.com/security/cve/CVE-2020-3902 https://access.redhat.com/security/cve/CVE-2020-9802 https://access.redhat.com/security/cve/CVE-2020-9803 https://access.redhat.com/security/cve/CVE-2020-9805 https://access.redhat.com/security/cve/CVE-2020-9806 https://access.redhat.com/security/cve/CVE-2020-9807 https://access.redhat.com/security/cve/CVE-2020-9843 https://access.redhat.com/security/cve/CVE-2020-9850 https://access.redhat.com/security/cve/CVE-2020-9862 https://access.redhat.com/security/cve/CVE-2020-9893 https://access.redhat.com/security/cve/CVE-2020-9894 https://access.redhat.com/security/cve/CVE-2020-9895 https://access.redhat.com/security/cve/CVE-2020-9915 https://access.redhat.com/security/cve/CVE-2020-9925 https://access.redhat.com/security/cve/CVE-2020-10018 https://access.redhat.com/security/cve/CVE-2020-11793 https://access.redhat.com/security/cve/CVE-2020-14391 https://access.redhat.com/security/cve/CVE-2020-15503 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/ 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc
var-201210-0272	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Security. Oracle Java SE is prone to a remote vulnerability in Java Runtime Environment. The vulnerability can be exploited over multiple protocols. This issue affects the 'Security' sub-component. This vulnerability affects the following supported versions: 7 Update 7, 6 Update 35, 5.0 Update 36, 1.4.2_38. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory and Oracle Security Alert pages, listed in the References section. Background ========== IcedTea is a distribution of the Java OpenJDK source code built with free build tools. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03596813 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03596813 Version: 1 HPSBOV02833 SSRT101043 rev.1 - OpenVMS running Java on Integrity Servers, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2013-01-07 Last Updated: 2013-01-07 Potential Security Impact: Remote unauthorized access, disclosure of information, and other vulnerabilities Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on OpenVMS Integrity Servers. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other exploits. OpenVMS Integrity JDK and JRE 6.0-3.p1 and earlier. BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2012-1531 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-1532 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-1533 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-3143 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-3159 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-3216 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6 CVE-2012-4416 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2012-5068 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-5069 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8 CVE-2012-5071 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2012-5072 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2012-5073 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2012-5075 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2012-5077 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6 CVE-2012-5079 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2012-5081 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-5083 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-5084 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2012-5085 (AV:N/AC:M/Au:S/C:N/I:N/A:N) 0.0 CVE-2012-5086 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-5087 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-5089 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has made the following software updates available to resolve these vulnerabilities. The updates are available from the following location: http://h18012.www1.hp.com/java/alpha Kit Name Java SE Development Kit (JDK) 6.0-4 for the OpenVMS I64 Operating System Java SE Runtime Environment (JRE) 6.0-4 for the OpenVMS I64 Operating System HISTORY Version:1 (rev.1) - 7 January 2013 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c02964430 Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2013 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-10-16-1 Java for OS X 2012-006 and Java for Mac OS X 10.6 Update 11 Java for OS X 2012-006 and Java for Mac OS X 10.6 Update 11 are now available and address the following: Java Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later Impact: Multiple vulnerabilities in Java 1.6.0_35 Description: Multiple vulnerabilities exist in Java 1.6.0_35, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_37. Further information is available via the Java website at http://www.o racle.com/technetwork/java/javase/releasenotes-136954.html CVE-ID CVE-2012-1531 CVE-2012-1532 CVE-2012-1533 CVE-2012-3143 CVE-2012-3159 CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5075 CVE-2012-5077 CVE-2012-5081 CVE-2012-5083 CVE-2012-5084 CVE-2012-5086 CVE-2012-5089 CVE-2012-5979 Java for OS X 2012-006 and Java for Mac OS X 10.6 Update 11 may be obtained from the Software Update pane in System Preferences, Mac App Store, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ For Mac OS X v10.6 systems The download file is named: JavaForMacOSX10.6.dmg Its SHA-1 digest is: 2ca7594a6f7849b502715e8473cf46ef73570da6 For OS X Lion and Mountain Lion systems The download file is named: JavaForOSX.dmg Its SHA-1 digest is: eff777cdc39b4e3336b3477f60e8ad769ded8532 Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJQfZ+bAAoJEPefwLHPlZEwF+YP/iVGN+CqCkLf7SavQUwyTQ08 a6+I34hefvCQcLCQ4EBYOzDXUJIlcH2azcGnvQsrrgWgpoE6ykqyj4fkpwLM0nF1 CfcSGOV8hmC2ZtR2PgJLcaP4FDKyNoOqLtKY6KtZnUQNcKBYcdM/y3OON9Zc0F2/ m/nQGnm3RfuXYXzSmTwJVKjuR1MkhUfZ9N6cwYUfjQC6cQaRs4tjeezd1jaobeXZ lfk5Mo/kp3KTwAKsjdwqIThGX/UXdHQm9PnGfU9ktNv0429vKTX4VarPjyLsIeiO GcBjfzRKzWYrbzTyKqKRAmtC/TcTnGJ8AfOjCP6HedeelJEbHB3iBb4ugqHzcPGG ffZ9rZy8SMVppJyv3NeJJN86Kl3etdShmhj7maxyQUopDanpZQraaarkNlSYyLql I0z4/IGX6W4Y2HYI+5wRchSewZi9mU9tw1HFZaoINaPBynEC0jihbeT5P9olX7mL 1OrWyPMPeaXtD9VRaSlV1WwPojJp26XrcWFUu6gqCOWRTzL0h83hNJrQJwTW7PrT g6ryifMGItMkmOuINyniuUbz1PcOiQZ5VhtQn8XbvjX4BpGS6GJ4IAJ0rv9nSeON PGv6JcpEAdjEdsChnDTGGTyUzQSN+HU/KTd7Jngg/Bu1v96ZAqrmVzFVkZi+6dtN 8KhhmiZ54RdiudmsUgFu =TWGY -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201401-30 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Oracle JRE/JDK: Multiple vulnerabilities Date: January 27, 2014 Bugs: #404071, #421073, #433094, #438706, #451206, #455174, #458444, #460360, #466212, #473830, #473980, #488210, #498148 ID: 201401-30 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in the Oracle JRE/JDK, allowing attackers to cause unspecified impact. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-java/sun-jdk <= 1.6.0.45 Vulnerable! 2 dev-java/oracle-jdk-bin < 1.7.0.51 >= 1.7.0.51 * 3 dev-java/sun-jre-bin <= 1.6.0.45 Vulnerable! 4 dev-java/oracle-jre-bin < 1.7.0.51 >= 1.7.0.51 * 5 app-emulation/emul-linux-x86-java < 1.7.0.51 >= 1.7.0.51 * ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. ------------------------------------------------------------------- NOTE: Packages marked with asterisks require manual intervention! ------------------------------------------------------------------- 5 affected packages Description =========== Multiple vulnerabilities have been reported in the Oracle Java implementation. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Oracle JDK 1.7 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jdk-bin-1.7.0.51" All Oracle JRE 1.7 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jre-bin-1.7.0.51" All users of the precompiled 32-bit Oracle JRE should upgrade to the latest version: # emerge --sync # emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.7.0.51" All Sun Microsystems JDK/JRE 1.6 users are suggested to upgrade to one of the newer Oracle packages like dev-java/oracle-jdk-bin or dev-java/oracle-jre-bin or choose another alternative we provide; eg. the IBM JDK/JRE or the open source IcedTea. References ========== [ 1 ] CVE-2011-3563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563 [ 2 ] CVE-2011-5035 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035 [ 3 ] CVE-2012-0497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497 [ 4 ] CVE-2012-0498 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0498 [ 5 ] CVE-2012-0499 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0499 [ 6 ] CVE-2012-0500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0500 [ 7 ] CVE-2012-0501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501 [ 8 ] CVE-2012-0502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502 [ 9 ] CVE-2012-0503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503 [ 10 ] CVE-2012-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0504 [ 11 ] CVE-2012-0505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505 [ 12 ] CVE-2012-0506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506 [ 13 ] CVE-2012-0507 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0507 [ 14 ] CVE-2012-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547 [ 15 ] CVE-2012-1531 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1531 [ 16 ] CVE-2012-1532 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1532 [ 17 ] CVE-2012-1533 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1533 [ 18 ] CVE-2012-1541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1541 [ 19 ] CVE-2012-1682 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1682 [ 20 ] CVE-2012-1711 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711 [ 21 ] CVE-2012-1713 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713 [ 22 ] CVE-2012-1716 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716 [ 23 ] CVE-2012-1717 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717 [ 24 ] CVE-2012-1718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718 [ 25 ] CVE-2012-1719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719 [ 26 ] CVE-2012-1721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1721 [ 27 ] CVE-2012-1722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1722 [ 28 ] CVE-2012-1723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723 [ 29 ] CVE-2012-1724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724 [ 30 ] CVE-2012-1725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725 [ 31 ] CVE-2012-1726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726 [ 32 ] CVE-2012-3136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3136 [ 33 ] CVE-2012-3143 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3143 [ 34 ] CVE-2012-3159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3159 [ 35 ] CVE-2012-3174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3174 [ 36 ] CVE-2012-3213 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3213 [ 37 ] CVE-2012-3216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216 [ 38 ] CVE-2012-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3342 [ 39 ] CVE-2012-4416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416 [ 40 ] CVE-2012-4681 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4681 [ 41 ] CVE-2012-5067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5067 [ 42 ] CVE-2012-5068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068 [ 43 ] CVE-2012-5069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069 [ 44 ] CVE-2012-5070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070 [ 45 ] CVE-2012-5071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071 [ 46 ] CVE-2012-5072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072 [ 47 ] CVE-2012-5073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073 [ 48 ] CVE-2012-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074 [ 49 ] CVE-2012-5075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075 [ 50 ] CVE-2012-5076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076 [ 51 ] CVE-2012-5077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077 [ 52 ] CVE-2012-5079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5079 [ 53 ] CVE-2012-5081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081 [ 54 ] CVE-2012-5083 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5083 [ 55 ] CVE-2012-5084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084 [ 56 ] CVE-2012-5085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085 [ 57 ] CVE-2012-5086 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086 [ 58 ] CVE-2012-5087 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087 [ 59 ] CVE-2012-5088 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5088 [ 60 ] CVE-2012-5089 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089 [ 61 ] CVE-2013-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169 [ 62 ] CVE-2013-0351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0351 [ 63 ] CVE-2013-0401 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401 [ 64 ] CVE-2013-0402 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0402 [ 65 ] CVE-2013-0409 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0409 [ 66 ] CVE-2013-0419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0419 [ 67 ] CVE-2013-0422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0422 [ 68 ] CVE-2013-0423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0423 [ 69 ] CVE-2013-0430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0430 [ 70 ] CVE-2013-0437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0437 [ 71 ] CVE-2013-0438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0438 [ 72 ] CVE-2013-0445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0445 [ 73 ] CVE-2013-0446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0446 [ 74 ] CVE-2013-0448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0448 [ 75 ] CVE-2013-0449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0449 [ 76 ] CVE-2013-0809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809 [ 77 ] CVE-2013-1473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1473 [ 78 ] CVE-2013-1479 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1479 [ 79 ] CVE-2013-1481 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1481 [ 80 ] CVE-2013-1484 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484 [ 81 ] CVE-2013-1485 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485 [ 82 ] CVE-2013-1486 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486 [ 83 ] CVE-2013-1487 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1487 [ 84 ] CVE-2013-1488 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488 [ 85 ] CVE-2013-1491 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1491 [ 86 ] CVE-2013-1493 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493 [ 87 ] CVE-2013-1500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500 [ 88 ] CVE-2013-1518 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518 [ 89 ] CVE-2013-1537 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537 [ 90 ] CVE-2013-1540 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1540 [ 91 ] CVE-2013-1557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557 [ 92 ] CVE-2013-1558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1558 [ 93 ] CVE-2013-1561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1561 [ 94 ] CVE-2013-1563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1563 [ 95 ] CVE-2013-1564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1564 [ 96 ] CVE-2013-1569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569 [ 97 ] CVE-2013-1571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571 [ 98 ] CVE-2013-2383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383 [ 99 ] CVE-2013-2384 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384 [ 100 ] CVE-2013-2394 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2394 [ 101 ] CVE-2013-2400 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2400 [ 102 ] CVE-2013-2407 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407 [ 103 ] CVE-2013-2412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412 [ 104 ] CVE-2013-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2414 [ 105 ] CVE-2013-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415 [ 106 ] CVE-2013-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2416 [ 107 ] CVE-2013-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417 [ 108 ] CVE-2013-2418 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2418 [ 109 ] CVE-2013-2419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419 [ 110 ] CVE-2013-2420 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420 [ 111 ] CVE-2013-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421 [ 112 ] CVE-2013-2422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422 [ 113 ] CVE-2013-2423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423 [ 114 ] CVE-2013-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424 [ 115 ] CVE-2013-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2425 [ 116 ] CVE-2013-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426 [ 117 ] CVE-2013-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2427 [ 118 ] CVE-2013-2428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2428 [ 119 ] CVE-2013-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429 [ 120 ] CVE-2013-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430 [ 121 ] CVE-2013-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431 [ 122 ] CVE-2013-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2432 [ 123 ] CVE-2013-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2433 [ 124 ] CVE-2013-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2434 [ 125 ] CVE-2013-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2435 [ 126 ] CVE-2013-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436 [ 127 ] CVE-2013-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2437 [ 128 ] CVE-2013-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2438 [ 129 ] CVE-2013-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2439 [ 130 ] CVE-2013-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2440 [ 131 ] CVE-2013-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2442 [ 132 ] CVE-2013-2443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443 [ 133 ] CVE-2013-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444 [ 134 ] CVE-2013-2445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445 [ 135 ] CVE-2013-2446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446 [ 136 ] CVE-2013-2447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447 [ 137 ] CVE-2013-2448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448 [ 138 ] CVE-2013-2449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449 [ 139 ] CVE-2013-2450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450 [ 140 ] CVE-2013-2451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451 [ 141 ] CVE-2013-2452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452 [ 142 ] CVE-2013-2453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453 [ 143 ] CVE-2013-2454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454 [ 144 ] CVE-2013-2455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455 [ 145 ] CVE-2013-2456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456 [ 146 ] CVE-2013-2457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457 [ 147 ] CVE-2013-2458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458 [ 148 ] CVE-2013-2459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459 [ 149 ] CVE-2013-2460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460 [ 150 ] CVE-2013-2461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461 [ 151 ] CVE-2013-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2462 [ 152 ] CVE-2013-2463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463 [ 153 ] CVE-2013-2464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2464 [ 154 ] CVE-2013-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465 [ 155 ] CVE-2013-2466 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2466 [ 156 ] CVE-2013-2467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2467 [ 157 ] CVE-2013-2468 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2468 [ 158 ] CVE-2013-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469 [ 159 ] CVE-2013-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470 [ 160 ] CVE-2013-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471 [ 161 ] CVE-2013-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472 [ 162 ] CVE-2013-2473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473 [ 163 ] CVE-2013-3743 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3743 [ 164 ] CVE-2013-3744 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3744 [ 165 ] CVE-2013-3829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829 [ 166 ] CVE-2013-5772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772 [ 167 ] CVE-2013-5774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774 [ 168 ] CVE-2013-5775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5775 [ 169 ] CVE-2013-5776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5776 [ 170 ] CVE-2013-5777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5777 [ 171 ] CVE-2013-5778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778 [ 172 ] CVE-2013-5780 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780 [ 173 ] CVE-2013-5782 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782 [ 174 ] CVE-2013-5783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783 [ 175 ] CVE-2013-5784 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784 [ 176 ] CVE-2013-5787 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5787 [ 177 ] CVE-2013-5788 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5788 [ 178 ] CVE-2013-5789 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5789 [ 179 ] CVE-2013-5790 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790 [ 180 ] CVE-2013-5797 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797 [ 181 ] CVE-2013-5800 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800 [ 182 ] CVE-2013-5801 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5801 [ 183 ] CVE-2013-5802 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802 [ 184 ] CVE-2013-5803 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803 [ 185 ] CVE-2013-5804 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804 [ 186 ] CVE-2013-5805 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805 [ 187 ] CVE-2013-5806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806 [ 188 ] CVE-2013-5809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809 [ 189 ] CVE-2013-5810 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5810 [ 190 ] CVE-2013-5812 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5812 [ 191 ] CVE-2013-5814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814 [ 192 ] CVE-2013-5817 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817 [ 193 ] CVE-2013-5818 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5818 [ 194 ] CVE-2013-5819 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5819 [ 195 ] CVE-2013-5820 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820 [ 196 ] CVE-2013-5823 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823 [ 197 ] CVE-2013-5824 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5824 [ 198 ] CVE-2013-5825 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825 [ 199 ] CVE-2013-5829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829 [ 200 ] CVE-2013-5830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830 [ 201 ] CVE-2013-5831 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5831 [ 202 ] CVE-2013-5832 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5832 [ 203 ] CVE-2013-5838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5838 [ 204 ] CVE-2013-5840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840 [ 205 ] CVE-2013-5842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842 [ 206 ] CVE-2013-5843 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5843 [ 207 ] CVE-2013-5844 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5844 [ 208 ] CVE-2013-5846 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5846 [ 209 ] CVE-2013-5848 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5848 [ 210 ] CVE-2013-5849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849 [ 211 ] CVE-2013-5850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850 [ 212 ] CVE-2013-5851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851 [ 213 ] CVE-2013-5852 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5852 [ 214 ] CVE-2013-5854 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5854 [ 215 ] CVE-2013-5870 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5870 [ 216 ] CVE-2013-5878 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5878 [ 217 ] CVE-2013-5887 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5887 [ 218 ] CVE-2013-5888 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5888 [ 219 ] CVE-2013-5889 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5889 [ 220 ] CVE-2013-5893 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5893 [ 221 ] CVE-2013-5895 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5895 [ 222 ] CVE-2013-5896 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5896 [ 223 ] CVE-2013-5898 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5898 [ 224 ] CVE-2013-5899 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5899 [ 225 ] CVE-2013-5902 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5902 [ 226 ] CVE-2013-5904 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5904 [ 227 ] CVE-2013-5905 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5905 [ 228 ] CVE-2013-5906 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5906 [ 229 ] CVE-2013-5907 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5907 [ 230 ] CVE-2013-5910 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5910 [ 231 ] CVE-2014-0368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0368 [ 232 ] CVE-2014-0373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0373 [ 233 ] CVE-2014-0375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0375 [ 234 ] CVE-2014-0376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0376 [ 235 ] CVE-2014-0382 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0382 [ 236 ] CVE-2014-0385 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0385 [ 237 ] CVE-2014-0387 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0387 [ 238 ] CVE-2014-0403 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0403 [ 239 ] CVE-2014-0408 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0408 [ 240 ] CVE-2014-0410 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0410 [ 241 ] CVE-2014-0411 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0411 [ 242 ] CVE-2014-0415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0415 [ 243 ] CVE-2014-0416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0416 [ 244 ] CVE-2014-0417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0417 [ 245 ] CVE-2014-0418 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0418 [ 246 ] CVE-2014-0422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0422 [ 247 ] CVE-2014-0423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0423 [ 248 ] CVE-2014-0424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0424 [ 249 ] CVE-2014-0428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0428 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201401-30.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . (CVE-2012-5085) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. ============================================================================ Ubuntu Security Notice USN-1619-1 October 26, 2012 openjdk-6, openjdk-7 vulnerabilities ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.10 - Ubuntu 12.04 LTS - Ubuntu 11.10 - Ubuntu 11.04 - Ubuntu 10.04 LTS Summary: Several security issues were fixed in OpenJDK. An attacker could exploit these to cause a denial of service. These issues only affected Ubuntu 12.10. (CVE-2012-5067, CVE-2012-5070) Vulnerabilities were discovered in the OpenJDK JRE related to data integrity. (CVE-2012-5073, CVE-2012-5079) A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. This issue only affected Ubuntu 12.10. An attacker could exploit these to cause a denial of service. These issues only affected Ubuntu 12.10. (CVE-2012-5076, CVE-2012-5087, CVE-2012-5088) A denial of service vulnerability was found in OpenJDK. (CVE-2012-5081) Please see the following for more information: http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.10: icedtea-7-jre-cacao 7u9-2.3.3-0ubuntu1~12.10.1 icedtea-7-jre-jamvm 7u9-2.3.3-0ubuntu1~12.10.1 openjdk-7-jre 7u9-2.3.3-0ubuntu1~12.10.1 openjdk-7-jre-headless 7u9-2.3.3-0ubuntu1~12.10.1 openjdk-7-jre-lib 7u9-2.3.3-0ubuntu1~12.10.1 openjdk-7-jre-zero 7u9-2.3.3-0ubuntu1~12.10.1 Ubuntu 12.04 LTS: icedtea-6-jre-cacao 6b24-1.11.5-0ubuntu1~12.04.1 icedtea-6-jre-jamvm 6b24-1.11.5-0ubuntu1~12.04.1 openjdk-6-jre 6b24-1.11.5-0ubuntu1~12.04.1 openjdk-6-jre-headless 6b24-1.11.5-0ubuntu1~12.04.1 openjdk-6-jre-lib 6b24-1.11.5-0ubuntu1~12.04.1 openjdk-6-jre-zero 6b24-1.11.5-0ubuntu1~12.04.1 Ubuntu 11.10: icedtea-6-jre-cacao 6b24-1.11.5-0ubuntu1~11.10.1 icedtea-6-jre-jamvm 6b24-1.11.5-0ubuntu1~11.10.1 openjdk-6-jre 6b24-1.11.5-0ubuntu1~11.10.1 openjdk-6-jre-headless 6b24-1.11.5-0ubuntu1~11.10.1 openjdk-6-jre-lib 6b24-1.11.5-0ubuntu1~11.10.1 openjdk-6-jre-zero 6b24-1.11.5-0ubuntu1~11.10.1 Ubuntu 11.04: icedtea-6-jre-cacao 6b24-1.11.5-0ubuntu1~11.04.1 icedtea-6-jre-jamvm 6b24-1.11.5-0ubuntu1~11.04.1 openjdk-6-jre 6b24-1.11.5-0ubuntu1~11.04.1 openjdk-6-jre-headless 6b24-1.11.5-0ubuntu1~11.04.1 openjdk-6-jre-lib 6b24-1.11.5-0ubuntu1~11.04.1 openjdk-6-jre-zero 6b24-1.11.5-0ubuntu1~11.04.1 Ubuntu 10.04 LTS: icedtea-6-jre-cacao 6b24-1.11.5-0ubuntu1~10.04.2 openjdk-6-jre 6b24-1.11.5-0ubuntu1~10.04.2 openjdk-6-jre-headless 6b24-1.11.5-0ubuntu1~10.04.2 openjdk-6-jre-lib 6b24-1.11.5-0ubuntu1~10.04.2 openjdk-6-jre-zero 6b24-1.11.5-0ubuntu1~10.04.2 This update uses a new upstream release, which includes additional bug fixes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: java-1.7.0-openjdk security update Advisory ID: RHSA-2012:1386-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1386.html Issue date: 2012-10-17 CVE Names: CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5070 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5074 CVE-2012-5075 CVE-2012-5076 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5087 CVE-2012-5088 CVE-2012-5089 ===================================================================== 1. Summary: Updated java-1.7.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64 3. Description: These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple improper permission check issues were discovered in the Beans, Libraries, Swing, and JMX components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2012-5086, CVE-2012-5087, CVE-2012-5088, CVE-2012-5084, CVE-2012-5089) The default Java security properties configuration did not restrict access to certain com.sun.org.glassfish packages. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. This update lists those packages as restricted. (CVE-2012-5076, CVE-2012-5074) Multiple improper permission check issues were discovered in the Scripting, JMX, Concurrency, Libraries, and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2012-5068, CVE-2012-5071, CVE-2012-5069, CVE-2012-5073, CVE-2012-5072) It was discovered that java.util.ServiceLoader could create an instance of an incompatible class while performing provider lookup. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2012-5079) It was discovered that the Java Secure Socket Extension (JSSE) SSL/TLS implementation did not properly handle handshake records containing an overly large data length value. An unauthenticated, remote attacker could possibly use this flaw to cause an SSL/TLS server to terminate with an exception. (CVE-2012-5081) It was discovered that the JMX component in OpenJDK could perform certain actions in an insecure manner. An untrusted Java application or applet could possibly use these flaws to disclose sensitive information. (CVE-2012-5070, CVE-2012-5075) A bug in the Java HotSpot Virtual Machine optimization code could cause it to not perform array initialization in certain cases. An untrusted Java application or applet could use this flaw to disclose portions of the virtual machine's memory. (CVE-2012-4416) It was discovered that the SecureRandom class did not properly protect against the creation of multiple seeders. An untrusted Java application or applet could possibly use this flaw to disclose sensitive information. (CVE-2012-5077) It was discovered that the java.io.FilePermission class exposed the hash code of the canonicalized path name. An untrusted Java application or applet could possibly use this flaw to determine certain system paths, such as the current working directory. (CVE-2012-3216) This update disables Gopher protocol support in the java.net package by default. Gopher support can be enabled by setting the newly introduced property, "jdk.net.registerGopherProtocol", to true. (CVE-2012-5085) This erratum also upgrades the OpenJDK package to IcedTea7 2.3.3. Refer to the NEWS file, linked to in the References, for further information. All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 856124 - CVE-2012-4416 OpenJDK: uninitialized Array JVM memory disclosure (Hotspot, 7198606) 865346 - CVE-2012-3216 OpenJDK: java.io.FilePermission information leak (Libraries, 6631398) 865348 - CVE-2012-5068 OpenJDK: RhinoScriptEngine security bypass (Scripting, 7143535) 865350 - CVE-2012-5070 OpenJDK: EnvHelp information disclosure (JMX, 7158796) 865352 - CVE-2012-5076 OpenJDK: com.sun.org.glassfish.* not restricted packages (JAX-WS, 7163198) 865354 - CVE-2012-5077 OpenJDK: SecureRandom mulitple seeders information disclosure (Security, 7167656) 865357 - CVE-2012-5073 OpenJDK: LogManager security bypass (Libraries, 7169884) 865359 - CVE-2012-5074 OpenJDK: com.sun.org.glassfish.* not restricted packages (JAX-WS, 7169887) 865363 - CVE-2012-5075 OpenJDK: RMIConnectionImpl information disclosure (JMX, 7169888) 865365 - CVE-2012-5072 OpenJDK: AccessController.doPrivilegedWithCombiner() information disclosure (Security, 7172522) 865370 - CVE-2012-5081 OpenJDK: JSSE denial of service (JSSE, 7186286) 865428 - CVE-2012-5086 OpenJDK: XMLDecoder sandbox restriction bypass (Beans, 7195917) 865434 - CVE-2012-5087 OpenJDK: PropertyElementHandler insufficient access checks (Beans, 7195549) 865471 - CVE-2012-5088 OpenJDK: MethodHandle insufficient access control checks (Libraries, 7196190) 865511 - CVE-2012-5084 OpenJDK: DefaultFormatter insufficient data validation (Swing, 7195194) 865514 - CVE-2012-5089 OpenJDK: RMIConnectionImpl insufficient access control checks (JMX, 7198296) 865519 - CVE-2012-5071 OpenJDK: DescriptorSupport insufficient package access checks (JMX, 7192975) 865531 - CVE-2012-5069 OpenJDK: Executors state handling issues (Concurrency, 7189103) 865541 - CVE-2012-5085 OpenJDK: disable Gopher support by default (Gopher, 7189567) 865568 - CVE-2012-5079 OpenJDK: ServiceLoader reject not subtype classes without instantiating (Libraries, 7195919) 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm i386: java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm x86_64: java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm i386: java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.i686.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm x86_64: java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm i386: java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm x86_64: java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm i386: java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.i686.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm i386: java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm x86_64: java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm i386: java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.i686.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-3216.html https://www.redhat.com/security/data/cve/CVE-2012-4416.html https://www.redhat.com/security/data/cve/CVE-2012-5068.html https://www.redhat.com/security/data/cve/CVE-2012-5069.html https://www.redhat.com/security/data/cve/CVE-2012-5070.html https://www.redhat.com/security/data/cve/CVE-2012-5071.html https://www.redhat.com/security/data/cve/CVE-2012-5072.html https://www.redhat.com/security/data/cve/CVE-2012-5073.html https://www.redhat.com/security/data/cve/CVE-2012-5074.html https://www.redhat.com/security/data/cve/CVE-2012-5075.html https://www.redhat.com/security/data/cve/CVE-2012-5076.html https://www.redhat.com/security/data/cve/CVE-2012-5077.html https://www.redhat.com/security/data/cve/CVE-2012-5079.html https://www.redhat.com/security/data/cve/CVE-2012-5081.html https://www.redhat.com/security/data/cve/CVE-2012-5084.html https://www.redhat.com/security/data/cve/CVE-2012-5085.html https://www.redhat.com/security/data/cve/CVE-2012-5086.html https://www.redhat.com/security/data/cve/CVE-2012-5087.html https://www.redhat.com/security/data/cve/CVE-2012-5088.html https://www.redhat.com/security/data/cve/CVE-2012-5089.html https://access.redhat.com/security/updates/classification/#important http://icedtea.classpath.org/hg/release/icedtea7-2.3/file/icedtea-2.3.3/NEWS http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFQftouXlSAg2UNWIIRAu4QAJ9oluAxlU3ZC8CvezRk4Erm08HD+QCeNlqf GG07IH3dgJiG+gj47Cm1WNQ= =8X+P -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
var-202008-0248	An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network. To exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access. Microsoft is addressing the vulnerability in a phased two-part rollout. These updates address the vulnerability by modifying how Netlogon handles the usage of Netlogon secure channels. For guidelines on how to manage the changes required for this vulnerability and more information on the phased rollout, see How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472 (updated September 28, 2020). When the second phase of Windows updates become available in Q1 2021, customers will be notified via a revision to this security vulnerability. If you wish to be notified when these updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this advisory. See Microsoft Technical Security Notifications. The Microsoft Windows Netlogon Remote Protocol (MS-NRPC) reuses a known, static, zero-value initialization vector (IV) in AES-CFB8 mode. plural Microsoft Windows The product contains an elevation of privilege vulnerability. Both Microsoft Windows and Microsoft Windows Server are products of Microsoft Corporation. Microsoft Windows is an operating system for personal devices. Microsoft Windows Server is a server operating system. Netlogon is a service used to register all SRV resource records for domain controllers. The following products and versions are affected: Microsoft Windows Server 2008 R2 SP1, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Server 2019, Windows Server 1903, Windows Server 1909, Windows Server 2004. A flaw was found in the way samba handled file and directory permissions. (CVE-2020-14318) A null pointer dereference flaw was found in Samba's winbind service. This flaw allows a local user to crash the winbind service, causing a denial of service. The highest threat from this vulnerability is to system availability. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2020-1472). 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. The following packages have been upgraded to a later upstream version: samba (4.13.3). Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202012-24 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Samba: Multiple vulnerabilities Date: December 24, 2020 Bugs: #743433, #751724 ID: 202012-24 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in Samba, the worst of which could result in a Denial of Service condition. Background ========== Samba is a suite of SMB and CIFS client/server programs. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-fs/samba < 4.12.9 >= 4.12.9 Description =========== Multiple vulnerabilities have been discovered in Samba. Please review the CVE identifiers referenced below for details. Impact ====== Please review the referenced CVE identifiers for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Samba users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-fs/samba-4.12.9" References ========== [ 1 ] CVE-2020-14318 https://nvd.nist.gov/vuln/detail/CVE-2020-14318 [ 2 ] CVE-2020-14323 https://nvd.nist.gov/vuln/detail/CVE-2020-14323 [ 3 ] CVE-2020-14383 https://nvd.nist.gov/vuln/detail/CVE-2020-14383 [ 4 ] CVE-2020-1472 https://nvd.nist.gov/vuln/detail/CVE-2020-1472 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202012-24 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2020 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: samba security and bug fix update Advisory ID: RHSA-2020:5439-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:5439 Issue date: 2020-12-15 CVE Names: CVE-2020-1472 CVE-2020-14318 CVE-2020-14323 ===================================================================== 1. Summary: An update for samba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Resilient Storage (v. 7) - ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64 3. Description: Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix(es): * samba: Netlogon elevation of privilege vulnerability (Zerologon) (CVE-2020-1472) * samba: Missing handle permissions check in SMB1/2/3 ChangeNotify (CVE-2020-14318) * samba: Unprivileged user can crash winbind (CVE-2020-14323) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * The 'require_membership_of' documentation in pam_winbind manpage is incorrect (BZ#1853272) * Malfunctioning %U substitution in valid users option (BZ#1868917) * Regression: smbd and nmbd are restarted when samba-winbind package is upgraded (BZ#1878205) * winbindd memory leak on wbinfo -u with security=ADS (BZ#1892313) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the smb service will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1853272 - The 'require_membership_of' documentation in pam_winbind manpage is incorrect [rhel-7.9.z] 1868917 - Malfunctioning %U substitution in valid users option [rhel-7.9.z] 1878205 - Regression: smbd and nmbd are restarted when samba-winbind package is upgraded [rhel-7.9.z] 1879822 - CVE-2020-1472 samba: Netlogon elevation of privilege vulnerability (Zerologon) 1891685 - CVE-2020-14323 samba: Unprivileged user can crash winbind 1892313 - winbindd memory leak on wbinfo -u with security=ADS [rhel-7.9.z] 1892631 - CVE-2020-14318 samba: Missing handle permissions check in SMB1/2/3 ChangeNotify 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: samba-4.10.16-9.el7_9.src.rpm noarch: samba-common-4.10.16-9.el7_9.noarch.rpm x86_64: libsmbclient-4.10.16-9.el7_9.i686.rpm libsmbclient-4.10.16-9.el7_9.x86_64.rpm libwbclient-4.10.16-9.el7_9.i686.rpm libwbclient-4.10.16-9.el7_9.x86_64.rpm samba-client-4.10.16-9.el7_9.x86_64.rpm samba-client-libs-4.10.16-9.el7_9.i686.rpm samba-client-libs-4.10.16-9.el7_9.x86_64.rpm samba-common-libs-4.10.16-9.el7_9.i686.rpm samba-common-libs-4.10.16-9.el7_9.x86_64.rpm samba-common-tools-4.10.16-9.el7_9.x86_64.rpm samba-debuginfo-4.10.16-9.el7_9.i686.rpm samba-debuginfo-4.10.16-9.el7_9.x86_64.rpm samba-krb5-printing-4.10.16-9.el7_9.x86_64.rpm samba-libs-4.10.16-9.el7_9.i686.rpm samba-libs-4.10.16-9.el7_9.x86_64.rpm samba-winbind-4.10.16-9.el7_9.x86_64.rpm samba-winbind-clients-4.10.16-9.el7_9.x86_64.rpm samba-winbind-modules-4.10.16-9.el7_9.i686.rpm samba-winbind-modules-4.10.16-9.el7_9.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: samba-pidl-4.10.16-9.el7_9.noarch.rpm x86_64: libsmbclient-devel-4.10.16-9.el7_9.i686.rpm libsmbclient-devel-4.10.16-9.el7_9.x86_64.rpm libwbclient-devel-4.10.16-9.el7_9.i686.rpm libwbclient-devel-4.10.16-9.el7_9.x86_64.rpm samba-4.10.16-9.el7_9.x86_64.rpm samba-dc-4.10.16-9.el7_9.x86_64.rpm samba-dc-libs-4.10.16-9.el7_9.x86_64.rpm samba-debuginfo-4.10.16-9.el7_9.i686.rpm samba-debuginfo-4.10.16-9.el7_9.x86_64.rpm samba-devel-4.10.16-9.el7_9.i686.rpm samba-devel-4.10.16-9.el7_9.x86_64.rpm samba-python-4.10.16-9.el7_9.i686.rpm samba-python-4.10.16-9.el7_9.x86_64.rpm samba-python-test-4.10.16-9.el7_9.x86_64.rpm samba-test-4.10.16-9.el7_9.x86_64.rpm samba-test-libs-4.10.16-9.el7_9.i686.rpm samba-test-libs-4.10.16-9.el7_9.x86_64.rpm samba-vfs-glusterfs-4.10.16-9.el7_9.x86_64.rpm samba-winbind-krb5-locator-4.10.16-9.el7_9.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: samba-4.10.16-9.el7_9.src.rpm noarch: samba-common-4.10.16-9.el7_9.noarch.rpm x86_64: libsmbclient-4.10.16-9.el7_9.i686.rpm libsmbclient-4.10.16-9.el7_9.x86_64.rpm libwbclient-4.10.16-9.el7_9.i686.rpm libwbclient-4.10.16-9.el7_9.x86_64.rpm samba-client-4.10.16-9.el7_9.x86_64.rpm samba-client-libs-4.10.16-9.el7_9.i686.rpm samba-client-libs-4.10.16-9.el7_9.x86_64.rpm samba-common-libs-4.10.16-9.el7_9.i686.rpm samba-common-libs-4.10.16-9.el7_9.x86_64.rpm samba-common-tools-4.10.16-9.el7_9.x86_64.rpm samba-debuginfo-4.10.16-9.el7_9.i686.rpm samba-debuginfo-4.10.16-9.el7_9.x86_64.rpm samba-libs-4.10.16-9.el7_9.i686.rpm samba-libs-4.10.16-9.el7_9.x86_64.rpm samba-winbind-4.10.16-9.el7_9.x86_64.rpm samba-winbind-clients-4.10.16-9.el7_9.x86_64.rpm samba-winbind-modules-4.10.16-9.el7_9.i686.rpm samba-winbind-modules-4.10.16-9.el7_9.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): noarch: samba-pidl-4.10.16-9.el7_9.noarch.rpm x86_64: libsmbclient-devel-4.10.16-9.el7_9.i686.rpm libsmbclient-devel-4.10.16-9.el7_9.x86_64.rpm libwbclient-devel-4.10.16-9.el7_9.i686.rpm libwbclient-devel-4.10.16-9.el7_9.x86_64.rpm samba-4.10.16-9.el7_9.x86_64.rpm samba-dc-4.10.16-9.el7_9.x86_64.rpm samba-dc-libs-4.10.16-9.el7_9.x86_64.rpm samba-debuginfo-4.10.16-9.el7_9.i686.rpm samba-debuginfo-4.10.16-9.el7_9.x86_64.rpm samba-devel-4.10.16-9.el7_9.i686.rpm samba-devel-4.10.16-9.el7_9.x86_64.rpm samba-krb5-printing-4.10.16-9.el7_9.x86_64.rpm samba-python-4.10.16-9.el7_9.i686.rpm samba-python-4.10.16-9.el7_9.x86_64.rpm samba-python-test-4.10.16-9.el7_9.x86_64.rpm samba-test-4.10.16-9.el7_9.x86_64.rpm samba-test-libs-4.10.16-9.el7_9.i686.rpm samba-test-libs-4.10.16-9.el7_9.x86_64.rpm samba-vfs-glusterfs-4.10.16-9.el7_9.x86_64.rpm samba-winbind-krb5-locator-4.10.16-9.el7_9.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: samba-4.10.16-9.el7_9.src.rpm noarch: samba-common-4.10.16-9.el7_9.noarch.rpm ppc64: libsmbclient-4.10.16-9.el7_9.ppc.rpm libsmbclient-4.10.16-9.el7_9.ppc64.rpm libwbclient-4.10.16-9.el7_9.ppc.rpm libwbclient-4.10.16-9.el7_9.ppc64.rpm samba-4.10.16-9.el7_9.ppc64.rpm samba-client-4.10.16-9.el7_9.ppc64.rpm samba-client-libs-4.10.16-9.el7_9.ppc.rpm samba-client-libs-4.10.16-9.el7_9.ppc64.rpm samba-common-libs-4.10.16-9.el7_9.ppc.rpm samba-common-libs-4.10.16-9.el7_9.ppc64.rpm samba-common-tools-4.10.16-9.el7_9.ppc64.rpm samba-debuginfo-4.10.16-9.el7_9.ppc.rpm samba-debuginfo-4.10.16-9.el7_9.ppc64.rpm samba-krb5-printing-4.10.16-9.el7_9.ppc64.rpm samba-libs-4.10.16-9.el7_9.ppc.rpm samba-libs-4.10.16-9.el7_9.ppc64.rpm samba-winbind-4.10.16-9.el7_9.ppc64.rpm samba-winbind-clients-4.10.16-9.el7_9.ppc64.rpm samba-winbind-modules-4.10.16-9.el7_9.ppc.rpm samba-winbind-modules-4.10.16-9.el7_9.ppc64.rpm ppc64le: libsmbclient-4.10.16-9.el7_9.ppc64le.rpm libwbclient-4.10.16-9.el7_9.ppc64le.rpm samba-4.10.16-9.el7_9.ppc64le.rpm samba-client-4.10.16-9.el7_9.ppc64le.rpm samba-client-libs-4.10.16-9.el7_9.ppc64le.rpm samba-common-libs-4.10.16-9.el7_9.ppc64le.rpm samba-common-tools-4.10.16-9.el7_9.ppc64le.rpm samba-debuginfo-4.10.16-9.el7_9.ppc64le.rpm samba-krb5-printing-4.10.16-9.el7_9.ppc64le.rpm samba-libs-4.10.16-9.el7_9.ppc64le.rpm samba-winbind-4.10.16-9.el7_9.ppc64le.rpm samba-winbind-clients-4.10.16-9.el7_9.ppc64le.rpm samba-winbind-modules-4.10.16-9.el7_9.ppc64le.rpm s390x: libsmbclient-4.10.16-9.el7_9.s390.rpm libsmbclient-4.10.16-9.el7_9.s390x.rpm libwbclient-4.10.16-9.el7_9.s390.rpm libwbclient-4.10.16-9.el7_9.s390x.rpm samba-4.10.16-9.el7_9.s390x.rpm samba-client-4.10.16-9.el7_9.s390x.rpm samba-client-libs-4.10.16-9.el7_9.s390.rpm samba-client-libs-4.10.16-9.el7_9.s390x.rpm samba-common-libs-4.10.16-9.el7_9.s390.rpm samba-common-libs-4.10.16-9.el7_9.s390x.rpm samba-common-tools-4.10.16-9.el7_9.s390x.rpm samba-debuginfo-4.10.16-9.el7_9.s390.rpm samba-debuginfo-4.10.16-9.el7_9.s390x.rpm samba-krb5-printing-4.10.16-9.el7_9.s390x.rpm samba-libs-4.10.16-9.el7_9.s390.rpm samba-libs-4.10.16-9.el7_9.s390x.rpm samba-winbind-4.10.16-9.el7_9.s390x.rpm samba-winbind-clients-4.10.16-9.el7_9.s390x.rpm samba-winbind-modules-4.10.16-9.el7_9.s390.rpm samba-winbind-modules-4.10.16-9.el7_9.s390x.rpm x86_64: libsmbclient-4.10.16-9.el7_9.i686.rpm libsmbclient-4.10.16-9.el7_9.x86_64.rpm libwbclient-4.10.16-9.el7_9.i686.rpm libwbclient-4.10.16-9.el7_9.x86_64.rpm samba-4.10.16-9.el7_9.x86_64.rpm samba-client-4.10.16-9.el7_9.x86_64.rpm samba-client-libs-4.10.16-9.el7_9.i686.rpm samba-client-libs-4.10.16-9.el7_9.x86_64.rpm samba-common-libs-4.10.16-9.el7_9.i686.rpm samba-common-libs-4.10.16-9.el7_9.x86_64.rpm samba-common-tools-4.10.16-9.el7_9.x86_64.rpm samba-debuginfo-4.10.16-9.el7_9.i686.rpm samba-debuginfo-4.10.16-9.el7_9.x86_64.rpm samba-krb5-printing-4.10.16-9.el7_9.x86_64.rpm samba-libs-4.10.16-9.el7_9.i686.rpm samba-libs-4.10.16-9.el7_9.x86_64.rpm samba-python-4.10.16-9.el7_9.i686.rpm samba-python-4.10.16-9.el7_9.x86_64.rpm samba-winbind-4.10.16-9.el7_9.x86_64.rpm samba-winbind-clients-4.10.16-9.el7_9.x86_64.rpm samba-winbind-modules-4.10.16-9.el7_9.i686.rpm samba-winbind-modules-4.10.16-9.el7_9.x86_64.rpm Red Hat Enterprise Linux Server Resilient Storage (v. 7): ppc64le: ctdb-4.10.16-9.el7_9.ppc64le.rpm ctdb-tests-4.10.16-9.el7_9.ppc64le.rpm samba-debuginfo-4.10.16-9.el7_9.ppc64le.rpm s390x: ctdb-4.10.16-9.el7_9.s390x.rpm ctdb-tests-4.10.16-9.el7_9.s390x.rpm samba-debuginfo-4.10.16-9.el7_9.s390x.rpm x86_64: ctdb-4.10.16-9.el7_9.x86_64.rpm ctdb-tests-4.10.16-9.el7_9.x86_64.rpm samba-debuginfo-4.10.16-9.el7_9.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): noarch: samba-pidl-4.10.16-9.el7_9.noarch.rpm ppc64: libsmbclient-devel-4.10.16-9.el7_9.ppc.rpm libsmbclient-devel-4.10.16-9.el7_9.ppc64.rpm libwbclient-devel-4.10.16-9.el7_9.ppc.rpm libwbclient-devel-4.10.16-9.el7_9.ppc64.rpm samba-dc-4.10.16-9.el7_9.ppc64.rpm samba-dc-libs-4.10.16-9.el7_9.ppc64.rpm samba-debuginfo-4.10.16-9.el7_9.ppc.rpm samba-debuginfo-4.10.16-9.el7_9.ppc64.rpm samba-devel-4.10.16-9.el7_9.ppc.rpm samba-devel-4.10.16-9.el7_9.ppc64.rpm samba-python-4.10.16-9.el7_9.ppc.rpm samba-python-4.10.16-9.el7_9.ppc64.rpm samba-python-test-4.10.16-9.el7_9.ppc64.rpm samba-test-4.10.16-9.el7_9.ppc64.rpm samba-test-libs-4.10.16-9.el7_9.ppc.rpm samba-test-libs-4.10.16-9.el7_9.ppc64.rpm samba-winbind-krb5-locator-4.10.16-9.el7_9.ppc64.rpm ppc64le: libsmbclient-devel-4.10.16-9.el7_9.ppc64le.rpm libwbclient-devel-4.10.16-9.el7_9.ppc64le.rpm samba-dc-4.10.16-9.el7_9.ppc64le.rpm samba-dc-libs-4.10.16-9.el7_9.ppc64le.rpm samba-debuginfo-4.10.16-9.el7_9.ppc64le.rpm samba-devel-4.10.16-9.el7_9.ppc64le.rpm samba-python-4.10.16-9.el7_9.ppc64le.rpm samba-python-test-4.10.16-9.el7_9.ppc64le.rpm samba-test-4.10.16-9.el7_9.ppc64le.rpm samba-test-libs-4.10.16-9.el7_9.ppc64le.rpm samba-winbind-krb5-locator-4.10.16-9.el7_9.ppc64le.rpm s390x: libsmbclient-devel-4.10.16-9.el7_9.s390.rpm libsmbclient-devel-4.10.16-9.el7_9.s390x.rpm libwbclient-devel-4.10.16-9.el7_9.s390.rpm libwbclient-devel-4.10.16-9.el7_9.s390x.rpm samba-dc-4.10.16-9.el7_9.s390x.rpm samba-dc-libs-4.10.16-9.el7_9.s390x.rpm samba-debuginfo-4.10.16-9.el7_9.s390.rpm samba-debuginfo-4.10.16-9.el7_9.s390x.rpm samba-devel-4.10.16-9.el7_9.s390.rpm samba-devel-4.10.16-9.el7_9.s390x.rpm samba-python-4.10.16-9.el7_9.s390.rpm samba-python-4.10.16-9.el7_9.s390x.rpm samba-python-test-4.10.16-9.el7_9.s390x.rpm samba-test-4.10.16-9.el7_9.s390x.rpm samba-test-libs-4.10.16-9.el7_9.s390.rpm samba-test-libs-4.10.16-9.el7_9.s390x.rpm samba-winbind-krb5-locator-4.10.16-9.el7_9.s390x.rpm x86_64: libsmbclient-devel-4.10.16-9.el7_9.i686.rpm libsmbclient-devel-4.10.16-9.el7_9.x86_64.rpm libwbclient-devel-4.10.16-9.el7_9.i686.rpm libwbclient-devel-4.10.16-9.el7_9.x86_64.rpm samba-dc-4.10.16-9.el7_9.x86_64.rpm samba-dc-libs-4.10.16-9.el7_9.x86_64.rpm samba-debuginfo-4.10.16-9.el7_9.i686.rpm samba-debuginfo-4.10.16-9.el7_9.x86_64.rpm samba-devel-4.10.16-9.el7_9.i686.rpm samba-devel-4.10.16-9.el7_9.x86_64.rpm samba-python-test-4.10.16-9.el7_9.x86_64.rpm samba-test-4.10.16-9.el7_9.x86_64.rpm samba-test-libs-4.10.16-9.el7_9.i686.rpm samba-test-libs-4.10.16-9.el7_9.x86_64.rpm samba-vfs-glusterfs-4.10.16-9.el7_9.x86_64.rpm samba-winbind-krb5-locator-4.10.16-9.el7_9.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: samba-4.10.16-9.el7_9.src.rpm noarch: samba-common-4.10.16-9.el7_9.noarch.rpm x86_64: libsmbclient-4.10.16-9.el7_9.i686.rpm libsmbclient-4.10.16-9.el7_9.x86_64.rpm libwbclient-4.10.16-9.el7_9.i686.rpm libwbclient-4.10.16-9.el7_9.x86_64.rpm samba-4.10.16-9.el7_9.x86_64.rpm samba-client-4.10.16-9.el7_9.x86_64.rpm samba-client-libs-4.10.16-9.el7_9.i686.rpm samba-client-libs-4.10.16-9.el7_9.x86_64.rpm samba-common-libs-4.10.16-9.el7_9.i686.rpm samba-common-libs-4.10.16-9.el7_9.x86_64.rpm samba-common-tools-4.10.16-9.el7_9.x86_64.rpm samba-debuginfo-4.10.16-9.el7_9.i686.rpm samba-debuginfo-4.10.16-9.el7_9.x86_64.rpm samba-krb5-printing-4.10.16-9.el7_9.x86_64.rpm samba-libs-4.10.16-9.el7_9.i686.rpm samba-libs-4.10.16-9.el7_9.x86_64.rpm samba-python-4.10.16-9.el7_9.i686.rpm samba-python-4.10.16-9.el7_9.x86_64.rpm samba-winbind-4.10.16-9.el7_9.x86_64.rpm samba-winbind-clients-4.10.16-9.el7_9.x86_64.rpm samba-winbind-modules-4.10.16-9.el7_9.i686.rpm samba-winbind-modules-4.10.16-9.el7_9.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: samba-pidl-4.10.16-9.el7_9.noarch.rpm x86_64: libsmbclient-devel-4.10.16-9.el7_9.i686.rpm libsmbclient-devel-4.10.16-9.el7_9.x86_64.rpm libwbclient-devel-4.10.16-9.el7_9.i686.rpm libwbclient-devel-4.10.16-9.el7_9.x86_64.rpm samba-dc-4.10.16-9.el7_9.x86_64.rpm samba-dc-libs-4.10.16-9.el7_9.x86_64.rpm samba-debuginfo-4.10.16-9.el7_9.i686.rpm samba-debuginfo-4.10.16-9.el7_9.x86_64.rpm samba-devel-4.10.16-9.el7_9.i686.rpm samba-devel-4.10.16-9.el7_9.x86_64.rpm samba-python-test-4.10.16-9.el7_9.x86_64.rpm samba-test-4.10.16-9.el7_9.x86_64.rpm samba-test-libs-4.10.16-9.el7_9.i686.rpm samba-test-libs-4.10.16-9.el7_9.x86_64.rpm samba-vfs-glusterfs-4.10.16-9.el7_9.x86_64.rpm samba-winbind-krb5-locator-4.10.16-9.el7_9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-1472 https://access.redhat.com/security/cve/CVE-2020-14318 https://access.redhat.com/security/cve/CVE-2020-14323 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX9idqtzjgjWX9erEAQhLxg//aGgge7wuhwtrhosIFhpoMEPD3hrlBtLk 5uRe7SaKoJa65TxAbnAD2IRP118/bZyXkS4zi1NMW3cDubvdz+pXJEq5Avfp28qp 7HcfGUKrgcDzRXlAUGBMk9P7kfCUx+jiGluhO/qsFs3TbMxcZoQ8HJxP1php4tCd ibIHVRPRS8Z+o2SzwvSW0AnkYJTTBGCht0JZKN9rIaWwljYgUXW1Fy9CTAGd48Jc EcRDHn4sDNGKl60g77e/7FVpIz7HjNyD+AWtVx8hhf6IguJnPJF9LnP1Msu0fjMd K1eCVDOwlIbZYE11+bJ28sy90HEzsihUO5KJgUgn1yj28JVaezm6dm9TT8RG/N0P 6p4tJhW8OkmVgM7ltbPI6ENfyFih/LWKekEc0LUxbFUmD3u/aytwl8OaF/0vxdGV L/7fY5QIAdLKsgNrDl817XAHmtVaarwg6swfM/iOwICatlNiAIeEr4hbCc/ZvkCI iiVLKa64AXcBuIXBERa4lzqqjeCbAc0vuXG5zyk9wY23fORfrxZBYvU9SSfstubQ OR3F7Q3wDX9Nx7pdYnSmwwhHnVq8kNXO62agaKvlmQ3Z7exeLzdDM6Wy1wdXpYzi 4bPulpSOhcwDieCQLfPb+fMo13lbkfLX1eX1PeG0pK/nv//KBkkiTp1nLlHwRZzM 2lNVzS89G3A= =hQrq -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ========================================================================= Ubuntu Security Notice USN-4510-2 September 17, 2020 samba vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 ESM Summary: Samba would allow unintended access to files over the network. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Tom Tervoort discovered that the Netlogon protocol implemented by Samba incorrectly handled the authentication scheme. This update fixes the issue by changing the "server schannel" setting to default to "yes", instead of "auto", which will force a secure netlogon channel. This may result in compatibility issues with older devices. A future update may allow a finer-grained control over this setting. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM: samba 2:4.3.11+dfsg-0ubuntu0.14.04.20+esm9 In general, a standard system update will make all the necessary changes. See the following link for examples: https://www.samba.org/samba/security/CVE-2020-1472.html In addition, this update adds additional server checks for the protocol attack in the client-specified challenge to provide some protection when 'server schannel = no/auto' and avoid the false-positive results when running the proof-of-concept exploit. Description: Red Hat Gluster Storage is a software only scale-out storage solution that provides flexible and affordable unstructured data storage. It unifies data storage and infrastructure, increases performance, and improves availability and manageability to meet enterprise-level storage challenges. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied
var-201205-0297	The Linux kernel before 3.3.1, when KVM is used, allows guest OS users to cause a denial of service (host OS crash) by leveraging administrative access to the guest OS, related to the pmd_none_or_clear_bad function and page faults for huge pages. Cross scripting and preconfigured password vulnerabilities have been reported to exist in the Quantum Scalar i500, Dell ML6000 and IBM TS3310 tape libraries. The Linux kernel is prone to a local denial-of-service vulnerability. Attackers can exploit this issue to cause the kernel to crash, denying service to legitimate users. Linux Kernel 2.6.x is vulnerable. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2012:0743-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0743.html Issue date: 2012-06-18 CVE Names: CVE-2012-0044 CVE-2012-1179 CVE-2012-2119 CVE-2012-2121 CVE-2012-2123 CVE-2012-2136 CVE-2012-2137 CVE-2012-2372 CVE-2012-2373 ===================================================================== 1. Summary: Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. This update fixes the following security issues: * A local, unprivileged user could use an integer overflow flaw in drm_mode_dirtyfb_ioctl() to cause a denial of service or escalate their privileges. (CVE-2012-0044, Important) * A buffer overflow flaw was found in the macvtap device driver, used for creating a bridged network between the guest and the host in KVM (Kernel-based Virtual Machine) environments. A privileged guest user in a KVM guest could use this flaw to crash the host. Note: This issue only affected hosts that have the vhost_net module loaded with the experimental_zcopytx module option enabled (it is not enabled by default), and that also have macvtap configured for at least one guest. (CVE-2012-2119, Important) * When a set user ID (setuid) application is executed, certain personality flags for controlling the application's behavior are cleared (that is, a privileged application will not be affected by those flags). It was found that those flags were not cleared if the application was made privileged via file system capabilities. A local, unprivileged user could use this flaw to change the behavior of such applications, allowing them to bypass intended restrictions. Note that for default installations, no application shipped by Red Hat for Red Hat Enterprise Linux is made privileged via file system capabilities. (CVE-2012-2123, Important) * It was found that the data_len parameter of the sock_alloc_send_pskb() function in the Linux kernel's networking implementation was not validated before use. A privileged guest user in a KVM guest could use this flaw to crash the host or, possibly, escalate their privileges on the host. (CVE-2012-2136, Important) * A buffer overflow flaw was found in the setup_routing_entry() function in the KVM subsystem of the Linux kernel in the way the Message Signaled Interrupts (MSI) routing entry was handled. A local, unprivileged user could use this flaw to cause a denial of service or, possibly, escalate their privileges. (CVE-2012-2137, Important) * A race condition was found in the Linux kernel's memory management subsystem in the way pmd_none_or_clear_bad(), when called with mmap_sem in read mode, and Transparent Huge Pages (THP) page faults interacted. A privileged user in a KVM guest with the ballooning functionality enabled could potentially use this flaw to crash the host. A local, unprivileged user could use this flaw to crash the system. (CVE-2012-1179, Moderate) * A flaw was found in the way device memory was handled during guest device removal. Upon successful device removal, memory used by the device was not properly unmapped from the corresponding IOMMU or properly released from the kernel, leading to a memory leak. A malicious user on a KVM host who has the ability to assign a device to a guest could use this flaw to crash the host. (CVE-2012-2121, Moderate) * A flaw was found in the Linux kernel's Reliable Datagram Sockets (RDS) protocol implementation. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2012-2372, Moderate) * A race condition was found in the Linux kernel's memory management subsystem in the way pmd_populate() and pte_offset_map_lock() interacted on 32-bit x86 systems with more than 4GB of RAM. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2012-2373, Moderate) Red Hat would like to thank Chen Haogang for reporting CVE-2012-0044. This update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section. Users should upgrade to these updated packages, which contain backported patches to correct these issues, and fix the bugs noted in the Technical Notes. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (http://bugzilla.redhat.com/): 772894 - CVE-2012-0044 kernel: drm: integer overflow in drm_mode_dirtyfb_ioctl() 803793 - CVE-2012-1179 kernel: thp:__split_huge_page() mapcount != page_mapcount BUG_ON() 806722 - CVE-2012-2123 kernel: fcaps: clear the same personality flags as suid when fcaps are used 814149 - CVE-2012-2121 kvm: device assignment page leak 814278 - CVE-2012-2119 kernel: macvtap: zerocopy: vector length is not validated before pinning user pages 814657 - kernel crash at ieee80211_mgd_probe_ap_send [rhel-6.2.z] 816151 - CVE-2012-2137 kernel: kvm: buffer overflow in kvm_set_irq() 816226 - add option to disable 5GHz band to iwlwifi [rhel-6.2.z] 816289 - CVE-2012-2136 kernel: net: insufficient data_len validation in sock_alloc_send_pskb() 818504 - Disable LRO for all NICs that have LRO enabled [rhel-6.2.z] 818505 - xen: fix drive naming [rhel-6.2.z] 819614 - 2.6.32-220 kernel does not work on a HP DL385G6 with HP Smart Array P410 controller and hpsa driver [rhel-6.2.z] 822754 - CVE-2012-2372 kernel: rds-ping cause kernel panic 822821 - CVE-2012-2373 kernel: mm: read_pmd_atomic: 32bit PAE pmd walk vs pmd_populate SMP race condition 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/kernel-2.6.32-220.23.1.el6.src.rpm i386: kernel-2.6.32-220.23.1.el6.i686.rpm kernel-debug-2.6.32-220.23.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-220.23.1.el6.i686.rpm kernel-debug-devel-2.6.32-220.23.1.el6.i686.rpm kernel-debuginfo-2.6.32-220.23.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-220.23.1.el6.i686.rpm kernel-devel-2.6.32-220.23.1.el6.i686.rpm kernel-headers-2.6.32-220.23.1.el6.i686.rpm perf-2.6.32-220.23.1.el6.i686.rpm perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm python-perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm noarch: kernel-doc-2.6.32-220.23.1.el6.noarch.rpm kernel-firmware-2.6.32-220.23.1.el6.noarch.rpm x86_64: kernel-2.6.32-220.23.1.el6.x86_64.rpm kernel-debug-2.6.32-220.23.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-220.23.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-220.23.1.el6.x86_64.rpm kernel-devel-2.6.32-220.23.1.el6.x86_64.rpm kernel-headers-2.6.32-220.23.1.el6.x86_64.rpm perf-2.6.32-220.23.1.el6.x86_64.rpm perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/kernel-2.6.32-220.23.1.el6.src.rpm i386: kernel-debug-debuginfo-2.6.32-220.23.1.el6.i686.rpm kernel-debuginfo-2.6.32-220.23.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-220.23.1.el6.i686.rpm perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm python-perf-2.6.32-220.23.1.el6.i686.rpm python-perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm x86_64: kernel-debug-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-220.23.1.el6.x86_64.rpm perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm python-perf-2.6.32-220.23.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/kernel-2.6.32-220.23.1.el6.src.rpm noarch: kernel-doc-2.6.32-220.23.1.el6.noarch.rpm kernel-firmware-2.6.32-220.23.1.el6.noarch.rpm x86_64: kernel-2.6.32-220.23.1.el6.x86_64.rpm kernel-debug-2.6.32-220.23.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-220.23.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-220.23.1.el6.x86_64.rpm kernel-devel-2.6.32-220.23.1.el6.x86_64.rpm kernel-headers-2.6.32-220.23.1.el6.x86_64.rpm perf-2.6.32-220.23.1.el6.x86_64.rpm perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/kernel-2.6.32-220.23.1.el6.src.rpm x86_64: kernel-debug-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-220.23.1.el6.x86_64.rpm perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm python-perf-2.6.32-220.23.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/kernel-2.6.32-220.23.1.el6.src.rpm i386: kernel-2.6.32-220.23.1.el6.i686.rpm kernel-debug-2.6.32-220.23.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-220.23.1.el6.i686.rpm kernel-debug-devel-2.6.32-220.23.1.el6.i686.rpm kernel-debuginfo-2.6.32-220.23.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-220.23.1.el6.i686.rpm kernel-devel-2.6.32-220.23.1.el6.i686.rpm kernel-headers-2.6.32-220.23.1.el6.i686.rpm perf-2.6.32-220.23.1.el6.i686.rpm perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm python-perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm noarch: kernel-doc-2.6.32-220.23.1.el6.noarch.rpm kernel-firmware-2.6.32-220.23.1.el6.noarch.rpm ppc64: kernel-2.6.32-220.23.1.el6.ppc64.rpm kernel-bootwrapper-2.6.32-220.23.1.el6.ppc64.rpm kernel-debug-2.6.32-220.23.1.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-220.23.1.el6.ppc64.rpm kernel-debug-devel-2.6.32-220.23.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-220.23.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-220.23.1.el6.ppc64.rpm kernel-devel-2.6.32-220.23.1.el6.ppc64.rpm kernel-headers-2.6.32-220.23.1.el6.ppc64.rpm perf-2.6.32-220.23.1.el6.ppc64.rpm perf-debuginfo-2.6.32-220.23.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-220.23.1.el6.ppc64.rpm s390x: kernel-2.6.32-220.23.1.el6.s390x.rpm kernel-debug-2.6.32-220.23.1.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-220.23.1.el6.s390x.rpm kernel-debug-devel-2.6.32-220.23.1.el6.s390x.rpm kernel-debuginfo-2.6.32-220.23.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-220.23.1.el6.s390x.rpm kernel-devel-2.6.32-220.23.1.el6.s390x.rpm kernel-headers-2.6.32-220.23.1.el6.s390x.rpm kernel-kdump-2.6.32-220.23.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-220.23.1.el6.s390x.rpm kernel-kdump-devel-2.6.32-220.23.1.el6.s390x.rpm perf-2.6.32-220.23.1.el6.s390x.rpm perf-debuginfo-2.6.32-220.23.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-220.23.1.el6.s390x.rpm x86_64: kernel-2.6.32-220.23.1.el6.x86_64.rpm kernel-debug-2.6.32-220.23.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-220.23.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-220.23.1.el6.x86_64.rpm kernel-devel-2.6.32-220.23.1.el6.x86_64.rpm kernel-headers-2.6.32-220.23.1.el6.x86_64.rpm perf-2.6.32-220.23.1.el6.x86_64.rpm perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/kernel-2.6.32-220.23.1.el6.src.rpm i386: kernel-debug-debuginfo-2.6.32-220.23.1.el6.i686.rpm kernel-debuginfo-2.6.32-220.23.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-220.23.1.el6.i686.rpm perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm python-perf-2.6.32-220.23.1.el6.i686.rpm python-perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm ppc64: kernel-debug-debuginfo-2.6.32-220.23.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-220.23.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-220.23.1.el6.ppc64.rpm perf-debuginfo-2.6.32-220.23.1.el6.ppc64.rpm python-perf-2.6.32-220.23.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-220.23.1.el6.ppc64.rpm s390x: kernel-debug-debuginfo-2.6.32-220.23.1.el6.s390x.rpm kernel-debuginfo-2.6.32-220.23.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-220.23.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-220.23.1.el6.s390x.rpm perf-debuginfo-2.6.32-220.23.1.el6.s390x.rpm python-perf-2.6.32-220.23.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-220.23.1.el6.s390x.rpm x86_64: kernel-debug-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-220.23.1.el6.x86_64.rpm perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm python-perf-2.6.32-220.23.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/kernel-2.6.32-220.23.1.el6.src.rpm i386: kernel-2.6.32-220.23.1.el6.i686.rpm kernel-debug-2.6.32-220.23.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-220.23.1.el6.i686.rpm kernel-debug-devel-2.6.32-220.23.1.el6.i686.rpm kernel-debuginfo-2.6.32-220.23.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-220.23.1.el6.i686.rpm kernel-devel-2.6.32-220.23.1.el6.i686.rpm kernel-headers-2.6.32-220.23.1.el6.i686.rpm perf-2.6.32-220.23.1.el6.i686.rpm perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm python-perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm noarch: kernel-doc-2.6.32-220.23.1.el6.noarch.rpm kernel-firmware-2.6.32-220.23.1.el6.noarch.rpm x86_64: kernel-2.6.32-220.23.1.el6.x86_64.rpm kernel-debug-2.6.32-220.23.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-220.23.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-220.23.1.el6.x86_64.rpm kernel-devel-2.6.32-220.23.1.el6.x86_64.rpm kernel-headers-2.6.32-220.23.1.el6.x86_64.rpm perf-2.6.32-220.23.1.el6.x86_64.rpm perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/kernel-2.6.32-220.23.1.el6.src.rpm i386: kernel-debug-debuginfo-2.6.32-220.23.1.el6.i686.rpm kernel-debuginfo-2.6.32-220.23.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-220.23.1.el6.i686.rpm perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm python-perf-2.6.32-220.23.1.el6.i686.rpm python-perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm x86_64: kernel-debug-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-220.23.1.el6.x86_64.rpm perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm python-perf-2.6.32-220.23.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-0044.html https://www.redhat.com/security/data/cve/CVE-2012-1179.html https://www.redhat.com/security/data/cve/CVE-2012-2119.html https://www.redhat.com/security/data/cve/CVE-2012-2121.html https://www.redhat.com/security/data/cve/CVE-2012-2123.html https://www.redhat.com/security/data/cve/CVE-2012-2136.html https://www.redhat.com/security/data/cve/CVE-2012-2137.html https://www.redhat.com/security/data/cve/CVE-2012-2372.html https://www.redhat.com/security/data/cve/CVE-2012-2373.html https://access.redhat.com/security/updates/classification/#important https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/6.2_Technical_Notes/kernel.html#RHSA-2012-0743 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFP3zJcXlSAg2UNWIIRAlFPAJ9ov0UCSkIqz63r+6YXL9bf0+ADOQCfUIzx w/ZsFuOkCnr15/XGPkEszEQ= =D/pm -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . (CVE-2012-0045) A flaw was discovered in the Linux kernel's cifs file system. (CVE-2012-1090) H. (CVE-2012-1097) A flaw was discovered in the Linux kernel's cgroups subset. (CVE-2012-1146) A flaw was found in the Linux kernel's handling of paged memory. (CVE-2012-1179) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.10: linux-image-3.0.0-19-generic 3.0.0-19.33 linux-image-3.0.0-19-generic-pae 3.0.0-19.33 linux-image-3.0.0-19-omap 3.0.0-19.33 linux-image-3.0.0-19-powerpc 3.0.0-19.33 linux-image-3.0.0-19-powerpc-smp 3.0.0-19.33 linux-image-3.0.0-19-powerpc64-smp 3.0.0-19.33 linux-image-3.0.0-19-server 3.0.0-19.33 linux-image-3.0.0-19-virtual 3.0.0-19.33 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-server, linux-powerpc), a standard system upgrade will automatically perform this as well. ---------------------------------------------------------------------- Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch ---------------------------------------------------------------------- TITLE: Ubuntu update for linux-lts-backport-oneiric SECUNIA ADVISORY ID: SA48987 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/48987/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=48987 RELEASE DATE: 2012-05-01 DISCUSS ADVISORY: http://secunia.com/advisories/48987/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/48987/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=48987 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for linux-lts-backport-oneiric. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1433-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2012-May/001672.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . (CVE-2011-4347, Moderate) * A flaw was found in the way the Linux kernel's XFS file system implementation handled on-disk Access Control Lists (ACLs). (CVE-2012-0038, Moderate) * It was found that the Linux kernel's register set (regset) common infrastructure implementation did not check if the required get and set handlers were initialized. Peter Anvin for reporting CVE-2012-1097. This update also fixes the following bugs: * When a RoCE (RDMA over Converged Ethernet) adapter with active RoCE communications was taken down suddenly (either by adapter failure or the intentional shutdown of the interface), the ongoing RoCE communications could cause the kernel to panic and render the machine unusable. A patch has been provided to protect the kernel in this situation and to pass an error up to the application still using the interface after it has been taken down instead. (BZ#799944) * The fix for Red Hat Bugzilla bug 713494, released via RHSA-2011:0928, introduced a regression. Attempting to change the state of certain features, such as GRO (Generic Receive Offload) or TSO (TCP segment offloading), for a 10 Gigabit Ethernet card that is being used in a virtual LAN (VLAN) resulted in a kernel panic. (BZ#816974) * If a new file was created on a Network File System version 4 (NFSv4) share, the ownership was set to nfsnobody (-2) until it was possible to upcall to the idmapper. As a consequence, subsequent file system operations could incorrectly use "-2" for the user and group IDs for the given file, causing certain operations to fail. In reported cases, this issue also caused "Viminfo file is not writable" errors for users running Vim with files on an NFSv4 share. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04135307 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04135307 Version: 1 HPSBGN02970 rev.1 - HP Rapid Deployment Pack (RDP) or HP Insight Control Server Deployment, Multiple Remote Vulnerabilities affecting Confidentiality, Integrity and Availability NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2014-03-10 Last Updated: 2014-03-10 Potential Security Impact: Multiple remote vulnerabilities affecting confidentiality, integrity and availability Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential vulnerabilities have been identified with HP Rapid Deployment Pack (RDP) or HP Insight Control Server Deployment. The vulnerabilities could be exploited remotely affecting confidentiality, integrity and availability. References: CVE-2010-4008 CVE-2010-4494 CVE-2011-2182 CVE-2011-2213 CVE-2011-2492 CVE-2011-2518 CVE-2011-2689 CVE-2011-2723 CVE-2011-3188 CVE-2011-4077 CVE-2011-4110 CVE-2012-0058 CVE-2012-0879 CVE-2012-1088 CVE-2012-1179 CVE-2012-2137 CVE-2012-2313 CVE-2012-2372 CVE-2012-2373 CVE-2012-2375 CVE-2012-2383 CVE-2012-2384 CVE-2013-6205 CVE-2013-6206 SSRT101443 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Rapid Deployment Pack (RDP) -- All versions HP Insight Control Server Deployment -- All versions BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2013-6205 (AV:L/AC:M/Au:S/C:P/I:P/A:P) 4.1 CVE-2013-6206 (AV:N/AC:L/Au:N/C:C/I:P/A:P) 9.0 CVE-2010-4008 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2010-4494 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2011-2182 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2011-2213 (AV:L/AC:L/Au:N/C:N/I:N/A:C) 4.9 CVE-2011-2492 (AV:L/AC:M/Au:N/C:P/I:N/A:N) 1.9 CVE-2011-2518 (AV:L/AC:L/Au:N/C:N/I:N/A:C) 4.9 CVE-2011-2689 (AV:L/AC:L/Au:N/C:N/I:N/A:C) 4.9 CVE-2011-2723 (AV:A/AC:M/Au:N/C:N/I:N/A:C) 5.7 CVE-2011-3188 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2011-4077 (AV:L/AC:M/Au:N/C:C/I:C/A:C) 6.9 CVE-2011-4110 (AV:L/AC:L/Au:N/C:N/I:N/A:P) 2.1 CVE-2012-0058 (AV:L/AC:L/Au:N/C:N/I:N/A:C) 4.9 CVE-2012-0879 (AV:L/AC:L/Au:N/C:N/I:N/A:C) 4.9 CVE-2012-1088 (AV:L/AC:M/Au:N/C:N/I:P/A:P) 3.3 CVE-2012-1179 (AV:A/AC:M/Au:S/C:N/I:N/A:C) 5.2 CVE-2012-2137 (AV:L/AC:M/Au:N/C:C/I:C/A:C) 6.9 CVE-2012-2313 (AV:L/AC:H/Au:N/C:N/I:N/A:P) 1.2 CVE-2012-2372 (AV:L/AC:M/Au:S/C:N/I:N/A:C) 4.4 CVE-2012-2373 (AV:L/AC:H/Au:N/C:N/I:N/A:C) 4.0 CVE-2012-2375 (AV:A/AC:H/Au:N/C:N/I:N/A:C) 4.6 CVE-2012-2383 (AV:L/AC:L/Au:N/C:N/I:N/A:C) 4.9 CVE-2012-2384 (AV:L/AC:L/Au:N/C:N/I:N/A:C) 4.9 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP recommends that HP Rapid Deployment Pack (RDP) or HP Insight Control Server Deployment should only be run on private secure networks to prevent the risk of security compromise. HISTORY Version:1 (rev.1) - 10 March 2014 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2014 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners
var-201205-0393	Multiple stack-based buffer overflows in Apple QuickTime before 7.7.2 on Windows allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TeXML file. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of XML elements within a TeXML file. Specifically, when handling the style XML element the code within QuickTime3GPP.qtx does not properly validate the length of the data within specific sub-fields. By providing specially crafted data, the code can be made to copy too much into a fixed-length buffer on the stack. These issues arise when the application handles specially crafted files. Versions prior to QuickTime 7.7.2 are vulnerable on Windows 7, Vista and XP. This BID is being retired. The following individual records exist to better document the issues: 53584 Apple QuickTime Prior To 7.7.2 '.pict' Files Memory Corruption Vulnerability 53583 Apple QuickTime Prior To 7.7.2 QTVR Files Remote Code Execution Vulnerability 53582 Apple QuickTime Prior To 7.7.2 'sean' Atoms Integer Overflow Vulnerability 53580 Apple QuickTime Prior To 7.7.2 Sorenson Files Buffer Overflow Vulnerability 53579 Apple QuickTime Prior To 7.7.2 RLE Files Buffer Overflow Vulnerability 53578 Apple QuickTime Prior To 7.7.2 File Path Handling Stack Overflow Vulnerability 53577 Apple QuickTime Prior To 7.7.2 QTMovie Objects Stack Overflow Vulnerability 53576 Apple QuickTime Prior To 7.7.2 H.264 Encoded Heap Overflow Vulnerability 53574 Apple QuickTime Prior To 7.7.2 Text Tracks Heap Overflow Vulnerability 53571 Apple QuickTime Prior To 7.7.2 Multiple Stack Overflow Vulnerabilities. Apple QuickTime is a multimedia playback software developed by Apple (Apple). The software is capable of handling multiple sources such as digital video, media segments, and more. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-095 : Apple Quicktime TeXML transform Attribute Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-095 June 21, 2012 - -- CVE ID: CVE-2012-0663 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors: Apple - -- Affected Products: Apple QuickTime - -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 12405. - -- Vendor Response: Apple has issued an update to correct this vulnerability. More details can be found at: http://support.apple.com/kb/HT1222 - -- Disclosure Timeline: 2011-10-21 - Vulnerability reported to vendor 2012-06-21 - Coordinated public release of advisory - -- Credit: This vulnerability was discovered by: * Alexander Gavrun - -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/ Follow the ZDI on Twitter: http://twitter.com/thezdi -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 10.2.0 (Build 1950) Charset: utf-8 wsBVAwUBT+OLA1VtgMGTo1scAQJI7Qf+OnfYeok9hy6ohcokglQSew5g0w2FfAUP J9Y899T0z94b00bsE7dRG3DADKnvsFkGXmgID94YCwdQL9hJ4MKNZepaBwL+LsdV lv4Wrm+Q7Zoy22EdeuUu1QU4MfrWyKfxxKgrH1Salk7BcWCjXKHh07dDBB0Ep7TG ECd1DAf+yRP6Ax3MKB0CfgRsdNcRtU7jOoZsf199UfCBqQr1wL4vxknXi8bP3mb1 8+2/xJcJ0CiIO7lkeYSxXY+me9ufQiuNLP1H3CgYT75oTdJtdm0lUqmunPiBaNum uOnRPZswFoNuQsKt+GOn7cw8KZR7BJS0akhzDGfQ3hPZFJ0EkCQ6Iw== =xhVI -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-05-15-1 QuickTime 7.7.2 QuickTime 7.7.2 is now available and addresses the following: QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple stack overflows existed in QuickTime's handling of TeXML files. These issues do not affect OS X systems. CVE-ID CVE-2012-0663 : Alexander Gavrun working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A heap overflow existed in QuickTime's handling of text tracks. This issue does not affect OS X systems. CVE-ID CVE-2012-0664 : Alexander Gavrun working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in the handling of H.264 encoded movie files. CVE-ID CVE-2012-0665 : Luigi Auriemma working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Opening a maliciously crafted MP4 encoded file may lead to an unexpected application termination or arbitrary code execution Description: An uninitialized memory access issue existed in the handling of MP4 encoded files. For OS X Lion systems, this issue is addressed in OS X Lion v10.7.3. For Mac OS X v10.6 systems, this issue is addressed in Security Update 2012-001. CVE-ID CVE-2011-3458 : Luigi Auriemma and pa_kt both working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: An off by one buffer overflow existed in the handling of rdrf atoms in QuickTime movie files. For OS X Lion systems, this issue is addressed in OS X Lion v10.7.3. For Mac OS X v10.6 systems, this issue is addressed in Security Update 2012-001. CVE-ID CVE-2011-3459 : Luigi Auriemma working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file during progressive download may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of audio sample tables. For OS X Lion systems, this issue is addressed in OS X Lion v10.7.4. For Mac OS X v10.6 systems, this issue is addressed in Security Update 2012-002. CVE-ID CVE-2012-0658 : Luigi Auriemma working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted MPEG file may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the handling of MPEG files. For OS X Lion systems, this issue is addressed in OS X Lion v10.7.4. For Mac OS X v10.6 systems, this issue is addressed in Security Update 2012-002. CVE-ID CVE-2012-0659 : An anonymous researcher working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A stack buffer overflow existed in the QuickTime plugin's handling of QTMovie objects. This issue does not affect OS X systems. CVE-ID CVE-2012-0666 : CHkr_D591 working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Processing a maliciously crafted PNG image may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of PNG files. For OS X Lion systems, this issue is addressed in OS X Lion v10.7.3. For Mac OS X v10.6 systems, this issue is addressed in Security Update 2012-001. CVE-ID CVE-2011-3460 : Luigi Auriemma working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted QTVR movie file may lead to an unexpected application termination or arbitrary code execution Description: A signedness issue existed in the handling of QTVR movie files. This issue does not affect OS X systems. CVE-ID CVE-2012-0667 : Alin Rad Pop working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A use after free issue existed in the handling of JPEG2000 encoded movie files. This issue does not affect systems prior to OS X Lion. For OS X Lion systems, this issue is addressed in OS X Lion v10.7.4. CVE-ID CVE-2012-0661 : Damian Put working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of RLE encoded movie files. CVE-ID CVE-2012-0668 : Luigi Auriemma working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in QuickTime's handling of Sorenson encoded movie files. This issue does not affect OS X systems. CVE-ID CVE-2012-0669 : Damian Put working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in QuickTime's handling of sean atoms. CVE-ID CVE-2012-0670 : Tom Gallagher (Microsoft) and Paul Bates (Microsoft) working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted .pict file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the handling of .pict files. CVE-ID CVE-2012-0671 : Rodrigo Rubira Branco (twitter.com/bsdaemon) from the Qualys Vulnerability & Malware Research Labs (VMRL) QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Opening a file in a maliciously crafted path may lead to an unexpected application termination or arbitrary code execution Description: A stack buffer overflow existed in QuickTime's handling of file paths. This issue does not affect OS X systems. CVE-ID CVE-2012-0265 : Tielei Wang of Georgia Tech Information Security Center via Secunia SVCRP QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted MPEG file may lead to an unexpected application termination or arbitrary code execution Description: An integer underflow existed in QuickTime's handling of audio streams in MPEG files. CVE-ID CVE-2012-0660 : Justin Kim at Microsoft and Microsoft Vulnerability Research (MSVR) QuickTime 7.7.2 may be obtained from the QuickTime Downloads site: http://www.apple.com/quicktime/download/ The download file is named: "QuickTimeInstaller.exe" Its SHA-1 digest is: ed569d62b3f8c24ac8e9aec7275f17cbb14d2124 Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJPsobhAAoJEPefwLHPlZEwk/sP/0C8iXVhnG481GbA03CMhKXJ XDooIlCG6YeoeJxGfri/vqlzqcHe3R90K6R89z1dKGU2bWGvtITh95E+WKll++7F hHYq6YC+r/o1cP1SjBi6A3swhN57m1nQZRIEnnIm+nBSxaiHA6xdRSUaK4ighLSA jbOVfu/6NPuGSlgWBPKSISDY2FhL0GH0QVLW/piVtMTrxhizlE7dgieipAPoVvRC SW2W0te7ujo2X167f2GS8EwplUkj/yVeScdr/6HjLkAXIQ1B9RNqTeOdyQZjTxay 32xhZTQ+JfSQzY6VSGoF0bqlK39u5UyzySIKS446OxclYI6xGKSFvTN3nBUwERd+ W+E/4k3Ry4OYEkgZ5yltXO8bJvGZtmpLOkq94Vb4w7EaEgJ452J/YjqCEEbmtAKM 0W9g1jt5av5Hv+vQ7rufR1tJ6CqkIDDr0f3qY+W/F8ZtdA8Bkvm9568d3L1Vlbai zy89w39Z1RTPMLccZEhtd+80f75P+R3n88X5czjXYignrUJbxhM/S8meqQB5GUB9 nJvZtWB1wlACHJ/EKUTv6miK20XE1OukRyvW0o7WWplqBj5KFWvRcV0tovfybGY9 EKwmao4Hwmq+ovJBFLZj/TV6MMxsJjS9qVea/yOlzZCy+6dwok38yyMAqy+m2dLT X2aq0dgzK7qjPx0FRyOx =BPXs -----END PGP SIGNATURE-----
var-201806-1459	An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "FontParser" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file. Apple iOS, macOS High Sierra, tvOS, and watchOS are all products of Apple Inc. in the United States. Apple iOS is an operating system developed for mobile devices; macOS High Sierra is a dedicated operating system developed for Mac computers; tvOS is a smart TV operating system; watchOS is a smart watch operating system. The following products and versions are affected: Apple iOS prior to 11.4; macOS High Sierra prior to 10.13.5; tvOS prior to 11.4; watchOS prior to 4.3.1. CVE-2018-4196: G. CVE-2018-4253: shrek_wzw of Qihoo 360 Nirvan Team apache_mod_php Available for: macOS High Sierra 10.13.4 Impact: Issues in php were addressed in this update Description: This issue was addressed by updating to php version 7.1.16. CVE-2018-4219: Mohamed Ghannam (@_simo36) Bluetooth Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6 Impact: A malicious application may be able to determine kernel memory layout. Description: An information disclosure issue existed in device properties. CVE-2018-4171: shrek_wzw of Qihoo 360 Nirvan Team Bluetooth Available for: MacBook Pro (Retina, 15-inch, Mid 2015), MacBook Pro (Retina, 15-inch, 2015), MacBook Pro (Retina, 13-inch, Early 2015), MacBook Pro (15-inch, 2017), MacBook Pro (15-inch, 2016), MacBook Pro (13-inch, Late 2016, Two Thunderbolt 3 Ports), MacBook Pro (13-inch, Late 2016, Four Thunderbolt 3 Ports), MacBook Pro (13-inch, 2017, Four Thunderbolt 3 Ports), MacBook (Retina, 12-inch, Early 2016), MacBook (Retina, 12-inch, Early 2015), MacBook (Retina, 12-inch, 2017), iMac Pro, iMac (Retina 5K, 27-inch, Late 2015), iMac (Retina 5K, 27-inch, 2017), iMac (Retina 4K, 21.5-inch, Late 2015), iMac (Retina 4K, 21.5-inch, 2017), iMac (21.5-inch, Late 2015), and iMac (21.5-inch, 2017) Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic Description: An input validation issue existed in Bluetooth. CVE-2018-4211: Proteas of Qihoo 360 Nirvan Team Grand Central Dispatch Available for: macOS High Sierra 10.13.4 Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: An issue existed in parsing entitlement plists. The issue appears to be from an undocumented side effect of the instructions. An attacker might utilize this exception handling to gain access to Ring 0 and access sensitive memory or control operating system processes. CVE-2018-4226: Abraham Masri (@cheesecakeufo) Speech Available for: macOS High Sierra 10.13.4 Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: A sandbox issue existed in the handling of microphone access. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-7-23-3 Additional information for APPLE-SA-2018-06-01-4 iOS 11.4 iOS 11.4 addresses the following: Bluetooth Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to elevate privileges Description: A buffer overflow was addressed with improved size validation. CVE-2018-4215: Abraham Masri (@cheesecakeufo) Bluetooth Available for: iPhone X, iPhone 8, iPhone 8 Plus, iPad 6th generation, and iPad Air 2 Not impacted: HomePod Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic Description: An input validation issue existed in Bluetooth. This issue was addressed with improved input validation. CVE-2018-5383: Lior Neumann and Eli Biham Entry added July 23, 2018 Contacts Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted vcf file may lead to a denial of service Description: A validation issue existed in the handling of phone numbers. This issue was addressed with improved validation of phone numbers. CVE-2018-4100: Abraham Masri (@cheesecakeufo) FontParser Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved validation. CVE-2018-4211: Proteas of Qihoo 360 Nirvan Team iBooks Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker in a privileged network position may be able to spoof password prompts in iBooks Description: An input validation issue was addressed with improved input validation. CVE-2018-4202: Jerry Decime Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker in a privileged position may be able to perform a denial of service attack Description: A denial of service issue was addressed with improved validation. CVE-2018-4249: Kevin Backhouse of Semmle Ltd. Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A buffer overflow was addressed with improved bounds checking. CVE-2018-4241: Ian Beer of Google Project Zero CVE-2018-4243: Ian Beer of Google Project Zero libxpc Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A logic issue was addressed with improved validation. CVE-2018-4237: Samuel GroA (@5aelo) working with Trend Micro's Zero Day Initiative Magnifier Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to an iOS device may be able to view the last image used in Magnifier from the lockscreen Description: A permissions issue existed in Magnifier. This was addressed with additional permission checks. CVE-2018-4239: an anonymous researcher Mail Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker may be able to exfiltrate the contents of S/MIME-encrypted e-mail Description: An issue existed in the handling of encrypted Mail. This issue was addressed with improved isolation of MIME in Mail. CVE-2018-4227: Damian Poddebniak of MA1/4nster University of Applied Sciences, Christian Dresen of MA1/4nster University of Applied Sciences, Jens MA1/4ller of Ruhr University Bochum, Fabian Ising of MA1/4nster University of Applied Sciences, Sebastian Schinzel of MA1/4nster University of Applied Sciences, Simon Friedberger of KU Leuven, Juraj Somorovsky of Ruhr University Bochum, JAPrg Schwenk of Ruhr University Bochum Messages Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to conduct impersonation attacks Description: An injection issue was addressed with improved input validation. CVE-2018-4235: Anurodh Pokharel of Salesforce.com Messages Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted message may lead to a denial of service Description: This issue was addressed with improved message validation. CVE-2018-4240: Sriram (@Sri_Hxor) of PrimeFort Pvt. Ltd CVE-2018-4250: Metehan YA+-lmaz of Sesim Sarpkaya Safari Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious website may be able to cause a denial of service Description: A denial of service issue was addressed with improved validation. CVE-2018-4247: FranASSois Renaud, Jesse Viviano of Verizon Enterprise Solutions Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to read a persistent account identifier Description: An authorization issue was addressed with improved state management. CVE-2018-4223: Abraham Masri (@cheesecakeufo) Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Users may be tracked by malicious websites using client certificates Description: An issue existed in the handling of S-MIME certificaties. This issue was addressed with improved validation of S-MIME certificates. CVE-2018-4221: Damian Poddebniak of MA1/4nster University of Applied Sciences, Christian Dresen of MA1/4nster University of Applied Sciences, Jens MA1/4ller of Ruhr University Bochum, Fabian Ising of MA1/4nster University of Applied Sciences, Sebastian Schinzel of MA1/4nster University of Applied Sciences, Simon Friedberger of KU Leuven, Juraj Somorovsky of Ruhr University Bochum, JAPrg Schwenk of Ruhr University Bochum Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to read a persistent device identifier Description: An authorization issue was addressed with improved state management. CVE-2018-4224: Abraham Masri (@cheesecakeufo) Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to modify the state of the Keychain Description: An authorization issue was addressed with improved state management. CVE-2018-4225: Abraham Masri (@cheesecakeufo) Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to view sensitive user information Description: An authorization issue was addressed with improved state management. CVE-2018-4226: Abraham Masri (@cheesecakeufo) Siri Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to an iOS device may be able to enable Siri from the lock screen Description: An issue existed with Siri permissions. This was addressed with improved permission checking. CVE-2018-4238: Baljinder Singh, Muhammad khizer javed, Onur Can BIKMAZ (@CanBkmaz) of Mustafa Kemal University Siri Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to an iOS device may be able to use Siri to read notifications of content that is set not to be displayed at the lock screen Description: An issue existed with Siri permissions. This was addressed with improved permission checking. CVE-2018-4252: Hunter Byrnes, Martin Winkelmann (@Winkelmannnn) Siri Contacts Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker with physical access to a device may be able to see private contact information Description: An issue existed with Siri permissions. This was addressed with improved permission checking. CVE-2018-4244: an anonymous researcher UIKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted text file may lead to a denial of service Description: A validation issue existed in the handling of text. This issue was addressed with improved validation of text. CVE-2018-4198: Hunter Byrnes WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2018-4188: YoKo Kho (@YoKoAcc) of Mitra Integrasi Informatika, PT WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4201: an anonymous researcher CVE-2018-4218: Natalie Silvanovich of Google Project Zero CVE-2018-4233: Samuel GroA (@5aelo) working with Trend Micro's Zero Day Initiative WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling. CVE-2018-4199: Alex Plaskett, Georgi Geshev, Fabi Beterke, and Nils of MWR Labs working with Trend Micro's Zero Day Initiative WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a maliciously crafted website may lead to cookies being overwritten Description: A permissions issue existed in the handling of web browser cookies. This issue was addressed with improved restrictions. CVE-2018-4232: an anonymous researcher, Aymeric Chaib WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A race condition was addressed with improved locking. CVE-2018-4192: Markus Gaasedelen, Nick Burnett, and Patrick Biernat of Ret2 Systems, Inc working with Trend Micro's Zero Day Initiative WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4214: found by OSS-Fuzz WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4204: found by OSS-Fuzz, Richard Zhu (fluorescence) working with Trend Micro's Zero Day Initiative WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved memory handling. CVE-2018-4246: found by OSS-Fuzz WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a maliciously crafted website may leak sensitive data Description: Credentials were unexpectedly sent when fetching CSS mask images. This was addressed by using a CORS-enabled fetch method. CVE-2018-4190: Jun Kokatsu (@shhnjk) WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2018-4222: Natalie Silvanovich of Google Project Zero Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "iOS 11.4". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEfcwwPWJ3e0Ig26mf8ecVjteJiCYFAltUshMACgkQ8ecVjteJ iCbspA//aVxu/EdiaNxNRmRDFB8LpqKa3xjJdfkK9cJRYZ+eBHJZjBfzj4BzABuG Xow7FkEE7LSQpCeJ08Ggo6vVQUdR4+etQ2UfjQWGX6qIvLZUXK0lw2x5XdTP0q4m WmNoZcdK3cmbVXGMWUZRUrYPTWwMnTMsPpPoDoptaQRseN+K/0kdwsQZtdqeN9sq GN3Qp6AW6WR1gUAgDriIyzFXTxJ8NmKx2+4B5O2w0TbmzxGa/F5ZUjw4D/wwJJPA /RXAwseJMghPfbi9tNcjUhbGFfcnr5JvyGfY2GESFc7odWt2XSpePHr6qaJzogBr KeJKOVpgTdS4PO37+KDUfQDIElSnYQVTff8Tinxg/Zojafp0PxYkDYRxw7i16YKU HsB7R0o5Yi5YD4uG5ioMj4RspQDWozzveVvvtah6/bWChQQwD3XHr6JRM6oJ106G wNx2EHfRRXFQCY680RfE8hN/98IJRrCF6nIdO9zBbzGM/Ihzr02F0qSrdB5/PXSq S6EwJi0M5ia/KMFSO7EY5qQ2aipyDC3WPkvQrHtpsqstMrktyJOYGbm/t39WmIBb gC92rxvNFr5mO8Owypu1/tloGr15zIxPGR6OXA/DVxdRm2/UmW1tsqQfKgporJMD de6uiZJb8p8X36KC7YmHLTApYL3CaZebJIIOmf8tKjQUxxbR9wE= =nII0 -----END PGP SIGNATURE----- . Alternatively, on your watch, select "My Watch > General > About"
var-201203-0196	Google Chrome before 17.0.963.65 does not properly handle text, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document. Google Chrome is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the browser or cause denial-of-service conditions; other attacks may also be possible. Google Chrome versions prior to 17.0.963.65 are vulnerable. Google Chrome is a web browser developed by Google (Google). This update removes handling of feed:// URLs. This update removes handling of feed:// URLs. This header is used by many websites to serve files that were uploaded to the site by a third-party, such as attachments in web-based e-mail applications. Any script in files served with this header value would run as if the file had been served inline, with full access to other resources on the origin server. CVE-ID CVE-2012-3689 : David Bloom of Cue WebKit Available for: OS X Lion v10.7.4, OS X Lion Server v10.7.4 Impact: Dragging and dropping selected text on a web page may cause files from the user's system to be sent to a remote server Description: An access control issue existed in the handling of drag and drop events. CVE-ID CVE-2011-2845 : Jordi Chancel WebKit Available for: OS X Lion v10.7.4, OS X Lion Server v10.7.4 Impact: An attacker may be able to escape the sandbox and access any file the current user has access to Description: An access control issue existed in the handling of file URLs. An attacker who gains arbitrary code execution in a Safari WebProcess may be able to bypass the sandbox and access any file that the user running Safari has access to. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201203-19 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Chromium: Multiple vulnerabilities Date: March 25, 2012 Bugs: #406975, #407465, #407755, #409251 ID: 201203-19 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been reported in Chromium, some of which may allow execution of arbitrary code. Background ========== Chromium is an open source web browser project. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/chromium < 17.0.963.83 >= 17.0.963.83 Description =========== Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers and release notes referenced below for details. Impact ====== A remote attacker could entice a user to open a specially crafted web site using Chromium, possibly resulting in the execution of arbitrary code with the privileges of the process, a Denial of Service condition, Universal Cross-Site Scripting, or installation of an extension without user interaction. A remote attacker could also entice a user to install a specially crafted extension that would interfere with browser-issued web requests. Workaround ========== There is no known workaround at this time. Resolution ========== All Chromium users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-client/chromium-17.0.963.83" References ========== [ 1 ] CVE-2011-3031 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3031 [ 2 ] CVE-2011-3032 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3032 [ 3 ] CVE-2011-3033 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3033 [ 4 ] CVE-2011-3034 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3034 [ 5 ] CVE-2011-3035 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3035 [ 6 ] CVE-2011-3036 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3036 [ 7 ] CVE-2011-3037 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3037 [ 8 ] CVE-2011-3038 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3038 [ 9 ] CVE-2011-3039 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3039 [ 10 ] CVE-2011-3040 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3040 [ 11 ] CVE-2011-3041 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3041 [ 12 ] CVE-2011-3042 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3042 [ 13 ] CVE-2011-3043 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3043 [ 14 ] CVE-2011-3044 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3044 [ 15 ] CVE-2011-3046 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3046 [ 16 ] CVE-2011-3047 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3047 [ 17 ] CVE-2011-3049 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3049 [ 18 ] CVE-2011-3050 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3050 [ 19 ] CVE-2011-3051 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3051 [ 20 ] CVE-2011-3052 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3052 [ 21 ] CVE-2011-3053 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3053 [ 22 ] CVE-2011-3054 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3054 [ 23 ] CVE-2011-3055 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3055 [ 24 ] CVE-2011-3056 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3056 [ 25 ] CVE-2011-3057 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3057 [ 26 ] Release Notes 17.0.963.65 http://googlechromereleases.blogspot.com/2012/03/chrome-stable-update.htm= l [ 27 ] Release Notes 17.0.963.78 http://googlechromereleases.blogspot.com/2012/03/chrome-stable-channel-up= date.html [ 28 ] Release Notes 17.0.963.79 http://googlechromereleases.blogspot.com/2012/03/chrome-stable-update_10.= html [ 29 ] Release Notes 17.0.963.83 http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21= .html Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201203-19.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. License ======= Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-09-19-1 iOS 6 iOS 6 is now available and addresses the following: CFNetwork Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive information Description: An issue existed in CFNetwork's handling of malformed URLs. CFNetwork may send requests to an incorrect hostname, resulting in the disclosure of sensitive information. This issue was addressed through improvements to URL handling. CVE-ID CVE-2012-3724 : Erling Ellingsen of Facebook CoreGraphics Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Multiple vulnerabilities in FreeType Description: Multiple vulnerabilities existed in FreeType, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. These issues were addressed by updating FreeType to version 2.4.9. Further information is available via the FreeType site at http://www.freetype.org/ CVE-ID CVE-2012-1126 CVE-2012-1127 CVE-2012-1128 CVE-2012-1129 CVE-2012-1130 CVE-2012-1131 CVE-2012-1132 CVE-2012-1133 CVE-2012-1134 CVE-2012-1135 CVE-2012-1136 CVE-2012-1137 CVE-2012-1138 CVE-2012-1139 CVE-2012-1140 CVE-2012-1141 CVE-2012-1142 CVE-2012-1143 CVE-2012-1144 CoreMedia Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: An uninitialized memory access existed in the handling of Sorenson encoded movie files. This issue was addressed through improved memory initialization. CVE-ID CVE-2012-3722 : Will Dormann of the CERT/CC DHCP Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A malicious Wi-Fi network may be able to determine networks a device has previously accessed Description: Upon connecting to a Wi-Fi network, iOS may broadcast MAC addresses of previously accessed networks per the DNAv4 protocol. This issue was addressed by disabling DNAv4 on unencrypted Wi-Fi networks. CVE-ID CVE-2012-3725 : Mark Wuergler of Immunity, Inc. ImageIO Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted TIFF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in libtiff's handling of ThunderScan encoded TIFF images. This issue was addressed by updating libtiff to version 3.9.5. CVE-ID CVE-2011-1167 ImageIO Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted PNG image may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in libpng's handling of PNG images. These issues were addressed through improved validation of PNG images. CVE-ID CVE-2011-3026 : Juri Aedla CVE-2011-3048 CVE-2011-3328 ImageIO Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted JPEG image may lead to an unexpected application termination or arbitrary code execution Description: A double free issue existed in ImageIO's handling of JPEG images. This issue was addressed through improved memory management. CVE-ID CVE-2012-3726 : Phil of PKJE Consulting ImageIO Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow issue existed in libTIFF's handling of TIFF images. This issue was addressed through improved validation of TIFF images. CVE-ID CVE-2012-1173 : Alexander Gavrun working with HP's Zero Day Initiative International Components for Unicode Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Applications that use ICU may be vulnerable to an unexpected application termination or arbitrary code execution Description: A stack buffer overflow existed in the handling of ICU locale IDs. This issue was addressed through improved bounds checking. CVE-ID CVE-2011-4599 IPSec Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Loading a maliciously crafted racoon configuration file may lead to arbitrary code execution Description: A buffer overflow existed in the handling of racoon configuration files. This issue was addressed through improved bounds checking. CVE-ID CVE-2012-3727 : iOS Jailbreak Dream Team Kernel Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with system privileges Description: An invalid pointer dereference issue existed in the kernel's handling of packet filter ioctls. This may allow an attacker to alter kernel memory. This issue was addressed through improved error handling. CVE-ID CVE-2012-3728 : iOS Jailbreak Dream Team Kernel Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A local user may be able to determine kernel memory layout Description: An uninitialized memory access issue existed in the Berkeley Packet Filter interpreter, which led to the disclosure of memory content. This issue was addressed through improved memory initialization. CVE-ID CVE-2012-3729 : Dan Rosenberg libxml Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted web page may lead to an unexpected application termination or arbitrary code execution Description: Multiple vulnerabilities existed in libxml, the most serious of which may lead to an unexpected application termination or arbitrary code execution. These issues were addressed by applying the relevant upstream patches. CVE-ID CVE-2011-1944 : Chris Evans of Google Chrome Security Team CVE-2011-2821 : Yang Dingning of NCNIPC, Graduate University of Chinese Academy of Sciences CVE-2011-2834 : Yang Dingning of NCNIPC, Graduate University of Chinese Academy of Sciences CVE-2011-3919 : Juri Aedla Mail Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Mail may present the wrong attachment in a message Description: A logic issue existed in Mail's handling of attachments. If a subsequent mail attachment used the same Content-ID as a previous one, the previous attachment would be displayed, even in the case where the 2 mails originated from different senders. This could facilitate some spoofing or phishing attacks. This issue was addressed through improved handling of attachments. CVE-ID CVE-2012-3730 : Angelo Prado of the salesforce.com Product Security Team Mail Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Email attachments may be read without user's passcode Description: A logic issue existed in Mail's use of Data Protection on email attachments. This issue was addressed by properly setting the Data Protection class for email attachments. CVE-ID CVE-2012-3731 : Stephen Prairie of Travelers Insurance, Erich Stuntebeck of AirWatch Mail Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: An attacker may spoof the sender of a S/MIME signed message Description: S/MIME signed messages displayed the untrusted 'From' address, instead of the name associated with the message signer's identity. This issue was addressed by displaying the address associated with the message signer's identity when it is available. CVE-ID CVE-2012-3732 : An anonymous researcher Messages Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A user may unintentionally disclose the existence of their email addresses Description: When a user had multiple email addresses associated with iMessage, replying to a message may have resulted in the reply being sent from a different email address. This may disclose another email address associated to the user's account. This issue was addressed by always replying from the email address the original message was sent to. CVE-ID CVE-2012-3733 : Rodney S. Foley of Gnomesoft, LLC Office Viewer Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Unencrypted document data may be written to a temporary file Description: An information disclosure issue existed in the support for viewing Microsoft Office files. When viewing a document, the Office Viewer would write a temporary file containing data from the viewed document to the temporary directory of the invoking process. For an application that uses data protection or other encryption to protect the user's files, this could lead to information disclosure. This issue was addressed by avoiding creation of temporary files when viewing Office documents. CVE-ID CVE-2012-3734 : Salvatore Cataudella of Open Systems Technologies OpenGL Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Applications that use OS X's OpenGL implementation may be vulnerable to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in the handling of GLSL compilation. These issues were addressed through improved validation of GLSL shaders. CVE-ID CVE-2011-3457 : Chris Evans of the Google Chrome Security Team, and Marc Schoenefeld of the Red Hat Security Response Team Passcode Lock Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A person with physical access to the device could briefly view the last used third-party app on a locked device Description: A logic issue existed with the display of the "Slide to Power Off" slider on the lock screen. This issue was addressed through improved lock state management. CVE-ID CVE-2012-3735 : Chris Lawrence DBB Passcode Lock Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A person with physical access to the device may be able to bypass the screen lock Description: A logic issue existed in the termination of FaceTime calls from the lock screen. This issue was addressed through improved lock state management. CVE-ID CVE-2012-3736 : Ian Vitek of 2Secure AB Passcode Lock Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: All photos may be accessible at the lock screen Description: A design issue existed in the support for viewing photos that were taken at the lock screen. In order to determine which photos to permit access to, the passcode lock consulted the time at which the device was locked and compared it to the time that a photo was taken. By spoofing the current time, an attacker could gain access to photos that were taken before the device was locked. This issues was addressed by explicitly keeping track of the photos that were taken while the device was locked. CVE-ID CVE-2012-3737 : Ade Barkah of BlueWax Inc. Passcode Lock Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A person with physical access to a locked device may perform FaceTime calls Description: A logic issue existed in the Emergency Dialer screen, which permitted FaceTime calls via Voice Dialing on the locked device. This could also disclose the user's contacts via contact suggestions. This issue was addressed by disabling Voice Dialing on the Emergency Dialer screen. CVE-ID CVE-2012-3738 : Ade Barkah of BlueWax Inc. Passcode Lock Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A person with physical access to the device may be able to bypass the screen lock Description: Using the camera from the screen lock could in some cases interfere with automatic lock functionality, allowing a person with physical access to the device to bypass the Passcode Lock screen. This issue was addressed through improved lock state management. CVE-ID CVE-2012-3739 : Sebastian Spanninger of the Austrian Federal Computing Centre (BRZ) Passcode Lock Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A person with physical access to the device may be able to bypass the screen lock Description: A state management issue existed in the handling of the screen lock. This issue was addressed through improved lock state management. CVE-ID CVE-2012-3740 : Ian Vitek of 2Secure AB Restrictions Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A user may be able to make purchases without entering Apple ID credentials Description: After disabling Restrictions, iOS may not ask for the user's password during a transaction. This issue was addressed by additional enforcement of purchase authorization. CVE-ID CVE-2012-3741 : Kevin Makens of Redwood High School Safari Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Websites may use characters with an appearance similar to the lock icon in their titles Description: Websites could use a Unicode character to create a lock icon in the page title. This icon was similar in appearance to the icon used to indicate a secure connection, and could have lead the user to believe a secure connection had been established. This issue was addressed by removing these characters from page titles. CVE-ID CVE-2012-3742 : Boku Kihara of Lepidum Safari Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Passwords may autocomplete even when the site specifies that autocomplete should be disabled Description: Password input elements with the autocomplete attribute set to "off" were being autocompleted. This issue was addressed through improved handling of the autocomplete attribute. CVE-ID CVE-2012-0680 : Dan Poltawski of Moodle System Logs Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Sandboxed apps may obtain system log content Description: Sandboxed apps had read access to /var/log directory, which may allow them to obtain sensitive information contained in system logs. This issue was addressed by denying sandboxed apps access to the /var/log directory. CVE-ID CVE-2012-3743 Telephony Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: An SMS message may appear to have been sent by an arbitrary user Description: Messages displayed the return address of an SMS message as the sender. Return addresses may be spoofed. This issue was addressed by always displaying the originating address instead of the return address. CVE-ID CVE-2012-3744 : pod2g Telephony Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: An SMS message may disrupt cellular connectivity Description: An off-by-one buffer overflow existed in the handling of SMS user data headers. This issue was addressed through improved bounds checking. CVE-ID CVE-2012-3745 : pod2g UIKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: An attacker that gains access to a device's filesystem may be able to read files that were being displayed in a UIWebView Description: Applications that use UIWebView may leave unencrypted files on the file system even when a passcode is enabled. This issue was addressed through improved use of data protection. CVE-ID CVE-2012-3746 : Ben Smith of Box WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2011-3016 : miaubiz CVE-2011-3021 : Arthur Gerkis CVE-2011-3027 : miaubiz CVE-2011-3032 : Arthur Gerkis CVE-2011-3034 : Arthur Gerkis CVE-2011-3035 : wushi of team509 working with iDefense VCP, Arthur Gerkis CVE-2011-3036 : miaubiz CVE-2011-3037 : miaubiz CVE-2011-3038 : miaubiz CVE-2011-3039 : miaubiz CVE-2011-3040 : miaubiz CVE-2011-3041 : miaubiz CVE-2011-3042 : miaubiz CVE-2011-3043 : miaubiz CVE-2011-3044 : Arthur Gerkis CVE-2011-3050 : miaubiz CVE-2011-3053 : miaubiz CVE-2011-3059 : Arthur Gerkis CVE-2011-3060 : miaubiz CVE-2011-3064 : Atte Kettunen of OUSPG CVE-2011-3068 : miaubiz CVE-2011-3069 : miaubiz CVE-2011-3071 : pa_kt working with HP's Zero Day Initiative CVE-2011-3073 : Arthur Gerkis CVE-2011-3074 : Slawomir Blazek CVE-2011-3075 : miaubiz CVE-2011-3076 : miaubiz CVE-2011-3078 : Martin Barbella of the Google Chrome Security Team CVE-2011-3081 : miaubiz CVE-2011-3086 : Arthur Gerkis CVE-2011-3089 : Skylined of the Google Chrome Security Team, miaubiz CVE-2011-3090 : Arthur Gerkis CVE-2011-3105 : miaubiz CVE-2011-3913 : Arthur Gerkis CVE-2011-3924 : Arthur Gerkis CVE-2011-3926 : Arthur Gerkis CVE-2011-3958 : miaubiz CVE-2011-3966 : Aki Helin of OUSPG CVE-2011-3968 : Arthur Gerkis CVE-2011-3969 : Arthur Gerkis CVE-2011-3971 : Arthur Gerkis CVE-2012-0682 : Apple Product Security CVE-2012-0683 : Dave Mandelin of Mozilla CVE-2012-1520 : Martin Barbella of the Google Chrome Security Team using AddressSanitizer, Jose A. This issue was addressed through improved origin tracking. CVE-ID CVE-2012-3691 : Apple WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: A malicious website may be able to replace the contents of an iframe on another site Description: A cross-origin issue existed in the handling of iframes in popup windows. This issue was addressed through improved origin tracking. CVE-ID CVE-2011-3067 : Sergey Glazunov WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to a cross- site disclosure of information Description: A cross-origin issue existed in the handling of iframes and fragment identifiers. This issue was addressed through improved origin tracking. CVE-ID CVE-2012-2815 : Elie Bursztein, Baptiste Gourdin, Gustav Rydstedt, and Dan Boneh of the Stanford University Security Laboratory WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Look-alike characters in a URL could be used to masquerade a website Description: The International Domain Name (IDN) support and Unicode fonts embedded in Safari could have been used to create a URL which contains look-alike characters. These could have been used in a malicious website to direct the user to a spoofed site that visually appears to be a legitimate domain. This issue was addressed by supplementing WebKit's list of known look-alike characters. Look- alike characters are rendered in Punycode in the address bar. CVE-ID CVE-2012-3693 : Matt Cooley of Symantec WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A canonicalization issue existed in the handling of URLs. This may have led to cross-site scripting on sites which use the location.href property. This issue was addressed through improved canonicalization of URLs. CVE-ID CVE-2012-3695 : Masato Kinugawa WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to HTTP request splitting Description: An HTTP header injection issue existed in the handling of WebSockets. This issue was addressed through improved WebSockets URI sanitization. CVE-ID CVE-2012-3696 : David Belcher of the BlackBerry Security Incident Response Team WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A maliciously crafted website may be able to spoof the value in the URL bar Description: A state management issue existed in the handling of session history. Navigations to a fragment on the current page may cause Safari to display incorrect information in the URL bar. This issue was addressed through improved session state tracking. CVE-ID CVE-2011-2845 : Jordi Chancel WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to the disclosure of the disclosure of memory contents Description: An uninitialized memory access issue existed in the handling of SVG images. This issue was addressed through improved memory initialization. CVE-ID CVE-2012-3650 : Apple Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "6.0". Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJQWeYHAAoJEPefwLHPlZEwFlwP/1Ib/2m8K7orlPb3zmsKTyjo 3T0rFqu1LbXNzwLRhan7E7KiJoQ7U6yVO4045o/19AYZM+zGVNnHsCkUc3+Vcpa5 TZIM9Rik2iXKMxzttFfc5tvhE1u18PstsDLU/jvyW+s3XxMVL54wnSmW1R+P0de0 8+Q++IANogUj+scJzQkTaFDNDN5v1p0BT0+cifCcqktXB4H/PoaQ7drIWiDGYB/9 n4IL5AjM0BJBzWkldfjPimZ0BseSA0BxdeVCopmAgdnigyB60G4cWGzkU7E35VnP dWgdU9rnIIvGGe/vP912f7AoPtWs1b8n6DYCJgGRXvaRfPoHFUlXaRoVB6vJlMVs JXyMrw/RSDfYEgJdNbFOSxyJXHUkTkt4+aNW4KcoMR6raI/W5zKDyMEICw1wpkwP id6Dz4e6ncf+cfvAFqXpk02OC7iJqn71IJN2MvU/hC7797l++PINIoOHwJZolt+T xL3wV8p3Lk8K6lZx3Q9Tu6Dd7GYkxtjLCgV1NgdHOwPKDUOJ47oG6RjZAd6hpicp RqYXbk5bJpd3nZv+X6FrCZqGfeuwREWW7FJ0dI+/8ohlnisTz16f48W9FtuN3HIj bmxFJ46P4LGxrizwDSdBngxf3Utkh+7hGLuMH51/jR8+tCqDIEgpKBA+2F+IOmyP XtT4lS60xKz63YSg79dd =LvMt -----END PGP SIGNATURE-----
var-202003-1779	FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms). FasterXML jackson-databind There is an unspecified vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. FasterXML Jackson is a data processing tool for Java developed by American FasterXML Company. jackson-databind is one of the components with data binding function. A security vulnerability exists in FasterXML jackson-databind 2.x prior to 2.9.10.4 due to insecure deserialization by org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aries.transaction.jms) . A remote attacker could exploit this vulnerability with specially crafted input to execute arbitrary code on the system. Description: Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation (DMN) execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business. It is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process. Summary: This is a security update for JBoss EAP Continuous Delivery 19. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: Red Hat Data Grid 7.3.7 security update Advisory ID: RHSA-2020:3779-01 Product: Red Hat JBoss Data Grid Advisory URL: https://access.redhat.com/errata/RHSA-2020:3779 Issue date: 2020-09-17 CVE Names: CVE-2017-7658 CVE-2019-10172 CVE-2020-1695 CVE-2020-1710 CVE-2020-1719 CVE-2020-1745 CVE-2020-1748 CVE-2020-1757 CVE-2020-8840 CVE-2020-9488 CVE-2020-9546 CVE-2020-9547 CVE-2020-9548 CVE-2020-10672 CVE-2020-10673 CVE-2020-10714 CVE-2020-10968 CVE-2020-10969 CVE-2020-11111 CVE-2020-11112 CVE-2020-11113 CVE-2020-11612 CVE-2020-11619 CVE-2020-11620 ==================================================================== 1. Summary: An update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Red Hat Data Grid is a distributed, in-memory, NoSQL datastore based on the Infinispan project. This release of Red Hat Data Grid 7.3.7 serves as a replacement for Red Hat Data Grid 7.3.6 and includes bug fixes and enhancements, which are described in the Release Notes, linked to in the References section of this erratum. Security Fix(es): * jetty: Incorrect header handling (CVE-2017-7658) * EAP: field-name is not parsed in accordance to RFC7230 (CVE-2020-1710) * undertow: AJP File Read/Inclusion Vulnerability (CVE-2020-1745) * undertow: servletPath is normalized incorrectly leading to dangerous application mapping which could result in security bypass (CVE-2020-1757) * jackson-databind: Lacks certain xbean-reflect/JNDI blocking (CVE-2020-8840) * jackson-databind: Serialization gadgets in shaded-hikari-config (CVE-2020-9546) * jackson-databind: Serialization gadgets in ibatis-sqlmap (CVE-2020-9547) * jackson-databind: Serialization gadgets in anteros-core (CVE-2020-9548) * jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10672) * jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10673) * jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider..RmiProvider (CVE-2020-10968) jackson-databind: Serialization gadgets in javax.swing.JEditorPane (CVE-2020-10969) * jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory (CVE-2020-11111) * jackson-databind: Serialization gadgets in org.apache.commons.proxy.provider.remoting.RmiProvider (CVE-2020-11112) * jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime (CVE-2020-11113) * jackson-databind: Serialization gadgets in org.springframework:spring-aop (CVE-2020-11619) * jackson-databind: Serialization gadgets in commons-jelly:commons-jelly (CVE-2020-11620) * jackson-mapper-asl: XML external entity similar to CVE-2016-3720 (CVE-2019-10172) * resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class (CVE-2020-1695) * Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain (CVE-2020-1719) * Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748) * wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714) * netty: compression/decompression codecs don't enforce limits on buffer allocation sizes (CVE-2020-11612) * log4j: improper validation of certificate with host mismatch in SMTP appender (CVE-2020-9488) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 3. Solution: To install this update, do the following: 1. Download the Data Grid 7.3.7 server patch from the customer portal. See the download link in the References section. 2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on. 3. Install the Data Grid 7.3.7 server patch. Refer to the 7.3 Release Notes for patching instructions. 4. Restart Data Grid to ensure the changes take effect. 4. Bugs fixed (https://bugzilla.redhat.com/): 1595621 - CVE-2017-7658 jetty: Incorrect header handling 1715075 - CVE-2019-10172 jackson-mapper-asl: XML external entity similar to CVE-2016-3720 1730462 - CVE-2020-1695 resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class 1752770 - CVE-2020-1757 undertow: servletPath is normalized incorrectly leading to dangerous application mapping which could result in security bypass 1793970 - CVE-2020-1710 EAP: field-name is not parsed in accordance to RFC7230 1796617 - CVE-2020-1719 Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain 1807305 - CVE-2020-1745 undertow: AJP File Read/Inclusion Vulnerability 1807707 - CVE-2020-1748 Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain 1815470 - CVE-2020-10673 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution 1815495 - CVE-2020-10672 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution 1816216 - CVE-2020-11612 netty: compression/decompression codecs don't enforce limits on buffer allocation sizes 1816330 - CVE-2020-8840 jackson-databind: Lacks certain xbean-reflect/JNDI blocking 1816332 - CVE-2020-9546 jackson-databind: Serialization gadgets in shaded-hikari-config 1816337 - CVE-2020-9547 jackson-databind: Serialization gadgets in ibatis-sqlmap 1816340 - CVE-2020-9548 jackson-databind: Serialization gadgets in anteros-core 1819208 - CVE-2020-10968 jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider..RmiProvider 1819212 - CVE-2020-10969 jackson-databind: Serialization gadgets in javax.swing.JEditorPane 1821304 - CVE-2020-11111 jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory 1821311 - CVE-2020-11112 jackson-databind: Serialization gadgets in org.apache.commons.proxy.provider.remoting.RmiProvider 1821315 - CVE-2020-11113 jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime 1825714 - CVE-2020-10714 wildfly-elytron: session fixation when using FORM authentication 1826798 - CVE-2020-11620 jackson-databind: Serialization gadgets in commons-jelly:commons-jelly 1826805 - CVE-2020-11619 jackson-databind: Serialization gadgets in org.springframework:spring-aop 1831139 - CVE-2020-9488 log4j: improper validation of certificate with host mismatch in SMTP appender 5. References: https://access.redhat.com/security/cve/CVE-2017-7658 https://access.redhat.com/security/cve/CVE-2019-10172 https://access.redhat.com/security/cve/CVE-2020-1695 https://access.redhat.com/security/cve/CVE-2020-1710 https://access.redhat.com/security/cve/CVE-2020-1719 https://access.redhat.com/security/cve/CVE-2020-1745 https://access.redhat.com/security/cve/CVE-2020-1748 https://access.redhat.com/security/cve/CVE-2020-1757 https://access.redhat.com/security/cve/CVE-2020-8840 https://access.redhat.com/security/cve/CVE-2020-9488 https://access.redhat.com/security/cve/CVE-2020-9546 https://access.redhat.com/security/cve/CVE-2020-9547 https://access.redhat.com/security/cve/CVE-2020-9548 https://access.redhat.com/security/cve/CVE-2020-10672 https://access.redhat.com/security/cve/CVE-2020-10673 https://access.redhat.com/security/cve/CVE-2020-10714 https://access.redhat.com/security/cve/CVE-2020-10968 https://access.redhat.com/security/cve/CVE-2020-10969 https://access.redhat.com/security/cve/CVE-2020-11111 https://access.redhat.com/security/cve/CVE-2020-11112 https://access.redhat.com/security/cve/CVE-2020-11113 https://access.redhat.com/security/cve/CVE-2020-11612 https://access.redhat.com/security/cve/CVE-2020-11619 https://access.redhat.com/security/cve/CVE-2020-11620 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product\xdata.grid&downloadType=securityPatches&version=7.3 https://access.redhat.com/documentation/en-us/red_hat_data_grid/7.3/html/red_hat_data_grid_7.3_release_notes/index 6. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX2Nf/dzjgjWX9erEAQifjA/7BlSA2KK7e4RlxfRAP3Sj7xT+CRlFcOJn NVVI6DNpfZNtD/TJ4M5JFMP/yzKb+/FoaGVUexqiUxQBcrYsViZdfwfQ6PSwQgd8 5GAtC0NINGYmr0y7m6sKbAwAofnmCoEjNPjpdfLG632Err4vXDT9pGx1RNIrfS0A qaOSuf2BjZkD9A6Azroupq/ePmRnDBW4ovWF4ES415Pa5T7N4rmoyZ3UnGrbubmm GisjzhBbFyjL2wM1gMtqKlf5Qdre0XQIio4YLEnK1DaS7qLS36L04UJP9rwtB/nn aCOKZE/4Ch0gYcNlwniH4MK4Aiy/z/OGQopuhJoKFADJ3Y5lnJwCWDMjMKwWSj1G DvKG4uSIa8l2oxGQURThwxY1Jr7sbQTy2QXCVoyZj9oOKoGel+qJaGVFVnwsOpB7 MB8nPAuINZ91RR7xSBLv/AyoLnXV3dI97kOyTwEhld6THIwAUWqk+V2y7M6Onlx9 Pf+whfe0ORHzeCj/UBZh2NqcuShUpjdE9aLyYyefa2VV4t+0L4XlIfnlNuL8Ja7j wzLJlo/u8XMktoXRrBpMWZaCzcqN1+BTuQUXNZeqfNtgFmCgJVxp6tHyHni7flQq P2M8FaCyQHyQ1ggSljgZ66AEdiwatYpqOxR4yUyrKmsXt9iPsX45TdA9zSKmF2Sb PyKX8lLP6w8=n+2X -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . The purpose of this text-only errata is to inform you about the security issues fixed in this release. Security Fix(es): netty (CVE-2016-4970 CVE-2020-7238 CVE-2019-20444 CVE-2019-20445) * dom4j (CVE-2018-1000632) * elasticsearch (CVE-2018-3831) * pdfbox (CVE-2018-11797) * vertx (CVE-2018-12541) * spring-data-jpa (CVE-2019-3797) * mina-core (CVE-2019-0231) * jackson-databind (CVE-2019-12086 CVE-2019-16335 CVE-2019-14540 CVE-2019-17267 CVE-2019-14892 CVE-2019-14893 CVE-2019-16942 CVE-2019-16943 CVE-2019-17531 CVE-2019-20330 CVE-2020-10673 CVE-2020-10672 CVE-2020-8840 CVE-2020-9546 CVE-2020-9547 CVE-2020-9548 CVE-2020-10968 CVE-2020-10969 CVE-2020-11111 CVE-2020-11112 CVE-2020-11113 CVE-2020-11620 CVE-2020-11619 CVE-2020-14195 CVE-2020-14060 CVE-2020-14061 CVE-2020-14062) * jackson-mapper-asl (CVE-2019-10172) * hawtio (CVE-2019-9827) * undertow (CVE-2019-9511 CVE-2020-1757 CVE-2019-14888 CVE-2020-1745) * santuario (CVE-2019-12400) * apache-commons-beanutils (CVE-2019-10086) * cxf (CVE-2019-17573) * apache-commons-configuration (CVE-2020-1953) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Installation instructions are available from the Fuse 7.7.0 product documentation page: https://access.redhat.com/documentation/en-us/red_hat_fuse/7.7/ 4. Bugs fixed (https://bugzilla.redhat.com/): 1343616 - CVE-2016-4970 netty: Infinite loop vulnerability when handling renegotiation using SslProvider.OpenSsl 1620529 - CVE-2018-1000632 dom4j: XML Injection in Class: Element. Methods: addElement, addAttribute which can impact the integrity of XML documents 1632452 - CVE-2018-3831 elasticsearch: Information exposure via _cluster/settings API 1637492 - CVE-2018-11797 pdfbox: unbounded computation in parser resulting in a denial of service 1638391 - CVE-2018-12541 vertx: WebSocket HTTP upgrade implementation holds the entire http request in memory before the handshake 1697598 - CVE-2019-3797 spring-data-jpa: Additional information exposure with Spring Data JPA derived queries 1700016 - CVE-2019-0231 mina-core: Retaining an open socket in close_notify SSL-TLS leading to Information disclosure. 1713468 - CVE-2019-12086 jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258 5. JIRA issues fixed (https://issues.jboss.org/): JBEAP-18366 - [GSS](7.2.z) Upgrade Hibernate ORM from 5.3.15 to 5.3.16 JBEAP-18667 - [GSS](7.2.z) Upgrade wildfly-http-client from 1.0.20.Final-redhat-00001 to 1.0.21.Final-redhat-00001 JBEAP-18849 - [GSS](7.2.z) Upgrade RESTEasy from 3.6.1.SP8 to 3.6.1.SP9 JBEAP-18880 - [GSS](7.2.z) Upgrade JSF based on Mojarra 2.3.5.SP3-redhat-00009 to 2.3.5.SP4-redhat-00001 JBEAP-18906 - [GSS](7.2.z) Upgrade weld from 3.0.6.Final-redhat-00003 to 3.0.7.Final-redhat-00001 JBEAP-18919 - [GSS](7.2.z) Upgrade HAL from 3.0.21.Final to 3.0.22.Final JBEAP-18965 - (7.2.z) Upgrade IronJacamar from 1.4.20.Final to 1.4.21.Final JBEAP-19040 - Tracker bug for the EAP 7.2.9 release for RHEL-8 JBEAP-19058 - [GSS] (7.2.z) Upgrade Undertow from 2.0.30.SP1-redhat-00001 to 2.0.30.SP2-redhat-00001 JBEAP-19120 - [GSS](7.2.z) Upgrade org.jboss.genericjms from 2.0.2.Final-redhat-00001 to 2.0.4.Final-redhat-00001 JBEAP-19163 - [GSS](7.2.z) Upgrade Infinispan from 9.3.8.Final-redhat-00001 to 9.3.9.Final-redhat-00001 JBEAP-19255 - (7.2.z) Upgrade jboss-logmanager from 2.1.14.Final to 2.1.15.Final JBEAP-19271 - (7.2.z) Upgrade WildFly Core from 6.0.27.Final-redhat-00001 to 6.0.28.Final-redhat-00001 JBEAP-19315 - [GSS](7.2.z) Upgrade XNIO from 3.7.6.SP2 to 3.7.6.SP3 JBEAP-19463 - (7.2.z) Upgrade wildfly-transaction-client from 1.1.10.Final-redhat-00001 to 1.1.11.Final-redhat-00001 JBEAP-19565 - (7.2.z) Upgrade jboss-ejb-client from 4.0.31.Final-redhat-00001 to 4.0.33.Final-redhat-00001 JBEAP-19587 - [GSS](7.2.z) Upgrade org.jboss.genericjms from 2.0.2.Final-redhat-00001 to 2.0.6.Final-redhat-00001 JBEAP-19620 - (7.2.z) Upgrade JBoss JSF API from 2.3.5.SP2-redhat-00003 to 2.3.5.SP2-redhat-00005 JBEAP-19624 - (7.2.z) Upgrade wildfly-naming-client from 1.0.12.Final-redhat-00001 to 1.0.13.Final-redhat-00001 JBEAP-19703 - [GSS](7.2.z) Upgrade JBoss Modules from 1.8.9 to 1.8.10 JBEAP-19704 - (7.2.z) Upgrade WildFly Core from 6.0.28.Final-redhat-00001 to 6.0.29.Final-redhat-00001 JBEAP-19798 - [GSS](7.2.z) Upgrade HAL from 3.0.22.Final to 3.0.23.Final JBEAP-19837 - (7.2.z) Upgrade WildFly Core from 6.0.29.Final-redhat-00001 to 6.0.30.Final-redhat-00001 JBEAP-19875 - [GSS](7.2.z) Upgrade wildfly-http-ejb-client from 1.0.21.Final to 1.0.22.Final 7. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 8
var-201611-0386	Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW.". Linux Implemented in the kernel memory subsystem copy-on-write The mechanism contains a vulnerability that causes a race condition. Race condition (CWE-362) - CVE-2016-5195 Linux The kernel memory subsystem copy-on-write Due to the implementation problem of the mechanism, A vulnerability exists that causes a race condition. Detailed information such as reproduction code Dirty COW Please refer to. Dirty COW https://dirtycow.ninja/ Attack activity using this vulnerability has been confirmed.Depending on who can log in, root You may get permission. Linux kernel is prone to a local privilege-escalation vulnerability. Local attackers may exploit this issue to gain elevated privileges. ========================================================================== Ubuntu Security Notice USN-3105-1 October 20, 2016 linux vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS Summary: The system could be made to run programs as an administrator. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS: linux-image-3.13.0-100-generic 3.13.0-100.147 linux-image-3.13.0-100-generic-lpae 3.13.0-100.147 linux-image-3.13.0-100-lowlatency 3.13.0-100.147 linux-image-3.13.0-100-powerpc-e500 3.13.0-100.147 linux-image-3.13.0-100-powerpc-e500mc 3.13.0-100.147 linux-image-3.13.0-100-powerpc-smp 3.13.0-100.147 linux-image-3.13.0-100-powerpc64-emb 3.13.0-100.147 linux-image-3.13.0-100-powerpc64-smp 3.13.0-100.147 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2016:2105-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-2105.html Issue date: 2016-10-25 CVE Names: CVE-2016-5195 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system. (CVE-2016-5195, Important) Red Hat would like to thank Phil Oester for reporting this issue. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1384344 - CVE-2016-5195 kernel: mm: privilege escalation via MAP_PRIVATE COW breakage 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: kernel-2.6.32-642.6.2.el6.src.rpm i386: kernel-2.6.32-642.6.2.el6.i686.rpm kernel-debug-2.6.32-642.6.2.el6.i686.rpm kernel-debug-debuginfo-2.6.32-642.6.2.el6.i686.rpm kernel-debug-devel-2.6.32-642.6.2.el6.i686.rpm kernel-debuginfo-2.6.32-642.6.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-642.6.2.el6.i686.rpm kernel-devel-2.6.32-642.6.2.el6.i686.rpm kernel-headers-2.6.32-642.6.2.el6.i686.rpm perf-2.6.32-642.6.2.el6.i686.rpm perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm python-perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-642.6.2.el6.noarch.rpm kernel-doc-2.6.32-642.6.2.el6.noarch.rpm kernel-firmware-2.6.32-642.6.2.el6.noarch.rpm x86_64: kernel-2.6.32-642.6.2.el6.x86_64.rpm kernel-debug-2.6.32-642.6.2.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-642.6.2.el6.i686.rpm kernel-debug-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm kernel-debug-devel-2.6.32-642.6.2.el6.i686.rpm kernel-debug-devel-2.6.32-642.6.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-642.6.2.el6.i686.rpm kernel-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-642.6.2.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-642.6.2.el6.x86_64.rpm kernel-devel-2.6.32-642.6.2.el6.x86_64.rpm kernel-headers-2.6.32-642.6.2.el6.x86_64.rpm perf-2.6.32-642.6.2.el6.x86_64.rpm perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm perf-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm python-perf-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: kernel-debug-debuginfo-2.6.32-642.6.2.el6.i686.rpm kernel-debuginfo-2.6.32-642.6.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-642.6.2.el6.i686.rpm perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm python-perf-2.6.32-642.6.2.el6.i686.rpm python-perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm x86_64: kernel-debug-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-642.6.2.el6.x86_64.rpm perf-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm python-perf-2.6.32-642.6.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: kernel-2.6.32-642.6.2.el6.src.rpm noarch: kernel-abi-whitelists-2.6.32-642.6.2.el6.noarch.rpm kernel-doc-2.6.32-642.6.2.el6.noarch.rpm kernel-firmware-2.6.32-642.6.2.el6.noarch.rpm x86_64: kernel-2.6.32-642.6.2.el6.x86_64.rpm kernel-debug-2.6.32-642.6.2.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-642.6.2.el6.i686.rpm kernel-debug-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm kernel-debug-devel-2.6.32-642.6.2.el6.i686.rpm kernel-debug-devel-2.6.32-642.6.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-642.6.2.el6.i686.rpm kernel-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-642.6.2.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-642.6.2.el6.x86_64.rpm kernel-devel-2.6.32-642.6.2.el6.x86_64.rpm kernel-headers-2.6.32-642.6.2.el6.x86_64.rpm perf-2.6.32-642.6.2.el6.x86_64.rpm perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm perf-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm python-perf-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: kernel-debug-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-642.6.2.el6.x86_64.rpm perf-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm python-perf-2.6.32-642.6.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: kernel-2.6.32-642.6.2.el6.src.rpm i386: kernel-2.6.32-642.6.2.el6.i686.rpm kernel-debug-2.6.32-642.6.2.el6.i686.rpm kernel-debug-debuginfo-2.6.32-642.6.2.el6.i686.rpm kernel-debug-devel-2.6.32-642.6.2.el6.i686.rpm kernel-debuginfo-2.6.32-642.6.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-642.6.2.el6.i686.rpm kernel-devel-2.6.32-642.6.2.el6.i686.rpm kernel-headers-2.6.32-642.6.2.el6.i686.rpm perf-2.6.32-642.6.2.el6.i686.rpm perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm python-perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-642.6.2.el6.noarch.rpm kernel-doc-2.6.32-642.6.2.el6.noarch.rpm kernel-firmware-2.6.32-642.6.2.el6.noarch.rpm ppc64: kernel-2.6.32-642.6.2.el6.ppc64.rpm kernel-bootwrapper-2.6.32-642.6.2.el6.ppc64.rpm kernel-debug-2.6.32-642.6.2.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-642.6.2.el6.ppc64.rpm kernel-debug-devel-2.6.32-642.6.2.el6.ppc64.rpm kernel-debuginfo-2.6.32-642.6.2.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-642.6.2.el6.ppc64.rpm kernel-devel-2.6.32-642.6.2.el6.ppc64.rpm kernel-headers-2.6.32-642.6.2.el6.ppc64.rpm perf-2.6.32-642.6.2.el6.ppc64.rpm perf-debuginfo-2.6.32-642.6.2.el6.ppc64.rpm python-perf-debuginfo-2.6.32-642.6.2.el6.ppc64.rpm s390x: kernel-2.6.32-642.6.2.el6.s390x.rpm kernel-debug-2.6.32-642.6.2.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-642.6.2.el6.s390x.rpm kernel-debug-devel-2.6.32-642.6.2.el6.s390x.rpm kernel-debuginfo-2.6.32-642.6.2.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-642.6.2.el6.s390x.rpm kernel-devel-2.6.32-642.6.2.el6.s390x.rpm kernel-headers-2.6.32-642.6.2.el6.s390x.rpm kernel-kdump-2.6.32-642.6.2.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-642.6.2.el6.s390x.rpm kernel-kdump-devel-2.6.32-642.6.2.el6.s390x.rpm perf-2.6.32-642.6.2.el6.s390x.rpm perf-debuginfo-2.6.32-642.6.2.el6.s390x.rpm python-perf-debuginfo-2.6.32-642.6.2.el6.s390x.rpm x86_64: kernel-2.6.32-642.6.2.el6.x86_64.rpm kernel-debug-2.6.32-642.6.2.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-642.6.2.el6.i686.rpm kernel-debug-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm kernel-debug-devel-2.6.32-642.6.2.el6.i686.rpm kernel-debug-devel-2.6.32-642.6.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-642.6.2.el6.i686.rpm kernel-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-642.6.2.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-642.6.2.el6.x86_64.rpm kernel-devel-2.6.32-642.6.2.el6.x86_64.rpm kernel-headers-2.6.32-642.6.2.el6.x86_64.rpm perf-2.6.32-642.6.2.el6.x86_64.rpm perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm perf-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm python-perf-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: kernel-debug-debuginfo-2.6.32-642.6.2.el6.i686.rpm kernel-debuginfo-2.6.32-642.6.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-642.6.2.el6.i686.rpm perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm python-perf-2.6.32-642.6.2.el6.i686.rpm python-perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm ppc64: kernel-debug-debuginfo-2.6.32-642.6.2.el6.ppc64.rpm kernel-debuginfo-2.6.32-642.6.2.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-642.6.2.el6.ppc64.rpm perf-debuginfo-2.6.32-642.6.2.el6.ppc64.rpm python-perf-2.6.32-642.6.2.el6.ppc64.rpm python-perf-debuginfo-2.6.32-642.6.2.el6.ppc64.rpm s390x: kernel-debug-debuginfo-2.6.32-642.6.2.el6.s390x.rpm kernel-debuginfo-2.6.32-642.6.2.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-642.6.2.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-642.6.2.el6.s390x.rpm perf-debuginfo-2.6.32-642.6.2.el6.s390x.rpm python-perf-2.6.32-642.6.2.el6.s390x.rpm python-perf-debuginfo-2.6.32-642.6.2.el6.s390x.rpm x86_64: kernel-debug-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-642.6.2.el6.x86_64.rpm perf-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm python-perf-2.6.32-642.6.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: kernel-2.6.32-642.6.2.el6.src.rpm i386: kernel-2.6.32-642.6.2.el6.i686.rpm kernel-debug-2.6.32-642.6.2.el6.i686.rpm kernel-debug-debuginfo-2.6.32-642.6.2.el6.i686.rpm kernel-debug-devel-2.6.32-642.6.2.el6.i686.rpm kernel-debuginfo-2.6.32-642.6.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-642.6.2.el6.i686.rpm kernel-devel-2.6.32-642.6.2.el6.i686.rpm kernel-headers-2.6.32-642.6.2.el6.i686.rpm perf-2.6.32-642.6.2.el6.i686.rpm perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm python-perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-642.6.2.el6.noarch.rpm kernel-doc-2.6.32-642.6.2.el6.noarch.rpm kernel-firmware-2.6.32-642.6.2.el6.noarch.rpm x86_64: kernel-2.6.32-642.6.2.el6.x86_64.rpm kernel-debug-2.6.32-642.6.2.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-642.6.2.el6.i686.rpm kernel-debug-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm kernel-debug-devel-2.6.32-642.6.2.el6.i686.rpm kernel-debug-devel-2.6.32-642.6.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-642.6.2.el6.i686.rpm kernel-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-642.6.2.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-642.6.2.el6.x86_64.rpm kernel-devel-2.6.32-642.6.2.el6.x86_64.rpm kernel-headers-2.6.32-642.6.2.el6.x86_64.rpm perf-2.6.32-642.6.2.el6.x86_64.rpm perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm perf-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm python-perf-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: kernel-debug-debuginfo-2.6.32-642.6.2.el6.i686.rpm kernel-debuginfo-2.6.32-642.6.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-642.6.2.el6.i686.rpm perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm python-perf-2.6.32-642.6.2.el6.i686.rpm python-perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm x86_64: kernel-debug-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-642.6.2.el6.x86_64.rpm perf-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm python-perf-2.6.32-642.6.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-5195 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/2706661 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD4DBQFYEJcBXlSAg2UNWIIRAiWLAKCCzQq/hlgGpFbZwm1VmGEtsf8qbwCYhOVp coEi7YBOAF6JIj/7g1jNNg== =enSu -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
var-201205-0406	WebKit in Apple iOS before 5.1.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. WebKit is prone to an unspecified memory-corruption vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into visiting a malicious webpage with a vulnerable application. Very few technical details are currently available. We will update this BID when more information emerges. iTunes is a free application for your Mac or PC. It lets you organize and play digital music and video on your computer. It can automatically download new music, app, and book purchases across all your devices and computers. And it’s a store that has everything you need to be entertained. Anywhere. a specially crafted .M3U file. Successful exploitation could allow execution of arbitrary code on the affected node.<br/><br/> --------------------------------------------------------------------------------<br/><br/><code> (940.fc0): Access violation - code c0000005 (!!! second chance !!!)<br/> eax=41414141 ebx=08508cd8 ecx=41414141 edx=052a6528 esi=052a64b0 edi=0559ef20<br/> eip=41414141 esp=0012d8e8 ebp=7c90ff2d iopl=0 nv up ei pl nz na pe nc<br/> cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000206<br/><unloaded_card.dll>+0x41414130:<br/> 41414141 ?? ???<br/><br/> ~~~<br/><br/> (6b0.a04): Access violation - code c0000005 (!!! second chance !!!)<br/> eax=41414141 ebx=00000000 ecx=00000014 edx=41414141 esi=41414141 edi=0187e10d<br/> eip=0187deec esp=0b0cfcd0 ebp=0b0cfcf0 iopl=0 nv up ei pl nz na pe nc<br/> cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000206<br/> Defaulted to export symbols for C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll -<br/> CoreFoundation!CFWriteStreamCreateWithAllocatedBuffers+0x40:<br/> 0187deec 8b00 mov eax,dword ptr [eax] ds:0023:41414141=????????<br/></unloaded_card.dll></code><br/> --------------------------------------------------------------------------------<br/><br/>Tested on: Microsoft Windows XP Professional SP3 EN (32bit)Microsoft Windows 7 Ultimate SP1 EN (64bit). WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. Vulnerabilities exist in WebKit versions prior to Apple iOS 5.1.1. ============================================================================ Ubuntu Security Notice USN-1524-1 August 08, 2012 webkit vulnerabilities ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 LTS Summary: Multiple security vulnerabilities were fixed in WebKit. Software Description: - webkit: Web content engine library for GTK+ Details: A large number of security issues were discovered in the WebKit browser and JavaScript engines. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 LTS: libjavascriptcoregtk-1.0-0 1.8.1-0ubuntu0.12.04.1 libjavascriptcoregtk-3.0-0 1.8.1-0ubuntu0.12.04.1 libwebkitgtk-1.0-0 1.8.1-0ubuntu0.12.04.1 libwebkitgtk-3.0-0 1.8.1-0ubuntu0.12.04.1 After a standard system update you need to restart your session to make all the necessary changes. References: http://www.ubuntu.com/usn/usn-1524-1 CVE-2011-3046, CVE-2011-3050, CVE-2011-3067, CVE-2011-3068, CVE-2011-3069, CVE-2011-3071, CVE-2011-3073, CVE-2011-3074, CVE-2011-3075, CVE-2011-3078, CVE-2012-0672, CVE-2012-3615, CVE-2012-3655, CVE-2012-3656, CVE-2012-3680, https://launchpad.net/bugs/1027283 Package Information: https://launchpad.net/ubuntu/+source/webkit/1.8.1-0ubuntu0.12.04.1 . ---------------------------------------------------------------------- Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch ---------------------------------------------------------------------- TITLE: Apple iTunes Two Vulnerabilities SECUNIA ADVISORY ID: SA49489 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49489/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49489 RELEASE DATE: 2012-06-12 DISCUSS ADVISORY: http://secunia.com/advisories/49489/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/49489/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=49489 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Apple has reported two vulnerabilities in Apple iTunes, which can be exploited by malicious people to compromise a user's system. 1) An error in the handling of .m3u playlists can be exploited to cause a heap-based buffer overflow via a specially crafted M3U (".m3u") file. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Gjoko Krstic, Zero Science Lab. ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT5318 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-05-07-1 iOS 5.1.1 Software Update iOS 5.1.1 Software Update is now available and addresses the following: Safari Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: A maliciously crafted website may be able to spoof the address in the location bar Description: A URL spoofing issue existed in Safari. This could be used in a malicious web site to direct the user to a spoofed site that visually appeared to be a legitimate domain. This issue is addressed through improved URL handling. This issue does not affect OS X systems. CVE-ID CVE-2012-0674 : David Vieira-Kurz of MajorSecurity (majorsecurity.net) WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: Multiple cross-site scripting issues existed in WebKit. CVE-ID CVE-2011-3046 : Sergey Glazunov working with Google's Pwnium contest CVE-2011-3056 : Sergey Glazunov WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in WebKit. CVE-ID CVE-2012-0672 : Adam Barth and Abhishek Arya of the Google Chrome Security Team Installation note: This update is only available through iTunes, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes will automatically check Apple's update server on its weekly schedule. When an update is detected, it will download it. When the iPhone, iPod touch or iPad is docked, iTunes will present the user with the option to install the update. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iPhone, iPod touch, or iPad. The automatic update process may take up to a week depending on the day that iTunes checks for updates. You may manually obtain the update via the Check for Updates button within iTunes. After doing this, the update can be applied when your iPhone, iPod touch, or iPad is docked to your computer. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "5.1.1". Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin) iQEcBAEBAgAGBQJPpBcyAAoJEGnF2JsdZQeexJYH/0aYO0MULFXYARidSV22JdjG a1+yXKn8Rv2vv+8yStgKK2mWu18hvYWQ+whtvCzs1OefiVsq1nOvdCL1G62ybcYv O9BiHEDsuu+On2nAPiglu+luokByKLlZcIaM1Qa3pXHkiI8jlH7y7XuuoFsVt1Vc 284JgvV/sHnvesne2GsNyoRBJjfkliqXCgb1zmQWO9xX7HEJCaMNlc5Bwdonm26q 3OEKr2UQxvmWCbnCroiQ5KmEM+gLJSfLLOymow9xa4gM8aM87BXGWNMEKVs8LRLm dHngmEmzEa/Fx9PnR7rqjTCAMS8hR7aFcCYNTWjfR+keRXx7OHhCm88MfndryS8= =qhqL -----END PGP SIGNATURE----- . CVE-ID CVE-2012-0672 : Adam Barth and Abhishek Arya of the Google Chrome Security Team WebKit Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.4, OS X Lion Server v10.7.4, Windows 7, Vista, XP SP2 or later Impact: A maliciously crafted website may be able to populate form inputs on another website with arbitrary values Description: A state tracking issue existed in WebKit's handling of forms. CVE-ID CVE-2012-0676 : Andreas Akre Solberg of UNINETT AS, Aaron Roots of Deakin University ITSD, Tyler Goen Note: In addition, this update disables Adobe Flash Player if it is older than 10.1.102.64 by moving its files to a new directory. This update presents the option to install an updated version of Flash Player from the Adobe website
var-200102-0029	Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a large ICMP echo (ping) packet. The Oracle LDAP Daemon (oidldapd version 2.1.1.1), which ships with Oracle version 8i for Linux version 8.1.7, does not check write permissions properly. This can allow a local user to delete or write to any file on the system. There is a buffer overflow in the IBM AIX setclock command that may allow local attackers to gain root privileges. Broadband Operating System is prone to a denial-of-service vulnerability. The vulnerability exists in Cisco 600 routers running CBOS 2.4.1 and earlier versions. -----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Security Alert Summary January 1, 2001 Volume 6 Number 2 The following computer security issues have been publicly reported and documented in the X-Force Vulnerability and Threat Database (http://xforce.iss.net). This document is available at http://xforce.iss.net/alerts/vol-06_num-02.php. To receive these Alert Summaries: - - Subscribe to the Alert mailing list from http://xforce.iss.net/maillists/index.php - - Or send an email to majordomo@iss.net, and within the body of the message type: - - 'subscribe alert' (without the quotes). _____ Contents 115 Reported Vulnerabilities Risk Factor Key _____ Date Reported: 12/31/00 Vulnerability: exmh-error-symlink Platforms Affected: exmh 2.2 and earlier Risk Factor: High Attack Type: Host Based Brief Description: exmh error message symlink X-Force URL: http://xforce.iss.net/static/5829.php _____ Date Reported: 12/30/00 Vulnerability: informix-webdriver-symlink Platforms Affected: Informix Webdriver Risk Factor: High Attack Type: Host Based Brief Description: Informix Webdriver symbolic link X-Force URL: http://xforce.iss.net/static/5827.php _____ Date Reported: 12/30/00 Vulnerability: informix-webdriver-admin-access Platforms Affected: Informix Webdriver Risk Factor: High Attack Type: Network Based Brief Description: Informix Webdriver remote Admin access X-Force URL: http://xforce.iss.net/static/5833.php _____ Date Reported: 12/29/00 Vulnerability: zonealarm-mutex-dos Platforms Affected: ZoneAlarm Pro Risk Factor: Medium Attack Type: Host Based Brief Description: ZoneAlarm and ZoneAlarm Pro Mutex creation denial of service X-Force URL: http://xforce.iss.net/static/5821.php _____ Date Reported: 12/29/00 Vulnerability: zonealarm-batfile-dos Platforms Affected: ZoneAlarm Pro Risk Factor: Medium Attack Type: Host Based Brief Description: ZoneAlarm and ZoneAlarm Pro can be taken down with a batch file X-Force URL: http://xforce.iss.net/static/5822.php _____ Date Reported: 12/29/00 Vulnerability: shockwave-flash-swf-bo Platforms Affected: Shockwave Plugin 8.0 and prior Risk Factor: High Attack Type: Network/Host Based Brief Description: Shockwave Flash SWF file buffer overflow X-Force URL: http://xforce.iss.net/static/5826.php _____ Date Reported: 12/29/00 Vulnerability: macos-multiple-users Platforms Affected: MacOS 9.0 Risk Factor: High Attack Type: Host Based Brief Description: Mac OS 'Multiple Users' bypass password X-Force URL: http://xforce.iss.net/static/5830.php _____ Date Reported: 12/28/00 Vulnerability: http-cgi-ikonboard Platforms Affected: Ikonboard 2.1.7b and prior Risk Factor: High Attack Type: Host Based Brief Description: Ikonboard allows remote attacker to execute commands X-Force URL: http://xforce.iss.net/static/5819.php _____ Date Reported: 12/27/00 Vulnerability: http-cgi-technote-main Platforms Affected: TECH-NOTE (000, 2001, Pro) Risk Factor: High Attack Type: Network Based Brief Description: TECH-NOTE main.cgi reveals files X-Force URL: http://xforce.iss.net/static/5813.php _____ Date Reported: 12/26/00 Vulnerability: xwindows-char-dos Platforms Affected: XFree86 Risk Factor: Low Attack Type: Network/Host Based Brief Description: X Windows multiple character denial of service X-Force URL: http://xforce.iss.net/static/5834.php _____ Date Reported: 12/25/00 Vulnerability: 1stup-mail-server-bo Platforms Affected: 1st Up Mail Server 4.1 Risk Factor: Medium Attack Type: Network Based Brief Description: 1st Up Mail Server buffer overflow X-Force URL: http://xforce.iss.net/static/5808.php _____ Date Reported: 12/25/00 Vulnerability: dialog-symlink Platforms Affected: Linux Debian 2.2 Risk Factor: High Attack Type: Host Based Brief Description: Linux dialog package symlink attack X-Force URL: http://xforce.iss.net/static/5809.php _____ Date Reported: 12/25/00 Vulnerability: ibm-wcs-admin Platforms Affected: IBM Websphere Commerce Suite Risk Factor: High Attack Type: Host Based Brief Description: IBM WCS admin.config allows user to execute arbitrary commands X-Force URL: http://xforce.iss.net/static/5831.php _____ Date Reported: 12/23/00 Vulnerability: http-cgi-technote-print Platforms Affected: TECH-NOTE (2000, 2001, Pro) Risk Factor: Medium Attack Type: Network Based Brief Description: TECH-NOTE print.cgi reveals files X-Force URL: http://xforce.iss.net/static/5815.php _____ Date Reported: 12/22/00 Vulnerability: iis-web-form-submit Platforms Affected: IIS (4.0, 5.0) Risk Factor: Medium Attack Type: Network/Host Based Brief Description: IIS Web form submission X-Force URL: http://xforce.iss.net/static/5823.php _____ Date Reported: 12/21/00 Vulnerability: hpux-kermit-bo Platforms Affected: HPUX (10.01, 10.10, 10.20, 11.00) Risk Factor: Medium Attack Type: Host Based Brief Description: HP-UX kermit buffer overflow X-Force URL: http://xforce.iss.net/static/5793.php _____ Date Reported: 12/21/00 Vulnerability: bsguest-cgi-execute-commands Platforms Affected: Linux Risk Factor: Medium Attack Type: Network Based Brief Description: bsguest.cgi allows remote execution of commands on server X-Force URL: http://xforce.iss.net/static/5796.php _____ Date Reported: 12/21/00 Vulnerability: bslist-cgi-execute-commands Platforms Affected: Linux Risk Factor: Medium Attack Type: Network Based Brief Description: bslist.cgi allows remote execution of commands on server X-Force URL: http://xforce.iss.net/static/5797.php _____ Date Reported: 12/21/00 Vulnerability: infinite-interchange-dos Platforms Affected: Infinite Interchange 3.61 Risk Factor: Medium Attack Type: Network/Host Based Brief Description: Infinite InterChange denial of service X-Force URL: http://xforce.iss.net/static/5798.php _____ Date Reported: 12/21/00 Vulnerability: oracle-execute-plsql Platforms Affected: Oracle Application Server Risk Factor: Medium Attack Type: Network Based Brief Description: Oracle remote procedure execution X-Force URL: http://xforce.iss.net/static/5817.php _____ Date Reported: 12/21/00 Vulnerability: ksh-redirection-symlink Platforms Affected: IRIX (6.2, 6.5.x) Solaris (2.5.1, 2.6, 7) HPUX 9.00 Digital Unix 5.0 Risk Factor: High Attack Type: Host Based Brief Description: ksh redirection symlink attack X-Force URL: http://xforce.iss.net/static/5811.php _____ Date Reported: 12/21/00 Vulnerability: oracle-webdb-admin-access Platforms Affected: Oracle Internet Application Server 3.0.7 Risk Factor: High Attack Type: Network/Host Based Brief Description: Oracle IAS allows administrative access X-Force URL: http://xforce.iss.net/static/5818.php _____ Date Reported: 12/21/00 Vulnerability: infinite-interchange-dos Platforms Affected: Infinite Interchange 3.61 Risk Factor: Web Scan Attack Type: Network/Host Based Brief Description: Infinite InterChange denial of service X-Force URL: http://xforce.iss.net/static/5798.php _____ Date Reported: 12/20/00 Vulnerability: gnupg-detached-sig-modify Platforms Affected: GnuPG (1.0, 1.0.1, 1.0.2, 1.0.3) Risk Factor: Medium Attack Type: Host Based Brief Description: GnuPG allows users to modify signed messages with detached signatures X-Force URL: http://xforce.iss.net/static/5802.php _____ Date Reported: 12/20/00 Vulnerability: gnupg-reveal-private Platforms Affected: GnuPG (1.0, 1.0.1, 1.0.2, 1.0.3) Risk Factor: Medium Attack Type: Host Based Brief Description: GnuPG will import private keys along with public keys X-Force URL: http://xforce.iss.net/static/5803.php _____ Date Reported: 12/20/00 Vulnerability: zonealarm-nmap-scans Platforms Affected: ZoneAlarm Risk Factor: High Attack Type: Network Based Brief Description: ZoneAlarm does not detect NMAP scans X-Force URL: http://xforce.iss.net/static/5799.php _____ Date Reported: 12/20/00 Vulnerability: zonealarm-open-shares Platforms Affected: ZoneAlarm Risk Factor: High Attack Type: Network Based Brief Description: ZoneAlarm open shares X-Force URL: http://xforce.iss.net/static/5825.php _____ Date Reported: 12/19/00 Vulnerability: win2k-index-service-activex Platforms Affected: Windows 2000 Risk Factor: Low Attack Type: Network/Host Based Brief Description: Windows 2000 Index Service ActiveX controls allow unauthorized access to file information X-Force URL: http://xforce.iss.net/static/5800.php _____ Date Reported: 12/19/00 Vulnerability: proftpd-size-memory-leak Platforms Affected: Proftpd Risk Factor: Low Attack Type: Network/Host Based Brief Description: proftpd memory leak when using SIZE command X-Force URL: http://xforce.iss.net/static/5801.php _____ Date Reported: 12/19/00 Vulnerability: weblogic-dot-bo Platforms Affected: WebLogic Risk Factor: Medium Attack Type: Network Based Brief Description: BEA WebLogic Server "dotdot" URL buffer overflow X-Force URL: http://xforce.iss.net/static/5782.php _____ Date Reported: 12/19/00 Vulnerability: mdaemon-imap-dos Platforms Affected: MDaemon Risk Factor: Medium Attack Type: Network/Host Based Brief Description: MDaemon IMAP buffer overflow denial of service X-Force URL: http://xforce.iss.net/static/5805.php _____ Date Reported: 12/19/00 Vulnerability: zope-calculate-roles Platforms Affected: Zp[e Risk Factor: High Attack Type: Host Based Brief Description: zope package in Linux calculates local roles incorrectly X-Force URL: http://xforce.iss.net/static/5777.php _____ Date Reported: 12/19/00 Vulnerability: itetris-svgalib-path Platforms Affected: svgalib Risk Factor: High Attack Type: Host Based Brief Description: Itetris svgalib PATH X-Force URL: http://xforce.iss.net/static/5795.php _____ Date Reported: 12/18/00 Vulnerability: bsd-ftpd-replydirname-bo Platforms Affected: BSD Based Operating Systems Risk Factor: High Attack Type: Network Based Brief Description: BSD ftpd replydirname() function buffer overflow X-Force URL: http://xforce.iss.net/static/5776.php _____ Date Reported: 12/18/00 Vulnerability: sonata-command-execute Platforms Affected: Sonata Risk Factor: High Attack Type: Host Based Brief Description: Sonata argument command line execution X-Force URL: http://xforce.iss.net/static/5787.php _____ Date Reported: 12/18/00 Vulnerability: solaris-catman-symlink Platforms Affected: Solaris Risk Factor: High Attack Type: Host Based Brief Description: Solaris catman command symlink attack X-Force URL: http://xforce.iss.net/static/5788.php _____ Date Reported: 12/18/00 Vulnerability: solaris-patchadd-symlink Platforms Affected: Solaris Risk Factor: High Attack Type: Host Based Brief Description: Solaris patchadd symlink attack X-Force URL: http://xforce.iss.net/static/5789.php _____ Date Reported: 12/18/00 Vulnerability: stunnel-format-logfile Platforms Affected: Stunnel Risk Factor: High Attack Type: Network Based Brief Description: Stunnel format allows user to write to logfile X-Force URL: http://xforce.iss.net/static/5807.php _____ Date Reported: 12/17/00 Vulnerability: hp-top-sys-files Platforms Affected: HPUX Risk Factor: Low Attack Type: Host Based Brief Description: HP-UX top command could be used to overwrite files X-Force URL: http://xforce.iss.net/static/5773.php _____ Date Reported: 12/16/00 Vulnerability: zope-legacy-names Platforms Affected: Zope Risk Factor: Medium Attack Type: Network Based Brief Description: Linux zope package "legacy" names X-Force URL: http://xforce.iss.net/static/5824.php _____ Date Reported: 12/15/00 Vulnerability: mrj-runtime-malicious-applets Platforms Affected: MRJ Risk Factor: Low Attack Type: Host Based Brief Description: MRJ runtime environment could allow malicious applets to be executed X-Force URL: http://xforce.iss.net/static/5784.php _____ Date Reported: 12/14/00 Vulnerability: coffeecup-ftp-weak-encryption Platforms Affected: CoffeeCup FTP Risk Factor: Low Attack Type: Host Based Brief Description: CoffeeCup FTP client has weak password encryption X-Force URL: http://xforce.iss.net/static/5744.php _____ Date Reported: 12/14/00 Vulnerability: watchguard-soho-fragmented-packets Platforms Affected: WatchGuard Risk Factor: Medium Attack Type: Network Based Brief Description: WatchGuard SOHO Firewall fragmented IP packet attack X-Force URL: http://xforce.iss.net/static/5749.php _____ Date Reported: 12/14/00 Vulnerability: jpilot-perms Platforms Affected: J-Pilot Risk Factor: Medium Attack Type: Host Based Brief Description: J-Pilot permissions could reveal sensitive information X-Force URL: http://xforce.iss.net/static/5762.php _____ Date Reported: 12/14/00 Vulnerability: mediaservices-dropped-connection-dos Platforms Affected: Microsoft Media Services Risk Factor: Medium Attack Type: Network/Host Based Brief Description: Microsoft Media Services dropped connection denial of service X-Force URL: http://xforce.iss.net/static/5785.php _____ Date Reported: 12/14/00 Vulnerability: watchguard-soho-web-auth Platforms Affected: WatchGuard Risk Factor: High Attack Type: Network Based Brief Description: WatchGuard SOHO Web config server could allow unauthenticated access X-Force URL: http://xforce.iss.net/static/5554.php _____ Date Reported: 12/14/00 Vulnerability: watchguard-soho-passcfg-reset Platforms Affected: WatchGuard Risk Factor: High Attack Type: Network Based Brief Description: WatchGuard SOHO administrator password can be remotely reset X-Force URL: http://xforce.iss.net/static/5742.php _____ Date Reported: 12/14/00 Vulnerability: http-cgi-simplestguest Platforms Affected: simplestguest.cgi Risk Factor: High Attack Type: Network Based Brief Description: simplestguest.cgi input validation error X-Force URL: http://xforce.iss.net/static/5743.php _____ Date Reported: 12/14/00 Vulnerability: safeword-palm-pin-extraction Platforms Affected: SafeWord e.iD Palm Authenticator Risk Factor: High Attack Type: Network/Host Based Brief Description: SafeWord and e.iD Palm Authenticator allows attacker to clone Palm device X-Force URL: http://xforce.iss.net/static/5753.php _____ Date Reported: 12/14/00 Vulnerability: mdaemon-lock-bypass-password Platforms Affected: MDaemon Risk Factor: High Attack Type: Host Based Brief Description: MDaemon "lock" bypass password X-Force URL: http://xforce.iss.net/static/5763.php _____ Date Reported: 12/13/00 Vulnerability: cisco-catalyst-ssh-mismatch Platforms Affected: Cisco Catalyst Risk Factor: Low Attack Type: Network Based Brief Description: Cisco Catalyst SSH protocol mismatch X-Force URL: http://xforce.iss.net/static/5760.php _____ Date Reported: 12/13/00 Vulnerability: microsoft-iis-file-disclosure Platforms Affected: IIS Risk Factor: Medium Attack Type: Network/Host Based Brief Description: Microsoft IIS Far East editions file disclosure X-Force URL: http://xforce.iss.net/static/5729.php _____ Date Reported: 12/13/00 Vulnerability: ezshopper-cgi-file-disclosure Platforms Affected: loadpage.cgi Risk Factor: Medium Attack Type: Network Based Brief Description: EZshopper loadpage.cgi file disclosure X-Force URL: http://xforce.iss.net/static/5740.php _____ Date Reported: 12/13/00 Vulnerability: winnt-mstask-dos Platforms Affected: Windows NT Risk Factor: Medium Attack Type: Network/Host Based Brief Description: Windows NT MSTask.exe denial of service X-Force URL: http://xforce.iss.net/static/5746.php _____ Date Reported: 12/13/00 Vulnerability: bftpd-site-chown-bo Platforms Affected: BFTPD Risk Factor: High Attack Type: Network Based Brief Description: BFTPD SITE CHOWN buffer overflow X-Force URL: http://xforce.iss.net/static/5775.php _____ Date Reported: 12/12/00 Vulnerability: aim-remote-bo Platforms Affected: AOL Instant Messenger Risk Factor: Medium Attack Type: Network Based Brief Description: AOL Instant Messenger buffer overflow X-Force URL: http://xforce.iss.net/static/5732.php _____ Date Reported: 12/12/00 Vulnerability: subscribemelite-gain-admin-access Platforms Affected: Subscribe Me Lite Risk Factor: Medium Attack Type: Network Based Brief Description: Subscribe Me Lite mailing list manager unauthorized access X-Force URL: http://xforce.iss.net/static/5735.php _____ Date Reported: 12/12/00 Vulnerability: zope-image-file Platforms Affected: Zope Risk Factor: Medium Attack Type: Host Based Brief Description: Linux zope package Image and File objects X-Force URL: http://xforce.iss.net/static/5778.php _____ Date Reported: 12/12/00 Vulnerability: http-cgi-everythingform Platforms Affected: everythingform.cgi Risk Factor: High Attack Type: Network Based Brief Description: everythingform.cgi input validation error X-Force URL: http://xforce.iss.net/static/5736.php _____ Date Reported: 12/12/00 Vulnerability: http-cgi-simplestmail Platforms Affected: simplestmail.cgi Risk Factor: High Attack Type: Network Based Brief Description: simplestmail.cgi input validation error X-Force URL: http://xforce.iss.net/static/5739.php _____ Date Reported: 12/12/00 Vulnerability: http-cgi-ad Platforms Affected: ad.cgi Risk Factor: High Attack Type: Network Based Brief Description: ad.cgi input validation error X-Force URL: http://xforce.iss.net/static/5741.php _____ Date Reported: 12/12/00 Vulnerability: kde-kmail-weak-encryption Platforms Affected: KDE KMail Risk Factor: High Attack Type: Network/Host Based Brief Description: KDE KMail weak password encryption X-Force URL: http://xforce.iss.net/static/5761.php _____ Date Reported: 12/12/00 Vulnerability: aolim-buddyicon-bo Platforms Affected: AOL Instant Messenger Risk Factor: High Attack Type: Network/Host Based Brief Description: AOL Instant Messenger Buddy Icon buffer overflow X-Force URL: http://xforce.iss.net/static/5786.php _____ Date Reported: 12/12/00 Vulnerability: aim-remote-bo Platforms Affected: AOL Instant Messenger Risk Factor: Medium Attack Type: Network Based Brief Description: AOL Instant Messenger buffer overflow X-Force URL: http://xforce.iss.net/static/5732.php _____ Date Reported: 12/11/00 Vulnerability: rppppoe-zero-length-dos Platforms Affected: rp-pppoe Risk Factor: Medium Attack Type: Network Based Brief Description: rp-pppoe "zero-length" option denial of service X-Force URL: http://xforce.iss.net/static/5727.php _____ Date Reported: 12/11/00 Vulnerability: proftpd-modsqlpw-unauth-access Platforms Affected: ProFTPd Risk Factor: Medium Attack Type: Network Based Brief Description: ProFTPD system using mod_sqlpw unauthorized access X-Force URL: http://xforce.iss.net/static/5737.php _____ Date Reported: 12/11/00 Vulnerability: gnu-ed-symlink Platforms Affected: GNU ed Risk Factor: High Attack Type: Host Based Brief Description: GNU ed symlink X-Force URL: http://xforce.iss.net/static/5723.php _____ Date Reported: 12/11/00 Vulnerability: oops-ftputils-bo Platforms Affected: Oops Proxy Server Risk Factor: High Attack Type: Network/Host Based Brief Description: Oops Proxy Server ftp_utils buffer overflow X-Force URL: http://xforce.iss.net/static/5725.php _____ Date Reported: 12/11/00 Vulnerability: oracle-oidldap-write-permission Platforms Affected: Oracle Internet Directory Risk Factor: High Attack Type: Host Based Brief Description: Oracle Internet Directory write permission X-Force URL: http://xforce.iss.net/static/5804.php _____ Date Reported: 12/9/00 Vulnerability: foolproof-security-bypass Platforms Affected: FoolProof Risk Factor: High Attack Type: Host Based Brief Description: FoolProof Security restriction bypass using FTP X-Force URL: http://xforce.iss.net/static/5758.php _____ Date Reported: 12/8/00 Vulnerability: broadvision-bv1to1-reveal-path Platforms Affected: BroadVision One-To-One Enterprise Server Risk Factor: Low Attack Type: Network Based Brief Description: BroadVision One-To-One Enterprise Server reveals path to server X-Force URL: http://xforce.iss.net/static/5661.php _____ Date Reported: 12/8/00 Vulnerability: ssldump-format-strings Platforms Affected: ssldump Risk Factor: Medium Attack Type: Network Based Brief Description: ssldump format string could allow arbitrary execution of code X-Force URL: http://xforce.iss.net/static/5717.php _____ Date Reported: 12/8/00 Vulnerability: coldfusion-sample-dos Platforms Affected: ColdFusion Risk Factor: Medium Attack Type: Network/Host Based Brief Description: ColdFusion sample script denial of service X-Force URL: http://xforce.iss.net/static/5755.php _____ Date Reported: 12/8/00 Vulnerability: kerberos4-arbitrary-proxy Platforms Affected: Kerberos 4 Risk Factor: High Attack Type: Network/Host Based Brief Description: KTH Kerberos 4 arbitrary proxy enviornment variable X-Force URL: http://xforce.iss.net/static/5733.php _____ Date Reported: 12/8/00 Vulnerability: kerberos4-auth-packet-overflow Platforms Affected: Kerberos 4 Risk Factor: High Attack Type: Network/Host Based Brief Description: KTH Kerberos 4 authentication packet buffer overflow X-Force URL: http://xforce.iss.net/static/5734.php _____ Date Reported: 12/8/00 Vulnerability: kerberos4-user-config Platforms Affected: Kerberos 4 Risk Factor: High Attack Type: Host Based Brief Description: KTH Kerberos 4 user supplied configuration files X-Force URL: http://xforce.iss.net/static/5738.php _____ Date Reported: 12/8/00 Vulnerability: kerberos4-tmpfile-dos Platforms Affected: Kerberos 4 Risk Factor: High Attack Type: Host Based Brief Description: KTH Kerberos 4 race condition X-Force URL: http://xforce.iss.net/static/5754.php _____ Date Reported: 12/7/00 Vulnerability: homeseer-directory-traversal Platforms Affected: HomeSeer Risk Factor: Low Attack Type: Network Based Brief Description: HomeSeer allows directory traversal X-Force URL: http://xforce.iss.net/static/5663.php _____ Date Reported: 12/7/00 Vulnerability: offline-explorer-reveal-files Platforms Affected: MetaProducts Offline Explorer Risk Factor: Low Attack Type: Network/Host Based Brief Description: MetaProducts Offline Explorer can reveal file system X-Force URL: http://xforce.iss.net/static/5728.php _____ Date Reported: 12/7/00 Vulnerability: imail-smtp-auth-dos Platforms Affected: IMail Risk Factor: Medium Attack Type: Network/Host Based Brief Description: IMail SMTP auth denial of service X-Force URL: http://xforce.iss.net/static/5674.php _____ Date Reported: 12/6/00 Vulnerability: apc-apcupsd-dos Platforms Affected: APC apcupsd Risk Factor: Medium Attack Type: Host Based Brief Description: APC apcupsd denial of service X-Force URL: http://xforce.iss.net/static/5654.php _____ Date Reported: 12/6/00 Vulnerability: cisco-catalyst-telnet-dos Platforms Affected: Cisco Catalyst Risk Factor: Medium Attack Type: Network/Host Based Brief Description: Cisco Catalyst telnet server memory leak denial of service X-Force URL: http://xforce.iss.net/static/5656.php _____ Date Reported: 12/6/00 Vulnerability: apache-php-disclose-files Platforms Affected: Apache Web server Risk Factor: Medium Attack Type: Network/Host Based Brief Description: Apache Web server discloses files when used with php script X-Force URL: http://xforce.iss.net/static/5659.php _____ Date Reported: 12/6/00 Vulnerability: ultraseek-reveal-path Platforms Affected: Ultraseek Risk Factor: Medium Attack Type: Network Based Brief Description: Ultraseek Server can reveal the path and source code to certain files X-Force URL: http://xforce.iss.net/static/5660.php _____ Date Reported: 12/6/00 Vulnerability: irc-dreamforge-dns-dos Platforms Affected: DreamForge IRCd Risk Factor: Medium Attack Type: Network Based Brief Description: DreamForge IRCd DNS denial of service X-Force URL: http://xforce.iss.net/static/5721.php _____ Date Reported: 12/6/00 Vulnerability: mailman-alternate-templates Platforms Affected: MailMan Risk Factor: High Attack Type: Network Based Brief Description: MailMan Alternate Templates form variable allows remote attacker to execute commands X-Force URL: http://xforce.iss.net/static/5649.php _____ Date Reported: 12/6/00 Vulnerability: phpgroupware-include-files Platforms Affected: Risk Factor: High Attack Type: Network Based Brief Description: phpGroupWare include files allows remote attacker to execute commands X-Force URL: http://xforce.iss.net/static/5650.php _____ Date Reported: 12/6/00 Vulnerability: markvision-printer-driver-bo Platforms Affected: Lexmark MarkVision Risk Factor: High Attack Type: Host Based Brief Description: Lexmark MarkVision printer drivers for Unix buffer overflows X-Force URL: http://xforce.iss.net/static/5651.php _____ Date Reported: 12/6/00 Vulnerability: nt-ras-reg-perms Platforms Affected: Windows NT Risk Factor: High Attack Type: Host Based Brief Description: Windows NT RAS registry permissions X-Force URL: http://xforce.iss.net/static/5671.php _____ Date Reported: 12/6/00 Vulnerability: nt-snmp-reg-perms Platforms Affected: Windows NT Risk Factor: High Attack Type: Network/Host Based Brief Description: Windows NT SNMP registry permissions X-Force URL: http://xforce.iss.net/static/5672.php _____ Date Reported: 12/6/00 Vulnerability: nt-mts-reg-perms Platforms Affected: Windows NT Risk Factor: High Attack Type: Network/Host Based Brief Description: Windows NT MTS registry permissions X-Force URL: http://xforce.iss.net/static/5673.php _____ Date Reported: 12/6/00 Vulnerability: irc-bitchx-dns-bo Platforms Affected: BitchX Risk Factor: High Attack Type: Network Based Brief Description: BitchX IRC DNS buffer overflow X-Force URL: http://xforce.iss.net/static/5701.php _____ Date Reported: 12/5/00 Vulnerability: ibm-db2-gain-access Platforms Affected: IBM DB2 Risk Factor: Medium Attack Type: Network/Host Based Brief Description: IBM DB2 Universal Database can give access through default username and password X-Force URL: http://xforce.iss.net/static/5662.php _____ Date Reported: 12/5/00 Vulnerability: ibm-db2-dos Platforms Affected: IBM DB2 Risk Factor: Medium Attack Type: Network/Host Based Brief Description: IBM DB2 Universal Database denial of service X-Force URL: http://xforce.iss.net/static/5664.php _____ Date Reported: 12/5/00 Vulnerability: vsu-source-routing Platforms Affected: VSU Risk Factor: Medium Attack Type: Network Based Brief Description: VPNet VSU gateways contain source routing X-Force URL: http://xforce.iss.net/static/5667.php _____ Date Reported: 12/5/00 Vulnerability: vsu-ip-bridging Platforms Affected: VSU Risk Factor: Medium Attack Type: Network Based Brief Description: VPNet VSU gateways contain bridging code X-Force URL: http://xforce.iss.net/static/5670.php _____ Date Reported: 12/5/00 Vulnerability: ftp-servu-homedir-travers Platforms Affected: Serv-U FTP Risk Factor: High Attack Type: Network/Host Based Brief Description: FTP Serv-U home directory traversal could allow access to FTProot X-Force URL: http://xforce.iss.net/static/5639.php _____ Date Reported: 12/4/00 Vulnerability: cisco-cbos-web-access Platforms Affected: CISCO CBOS Risk Factor: Medium Attack Type: Network Based Brief Description: Cisco CBOS Web access enabled denial of service X-Force URL: http://xforce.iss.net/static/5626.php _____ Date Reported: 12/4/00 Vulnerability: watchguard-soho-get-dos Platforms Affected: WatchGuard SOHO Risk Factor: Medium Attack Type: Network Based Brief Description: WatchGuard SOHO Firewall multiple GET requests denial of service X-Force URL: http://xforce.iss.net/static/5665.php _____ Date Reported: 12/4/00 Vulnerability: phone-book-service-bo Platforms Affected: Windows 2000 Windows NT Risk Factor: High Attack Type: Network Based Brief Description: Windows NT and 2000 Phone Book service buffer overflow X-Force URL: http://xforce.iss.net/static/5623.php _____ Date Reported: 12/4/00 Vulnerability: cisco-cbos-syn-packets Platforms Affected: CISCO CBOS Risk Factor: High Attack Type: Network Based Brief Description: Cisco CBOS SYN packets denial of service X-Force URL: http://xforce.iss.net/static/5627.php _____ Date Reported: 12/4/00 Vulnerability: cisco-cbos-invalid-login Platforms Affected: CISCO CBOS Risk Factor: High Attack Type: Network Based Brief Description: Cisco CBOS does not log invalid logins X-Force URL: http://xforce.iss.net/static/5628.php _____ Date Reported: 12/4/00 Vulnerability: cisco-cbos-icmp-echo Platforms Affected: CISCO CBOS Risk Factor: High Attack Type: Network Based Brief Description: Cisco CBOS large ICMP ECHO packet denial of service X-Force URL: http://xforce.iss.net/static/5629.php _____ Date Reported: 12/2/00 Vulnerability: phpweblog-bypass-authentication Platforms Affected: phpWebLog Risk Factor: High Attack Type: Host Based Brief Description: phpWebLog allows users to bypass authentication X-Force URL: http://xforce.iss.net/static/5625.php _____ Date Reported: 12/1/00 Vulnerability: linux-diskcheck-race-symlink Platforms Affected: Linux Risk Factor: Low Attack Type: Host Based Brief Description: Linux diskcheck race condition could allow a tmp file symbolic link attack X-Force URL: http://xforce.iss.net/static/5624.php _____ Date Reported: 12/1/00 Vulnerability: ie-form-file-upload Platforms Affected: Microsoft Internet Explorer Risk Factor: Medium Attack Type: Network/Host Based Brief Description: Internet Explorer file upload form X-Force URL: http://xforce.iss.net/static/5615.php _____ Date Reported: 12/1/00 Vulnerability: mssql-xp-paraminfo-bo Platforms Affected: Risk Factor: Medium Attack Type: Host Based Brief Description: Microsoft SQL XP srv_paraminfo() buffer overflow X-Force URL: http://xforce.iss.net/static/5622.php _____ Date Reported: 12/1/00 Vulnerability: majordomo-auth-execute-commands Platforms Affected: Majordomo Risk Factor: High Attack Type: Network Based Brief Description: Majordomo allows administrative access without password X-Force URL: http://xforce.iss.net/static/5611.php _____ Date Reported: 12/1/00 Vulnerability: ie-print-template Platforms Affected: Microsoft Internet Explorer Risk Factor: High Attack Type: Network/Host Based Brief Description: Internet Explorer print template X-Force URL: http://xforce.iss.net/static/5614.php _____ Date Reported: 12/1/00 Vulnerability: aix-piobe-bo Platforms Affected: AIX Risk Factor: High Attack Type: Host Based Brief Description: AIX piobe buffer overflow X-Force URL: http://xforce.iss.net/static/5616.php _____ Date Reported: 12/1/00 Vulnerability: aix-pioout-bo Platforms Affected: AIX Risk Factor: High Attack Type: Host Based Brief Description: AIX pioout buffer overflow X-Force URL: http://xforce.iss.net/static/5617.php _____ Date Reported: 12/1/00 Vulnerability: aix-setclock-bo Platforms Affected: AIX Risk Factor: High Attack Type: Host Based Brief Description: AIX setclock buffer overflow X-Force URL: http://xforce.iss.net/static/5618.php _____ Date Reported: 12/1/00 Vulnerability: aix-enq-bo Platforms Affected: AIX Risk Factor: High Attack Type: Host Based Brief Description: AIX enq buffer overflow X-Force URL: http://xforce.iss.net/static/5619.php _____ Date Reported: 12/1/00 Vulnerability: aix-digest-bo Platforms Affected: AIX Risk Factor: High Attack Type: Host Based Brief Description: AIX digest buffer overflow X-Force URL: http://xforce.iss.net/static/5620.php _____ Date Reported: 12/1/00 Vulnerability: aix-setsenv-bo Platforms Affected: AIX Risk Factor: High Attack Type: Host Based Brief Description: AIX setsenv buffer overflow X-Force URL: http://xforce.iss.net/static/5621.php Risk Factor Key: High Any vulnerability that provides an attacker with immediate access into a machine, gains superuser access, or bypasses a firewall. Example: A vulnerable Sendmail 8.6.5 version that allows an intruder to execute commands on mail server. Medium Any vulnerability that provides information that has a high potential of giving system access to an intruder. Example: A misconfigured TFTP or vulnerable NIS server that allows an intruder to get the password file that could contain an account with a guessable password. Low Any vulnerability that provides information that potentially could lead to a compromise. Example: A finger that allows an intruder to find out who is online and potential accounts to attempt to crack passwords via brute force methods. _____ Additional Information This document is available at http://xforce.iss.net/alerts/advisennn.php. To receive these Alerts and Advisories: - - Subscribe to the Alert mailing list from http://xforce.iss.net/maillists/index.php - - Or send an email to majordomo@iss.net, and within the body of the message type: 'subscribe alert' (without the quotes). About Internet Security Systems (ISS) Internet Security Systems, Inc. (ISS) (NASDAQ: ISSX) is the leading global provider of security management solutions for the Internet. By combining best of breed products, security management services, aggressive research and development, and comprehensive educational and consulting services, ISS is the trusted security advisor for thousands of organizations around the world looking to protect their mission critical information and networks. Copyright (c) 2001 by Internet Security Systems, Inc. Permission is hereby granted for the redistribution of this Alert electronically. It is not to be edited in any way without express consent of the X-Force. If you wish to reprint the whole or any part of this Alert in any other medium excluding electronic medium, please e-mail xforce@iss.net for permission. Disclaimer The information within this paper may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties with regard to this information. In no event shall the author be liable for any damages whatsoever arising out of or in connection with the use or spread of this information. Any use of this information is at the user's own risk. X-Force PGP Key available at: http://xforce.iss.net/sensitive.php as well as on MIT's PGP key server and PGP.com's key server. Please send suggestions, updates, and comments to: X-Force xforce@iss.net of Internet Security Systems, Inc. -----BEGIN PGP SIGNATURE----- Version: 2.6.3a Charset: noconv iQCVAwUBOmd8xjRfJiV99eG9AQHGkAQAgX36zVSxItnmE160WG5ws5c6tp0F0Sr0 LLmTWkj7iiYUNv2dKxsw0L4IxItVyilHBYDDrQtjpD76ABE1YhaU2qxlFCeNqMoL r21MXXYy0JZWfMCU+t7dk7VNtDzy/0EpbZIcBqziisvQJYgUin3viD54QK+gsYIw jbM10AXVSHw= =5U+8 -----END PGP SIGNATURE-----
var-201806-1505	System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel. Intel Core Systems with microprocessors contain information disclosure vulnerabilities.Information may be obtained. An attacker could exploit this vulnerability to obtain values about other processes stored in a number register. ========================================================================== Ubuntu Security Notice USN-3696-2 July 02, 2018 linux-lts-xenial, linux-aws vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS Summary: Several security issues were fixed in the Linux kernel. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that an integer overflow existed in the perf subsystem of the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-18255) Wei Fang discovered an integer overflow in the F2FS filesystem implementation in the Linux kernel. A local attacker could use this to cause a denial of service. (CVE-2017-18257) It was discovered that an information leak existed in the generic SCSI driver in the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2018-1000204) It was discovered that the wait4() system call in the Linux kernel did not properly validate its arguments in some situations. A local attacker could possibly use this to cause a denial of service. (CVE-2018-10087) It was discovered that the kill() system call implementation in the Linux kernel did not properly validate its arguments in some situations. A local attacker could possibly use this to cause a denial of service. (CVE-2018-10124) Julian Stecklina and Thomas Prescher discovered that FPU register states (such as MMX, SSE, and AVX registers) which are lazily restored are potentially vulnerable to a side channel attack. A local attacker could use this to expose sensitive information. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-5814) It was discovered that an information leak vulnerability existed in the floppy driver in the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2018-7755) Seunghun Han discovered an information leak in the ACPI handling code in the Linux kernel when handling early termination of ACPI table loading. A local attacker could use this to expose sensitive informal (kernel address locations). (CVE-2017-13695) It was discovered that a memory leak existed in the Serial Attached SCSI (SAS) implementation in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (memory exhaustion). (CVE-2018-10021) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS: linux-image-4.4.0-1024-aws 4.4.0-1024.25 linux-image-4.4.0-130-generic 4.4.0-130.156~14.04.1 linux-image-4.4.0-130-generic-lpae 4.4.0-130.156~14.04.1 linux-image-4.4.0-130-lowlatency 4.4.0-130.156~14.04.1 linux-image-4.4.0-130-powerpc-e500mc 4.4.0-130.156~14.04.1 linux-image-4.4.0-130-powerpc-smp 4.4.0-130.156~14.04.1 linux-image-4.4.0-130-powerpc64-emb 4.4.0-130.156~14.04.1 linux-image-4.4.0-130-powerpc64-smp 4.4.0-130.156~14.04.1 linux-image-aws 4.4.0.1024.24 linux-image-generic-lpae-lts-xenial 4.4.0.130.110 linux-image-generic-lts-xenial 4.4.0.130.110 linux-image-lowlatency-lts-xenial 4.4.0.130.110 linux-image-powerpc-e500mc-lts-xenial 4.4.0.130.110 linux-image-powerpc-smp-lts-xenial 4.4.0.130.110 linux-image-powerpc64-emb-lts-xenial 4.4.0.130.110 linux-image-powerpc64-smp-lts-xenial 4.4.0.130.110 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-18:07.lazyfpu Security Advisory The FreeBSD Project Topic: Lazy FPU State Restore Information Disclosure Category: core Module: kernel Announced: 2018-06-21 Credits: Julian Stecklina from Amazon Germany Thomas Prescher from Cyberus Technology GmbH Zdenek Sojka from SYSGO AG Colin Percival Affects: All supported version of FreeBSD. Corrected: 2018-06-14 18:50:49 UTC (stable/11, 11.2-PRERELEASE) 2018-06-15 13:21:37 UTC (releng/11.2, 11.2-RC3) 2018-06-21 05:17:13 UTC (releng/11.1, 11.1-RELEASE-p11) CVE Name: CVE-2018-3665 Special Note: This advisory only addresses this issue for FreeBSD 11.x on i386 and amd64. We expect to update this advisory to include 10.x in the near future. For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit <URL:https://security.FreeBSD.org/>. Background Modern CPUs have a floating point unit (FPU) which needs to maintain state per thread. One technique is to only save and to only restore the FPU state for a thread when a thread attempts to utilize the FPU. II. III. Impact Any local thread can potentially read FPU state information from other threads running on the host. This could include cryptographic keys when the AES-NI CPU feature is present. IV. Workaround No workaround is available, but non-Intel branded CPUs are not believed to be vulnerable. V. This new technique is the recommended practice from Intel and in some cases can actually increase performance, depending on workload. Perform one of the following: 1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. Afterward, reboot the system. 2) To update your vulnerable system via a binary patch: Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install Afterward, reboot the system. 3) To update your vulnerable system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. [FreeBSD 11.1] # fetch https://security.FreeBSD.org/patches/SA-18:07/lazyfpu-11.patch # fetch https://security.FreeBSD.org/patches/SA-18:07/lazyfpu-11.patch.asc # gpg --verify lazyfpu-11.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in <URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the system. VI. Correction details The following list contains the correction revision numbers for each affected branch. Branch/path Revision - ------------------------------------------------------------------------- stable/11/ r335169 releng/11.2/ r335196 releng/11.1/ r335465 - ------------------------------------------------------------------------- To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: <URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN> VII. (CVE-2018-3665) Update instructions: The problem can be corrected by updating your livepatches to the following versions: \| Kernel \| Version \| flavors \| \|--------------------------+----------+--------------------------\| \| 4.4.0-124.148 \| 40.6 \| lowlatency, generic \| \| 4.4.0-124.148~14.04.1 \| 40.6 \| generic, lowlatency \| \| 4.4.0-127.153 \| 40.6 \| lowlatency, generic \| \| 4.4.0-127.153~14.04.1 \| 40.6 \| lowlatency, generic \| \| 4.4.0-128.154 \| 40.6 \| generic, lowlatency \| \| 4.4.0-128.154~14.04.1 \| 40.6 \| generic, lowlatency \| \| 4.15.0-20.21 \| 40.7 \| generic, lowlatency \| \| 4.15.0-22.24 \| 40.7 \| lowlatency, generic \| \| 4.15.0-23.25 \| 40.7 \| lowlatency, generic \| References: CVE-2018-1093, CVE-2018-1092, CVE-2018-7755, CVE-2018-3665 -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce . 7) - noarch, ppc64le 3. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2018:2164-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:2164 Issue date: 2018-07-10 CVE Names: CVE-2018-3639 CVE-2018-3665 CVE-2018-10675 CVE-2018-10872 ==================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639, x86 AMD) * kernel: Use-after-free vulnerability in mm/mempolicy.c:do_get_mempolicy function allows local denial of service or other unspecified impact (CVE-2018-10675) * Kernel: FPU state information leakage via lazy FPU restore (CVE-2018-3665) * kernel: error in exception handling leads to DoS (CVE-2018-8897 regression) (CVE-2018-10872) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Ken Johnson (Microsoft Security Response Center) and Jann Horn (Google Project Zero) for reporting CVE-2018-3639 and Julian Stecklina (Amazon.de), Thomas Prescher (cyberus-technology.de), and Zdenek Sojka (sysgo.com) for reporting CVE-2018-3665. Bug Fix(es): * Previously, microcode updates on 32 and 64-bit AMD and Intel architectures were not synchronized. As a consequence, it was not possible to apply the microcode updates. This fix adds the synchronization to the microcode updates so that processors of the stated architectures receive updates at the same time. As a result, microcode updates are now synchronized. (BZ#1574592) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1566890 - CVE-2018-3639 hw: cpu: speculative store bypass 1575065 - CVE-2018-10675 kernel: Use-after-free vulnerability in mm/mempolicy.c:do_get_mempolicy function allows local denial-of-service or other unspecified impact 1585011 - CVE-2018-3665 Kernel: FPU state information leakage via lazy FPU restore 1596094 - CVE-2018-10872 kernel: error in exception handling leads to DoS (CVE-2018-8897 regression) 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: kernel-2.6.32-754.2.1.el6.src.rpm i386: kernel-2.6.32-754.2.1.el6.i686.rpm kernel-debug-2.6.32-754.2.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.2.1.el6.i686.rpm kernel-debug-devel-2.6.32-754.2.1.el6.i686.rpm kernel-debuginfo-2.6.32-754.2.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.2.1.el6.i686.rpm kernel-devel-2.6.32-754.2.1.el6.i686.rpm kernel-headers-2.6.32-754.2.1.el6.i686.rpm perf-2.6.32-754.2.1.el6.i686.rpm perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm python-perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-754.2.1.el6.noarch.rpm kernel-doc-2.6.32-754.2.1.el6.noarch.rpm kernel-firmware-2.6.32-754.2.1.el6.noarch.rpm x86_64: kernel-2.6.32-754.2.1.el6.x86_64.rpm kernel-debug-2.6.32-754.2.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-754.2.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-754.2.1.el6.i686.rpm kernel-debug-devel-2.6.32-754.2.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.2.1.el6.i686.rpm kernel-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-754.2.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-754.2.1.el6.x86_64.rpm kernel-devel-2.6.32-754.2.1.el6.x86_64.rpm kernel-headers-2.6.32-754.2.1.el6.x86_64.rpm perf-2.6.32-754.2.1.el6.x86_64.rpm perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm python-perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: kernel-debug-debuginfo-2.6.32-754.2.1.el6.i686.rpm kernel-debuginfo-2.6.32-754.2.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.2.1.el6.i686.rpm perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm python-perf-2.6.32-754.2.1.el6.i686.rpm python-perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm x86_64: kernel-debug-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-754.2.1.el6.x86_64.rpm perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm python-perf-2.6.32-754.2.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: kernel-2.6.32-754.2.1.el6.src.rpm noarch: kernel-abi-whitelists-2.6.32-754.2.1.el6.noarch.rpm kernel-doc-2.6.32-754.2.1.el6.noarch.rpm kernel-firmware-2.6.32-754.2.1.el6.noarch.rpm x86_64: kernel-2.6.32-754.2.1.el6.x86_64.rpm kernel-debug-2.6.32-754.2.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-754.2.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-754.2.1.el6.i686.rpm kernel-debug-devel-2.6.32-754.2.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.2.1.el6.i686.rpm kernel-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-754.2.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-754.2.1.el6.x86_64.rpm kernel-devel-2.6.32-754.2.1.el6.x86_64.rpm kernel-headers-2.6.32-754.2.1.el6.x86_64.rpm perf-2.6.32-754.2.1.el6.x86_64.rpm perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm python-perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: kernel-debug-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-754.2.1.el6.x86_64.rpm perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm python-perf-2.6.32-754.2.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: kernel-2.6.32-754.2.1.el6.src.rpm i386: kernel-2.6.32-754.2.1.el6.i686.rpm kernel-debug-2.6.32-754.2.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.2.1.el6.i686.rpm kernel-debug-devel-2.6.32-754.2.1.el6.i686.rpm kernel-debuginfo-2.6.32-754.2.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.2.1.el6.i686.rpm kernel-devel-2.6.32-754.2.1.el6.i686.rpm kernel-headers-2.6.32-754.2.1.el6.i686.rpm perf-2.6.32-754.2.1.el6.i686.rpm perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm python-perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-754.2.1.el6.noarch.rpm kernel-doc-2.6.32-754.2.1.el6.noarch.rpm kernel-firmware-2.6.32-754.2.1.el6.noarch.rpm ppc64: kernel-2.6.32-754.2.1.el6.ppc64.rpm kernel-bootwrapper-2.6.32-754.2.1.el6.ppc64.rpm kernel-debug-2.6.32-754.2.1.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-754.2.1.el6.ppc64.rpm kernel-debug-devel-2.6.32-754.2.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-754.2.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-754.2.1.el6.ppc64.rpm kernel-devel-2.6.32-754.2.1.el6.ppc64.rpm kernel-headers-2.6.32-754.2.1.el6.ppc64.rpm perf-2.6.32-754.2.1.el6.ppc64.rpm perf-debuginfo-2.6.32-754.2.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-754.2.1.el6.ppc64.rpm s390x: kernel-2.6.32-754.2.1.el6.s390x.rpm kernel-debug-2.6.32-754.2.1.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-754.2.1.el6.s390x.rpm kernel-debug-devel-2.6.32-754.2.1.el6.s390x.rpm kernel-debuginfo-2.6.32-754.2.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-754.2.1.el6.s390x.rpm kernel-devel-2.6.32-754.2.1.el6.s390x.rpm kernel-headers-2.6.32-754.2.1.el6.s390x.rpm kernel-kdump-2.6.32-754.2.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-754.2.1.el6.s390x.rpm kernel-kdump-devel-2.6.32-754.2.1.el6.s390x.rpm perf-2.6.32-754.2.1.el6.s390x.rpm perf-debuginfo-2.6.32-754.2.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-754.2.1.el6.s390x.rpm x86_64: kernel-2.6.32-754.2.1.el6.x86_64.rpm kernel-debug-2.6.32-754.2.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-754.2.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-754.2.1.el6.i686.rpm kernel-debug-devel-2.6.32-754.2.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.2.1.el6.i686.rpm kernel-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-754.2.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-754.2.1.el6.x86_64.rpm kernel-devel-2.6.32-754.2.1.el6.x86_64.rpm kernel-headers-2.6.32-754.2.1.el6.x86_64.rpm perf-2.6.32-754.2.1.el6.x86_64.rpm perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm python-perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: kernel-debug-debuginfo-2.6.32-754.2.1.el6.i686.rpm kernel-debuginfo-2.6.32-754.2.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.2.1.el6.i686.rpm perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm python-perf-2.6.32-754.2.1.el6.i686.rpm python-perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm ppc64: kernel-debug-debuginfo-2.6.32-754.2.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-754.2.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-754.2.1.el6.ppc64.rpm perf-debuginfo-2.6.32-754.2.1.el6.ppc64.rpm python-perf-2.6.32-754.2.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-754.2.1.el6.ppc64.rpm s390x: kernel-debug-debuginfo-2.6.32-754.2.1.el6.s390x.rpm kernel-debuginfo-2.6.32-754.2.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-754.2.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-754.2.1.el6.s390x.rpm perf-debuginfo-2.6.32-754.2.1.el6.s390x.rpm python-perf-2.6.32-754.2.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-754.2.1.el6.s390x.rpm x86_64: kernel-debug-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-754.2.1.el6.x86_64.rpm perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm python-perf-2.6.32-754.2.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: kernel-2.6.32-754.2.1.el6.src.rpm i386: kernel-2.6.32-754.2.1.el6.i686.rpm kernel-debug-2.6.32-754.2.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.2.1.el6.i686.rpm kernel-debug-devel-2.6.32-754.2.1.el6.i686.rpm kernel-debuginfo-2.6.32-754.2.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.2.1.el6.i686.rpm kernel-devel-2.6.32-754.2.1.el6.i686.rpm kernel-headers-2.6.32-754.2.1.el6.i686.rpm perf-2.6.32-754.2.1.el6.i686.rpm perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm python-perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-754.2.1.el6.noarch.rpm kernel-doc-2.6.32-754.2.1.el6.noarch.rpm kernel-firmware-2.6.32-754.2.1.el6.noarch.rpm x86_64: kernel-2.6.32-754.2.1.el6.x86_64.rpm kernel-debug-2.6.32-754.2.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-754.2.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-754.2.1.el6.i686.rpm kernel-debug-devel-2.6.32-754.2.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.2.1.el6.i686.rpm kernel-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-754.2.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-754.2.1.el6.x86_64.rpm kernel-devel-2.6.32-754.2.1.el6.x86_64.rpm kernel-headers-2.6.32-754.2.1.el6.x86_64.rpm perf-2.6.32-754.2.1.el6.x86_64.rpm perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm python-perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: kernel-debug-debuginfo-2.6.32-754.2.1.el6.i686.rpm kernel-debuginfo-2.6.32-754.2.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.2.1.el6.i686.rpm perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm python-perf-2.6.32-754.2.1.el6.i686.rpm python-perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm x86_64: kernel-debug-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-754.2.1.el6.x86_64.rpm perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm python-perf-2.6.32-754.2.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-3639 https://access.redhat.com/security/cve/CVE-2018-3665 https://access.redhat.com/security/cve/CVE-2018-10675 https://access.redhat.com/security/cve/CVE-2018-10872 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBW0TykdzjgjWX9erEAQj7nQ/8DBiN11jNNGxND1Io2xuiZ+/RqzFz4IXv VMTrhukotRz5vbQWziRcHl0DVUttBBbwzdoNUu4RH4rxHv0J0GTLYusgyWlyDJP8 D229CT7o6lK4RjPryXFsu/4YsIzu8Vz35KB8SpW6gUkXibANrCWDEHEqc9+6mQ6g VFe0wAu1Tw3PKre0zK+XL/uxkvjk8ZeDINe8WVUDloBOnxFMnZZjEcZsIO9JfjBr krlU1QTQcPeKsrv6gofNXBOeQn0JZS1BVDy0JiNoOihJqPPBLA5RkyZzWouy6FDt xVTN7BEuILTUszfcygXA17OdNUzJm/L6a4rFXno4+eN5u5Ucx46/abXhWhRzcwvV +7IuGNs83aTZufXNbWDtiGFkIyKE5NyX7U7SOoxz42AxesSxJ6SKJFD4iBu/0YrU h9BvuHkkVNu+NsYT6rajqwz5ytkEbCJAX7xvNnu7Wi18tWKEWklqAFYSqVnpopO2 8xSW2+OTSkAQ9uiGAz9aTLLca2Zi/I8kjAcNyv4tASUcvodNzUE/OuERC5hvOZ6X 6j/POh7W7xA3cAg216EEj4X12BIwArqt8hjZ6hO5cd7ZfnWof7BVEjLnqtyJjhzi Xap6Pf/NG4/iSO1kEFLo3Uw9sQVoPRU4Hg1KXJJy+XboBQ3/K9ctCU5qvTRApmmM OjBeir/Q654=I9wq -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-7-23-1 Additional information for APPLE-SA-2018-7-9-4 macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, and Security Update 2018-004 El Capitan address the following: AMD Available for: macOS High Sierra 10.13.5 Impact: A malicious application may be able to determine kernel memory layout Description: An information disclosure issue was addressed by removing the vulnerable code. CVE-2018-4289: shrek_wzw of Qihoo 360 Nirvan Team APFS Available for: macOS High Sierra 10.13.5 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4268: Mac working with Trend Micro's Zero Day Initiative ATS Available for: macOS High Sierra 10.13.5 Impact: A malicious application may be able to gain root privileges Description: A type confusion issue was addressed with improved memory handling. CVE-2018-4285: Mohamed Ghannam (@_simo36) Bluetooth Available for: MacBook Pro (15-inch, 2018), and MacBook Pro (13-inch, 2018, Four Thunderbolt 3 Ports) Other Mac models were addressed with macOS High Sierra 10.13.5. Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic Description: An input validation issue existed in Bluetooth. This issue was addressed with improved input validation. CVE-2018-5383: Lior Neumann and Eli Biham Entry added July 23, 2018 CFNetwork Available for: macOS High Sierra 10.13.5 Impact: Cookies may unexpectedly persist in Safari Description: A cookie management issue was addressed with improved checks. CVE-2018-4293: an anonymous researcher CoreCrypto Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6 Impact: A malicious application may be able to break out of its sandbox Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4269: Abraham Masri (@cheesecakeufo) DesktopServices Available for: macOS Sierra 10.12.6 Impact: A local user may be able to view sensitive user information Description: A permissions issue existed in which execute permission was incorrectly granted. This issue was addressed with improved permission validation. CVE-2018-4178: Arjen Hendrikse IOGraphics Available for: macOS High Sierra 10.13.5 Impact: A local user may be able to read kernel memory Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. An information disclosure issue was addressed with FP/SIMD register state sanitization. CVE-2018-3665: Julian Stecklina of Amazon Germany, Thomas Prescher of Cyberus Technology GmbH (cyberus-technology.de), Zdenek Sojka of SYSGO AG (sysgo.com), and Colin Percival libxpc Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.5 Impact: An application may be able to gain elevated privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4280: Brandon Azad libxpc Available for: macOS High Sierra 10.13.5 Impact: A malicious application may be able to read restricted memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2018-4248: Brandon Azad LinkPresentation Available for: macOS High Sierra 10.13.5 Impact: Visiting a malicious website may lead to address bar spoofing Description: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. CVE-2018-4277: xisigr of Tencent's Xuanwu Lab (tencent.com) Additional recognition Help Viewer We would like to acknowledge Wojciech ReguAa (@_r3ggi) of SecuRing for their assistance. Help Viewer We would like to acknowledge Wojciech ReguAa (@_r3ggi) of SecuRing for their assistance. Help Viewer We would like to acknowledge Wojciech ReguAa (@_r3ggi) of SecuRing for their assistance. Help Viewer We would like to acknowledge Wojciech ReguAa (@_r3ggi) of SecuRing for their assistance. Kernel We would like to acknowledge juwei lin (@panicaII) of Trend Micro working with Trend Micro's Zero Day Initiative for their assistance. Security We would like to acknowledge Brad Dahlsten of Iowa State University for their assistance. Installation note: macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, and Security Update 2018-004 El Capitan may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEfcwwPWJ3e0Ig26mf8ecVjteJiCYFAltUscgACgkQ8ecVjteJ iCYeUhAApT+4xU8iuXThUb/3bH207ZNLf8NC6eCtaPLP55Dn27hdNZYoQfGZYmY5 jKsGNXAiel02GWQLpsTeNZaWM+Tzeuus41iSFrvBFtoS4SobMYw9ymV1emxBSlY6 ZDV3L47IJOMHeF9HwE260BgIMFJDF9jMGkm22VhLE3U7uQOdIjHgOAmr/reoof4Z 84yNvBVK5/7DYlY4QxHL6bvsQG47FNs2P0WzpkrtLQwPXyz6y7I3VH4wc7G3J5dE 9YanAw/f9d31GH5lrIJLJt+pFtOsqOonHfzgf+mn7THNBIXsr7HHTiycw+6rRBlj m9X2jL3VF25WNyU1Ir13z1Vt//Yksva8JluBFCUAMxFWi9FJhgF64Rscdmuj756u ItMETXK15GSxc8X6Stoge3iMVfajS6nozVX99Pxf1I0XCBQNVNynQLkTL/ZzwJ7X miBAMXywxgzZmSDo4LSs3Xs3dRk7eIPTQ7iY08wX2c5uJYfXs1deFIRaJPxsA0X3 BH2SAL1kpesU0Qk1YZGnPLtja8c4jzvWKx31EI2v0uASiwBMdswu4FL78/dq19AB sqeW4xjmvCK2Yp9IEBp1oo0oTlfBrrl6dbnrwVFC0yBaJBAdCzlsO/oEm0VP5AKO CqPNW3N1JAQIg0hplXq+2gLMXA7SNzxRLh0rTDRQ19mow47fDmk= =Fo0i -----END PGP SIGNATURE----- . (CVE-2017-12154) Fan Wu, Haoran Qiu, and Shixiong Zhao discovered that the associative array implementation in the Linux kernel sometimes did not properly handle adding a new entry
var-201912-0643	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * Arbitrary code execution * Insufficient access restrictions * information leak * Service operation interruption (DoS) * Information falsification * Privilege escalation * Sandbox avoidance. Apple Safari is a web browser that is the default browser included with the Mac OS X and iOS operating systems. Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. WebKit is one of the web browser engine components. The following products and versions are affected: Apple iOS prior to 12.4; Windows-based iTunes prior to 12.9.6; tvOS prior to 12.4; Safari prior to 12.1.2; macOS Mojave prior to 10.14.6. ========================================================================== Ubuntu Security Notice USN-4130-1 September 11, 2019 webkit2gtk vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 19.04 - Ubuntu 18.04 LTS Summary: Several security issues were fixed in WebKitGTK+. Software Description: - webkit2gtk: Web content engine library for GTK+ Details: A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04: libjavascriptcoregtk-4.0-18 2.24.4-0ubuntu0.19.04.1 libwebkit2gtk-4.0-37 2.24.4-0ubuntu0.19.04.1 Ubuntu 18.04 LTS: libjavascriptcoregtk-4.0-18 2.24.4-0ubuntu0.18.04.1 libwebkit2gtk-4.0-37 2.24.4-0ubuntu0.18.04.1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK+, such as Epiphany, to make all the necessary changes. References: https://usn.ubuntu.com/4130-1 CVE-2019-8644, CVE-2019-8649, CVE-2019-8658, CVE-2019-8666, CVE-2019-8669, CVE-2019-8673, CVE-2019-8676, CVE-2019-8678, CVE-2019-8680, CVE-2019-8681, CVE-2019-8683, CVE-2019-8684, CVE-2019-8687, CVE-2019-8688, CVE-2019-8689, CVE-2019-8690 Package Information: https://launchpad.net/ubuntu/+source/webkit2gtk/2.24.4-0ubuntu0.19.04.1 https://launchpad.net/ubuntu/+source/webkit2gtk/2.24.4-0ubuntu0.18.04.1 . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201909-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: WebkitGTK+: Multiple vulnerabilities Date: September 06, 2019 Bugs: #683234, #686216, #693122 ID: 201909-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in WebkitGTK+, the worst of which could result in the arbitrary execution of code. Background ========== WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-libs/webkit-gtk < 2.24.4 >= 2.24.4 Description =========== Multiple vulnerabilities have been discovered in WebkitGTK+. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All WebkitGTK+ users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.24.4" References ========== [ 1 ] CVE-2019-11070 https://nvd.nist.gov/vuln/detail/CVE-2019-11070 [ 2 ] CVE-2019-6201 https://nvd.nist.gov/vuln/detail/CVE-2019-6201 [ 3 ] CVE-2019-6251 https://nvd.nist.gov/vuln/detail/CVE-2019-6251 [ 4 ] CVE-2019-7285 https://nvd.nist.gov/vuln/detail/CVE-2019-7285 [ 5 ] CVE-2019-7292 https://nvd.nist.gov/vuln/detail/CVE-2019-7292 [ 6 ] CVE-2019-8503 https://nvd.nist.gov/vuln/detail/CVE-2019-8503 [ 7 ] CVE-2019-8506 https://nvd.nist.gov/vuln/detail/CVE-2019-8506 [ 8 ] CVE-2019-8515 https://nvd.nist.gov/vuln/detail/CVE-2019-8515 [ 9 ] CVE-2019-8518 https://nvd.nist.gov/vuln/detail/CVE-2019-8518 [ 10 ] CVE-2019-8523 https://nvd.nist.gov/vuln/detail/CVE-2019-8523 [ 11 ] CVE-2019-8524 https://nvd.nist.gov/vuln/detail/CVE-2019-8524 [ 12 ] CVE-2019-8535 https://nvd.nist.gov/vuln/detail/CVE-2019-8535 [ 13 ] CVE-2019-8536 https://nvd.nist.gov/vuln/detail/CVE-2019-8536 [ 14 ] CVE-2019-8544 https://nvd.nist.gov/vuln/detail/CVE-2019-8544 [ 15 ] CVE-2019-8551 https://nvd.nist.gov/vuln/detail/CVE-2019-8551 [ 16 ] CVE-2019-8558 https://nvd.nist.gov/vuln/detail/CVE-2019-8558 [ 17 ] CVE-2019-8559 https://nvd.nist.gov/vuln/detail/CVE-2019-8559 [ 18 ] CVE-2019-8563 https://nvd.nist.gov/vuln/detail/CVE-2019-8563 [ 19 ] CVE-2019-8595 https://nvd.nist.gov/vuln/detail/CVE-2019-8595 [ 20 ] CVE-2019-8607 https://nvd.nist.gov/vuln/detail/CVE-2019-8607 [ 21 ] CVE-2019-8615 https://nvd.nist.gov/vuln/detail/CVE-2019-8615 [ 22 ] CVE-2019-8644 https://nvd.nist.gov/vuln/detail/CVE-2019-8644 [ 23 ] CVE-2019-8644 https://nvd.nist.gov/vuln/detail/CVE-2019-8644 [ 24 ] CVE-2019-8649 https://nvd.nist.gov/vuln/detail/CVE-2019-8649 [ 25 ] CVE-2019-8649 https://nvd.nist.gov/vuln/detail/CVE-2019-8649 [ 26 ] CVE-2019-8658 https://nvd.nist.gov/vuln/detail/CVE-2019-8658 [ 27 ] CVE-2019-8658 https://nvd.nist.gov/vuln/detail/CVE-2019-8658 [ 28 ] CVE-2019-8666 https://nvd.nist.gov/vuln/detail/CVE-2019-8666 [ 29 ] CVE-2019-8666 https://nvd.nist.gov/vuln/detail/CVE-2019-8666 [ 30 ] CVE-2019-8669 https://nvd.nist.gov/vuln/detail/CVE-2019-8669 [ 31 ] CVE-2019-8669 https://nvd.nist.gov/vuln/detail/CVE-2019-8669 [ 32 ] CVE-2019-8671 https://nvd.nist.gov/vuln/detail/CVE-2019-8671 [ 33 ] CVE-2019-8671 https://nvd.nist.gov/vuln/detail/CVE-2019-8671 [ 34 ] CVE-2019-8672 https://nvd.nist.gov/vuln/detail/CVE-2019-8672 [ 35 ] CVE-2019-8672 https://nvd.nist.gov/vuln/detail/CVE-2019-8672 [ 36 ] CVE-2019-8673 https://nvd.nist.gov/vuln/detail/CVE-2019-8673 [ 37 ] CVE-2019-8673 https://nvd.nist.gov/vuln/detail/CVE-2019-8673 [ 38 ] CVE-2019-8676 https://nvd.nist.gov/vuln/detail/CVE-2019-8676 [ 39 ] CVE-2019-8676 https://nvd.nist.gov/vuln/detail/CVE-2019-8676 [ 40 ] CVE-2019-8677 https://nvd.nist.gov/vuln/detail/CVE-2019-8677 [ 41 ] CVE-2019-8677 https://nvd.nist.gov/vuln/detail/CVE-2019-8677 [ 42 ] CVE-2019-8678 https://nvd.nist.gov/vuln/detail/CVE-2019-8678 [ 43 ] CVE-2019-8678 https://nvd.nist.gov/vuln/detail/CVE-2019-8678 [ 44 ] CVE-2019-8679 https://nvd.nist.gov/vuln/detail/CVE-2019-8679 [ 45 ] CVE-2019-8679 https://nvd.nist.gov/vuln/detail/CVE-2019-8679 [ 46 ] CVE-2019-8680 https://nvd.nist.gov/vuln/detail/CVE-2019-8680 [ 47 ] CVE-2019-8680 https://nvd.nist.gov/vuln/detail/CVE-2019-8680 [ 48 ] CVE-2019-8681 https://nvd.nist.gov/vuln/detail/CVE-2019-8681 [ 49 ] CVE-2019-8681 https://nvd.nist.gov/vuln/detail/CVE-2019-8681 [ 50 ] CVE-2019-8683 https://nvd.nist.gov/vuln/detail/CVE-2019-8683 [ 51 ] CVE-2019-8683 https://nvd.nist.gov/vuln/detail/CVE-2019-8683 [ 52 ] CVE-2019-8684 https://nvd.nist.gov/vuln/detail/CVE-2019-8684 [ 53 ] CVE-2019-8684 https://nvd.nist.gov/vuln/detail/CVE-2019-8684 [ 54 ] CVE-2019-8686 https://nvd.nist.gov/vuln/detail/CVE-2019-8686 [ 55 ] CVE-2019-8686 https://nvd.nist.gov/vuln/detail/CVE-2019-8686 [ 56 ] CVE-2019-8687 https://nvd.nist.gov/vuln/detail/CVE-2019-8687 [ 57 ] CVE-2019-8687 https://nvd.nist.gov/vuln/detail/CVE-2019-8687 [ 58 ] CVE-2019-8688 https://nvd.nist.gov/vuln/detail/CVE-2019-8688 [ 59 ] CVE-2019-8688 https://nvd.nist.gov/vuln/detail/CVE-2019-8688 [ 60 ] CVE-2019-8689 https://nvd.nist.gov/vuln/detail/CVE-2019-8689 [ 61 ] CVE-2019-8689 https://nvd.nist.gov/vuln/detail/CVE-2019-8689 [ 62 ] CVE-2019-8690 https://nvd.nist.gov/vuln/detail/CVE-2019-8690 [ 63 ] CVE-2019-8690 https://nvd.nist.gov/vuln/detail/CVE-2019-8690 [ 64 ] WSA-2019-0002 https://webkitgtk.org/security/WSA-2019-0002.html [ 65 ] WSA-2019-0004 https://webkitgtk.org/security/WSA-2019-0004.html Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201909-05 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2019 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4515-1 security@debian.org https://www.debian.org/security/ Alberto Garcia September 04, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : webkit2gtk CVE ID : CVE-2019-8644 CVE-2019-8649 CVE-2019-8658 CVE-2019-8666 CVE-2019-8669 CVE-2019-8671 CVE-2019-8672 CVE-2019-8673 CVE-2019-8676 CVE-2019-8677 CVE-2019-8678 CVE-2019-8679 CVE-2019-8680 CVE-2019-8681 CVE-2019-8683 CVE-2019-8684 CVE-2019-8686 CVE-2019-8687 CVE-2019-8688 CVE-2019-8689 CVE-2019-8690 Several vulnerabilities have been discovered in the webkit2gtk web engine: CVE-2019-8644 G. For the stable distribution (buster), these problems have been fixed in version 2.24.4-1~deb10u1. We recommend that you upgrade your webkit2gtk packages. ------------------------------------------------------------------------ WebKitGTK and WPE WebKit Security Advisory WSA-2019-0004 ------------------------------------------------------------------------ Date reported : August 29, 2019 Advisory ID : WSA-2019-0004 WebKitGTK Advisory URL : https://webkitgtk.org/security/WSA-2019-0004.html WPE WebKit Advisory URL : https://wpewebkit.org/security/WSA-2019-0004.html CVE identifiers : CVE-2019-8644, CVE-2019-8649, CVE-2019-8658, CVE-2019-8666, CVE-2019-8669, CVE-2019-8671, CVE-2019-8672, CVE-2019-8673, CVE-2019-8676, CVE-2019-8677, CVE-2019-8678, CVE-2019-8679, CVE-2019-8680, CVE-2019-8681, CVE-2019-8683, CVE-2019-8684, CVE-2019-8686, CVE-2019-8687, CVE-2019-8688, CVE-2019-8689, CVE-2019-8690. Several vulnerabilities were discovered in WebKitGTK and WPE WebKit. CVE-2019-8644 Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before 2.24.3. Credit to G. Geshev working with Trend Micro's Zero Day Initiative. CVE-2019-8649 Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before 2.24.3. Credit to Sergei Glazunov of Google Project Zero. A logic issue existed in the handling of synchronous page loads. CVE-2019-8658 Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before 2.24.3. Credit to akayn working with Trend Micro's Zero Day Initiative. CVE-2019-8666 Versions affected: WebKitGTK and WPE WebKit before 2.24.3. Credit to Zongming Wang (王宗明) and Zhe Jin (金哲) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd. CVE-2019-8669 Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before 2.24.3. Credit to akayn working with Trend Micro's Zero Day Initiative. CVE-2019-8671 Versions affected: WebKitGTK and WPE WebKit before 2.24.2. Credit to Apple. CVE-2019-8672 Versions affected: WebKitGTK and WPE WebKit before 2.24.2. Credit to Samuel Groß of Google Project Zero. CVE-2019-8673 Versions affected: WebKitGTK and WPE WebKit before 2.24.3. Credit to Soyeon Park and Wen Xu of SSLab at Georgia Tech. CVE-2019-8676 Versions affected: WebKitGTK and WPE WebKit before 2.24.3. Credit to Soyeon Park and Wen Xu of SSLab at Georgia Tech. CVE-2019-8677 Versions affected: WebKitGTK and WPE WebKit before 2.24.2. Credit to Jihui Lu of Tencent KeenLab. CVE-2019-8678 Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before 2.24.3. Credit to an anonymous researcher, Anthony Lai (@darkfloyd1014) of Knownsec, Ken Wong (@wwkenwong) of VXRL, Jeonghoon Shin (@singi21a) of Theori, Johnny Yu (@straight_blast) of VX Browser Exploitation Group, Chris Chan (@dr4g0nfl4me) of VX Browser Exploitation Group, Phil Mok (@shadyhamsters) of VX Browser Exploitation Group, Alan Ho (@alan_h0) of Knownsec, Byron Wai of VX Browser Exploitation. CVE-2019-8679 Versions affected: WebKitGTK and WPE WebKit before 2.24.2. Credit to Jihui Lu of Tencent KeenLab. CVE-2019-8680 Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before 2.24.3. Credit to Jihui Lu of Tencent KeenLab. CVE-2019-8681 Versions affected: WebKitGTK and WPE WebKit before 2.24.3. Credit to G. Geshev working with Trend Micro Zero Day Initiative. CVE-2019-8683 Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before 2.24.3. Credit to lokihardt of Google Project Zero. CVE-2019-8684 Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before 2.24.3. Credit to lokihardt of Google Project Zero. CVE-2019-8686 Versions affected: WebKitGTK and WPE WebKit before 2.24.2. Credit to G. Geshev working with Trend Micro's Zero Day Initiative. CVE-2019-8687 Versions affected: WebKitGTK and WPE WebKit before 2.24.3. Credit to Apple. CVE-2019-8688 Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before 2.24.3. Credit to Insu Yun of SSLab at Georgia Tech. CVE-2019-8689 Versions affected: WebKitGTK and WPE WebKit before 2.24.3. Credit to lokihardt of Google Project Zero. CVE-2019-8690 Versions affected: WebKitGTK and WPE WebKit before 2.24.3. Credit to Sergei Glazunov of Google Project Zero. A logic issue existed in the handling of document loads. We recommend updating to the latest stable versions of WebKitGTK and WPE WebKit. It is the best way to ensure that you are running safe versions of WebKit. Please check our websites for information about the latest stable releases. Further information about WebKitGTK and WPE WebKit security advisories can be found at: https://webkitgtk.org/security.html or https://wpewebkit.org/security/. The WebKitGTK and WPE WebKit team, August 29, 2019 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2019-8-13-4 Additional information for APPLE-SA-2019-7-22-5 tvOS 12.4 tvOS 12.4 addresses the following: Bluetooth Available for: Apple TV 4K and Apple TV HD Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic (Key Negotiation of Bluetooth - KNOB) Description: An input validation issue existed in Bluetooth. CVE-2019-9506: Daniele Antonioli of SUTD, Singapore, Dr. Nils Ole Tippenhauer of CISPA, Germany, and Prof. Kasper Rasmussen of University of Oxford, England Entry added August 13, 2019 Core Data Available for: Apple TV 4K and Apple TV HD Impact: A remote attacker may be able to leak memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8646: Natalie Silvanovich of Google Project Zero Core Data Available for: Apple TV 4K and Apple TV HD Impact: A remote attacker may be able to cause arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2019-8647: Samuel Groß and Natalie Silvanovich of Google Project Zero Core Data Available for: Apple TV 4K and Apple TV HD Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2019-8660: Samuel Groß and Natalie Silvanovich of Google Project Zero FaceTime Available for: Apple TV 4K and Apple TV HD Impact: A remote attacker may be able to cause arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2019-8648: Tao Huang and Tielei Wang of Team Pangu Foundation Available for: Apple TV 4K and Apple TV HD Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8641: Samuel Groß and Natalie Silvanovich of Google Project Zero Heimdal Available for: Apple TV 4K and Apple TV HD Impact: An issue existed in Samba that may allow attackers to perform unauthorized actions by intercepting communications between services Description: This issue was addressed with improved checks to prevent unauthorized actions. CVE-2018-16860: Isaac Boukris and Andrew Bartlett of the Samba Team and Catalyst libxslt Available for: Apple TV 4K and Apple TV HD Impact: A remote attacker may be able to view sensitive information Description: A stack overflow was addressed with improved input validation. CVE-2019-13118: found by OSS-Fuzz Profiles Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to restrict access to websites Description: A validation issue existed in the entitlement verification. CVE-2019-8698: Luke Deshotels, Jordan Beichler, and William Enck of North Carolina State University; Costin Carabaș and Răzvan Deaconescu of University POLITEHNICA of Bucharest Quick Look Available for: Apple TV 4K and Apple TV HD Impact: An attacker may be able to trigger a use-after-free in an application deserializing an untrusted NSDictionary Description: This issue was addressed with improved checks. CVE-2019-8662: Natalie Silvanovich and Samuel Groß of Google Project Zero Siri Available for: Apple TV 4K and Apple TV HD Impact: A remote attacker may be able to leak memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8646: Natalie Silvanovich of Google Project Zero UIFoundation Available for: Apple TV 4K and Apple TV HD Impact: Parsing a maliciously crafted office document may lead to an unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8658: akayn working with Trend Micro's Zero Day Initiative WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2019-8644: G. Geshev working with Trend Micro's Zero Day Initiative CVE-2019-8687: Apple CVE-2019-8688: Insu Yun of SSLab at Georgia Tech CVE-2019-8689: lokihardt of Google Project Zero Additional recognition Game Center We would like to acknowledge Min (Spark) Zheng and Xiaolong Bai of Alibaba Inc. for their assistance. MobileInstallation We would like to acknowledge Dany Lisiansky (@DanyL931) for their assistance. Installation note: Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> System -> Software Update -> Update Software." To check the current version of software, select "Settings -> General -> About." Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAl1S688pHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3HyXxAA mG4VzHLTPDCtd3eXkDjN34xahbSiqapl+dcRPoJ4V8yTq2ZM7D+/6Ls4pRD/3oid 46YJfRDaH2J5kufrdYledP0fRXWZoi97tjfgewmP7qKJeftc/9y2qDqBPjnFzHxo 40BZaeVZjupKXyrPlT/Wy8kLZnBtufaEiwbrwkmR05hTuvP6MrQB9gC/YdQnVLTZ 8X7Rd9gIcTPl1cQ9lPvFRSxThsQMzQH69/amMYAhUfwuocn8GbVshVj8LNw7Ie2K pNUqt/UuB+DhQfUTHAlNezVcuWGUWVELkCuF6xv5oy6Z8bbyClOnYmZUmV+Nhqe+ gHmUUGMlhVuJme1mf20eapB+bHX8eXzxC99ScVymHym459V9N2NpGKDQmh3Pb1Cg OYMe7xyA7ckc8upqEl9WI+yyrRjlvuUUPXinmdldXnl0GFRfJfwbzsuoaQylIViE CKd8oOpzcG/dU8FiRYp5vzW9H/LMOTLK2Q1zX5dDhK2V6J/yYfqemnSOEvHhYD5g 08Wm7GaY2kpPqmJ1Vvbtzh9+5AVTNRxpP38xJJde1G8rSUgXs+MkxAh5n6cv+pr/ xpGVpPNsO1uKeRzXjbkTERxH2r8q548caRgKEn6OoOGWhXm6O4YDzopkM6tbe8p1 yIawhwh3AST6+peshxryiatYNsHunnvjpYc72UDiuBU= =KPlq -----END PGP SIGNATURE-----
var-200906-0605	drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to have an unspecified impact via crafted packets, a related issue to CVE-2009-4537. The Linux e1000e driver is prone to a security-bypass vulnerability. An attacker can exploit this issue to cause network traffic to be misinterpreted, which may allow the attacker to bypass intended security restrictions or launch further attacks. The Linux kernel is the kernel used by the open source operating system Linux released by the American Linux Foundation. The NFSv4 implementation is one of the distributed file system protocols. Although security support for 'etch' officially ended on Feburary 15th, 2010, this update was already in preparation before that date. Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, sensitive memory leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-2691 Steve Beattie and Kees Cook reported an information leak in the maps and smaps files available under /proc. Local users may be able to read this data for setuid processes while the ELF binary is being loaded. CVE-2009-2695 Eric Paris provided several fixes to increase the protection provided by the mmap_min_addr tunable against NULL pointer dereference vulnerabilities. CVE-2009-3080 Dave Jones reported an issue in the gdth SCSI driver. A missing check for negative offsets in an ioctl call could be exploited by local users to create a denial of service or potentially gain elevated privileges. CVE-2009-3726 Trond Myklebust reported an issue where a malicious NFS server could cause a denial of service condition on its clients by returning incorrect attributes during an open call. CVE-2009-3889 Joe Malicki discovered an issue in the megaraid_sas driver. Insufficient permissions on the sysfs dbg_lvl interface allow local users to modify the debug logging behavior. CVE-2009-4005 Roel Kluin discovered an issue in the hfc_usb driver, an ISDN driver for Colognechip HFC-S USB chip. CVE-2009-4020 Amerigo Wang discovered an issue in the HFS filesystem that would allow a denial of service by a local user who has sufficient privileges to mount a specially crafted filesystem. Avati discovered an issue in the fuse subsystem. If the system is sufficiently low on memory, a local user can cause the kernel to dereference an invalid pointer resulting in a denial of service (oops) and potentially an escalation of privileges. CVE-2009-4138 Jay Fenlason discovered an issue in the firewire stack that allows local users to cause a denial of service (oops or crash) by making a specially crafted ioctl call. CVE-2009-4308 Ted Ts'o discovered an issue in the ext4 filesystem that allows local users to cause a denial of service (NULL pointer dereference). CVE-2009-4536 & CVE-2009-4538 Fabian Yamaguchi reported issues in the e1000 and e1000e drivers for Intel gigabit network adapters which allow remote users to bypass packet filters using specially crafted Ethernet frames. This option is disabled by default. CVE-2010-0007 Florian Westphal reported a lack of capability checking in the ebtables netfilter subsystem. If the ebtables module is loaded, local users can add and modify ebtables rules. CVE-2010-0410 Sebastian Krahmer discovered an issue in the netlink connector subsystem that permits local users to allocate large amounts of system memory resulting in a denial of service (out of memory). CVE-2010-0415 Ramon de Carvalho Valle discovered an issue in the sys_move_pages interface, limited to amd64, ia64 and powerpc64 flavors in Debian. Local users can exploit this issue to cause a denial of service (system crash) or gain access to sensitive kernel memory. CVE-2010-0622 Jermome Marchand reported an issue in the futex subsystem that allows a local user to force an invalid futex state which results in a denial of service (oops). For the oldstable distribution (etch), this problem has been fixed in version 2.6.24-6~etchnhalf.9etch3. We recommend that you upgrade your linux-2.6.24 packages. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - ------------------------------- Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24-6~etchnhalf.9etch3.dsc Size/MD5 checksum: 5118 e05bb21e7655cbfa39aed8d4fd6842eb http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24-6~etchnhalf.9etch3.diff.gz Size/MD5 checksum: 4099250 127bad8d653046d37fc52115d4e3a332 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24.orig.tar.gz Size/MD5 checksum: 59630522 6b8751d1eb8e71498ba74bbd346343af Architecture independent packages: http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-doc-2.6.24_2.6.24-6~etchnhalf.9etch3_all.deb Size/MD5 checksum: 4263554 6c56ff077d17eba766af47544ce0f414 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-tree-2.6.24_2.6.24-6~etchnhalf.9etch3_all.deb Size/MD5 checksum: 83890 62cfd18ed176359831502e70d80b291a http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-source-2.6.24_2.6.24-6~etchnhalf.9etch3_all.deb Size/MD5 checksum: 46871628 328ad30d3c07f90c56d821f76e186b40 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-manual-2.6.24_2.6.24-6~etchnhalf.9etch3_all.deb Size/MD5 checksum: 1550090 1f114fdc3123f135017dbdcd0e4839c6 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-patch-debian-2.6.24_2.6.24-6~etchnhalf.9etch3_all.deb Size/MD5 checksum: 1009878 c7b7abff092940a400703b9168e46daa http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-support-2.6.24-etchnhalf.1_2.6.24-6~etchnhalf.9etch3_all.deb Size/MD5 checksum: 98248 a2a391008f8855d8358d5f18d9d76044 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-generic_2.6.24-6~etchnhalf.9etch3_alpha.deb Size/MD5 checksum: 329786 a212d2b3a94f8a04611c0f20d3d324b9 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-smp_2.6.24-6~etchnhalf.9etch3_alpha.deb Size/MD5 checksum: 27236282 b5bc553c4bf3a49843c45814fab72443 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch3_alpha.deb Size/MD5 checksum: 83428 f5f27b9de4905239e6315c77393f1f03 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-alpha_2.6.24-6~etchnhalf.9etch3_alpha.deb Size/MD5 checksum: 83454 5d152b5b6aa505982ebc7122a770b29b http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-generic_2.6.24-6~etchnhalf.9etch3_alpha.deb Size/MD5 checksum: 26641900 c799e7d48937975036b46edf032ecd87 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-legacy_2.6.24-6~etchnhalf.9etch3_alpha.deb Size/MD5 checksum: 26620162 eb1c3c27f1ac81959dc0f2ab497aee35 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch3_alpha.deb Size/MD5 checksum: 3455268 da2d2cc2b7c4253ac408c30fcfddb28f http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-legacy_2.6.24-6~etchnhalf.9etch3_alpha.deb Size/MD5 checksum: 329788 f589f8815f7adf02f8884e2dd3ac613f http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-smp_2.6.24-6~etchnhalf.9etch3_alpha.deb Size/MD5 checksum: 329336 14bf085655b30adc8ab8f6ed4207d415 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.9etch3_amd64.deb Size/MD5 checksum: 19482308 c49d2962c1a391fb00fb1b5f0598b24e http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch3_amd64.deb Size/MD5 checksum: 3656476 f2f5de65037664d03208fcea83bf2ee2 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch3_amd64.deb Size/MD5 checksum: 83422 600c7216143f43f9c61b0c2ccd118ea0 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-amd64_2.6.24-6~etchnhalf.9etch3_amd64.deb Size/MD5 checksum: 83434 36f1d8f21ec39a473536dbeda2332e62 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.9etch3_amd64.deb Size/MD5 checksum: 346940 d3f12fdd61f90749fdd08d857b326327 arm architecture (ARM) http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-footbridge_2.6.24-6~etchnhalf.9etch3_arm.deb Size/MD5 checksum: 9357734 3e1165a0795d7db5f7ed8ef84205064b http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-footbridge_2.6.24-6~etchnhalf.9etch3_arm.deb Size/MD5 checksum: 298744 50d8bfa3c06134e190409399a36c5aa9 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch3_arm.deb Size/MD5 checksum: 83546 1742ab93afadd1827009bf1d714e76eb http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-arm_2.6.24-6~etchnhalf.9etch3_arm.deb Size/MD5 checksum: 83578 07906e33f9ad267d986991c93eef1048 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-iop32x_2.6.24-6~etchnhalf.9etch3_arm.deb Size/MD5 checksum: 10778670 cc38a718ad5fd1c6e92d23e416610bd6 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-iop32x_2.6.24-6~etchnhalf.9etch3_arm.deb Size/MD5 checksum: 308138 34dbc7720b1844833f0b71aa307c37fa http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-ixp4xx_2.6.24-6~etchnhalf.9etch3_arm.deb Size/MD5 checksum: 310714 6a2c6fbbc1dd000b8a532227e3b8b5ae http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch3_arm.deb Size/MD5 checksum: 3939512 91c2ba626e754fe407d6dcf3fa01337a http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-ixp4xx_2.6.24-6~etchnhalf.9etch3_arm.deb Size/MD5 checksum: 10786892 4d44a4ff751969855a01ad754a7c2b22 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc64_2.6.24-6~etchnhalf.9etch3_hppa.deb Size/MD5 checksum: 14375048 fe6ed4dea09aa205d801476667ef03cb http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc-smp_2.6.24-6~etchnhalf.9etch3_hppa.deb Size/MD5 checksum: 13847788 4adc3106a987d84e12215156a379f460 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc64_2.6.24-6~etchnhalf.9etch3_hppa.deb Size/MD5 checksum: 259624 ac09dcabb624984b7321a5f6b6dbef54 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-hppa_2.6.24-6~etchnhalf.9etch3_hppa.deb Size/MD5 checksum: 83578 e152e18748e5c80b6d06715db836cf83 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc-smp_2.6.24-6~etchnhalf.9etch3_hppa.deb Size/MD5 checksum: 260838 44bc8ad5796c124b53d85a8c3a4ed912 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc64-smp_2.6.24-6~etchnhalf.9etch3_hppa.deb Size/MD5 checksum: 262420 ff0641f04c409dd606c34373e8e16269 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc64-smp_2.6.24-6~etchnhalf.9etch3_hppa.deb Size/MD5 checksum: 14830990 cce09e8022bee915dcde5dd8b9525428 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc_2.6.24-6~etchnhalf.9etch3_hppa.deb Size/MD5 checksum: 13333594 a4dc863b0c84b9006c723db9a581c92e http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch3_hppa.deb Size/MD5 checksum: 83546 990eb24056c7f6a63a4d55ec39563bae http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch3_hppa.deb Size/MD5 checksum: 3446386 6ebfa4544252648df48cfb085cc3d2cc http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc_2.6.24-6~etchnhalf.9etch3_hppa.deb Size/MD5 checksum: 258962 75184bed1f0b42cd8e002f93ed42198a i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch3_i386.deb Size/MD5 checksum: 3656680 c5499cb98cdcdcadc48e3aa5bdf1d379 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-486_2.6.24-6~etchnhalf.9etch3_i386.deb Size/MD5 checksum: 19214268 e3f564cae5a85355f4b5a9248a11af98 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-686_2.6.24-6~etchnhalf.9etch3_i386.deb Size/MD5 checksum: 19148424 dd1d713c896888370a1667a16571c08c http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.9etch3_i386.deb Size/MD5 checksum: 346982 6a6a08f74f9690705e6d770d1f3f2566 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-486_2.6.24-6~etchnhalf.9etch3_i386.deb Size/MD5 checksum: 359548 b10fe011746b0df5fbd2587292af34ae http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.9etch3_i386.deb Size/MD5 checksum: 19482314 5d9cc150e340aea40e253a757cfdc423 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-i386_2.6.24-6~etchnhalf.9etch3_i386.deb Size/MD5 checksum: 83452 32a1614212e964a4423b161b34cd758d http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-686-bigmem_2.6.24-6~etchnhalf.9etch3_i386.deb Size/MD5 checksum: 19213598 4f459c2d2cdb87a6f945cbee7d4500d4 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-686-bigmem_2.6.24-6~etchnhalf.9etch3_i386.deb Size/MD5 checksum: 358212 58ba32b0701643f043ab38a487cae609 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch3_i386.deb Size/MD5 checksum: 83424 c1e8493aff96df5b0fe33f5af4686f98 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-686_2.6.24-6~etchnhalf.9etch3_i386.deb Size/MD5 checksum: 358752 4e3e9ef18a14fd191444591df571f80c ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch3_ia64.deb Size/MD5 checksum: 3569470 9ae824064bfc785f4b3512db78119e46 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-mckinley_2.6.24-6~etchnhalf.9etch3_ia64.deb Size/MD5 checksum: 32206374 badd40dd68e2c6634c65f79d9536e34d http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch3_ia64.deb Size/MD5 checksum: 83432 64a48fa9283b1741e22f0a22dbb93b20 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-ia64_2.6.24-6~etchnhalf.9etch3_ia64.deb Size/MD5 checksum: 83456 235a5572d5e109a4b575080a8262dc57 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-mckinley_2.6.24-6~etchnhalf.9etch3_ia64.deb Size/MD5 checksum: 319938 d7dc0120458e93119879dcdd1e48017e http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-itanium_2.6.24-6~etchnhalf.9etch3_ia64.deb Size/MD5 checksum: 32025762 7595d7dc21d3273f46b35b8c00b0e195 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-itanium_2.6.24-6~etchnhalf.9etch3_ia64.deb Size/MD5 checksum: 320226 34731a37b519d726b133093e04d937c3 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.9etch3_mips.deb Size/MD5 checksum: 22243472 532341ea0847ea19414413f7659ff13d http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.9etch3_mips.deb Size/MD5 checksum: 248638 ce9da5c377d6328e9bb9be1c3945fff8 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-r5k-ip32_2.6.24-6~etchnhalf.9etch3_mips.deb Size/MD5 checksum: 12001172 817c44fd5afbeef1b9f172522ff21bcb http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-r4k-ip22_2.6.24-6~etchnhalf.9etch3_mips.deb Size/MD5 checksum: 10553972 20ddd95631b93efd52ae0aa38a5cd6d4 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-mips_2.6.24-6~etchnhalf.9etch3_mips.deb Size/MD5 checksum: 83600 a7b66d71779dea207a3d49cb9f692fdb http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.9etch3_mips.deb Size/MD5 checksum: 27858364 54998117445c20f413331d1197355745 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.9etch3_mips.deb Size/MD5 checksum: 17212542 bf6c996fd387eef151e0db60d1bd00f2 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.9etch3_mips.deb Size/MD5 checksum: 313302 314b57dc807eb91f617c10b1497e1617 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.9etch3_mips.deb Size/MD5 checksum: 314602 2c127076bf189be2836a4c3a4c7736af http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch3_mips.deb Size/MD5 checksum: 3804368 fbcb3bdd668db166ad3f08e6dbfbc6e0 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.9etch3_mips.deb Size/MD5 checksum: 17194888 9bce41a8b9936a16a3aa9cca675b9638 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch3_mips.deb Size/MD5 checksum: 83540 8acdb1b4a4bc57f55b9cc5b2b04043a4 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-r5k-ip32_2.6.24-6~etchnhalf.9etch3_mips.deb Size/MD5 checksum: 229412 0b93c7c909eca04fad4fa45e3e73e96c http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.9etch3_mips.deb Size/MD5 checksum: 248700 13266a2acd5fcbd75d11049dd5e5ad58 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-r4k-ip22_2.6.24-6~etchnhalf.9etch3_mips.deb Size/MD5 checksum: 218314 4174dec1c73ca114469cbb88fba32926 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.9etch3_mipsel.deb Size/MD5 checksum: 16567710 29d2ab68b4259a1822a2ca19e9494f5d http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.9etch3_mipsel.deb Size/MD5 checksum: 309868 d69b27ef946f2ac62b115e0200fe8002 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.9etch3_mipsel.deb Size/MD5 checksum: 26988356 f0d885b353b15dc42e4e76da8a8fb129 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.9etch3_mipsel.deb Size/MD5 checksum: 248150 7c585f74e0752a631050b13b9740c0c3 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-r5k-cobalt_2.6.24-6~etchnhalf.9etch3_mipsel.deb Size/MD5 checksum: 13318088 0b0a8b724245ac10817b03c4cf734827 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-mipsel_2.6.24-6~etchnhalf.9etch3_mipsel.deb Size/MD5 checksum: 83484 a678208f18017a9c87d45548916fd98e http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.9etch3_mipsel.deb Size/MD5 checksum: 311392 5b1f0957a2756b04be6c95ae8ca5e2c8 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.9etch3_mipsel.deb Size/MD5 checksum: 21736368 02da1a4e543b8c5082476b156281cb31 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-r5k-cobalt_2.6.24-6~etchnhalf.9etch3_mipsel.deb Size/MD5 checksum: 247968 929ca712a0aa0984f9dc2a6f68f405a5 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.9etch3_mipsel.deb Size/MD5 checksum: 16632240 c9de1dfccb8a5cb5d5d652ca694a7108 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch3_mipsel.deb Size/MD5 checksum: 3805532 be10a8b64da3adf7ece3846b0b0bf930 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch3_mipsel.deb Size/MD5 checksum: 83434 ac0cb9b5939e4ea82c3c83a1a1d473ed http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.9etch3_mipsel.deb Size/MD5 checksum: 248174 50e84058a7d710f013f92e1fe68a705c powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-powerpc-smp_2.6.24-6~etchnhalf.9etch3_powerpc.deb Size/MD5 checksum: 322474 2d7e39cf0b78d98125a0baba377f1af0 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-powerpc_2.6.24-6~etchnhalf.9etch3_powerpc.deb Size/MD5 checksum: 19195556 bb2bd8e203cee7b3c6739d5c5d11901a http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-powerpc64_2.6.24-6~etchnhalf.9etch3_powerpc.deb Size/MD5 checksum: 324008 3b021bb4b3dac72dc68e701f4a209939 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-powerpc-miboot_2.6.24-6~etchnhalf.9etch3_powerpc.deb Size/MD5 checksum: 295928 ca2bf1c3c12f409e469c516877a8e91c http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-powerpc64_2.6.24-6~etchnhalf.9etch3_powerpc.deb Size/MD5 checksum: 21170062 4022dbff73ebfde3a846ce38896cf09c http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-powerpc_2.6.24-6~etchnhalf.9etch3_powerpc.deb Size/MD5 checksum: 322502 4b76cce255e1fcc72cb82053cd34a1a2 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-powerpc-miboot_2.6.24-6~etchnhalf.9etch3_powerpc.deb Size/MD5 checksum: 17459240 ad749c6e735e58d775b7190ff3d26e50 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-powerpc_2.6.24-6~etchnhalf.9etch3_powerpc.deb Size/MD5 checksum: 83466 a041c0fdb383832cf725723ce22e40c0 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch3_powerpc.deb Size/MD5 checksum: 83430 392d415932625b1a69dc6494d2f737e0 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch3_powerpc.deb Size/MD5 checksum: 3674486 200fdcca2140a97f961a37d70db620d5 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-powerpc-smp_2.6.24-6~etchnhalf.9etch3_powerpc.deb Size/MD5 checksum: 19487244 b42ad8431643d89a1f8b0e6e0aaeb39e s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch3_s390.deb Size/MD5 checksum: 83532 a1c34683fe304f1a86bbc28f6cbc654c http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-s390_2.6.24-6~etchnhalf.9etch3_s390.deb Size/MD5 checksum: 83556 bf7fed1ef4da92d782409fe8345f861a http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-s390_2.6.24-6~etchnhalf.9etch3_s390.deb Size/MD5 checksum: 6976486 5b5db16fea4336068bbcd5bff56ad575 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-s390x_2.6.24-6~etchnhalf.9etch3_s390.deb Size/MD5 checksum: 7228452 75c044fa17d6071de36579a1491c2e1b http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch3_s390.deb Size/MD5 checksum: 3431908 18825f85900faca81b21e48d43af6ee7 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-s390x_2.6.24-6~etchnhalf.9etch3_s390.deb Size/MD5 checksum: 197006 0a44248e77ec1ff027edd032ebe5b2c6 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-s390-tape_2.6.24-6~etchnhalf.9etch3_s390.deb Size/MD5 checksum: 1503494 bd7f7b7bd4e120472bf60ad0b7d9184e http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-s390_2.6.24-6~etchnhalf.9etch3_s390.deb Size/MD5 checksum: 196810 f03114c2f256a97b15f88d2659f9501b sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch3_sparc.deb Size/MD5 checksum: 83428 1ea7179752fbb45e10e731991583db68 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sparc64_2.6.24-6~etchnhalf.9etch3_sparc.deb Size/MD5 checksum: 263546 ef894d6917cbe692ec9197048538d5e7 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch3_sparc.deb Size/MD5 checksum: 3651402 a0194c650712040f81e97d5b3b62bc79 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sparc64-smp_2.6.24-6~etchnhalf.9etch3_sparc.deb Size/MD5 checksum: 264892 0b642e20f00b52c20b6ae9e0ee1f78b8 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-sparc_2.6.24-6~etchnhalf.9etch3_sparc.deb Size/MD5 checksum: 83442 6d109d7f131dab564736e2ac6a85dd29 http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sparc64-smp_2.6.24-6~etchnhalf.9etch3_sparc.deb Size/MD5 checksum: 13318532 dbce062bfa560c331b75bed073868e1d http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sparc64_2.6.24-6~etchnhalf.9etch3_sparc.deb Size/MD5 checksum: 13019464 b0b153fafa43b650e996a9d84bbb26d7 These changes will probably be included in the oldstable distribution on its next update. =========================================================== Ubuntu Security Notice USN-894-1 February 05, 2010 linux, linux-source-2.6.15 vulnerabilities CVE-2009-4020, CVE-2009-4021, CVE-2009-4031, CVE-2009-4138, CVE-2009-4141, CVE-2009-4308, CVE-2009-4536, CVE-2009-4538, CVE-2010-0003, CVE-2010-0006, CVE-2010-0007, CVE-2010-0291 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 Ubuntu 9.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: linux-image-2.6.15-55-386 2.6.15-55.82 linux-image-2.6.15-55-686 2.6.15-55.82 linux-image-2.6.15-55-amd64-generic 2.6.15-55.82 linux-image-2.6.15-55-amd64-k8 2.6.15-55.82 linux-image-2.6.15-55-amd64-server 2.6.15-55.82 linux-image-2.6.15-55-amd64-xeon 2.6.15-55.82 linux-image-2.6.15-55-hppa32 2.6.15-55.82 linux-image-2.6.15-55-hppa32-smp 2.6.15-55.82 linux-image-2.6.15-55-hppa64 2.6.15-55.82 linux-image-2.6.15-55-hppa64-smp 2.6.15-55.82 linux-image-2.6.15-55-itanium 2.6.15-55.82 linux-image-2.6.15-55-itanium-smp 2.6.15-55.82 linux-image-2.6.15-55-k7 2.6.15-55.82 linux-image-2.6.15-55-mckinley 2.6.15-55.82 linux-image-2.6.15-55-mckinley-smp 2.6.15-55.82 linux-image-2.6.15-55-powerpc 2.6.15-55.82 linux-image-2.6.15-55-powerpc-smp 2.6.15-55.82 linux-image-2.6.15-55-powerpc64-smp 2.6.15-55.82 linux-image-2.6.15-55-server 2.6.15-55.82 linux-image-2.6.15-55-server-bigiron 2.6.15-55.82 linux-image-2.6.15-55-sparc64 2.6.15-55.82 linux-image-2.6.15-55-sparc64-smp 2.6.15-55.82 Ubuntu 8.04 LTS: linux-image-2.6.24-27-386 2.6.24-27.65 linux-image-2.6.24-27-generic 2.6.24-27.65 linux-image-2.6.24-27-hppa32 2.6.24-27.65 linux-image-2.6.24-27-hppa64 2.6.24-27.65 linux-image-2.6.24-27-itanium 2.6.24-27.65 linux-image-2.6.24-27-lpia 2.6.24-27.65 linux-image-2.6.24-27-lpiacompat 2.6.24-27.65 linux-image-2.6.24-27-mckinley 2.6.24-27.65 linux-image-2.6.24-27-openvz 2.6.24-27.65 linux-image-2.6.24-27-powerpc 2.6.24-27.65 linux-image-2.6.24-27-powerpc-smp 2.6.24-27.65 linux-image-2.6.24-27-powerpc64-smp 2.6.24-27.65 linux-image-2.6.24-27-rt 2.6.24-27.65 linux-image-2.6.24-27-server 2.6.24-27.65 linux-image-2.6.24-27-sparc64 2.6.24-27.65 linux-image-2.6.24-27-sparc64-smp 2.6.24-27.65 linux-image-2.6.24-27-virtual 2.6.24-27.65 linux-image-2.6.24-27-xen 2.6.24-27.65 Ubuntu 8.10: linux-image-2.6.27-17-generic 2.6.27-17.45 linux-image-2.6.27-17-server 2.6.27-17.45 linux-image-2.6.27-17-virtual 2.6.27-17.45 Ubuntu 9.04: linux-image-2.6.28-18-generic 2.6.28-18.59 linux-image-2.6.28-18-imx51 2.6.28-18.59 linux-image-2.6.28-18-iop32x 2.6.28-18.59 linux-image-2.6.28-18-ixp4xx 2.6.28-18.59 linux-image-2.6.28-18-lpia 2.6.28-18.59 linux-image-2.6.28-18-server 2.6.28-18.59 linux-image-2.6.28-18-versatile 2.6.28-18.59 linux-image-2.6.28-18-virtual 2.6.28-18.59 Ubuntu 9.10: kernel-image-2.6.31-108-imx51-di 2.6.31-108.21 linux-image-2.6.31-19-386 2.6.31-19.56 linux-image-2.6.31-19-generic 2.6.31-19.56 linux-image-2.6.31-19-generic-pae 2.6.31-19.56 linux-image-2.6.31-19-ia64 2.6.31-19.56 linux-image-2.6.31-19-lpia 2.6.31-19.56 linux-image-2.6.31-19-powerpc 2.6.31-19.56 linux-image-2.6.31-19-powerpc-smp 2.6.31-19.56 linux-image-2.6.31-19-powerpc64-smp 2.6.31-19.56 linux-image-2.6.31-19-server 2.6.31-19.56 linux-image-2.6.31-19-sparc64 2.6.31-19.56 linux-image-2.6.31-19-sparc64-smp 2.6.31-19.56 linux-image-2.6.31-19-virtual 2.6.31-19.56 linux-image-2.6.31-211-dove 2.6.31-211.22 linux-image-2.6.31-211-dove-z0 2.6.31-211.22 linux-image-2.6.31-304-ec2 2.6.31-304.10 After a standard system upgrade you need to reboot your computer to effect the necessary changes. ATTENTION: Due to an unavoidable ABI change (except for Ubuntu 6.06) the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-server, linux-powerpc), a standard system upgrade will automatically perform this as well. Details follow: Amerigo Wang and Eric Sesterhenn discovered that the HFS and ext4 filesystems did not correctly check certain disk structures. Ubuntu 9.10 was not affected. (CVE-2009-4021) It was discovered that KVM did not correctly decode certain guest instructions. A local attacker in a guest could exploit this to trigger high scheduling latency in the host, leading to a denial of service. Ubuntu 6.06 was not affected. Ubuntu 6.06 was not affected. (CVE-2009-4138) Tavis Ormandy discovered that the kernel did not correctly handle O_ASYNC on locked files. Only Ubuntu 9.04 and 9.10 were affected. (CVE-2009-4141) Neil Horman and Eugene Teo discovered that the e1000 and e1000e network drivers did not correctly check the size of Ethernet frames. (CVE-2009-4536, CVE-2009-4538) It was discovered that "print-fatal-signals" reporting could show arbitrary kernel memory contents. A local attacker could exploit this, leading to a loss of privacy. (CVE-2010-0003) Olli Jarva and Tuomo Untinen discovered that IPv6 did not correctly handle jumbo frames. Only Ubuntu 9.04 and 9.10 were affected. A local attacker could disrupt network traffic, leading to a denial of service. (CVE-2010-0291) Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15-55.82.diff.gz Size/MD5: 2928444 765d0254f54d27d447de8f0b39548848 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15-55.82.dsc Size/MD5: 2921 682576890de917043eccf6fc9398aed2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15.orig.tar.gz Size/MD5: 57403387 88ab0747cb8c2ceed662e0fd1b27d81d Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-doc-2.6.15_2.6.15-55.82_all.deb Size/MD5: 5170062 ef1a9c95890c4ba600a3e5523d49bb59 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-kernel-devel_2.6.15-55.82_all.deb Size/MD5: 96386 b184441d2f44037554d037d217688393 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15-55.82_all.deb Size/MD5: 44742098 b5215eb163e357a179dbf36169ae1fa2 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/acpi-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 22350 d8934981c2fdd09168a5e576cc1b809a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 44768 74be7582e8f82aeb48af59731ce128be http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 2312 d464c76f98a4142add7a69aca1305739 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 36294 a65060e99feff7e2ecef38be6d92fbc3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 102366 04d59c868ce03dc83b69116b022735b8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 38892 e80a653bb000e86f38da594d4bc1742d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fb-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 49160 a512718368004f81e83063ea8972c871 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/firewire-core-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 176612 81ab4c185b3af1dea1a082283c1ec9b4 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/floppy-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 36776 fcb0833daefa645545a2451824094b21 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 142346 3e6446140bfad0b19c512c69377d8026 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 51060 a11ceed7ccb1b96c2a8b2e7f840061b9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 140710 e1789bb9d7cdd542a862e8ef209de802 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/irda-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 287606 f3cc835959f215c209dc5a825596849c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/jfs-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 97828 05627ddbba40a6517ae7f8ca75f195c1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 1652102 c9eea2df3fdde2a5e7d2f4dff99e6772 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-amd64-generic_2.6.15-55.82_amd64.deb Size/MD5: 872314 6e8f80e117e13665c95fb75593853d49 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-amd64-k8_2.6.15-55.82_amd64.deb Size/MD5: 872448 1a70a906bccd7642241535f79feddb57 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-amd64-server_2.6.15-55.82_amd64.deb Size/MD5: 874570 0da9cd27666b58b5328e18dbc01c9b2e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-amd64-xeon_2.6.15-55.82_amd64.deb Size/MD5: 872194 375aad441654cdcd2338c5809e6319ad http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55_2.6.15-55.82_amd64.deb Size/MD5: 6926870 c5868857ae3e12da5ffd91ec60d75501 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-amd64-generic_2.6.15-55.82_amd64.deb Size/MD5: 20817720 06e066129d82d4fa8e41a2a058dcb9f0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-amd64-k8_2.6.15-55.82_amd64.deb Size/MD5: 20798158 1e5bf064dc2aab9880b30448d06eba9d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-amd64-server_2.6.15-55.82_amd64.deb Size/MD5: 21635636 0bb9fd3f753b4dcedf70fa8f36c48467 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-amd64-xeon_2.6.15-55.82_amd64.deb Size/MD5: 19905244 a04e5f6463fe334c28598cbf13506043 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 15630 8d1da510f959f7b9a2d0aa73ab80ae39 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 240360 20cd65fa275cfe8a83743ddb5a95f528 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 202666 71d8be83541874d6c675945838b9e223 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 1048610 9125e9e6c294bb450e37643b3ed7397e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 1543634 ff7af4dcfc269a529f0adef3823a7244 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-pcmcia-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 161692 5623fa9ad6b280d0a5271917e89ca8ab http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 9832 bd5218587371f5b309ef2d1f77f98420 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-usb-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 80870 20f034d6199d2902130f8bba12f48afe http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ntfs-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 49294 e4a805200acaaea274e67995602294e6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/parport-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 35158 0869bee234a54b1afe362123606efe66 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 70890 74ad81f0209c505c41d61c143b90f879 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-storage-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 6218 ab28cdccb61315cac14d9046821e264d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/plip-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 9060 6b179cd944eb7f83f03147e09025e6be http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 57924 5465064d051dec863ad3f4f1a91553f6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 123380 18eabdae11c2d77a1694f0cd467107a3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/sata-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 101078 efbe32714c0fed5aec8a70095af299df http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 79272 2fbe8585b11e0fa73fad8e94298082bf http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 1595398 3e11b94ed4701d1d84b6aeb303782d97 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/serial-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 72352 e413c3057779de1b3c8f0c4d8d7fb577 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/socket-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 12648 41487d8dc828d7f94a5c8ed495f06a99 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ufs-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 33806 ebf707126fa6326899d648786afa8779 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 138512 ff1e0d4f0e9c5efc7bbae4d92194da5d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 38938 75eb074224a6373013e621cdd5931a51 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb Size/MD5: 278876 1586e5c6fc3fedf7f63f19c35a4fd9e8 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/acpi-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 18976 940a7c03cfe47e9d0543f49849c8765f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 43482 466c625f614e3624fa548bc5f96efa74 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 105216 d45ce18fb4d9c2cf5da6d14ae69a86c4 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 2284 de2293fa5c6e5493307a1913b606ad20 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 34572 4e302b4f7144fd504b2475a4103a3bf5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 97044 eeafb6c943244dd33659e7e7db9a9f76 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 37128 d4d67e516f236bf54a00697b71a3219b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fb-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 44122 1657e3520cbd2fbc832cf91bd6366a38 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/firewire-core-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 167738 7431ddaa7c8f0c9b6e583129cdc839f7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/floppy-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 33954 8251d509fb9bacd314f62cc90bda5b96 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 137972 9b8295fffc47ab4cf16ec34f7ef8b7aa http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 46892 c12096744faa1ca0735b62ea045b0c65 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 133162 5805bb2e2bfab6158d8d217b08079cc2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/irda-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 273806 be7956f256f494fe4f40e7e7129bdcd7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/jfs-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 102330 d6a81f9c342c0ebe2010b66d4a7c59ae http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 1597678 ab989d0c749b837c67a2a839f139fbb2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-386_2.6.15-55.82_i386.deb Size/MD5: 863294 c444f51c8b2752c6a7bb7e6890917ae2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-686_2.6.15-55.82_i386.deb Size/MD5: 862506 1508b314277964abb0d05e8a274d2a26 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-k7_2.6.15-55.82_i386.deb Size/MD5: 863628 69ee54c68825997e29779c3a2ab66625 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-server-bigiron_2.6.15-55.82_i386.deb Size/MD5: 866414 fa045eb17626dde56b96d70431e9515b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-server_2.6.15-55.82_i386.deb Size/MD5: 865826 30916e33e56490d9a2acf31c03690e64 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55_2.6.15-55.82_i386.deb Size/MD5: 6918500 a2bb7aa892eb2d21ea3d04f519b72482 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-386_2.6.15-55.82_i386.deb Size/MD5: 21724666 e1390cea2d5e21dee938aaf3f88786f5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-686_2.6.15-55.82_i386.deb Size/MD5: 22516786 35a5512e74cf490346c35fd56f695fca http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-k7_2.6.15-55.82_i386.deb Size/MD5: 22265258 07155a925272e66ace552f82d16b1b79 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-server-bigiron_2.6.15-55.82_i386.deb Size/MD5: 23626692 d229112410ce8c9c9947f2f7cd32c883 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-server_2.6.15-55.82_i386.deb Size/MD5: 23179552 9b108d16a1fc1716b78c4417150e311e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 15512 4a2a37534dc2bc6b0ce12df135d07105 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 238510 544c418a7426a5248e33ff549c6f4035 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 197134 9ec57cc477f5bc4e0dba11002d3988e5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 1048370 cd87ff58b5cbea9c04eac21cf1b0784c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 1741406 0b97758852f283e148ec2ce290e678ef http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-pcmcia-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 160884 ce6d2a16b8a3af5706b694fe6f8ac4f5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 9162 d5f4619ccc32c2ed8296823cd3c19e3e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-usb-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 76468 9f0911cef3a4b7afb14f1bd537ad337e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ntfs-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 53554 afc415fd0a28c363579986fc48464671 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/parport-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 33048 c710f55e8853bec0935df3338f2370c2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 85618 b6ed96be15afaf31e6670a78ff1f4733 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-storage-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 6024 b0a622b932e40a7011d5e9ec9bd21eb3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/plip-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 8762 6234ceb3aa1422433ee60ad4305c03e7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 53636 e1a35b8801fb949295040028cd2cba5e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 130970 25d88aae6168f72c58ca17584b3f83e0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/sata-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 98468 ddb974591a687460f50c26a2e2682593 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 77212 a9ec9f2fe551ec07e56200b26f1de4f8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 1768830 477e2985e9f1fd2d4f333d651ce07e2f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/serial-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 69612 2547b29a65a8391d3a085bbf2ce476aa http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/socket-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 11764 88566d97534c428d1ef6b01b5adde2ab http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ufs-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 36102 10638cf7adf98d9afcc1e1475dbaf05c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 132672 fa6f13f8c0c0d017f50dc160bf2961fc http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 38578 32976528861368cdb936d5db4fc0c2b5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb Size/MD5: 299158 458051a07217501718f6e2a742bec0a3 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/affs-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 23726 0fbb9855c5833cb24187a701c10cdfbe http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/affs-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 26006 87108baca7e8450f580be0f6c77d95de http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 49328 c6fe9fa1f1e132f4906b21e555bfb079 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 51536 d2c7a02ac033097208c359312e95d246 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 2308 5b98b064d0e5c18d8c32caa86b2e43e5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 2482 3c964c577c93d80cee55d06e78003951 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 40306 ad5c5c36d7dc08add999f8cf47d53b72 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 43848 0cfb559dfe56e4a50c99537f98392827 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 112606 9994a8d2bb1c9a45cf43416faca7f9fe http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 120734 092bb2c1dfcece144429a277f96b56e9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 40906 84f84dc75718a347eb6623204cab6209 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 45996 69f5b1a8a9e82414d868ae459109f32c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fb-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 29024 1a12ad8c384bd5195208ce7eb478c011 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fb-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 29892 4a807f384985ae3376d509474716f13a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/firewire-core-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 211398 2e302e02bf08226ad9bf45c3a04840b3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/firewire-core-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 225174 0c4edfa7ccdb502d5aefc7b02a2e81e5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/floppy-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 45054 a2373aac90339698b2cba11e43978565 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/floppy-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 40220 06b0e3234fd6b0125df72fc04c4d0562 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fs-common-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 1934 0887612df6acbc867949c33251427c00 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fs-common-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 2198 d38a4ec22579275ff2f48805be734356 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/hfs-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 80760 0a71c80867de5b11bd73c9c6d2751448 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/hfs-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 86134 0531dff0f43a6073ae4e71e93e1d77ce http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 111580 ab42bedd2a1e1687015d5b6b4b327484 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 125734 3c526ccc2348c1f6dd65829c96fb1381 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 53412 13f7a9a412c8c38c4a22a0f4db2a2bd9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 58486 0a62b4bc8aa5f594de9efc6b9f1dec6a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 147964 9751a30ed03bc5bde2b48be1e5dce6e3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 161908 70564b18529d383509cb4c1d4898425a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/irda-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 318412 7944aa213ac28d37d390b48b3d5a9a8d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/irda-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 288032 2b93681e1b268517863ee4bf27ba0899 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/jfs-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 115862 3cd4a494b7d9652bd77eb9dda6d2eeb9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/jfs-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 116548 a40033c7a63dda0aa5911caf2dd7f49a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 1925072 2c1fefed78a6ebc795887a2f27c9db4e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 2449126 39606af1d24872f0ff053ef5ddf790bd http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-powerpc-smp_2.6.15-55.82_powerpc.deb Size/MD5: 872990 d1ced46d4302cb78b2d47c5ea678d6bc http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-powerpc64-smp_2.6.15-55.82_powerpc.deb Size/MD5: 872596 8602056ab95806f02667587737cb3b59 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-powerpc_2.6.15-55.82_powerpc.deb Size/MD5: 865624 336f5e63d1fc8a9f55e7e36f4177f54a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55_2.6.15-55.82_powerpc.deb Size/MD5: 6947694 9ab99966a30e44788549998ae0e26798 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-powerpc-smp_2.6.15-55.82_powerpc.deb Size/MD5: 22783922 2c7ace12a48de978cea2e7e939c3c900 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-powerpc64-smp_2.6.15-55.82_powerpc.deb Size/MD5: 23693062 18b76996711d54f91edd68a52b45d666 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-powerpc_2.6.15-55.82_powerpc.deb Size/MD5: 22365356 f8a73866c9b4334ace774f26ddaa0e38 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 17782 6a4cc5fc57579f3f602f582acb1231fb http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 17386 1abc2376b554610aec23e87f60998358 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 261350 a2a6eff082f29827c9505b45dee47f7d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 282620 93ef7729a3cc9f4639e9d34c8782d8c5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 227808 73c5142c206284bb244b59586a93d8b6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 248952 d0c1d09bb0b125ae113a70baa7a06cc0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 1048470 66d28a86b670f1166faeb1c25a1547ad http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 1048600 178ea75b2bd02ef3b01c4cf940b6a713 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 1738490 8fdc1918d06d76e358e7645e24d763b5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 1878020 0b6e4cc3971bb034e26a3aee110cbc58 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-pcmcia-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 250814 c48a5e0837fa30e3b1480c113c02d963 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-pcmcia-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 233524 676bf7f8905001fea721689f23ae5f6e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 13054 73a21ffbe4470fe4108886ee20990c35 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 13528 1105da0ce6deb9d13a19e8b6398827db http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-usb-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 84794 ccbc384bd76aacf39ac078437d709d51 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-usb-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 52204 acd012d94fac6fd62028de4920ff5a67 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 73922 a2d1c6a539934c1a852cf0b2c56ada43 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 85854 59c8914383ae0624690950d8f844c101 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-storage-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 6624 b926e6807098f087b5eab77015ef1aee http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-storage-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 7058 43cb29678a86a4ace2a784ef2c2e8843 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 60378 183583ac6a0ab738109499861a861ca2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 70420 da9263ada0b850362f022c36b6769f22 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 128550 5eaff599374f099cbb06bb709f1ce68c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 157944 8ef2e5efb4749e8e1725c58a185871bd http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/sata-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 108166 1a09b1fb98eb414ba847dc8634a28a62 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/sata-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 126130 e2ae3a3d5d06c8e6a5394c2262381438 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 87294 610a552fd6a9c960f64c8ed4a74c5b39 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 93362 a7434712a48c99eba3cfd1dcdf4db489 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 2014708 a089ebb3c11c6fd25f65c069adc4f1cb http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 1988690 049558cbf765292686c49fc8e180ca0f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/serial-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 104130 cfa3ef8f4085a002160c319cdc9899ed http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/serial-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 115790 ac0661102201e3f682eda1052d987671 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/socket-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 12738 f683a291e68f38a5c2785aed5452f77c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/socket-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 14444 24e22f4de6be23c1fe122e8c3dbdfdc0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ufs-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 39950 b8aa9421b4aaf324bc7349b026e3c30e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ufs-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 41540 c174de599d57427fbbe0544bdea28cf0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 149344 f742184c85574c83ec84aa70cb9cdfea http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 168082 6f375034031b861fe42ba973c9390ded http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 42310 e24ddfc7d97416cdca5325a9ce197781 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 44918 de0152b64cf3da754a73ba952625e15b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb Size/MD5: 320326 87594e9f43ab0dff57a8ae731be77dfa http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb Size/MD5: 324872 a53f9d6f2e8118894b3c5ee8a98b7441 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb Size/MD5: 50476 aea13d5d96a87d5b3a0cb897605f8226 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb Size/MD5: 2358 b0af3cd8de1581e95acdba1dd91796e9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb Size/MD5: 40380 c083f0781fb33b64329d10c233affde2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb Size/MD5: 110556 cea10ae3446945f5dcc6b94a8050b4ad http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb Size/MD5: 41214 b0728ed58d1e1a5bcc4309849d773e91 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb Size/MD5: 104224 54844dc4f0225e051453b6a01934edb3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb Size/MD5: 7438 7cfdeca11c465cea2c2e8d768b39969e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb Size/MD5: 149304 958f0b630326763cddddce5503f3319d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb Size/MD5: 1712530 f967805acb454413bbcc2f377f5b3e36 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-sparc64-smp_2.6.15-55.82_sparc.deb Size/MD5: 773010 979da22c264d122841ea140319b365ce http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-sparc64_2.6.15-55.82_sparc.deb Size/MD5: 772604 3106b0711e0e311f93d92624247f1eea http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55_2.6.15-55.82_sparc.deb Size/MD5: 6964184 fb615cef69d2a79b16cfda4b67bf4e50 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-sparc64-smp_2.6.15-55.82_sparc.deb Size/MD5: 15017856 479231852577fdd0e402556287a02059 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-sparc64_2.6.15-55.82_sparc.deb Size/MD5: 14831912 1bd18f6f1ccc6b70379e267a0173b9bb http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb Size/MD5: 7436 87e52fb1ba93a9e9763a0f3984bc15a5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb Size/MD5: 248758 bc3db8ee9c85b0aaf1ec03290ae41cf3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb Size/MD5: 212566 70a9e482f9be5074d90bbd4ae5cf1246 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb Size/MD5: 1048480 c535170499441feef6ef8b3062de2d30 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb Size/MD5: 1482394 247faeb24ed7d02526dc54dfb194dec4 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb Size/MD5: 10118 28a82b2b4d4934c028952b17676d515a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/parport-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb Size/MD5: 40178 d44c9cb160749b87062ff38c0fc11340 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/plip-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb Size/MD5: 9370 c7d50aabcba6ff111825da92f10dd219 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb Size/MD5: 61398 df892cd2f9e118248246eb7d3c273df4 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb Size/MD5: 163276 481deef18ee50e039791747737619c3e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb Size/MD5: 64096 9ebc582fc849cdcf71ee887937313a22 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb Size/MD5: 1235396 479e0c0baad9c8cf96fe44603c2fb9b9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb Size/MD5: 59308 83efde441d0de3f09bb163e53016a300 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb Size/MD5: 37430 3646c295a3bbadafbe6df1fb22d8391e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb Size/MD5: 280132 311d2d465db827f3e3f2e95bc265ddb6 Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.24-27.65.diff.gz Size/MD5: 4747158 57102623f2993049cb4d309f75748b5f http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.24-27.65.dsc Size/MD5: 2689 3d66528dd1a11628dd0e2ec5fadfa2b0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.24.orig.tar.gz Size/MD5: 59085601 e4aad2f8c445505cbbfa92864f5941ab Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-doc-2.6.24_2.6.24-27.65_all.deb Size/MD5: 4930936 41797a4c4537dc9e4abb06f5b811a6f4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-27_2.6.24-27.65_all.deb Size/MD5: 8146690 ea0f32ddeaa300bc68f90838a6466257 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-kernel-devel_2.6.24-27.65_all.deb Size/MD5: 99216 bec450b038c03760a6f369323af1a0d5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-source-2.6.24_2.6.24-27.65_all.deb Size/MD5: 46970850 cadaea7041848682d5e46a181aa43fb4 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/l/linux/acpi-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 28614 de37ceb847d7f811723dee03e7fc9ab9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 224184 6b392a2ef779b2048c78f46c1e833e2f http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 52646 2c736bab70f1efeade320f9062b74729 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 40644 a6209cbd666c38e1c4bc75115fda79f5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 48646 6affd584126a9ecd4d3560dfa69a201f http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 86332 097b613836ca5101cd37cabfe7299adc http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 36316 f3915273cbd0e4a218a543ac525d7674 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 648728 9021fcdfc468efb5a2994dab918aad7a http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 209928 967a98f6cfa9c56dcecbe0872e98b617 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ide-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 39194 5ad172f156b5e2ba43fee3a69a09fb49 http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 67996 9ca474a40f4225116d7d9befcde4dbb5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ipv6-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 145458 3e087634d61556643c32e342214a0642 http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 287262 202933f0bb0a3d09ae278a991139eaf1 http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 2130554 f0a40b4f0002803063b074d4b2b22775 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-27-generic_2.6.24-27.65_amd64.deb Size/MD5: 673974 3ee01bd889b29b761f96eab35f839815 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-27-openvz_2.6.24-27.65_amd64.deb Size/MD5: 1252948 e0734c904a26acf9daadc8dc13a5331c http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-27-rt_2.6.24-27.65_amd64.deb Size/MD5: 1274832 4784ef460e510677dd0c62ba0e5d75a3 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-27-server_2.6.24-27.65_amd64.deb Size/MD5: 674092 b2b2090661ff113ec00e1b08627238c3 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-27-xen_2.6.24-27.65_amd64.deb Size/MD5: 1084370 ef5cd734b586855f7b94d5b93bb51c42 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.24-27-generic_2.6.24-27.65_amd64.deb Size/MD5: 17809172 46d4f01f3cb62fc8c006c25d291bdbde http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.24-27-server_2.6.24-27.65_amd64.deb Size/MD5: 17781410 589743282c76d9ae95751cefae7dcd1f http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-debug-2.6.24-27-generic_2.6.24-27.65_amd64.deb Size/MD5: 21055946 71c5ed78b283260aa76abe43a5199869 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-debug-2.6.24-27-server_2.6.24-27.65_amd64.deb Size/MD5: 21440010 76e220b0a64e1b1fb76a54aaa5cde808 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.24-27.65_amd64.deb Size/MD5: 707586 4d51f71c8ac5227c9f02fbc0c6552453 http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 263678 73ef23d338fe298802ae13ea52af05a1 http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 176420 0709db4bda579f5146063e7bedeef8cf http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 254102 7b20912de5e61b0206319019c4800ef1 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 1641364 98d7399720bae5a9d3e1637cc6f13ce9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 143718 419053c97211aea3dd9b2aa0833bc6bc http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 164466 16e2d4ad08a10d9e9d2b33dbee4c08ba http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 115858 74f2c34acf328f485356f38e86eb6aa2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 35056 5307b10f96b76f43c0bf983007f36021 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 64412 7cf4750ba6f0dd63678eae705da55fbf http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 69706 dedcbc58256ac2a43ed625eb7cae6e81 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 21598 6d6c27b8756a70466451449e096bd149 http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 8622 4414757aa7034cafa1e98d8bacf080f9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 57232 8690d6c34e1ec87d85b2c20cb280acb9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 103044 73c875b66060da7f1d39f2a5f8eecf36 http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 1212518 6e237c8e863f3cea5cc702afbd925b77 http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 45500 1883d8bdf4ed7b2aebc1a407502bd556 http://security.ubuntu.com/ubuntu/pool/main/l/linux/socket-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 12780 fa12802bfa4f6847c5409d4882e9aa9a http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 498032 d5e81ea5e16357ae1be8c0ac77685256 http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb Size/MD5: 75048 24c6c2fa1972611542270d68ccae59a6 http://security.ubuntu.com/ubuntu/pool/universe/l/linux/linux-image-2.6.24-27-openvz_2.6.24-27.65_amd64.deb Size/MD5: 19256730 d7f5e8ae9464748ac2a6dbc46ed9f1c1 http://security.ubuntu.com/ubuntu/pool/universe/l/linux/linux-image-2.6.24-27-rt_2.6.24-27.65_amd64.deb Size/MD5: 17909990 e4e3916570b7b5f06645d2623111b0ef http://security.ubuntu.com/ubuntu/pool/universe/l/linux/linux-image-2.6.24-27-xen_2.6.24-27.65_amd64.deb Size/MD5: 18911564 fd71e9397f8919af683848aa456c885f i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/l/linux/acpi-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 23690 ceb5d148f00965516252470b41d00b56 http://security.ubuntu.com/ubuntu/pool/main/l/linux/acpi-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 26794 50bb7020338de7d00265de0765578291 http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 218818 a3b52dd67e9817d4e60d8b048f542717 http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 220482 60bf430685f9b39568dbb078edf6041c http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 51932 f708bc6cc86f313031745601d3d31aa9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 52068 bd20c8c1eb151b2b8d989d5081f8386b http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 38326 aeea101daeed1f87bb30f67c4011d737 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 39080 b8fc6fd4c6fa20a8cf2a92e150a1b969 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 45990 9c06ca831da0f4183ef6e15af4e9b3cb http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 46170 8d8cb61faaaf267e135ecd2844afd195 http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 83246 6941b39723fc655f7dcf2846e5c8a47e http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 83662 d3f22aca87d23a99c75b3e6464eb22fd http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 32396 402518c87d72b3dfc41656de51ebaa64 http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 32672 7135f346092b651dafed111b91aee44d http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 637694 e32a7d7a367597e18b305f6d97b93630 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 655982 7e8f7f69c261eaa0ce58ddb865205698 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 209878 1ca7ab42cb7cd39e37e711fabaae8b99 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 213640 bfc69b0b0b29485a95605fe7e091dd5c http://security.ubuntu.com/ubuntu/pool/main/l/linux/ide-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 46544 90ef4a74882d5770a3f7d888ba288b35 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ide-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 47602 e55422dc48484675642c96bdbc673595 http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 62270 cc798227f68e2c8c1d8a54b03bf0058a http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 63626 a2d3587a68e63d2cf90e1cd3790d1079 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ipv6-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 130538 c07adcef7438ef51821f9a8b750f7973 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ipv6-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 137028 068fdde4394c7850abba6ea81e69c801 http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 279080 76c07612b0081c38122b1929c7f19f34 http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 277690 c635d04d78592fe9792024e84682ccc7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 2012458 d372c1d872861cd7c84ea9d06c4e8162 http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 2089276 69416120cd161789b598b2b93034db07 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-27-386_2.6.24-27.65_i386.deb Size/MD5: 655314 4adb56a8d5211bba1acc02d76e9fb65d http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-27-generic_2.6.24-27.65_i386.deb Size/MD5: 658154 7d6f7bccbf83f9a32664588ab5faaabe http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-27-openvz_2.6.24-27.65_i386.deb Size/MD5: 1242098 c22eebab07e9ce3d85526ce2945da263 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-27-rt_2.6.24-27.65_i386.deb Size/MD5: 1262772 85fe04ee16e27b961017cf148c4f1d21 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-27-server_2.6.24-27.65_i386.deb Size/MD5: 659870 a3ebd23356d57307d124b62faf3fc2a2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-27-virtual_2.6.24-27.65_i386.deb Size/MD5: 561726 410d756762ce992d36864ce38efc2e1d http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-27-xen_2.6.24-27.65_i386.deb Size/MD5: 1059932 350947cab60fcafb13483ab14ca0ff95 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.24-27-386_2.6.24-27.65_i386.deb Size/MD5: 18380540 1da620cffb3b62617fc8213134b951e5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.24-27-generic_2.6.24-27.65_i386.deb Size/MD5: 18401264 dd7b7991e7f843ebcae7bc5c8700636d http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.24-27-server_2.6.24-27.65_i386.deb Size/MD5: 18513796 c8b5dac38c445a72681bd5dd1c9a1f98 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.24-27-virtual_2.6.24-27.65_i386.deb Size/MD5: 8730742 fc3305910b00833b509a4e34199e4a67 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-debug-2.6.24-27-386_2.6.24-27.65_i386.deb Size/MD5: 25540786 ce01c05207f08195efd8b88b83a93549 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-debug-2.6.24-27-generic_2.6.24-27.65_i386.deb Size/MD5: 26356028 ed8deb0b2243fd649476c43d245a9690 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-debug-2.6.24-27-server_2.6.24-27.65_i386.deb Size/MD5: 27372622 d07e093dc192ad5a49be8c45b5c85dd4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-debug-2.6.24-27-virtual_2.6.24-27.65_i386.deb Size/MD5: 24872642 c28ebc89c9a427352186dea53d81ffe8 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.24-27.65_i386.deb Size/MD5: 707576 d26794effd4e857da1db4d28e9407611 http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 258852 b86f8c37480cbd19131432c908013dd3 http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 264136 631fc78981097e46ee5643ec3cfc5616 http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 163268 1c98e7380c4f80c461a6181344914fea http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 163034 9cc84b270528d0fef36320974b415392 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 236710 755a3caeceece8650e46706804c6e072 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 244984 cc330be20f314b308aa0fbcf95c0370c http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 1810274 169e24dc79c5fbde1ca1a2a5520286d7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 1827436 cf166d9cdca76a06fd78b1a0669ed67b http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 150836 169c287e6bc754d02924a719d34aad29 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 143018 ee925199234ec977618a5c3c3b03954f http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 156072 9ff98bc4b62d033785de95858201c353 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 157158 75cdc15de6d5bdc90e05789eb00fe29d http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 107222 37ce3c67bd74d5040aa4d22223cbb486 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 108526 7e50df25fcc29d44c2cfdc3e5c046a66 http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 32958 b1b4b1a1b95db3b09923a39eb42c28e4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 33388 860c1b56a45914246929757c815f5ec4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 60694 99aca1f49a5cd919f85ef1600ca757ef http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 61158 bbe05be947e606b614108423a7ca0b83 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 82652 8ffbf8ae116bd81b7632e2e3a58e0a76 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 82954 1532b447c1a1cc43d1cbf46b1e14020f http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 48562 d2569ab07923f67de18ed6c63940351c http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 48452 dcf73534ccf880da82f6ec8bdad54db7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 8192 2c3bac93f50147f7f67fffdcbb601b66 http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 8444 375a2103e5890c501433ae5b3d912fbb http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 51104 8d242482ce8adca7ec8f5d0a40c04c20 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 52950 8449d644f2a2455da01bf48922757fd3 http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 92156 232f32e69ea0f4daf4a17ad68542e45f http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 92446 6525df043e2a865a6eb646f015140e31 http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 1443710 2746c7d1f27f2638dd6f141c5d7e68ce http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 1427036 d049929f20e6cbec8c7338977af873a7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 43240 53538a90e2ae8dae72a91a8aa79ecb90 http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 42806 3b1d48b0e38b9acebe7581278a8e0408 http://security.ubuntu.com/ubuntu/pool/main/l/linux/socket-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 11402 83264faacaa7ff9c249144d8dd0061b0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/socket-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 12016 7e17c39f818116eae09203af5f5dd870 http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 470484 bede1d05dc08ab51105feaff29b39093 http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 472422 d08cc1bf2e88df1908f35afc77fd696a http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb Size/MD5: 70518 751bdd069d86773b5a3cfc67a09b46a4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb Size/MD5: 71382 3aa45fd7cdb245416c60a2210066a353 http://security.ubuntu.com/ubuntu/pool/universe/l/linux/linux-image-2.6.24-27-openvz_2.6.24-27.65_i386.deb Size/MD5: 20248150 fad37a976e62eb5c73f906fd44070b5a http://security.ubuntu.com/ubuntu/pool/universe/l/linux/linux-image-2.6.24-27-rt_2.6.24-27.65_i386.deb Size/MD5: 18543176 2f3a767f3505c51ebac878d921d3f3d8 http://security.ubuntu.com/ubuntu/pool/universe/l/linux/linux-image-2.6.24-27-xen_2.6.24-27.65_i386.deb Size/MD5: 18782962 8a5a3287d174aa7fd1cceb71be94f347 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-27-lpia_2.6.24-27.65_lpia.deb Size/MD5: 639434 d3cfd21a90ea311f0b1efa2ac28dfac0 http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-27-lpiacompat_2.6.24-27.65_lpia.deb Size/MD5: 705462 81a381fb023a0e0074d8cfaa7fca88b8 http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.24-27.65_lpia.deb Size/MD5: 707532 c6bf8f82d8bbc4e2320343f58629a562 http://ports.ubuntu.com/pool/universe/l/linux/linux-image-2.6.24-27-lpia_2.6.24-27.65_lpia.deb Size/MD5: 14516344 29b153dcb44d72c1e5862191cb266c6b http://ports.ubuntu.com/pool/universe/l/linux/linux-image-2.6.24-27-lpiacompat_2.6.24-27.65_lpia.deb Size/MD5: 19816106 947ff90add29d1fc18a69145f39341d1 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb Size/MD5: 334046 06512921aae848be603af54dc56f72e6 http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb Size/MD5: 318530 4e8164b49e3ad90d33c9275bd1c7b45d http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb Size/MD5: 62718 e53308b729496be4a0e343535769c74e http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb Size/MD5: 73002 10bf1560cb8abc507ea079f6a495f91b http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb Size/MD5: 41442 a9d6733876fcf91a271eb189eaffcb37 http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb Size/MD5: 47826 1d54194b81d12ac7b00b910f625f7a59 http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb Size/MD5: 89506 1d66e8fc56eb6437f783cb677e6c7061 http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb Size/MD5: 105746 034c14e0418581e1b8b56913246e96de http://ports.ubuntu.com/pool/main/l/linux/floppy-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb Size/MD5: 44824 5430e2953cc84d26fd0c8e8c4e323a92 http://ports.ubuntu.com/pool/main/l/linux/floppy-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb Size/MD5: 40932 93dc2a167cf8ab1d80426dd296997295 http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb Size/MD5: 704830 ef370acc49192e464ef553984e361d88 http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb Size/MD5: 770960 ac691fac4ab28cb6d9627fa6b7a5b773 http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb Size/MD5: 243328 b280fefee27294e988529239616e68fe http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb Size/MD5: 246310 c1d7e140ca2ba026b6a168c6c9748476 http://ports.ubuntu.com/pool/main/l/linux/ide-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb Size/MD5: 69160 665a09e07612701e5c6bc7efee856e5c http://ports.ubuntu.com/pool/main/l/linux/ide-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb Size/MD5: 132586 f0e732beade4d5154e887aaa1b1f3625 http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb Size/MD5: 70252 d8f056e2c9d8aabe9acacfbe4e6c9de0 http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb Size/MD5: 77462 d69a84be1856d83b83faf1fa820803f6 http://ports.ubuntu.com/pool/main/l/linux/ipv6-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb Size/MD5: 146272 11a1d0911e3fda9667661975972e08b2 http://ports.ubuntu.com/pool/main/l/linux/ipv6-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb Size/MD5: 165002 c4276844b0ea79946508c0cd3a816541 http://ports.ubuntu.com/pool/main/l/linux/irda-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb Size/MD5: 387992 53b23049b6f79a9609349927adec3443 http://ports.ubuntu.com/pool/main/l/linux/irda-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb Size/MD5: 350468 694a94354856e10bcc935e2a7ba38a51 http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb Size/MD5: 2431460 3a8171d7d1e7e6b37573c6679812d2ae http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb Size/MD5: 3473330 1037b52b34e3b26b05f68bfafb48850a http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-27-powerpc-smp_2.6.24-27.65_powerpc.deb Size/MD5: 652854 26483fb509f744914f646c49eb7b4d6c http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-27-powerpc64-smp_2.6.24-27.65_powerpc.deb Size/MD5: 657530 98dd4c49966d886237bed19fddb84057 http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-27-powerpc_2.6.24-27.65_powerpc.deb Size/MD5: 652742 c9f225771751b175bc9a3d1ccb9b2b91 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.24-27-powerpc-smp_2.6.24-27.65_powerpc.deb Size/MD5: 20175388 98b77e06737b717f07a9f436bf292879 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.24-27-powerpc64-smp_2.6.24-27.65_powerpc.deb Size/MD5: 21378902 be6b07df3db6828d5d795954b3ad3c49 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.24-27-powerpc_2.6.24-27.65_powerpc.deb Size/MD5: 19948474 1a42e203300936a0a6bbd91270ac925d http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.24-27.65_powerpc.deb Size/MD5: 697738 b5f3e2a2bf27249b08f44ca708c75305 http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb Size/MD5: 266748 d71a805e23acc800f21449d312975e04 http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb Size/MD5: 307732 90c6243c8802cdc121bdf92145f7dc17 http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb Size/MD5: 192250 b114447f81aee3dfc51a3c40f2015d66 http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb Size/MD5: 201688 94056840984e621b385099d261ce2420 http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb Size/MD5: 272012 b6790aca1401ed43b8c04befaef9af51 http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb Size/MD5: 306006 50b970f3b69d4eda6d3e59353c9db152 http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb Size/MD5: 1807766 ec7ddb35df35bb103f7fa00168c827cd http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb Size/MD5: 2119612 ee4db3863509964860b0a24a9a6d5951 http://ports.ubuntu.com/pool/main/l/linux/nic-pcmcia-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb Size/MD5: 235186 b6a1a89f7279818e17cac5d5b3a8b86e http://ports.ubuntu.com/pool/main/l/linux/nic-pcmcia-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb Size/MD5: 225404 baf5ea09bdbab57626dee3afb306a39b http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb Size/MD5: 170438 b6bae0ce9350745a5c5ba8d969ae34ef http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb Size/MD5: 199752 9d4225f0960410c78279f61aa02471da http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb Size/MD5: 117942 e88c2b968d47d71ef068dcb5abd4d9fd http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb Size/MD5: 139272 5f4576b20a9dc27976d521d0942ad0c9 http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb Size/MD5: 45372 918120c1bd011bbbb8b95529c0978f09 http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb Size/MD5: 46836 10f5de3e02406e28d373098a6613860b http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb Size/MD5: 51132 610f6b349ffcb68ca7f58dc7928a7558 http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb Size/MD5: 60292 9b17fdf2d2aa9cbcfd3dbfb1bfc3af41 http://ports.ubuntu.com/pool/main/l/linux/pcmcia-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb Size/MD5: 74186 053cc99e1839e95e6e48198a187c3e48 http://ports.ubuntu.com/pool/main/l/linux/pcmcia-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb Size/MD5: 87220 b730de88a2ee8d0b1503d2ee30f13e69 http://ports.ubuntu.com/pool/main/l/linux/pcmcia-storage-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb Size/MD5: 76092 0a6aab3a33606ec7e97d474de29a47db http://ports.ubuntu.com/pool/main/l/linux/pcmcia-storage-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb Size/MD5: 30230 76c4d08ce66715d75db459c89405a0fb http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb Size/MD5: 8486 80580934d5e5f6909c396732bedf2055 http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb Size/MD5: 10030 4e52e0e6b321b919404ffa406ccc2da1 http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb Size/MD5: 57438 24e1b5d61bcbe2b2faf9f31d9b6f7d3b http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb Size/MD5: 68746 1b541e58e95b8022b84e7d050db97ecc http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb Size/MD5: 101184 97ff0fdbf93ef2526b1a97b962592e37 http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb Size/MD5: 147834 eb62d695f6da016ae938924414bd15ed http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb Size/MD5: 1565722 3bf6b2bd7ef98c403f8cedf220978814 http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb Size/MD5: 1514590 307c47dc707e3c96384e6ce043c745be http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb Size/MD5: 76672 863a1d5aaef2e7d8f5ec43318a2b3f7a http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb Size/MD5: 85976 b6bedff825f704ceb1269488d698bfbf http://ports.ubuntu.com/pool/main/l/linux/socket-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb Size/MD5: 12702 cc2c9e83433b8f4092748b933292a46b http://ports.ubuntu.com/pool/main/l/linux/socket-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb Size/MD5: 14560 60c8e6f2c5425b8bfea2cbee00dd50c2 http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb Size/MD5: 449632 ff75fd65c13af279e6652e0d09505887 http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb Size/MD5: 504134 364077fbb2c074eb8852249a757b89ae http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb Size/MD5: 83682 bcafd92384fdae95293c310f83443303 http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb Size/MD5: 108840 2254f5416b8a0cd8d1cd52a57d7a064a sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb Size/MD5: 59570 0a8a1c6f109f6620c74d81880a6836ef http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb Size/MD5: 71732 e29b3839ae80a5cc8b8ca1756569e0bb http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb Size/MD5: 42454 35c72663f93201098e40f0fc36232ccc http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb Size/MD5: 91776 d7f14f387c9d325ba87761a2da581b5c http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb Size/MD5: 587190 a4606a71370a3dec9dc6a3aba35ec115 http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb Size/MD5: 171076 2f15afec1e2aa78035659ac46b010cb3 http://ports.ubuntu.com/pool/main/l/linux/ide-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb Size/MD5: 22356 aa2c6396604a45f318881df2e562f625 http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb Size/MD5: 46058 5633652b0f71f9e2098ce2798e29269f http://ports.ubuntu.com/pool/main/l/linux/ipv6-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb Size/MD5: 152976 d7cbf92b5ae85f379d0335c693ccc256 http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb Size/MD5: 2135270 f05d76791e5538fa887f7731d170dc58 http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-27-sparc64-smp_2.6.24-27.65_sparc.deb Size/MD5: 565588 5d632e2a56604e4feff30e310f17f024 http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-27-sparc64_2.6.24-27.65_sparc.deb Size/MD5: 563928 4b591c5db77c0f5bc41ffff32a14ee31 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.24-27-sparc64-smp_2.6.24-27.65_sparc.deb Size/MD5: 14098262 0170c4f2c460270add65ba17eb7acfd0 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.24-27-sparc64_2.6.24-27.65_sparc.deb Size/MD5: 13830862 e4b6c695ad5b3e4ad0b428947b4fd388 http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.24-27.65_sparc.deb Size/MD5: 752654 6e9b50c2f72a60edf4df6e51d5448cc7 http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb Size/MD5: 270064 879ee6667df636551d565e10ae5162fd http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb Size/MD5: 190360 388a92b9849a34e99f6a3d2817ca9b05 http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb Size/MD5: 263030 82e8bd5f9f922af935f6f787942f4b2f http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb Size/MD5: 1386520 98436d21f7255a6c923b50900bd2de4d http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb Size/MD5: 175444 37239b1899dd449d5b4985163c46d678 http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb Size/MD5: 122106 1b86f75278b7fab22bbffd2c0010eef5 http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb Size/MD5: 40398 81325db98acd64573c100455f0cb5289 http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb Size/MD5: 48060 dd1b8744fcecf5959d2dac4a23b8cd34 http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb Size/MD5: 8698 a2a5a2941546e0137d8c57a38ba9ab2f http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb Size/MD5: 60516 08d388a60ac9be5c7d80d479f94fd4aa http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb Size/MD5: 106838 b350cddddb73537859dce8203c49ac1d http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb Size/MD5: 1002034 0756e59f467bdefbc26dcb06a6201457 http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb Size/MD5: 9518 7bf2df83ac5364fef90bf13ea616e7e3 http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb Size/MD5: 391514 9e98f9f4757387d261d6c7a1e8c7d61d http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb Size/MD5: 75924 b375f2838ce3f024a9f2b58d02f9d98e Updated packages for Ubuntu 8.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.27-17.45.diff.gz Size/MD5: 3279295 99a1653c9f3eb96475ee9776faff3701 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.27-17.45.dsc Size/MD5: 2761 3b7c2f9d1b970a69db9a1c2c2bd5d95c http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.27.orig.tar.gz Size/MD5: 63721466 482b04f680ce6676114ccfaaf8f66a55 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-doc-2.6.27_2.6.27-17.45_all.deb Size/MD5: 3492310 1dbaf1873425d41dfce3b359fc95728e http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-17_2.6.27-17.45_all.deb Size/MD5: 5906568 e4cb3deaf39ad7c3917d33f0f1082a40 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-source-2.6.27_2.6.27-17.45_all.deb Size/MD5: 52050112 2852d57c251b525e97d6ba66a94f1be5 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/l/linux/acpi-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 36530 ae958becd299698d5f30f722eb07cde7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 265218 1de0174009daaf9e0d3fb8f8e737fa40 http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 53438 46087922e5b4128b6a5f52dcacfbf840 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 43030 e25c2b8fbd4f46654a1ebc6089ef31bc http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 52344 4c16a22c0fe8f2a967f1503953ed5f8c http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 89844 4cc23c275cc1fd6621ac977881b91345 http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 38180 24f5566a9c89334d394fb48d7c3d4949 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 677070 84220f4d0562b59edd2f0865120d4494 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 158618 edbaf560c5847b8f520ad94cd3f8d2d5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 46346 90f299bb91f23a67e0811ae8e0472e70 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ipv6-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 154240 3ccfee605d2ef5a5e87aeb71320b337b http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 313106 896f96e4eb01ff9381aaa78b6e1dc72d http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 2604320 b50756ed8aeeee4a72873b8c60df10b6 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-17-generic_2.6.27-17.45_amd64.deb Size/MD5: 663304 ef966b97630e8096fcf279d6c43b3960 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-17-server_2.6.27-17.45_amd64.deb Size/MD5: 662184 599a4bf3bad78733d35ad1b4a5601a25 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-17-generic_2.6.27-17.45_amd64.deb Size/MD5: 23073032 96da11b5c1a75a1694b4047c1a71b091 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-17-server_2.6.27-17.45_amd64.deb Size/MD5: 23071096 162a682066d9c7d90df92c975698b2cd http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-17-virtual_2.6.27-17.45_amd64.deb Size/MD5: 10479836 39042ef6e7f9049837b4d137450dc41a http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.27-17.45_amd64.deb Size/MD5: 675844 3d711e518906ef37120bccabeaa1da2d http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 434926 cc27207ed63847b17eab47e1978c98fd http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 186500 940e6b351f4975369720543184596a04 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 275594 b525586af57630fd8b4e098cef404ad9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 1810688 13f3abe5b38ff8a704c985dc8f3275b1 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 151324 d883249df4fb86d6d9d1146db5fa1020 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 194282 ee6a6162a8b0615e73a89978fcb9d172 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 168150 696ed64f02936c7200cc9a468302de40 http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 36428 ff94b9ab68b2108fd9d1d2475c211725 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 83436 3dceac801e8b0405790e1a28c960183f http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 71992 2b936af85a4eceb6312ad7ef93a18c88 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 23240 1d34a195f16d39f7895a2bf36281a6c8 http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 9012 454b1c03d70fbf4a917ff2431b6b4f2b http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 68544 cd2e39978716c3448e54d6862877957c http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 110302 ecb1005946c139f2340aaee3e80cd152 http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 1276186 d93285c15892be57cfb76798c746f88d http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 47602 d2039335dc8bb4104fbb473b5ada0d96 http://security.ubuntu.com/ubuntu/pool/main/l/linux/socket-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 13480 5299f432e2db456a3e0743fd786c18f1 http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 393936 83cfaf207498b9a60d4e97cd21309095 http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 200806 5dfbdf4ce61cbe469582c94509160a42 http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb Size/MD5: 13614 c860448fa643364e8776a4947cff9714 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/l/linux/acpi-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 33948 74da15b4b68dc6a03f2da65175b021bd http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 244732 aee21df42a017731c52c53100cbf2f20 http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 55398 f4d1c18a70aec1e3e39572c36318115c http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 41206 42a8188a1ad868fa58aa779b31908d65 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 48698 7e06c0fbdb39f426e1259d35e8f1505e http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 86942 49099dad48131ce191b10c154f096d6a http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 34064 c8cf2cb88451687abb047df2faae44f9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 675492 3e953f324652ef7a01f93aeaa2dc5e55 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 158402 aa593e2736e7b717ea8c561b1e11c27b http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 43624 b2ca8774a7cf447123ea811781e80dbf http://security.ubuntu.com/ubuntu/pool/main/l/linux/ipv6-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 145226 0fbb95dc0bc59baf91447250f19e7d45 http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 302390 991c8e4ef2dda71d6deda5599129a768 http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 2436572 4b845d0a28c2b48ad0c29521bae3a0b1 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-17-generic_2.6.27-17.45_i386.deb Size/MD5: 645046 28f8ea5f653057c350d40feb64d68f2d http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-17-server_2.6.27-17.45_i386.deb Size/MD5: 645340 a4d347f729beffbf9ff1701d21a5f9b2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-17-generic_2.6.27-17.45_i386.deb Size/MD5: 23499764 59f3275c547e9f13f97eba55955725f4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-17-server_2.6.27-17.45_i386.deb Size/MD5: 23635906 c096ba5db0db8b87f67309a9e9c6ff5f http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-17-virtual_2.6.27-17.45_i386.deb Size/MD5: 10117090 7e1648c7b3a3ab2606263ecb20683ba1 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.27-17.45_i386.deb Size/MD5: 675850 3e91710602fec2d4aebafe62a6cdfe80 http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 433078 d1439530f50069f41b4c30b010871b4f http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 171298 68b786d8853574467c792efe3fa62ca5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 264104 3a49c641e4a146fdb634b298c51ca6e9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 1994518 105c6b0fb8b650949da502f3fee2018d http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 150964 dc4178cced6d9c1823d24b2204c15ae9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 184058 a25940b16b7022a52f7b8c78e164a908 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 157856 c628cef1c909819dab1fe2d812dffeba http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 34500 2ea55d8e77aa3065af30ff4d440c059d http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 78286 6d0f7704cdff848dbbfbd5fe60cf0ca7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 86190 c7d8ec25c3d35ea8455e9cf7c1b4ec64 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 51332 79b56b5e7f79a17d45fb7c55f64954b3 http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 8796 e571105caa3bed5fc3576928b03eff31 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 64316 bcb0f12340567e9db7a5dcc3549dcf0e http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 102092 a2556a5171c52abe48ba423b008c6f13 http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 1450234 339572f5e579468fc438b1dd2cc2dcd3 http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 44520 68267a8c684d01c673d4b41bf5d4af69 http://security.ubuntu.com/ubuntu/pool/main/l/linux/socket-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 12642 80e228567fcb814cd67e54aec6abdb41 http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 373158 483599df2e1b6c82a688b413b74e5b91 http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 189720 156d822da222b7fc8b887a4d1b3b7c31 http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb Size/MD5: 12992 7232aad22eb02ec694fa0d41d367a69c Updated packages for Ubuntu 9.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.28-18.59.diff.gz Size/MD5: 7350773 c09bf21927b9609694b39cdd55af21cf http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.28-18.59.dsc Size/MD5: 3198 5ba9f01bd70b951901d1d1667b964b54 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.28.orig.tar.gz Size/MD5: 66766084 062c29b626a55f09a65532538a6184d4 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-doc-2.6.28_2.6.28-18.59_all.deb Size/MD5: 3636694 05fda32db7067b32c0fe593e1acf0533 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.28-18_2.6.28-18.59_all.deb Size/MD5: 8701396 65f8df38ba832ad50c6486d22420efca http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-source-2.6.28_2.6.28-18.59_all.deb Size/MD5: 56998214 3d33148ef29824c1060e1f66b470c6c4 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb Size/MD5: 234600 929bceffa24f85104c08edf073ac1f0e http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb Size/MD5: 44110 6d94c9d8ecfe3b4673d25cce1db2b95b http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb Size/MD5: 43316 d895b0ad91a70c9381fd7e17650fab75 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb Size/MD5: 51116 da4c61dc01f5b5e8fb61cdf14bbbb40a http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb Size/MD5: 90082 dad217572b5b07064b9e12b0062d16b4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb Size/MD5: 38016 5e886058b306b4937f5a4ebe22451db6 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb Size/MD5: 521628 d9f3ffe45b307847935002619ac31ea0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb Size/MD5: 125818 6fbc3c76a739b91e01da41bd535f3791 http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb Size/MD5: 58060 cc30f23edae38f46b0d56f621969fd62 http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb Size/MD5: 312502 9a11c9f0f37fee6a92c59de9df5fca11 http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb Size/MD5: 3872142 cdc4640244b192a5970dfc3d3efe4d7e http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.28-18-generic_2.6.28-18.59_amd64.deb Size/MD5: 689228 bf7aedb2bbb365a73ed77a8976a2701e http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.28-18-server_2.6.28-18.59_amd64.deb Size/MD5: 689122 80cfc63043a2d7231f86ef3e68f0a131 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.28-18-generic_2.6.28-18.59_amd64.deb Size/MD5: 24344078 dca923a8044df0ba9c642d5f2b317867 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.28-18-server_2.6.28-18.59_amd64.deb Size/MD5: 24335914 ad5a4fe70b4555e9399f9a45b58459f9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.28-18-virtual_2.6.28-18.59_amd64.deb Size/MD5: 10551276 b61ed90bb3d3f19f0d2e593c0e9f091a http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.28-18.59_amd64.deb Size/MD5: 766282 f86ee0c95591ea10b578e848b6fdeb5f http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb Size/MD5: 215170 7939440a8813110d952d86b49113e146 http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb Size/MD5: 189496 f7495840a58b11f4ebfaad4d8cf203fe http://security.ubuntu.com/ubuntu/pool/main/l/linux/mouse-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb Size/MD5: 29412 54845dbae313e98befcc172b5e87ac2c http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb Size/MD5: 274480 e029f99b6550bd014f26c45997f76dcc http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb Size/MD5: 1933908 6fa450fb440effd7f4a1d643f5e80ab9 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb Size/MD5: 163464 208a84b0506fcd9cadb25f1b7f9d26b7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb Size/MD5: 194828 596399bbfa9a92e3116c8f8d3a7d1391 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb Size/MD5: 152994 3cf4fb6614c5798cdcca7c8d7fd04a5b http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb Size/MD5: 36486 b3cf4deb0dc4e11f095eb9bcf81546df http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb Size/MD5: 5842 085134ad282a8b2580aa12a6ed64fd9e http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb Size/MD5: 72152 5b6bf270db5279c7d79cbd5fca8e14f6 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb Size/MD5: 22714 a01ded50b855c5ed0580072a2277b74a http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb Size/MD5: 8874 f173072403f51e6e6da399debd91068f http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb Size/MD5: 47442 e822623d7e4ae0bec0ea5094fed67dcf http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb Size/MD5: 15656 2b2e6ad08af592fa3106adb4eb16324e http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb Size/MD5: 1273594 d873a895c58da3fcd5b8a0ea91f9a5ee http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb Size/MD5: 47204 c80f48bd49fddaae0188cf56350445f8 http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb Size/MD5: 72706 dcc76877eef3af00d0280f96cafb6e45 http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb Size/MD5: 126958 b184498c9d2a598d57e293bc09049cda http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb Size/MD5: 13472 1399e0100a81d92448659b83949a62a6 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb Size/MD5: 215860 fe00a3406a5496e200d5c4e5975469f0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb Size/MD5: 46662 d7a61d1e363f9766795132d3325f02c4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb Size/MD5: 41352 7d84e783cf7fc4111eaf964395440369 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb Size/MD5: 47402 2cd024da2955f7e35fe4519c8df5add5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb Size/MD5: 86924 515a3a07357e06f49b2e4384e2af7b8c http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb Size/MD5: 33578 452adbbc84f5a5218610ddad25eb3ea0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb Size/MD5: 525752 1a2c59458472f4a18538df9386396703 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb Size/MD5: 125654 8678d7c3409daf24a373b4d11a0d9263 http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb Size/MD5: 54874 94d4465b06d14b20af5803f2afddf53d http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb Size/MD5: 301338 64a58b9a7ee5d53c2d1a486fe32deb93 http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb Size/MD5: 3746292 099947b9ddfb625da14b96bf1b9f59e6 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.28-18-generic_2.6.28-18.59_i386.deb Size/MD5: 673824 c36739d12d66db8de4b6e270b1c91464 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.28-18-server_2.6.28-18.59_i386.deb Size/MD5: 676398 c7091523d59d0b1cdd4453e12d5983d5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.28-18-generic_2.6.28-18.59_i386.deb Size/MD5: 24662186 cfa5f52488fb3767debfefaf8940f6b5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.28-18-server_2.6.28-18.59_i386.deb Size/MD5: 24777004 b524e2b45df5e9d30ebc81717b5c62d7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.28-18-virtual_2.6.28-18.59_i386.deb Size/MD5: 10250016 09b9af49da34304c1dd280896ce9c0cd http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.28-18.59_i386.deb Size/MD5: 766288 4858bc3941dc0e545195c0b911142a4c http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb Size/MD5: 218106 f4f03360ad8e2ee23a58b534e8a2c045 http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb Size/MD5: 174922 fbc6643612c01e91066a87b6ec9c7125 http://security.ubuntu.com/ubuntu/pool/main/l/linux/mouse-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb Size/MD5: 30064 c8e4db00aa9c0c3b75c47c103d87b4c5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb Size/MD5: 262814 794c683379e359de14db8806fe984f78 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb Size/MD5: 2110070 da3e69dab278584e1abea5ee15d9b47d http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb Size/MD5: 150230 7fc91b8ad535bfb705ba2cb2fc9ff57d http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb Size/MD5: 184326 e505e555ac3bd0c33d00a47f7530f78c http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb Size/MD5: 143584 209207f7e7887594a9d55d17bf1dca76 http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb Size/MD5: 34576 cafc0f5f2db11f69d10e75815d3e9018 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb Size/MD5: 5504 21cfbb5c1aa4c8d82bf3e1412646263f http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb Size/MD5: 86018 0dc7720bee90887f4ebf5c71cf93d611 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb Size/MD5: 47636 fbebe71b83526192c08fd6d797ee8cb1 http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb Size/MD5: 8714 14ed52e8c0a75151dd45acf3cb1ffc34 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb Size/MD5: 44692 27502a17d5ca35cc31a9fd79ae7d2f1d http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb Size/MD5: 14780 2c9ea91e8d8da2bff76c38a6cdce748d http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb Size/MD5: 1445966 33fa2ee03c566924552fc5b413e2ccf1 http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb Size/MD5: 44098 f740dcb377a692e2ff25a65424431e5b http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb Size/MD5: 69290 a7e3130530005bf8fe4edabe8b003888 http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb Size/MD5: 119528 a12c1a5bf9a112402d80e8f77ee87a1c http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb Size/MD5: 12678 6646096dee2575f3bb33510e70bdd52b lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb Size/MD5: 215260 9a096eefa7f5e423c60fea41c314b9a5 http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb Size/MD5: 46664 ba3b534d98d6717395ec66b402b3c701 http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb Size/MD5: 40958 5950f34ca1fbd16f82a42020bc934ec6 http://ports.ubuntu.com/pool/main/l/linux/fb-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb Size/MD5: 47312 0d7d48294720bbd387710d560756ce6a http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb Size/MD5: 86530 9e5c38cd42496250d5fcf951c6b5d4bd http://ports.ubuntu.com/pool/main/l/linux/floppy-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb Size/MD5: 33272 a8890faa31cf92122bcce2991374fe7e http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb Size/MD5: 523810 7b2a58ca4d024926c0f8101ab49242d6 http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb Size/MD5: 125252 f48299cd45e2ef1a74017d1c7653976e http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb Size/MD5: 63568 135fe854fe31d2d8bd9cd09f40a266e5 http://ports.ubuntu.com/pool/main/l/linux/irda-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb Size/MD5: 300756 77668125ff976eaed45f3d2676a46c5f http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb Size/MD5: 3035296 186cc64995c4fd4404241de5399eb0fb http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.28-18-lpia_2.6.28-18.59_lpia.deb Size/MD5: 641460 1a4d29b73378acb8bcf88658f88dd08e http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.28-18-lpia_2.6.28-18.59_lpia.deb Size/MD5: 21796372 d7455e818bf972ef7eb0fe54b7bd96dc http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.28-18.59_lpia.deb Size/MD5: 766260 b67d9c1432185123449ed6826ed9588d http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb Size/MD5: 303982 80fe6dcf6d68a46047ef6ddc2c098614 http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb Size/MD5: 157406 2cc8f76d83482452bb6073656a80b2ee http://ports.ubuntu.com/pool/main/l/linux/mouse-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb Size/MD5: 24442 28180da41edae2700e4c8a0e4f1c656f http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb Size/MD5: 260414 49a0b6bd418a0ff1d274ce8f602e2733 http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb Size/MD5: 2027576 241ee9a564502f3d8837806d5e6480d0 http://ports.ubuntu.com/pool/main/l/linux/nic-pcmcia-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb Size/MD5: 149398 b14f79b842c979418dec65e273836cd0 http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb Size/MD5: 184736 a159624d12831598d35c3b00ba563182 http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb Size/MD5: 143238 2720ae4f8cdad85066fc888e7fc3c796 http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb Size/MD5: 34462 582363a3843fdbded2476793775ace76 http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb Size/MD5: 5496 67c7245d730a7b241eb9947afeef7669 http://ports.ubuntu.com/pool/main/l/linux/pcmcia-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb Size/MD5: 85646 6a31ffe0054c27df1506ae34162ab79e http://ports.ubuntu.com/pool/main/l/linux/pcmcia-storage-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb Size/MD5: 47402 ff41a000c4a3abbed18330e905a01b7b http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb Size/MD5: 8718 15aa2d8fafced6b6e3b5a24c698b4089 http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb Size/MD5: 63106 7a967940a04c1ee6a9626258e608b54c http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb Size/MD5: 14720 dc899d8630769d6270526c49f99a2af8 http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb Size/MD5: 1447832 400eeba1e83569d777954b21b6df593c http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb Size/MD5: 43898 16b0a1310e3f70dccfc8d0d5f971b064 http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb Size/MD5: 155186 b22b41e37f88fe49531f5580e0f7f712 http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb Size/MD5: 172666 df244ff125096be469b1c56a30f1e05f http://ports.ubuntu.com/pool/main/l/linux/virtio-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb Size/MD5: 8154 f2d765541e008431b4d3eae00f435b61 Updated packages for Ubuntu 9.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-ec2_2.6.31-304.10.dsc Size/MD5: 2450 610bb83247876f8a8b47a0fd0d46fae8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-ec2_2.6.31-304.10.tar.gz Size/MD5: 87052080 62b9dcb9ad24e659db1aa085f9e5a456 http://security.ubuntu.com/ubuntu/pool/main/l/linux-fsl-imx51/linux-fsl-imx51_2.6.31-108.21.dsc Size/MD5: 1906 a39c7ff46fb3ff74480d0e98366a486d http://security.ubuntu.com/ubuntu/pool/main/l/linux-fsl-imx51/linux-fsl-imx51_2.6.31-108.21.tar.gz Size/MD5: 81902928 c9e88b4f386710c3f22979986a7e3a34 http://security.ubuntu.com/ubuntu/pool/main/l/linux-mvl-dove/linux-mvl-dove_2.6.31-211.22.dsc Size/MD5: 1943 25176b20de251c2e58bb95e2dd9c1c7b http://security.ubuntu.com/ubuntu/pool/main/l/linux-mvl-dove/linux-mvl-dove_2.6.31-211.22.tar.gz Size/MD5: 82470873 4d5238d3d11105852133d3eb802a95cc http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.31-19.56.diff.gz Size/MD5: 2811600 b2b44f12a786758d470e6a29c09d0388 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.31-19.56.dsc Size/MD5: 3782 ae6bf5844769d00004b919a6f61d588c http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.31.orig.tar.gz Size/MD5: 78278595 16c0355d3612806ef87addf7c9f8c9f9 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-ec2-doc_2.6.31-304.10_all.deb Size/MD5: 3790328 e35ab5c36ee1bac625d2a57bd19e0c5c http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-ec2-source-2.6.31_2.6.31-304.10_all.deb Size/MD5: 64258256 70b947cc9e9012c9472f2c317f11ffae http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-headers-2.6.31-304_2.6.31-304.10_all.deb Size/MD5: 9662096 ac58cebef695901ea01bc7413b79109f http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-doc_2.6.31-19.56_all.deb Size/MD5: 3791668 3836f273873fedf9d2293ee0d11df6ce http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.31-19_2.6.31-19.56_all.deb Size/MD5: 9531414 34d882276f33b0e37135c379a6e1c451 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-source-2.6.31_2.6.31-19.56_all.deb Size/MD5: 62161518 9d3f3f79b9f14db8bd3dc68594eb8c8c amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-headers-2.6.31-304-ec2_2.6.31-304.10_amd64.deb Size/MD5: 603212 951db7e930eefc5fff9017c56badfb6e http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-image-2.6.31-304-ec2_2.6.31-304.10_amd64.deb Size/MD5: 18660056 e39dda7f87b093e927c34a928b842c7a http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb Size/MD5: 221398 682a7dab5b571a7b2fd31f19daf724c1 http://security.ubuntu.com/ubuntu/pool/main/l/linux/char-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb Size/MD5: 15536 55206db30b20aea4d7da38b342fc095d http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb Size/MD5: 52128 1cde23d38ba6908e1123951ef4bc3c69 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb Size/MD5: 44828 94402e34a45cf232ae86f3cc08bf7f4f http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb Size/MD5: 50072 65e128949b6f525d9028187fe1e7cc37 http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb Size/MD5: 92518 338960088cec6b9b25ef2a96e96f3ebc http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb Size/MD5: 37776 452d9c073d191ec2be1cad3aceb34490 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb Size/MD5: 537676 6bb8167794701151c613afe28a5c62c5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb Size/MD5: 130666 ff5cf8923b89d0fa4b5c3c4a61ef93f7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb Size/MD5: 53846 ffdc544c68e862a0a3038c99ac2d73a3 http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb Size/MD5: 310118 c2092f9a83a4f59145005f2c451d304b http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb Size/MD5: 4353666 3a04bb875ae70561075d05d5bb208977 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.31-19-generic_2.6.31-19.56_amd64.deb Size/MD5: 694766 85017cb531a49ea743cb7b30341b5ffa http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.31-19-server_2.6.31-19.56_amd64.deb Size/MD5: 694938 550a64d6d54ee5f34f1fb9eefbd4cc3e http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.31-19-generic_2.6.31-19.56_amd64.deb Size/MD5: 28924984 3001e6d36f6bf76621997bdbeb864234 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.31-19-server_2.6.31-19.56_amd64.deb Size/MD5: 28885946 ff6296f4c684dd9facb011fc51b0b6f0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.31-19-virtual_2.6.31-19.56_amd64.deb Size/MD5: 11740736 287948976d92a7cae832a34ce33a99b1 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.31-19.56_amd64.deb Size/MD5: 743052 35cb9d5d80b77a2586d08ffb65d3212a http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb Size/MD5: 168272 fc4758b6b91802971538d3a3c519056d http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb Size/MD5: 202768 73cfe4be43d350582d171ff0e178b6b5 http://security.ubuntu.com/ubuntu/pool/main/l/linux/mouse-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb Size/MD5: 27268 ae850a5e0ba4381a290b8f21ff88737f http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb Size/MD5: 311688 3dab8c023e4aad0df74c5193aeaca49b http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb Size/MD5: 2282064 f09b0e8828effab3770bfc1da159a8f2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb Size/MD5: 158666 6765112bf6fed248c08465e47b4dab00 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb Size/MD5: 203112 fed91a4bc3d356a5a9bb1c6110337413 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb Size/MD5: 161072 faec6563ccef41e925482b36619fca7c http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb Size/MD5: 38056 505cbeb1fdbf55eea7664a19dcedc11f http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb Size/MD5: 5762 a3ba57f83594477b27886cb3f4bd1b0d http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb Size/MD5: 73750 53978367ed22b3daba246878064b72c2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb Size/MD5: 22240 8a1036af3dacffb432813cc8422f6ae8 http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb Size/MD5: 9548 f1e71c2129cc33f1ff139401b7b81547 http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb Size/MD5: 39844 48e4aa79753fdb3ce1877ca1817b9fc6 http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb Size/MD5: 23484 f1be46cb2947ebe6b6d2e5b571d71a35 http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb Size/MD5: 1389556 2ba51ea53e5454f75c8b39f21481e45d http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb Size/MD5: 47382 89f1dff9282f3c667cf1b8c2bc41353c http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb Size/MD5: 51636 41311bd8c8459ba04789539733e6ff5c http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb Size/MD5: 128972 9697c034ed2bb74b5d18c5ae31fe1af0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb Size/MD5: 15814 8f46e8ddd6cac16dbdbc7c89cc94bee0 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-headers-2.6.31-304-ec2_2.6.31-304.10_i386.deb Size/MD5: 573528 fa913abed6caeb5c33eb2167f730956f http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-image-2.6.31-304-ec2_2.6.31-304.10_i386.deb Size/MD5: 17943372 803487f6122441604ec3062e7bb98228 http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb Size/MD5: 198832 3282a330510666a582f6b8c0269d2f53 http://security.ubuntu.com/ubuntu/pool/main/l/linux/char-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb Size/MD5: 32458 03e2d90ce28677b7956fa2a72726d02e http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb Size/MD5: 49938 c0d1953d9212f1569f04e8c8ba0db7ca http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb Size/MD5: 42118 db5bcc80727cd1013bc8393df2a88e4c http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb Size/MD5: 45954 2d497ad958e7e7fc1b57ce51ff6b3570 http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb Size/MD5: 87386 8e3ab58cf14ac0e97a334a65ae3e42ba http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb Size/MD5: 33754 bdbf52c3d681cca0ecdced183d2d37c4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb Size/MD5: 534176 5f166aa72d31a95df7cdb60abe4a0fc2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb Size/MD5: 128172 821c97524ce74e0685b135140c5261d7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb Size/MD5: 49748 9423b0562b984b85856d219d7b67fa27 http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb Size/MD5: 295726 0736ef03d01a5e5e4fdf284ad2be5409 http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb Size/MD5: 4185460 831a6068ef18d08ff697df14dead1668 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.31-19-386_2.6.31-19.56_i386.deb Size/MD5: 674832 6c28f2a428900b7c3ecd857dd2363150 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.31-19-generic-pae_2.6.31-19.56_i386.deb Size/MD5: 674164 daade678beff67e96da61f42286bb8d4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.31-19-generic_2.6.31-19.56_i386.deb Size/MD5: 674252 0786c96b6d902a71c6f1a2e5aa202345 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.31-19-386_2.6.31-19.56_i386.deb Size/MD5: 28775482 99e9b99d437aa88ec42e838367ca0c3b http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.31-19-generic-pae_2.6.31-19.56_i386.deb Size/MD5: 28938194 19d1d147a9e9dfb49fcd30b9d065d289 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.31-19-generic_2.6.31-19.56_i386.deb Size/MD5: 28836780 00047de0d649be8b91c813fe7ee482b7 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.31-19-virtual_2.6.31-19.56_i386.deb Size/MD5: 11193984 1848c77671f6d9129f990e1a0a9940d0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.31-19.56_i386.deb Size/MD5: 743050 af6030dae8f05d7ef583ee7d6f31be8b http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb Size/MD5: 172774 c11dd36baffeccf283ce48e122d7c791 http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb Size/MD5: 186104 072e07c277b4f37611b21aad4390ccb0 http://security.ubuntu.com/ubuntu/pool/main/l/linux/mouse-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb Size/MD5: 28372 82c8b14ef6982a48d3a8459d56ede43c http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb Size/MD5: 292792 6c99c3b65ff7b159af94edf70358cb4a http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb Size/MD5: 2400232 94729dcb0c5adb15ded7b3302c4005eb http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb Size/MD5: 142004 9e43481b4e46409d8e711a628ce5e40a http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb Size/MD5: 189566 83afe6de56cab613b4f890723a82a6b4 http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb Size/MD5: 148522 b96767af921427e880579659ba7b757a http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb Size/MD5: 35306 a6a1cbe7a75490632f24cad479916315 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb Size/MD5: 6842 86b286685eabaf8b6d28d3f922249503 http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb Size/MD5: 86058 c014cfa81ab99a01793d25b995c7d75f http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb Size/MD5: 46424 d525bcf1a39f6a21f09d52d24e6a0eb3 http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb Size/MD5: 8916 f9efb7f192c3cc22c14df58803a64dfc http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb Size/MD5: 36282 1d843fa9ef5beed8582f2924d0b53bcc http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb Size/MD5: 21660 3ad0b4572c12885957a3b753fc3b9fe3 http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb Size/MD5: 1495010 630f37fe420a74a22b4ca2eba4960999 http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb Size/MD5: 44088 fddf56b0285ec3d0e6fc61e0fe8b86e2 http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb Size/MD5: 48484 2614a20d6d57892a8789091eeeaa67b3 http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb Size/MD5: 117810 ff004889bca11286287a59c36fa24c0e http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb Size/MD5: 14526 4c9cb3d5598c843bf5b90ddf0292d3c1 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb Size/MD5: 198810 76156647956f29c9e519aeac038c63bb http://ports.ubuntu.com/pool/main/l/linux/char-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb Size/MD5: 32452 9a5dd5fe15dda0be28f7afd966e89af9 http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb Size/MD5: 49936 31c4008b50016b2a6c3a90703f2becbb http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb Size/MD5: 42148 931518b24b123d3749719c35b2b23759 http://ports.ubuntu.com/pool/main/l/linux/fb-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb Size/MD5: 45950 297c686f52a35049b3b2c87a96aebf68 http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb Size/MD5: 87366 ec3f16cc0aeeef91b8c887ff347b6b0a http://ports.ubuntu.com/pool/main/l/linux/floppy-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb Size/MD5: 33750 a29ddd339c071c5b948c96e30f36f650 http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb Size/MD5: 534366 b15b19f3e6c581d22514700dbd6502d8 http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb Size/MD5: 128202 3d0f559a80187074bb210e3dae3bbfa0 http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb Size/MD5: 49732 41abb7e30f0bdac62c5cd064c4b0ac3e http://ports.ubuntu.com/pool/main/l/linux/irda-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb Size/MD5: 295732 12e912ce1f15d580960e7956de0c4ae0 http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb Size/MD5: 4186814 7c18e86a3f5a5a985488ad67718887f9 http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.31-19-lpia_2.6.31-19.56_lpia.deb Size/MD5: 674880 5dd2779cd5be613c330b7dc35410f271 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.31-19-lpia_2.6.31-19.56_lpia.deb Size/MD5: 28831528 8eaab1870eda62e8ee231e429c361455 http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.31-19.56_lpia.deb Size/MD5: 742994 99d2d0609d9032e2810e19c92fc92834 http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb Size/MD5: 172836 8b15eb5579853f45dc49055351df4225 http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb Size/MD5: 186092 0eb0ceb5c23748d829f3e1d7977a35be http://ports.ubuntu.com/pool/main/l/linux/mouse-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb Size/MD5: 28366 0301ac544cf27b3dce660787d7575804 http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb Size/MD5: 292736 16e84844c99e73b4e00419c38d78db3d http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb Size/MD5: 2400366 43dda8f1a10775e382e7a328381265db http://ports.ubuntu.com/pool/main/l/linux/nic-pcmcia-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb Size/MD5: 141998 930123e6b57798468d7085ae9f549150 http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb Size/MD5: 189564 8d6e18aedb4b970a3643207b96589863 http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb Size/MD5: 148506 78efdbf1323c68be564ad06205842cb6 http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb Size/MD5: 35300 054cf95e7af87d6f744b69eb8166f275 http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb Size/MD5: 6828 5dbf32d40e88f471614e5cf286670e8f http://ports.ubuntu.com/pool/main/l/linux/pcmcia-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb Size/MD5: 86054 f24e7eaa3608985960e54a9048a24fb6 http://ports.ubuntu.com/pool/main/l/linux/pcmcia-storage-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb Size/MD5: 46410 80945eba79f53965effd546d23a8560b http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb Size/MD5: 8906 e1c6021a615a4363dde2cf4a893fa53b http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb Size/MD5: 36270 eb2848e19ec2351b9102bc640e546991 http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb Size/MD5: 21660 cfb271e26dfd127871f5d27547e0a7ba http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb Size/MD5: 1494736 44113d529e3f4d3828f8719facd86370 http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb Size/MD5: 44068 98817942a8188bd9281def20a1d327bb http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb Size/MD5: 48474 ebc9e58b5f98182006d6e3bb9c5ce179 http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb Size/MD5: 117786 9b864dfc32d19a8cf2d61a68894835e9 http://ports.ubuntu.com/pool/main/l/linux/virtio-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb Size/MD5: 14524 9ad51e3871197eb84b193bd9a3b29ec2 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb Size/MD5: 321488 509ad8549565d0d87fe246df5b26c7af http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb Size/MD5: 263628 b7028cc16ec749cc2fdd86e985c7bc6a http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb Size/MD5: 58850 3e2f18df29a75debc326e5919c9c13da http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb Size/MD5: 67040 8fdde64943d01e5c6a372424d3d24a03 http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb Size/MD5: 45914 6a21bb6fc6dce2767be6f974ffdab524 http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb Size/MD5: 51296 4c928d4f04bf96f5cdc5ccf7d3a60c81 http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb Size/MD5: 90684 eac2ea55da023924723593afffbb5d2c http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb Size/MD5: 105146 c407a156a5e56f284fa682d87d2ed50e http://ports.ubuntu.com/pool/main/l/linux/floppy-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb Size/MD5: 39492 38f377d5a0bdbbbb642545aa6d7f641c http://ports.ubuntu.com/pool/main/l/linux/floppy-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb Size/MD5: 39270 47f890e2a1418595d92858350aa16475 http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb Size/MD5: 580998 825045ff82a442eaf1a21a5448b0cefb http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb Size/MD5: 626388 b56b5416b642ba57471e6e125b99a32f http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb Size/MD5: 149292 930001a305b0f78060f3472fe46cde00 http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb Size/MD5: 147332 ef6994c30f19462a7fc0cb7cd8f4dacc http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb Size/MD5: 79750 75c6da2308e05334f89f62917aee5b3d http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb Size/MD5: 84136 caf2a7e924b03340e579e9bdc0a7ba50 http://ports.ubuntu.com/pool/main/l/linux/irda-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb Size/MD5: 402954 9fc3d4860f5c32aff3ac252379938fef http://ports.ubuntu.com/pool/main/l/linux/irda-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb Size/MD5: 342516 5737df8ea2adfc45ecae9d322931187a http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb Size/MD5: 3813204 3ac91a51b3525bfbb0f6166fc140d7db http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb Size/MD5: 5193132 54dce7348221bcc93bbc01512d553a16 http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.31-19-powerpc-smp_2.6.31-19.56_powerpc.deb Size/MD5: 784762 523b94315bff20137df79c5308abd5b7 http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.31-19-powerpc64-smp_2.6.31-19.56_powerpc.deb Size/MD5: 801042 2a8e55b23ad4dc09ee3cbb2fdc23cc28 http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.31-19-powerpc_2.6.31-19.56_powerpc.deb Size/MD5: 783708 185ba99656f4fa37874e0241e9f25dbb http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.31-19-powerpc-smp_2.6.31-19.56_powerpc.deb Size/MD5: 24820746 adc5365726ba88565ad89953707bd012 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.31-19-powerpc64-smp_2.6.31-19.56_powerpc.deb Size/MD5: 25829918 fc82da730c6d730c5a4ac87d30594749 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.31-19-powerpc_2.6.31-19.56_powerpc.deb Size/MD5: 24656226 7791f88107e97c5419f0e2d2f850c38e http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.31-19.56_powerpc.deb Size/MD5: 728146 1dabe36864839475aab9293825cfc3e4 http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb Size/MD5: 271924 8fb200d91f158f9b0eb209df5a5ffcd4 http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb Size/MD5: 294610 317f7d34e3cd0ac823fcc5d48bcc9a7f http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb Size/MD5: 210546 041508a9555e18e2b8b4cab41b26f397 http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb Size/MD5: 216984 845e2e452ef869aa3b39ea47bfa0280b http://ports.ubuntu.com/pool/main/l/linux/mouse-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb Size/MD5: 25798 19a7cae7e4f693c269f54dc0f2762f33 http://ports.ubuntu.com/pool/main/l/linux/mouse-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb Size/MD5: 28984 419926b33e2b573f8d3ccaa5ade657f1 http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb Size/MD5: 314922 83dcb63807ffb50682219b20333c23bc http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb Size/MD5: 357524 a32753bfca44b1afb9b11f72b25ebb9e http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb Size/MD5: 2027754 9b45ff8446ec0bad5befec2dc3ecdb72 http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb Size/MD5: 2247744 35d212f7569bb03564a7f0294879557f http://ports.ubuntu.com/pool/main/l/linux/nic-pcmcia-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb Size/MD5: 213544 3fb9afb7247290ffb3508744ab6cbb9f http://ports.ubuntu.com/pool/main/l/linux/nic-pcmcia-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb Size/MD5: 209776 e42b20eb402cb2a55fea2a80f5cef162 http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb Size/MD5: 210242 78939115c860efacb83481c0687f1a7a http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb Size/MD5: 244856 8fcff5fb05c0921681ec2bb44637c624 http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb Size/MD5: 111834 a6b65e618a3240d51f36f37911d1d7cc http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb Size/MD5: 131610 dc5625deacbac446e71517f5902376b1 http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb Size/MD5: 49028 ac60e4bf193e7725de6d8999c6231915 http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb Size/MD5: 44082 531b2cbe15ec2f62fe61bd7002b1df02 http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb Size/MD5: 5852 f049a9332d469b247e451868b4f22cce http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb Size/MD5: 6504 32fb4de3cd714598281c2d4d5d2ee6d6 http://ports.ubuntu.com/pool/main/l/linux/pcmcia-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb Size/MD5: 79118 e98cffbfe6f6cbffcfa6dce199dc6c46 http://ports.ubuntu.com/pool/main/l/linux/pcmcia-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb Size/MD5: 85190 e648dc2d3e124d68c47d4ec18836097f http://ports.ubuntu.com/pool/main/l/linux/pcmcia-storage-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb Size/MD5: 74318 19b737ad1f43e7be1c6cc7e211085424 http://ports.ubuntu.com/pool/main/l/linux/pcmcia-storage-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb Size/MD5: 27228 0b5b4529d140289e616bded832055cbc http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb Size/MD5: 8538 9010c080bd63660bf529930565d49f62 http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb Size/MD5: 9818 e909c37d26354ddbdceddc72628d71b3 http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb Size/MD5: 58830 ae6573a0664b5486360156dd6711776c http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb Size/MD5: 70140 83085dfd5f4bb24ab67dd967e6b609cc http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb Size/MD5: 23714 86a598e1b13e4d6963475732e7a1097a http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb Size/MD5: 30804 b382bc0bfffd61156d0f8b3dc90bd307 http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb Size/MD5: 1556894 ea2800c85a0115ad2e524a8b4ab4cb91 http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb Size/MD5: 1509110 e42499f8bdbad020301a11617f6b65a8 http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb Size/MD5: 81698 095ff78875bae0b90edd07ac3b51993d http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb Size/MD5: 88530 1a36ce88a0c6f7b495c869da15bf9d69 http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb Size/MD5: 64400 8ff9a2aef998409440c1139f3db8c7ee http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb Size/MD5: 76990 392faa17f8c688e3856d91fb657eba09 http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb Size/MD5: 141540 636e6d1827591a3aa46b82d7dc0b8ab6 http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb Size/MD5: 151356 0f39f4d13770ceab049be6fb9c83fc16 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb Size/MD5: 139430 14f825a3334b18614059312527002767 http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb Size/MD5: 70106 6dde178febff58a546142209374e1616 http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb Size/MD5: 46510 64b0be995ce3d697a84cd3b0665ffe68 http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb Size/MD5: 93974 28048300aba15f2a3937723bc0afc5cd http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb Size/MD5: 588788 c17e7feb3442296b7ed93c92cb988625 http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb Size/MD5: 148426 6f429deb9df760daf28c04ad93ea6758 http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb Size/MD5: 75862 6f382de52d9e1b52611c70a703895e5d http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb Size/MD5: 2892370 ec9440bb8ee05a7ac071992c5711139f http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.31-19-sparc64-smp_2.6.31-19.56_sparc.deb Size/MD5: 601506 1b56c59b3df953a640760b876d752465 http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.31-19-sparc64_2.6.31-19.56_sparc.deb Size/MD5: 600680 166e5056f971d5fa031230c1af67d028 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.31-19-sparc64-smp_2.6.31-19.56_sparc.deb Size/MD5: 20496992 6ebab55c96d6be71ffb8c3a493d31a74 http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.31-19-sparc64_2.6.31-19.56_sparc.deb Size/MD5: 20193918 98b3c6e44f8e302cca36530b434e9525 http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.31-19.56_sparc.deb Size/MD5: 740254 b1a453339b4d68717a445f07b87b53a4 http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb Size/MD5: 266068 1b8caecb838a9dd9b9c765f6603197a3 http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb Size/MD5: 209168 e0e78f6a435e0ca46d5680e08d6e8db0 http://ports.ubuntu.com/pool/main/l/linux/mouse-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb Size/MD5: 26268 f730be03c2b96e53e779a5d3df4cde93 http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb Size/MD5: 314080 b673ee07d0c907d6ba00a561b915868d http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb Size/MD5: 1675490 8642bd711b6643bd26ddc80674cef9e4 http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb Size/MD5: 222882 136f6b9e24a16823f7309438fd0bd60a http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb Size/MD5: 121954 75090ea655204cc898db4634fc8aa021 http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb Size/MD5: 38798 a11bcf765626194255c1d5a7d0106c2a http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb Size/MD5: 100798 af5903bc65fd381528f733fb1ba4100f http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb Size/MD5: 8932 ebcb23a73a538276e41fcff9b7bb1d15 http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb Size/MD5: 62926 7eba529ee44c2e107b693605dcbf1247 http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb Size/MD5: 120960 8f63ad112de0797974650631dee53d13 http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb Size/MD5: 1217912 87a2a4f21ee86e0f36bc5298a226513b http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb Size/MD5: 101576 057a15ca3fa891e47216adcf5ae071f7 http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb Size/MD5: 200148 f90834ae24c0f516ef83fa5aa66bafbb http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb Size/MD5: 184674 d704744a26941df63b9195288306fa7b . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2010-0009 Synopsis: ESXi ntp and ESX Service Console third party updates Issue date: 2010-05-27 Updated on: 2010-05-27 (initial release of advisory) CVE numbers: CVE-2009-2695 CVE-2009-2908 CVE-2009-3228 CVE-2009-3286 CVE-2009-3547 CVE-2009-3613 CVE-2009-3612 CVE-2009-3620 CVE-2009-3621 CVE-2009-3726 CVE-2007-4567 CVE-2009-4536 CVE-2009-4537 CVE-2009-4538 CVE-2006-6304 CVE-2009-2910 CVE-2009-3080 CVE-2009-3556 CVE-2009-3889 CVE-2009-3939 CVE-2009-4020 CVE-2009-4021 CVE-2009-4138 CVE-2009-4141 CVE-2009-4272 CVE-2009-3563 CVE-2009-4355 CVE-2009-2409 CVE-2009-0590 CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1386 CVE-2009-1387 CVE-2009-4212 CVE-2009-1384 CVE-2010-0097 CVE-2010-0290 CVE-2009-3736 CVE-2010-0001 CVE-2010-0426 CVE-2010-0427 CVE-2010-0382 - ------------------------------------------------------------------------ 1. Summary ESXi update for ntp and ESX Console OS (COS) updates for COS kernel, openssl, krb5, gcc, bind, gzip, sudo. 2. Relevant releases VMware ESX 4.0.0 without patches ESX400-201005401-SG, ESX400-201005406-SG, ESX400-201005408-SG, ESX400-201005407-SG, ESX400-201005405-SG, ESX400-201005409-SG 3. Problem Description a. Service Console update for COS kernel Updated COS package "kernel" addresses the security issues that are fixed through versions 2.6.18-164.11.1. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2009-2695, CVE-2009-2908, CVE-2009-3228, CVE-2009-3286, CVE-2009-3547, CVE-2009-3613 to the security issues fixed in kernel 2.6.18-164.6.1 The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2009-3612, CVE-2009-3620, CVE-2009-3621, CVE-2009-3726 to the security issues fixed in kernel 2.6.18-164.9.1. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2007-4567, CVE-2009-4536, CVE-2009-4537, CVE-2009-4538 to the security issues fixed in kernel 2.6.18-164.10.1 The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2006-6304, CVE-2009-2910, CVE-2009-3080, CVE-2009-3556, CVE-2009-3889, CVE-2009-3939, CVE-2009-4020, CVE-2009-4021, CVE-2009-4138, CVE-2009-4141, and CVE-2009-4272 to the security issues fixed in kernel 2.6.18-164.11.1. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX 4.0 ESX ESX400-201005401-SG ESX 3.5 ESX not applicable ESX 3.0.3 ESX not applicable ESX 2.5.5 ESX not applicable vMA 4.0 RHEL5 affected, patch pending * hosted products are VMware Workstation, Player, ACE, Server, Fusion. b. ESXi userworld update for ntp The Network Time Protocol (NTP) is used to synchronize the time of a computer client or server to another server or reference time source. A vulnerability in ntpd could allow a remote attacker to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-3563 to this issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected hosted * any any not affected ESXi 4.0 ESXi ESXi400-201005401-SG ESXi 3.5 ESXi affected, patch pending ESX any ESX not applicable vMA any RHEL5 not applicable * hosted products are VMware Workstation, Player, ACE, Server, Fusion. c. Service Console package openssl updated to 0.9.8e-12.el5_4.1 OpenSSL is a toolkit implementing SSL v2/v3 and TLS protocols with full-strength cryptography world-wide. A memory leak in the zlib could allow a remote attacker to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-4355 to this issue. A vulnerability was discovered which may allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash collision in less than brute-force time. NOTE: the scope of this issue is currently limited because the amount of computation required is still large. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-2409 to this issue. This update also includes security fixes that were first addressed in version openssl-0.9.8e-12.el5.i386.rpm. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the names CVE-2009-0590, CVE-2009-1377, CVE-2009-1378, CVE-2009-1379, CVE-2009-1386 and CVE-2009-1387 to these issues. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX 4.0 ESX ESX400-201005401-SG ESX 3.5 ESX not applicable ESX 3.0.3 ESX not applicable ESX 2.5.5 ESX not applicable vMA 4.0 RHEL5 affected, patch pending** * hosted products are VMware Workstation, Player, ACE, Server, Fusion. ** see VMSA-2010-0004 d. Service Console update for krb5 to 1.6.1-36.el5_4.1 and pam_krb5 to 2.2.14-15. Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. Multiple integer underflows in the AES and RC4 functionality in the crypto library could allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by providing ciphertext with a length that is too short to be valid. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-4212 to this issue. The service console package for pam_krb5 is updated to version pam_krb5-2.2.14-15. This update fixes a flaw found in pam_krb5. In some non-default configurations (specifically, where pam_krb5 would be the first module to prompt for a password), a remote attacker could use this flaw to recognize valid usernames, which would aid a dictionary-based password guess attack. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-1384 to this issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX 4.0 ESX ESX400-201005406-SG ESX 3.5 ESX affected, patch pending ESX 3.0.3 ESX affected, patch pending ESX 2.5.5 ESX affected, patch pending vMA 4.0 RHEL5 affected, patch pending * hosted products are VMware Workstation, Player, ACE, Server, Fusion. e. Service Console package bind updated to 9.3.6-4.P1.el5_4.2 BIND (Berkeley Internet Name Daemon) is by far the most widely used Domain Name System (DNS) software on the Internet. A vulnerability was discovered which could allow remote attacker to add the Authenticated Data (AD) flag to a forged NXDOMAIN response for an existing domain. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2010-0097 to this issue. A vulnerability was discovered which could allow remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains CNAME or DNAME records, which do not have the intended validation before caching. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2010-0290 to this issue. A vulnerability was found in the way that bind handles out-of- bailiwick data accompanying a secure response without re-fetching from the original source, which could allow remote attackers to have an unspecified impact via a crafted response. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2010-0382 to this issue. NOTE: ESX does not use the BIND name service daemon by default. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX 4.0 ESX ESX400-201005408-SG ESX 3.5 ESX not applicable ESX 3.0.3 ESX not applicable ESX 2.5.5 ESX not applicable vMA 4.0 RHEL5 affected, patch pending * hosted products are VMware Workstation, Player, ACE, Server, Fusion. f. Service Console package gcc updated to 3.2.3-60 The GNU Compiler Collection includes front ends for C, C++, Objective-C, Fortran, Java, and Ada, as well as libraries for these languages GNU Libtool's ltdl.c attempts to open .la library files in the current working directory. This could allow a local user to gain privileges via a Trojan horse file. The GNU C Compiler collection (gcc) provided in ESX contains a statically linked version of the vulnerable code, and is being replaced. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-3736 to this issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected hosted * any any not affected ESXi any ESXi not applicable ESX 4.0 ESX ESX400-201005407-SG ESX 3.5 ESX affected, patch pending ESX 3.0.3 ESX affected, patch pending ESX 2.5.5 ESX affected, patch pending vMA 4.0 RHEL5 affected, patch pending * hosted products are VMware Workstation, Player, ACE, Server, Fusion. g. Service Console package gzip update to 1.3.3-15.rhel3 gzip is a software application used for file compression An integer underflow in gzip's unlzw function on 64-bit platforms may allow a remote attacker to trigger an array index error leading to a denial of service (application crash) or possibly execute arbitrary code via a crafted LZW compressed file. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2010-0001 to this issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX 4.0 ESX ESX400-201005405-SG ESX 3.5 ESX affected, patch pending ESX 3.0.3 ESX affected, patch pending ESX 2.5.5 ESX affected, patch pending vMA 4.0 RHEL5 affected, patch pending * hosted products are VMware Workstation, Player, ACE, Server, Fusion. h. Service Console package sudo updated to 1.6.9p17-6.el5_4 Sudo (su "do") allows a system administrator to delegate authority to give certain users (or groups of users) the ability to run some (or all) commands as root or another user while providing an audit trail of the commands and their arguments. When a pseudo-command is enabled, sudo permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain privileges via a crafted executable file. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2010-0426 to this issue. When the runas_default option is used, sudo does not properly set group memberships, which allows local users to gain privileges via a sudo command. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2010-0427 to this issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX 4.0 ESX ESX400-201005409-SG ESX 3.5 ESX not applicable ESX 3.0.3 ESX not applicable ESX 2.5.5 ESX not applicable vMA 4.0 RHEL5 affected, patch pending * hosted products are VMware Workstation, Player, ACE, Server, Fusion. 4. Solution Please review the patch/release notes for your product and version and verify the md5sum of your downloaded file. ESX 4.0 ------- http://bit.ly/aqTCqn md5sum: ace37cd8d7c6388edcea2798ba8be939 sha1sum: 8fe7312fe74a435e824d879d4f1ff33df25cee78 http://kb.vmware.com/kb/1013127 Note ESX400-201005001 contains the following security bulletins ESX400-201005404-SG (ntp), ESX400-201005405-SG (gzip), ESX400-201005408-SG (bind), ESX400-201005401-SG (kernel, openssl), ESX400-201005406-SG (krb5, pam_krb5), ESX400-201005402-SG (JRE), ESX400-201005403-SG (expat), ESX400-201005409-SG (sudo), ESX400-201005407-SG (gcc). 5. References CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2695 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2908 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3228 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3286 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3547 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3613 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3612 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3620 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3621 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3726 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4567 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4536 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4537 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4538 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6304 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2910 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3080 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3556 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3889 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3939 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4020 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4021 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4138 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4141 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4272 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4355 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2409 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1377 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1379 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1386 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1387 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4212 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1384 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0290 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0001 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0426 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0427 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0382 - ------------------------------------------------------------------------ 6. Change log 2010-05-27 VMSA-2010-0009 Initial security advisory after release of patch 06 bulletins for ESX 4.0 on 2010-05-27 - ----------------------------------------------------------------------- 7. Contact E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce This Security Advisory is posted to the following lists: * security-announce at lists.vmware.com * bugtraq at securityfocus.com * full-disclosure at lists.grok.org.uk E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055 VMware Security Center http://www.vmware.com/security VMware security response policy http://www.vmware.com/support/policies/security_response.html General support life cycle policy http://www.vmware.com/support/policies/eos.html VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html Copyright 2010 VMware Inc. All rights reserved. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) iEYEARECAAYFAkv/V8IACgkQS2KysvBH1xnqNgCcCwwelsQK6DQjcTc2wnIPp0EW E70An2gfkiCQ5FNqvf3y+kNredxyVZwI =JW3s -----END PGP SIGNATURE----- . ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: Linux Kernel e1000 Driver Denial of Service Vulnerability SECUNIA ADVISORY ID: SA35265 VERIFY ADVISORY: http://secunia.com/advisories/35265/ DESCRIPTION: A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the "e1000_clean_rx_irq()" function in drivers/net/e1000/e1000_main.c. This can be exploited to cause a kernel panic via specially crafted network packets sent to an affected system. SOLUTION: Fixed in the GIT repository. http://git.kernel.org/linus/ea30e11970a96cfe5e32c03a29332554573b4a10 PROVIDED AND/OR DISCOVERED BY: Neil Horman ORIGINAL ADVISORY: http://git.kernel.org/linus/ea30e11970a96cfe5e32c03a29332554573b4a10 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . However, given the high frequency at which low-severity security issues are discovered in the kernel and the resource requirements of doing an update, updates for lower priority issues will normally not be released for all kernels at the same time. Rather, they will be released in a staggered or "leap-frog" fashion. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
var-201511-0294	The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c. Linux Kernel is prone to a denial-of-service vulnerability. An attacker with a guest account can exploit this issue to cause an infinite loop in the host, denying service to legitimate users. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2015:2645-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-2645.html Issue date: 2015-12-15 CVE Names: CVE-2015-5307 CVE-2015-8104 ===================================================================== 1. Summary: Updated kernel packages that fix two security issues and two bugs are now available for Red Hat Enterprise Linux 6.5 Advanced Update Support. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 6.5) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.5) - i386, ppc64, s390x, x86_64 3. * It was found that the x86 ISA (Instruction Set Architecture) is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way (sequential) delivering of benign exceptions such as #AC (alignment check exception) and #DB (debug exception) is handled. A privileged user inside a guest could use these flaws to create denial of service conditions on the host kernel. (CVE-2015-5307, CVE-2015-8104, Important) Red Hat would like to thank Ben Serebrin of Google Inc. for reporting the CVE-2015-5307 issue. This update also fixes the following bugs: * With an IPv6 address on a bond and a slave failover, Unsolicited Neighbor Advertisement (UNA) was previously sent using the link global IPv6 address as source address. The underlying source code has been patched, and, after the failover in bonding, UNA is sent using both the corresponding link IPv6 address and global IPv6 address of bond0 and bond0.vlan. (BZ#1258479) * Previously, Human Interface Device (HID) would run a report on an unaligned buffer, which could cause a page fault interrupt and an oops when the end of the report was read. This update fixes this bug by padding the end of the report with extra bytes, so the reading of the report never crosses a page boundary. As a result, a page fault and subsequent oops no longer occur. (BZ#1268201) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1277172 - CVE-2015-5307 virt: guest to host DoS by triggering an infinite loop in microcode via #AC exception 1278496 - CVE-2015-8104 virt: guest to host DoS by triggering an infinite loop in microcode via #DB exception 6. Package List: Red Hat Enterprise Linux Server AUS (v. 6.5): Source: kernel-2.6.32-431.68.1.el6.src.rpm i386: kernel-2.6.32-431.68.1.el6.i686.rpm kernel-debug-2.6.32-431.68.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-431.68.1.el6.i686.rpm kernel-debug-devel-2.6.32-431.68.1.el6.i686.rpm kernel-debuginfo-2.6.32-431.68.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-431.68.1.el6.i686.rpm kernel-devel-2.6.32-431.68.1.el6.i686.rpm kernel-headers-2.6.32-431.68.1.el6.i686.rpm perf-2.6.32-431.68.1.el6.i686.rpm perf-debuginfo-2.6.32-431.68.1.el6.i686.rpm python-perf-debuginfo-2.6.32-431.68.1.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-431.68.1.el6.noarch.rpm kernel-doc-2.6.32-431.68.1.el6.noarch.rpm kernel-firmware-2.6.32-431.68.1.el6.noarch.rpm ppc64: kernel-2.6.32-431.68.1.el6.ppc64.rpm kernel-bootwrapper-2.6.32-431.68.1.el6.ppc64.rpm kernel-debug-2.6.32-431.68.1.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-431.68.1.el6.ppc64.rpm kernel-debug-devel-2.6.32-431.68.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-431.68.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-431.68.1.el6.ppc64.rpm kernel-devel-2.6.32-431.68.1.el6.ppc64.rpm kernel-headers-2.6.32-431.68.1.el6.ppc64.rpm perf-2.6.32-431.68.1.el6.ppc64.rpm perf-debuginfo-2.6.32-431.68.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-431.68.1.el6.ppc64.rpm s390x: kernel-2.6.32-431.68.1.el6.s390x.rpm kernel-debug-2.6.32-431.68.1.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-431.68.1.el6.s390x.rpm kernel-debug-devel-2.6.32-431.68.1.el6.s390x.rpm kernel-debuginfo-2.6.32-431.68.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-431.68.1.el6.s390x.rpm kernel-devel-2.6.32-431.68.1.el6.s390x.rpm kernel-headers-2.6.32-431.68.1.el6.s390x.rpm kernel-kdump-2.6.32-431.68.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-431.68.1.el6.s390x.rpm kernel-kdump-devel-2.6.32-431.68.1.el6.s390x.rpm perf-2.6.32-431.68.1.el6.s390x.rpm perf-debuginfo-2.6.32-431.68.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-431.68.1.el6.s390x.rpm x86_64: kernel-2.6.32-431.68.1.el6.x86_64.rpm kernel-debug-2.6.32-431.68.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-431.68.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-431.68.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.68.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.68.1.el6.x86_64.rpm kernel-devel-2.6.32-431.68.1.el6.x86_64.rpm kernel-headers-2.6.32-431.68.1.el6.x86_64.rpm perf-2.6.32-431.68.1.el6.x86_64.rpm perf-debuginfo-2.6.32-431.68.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.68.1.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 6.5): Source: kernel-2.6.32-431.68.1.el6.src.rpm i386: kernel-debug-debuginfo-2.6.32-431.68.1.el6.i686.rpm kernel-debuginfo-2.6.32-431.68.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-431.68.1.el6.i686.rpm perf-debuginfo-2.6.32-431.68.1.el6.i686.rpm python-perf-2.6.32-431.68.1.el6.i686.rpm python-perf-debuginfo-2.6.32-431.68.1.el6.i686.rpm ppc64: kernel-debug-debuginfo-2.6.32-431.68.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-431.68.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-431.68.1.el6.ppc64.rpm perf-debuginfo-2.6.32-431.68.1.el6.ppc64.rpm python-perf-2.6.32-431.68.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-431.68.1.el6.ppc64.rpm s390x: kernel-debug-debuginfo-2.6.32-431.68.1.el6.s390x.rpm kernel-debuginfo-2.6.32-431.68.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-431.68.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-431.68.1.el6.s390x.rpm perf-debuginfo-2.6.32-431.68.1.el6.s390x.rpm python-perf-2.6.32-431.68.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-431.68.1.el6.s390x.rpm x86_64: kernel-debug-debuginfo-2.6.32-431.68.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.68.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.68.1.el6.x86_64.rpm perf-debuginfo-2.6.32-431.68.1.el6.x86_64.rpm python-perf-2.6.32-431.68.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.68.1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-5307 https://access.redhat.com/security/cve/CVE-2015-8104 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFWcCyJXlSAg2UNWIIRAmIdAJ9quuPognODrZJec1XUfcL51k2iNACfSymc j9R25iIkd57WRGmU8zdVM1o= =9bG9 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 6.2) - x86_64 3. Content-Disposition: inline ==========================================================================Ubuntu Security Notice USN-2804-1 November 10, 2015 linux-lts-trusty vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 LTS Summary: The system could be made to crash under certain conditions. Software Description: - linux-lts-trusty: Linux hardware enablement kernel from Trusty Details: Ben Serebrin discovered that the KVM hypervisor implementation in the Linux kernel did not properly catch Alignment Check exceptions. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 LTS: linux-image-3.13.0-68-generic 3.13.0-68.111~precise1 linux-image-3.13.0-68-generic-lpae 3.13.0-68.111~precise1 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. If you use linux-restricted-modules, you have to update that package as well to get modules which work with the new kernel version. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-server, linux-powerpc), a standard system upgrade will automatically perform this as well
var-201808-0958	Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis. These attacks are known as L1 Terminal Fault: SGX, L1 Terminal Fault: OS/SMM, and L1 Terminal Fault: VMM. Intel Core i3 processor, etc. are all CPU (central processing unit) products of Intel Corporation of the United States. Security vulnerabilities exist in several Intel products that use speculative execution and address translation. The following products are affected: Intel Core i3 processor; Intel Core i5 processor; Intel Core i7 processor; Intel Core M processor family; 2nd generation Intel Core processors; 3rd generation Intel Core processors; 4th generation Intel Core processors; 5th generation Intel Core processors, etc. (CVE-2018-5390) Juha-Matti Tilli discovered that the IP implementation in the Linux kernel performed algorithmically expensive operations in some situations when handling incoming packet fragments. (CVE-2018-5391) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS: linux-image-3.13.0-155-generic 3.13.0-155.205 linux-image-3.13.0-155-generic-lpae 3.13.0-155.205 linux-image-3.13.0-155-lowlatency 3.13.0-155.205 linux-image-3.13.0-155-powerpc-e500 3.13.0-155.205 linux-image-3.13.0-155-powerpc-e500mc 3.13.0-155.205 linux-image-3.13.0-155-powerpc-smp 3.13.0-155.205 linux-image-3.13.0-155-powerpc64-emb 3.13.0-155.205 linux-image-3.13.0-155-powerpc64-smp 3.13.0-155.205 linux-image-generic 3.13.0.155.165 linux-image-generic-lpae 3.13.0.155.165 linux-image-lowlatency 3.13.0.155.165 linux-image-powerpc-e500 3.13.0.155.165 linux-image-powerpc-e500mc 3.13.0.155.165 linux-image-powerpc-smp 3.13.0.155.165 linux-image-powerpc64-emb 3.13.0.155.165 linux-image-powerpc64-smp 3.13.0.155.165 Please note that the recommended mitigation for CVE-2018-3646 involves updating processor microcode in addition to updating the kernel; however, the kernel includes a fallback for processors that have not received microcode updates. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. The microcode updates mentioned there are not yet available in a form distributable by Debian. For the stable distribution (stretch), these problems have been fixed in version 4.8.4+xsa273+shim4.10.1+xsa273-1+deb9u10. We recommend that you upgrade your xen packages. For the detailed security status of xen please refer to its security tracker page at: https://security-tracker.debian.org/tracker/xen Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlt14mwACgkQEMKTtsN8 Tjb2LhAAokwmlGxyJPC3EGG9aOLKNv23G9OzLLNRm+cy150WAMgBio+bR2CAgkfX qu/ftFPLeKfIRbo9nLBFHQLMKlmDdFzLeicXe7GtnKcAMkt0Wp+rYIj66TMkjrMg 2kJI68ECc5Rqj3fMZ+dgkxSHzhylUGG70mEIBf2D22Y72kkIfc3EzBuu2wxaaOTP t7Q7JkYDv9WV/6gw8Ok2vIrQcq95jtZgDSL1ZHHg6VTukHnXP2SU1rMfRCguTCtc 5JYAgWJ1GWFWt3d6FQnk7SWwJf3pHEVNg0lGpRJdu4qperQ3EhQNeJlGq8adm/Zf QQUT9T6vsU5cefgelIRSLxFZ9bDobxXXNaox3FqB4tslkJLhTRluCvilJpWuNpH5 7S6xti5neGuHORfIkcS1PmOEx2gDkKWTgotiBx04yU3q+/zr0Ob+K2jxZXe4z2uU sqEq8pdjCnkE03cljPbfPeutyucS3xDFpFVoXlRqgRNMdZ7jzVSP6qayt3iQIa/E djVQ2ptHxux5Zapg5Ngr2ASBdyIw+2GLVUKQCeqM+EjMXjRBaJv8DPxWwO4nkC4d eliy9RxErtQpgHIZKHVmTjoRlh/OH4KAdHZT2Y+Gfv1DVA6TL5cPiQ9e0ZunNNaK vtXyOzjNPVPZa+2MEq9FTFIkDsR8Ncl/JCzp0bx5uVaV/ovX0A8=reP+ -----END PGP SIGNATURE----- . ========================================================================== Kernel Live Patch Security Notice 0044-1 October 05, 2018 linux vulnerability ========================================================================== A security issue affects these releases of Ubuntu: \| Series \| Base kernel \| Arch \| flavors \| \|------------------+--------------+----------+------------------\| \| Ubuntu 14.04 LTS \| 4.4.0 \| amd64 \| generic \| \| Ubuntu 14.04 LTS \| 4.4.0 \| amd64 \| lowlatency \| \| Ubuntu 16.04 LTS \| 4.15.0 \| amd64 \| generic \| \| Ubuntu 16.04 LTS \| 4.15.0 \| amd64 \| lowlatency \| \| Ubuntu 18.04 LTS \| 4.15.0 \| amd64 \| generic \| \| Ubuntu 18.04 LTS \| 4.15.0 \| amd64 \| lowlatency \| Summary: Several security issues were fixed in the kernel. Note that due to a client issue, this livepatch may report that it failed to load. You can verify that the patch has successfully loaded by looking in /sys/kernel/livepatch for a directory starting with the name "lkp_Ubuntu," followed by your kernel version, and ending with the version number, "44." The next client update should correct this problem. (CVE-2018-3620) It was discovered that the paravirtualization implementation in the Linux kernel did not properly handle some indirect calls, reducing the effectiveness of Spectre v2 mitigations for paravirtual guests. A local attacker could use this to expose sensitive information. (CVE-2018-15594) It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. A local attacker in a guest virtual machine could use this to expose sensitive information (memory from other guests or the host OS). A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-6555) It was discovered that a stack-based buffer overflow existed in the iSCSI target implementation of the Linux kernel. A remote attacker could use this to cause a denial of service (system crash). (CVE-2018-14633) It was discovered that microprocessors utilizing speculative execution and prediction of return addresses via Return Stack Buffer (RSB) may allow unauthorized memory reads via sidechannel attacks. An attacker could use this to expose sensitive information. (CVE-2018-15572) Jann Horn discovered that the vmacache subsystem did not properly handle sequence number overflows, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2018-17182) Update instructions: The problem can be corrected by updating your livepatches to the following versions: \| Kernel \| Version \| flavors \| \|--------------------------+----------+--------------------------\| \| 4.4.0-133.159 \| 44.1 \| generic, lowlatency \| \| 4.4.0-133.159~14.04.1 \| 44.1 \| lowlatency, generic \| \| 4.4.0-134.160 \| 44.1 \| generic, lowlatency \| \| 4.4.0-134.160~14.04.1 \| 44.1 \| lowlatency, generic \| \| 4.4.0-135.161~14.04.1 \| 44.1 \| lowlatency, generic \| \| 4.15.0-32.35 \| 44.1 \| lowlatency, generic \| \| 4.15.0-32.35~16.04.1 \| 44.1 \| generic, lowlatency \| \| 4.15.0-33.36 \| 44.1 \| lowlatency, generic \| \| 4.15.0-33.36~16.04.1 \| 44.1 \| lowlatency, generic \| \| 4.15.0-34.37 \| 44.1 \| generic, lowlatency \| \| 4.15.0-34.37~16.04.1 \| 44.2 \| lowlatency, generic \| References: CVE-2018-3620, CVE-2018-15594, CVE-2018-3646, CVE-2018-6555, CVE-2018-14633, CVE-2018-15572, CVE-2018-17182 -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2018:2387-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:2387 Issue date: 2018-08-14 CVE Names: CVE-2018-3620 CVE-2018-3639 CVE-2018-3646 ==================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux ComputeNode EUS (v. 7.4) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server EUS (v. 7.4) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 7.4) - ppc64, ppc64le, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimisation) in combination with handling of page-faults caused by terminated virtual to physical address resolving process. As a result, an unprivileged attacker could use this flaw to read privileged memory of the kernel or other processes and/or cross guest/host boundaries to read host memory by conducting targeted cache side-channel attacks. (CVE-2018-3620, CVE-2018-3646) * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639) Red Hat would like to thank Intel OSSIRT (Intel.com) for reporting CVE-2018-3620 and CVE-2018-3646 and Ken Johnson (Microsoft Security Response Center) and Jann Horn (Google Project Zero) for reporting CVE-2018-3639. Bug Fix(es): * Previously, configurations with the little-endian variant of IBM Power Systems CPU architectures and Hard Disk Drives (HDD) designed according to Nonvolatile Memory Express (NVMe) open standards, experienced crashes during shutdown or reboot due to race conditions of CPUs. As a consequence, the sysfs pseudo file system threw a stack trace report about an attempt to create a duplicate entry in sysfs. This update modifies the source code so that the irq_dispose_mapping() function is called first and the msi_bitmap_free_hwirqs() function is called afterwards. As a result, the race condition no longer appears in the described scenario. (BZ#1570510) * When switching from the indirect branch speculation (IBRS) feature to the retpolines feature, the IBRS state of some CPUs was sometimes not handled correctly. Consequently, some CPUs were left with the IBRS Model-Specific Register (MSR) bit set to 1, which could lead to performance issues. With this update, the underlying source code has been fixed to clear the IBRS MSR bits correctly, thus fixing the bug. (BZ#1586147) * During a balloon reset, page pointers were not correctly initialized after unmapping the memory. Consequently, on the VMware ESXi hypervisor with "Fault Tolerance" and "ballooning" enabled, the following messages repeatedly occurred in the kernel log: [3014611.640148] WARNING: at mm/vmalloc.c:1491 __vunmap+0xd3/0x100() [3014611.640269] Trying to vfree() nonexistent vm area (ffffc90000697000) With this update, the underlying source code has been fixed to initialize page pointers properly. As a result, the mm/vmalloc.c warnings no longer occur under the described circumstances. (BZ#1595600) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1566890 - CVE-2018-3639 hw: cpu: speculative store bypass 1585005 - CVE-2018-3646 Kernel: hw: cpu: L1 terminal fault (L1TF) 6. Package List: Red Hat Enterprise Linux ComputeNode EUS (v. 7.4): Source: kernel-3.10.0-693.37.4.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-693.37.4.el7.noarch.rpm kernel-doc-3.10.0-693.37.4.el7.noarch.rpm x86_64: kernel-3.10.0-693.37.4.el7.x86_64.rpm kernel-debug-3.10.0-693.37.4.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.37.4.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.37.4.el7.x86_64.rpm kernel-devel-3.10.0-693.37.4.el7.x86_64.rpm kernel-headers-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.37.4.el7.x86_64.rpm perf-3.10.0-693.37.4.el7.x86_64.rpm perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm python-perf-3.10.0-693.37.4.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.4): x86_64: kernel-debug-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.37.4.el7.x86_64.rpm perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 7.4): Source: kernel-3.10.0-693.37.4.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-693.37.4.el7.noarch.rpm kernel-doc-3.10.0-693.37.4.el7.noarch.rpm ppc64: kernel-3.10.0-693.37.4.el7.ppc64.rpm kernel-bootwrapper-3.10.0-693.37.4.el7.ppc64.rpm kernel-debug-3.10.0-693.37.4.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm kernel-debug-devel-3.10.0-693.37.4.el7.ppc64.rpm kernel-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-693.37.4.el7.ppc64.rpm kernel-devel-3.10.0-693.37.4.el7.ppc64.rpm kernel-headers-3.10.0-693.37.4.el7.ppc64.rpm kernel-tools-3.10.0-693.37.4.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm kernel-tools-libs-3.10.0-693.37.4.el7.ppc64.rpm perf-3.10.0-693.37.4.el7.ppc64.rpm perf-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm python-perf-3.10.0-693.37.4.el7.ppc64.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm ppc64le: kernel-3.10.0-693.37.4.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-693.37.4.el7.ppc64le.rpm kernel-debug-3.10.0-693.37.4.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm kernel-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-693.37.4.el7.ppc64le.rpm kernel-devel-3.10.0-693.37.4.el7.ppc64le.rpm kernel-headers-3.10.0-693.37.4.el7.ppc64le.rpm kernel-tools-3.10.0-693.37.4.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm kernel-tools-libs-3.10.0-693.37.4.el7.ppc64le.rpm perf-3.10.0-693.37.4.el7.ppc64le.rpm perf-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm python-perf-3.10.0-693.37.4.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm s390x: kernel-3.10.0-693.37.4.el7.s390x.rpm kernel-debug-3.10.0-693.37.4.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-693.37.4.el7.s390x.rpm kernel-debug-devel-3.10.0-693.37.4.el7.s390x.rpm kernel-debuginfo-3.10.0-693.37.4.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-693.37.4.el7.s390x.rpm kernel-devel-3.10.0-693.37.4.el7.s390x.rpm kernel-headers-3.10.0-693.37.4.el7.s390x.rpm kernel-kdump-3.10.0-693.37.4.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-693.37.4.el7.s390x.rpm kernel-kdump-devel-3.10.0-693.37.4.el7.s390x.rpm perf-3.10.0-693.37.4.el7.s390x.rpm perf-debuginfo-3.10.0-693.37.4.el7.s390x.rpm python-perf-3.10.0-693.37.4.el7.s390x.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.s390x.rpm x86_64: kernel-3.10.0-693.37.4.el7.x86_64.rpm kernel-debug-3.10.0-693.37.4.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.37.4.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.37.4.el7.x86_64.rpm kernel-devel-3.10.0-693.37.4.el7.x86_64.rpm kernel-headers-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.37.4.el7.x86_64.rpm perf-3.10.0-693.37.4.el7.x86_64.rpm perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm python-perf-3.10.0-693.37.4.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 7.4): ppc64: kernel-debug-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm kernel-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-693.37.4.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-693.37.4.el7.ppc64.rpm perf-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm ppc64le: kernel-debug-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm kernel-debug-devel-3.10.0-693.37.4.el7.ppc64le.rpm kernel-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-693.37.4.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-693.37.4.el7.ppc64le.rpm perf-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm x86_64: kernel-debug-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.37.4.el7.x86_64.rpm perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-3620 https://access.redhat.com/security/cve/CVE-2018-3639 https://access.redhat.com/security/cve/CVE-2018-3646 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/L1TF 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBW3M4idzjgjWX9erEAQigJg//W8NS9ZAq71IYQ/6q5hTZBUeg3RsIJL4U OOCTlpLe3pH45ueU4Pm1HPopyyBHLGo988ZXPkH4z/jKW6txO3RDzf/blyWIwxwi dr76FUaMMLUk0ASeGcisZppOt/6zwrp2tfn+TyiC3pK0K5nTp+WVO5xYy5iecXVX 96M3wIhCIlshYPc1/F8zdYuBFzpYgBnotag//FjyCQlhmOFcKtTRgyQrSuf1ZxnL VNQ7UuVGjPWeF0w0OJrb6U7+pVrlwAvtwYkUjm/eFh/AszTe7uZ6C6mG8XAobDrl SpxhyqMTcplrKxvl0S01xuezVbVo8RdoAtrW9+xseozknta4cu7RHe0ZSsonY/xN RiAingIwsVde+g9KOv8jeleACBZu8mmJptkYbVb1IHPcp+1FzXXAkUc1i/oc7XBU lIfe49O3L2GyhI+0hUwhbPuc51L8yHmpr39KM1irKIRWsY692n32LVns3L6Kr0tW iWlhz4F2e5SNb2zlu3sMRQ4M0kf6JPX8VdRL1qMpfNoa9Ci4wYt+zP29//F6swji uwu3+SVH5VTW9VzymSCaQl/gD0loWPKVLFrTF5M9Y9+cl0uXn7CoW2LUNB86PhRz mMG+g2ZW9WbKcW/ERHofeii5WZGtsyA4FnUaWhzetfQIItEpmoobE9QVl0ar5GJ2 dsE8Ald7hA4=scjp -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 5 ELS) - i386, noarch, s390x, x86_64 3. 6.4) - x86_64 3. (CVE-2018-3639) * kernel: kvm: vmx: host GDT limit corruption (CVE-2018-10901) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201810-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Xen: Multiple vulnerabilities Date: October 30, 2018 Bugs: #643350, #655188, #655544, #659442 ID: 201810-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in Xen, the worst of which could cause a Denial of Service condition. Background ========== Xen is a bare-metal hypervisor. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-emulation/xen < 4.10.1-r2 >= 4.10.1-r2 2 app-emulation/xen-tools < 4.10.1-r2 >= 4.10.1-r2 ------------------------------------------------------------------- 2 affected packages Description =========== Multiple vulnerabilities have been discovered in Xen. Please review the referenced CVE identifiers for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Xen users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/xen-4.10.1-r2" All Xen tools users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=app-emulation/xen-tools-4.10.1-r2" References ========== [ 1 ] CVE-2017-5715 https://nvd.nist.gov/vuln/detail/CVE-2017-5715 [ 2 ] CVE-2017-5753 https://nvd.nist.gov/vuln/detail/CVE-2017-5753 [ 3 ] CVE-2017-5754 https://nvd.nist.gov/vuln/detail/CVE-2017-5754 [ 4 ] CVE-2018-10471 https://nvd.nist.gov/vuln/detail/CVE-2018-10471 [ 5 ] CVE-2018-10472 https://nvd.nist.gov/vuln/detail/CVE-2018-10472 [ 6 ] CVE-2018-10981 https://nvd.nist.gov/vuln/detail/CVE-2018-10981 [ 7 ] CVE-2018-10982 https://nvd.nist.gov/vuln/detail/CVE-2018-10982 [ 8 ] CVE-2018-12891 https://nvd.nist.gov/vuln/detail/CVE-2018-12891 [ 9 ] CVE-2018-12892 https://nvd.nist.gov/vuln/detail/CVE-2018-12892 [ 10 ] CVE-2018-12893 https://nvd.nist.gov/vuln/detail/CVE-2018-12893 [ 11 ] CVE-2018-15468 https://nvd.nist.gov/vuln/detail/CVE-2018-15468 [ 12 ] CVE-2018-15469 https://nvd.nist.gov/vuln/detail/CVE-2018-15469 [ 13 ] CVE-2018-15470 https://nvd.nist.gov/vuln/detail/CVE-2018-15470 [ 14 ] CVE-2018-3620 https://nvd.nist.gov/vuln/detail/CVE-2018-3620 [ 15 ] CVE-2018-3646 https://nvd.nist.gov/vuln/detail/CVE-2018-3646 [ 16 ] CVE-2018-5244 https://nvd.nist.gov/vuln/detail/CVE-2018-5244 [ 17 ] CVE-2018-7540 https://nvd.nist.gov/vuln/detail/CVE-2018-7540 [ 18 ] CVE-2018-7541 https://nvd.nist.gov/vuln/detail/CVE-2018-7541 [ 19 ] CVE-2018-7542 https://nvd.nist.gov/vuln/detail/CVE-2018-7542 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201810-06 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2018 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5
var-201908-1840	When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash. PHP EXIF Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. PHP (PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor) is an open source general-purpose computer scripting language jointly maintained by PHPGroup and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. A buffer error vulnerability exists in PHP 7.1.x prior to 7.1.31, 7.2.x prior to 7.2.21, and 7.3.x prior to 7.3.8. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. PHP is prone to a heap-based buffer-overflow vulnerability. Failed exploits will result in denial-of-service conditions. PHP versions before 7.3.8 are vulnerable. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2019-10-29-10 Additional information for APPLE-SA-2019-10-07-1 macOS Catalina 10.15 macOS Catalina 10.15 addresses the following: AMD Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8748: Lilang Wu and Moony Li of TrendMicro Mobile Security Research Team apache_mod_php Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Multiple issues in PHP Description: Multiple issues were addressed by updating to PHP version 7.3.8. CVE-2019-11041 CVE-2019-11042 Audio Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2019-8706: Yu Zhou of Ant-financial Light-Year Security Lab Entry added October 29, 2019 Books Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Parsing a maliciously crafted iBooks file may lead to a persistent denial-of-service Description: A resource exhaustion issue was addressed with improved input validation. CVE-2019-8774: Gertjan Franken imec-DistriNet of KU Leuven Entry added October 29, 2019 CFNetwork Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Processing maliciously crafted web content may lead to a cross site scripting attack Description: This issue was addressed with improved checks. CVE-2019-8753: Łukasz Pilorz of Standard Chartered GBS Poland Entry added October 29, 2019 CoreAudio Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Processing a maliciously crafted movie may result in the disclosure of process memory Description: A memory corruption issue was addressed with improved validation. CVE-2019-8705: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative CoreCrypto Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Processing a large input may lead to a denial of service Description: A denial of service issue was addressed with improved input validation. CVE-2019-8741: Nicky Mouha of NIST Entry added October 29, 2019 CoreMedia Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2019-8825: Found by GWP-ASan in Google Chrome Entry added October 29, 2019 Crash Reporter Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: The "Share Mac Analytics" setting may not be disabled when a user deselects the switch to share analytics Description: A race condition existed when reading and writing user preferences. This was addressed with improved state handling. CVE-2019-8757: William Cerniuk of Core Development, LLC CUPS Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: An attacker in a privileged network position may be able to leak sensitive user information Description: An input validation issue was addressed with improved input validation. CVE-2019-8736: Pawel Gocyla of ING Tech Poland (ingtechpoland.com) Entry added October 29, 2019 CUPS Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Processing a maliciously crafted string may lead to heap corruption Description: A memory consumption issue was addressed with improved memory handling. CVE-2019-8767: Stephen Zeisberg Entry added October 29, 2019 CUPS Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: An attacker in a privileged position may be able to perform a denial of service attack Description: A denial of service issue was addressed with improved validation. CVE-2019-8737: Pawel Gocyla of ING Tech Poland (ingtechpoland.com) Entry added October 29, 2019 File Quarantine Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: A malicious application may be able to elevate privileges Description: This issue was addressed by removing the vulnerable code. CVE-2019-8509: CodeColorist of Ant-Financial LightYear Labs Entry added October 29, 2019 Foundation Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8746: Natalie Silvanovich and Samuel Groß of Google Project Zero Entry added October 29, 2019 Graphics Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Processing a malicious shader may result in unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed with improved input validation. CVE-2018-12152: Piotr Bania of Cisco Talos CVE-2018-12153: Piotr Bania of Cisco Talos CVE-2018-12154: Piotr Bania of Cisco Talos Entry added October 29, 2019 Intel Graphics Driver Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8758: Lilang Wu and Moony Li of Trend Micro IOGraphics Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: A malicious application may be able to determine kernel memory layout Description: A logic issue was addressed with improved restrictions. CVE-2019-8755: Lilang Wu and Moony Li of Trend Micro IOGraphics Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: A local user may be able to cause unexpected system termination or read kernel memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2019-8759: another of 360 Nirvan Team Entry added October 29, 2019 Kernel Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: A local app may be able to read a persistent account identifier Description: A validation issue was addressed with improved logic. CVE-2019-8809: Apple Entry added October 29, 2019 Kernel Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2019-8709: derrek (@derrekr6) [confirmed]derrek (@derrekr6) CVE-2019-8781: Linus Henze (pinauten.de) Entry added October 29, 2019 Kernel Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8717: Jann Horn of Google Project Zero Kernel Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: A malicious application may be able to determine kernel memory layout Description: A memory corruption issue existed in the handling of IPv6 packets. This issue was addressed with improved memory management. CVE-2019-8744: Zhuo Liang of Qihoo 360 Vulcan Team Entry added October 29, 2019 libxml2 Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Multiple issues in libxml2 Description: Multiple memory corruption issues were addressed with improved input validation. CVE-2019-8749: found by OSS-Fuzz CVE-2019-8756: found by OSS-Fuzz Entry added October 29, 2019 libxslt Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Multiple issues in libxslt Description: Multiple memory corruption issues were addressed with improved input validation. CVE-2019-8750: found by OSS-Fuzz Entry added October 29, 2019 mDNSResponder Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: An attacker in physical proximity may be able to passively observe device names in AWDL communications Description: This issue was resolved by replacing device names with a random identifier. CVE-2019-8799: David Kreitschmann and Milan Stute of Secure Mobile Networking Lab at Technische Universität Darmstadt Entry added October 29, 2019 Menus Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2019-8826: Found by GWP-ASan in Google Chrome Entry added October 29, 2019 Notes Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: A local user may be able to view a user's locked notes Description: The contents of locked notes sometimes appeared in search results. This issue was addressed with improved data cleanup. CVE-2019-8730: Jamie Blumberg (@jamie_blumberg) of Virginia Polytechnic Institute and State University PDFKit Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: An attacker may be able to exfiltrate the contents of an encrypted PDF Description: An issue existed in the handling of links in encrypted PDFs. This issue was addressed by adding a confirmation prompt. CVE-2019-8772: Jens Müller of Ruhr University Bochum, Fabian Ising of FH Münster University of Applied Sciences, Vladislav Mladenov of Ruhr University Bochum, Christian Mainka of Ruhr University Bochum, Sebastian Schinzel of FH Münster University of Applied Sciences, and Jörg Schwenk of Ruhr University Bochum PluginKit Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: A local user may be able to check for the existence of arbitrary files Description: A logic issue was addressed with improved restrictions. CVE-2019-8708: an anonymous researcher Entry added October 29, 2019 PluginKit Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8715: an anonymous researcher Entry added October 29, 2019 SharedFileList Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: A malicious application may be able to access recent documents Description: The issue was addressed with improved permissions logic. CVE-2019-8770: Stanislav Zinukhov of Parallels International GmbH sips Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8701: Simon Huang(@HuangShaomang), Rong Fan(@fanrong1992) and pjf of IceSword Lab of Qihoo 360 UIFoundation Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Parsing a maliciously crafted text file may lead to disclosure of user information Description: This issue was addressed with improved checks. CVE-2019-8761: Renee Trisberg of SpectX Entry added October 29, 2019 UIFoundation Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Processing a maliciously crafted text file may lead to arbitrary code execution Description: A buffer overflow was addressed with improved bounds checking. CVE-2019-8745: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative WebKit Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: A user may be unable to delete browsing history items Description: "Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. CVE-2019-8768: Hugo S. Diaz (coldpointblue) WebKit Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Visiting a maliciously crafted website may reveal browsing history Description: An issue existed in the drawing of web page elements. The issue was addressed with improved logic. CVE-2019-8769: Piérre Reimertz (@reimertz) Additional recognition AppleRTC We would like to acknowledge Vitaly Cheptsov for their assistance. Audio We would like to acknowledge riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative for their assistance. boringssl We would like to acknowledge Nimrod Aviram of Tel Aviv University, Robert Merget of Ruhr University Bochum, Juraj Somorovsky of Ruhr University Bochum and Thijs Alkemade (@xnyhps) of Computest for their assistance. Finder We would like to acknowledge Csaba Fitzl (@theevilbit) for their assistance. Gatekeeper We would like to acknowledge Csaba Fitzl (@theevilbit) for their assistance. Identity Service We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for their assistance. Kernel We would like to acknowledge Brandon Azad of Google Project Zero for their assistance. mDNSResponder We would like to acknowledge Gregor Lang of e.solutions GmbH for their assistance. python We would like to acknowledge an anonymous researcher for their assistance. Safari Data Importing We would like to acknowledge Kent Zoya for their assistance. Simple certificate enrollment protocol (SCEP) We would like to acknowledge an anonymous researcher for their assistance. Telephony We would like to acknowledge Phil Stokes from SentinelOne for their assistance. VPN We would like to acknowledge Royce Gawron of Second Son Consulting, Inc. for their assistance. Installation note: macOS Catalina 10.15 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl24s4QACgkQBz4uGe3y 0M0s3w//QZG0JsE1BjWJ3mwKoSn/I1V0SLryV9UxJeibPfhyF6VJEYk63jZxZ5ki 48vM7iKE3nAHamNFOMtUvyzEdO6VGNZ1uiuSu9nkyziEERapHJSLcEh83p2JhWV/ SEsBB3bsT4l3V9ZYxk/9DX6ynCTzKLZTynw6Yo2PMYiMpavD5sfZ6v8U53qdZ+LX SNuw+vRTsvu3YlFkUStTdQ64sT72yGII0c8iFpSb2AWv7IgbypB5lW4/MRQjrzoc 9yMhvMgXcgAlzoH5GpGE2EflbekcQxudxDh1t0o7f8OASRPTljNjL4oiKXBMhiAM iUgDn7duE9LqupfSWK5WOUkF+XRV0qTaLCTDWaCzVa5YsApvSVPhbmoFqKXSQG8T U6SxQviqzJ06sD1jqm2sZ/LnD5xMEXhQvNx89oJrTRsCU/o0fy4tRhHp52aJoF7E Wvr1kTlo6SGm6NjkmZVoKj6962/0XUYSOt8gR+L/sF7N6URUG+1Ko2jx8zhYHMEO ju+Hw0TFHd+8mP29oOEIsIpuRpCp9jjgEJDdu7mGqJ1Py2Gs0uGeHEZd6DJhKggA IvdJu4Q9usjWaxQ9H3m2I/xEqw78sMEEFgCYfLTC0gf2ChaiGZuhKipcF04c81kM bOGmjuyJrajD/2rY9EHrqtCm5b2079YAIxUAmTOkT0uP2WmlZoM= =bhin -----END PGP SIGNATURE----- . 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. ========================================================================= Ubuntu Security Notice USN-4097-2 August 13, 2019 php5 vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 ESM - Ubuntu 12.04 ESM Summary: PHP could be made to crash or execute arbitrary code if it received specially crafted image. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that PHP incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2019-11041, CVE-2019-11042) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM: libapache2-mod-php5 5.5.9+dfsg-1ubuntu4.29+esm5 php5-cgi 5.5.9+dfsg-1ubuntu4.29+esm5 php5-cli 5.5.9+dfsg-1ubuntu4.29+esm5 php5-fpm 5.5.9+dfsg-1ubuntu4.29+esm5 php5-xmlrpc 5.5.9+dfsg-1ubuntu4.29+esm5 Ubuntu 12.04 ESM: libapache2-mod-php5 5.3.10-1ubuntu3.39 php5-cgi 5.3.10-1ubuntu3.39 php5-cli 5.3.10-1ubuntu3.39 php5-fpm 5.3.10-1ubuntu3.39 php5-xmlrpc 5.3.10-1ubuntu3.39 In general, a standard system update will make all the necessary changes. For the stable distribution (buster), these problems have been fixed in version 7.3.9-1~deb10u1. We recommend that you upgrade your php7.3 packages. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Critical: rh-php72-php security update Advisory ID: RHSA-2019:3299-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2019:3299 Issue date: 2019-11-01 CVE Names: CVE-2016-10166 CVE-2018-20783 CVE-2019-6977 CVE-2019-9020 CVE-2019-9021 CVE-2019-9022 CVE-2019-9023 CVE-2019-9024 CVE-2019-9637 CVE-2019-9638 CVE-2019-9639 CVE-2019-9640 CVE-2019-11034 CVE-2019-11035 CVE-2019-11036 CVE-2019-11038 CVE-2019-11039 CVE-2019-11040 CVE-2019-11041 CVE-2019-11042 CVE-2019-11043 ===================================================================== 1. Summary: An update for rh-php72-php is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: rh-php72-php (7.2.24). (BZ#1766603) Security Fix(es): * php: underflow in env_path_info in fpm_main.c (CVE-2019-11043) * gd: Unsigned integer underflow _gdContributionsAlloc() (CVE-2016-10166) * gd: Heap based buffer overflow in gdImageColorMatch() in gd_color_match.c (CVE-2019-6977) * php: Invalid memory access in function xmlrpc_decode() (CVE-2019-9020) * php: File rename across filesystems may allow unwanted access during processing (CVE-2019-9637) * php: Uninitialized read in exif_process_IFD_in_MAKERNOTE (CVE-2019-9638) * php: Uninitialized read in exif_process_IFD_in_MAKERNOTE (CVE-2019-9639) * php: Invalid read in exif_process_SOFn() (CVE-2019-9640) * php: Out-of-bounds read due to integer overflow in iconv_mime_decode_headers() (CVE-2019-11039) * php: Buffer over-read in exif_read_data() (CVE-2019-11040) * php: Buffer over-read in PHAR reading functions (CVE-2018-20783) * php: Heap-based buffer over-read in PHAR reading functions (CVE-2019-9021) * php: memcpy with negative length via crafted DNS response (CVE-2019-9022) * php: Heap-based buffer over-read in mbstring regular expression functions (CVE-2019-9023) * php: Out-of-bounds read in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c (CVE-2019-9024) * php: Heap buffer overflow in function exif_process_IFD_TAG() (CVE-2019-11034) * php: Heap buffer overflow in function exif_iif_add_value() (CVE-2019-11035) * php: Buffer over-read in exif_process_IFD_TAG() leading to information disclosure (CVE-2019-11036) * gd: Information disclosure in gdImageCreateFromXbm() (CVE-2019-11038) * php: heap buffer over-read in exif_scan_thumbnail() (CVE-2019-11041) * php: heap buffer over-read in exif_process_user_comment() (CVE-2019-11042) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the updated packages, the httpd daemon must be restarted for the update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1418983 - CVE-2016-10166 gd: Unsigned integer underflow _gdContributionsAlloc() 1672207 - CVE-2019-6977 gd: Heap based buffer overflow in gdImageColorMatch() in gd_color_match.c 1680545 - CVE-2018-20783 php: Buffer over-read in PHAR reading functions 1685123 - CVE-2019-9020 php: Invalid memory access in function xmlrpc_decode() 1685132 - CVE-2019-9021 php: Heap-based buffer over-read in PHAR reading functions 1685398 - CVE-2019-9023 php: Heap-based buffer over-read in mbstring regular expression functions 1685404 - CVE-2019-9024 php: Out-of-bounds read in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c 1685412 - CVE-2019-9022 php: memcpy with negative length via crafted DNS response 1688897 - CVE-2019-9637 php: File rename across filesystems may allow unwanted access during processing 1688922 - CVE-2019-9638 php: Uninitialized read in exif_process_IFD_in_MAKERNOTE 1688934 - CVE-2019-9639 php: Uninitialized read in exif_process_IFD_in_MAKERNOTE 1688939 - CVE-2019-9640 php: Invalid read in exif_process_SOFn() 1702246 - CVE-2019-11035 php: Heap buffer overflow in function exif_iif_add_value() 1702256 - CVE-2019-11034 php: Heap buffer overflow in function exif_process_IFD_TAG() 1707299 - CVE-2019-11036 php: Buffer over-read in exif_process_IFD_TAG() leading to information disclosure 1724149 - CVE-2019-11038 gd: Information disclosure in gdImageCreateFromXbm() 1724152 - CVE-2019-11039 php: Out-of-bounds read due to integer overflow in iconv_mime_decode_headers() 1724154 - CVE-2019-11040 php: Buffer over-read in exif_read_data() 1739459 - CVE-2019-11041 php: heap buffer over-read in exif_scan_thumbnail() 1739465 - CVE-2019-11042 php: heap buffer over-read in exif_process_user_comment() 1766378 - CVE-2019-11043 php: underflow in env_path_info in fpm_main.c 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-php72-php-7.2.24-1.el7.src.rpm aarch64: rh-php72-php-7.2.24-1.el7.aarch64.rpm rh-php72-php-bcmath-7.2.24-1.el7.aarch64.rpm rh-php72-php-cli-7.2.24-1.el7.aarch64.rpm rh-php72-php-common-7.2.24-1.el7.aarch64.rpm rh-php72-php-dba-7.2.24-1.el7.aarch64.rpm rh-php72-php-dbg-7.2.24-1.el7.aarch64.rpm rh-php72-php-debuginfo-7.2.24-1.el7.aarch64.rpm rh-php72-php-devel-7.2.24-1.el7.aarch64.rpm rh-php72-php-embedded-7.2.24-1.el7.aarch64.rpm rh-php72-php-enchant-7.2.24-1.el7.aarch64.rpm rh-php72-php-fpm-7.2.24-1.el7.aarch64.rpm rh-php72-php-gd-7.2.24-1.el7.aarch64.rpm rh-php72-php-gmp-7.2.24-1.el7.aarch64.rpm rh-php72-php-intl-7.2.24-1.el7.aarch64.rpm rh-php72-php-json-7.2.24-1.el7.aarch64.rpm rh-php72-php-ldap-7.2.24-1.el7.aarch64.rpm rh-php72-php-mbstring-7.2.24-1.el7.aarch64.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.aarch64.rpm rh-php72-php-odbc-7.2.24-1.el7.aarch64.rpm rh-php72-php-opcache-7.2.24-1.el7.aarch64.rpm rh-php72-php-pdo-7.2.24-1.el7.aarch64.rpm rh-php72-php-pgsql-7.2.24-1.el7.aarch64.rpm rh-php72-php-process-7.2.24-1.el7.aarch64.rpm rh-php72-php-pspell-7.2.24-1.el7.aarch64.rpm rh-php72-php-recode-7.2.24-1.el7.aarch64.rpm rh-php72-php-snmp-7.2.24-1.el7.aarch64.rpm rh-php72-php-soap-7.2.24-1.el7.aarch64.rpm rh-php72-php-xml-7.2.24-1.el7.aarch64.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.aarch64.rpm rh-php72-php-zip-7.2.24-1.el7.aarch64.rpm ppc64le: rh-php72-php-7.2.24-1.el7.ppc64le.rpm rh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm rh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm rh-php72-php-common-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm rh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm rh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm rh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm rh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm rh-php72-php-json-7.2.24-1.el7.ppc64le.rpm rh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm rh-php72-php-process-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm rh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm rh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm s390x: rh-php72-php-7.2.24-1.el7.s390x.rpm rh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm rh-php72-php-cli-7.2.24-1.el7.s390x.rpm rh-php72-php-common-7.2.24-1.el7.s390x.rpm rh-php72-php-dba-7.2.24-1.el7.s390x.rpm rh-php72-php-dbg-7.2.24-1.el7.s390x.rpm rh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm rh-php72-php-devel-7.2.24-1.el7.s390x.rpm rh-php72-php-embedded-7.2.24-1.el7.s390x.rpm rh-php72-php-enchant-7.2.24-1.el7.s390x.rpm rh-php72-php-fpm-7.2.24-1.el7.s390x.rpm rh-php72-php-gd-7.2.24-1.el7.s390x.rpm rh-php72-php-gmp-7.2.24-1.el7.s390x.rpm rh-php72-php-intl-7.2.24-1.el7.s390x.rpm rh-php72-php-json-7.2.24-1.el7.s390x.rpm rh-php72-php-ldap-7.2.24-1.el7.s390x.rpm rh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm rh-php72-php-odbc-7.2.24-1.el7.s390x.rpm rh-php72-php-opcache-7.2.24-1.el7.s390x.rpm rh-php72-php-pdo-7.2.24-1.el7.s390x.rpm rh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm rh-php72-php-process-7.2.24-1.el7.s390x.rpm rh-php72-php-pspell-7.2.24-1.el7.s390x.rpm rh-php72-php-recode-7.2.24-1.el7.s390x.rpm rh-php72-php-snmp-7.2.24-1.el7.s390x.rpm rh-php72-php-soap-7.2.24-1.el7.s390x.rpm rh-php72-php-xml-7.2.24-1.el7.s390x.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm rh-php72-php-zip-7.2.24-1.el7.s390x.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-php72-php-7.2.24-1.el7.src.rpm aarch64: rh-php72-php-7.2.24-1.el7.aarch64.rpm rh-php72-php-bcmath-7.2.24-1.el7.aarch64.rpm rh-php72-php-cli-7.2.24-1.el7.aarch64.rpm rh-php72-php-common-7.2.24-1.el7.aarch64.rpm rh-php72-php-dba-7.2.24-1.el7.aarch64.rpm rh-php72-php-dbg-7.2.24-1.el7.aarch64.rpm rh-php72-php-debuginfo-7.2.24-1.el7.aarch64.rpm rh-php72-php-devel-7.2.24-1.el7.aarch64.rpm rh-php72-php-embedded-7.2.24-1.el7.aarch64.rpm rh-php72-php-enchant-7.2.24-1.el7.aarch64.rpm rh-php72-php-fpm-7.2.24-1.el7.aarch64.rpm rh-php72-php-gd-7.2.24-1.el7.aarch64.rpm rh-php72-php-gmp-7.2.24-1.el7.aarch64.rpm rh-php72-php-intl-7.2.24-1.el7.aarch64.rpm rh-php72-php-json-7.2.24-1.el7.aarch64.rpm rh-php72-php-ldap-7.2.24-1.el7.aarch64.rpm rh-php72-php-mbstring-7.2.24-1.el7.aarch64.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.aarch64.rpm rh-php72-php-odbc-7.2.24-1.el7.aarch64.rpm rh-php72-php-opcache-7.2.24-1.el7.aarch64.rpm rh-php72-php-pdo-7.2.24-1.el7.aarch64.rpm rh-php72-php-pgsql-7.2.24-1.el7.aarch64.rpm rh-php72-php-process-7.2.24-1.el7.aarch64.rpm rh-php72-php-pspell-7.2.24-1.el7.aarch64.rpm rh-php72-php-recode-7.2.24-1.el7.aarch64.rpm rh-php72-php-snmp-7.2.24-1.el7.aarch64.rpm rh-php72-php-soap-7.2.24-1.el7.aarch64.rpm rh-php72-php-xml-7.2.24-1.el7.aarch64.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.aarch64.rpm rh-php72-php-zip-7.2.24-1.el7.aarch64.rpm ppc64le: rh-php72-php-7.2.24-1.el7.ppc64le.rpm rh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm rh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm rh-php72-php-common-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm rh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm rh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm rh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm rh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm rh-php72-php-json-7.2.24-1.el7.ppc64le.rpm rh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm rh-php72-php-process-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm rh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm rh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm s390x: rh-php72-php-7.2.24-1.el7.s390x.rpm rh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm rh-php72-php-cli-7.2.24-1.el7.s390x.rpm rh-php72-php-common-7.2.24-1.el7.s390x.rpm rh-php72-php-dba-7.2.24-1.el7.s390x.rpm rh-php72-php-dbg-7.2.24-1.el7.s390x.rpm rh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm rh-php72-php-devel-7.2.24-1.el7.s390x.rpm rh-php72-php-embedded-7.2.24-1.el7.s390x.rpm rh-php72-php-enchant-7.2.24-1.el7.s390x.rpm rh-php72-php-fpm-7.2.24-1.el7.s390x.rpm rh-php72-php-gd-7.2.24-1.el7.s390x.rpm rh-php72-php-gmp-7.2.24-1.el7.s390x.rpm rh-php72-php-intl-7.2.24-1.el7.s390x.rpm rh-php72-php-json-7.2.24-1.el7.s390x.rpm rh-php72-php-ldap-7.2.24-1.el7.s390x.rpm rh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm rh-php72-php-odbc-7.2.24-1.el7.s390x.rpm rh-php72-php-opcache-7.2.24-1.el7.s390x.rpm rh-php72-php-pdo-7.2.24-1.el7.s390x.rpm rh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm rh-php72-php-process-7.2.24-1.el7.s390x.rpm rh-php72-php-pspell-7.2.24-1.el7.s390x.rpm rh-php72-php-recode-7.2.24-1.el7.s390x.rpm rh-php72-php-snmp-7.2.24-1.el7.s390x.rpm rh-php72-php-soap-7.2.24-1.el7.s390x.rpm rh-php72-php-xml-7.2.24-1.el7.s390x.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm rh-php72-php-zip-7.2.24-1.el7.s390x.rpm x86_64: rh-php72-php-7.2.24-1.el7.x86_64.rpm rh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm rh-php72-php-cli-7.2.24-1.el7.x86_64.rpm rh-php72-php-common-7.2.24-1.el7.x86_64.rpm rh-php72-php-dba-7.2.24-1.el7.x86_64.rpm rh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm rh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm rh-php72-php-devel-7.2.24-1.el7.x86_64.rpm rh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm rh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm rh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm rh-php72-php-gd-7.2.24-1.el7.x86_64.rpm rh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-intl-7.2.24-1.el7.x86_64.rpm rh-php72-php-json-7.2.24-1.el7.x86_64.rpm rh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm rh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm rh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm rh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm rh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm rh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm rh-php72-php-process-7.2.24-1.el7.x86_64.rpm rh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm rh-php72-php-recode-7.2.24-1.el7.x86_64.rpm rh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-soap-7.2.24-1.el7.x86_64.rpm rh-php72-php-xml-7.2.24-1.el7.x86_64.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm rh-php72-php-zip-7.2.24-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5): Source: rh-php72-php-7.2.24-1.el7.src.rpm ppc64le: rh-php72-php-7.2.24-1.el7.ppc64le.rpm rh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm rh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm rh-php72-php-common-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm rh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm rh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm rh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm rh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm rh-php72-php-json-7.2.24-1.el7.ppc64le.rpm rh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm rh-php72-php-process-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm rh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm rh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm s390x: rh-php72-php-7.2.24-1.el7.s390x.rpm rh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm rh-php72-php-cli-7.2.24-1.el7.s390x.rpm rh-php72-php-common-7.2.24-1.el7.s390x.rpm rh-php72-php-dba-7.2.24-1.el7.s390x.rpm rh-php72-php-dbg-7.2.24-1.el7.s390x.rpm rh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm rh-php72-php-devel-7.2.24-1.el7.s390x.rpm rh-php72-php-embedded-7.2.24-1.el7.s390x.rpm rh-php72-php-enchant-7.2.24-1.el7.s390x.rpm rh-php72-php-fpm-7.2.24-1.el7.s390x.rpm rh-php72-php-gd-7.2.24-1.el7.s390x.rpm rh-php72-php-gmp-7.2.24-1.el7.s390x.rpm rh-php72-php-intl-7.2.24-1.el7.s390x.rpm rh-php72-php-json-7.2.24-1.el7.s390x.rpm rh-php72-php-ldap-7.2.24-1.el7.s390x.rpm rh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm rh-php72-php-odbc-7.2.24-1.el7.s390x.rpm rh-php72-php-opcache-7.2.24-1.el7.s390x.rpm rh-php72-php-pdo-7.2.24-1.el7.s390x.rpm rh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm rh-php72-php-process-7.2.24-1.el7.s390x.rpm rh-php72-php-pspell-7.2.24-1.el7.s390x.rpm rh-php72-php-recode-7.2.24-1.el7.s390x.rpm rh-php72-php-snmp-7.2.24-1.el7.s390x.rpm rh-php72-php-soap-7.2.24-1.el7.s390x.rpm rh-php72-php-xml-7.2.24-1.el7.s390x.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm rh-php72-php-zip-7.2.24-1.el7.s390x.rpm x86_64: rh-php72-php-7.2.24-1.el7.x86_64.rpm rh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm rh-php72-php-cli-7.2.24-1.el7.x86_64.rpm rh-php72-php-common-7.2.24-1.el7.x86_64.rpm rh-php72-php-dba-7.2.24-1.el7.x86_64.rpm rh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm rh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm rh-php72-php-devel-7.2.24-1.el7.x86_64.rpm rh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm rh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm rh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm rh-php72-php-gd-7.2.24-1.el7.x86_64.rpm rh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-intl-7.2.24-1.el7.x86_64.rpm rh-php72-php-json-7.2.24-1.el7.x86_64.rpm rh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm rh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm rh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm rh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm rh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm rh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm rh-php72-php-process-7.2.24-1.el7.x86_64.rpm rh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm rh-php72-php-recode-7.2.24-1.el7.x86_64.rpm rh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-soap-7.2.24-1.el7.x86_64.rpm rh-php72-php-xml-7.2.24-1.el7.x86_64.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm rh-php72-php-zip-7.2.24-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6): Source: rh-php72-php-7.2.24-1.el7.src.rpm ppc64le: rh-php72-php-7.2.24-1.el7.ppc64le.rpm rh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm rh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm rh-php72-php-common-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm rh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm rh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm rh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm rh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm rh-php72-php-json-7.2.24-1.el7.ppc64le.rpm rh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm rh-php72-php-process-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm rh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm rh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm s390x: rh-php72-php-7.2.24-1.el7.s390x.rpm rh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm rh-php72-php-cli-7.2.24-1.el7.s390x.rpm rh-php72-php-common-7.2.24-1.el7.s390x.rpm rh-php72-php-dba-7.2.24-1.el7.s390x.rpm rh-php72-php-dbg-7.2.24-1.el7.s390x.rpm rh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm rh-php72-php-devel-7.2.24-1.el7.s390x.rpm rh-php72-php-embedded-7.2.24-1.el7.s390x.rpm rh-php72-php-enchant-7.2.24-1.el7.s390x.rpm rh-php72-php-fpm-7.2.24-1.el7.s390x.rpm rh-php72-php-gd-7.2.24-1.el7.s390x.rpm rh-php72-php-gmp-7.2.24-1.el7.s390x.rpm rh-php72-php-intl-7.2.24-1.el7.s390x.rpm rh-php72-php-json-7.2.24-1.el7.s390x.rpm rh-php72-php-ldap-7.2.24-1.el7.s390x.rpm rh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm rh-php72-php-odbc-7.2.24-1.el7.s390x.rpm rh-php72-php-opcache-7.2.24-1.el7.s390x.rpm rh-php72-php-pdo-7.2.24-1.el7.s390x.rpm rh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm rh-php72-php-process-7.2.24-1.el7.s390x.rpm rh-php72-php-pspell-7.2.24-1.el7.s390x.rpm rh-php72-php-recode-7.2.24-1.el7.s390x.rpm rh-php72-php-snmp-7.2.24-1.el7.s390x.rpm rh-php72-php-soap-7.2.24-1.el7.s390x.rpm rh-php72-php-xml-7.2.24-1.el7.s390x.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm rh-php72-php-zip-7.2.24-1.el7.s390x.rpm x86_64: rh-php72-php-7.2.24-1.el7.x86_64.rpm rh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm rh-php72-php-cli-7.2.24-1.el7.x86_64.rpm rh-php72-php-common-7.2.24-1.el7.x86_64.rpm rh-php72-php-dba-7.2.24-1.el7.x86_64.rpm rh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm rh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm rh-php72-php-devel-7.2.24-1.el7.x86_64.rpm rh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm rh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm rh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm rh-php72-php-gd-7.2.24-1.el7.x86_64.rpm rh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-intl-7.2.24-1.el7.x86_64.rpm rh-php72-php-json-7.2.24-1.el7.x86_64.rpm rh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm rh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm rh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm rh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm rh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm rh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm rh-php72-php-process-7.2.24-1.el7.x86_64.rpm rh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm rh-php72-php-recode-7.2.24-1.el7.x86_64.rpm rh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-soap-7.2.24-1.el7.x86_64.rpm rh-php72-php-xml-7.2.24-1.el7.x86_64.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm rh-php72-php-zip-7.2.24-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7): Source: rh-php72-php-7.2.24-1.el7.src.rpm ppc64le: rh-php72-php-7.2.24-1.el7.ppc64le.rpm rh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm rh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm rh-php72-php-common-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm rh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm rh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm rh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm rh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm rh-php72-php-json-7.2.24-1.el7.ppc64le.rpm rh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm rh-php72-php-process-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm rh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm rh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm s390x: rh-php72-php-7.2.24-1.el7.s390x.rpm rh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm rh-php72-php-cli-7.2.24-1.el7.s390x.rpm rh-php72-php-common-7.2.24-1.el7.s390x.rpm rh-php72-php-dba-7.2.24-1.el7.s390x.rpm rh-php72-php-dbg-7.2.24-1.el7.s390x.rpm rh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm rh-php72-php-devel-7.2.24-1.el7.s390x.rpm rh-php72-php-embedded-7.2.24-1.el7.s390x.rpm rh-php72-php-enchant-7.2.24-1.el7.s390x.rpm rh-php72-php-fpm-7.2.24-1.el7.s390x.rpm rh-php72-php-gd-7.2.24-1.el7.s390x.rpm rh-php72-php-gmp-7.2.24-1.el7.s390x.rpm rh-php72-php-intl-7.2.24-1.el7.s390x.rpm rh-php72-php-json-7.2.24-1.el7.s390x.rpm rh-php72-php-ldap-7.2.24-1.el7.s390x.rpm rh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm rh-php72-php-odbc-7.2.24-1.el7.s390x.rpm rh-php72-php-opcache-7.2.24-1.el7.s390x.rpm rh-php72-php-pdo-7.2.24-1.el7.s390x.rpm rh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm rh-php72-php-process-7.2.24-1.el7.s390x.rpm rh-php72-php-pspell-7.2.24-1.el7.s390x.rpm rh-php72-php-recode-7.2.24-1.el7.s390x.rpm rh-php72-php-snmp-7.2.24-1.el7.s390x.rpm rh-php72-php-soap-7.2.24-1.el7.s390x.rpm rh-php72-php-xml-7.2.24-1.el7.s390x.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm rh-php72-php-zip-7.2.24-1.el7.s390x.rpm x86_64: rh-php72-php-7.2.24-1.el7.x86_64.rpm rh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm rh-php72-php-cli-7.2.24-1.el7.x86_64.rpm rh-php72-php-common-7.2.24-1.el7.x86_64.rpm rh-php72-php-dba-7.2.24-1.el7.x86_64.rpm rh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm rh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm rh-php72-php-devel-7.2.24-1.el7.x86_64.rpm rh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm rh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm rh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm rh-php72-php-gd-7.2.24-1.el7.x86_64.rpm rh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-intl-7.2.24-1.el7.x86_64.rpm rh-php72-php-json-7.2.24-1.el7.x86_64.rpm rh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm rh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm rh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm rh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm rh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm rh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm rh-php72-php-process-7.2.24-1.el7.x86_64.rpm rh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm rh-php72-php-recode-7.2.24-1.el7.x86_64.rpm rh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-soap-7.2.24-1.el7.x86_64.rpm rh-php72-php-xml-7.2.24-1.el7.x86_64.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm rh-php72-php-zip-7.2.24-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-php72-php-7.2.24-1.el7.src.rpm x86_64: rh-php72-php-7.2.24-1.el7.x86_64.rpm rh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm rh-php72-php-cli-7.2.24-1.el7.x86_64.rpm rh-php72-php-common-7.2.24-1.el7.x86_64.rpm rh-php72-php-dba-7.2.24-1.el7.x86_64.rpm rh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm rh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm rh-php72-php-devel-7.2.24-1.el7.x86_64.rpm rh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm rh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm rh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm rh-php72-php-gd-7.2.24-1.el7.x86_64.rpm rh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-intl-7.2.24-1.el7.x86_64.rpm rh-php72-php-json-7.2.24-1.el7.x86_64.rpm rh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm rh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm rh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm rh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm rh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm rh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm rh-php72-php-process-7.2.24-1.el7.x86_64.rpm rh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm rh-php72-php-recode-7.2.24-1.el7.x86_64.rpm rh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-soap-7.2.24-1.el7.x86_64.rpm rh-php72-php-xml-7.2.24-1.el7.x86_64.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm rh-php72-php-zip-7.2.24-1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-10166 https://access.redhat.com/security/cve/CVE-2018-20783 https://access.redhat.com/security/cve/CVE-2019-6977 https://access.redhat.com/security/cve/CVE-2019-9020 https://access.redhat.com/security/cve/CVE-2019-9021 https://access.redhat.com/security/cve/CVE-2019-9022 https://access.redhat.com/security/cve/CVE-2019-9023 https://access.redhat.com/security/cve/CVE-2019-9024 https://access.redhat.com/security/cve/CVE-2019-9637 https://access.redhat.com/security/cve/CVE-2019-9638 https://access.redhat.com/security/cve/CVE-2019-9639 https://access.redhat.com/security/cve/CVE-2019-9640 https://access.redhat.com/security/cve/CVE-2019-11034 https://access.redhat.com/security/cve/CVE-2019-11035 https://access.redhat.com/security/cve/CVE-2019-11036 https://access.redhat.com/security/cve/CVE-2019-11038 https://access.redhat.com/security/cve/CVE-2019-11039 https://access.redhat.com/security/cve/CVE-2019-11040 https://access.redhat.com/security/cve/CVE-2019-11041 https://access.redhat.com/security/cve/CVE-2019-11042 https://access.redhat.com/security/cve/CVE-2019-11043 https://access.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXbwslNzjgjWX9erEAQgZrA//YpBwARJTytrbpWQquZ4hnjbScNEZK1d4 sOOT+oiQSrzvghsNKNCKwEO1CLbNA9XOT7bCchtpD/HguTc4XeGNk7dAf/qA6UVB tJCxmqNBVBKqoe9UafmxLUFcVSkv/PHRVD2h+/TvmqdB8Uf2Z8hIIaBt7UsW34sb yBMLJVhyG98c/7VzwqFXW6Vm+Ly6+/ViYtloe5/Ex4D8FvB72Cc9uRvCTWdLLOXu PlwQKdaEt5CtUrTmLFEX+9t6tybwhNBf/dZ96nazCaSRtQVnhZI9s+wjoE6vEOOB +bOldvJ9tu7LclzMIz7SbSqjhPBSLtEMGZKcO1havVGDwcfPAEc12TW9DtVFDlqA Xq+dFW5vviRCoMlSmNBmSqQZSWMF64LdzjvWfW2G/nBnNLOdhu/Wufs1sJUOc+cp V9PgQH0iWut0N89DaOzTH+4PQvvvTw12HuKHk+P+/O8bBBdcI9gpd5klce/5jquc QXqhy49koz6BturNpVnXfSWjdLPwQ1pwhGJOkv7vLsdx6HVeuY6BsSE+C28cHFl+ z/AOZL4eCa9xKlePdGKCbqzTjMmCiJQbeShoBOKt1DtSgVVgtE0Kc5EZQcqop0aw RG304k1HSbrgsSRFxx6s1RophOQaC3ASvWkw5OY/8ylNrO9AAMxLRjZNCve6V7Rq 86WRMpuQxpE= =winR -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
var-200711-0540	Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression. Perl is prone to a buffer-overflow vulnerability because it fails to sufficiently bounds-check user-supplied input. This facilitates the remote compromise of affected computers. Perl 5.8 is vulnerable to this issue; other versions may also be affected. An error in the way Perl's regular expression engine calculates the space required to process regular expressions could allow a local attacker to elevate privileges. For the stable distribution (etch), this problem has been fixed in version 5.8.8-7etch1. For the old stable distribution (sarge), this problem has been fixed in version 5.8.4-8sarge6. For the unstable distribution (sid), this problem will be fixed soon. Some architectures are missing from this DSA; these updates will be released once they are available. We recommend that you upgrade your perl package. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6.dsc Size/MD5 checksum: 1031 653d1eaa085e027d325a520653e9785c http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6.diff.gz Size/MD5 checksum: 103931 b8c617d86f3baa2cd35bde936c0a76d5 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4.orig.tar.gz Size/MD5 checksum: 12094233 912050a9cb6b0f415b76ba56052fb4cf Architecture independent components: http://security.debian.org/pool/updates/main/p/perl/libcgi-fast-perl_5.8.4-8sarge6_all.deb Size/MD5 checksum: 38810 ff950bde09387a4023efff595fcb7b80 http://security.debian.org/pool/updates/main/p/perl/perl-doc_5.8.4-8sarge6_all.deb Size/MD5 checksum: 7049010 803d0a25ddd6d3a75769b39fd44c1b21 http://security.debian.org/pool/updates/main/p/perl/perl-modules_5.8.4-8sarge6_all.deb Size/MD5 checksum: 2178698 8f6bbe7db6414444fd5dbfb7786e6b76 Alpha architecture: http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_alpha.deb Size/MD5 checksum: 804866 47b0bbfc0d2544132ac23e7bbd6fd81f http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_alpha.deb Size/MD5 checksum: 1008 dddcaa51b3b5b67c881b49a996e83944 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_alpha.deb Size/MD5 checksum: 3902134 e2170d1b691a118df3a3277e6f4b0af9 http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_alpha.deb Size/MD5 checksum: 874688 bdb3fc1c1e0bed8bc37292f12ec9e803 http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_alpha.deb Size/MD5 checksum: 4132780 e2539f2b62fd1a394f5424a534e9a51d http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_alpha.deb Size/MD5 checksum: 37086 dd82f2321b96bc531e16857848bece42 AMD64 architecture: http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_amd64.deb Size/MD5 checksum: 605148 b613969a68e576543f18f56b1956e78e http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_amd64.deb Size/MD5 checksum: 1000 613477a3ba3f93013fa7a7776022d8e9 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_amd64.deb Size/MD5 checksum: 3834172 7f354043d2e7bbee72c710982e4f9074 http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_amd64.deb Size/MD5 checksum: 791816 3541cf654fc59dd564c7af6642fae4df http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_amd64.deb Size/MD5 checksum: 3935362 38fb00c40a25985bf22cfe9805543349 http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_amd64.deb Size/MD5 checksum: 32846 2f8cd32f087f60c61457f73f75fe3781 ARM architecture: http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge3_arm.deb Size/MD5 checksum: 613158 30cd5528198d49208274e50e60611b0a http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge3_arm.deb Size/MD5 checksum: 1026 fc64aa8b67f46fcccb6d85db7cb242ad http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge3_arm.deb Size/MD5 checksum: 3132808 226a69d4fa30d1e0a40f4d761826c230 http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge3_arm.deb Size/MD5 checksum: 737524 b4aaf84bd60fef147d1131c5ffbc6a0a http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge3_arm.deb Size/MD5 checksum: 3719460 8e8d12058f9f7fb9e153d4c3ff79d0f4 http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge3_arm.deb Size/MD5 checksum: 29880 faa9dc0401eb667e202e12f2d2cf9643 HP Precision architecture: http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_hppa.deb Size/MD5 checksum: 654704 4efe04a8f2a81c81860148da029a88a8 http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_hppa.deb Size/MD5 checksum: 1006 5081a0e11c583460919427c5b0c99a0d http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_hppa.deb Size/MD5 checksum: 3922234 a2b4f6549b23dd3a6c11ff97b6377d3d http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_hppa.deb Size/MD5 checksum: 867856 0955f80a504eb620dbab22129fe96dd3 http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_hppa.deb Size/MD5 checksum: 3910388 59e8e003f4d65c3e42785226c90d5466 http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_hppa.deb Size/MD5 checksum: 34496 46aee518b3411566edf62ea822e0edfd Intel IA-32 architecture: http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_i386.deb Size/MD5 checksum: 567034 2edc13b9a19f6291bb300bcc28b815bd http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_i386.deb Size/MD5 checksum: 508698 9f275f4137b40e5cd465e3073527ad34 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_i386.deb Size/MD5 checksum: 3239308 bd4934402fadbd7c6c6c00260a4ecb88 http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_i386.deb Size/MD5 checksum: 753218 4f70cd1586e664189be02a84247efe5d http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_i386.deb Size/MD5 checksum: 3736626 8710f57842322a711abf6161f57e9bc1 http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_i386.deb Size/MD5 checksum: 31706 d4e08f75b79d3bb75b4bdea55d668b6f Intel IA-64 architecture: http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_ia64.deb Size/MD5 checksum: 866526 1f01d28dbc0d3fac81fbf120d048896a http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_ia64.deb Size/MD5 checksum: 1000 07c5c9823c9ff29b96ce76c63e4dfd16 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_ia64.deb Size/MD5 checksum: 4027978 0919c0c823170c46578a52df90f69cfc http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_ia64.deb Size/MD5 checksum: 1046706 7f724a26677aa52c39182a5109bd3bf9 http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_ia64.deb Size/MD5 checksum: 4534722 9a16fed74de4e2e0c43b1135c15df9d3 http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_ia64.deb Size/MD5 checksum: 50106 e73b65a4b267ca99ba48ef64de4dfdc1 Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge3_m68k.deb Size/MD5 checksum: 457778 f25f1ebbbb4a5ce7b7a4a79c6256987e http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge3_m68k.deb Size/MD5 checksum: 1040 9882ea5db94e569a35209a66c74bb390 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge3_m68k.deb Size/MD5 checksum: 3815032 321dd2b80abad424b678f260d18f323a http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge3_m68k.deb Size/MD5 checksum: 692196 733bfa10857d842bd907f408b03a8b3d http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge3_m68k.deb Size/MD5 checksum: 3008672 81a0d0613ebe7b9affcd56174e1f955c http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge3_m68k.deb Size/MD5 checksum: 27934 68de12bace4cf3de7a339b25119b1611 Big endian MIPS architecture: http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge3_mips.deb Size/MD5 checksum: 657066 7e2c9980c630b3aa1e60348a4998665a http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge3_mips.deb Size/MD5 checksum: 1032 3da5c1e82b6194beac8fe7020a38d7a3 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge3_mips.deb Size/MD5 checksum: 3384320 edfa53822abb7626b2bfd6ac4d5923df http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge3_mips.deb Size/MD5 checksum: 781078 f4a7b2e1bbd95c9381503b382d35ba58 http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge3_mips.deb Size/MD5 checksum: 4017490 ddca3a084b7c9f1b841bd3f93e39a1d0 http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge3_mips.deb Size/MD5 checksum: 32314 51f707f1c1d3df1c3ad05dc545512c10 Little endian MIPS architecture: http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_mipsel.deb Size/MD5 checksum: 653134 bbb4600b3f9f2512fe9a9233bd06370e http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_mipsel.deb Size/MD5 checksum: 1008 42770abda5e92de95a180097e8588304 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_mipsel.deb Size/MD5 checksum: 3125468 db2214e0762dab59ebe7237fbe8d80b2 http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_mipsel.deb Size/MD5 checksum: 781866 c3b6aa7d16d60fc0a083601801d57cdd http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_mipsel.deb Size/MD5 checksum: 3967958 2d941edd8a70f1461f4bc7ec9b97a396 http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_mipsel.deb Size/MD5 checksum: 32426 c16e24f77488ab690b9c73d33e9fd7be PowerPC architecture: http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_powerpc.deb Size/MD5 checksum: 624852 fc0e31770a095b3180e8d29daac7ccc7 http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_powerpc.deb Size/MD5 checksum: 988 5668a4e4abcab40b924c2855c4c34f62 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_powerpc.deb Size/MD5 checksum: 3509282 9e72e0a6a0d0108d701e9071e0ed4c3b http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_powerpc.deb Size/MD5 checksum: 790186 fa6005f52c5a101e053dc24e5247f025 http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_powerpc.deb Size/MD5 checksum: 3700840 fe73cfba8f036b63839141d4a0564d49 http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_powerpc.deb Size/MD5 checksum: 33564 e6d5ea2116ea4f5332c1ce887aa9b727 IBM S/390 architecture: http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_s390.deb Size/MD5 checksum: 604302 92d8311292f70764bafc0b015818d39d http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_s390.deb Size/MD5 checksum: 996 8870e77ca4719c8cc1c67f6ac15ee36c http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_s390.deb Size/MD5 checksum: 3819836 84eed51f2f162825d3bda29af8ddb203 http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_s390.deb Size/MD5 checksum: 800590 ee302b41b1d011e089cb43db508415ef http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_s390.deb Size/MD5 checksum: 4235554 367b0ca68cd88842507c781cbb0e1f84 http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_s390.deb Size/MD5 checksum: 33240 54ef9ae270587bb4c88f0e2b25d73347 Sun Sparc architecture: http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_sparc.deb Size/MD5 checksum: 582166 027797bd12344393503ebae3344dfd43 http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_sparc.deb Size/MD5 checksum: 1006 4183b345e38cd2dcbca8c24cf3d02918 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_sparc.deb Size/MD5 checksum: 3547444 716f93769b9aa9c442044f9fe96c77c7 http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_sparc.deb Size/MD5 checksum: 775850 6ef7c40ecdd6e08dbb37d0c02f8c89a2 http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_sparc.deb Size/MD5 checksum: 3840628 e665c9ff077083f5719b7574e24fae05 http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_sparc.deb Size/MD5 checksum: 31038 64fcafc906130c016eb45f2394c5b4a8 Debian GNU/Linux 4.0 alias etch - ------------------------------- Source archives: http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1.dsc Size/MD5 checksum: 1033 92799d6842afb4c5a9cbf483591b2c36 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1.diff.gz Size/MD5 checksum: 93005 caec226784d13b4108af359206f4dfe9 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8.orig.tar.gz Size/MD5 checksum: 12829188 b8c118d4360846829beb30b02a6b91a7 Architecture independent components: http://security.debian.org/pool/updates/main/p/perl/libcgi-fast-perl_5.8.8-7etch1_all.deb Size/MD5 checksum: 40906 ac1a3065102a3bb7920a976833f1d3cc http://security.debian.org/pool/updates/main/p/perl/perl-doc_5.8.8-7etch1_all.deb Size/MD5 checksum: 7348690 c36b83c80b2c35515f3e6dec6451fda1 http://security.debian.org/pool/updates/main/p/perl/perl-modules_5.8.8-7etch1_all.deb Size/MD5 checksum: 2313532 915e64aecc9e15678125def5267ea809 Alpha architecture: http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_alpha.deb Size/MD5 checksum: 821314 682e53e9c6736c48e31ea26e8697c870 http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_alpha.deb Size/MD5 checksum: 1016 252a644a15275db90c1a9273e6f3b854 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_alpha.deb Size/MD5 checksum: 4135606 4925efac08f96859a7c8b47b886e0533 http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_alpha.deb Size/MD5 checksum: 877900 03dce75ac1f4c9765a24f6f25ba01251 http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_alpha.deb Size/MD5 checksum: 2928420 1a9ab7809416b7cfc068180646414576 http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_alpha.deb Size/MD5 checksum: 36248 927d991a17103561f701fb56d512279d AMD64 architecture: http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_amd64.deb Size/MD5 checksum: 630480 cdfbd258b8ee105250f389c3adfdc16e http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_amd64.deb Size/MD5 checksum: 1010 101f7c5357740b63a670ae874a3a498a http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_amd64.deb Size/MD5 checksum: 4238220 a2a9c0db784cc91e249f23e5564207bd http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_amd64.deb Size/MD5 checksum: 808804 469c3fd8e358d917225dd49f987bbf8d http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_amd64.deb Size/MD5 checksum: 2734912 d34da61c02d263e230b55f911d2dc748 http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_amd64.deb Size/MD5 checksum: 32798 afac9013d139c7ab1276f50cc35f4512 ARM architecture: http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_arm.deb Size/MD5 checksum: 561934 9739f475931e29fb26e23873df727e04 http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_arm.deb Size/MD5 checksum: 1018 77926e3d601fe1ed9bd75ef5a854d4e4 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_arm.deb Size/MD5 checksum: 3412144 73c5f41073926ea641d06032b0c5d228 http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_arm.deb Size/MD5 checksum: 760246 574a68af0f13bc1a80d97c0eaa9ca4fc http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_arm.deb Size/MD5 checksum: 2545942 7fb21c951bfd70b24e9b63a4025059f4 http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_arm.deb Size/MD5 checksum: 30358 ed5a223824e775a2e37b8e492e25abcb HP Precision architecture: http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_hppa.deb Size/MD5 checksum: 693944 441ce7894fc9d46c3a285b8681097a24 http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_hppa.deb Size/MD5 checksum: 1014 068b7030ce2e74328a567f560690e208 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_hppa.deb Size/MD5 checksum: 4192184 916514f48c2d5ab511aac0c9d878d133 http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_hppa.deb Size/MD5 checksum: 868288 7eb4c3e38c25285bc6a0ab6dc5a1d770 http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_hppa.deb Size/MD5 checksum: 2735540 ff004f914a26621775d0247834e78cae http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_hppa.deb Size/MD5 checksum: 33210 c035eeb23dc4a1e04444065ae75f7b24 Intel IA-32 architecture: http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_i386.deb Size/MD5 checksum: 585382 a27a344126f78b50c6874887ba8a7dec http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_i386.deb Size/MD5 checksum: 526956 2ae05903f4a08189e5319c4ca869828a http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_i386.deb Size/MD5 checksum: 3578468 e6a886c21a58d96083d0385ef602df75 http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_i386.deb Size/MD5 checksum: 762180 e7d2c75b547db6c71e77395461c62e82 http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_i386.deb Size/MD5 checksum: 2491880 f01678cc32a118929a22ee765ccd4768 http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_i386.deb Size/MD5 checksum: 32094 56c5c6dded2172596d6bbea68d94068e Intel IA-64 architecture: http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_ia64.deb Size/MD5 checksum: 977484 94fd1bb72f48559786abedc8b0ea6107 http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_ia64.deb Size/MD5 checksum: 1006 9272b8f38e0b68c7143401bbe0dd10b3 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_ia64.deb Size/MD5 checksum: 4335608 4caae66d357b7c8f6a9d3b6ec1b98ac1 http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_ia64.deb Size/MD5 checksum: 1153272 e61d597589339745c714ada2fa54d397 http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_ia64.deb Size/MD5 checksum: 3364174 d31a368b96392b89af59fbb529c81d20 http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_ia64.deb Size/MD5 checksum: 51270 84b6fde3b7ed1898b59267b994efb4ff Little endian MIPS architecture: http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_mipsel.deb Size/MD5 checksum: 687114 8973b906567dd752c73039a89dcb14ee http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_mipsel.deb Size/MD5 checksum: 1012 47029166d1e495ad05a251d4946fbdc2 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_mipsel.deb Size/MD5 checksum: 3413386 5ff0e279c6934b01d4bf163a5b171584 http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_mipsel.deb Size/MD5 checksum: 784352 dece00126cd1cf8c07ec673bd8043e6d http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_mipsel.deb Size/MD5 checksum: 2729528 194373b4343008cc33b345744b7935fa http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_mipsel.deb Size/MD5 checksum: 32336 98092e70a5ea30153ec32f1d87cde1e4 PowerPC architecture: http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_powerpc.deb Size/MD5 checksum: 653158 7b39e1fb1a940e19ebe4e9df9f6c1abb http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_powerpc.deb Size/MD5 checksum: 1010 4f68cd00058bfe50e5353cc2f1027e30 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_powerpc.deb Size/MD5 checksum: 3824518 514b283d68bdb8ab5f8211b86fba6dd7 http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_powerpc.deb Size/MD5 checksum: 810514 54511356fc749a7518d6339d4832ab3e http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_powerpc.deb Size/MD5 checksum: 2709230 f62606ee2641c529eed8d6f2aff8489e http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_powerpc.deb Size/MD5 checksum: 32902 de438d275e8c95f5dba5096386f3bdbd Sun Sparc architecture: http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_sparc.deb Size/MD5 checksum: 594254 32f78d47a9fdb90ac99363642330cea5 http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_sparc.deb Size/MD5 checksum: 1012 b4cdde1e439f59c484701a503271f3ba http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_sparc.deb Size/MD5 checksum: 3796708 d85383c57b38d1da74f5d4fed6e33c02 http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_sparc.deb Size/MD5 checksum: 783042 675e8693a697b670936108a3baeded7f http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_sparc.deb Size/MD5 checksum: 2565704 7419d49d4b7ac54b849d432177a3ff36 http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_sparc.deb Size/MD5 checksum: 31072 40d9e6abb0fd11019912c4877c8bf3ac These files will probably be moved into the stable distribution on its next update. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201412-11 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: AMD64 x86 emulation base libraries: Multiple vulnerabilities Date: December 12, 2014 Bugs: #196865, #335508, #483632, #508322 ID: 201412-11 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in AMD64 x86 emulation base libraries, the worst of which may allow remote execution of arbitrary code. Background ========== AMD64 x86 emulation base libraries provides pre-compiled 32-bit libraries. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-emulation/emul-linux-x86-baselibs < 20140406-r1 >= 20140406-r1 Description =========== Multiple vulnerabilities have been discovered in AMD64 x86 emulation base libraries. Please review the CVE identifiers referenced below for details. Impact ====== A context-dependent attacker may be able to execute arbitrary code, cause a Denial of Service condition, or obtain sensitive information. Workaround ========== There is no known workaround at this time. Resolution ========== All users of the AMD64 x86 emulation base libraries should upgrade to the latest version: # emerge --sync # emerge -1av ">=app-emulation/emul-linux-x86-baselibs-20140406-r1" NOTE: One or more of the issues described in this advisory have been fixed in previous updates. They are included in this advisory for the sake of completeness. It is likely that your system is already no longer affected by them. References ========== [ 1 ] CVE-2007-0720 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0720 [ 2 ] CVE-2007-1536 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1536 [ 3 ] CVE-2007-2026 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2026 [ 4 ] CVE-2007-2445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2445 [ 5 ] CVE-2007-2741 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2741 [ 6 ] CVE-2007-3108 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3108 [ 7 ] CVE-2007-4995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4995 [ 8 ] CVE-2007-5116 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5116 [ 9 ] CVE-2007-5135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5135 [ 10 ] CVE-2007-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5266 [ 11 ] CVE-2007-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5268 [ 12 ] CVE-2007-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5269 [ 13 ] CVE-2007-5849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5849 [ 14 ] CVE-2010-1205 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1205 [ 15 ] CVE-2013-0338 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0338 [ 16 ] CVE-2013-0339 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0339 [ 17 ] CVE-2013-1664 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1664 [ 18 ] CVE-2013-1969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1969 [ 19 ] CVE-2013-2877 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2877 [ 20 ] CVE-2014-0160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0160 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201412-11.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2008-0001 Synopsis: Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages Issue date: 2008-01-07 Updated on: 2008-01-07 CVE numbers: CVE-2007-5360 CVE-2007-5398 CVE-2007-4572 CVE-2007-5191 CVE-2007-5116 CVE-2007-3108 CVE-2007-5135 - ------------------------------------------------------------------- 1. Summary: Updated service console patches 2. Relevant releases: ESX Server 3.0.2 without patches ESX-1002969, ESX-1002970, ESX-1002971, ESX-1002975, ESX-1002976 ESX Server 3.0.1 without patches ESX-1002962, ESX-1002963, ESX-1002964, ESX-1002968, ESX-1002972, ESX-1003176 3. Problem description: I OpenPegasus PAM Authentication Buffer Overflow Alexander Sotirov from VMware Security Research discovered a buffer overflow vulnerability in the OpenPegasus Management server. This flaw could be exploited by a malicious remote user on the service console network to gain root access to the service console. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2007-5360 to this issue. RPM Updated: pegasus-2.5-552927 VM Shutdown: No Host Reboot: No Note: ESX Server 3.5 and ESX Server 3i are not affected by this issue. ESX Server 3.0.2 http://download3.vmware.com/software/vi/ESX-1002970.tgz md5sum: d19115e965d486e72100ce489efea707 http://kb.vmware.com/kb/1002970 ESX Server 3.0.1 http://download3.vmware.com/software/vi/ESX-1003176.tgz md5sum: 5674ca0dcfac90726014cc316444996e http://kb.vmware.com/kb/1003176 ESX Server 2.5.x Users should remove the OpenPegasus CIM Management rpm. This component is disabled by default, and VMware recommends that you do not use this component of ESX Server 2.x. If you want to use the CIM functionality, upgrade to ESX Server 3.0.1 or a later release. Note: This vulnerability can be exploited remotely only if the attacker has access to the service console network. Security best practices provided by VMware recommend that the service console be isolated from the VM network. Please see http://www.vmware.com/resources/techresources/726 for more information on VMware security best practices. II Service Console package security updates a. Updated Samba package An issue where attackers on the service console management network can cause a stack-based buffer overflow in the reply_netbios_packet function of nmbd in Samba. On systems where Samba is being used as a WINS server, exploiting this vulnerability can allow remote attackers to execute arbitrary code via crafted WINS Name Registration requests followed by a WINS Name Query request. An issue where attackers on the service console management network can exploit a vulnerability that occurs when Samba is configured as a Primary or Backup Domain controller. The vulnerability allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2007-5398 and CVE-2007-4572 to these issues. Note: By default Samba is not configured as a WINS server or a domain controller and ESX is not vulnerable unless the administrator has changed the default configuration. This vulnerability can be exploited remotely only if the attacker has access to the service console network. Security best practices provided by VMware recommend that the service console be isolated from the VM network. Please see http://www.vmware.com/resources/techresources/726 for more information on VMware security best practices. RPM Updated: samba-3.0.9-1.3E.14.1vmw samba-client-3.0.9-1.3E.14.1vmw samba-common-3.0.9-1.3E.14.1vmw VM Shutdown: Yes Host Reboot: Yes ESX Server 3.5.0 is not affected by this issue ESX Server 3.0.2 http://download3.vmware.com/software/vi/ESX-1002975.tgz md5sum: 797a7494c2c4eb49629d3f94818df5dd http://kb.vmware.com/kb/1002975 ESX Server 3.0.1 http://download3.vmware.com/software/vi/ESX-1002968.tgz md5sum: 5106d90afaf77c3a0d8433487f937d06 http://kb.vmware.com/kb/1002968 ESX Server 2.5.5 download Upgrade Patch 3 ESX Server 2.5.4 download Upgrade Patch 14 b. Updated util-linux package The patch addresses an issue where the mount and umount utilities in util-linux call the setuid and setgid functions in the wrong order and do not check the return values, which could allow attackers to gain elevated privileges via helper application such as mount.nfs. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2007-5191 to this issue. RPM Updated: util-linux-2.11y-31.24vmw losetup-2.11y-31.24vmw mount -2.11y-31.24vmw VM Shutdown: Yes Host Reboot: Yes ESX Server 3.0.2 http://download3.vmware.com/software/vi/ESX-1002976.tgz md5sum: 0fe833c50c0ecb0ff9340d6674be2e43 http://kb.vmware.com/kb/1002976 ESX Server 3.0.1 http://download3.vmware.com/software/vi/ESX-1002972.tgz md5sum: 59ca4a43f330c5f0b7a55693aa952cdc http://kb.vmware.com/kb/1002972 c. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2007-5116 to this issue. RPM Updated: perl-5.8.0-97.EL3 VM Shutdown: Yes Host Reboot: Yes ESX Server 3.0.2 http://download3.vmware.com/software/vi/ESX-1002971.tgz md5sum: 337b09d9ae4b1694a045e216b69765e1 http://kb.vmware.com/kb/1002971 ESX Server 3.0.1 http://download3.vmware.com/software/vi/ESX-1002964.tgz md5sum: d47e26104bfd5e4018ae645638c94487 http://kb.vmware.com/kb/1002964 d. Updated OpenSSL package A flaw in the SSL_get_shared_ciphers() function can allow an attacker to cause a buffer overflow problem by sending ciphers to applications that use the function. A possible vulnerability that would allow a local attacker to obtain private RSA keys being used on a system using the OpenSSL package. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2007-3108, and CVE-2007-5135 to these issues. RPM Updated: openssl-0.9.7a-33.24 VM Shutdown: Yes Host Reboot: Yes ESX Server 3.0.2 http://download3.vmware.com/software/vi/ESX-1002969.tgz md5sum: 72fd28a9f9380158db149259fbdcaa3b http://kb.vmware.com/kb/1002969 ESX Server 3.0.1 http://download3.vmware.com/software/vi/ESX-1002962.tgz md5sum: a0727bdc2e1a6f00d5fe77430a6ee9d6 http://kb.vmware.com/kb/1002962 ESX Server 2.5.5 download Upgrade Patch 3 ESX Server 2.5.4 download Upgrade Patch 14 4. Solution: Please review the Patch notes for your product and version and verify the md5sum of your downloaded file. ESX Server 3.x Patches: http://www.vmware.com/download/vi/vi3_patches.html ESX Server 2.x Patches: http://www.vmware.com/download/esx/esx2_patches.html ESX Server 2.5.5 Upgrade Patch 3 http://download3.vmware.com/software/esx/esx-2.5.5-65742-upgrade.tar.gz md5sum: 9068250fdd604e8787ef40995a4638f9 http://www.vmware.com/support/esx25/doc/esx-255-200712-patch.html ESX Server 2.5.4 Upgrade Patch 14 http://download3.vmware.com/software/esx/esx-2.5.4-65752-upgrade.tar.gz md5sum: 24990b9207f882ccc91545b6fc90273d http://www.vmware.com/support/esx25/doc/esx-254-200712-patch.html 5. References: CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5360 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5116 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3108 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5135 - ------------------------------------------------------------------- 6. Contact: E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce This Security Advisory is posted to the following lists: * security-announce@lists.vmware.com * bugtraq@securityfocus.com * full-disclosure@lists.grok.org.uk E-mail: security@vmware.com Security web site http://www.vmware.com/security VMware security response policy http://www.vmware.com/support/policies/security_response.html General support life cycle policy http://www.vmware.com/support/policies/eos.html VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html Copyright 2008 VMware Inc. All rights reserved. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) iD8DBQFHgtXJS2KysvBH1xkRCPnYAJoDMpdOmgs4e+JQ610SCjnKF99wpgCfcVO3 UCcAvs574f1LCZv+8lPQvrk= =Hzno -----END PGP SIGNATURE----- . Updated packages have been patched to prevent these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5116 _______________________________________________________________________ Updated Packages: Mandriva Linux 2007.0: 7dee97092269465ccb5de0f35321ab13 2007.0/i586/perl-5.8.8-7.1mdv2007.0.i586.rpm efd626e1f1efd248e6c6570e88a599c3 2007.0/i586/perl-base-5.8.8-7.1mdv2007.0.i586.rpm 62b10d28a5abc05d3b8cd35c7f68e8aa 2007.0/i586/perl-devel-5.8.8-7.1mdv2007.0.i586.rpm 3a9dc19143ab6a27713fdeb6665d8d76 2007.0/i586/perl-doc-5.8.8-7.1mdv2007.0.i586.rpm 60b511580ae4f514434dd111efa42872 2007.0/i586/perl-suid-5.8.8-7.1mdv2007.0.i586.rpm 08e44392992b4ab983bf85debb8be462 2007.0/SRPMS/perl-5.8.8-7.1mdv2007.0.src.rpm Mandriva Linux 2007.0/X86_64: be33f079454aec3b88f21716dfacf8d6 2007.0/x86_64/perl-5.8.8-7.1mdv2007.0.x86_64.rpm 5a82850218434119c3f55047b3068213 2007.0/x86_64/perl-base-5.8.8-7.1mdv2007.0.x86_64.rpm 4f995ed4fa46f2bf79a427d9341e895b 2007.0/x86_64/perl-devel-5.8.8-7.1mdv2007.0.x86_64.rpm e949a7e20661c6c5f4c4511f25196ff6 2007.0/x86_64/perl-doc-5.8.8-7.1mdv2007.0.x86_64.rpm a3df44cc0b957b02bfcab3eed98542dd 2007.0/x86_64/perl-suid-5.8.8-7.1mdv2007.0.x86_64.rpm 08e44392992b4ab983bf85debb8be462 2007.0/SRPMS/perl-5.8.8-7.1mdv2007.0.src.rpm Mandriva Linux 2007.1: efb800025ab3001b90af0e16e5a49886 2007.1/i586/perl-5.8.8-10.1mdv2007.1.i586.rpm 515beec177dd5a0418090016ae357274 2007.1/i586/perl-base-5.8.8-10.1mdv2007.1.i586.rpm ae79195a6f27e44fd4ff7899497cf948 2007.1/i586/perl-devel-5.8.8-10.1mdv2007.1.i586.rpm f721306e820d4c66db3466917cde67f9 2007.1/i586/perl-doc-5.8.8-10.1mdv2007.1.i586.rpm 85a219e5b2c3788841024be8d81b2cac 2007.1/i586/perl-suid-5.8.8-10.1mdv2007.1.i586.rpm 9b22a92ec4a3dc898a12bbb80ada4de2 2007.1/SRPMS/perl-5.8.8-10.1mdv2007.1.src.rpm Mandriva Linux 2007.1/X86_64: 1a17302f843293a5dc0063fe3e4549c0 2007.1/x86_64/perl-5.8.8-10.1mdv2007.1.x86_64.rpm c85ba481d517ec81c54eea5bc7064405 2007.1/x86_64/perl-base-5.8.8-10.1mdv2007.1.x86_64.rpm 5d3b84a1444339a83058bc3493506d22 2007.1/x86_64/perl-devel-5.8.8-10.1mdv2007.1.x86_64.rpm 005d395a8717bd5af248820eb01cc1d8 2007.1/x86_64/perl-doc-5.8.8-10.1mdv2007.1.x86_64.rpm f6c966ea032f921f033934d1f894b96b 2007.1/x86_64/perl-suid-5.8.8-10.1mdv2007.1.x86_64.rpm 9b22a92ec4a3dc898a12bbb80ada4de2 2007.1/SRPMS/perl-5.8.8-10.1mdv2007.1.src.rpm Mandriva Linux 2008.0: 6e84010549818c839e91034391b79f4f 2008.0/i586/perl-5.8.8-12.1mdv2008.0.i586.rpm f09541f2caf348aee64161cecdf7276e 2008.0/i586/perl-base-5.8.8-12.1mdv2008.0.i586.rpm dce7ae7aba1d356fd366075b67478493 2008.0/i586/perl-devel-5.8.8-12.1mdv2008.0.i586.rpm b3169afea74fd707021d03410172b6c0 2008.0/i586/perl-doc-5.8.8-12.1mdv2008.0.i586.rpm 78585fde0ad5b02f3e7c0f01d31a1ccf 2008.0/i586/perl-suid-5.8.8-12.1mdv2008.0.i586.rpm 584ad050342c7136e161fc48d29398bf 2008.0/SRPMS/perl-5.8.8-12.1mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: 6ee9071cb1b0a6f38e731b1cd9a421e7 2008.0/x86_64/perl-5.8.8-12.1mdv2008.0.x86_64.rpm d7bd85fb101d94bf1dc84bcf817533d7 2008.0/x86_64/perl-base-5.8.8-12.1mdv2008.0.x86_64.rpm 031487e27d7f2a12003efe8ab714a096 2008.0/x86_64/perl-devel-5.8.8-12.1mdv2008.0.x86_64.rpm 3c1846b134cbd1461ffd291a95f6e2d2 2008.0/x86_64/perl-doc-5.8.8-12.1mdv2008.0.x86_64.rpm 99f545fefe35f45b5d90d2f98fe14da5 2008.0/x86_64/perl-suid-5.8.8-12.1mdv2008.0.x86_64.rpm 584ad050342c7136e161fc48d29398bf 2008.0/SRPMS/perl-5.8.8-12.1mdv2008.0.src.rpm Corporate 3.0: 9388a0766403e1accc6afc3d963960ba corporate/3.0/i586/perl-5.8.3-5.6.C30mdk.i586.rpm a67623fb7d2e4e18ca8976c64e43a4ca corporate/3.0/i586/perl-base-5.8.3-5.6.C30mdk.i586.rpm 9068ad50c3e10c29940bb071651a8d4d corporate/3.0/i586/perl-devel-5.8.3-5.6.C30mdk.i586.rpm a8a2e1b1963c212e4644c320f27c71d3 corporate/3.0/i586/perl-doc-5.8.3-5.6.C30mdk.i586.rpm 15b73b73ea6dd0de1100e1445690c034 corporate/3.0/SRPMS/perl-5.8.3-5.6.C30mdk.src.rpm Corporate 3.0/X86_64: f2f7445b49d5d7afa7b3766d71bdf65f corporate/3.0/x86_64/perl-5.8.3-5.6.C30mdk.x86_64.rpm ef5dabb99fdbe28068089eba1fd8bcc4 corporate/3.0/x86_64/perl-base-5.8.3-5.6.C30mdk.x86_64.rpm 4a5a04a330db20f460229aa69ded5e95 corporate/3.0/x86_64/perl-devel-5.8.3-5.6.C30mdk.x86_64.rpm 2bc06d931706f57fa946822f9396ffd6 corporate/3.0/x86_64/perl-doc-5.8.3-5.6.C30mdk.x86_64.rpm 15b73b73ea6dd0de1100e1445690c034 corporate/3.0/SRPMS/perl-5.8.3-5.6.C30mdk.src.rpm Corporate 4.0: e158109794ad5e71bc02f41adec150e1 corporate/4.0/i586/perl-5.8.7-3.3.20060mlcs4.i586.rpm 03c680726cf01c3d8f25cb7d61d7bb10 corporate/4.0/i586/perl-base-5.8.7-3.3.20060mlcs4.i586.rpm 51f55a3998dbcf2e9abcf821ffb3026f corporate/4.0/i586/perl-devel-5.8.7-3.3.20060mlcs4.i586.rpm f936e8720be0d37223b8a97dc2ed2704 corporate/4.0/i586/perl-doc-5.8.7-3.3.20060mlcs4.i586.rpm b4068ddb2d92f4845c29a6b3ca8feef5 corporate/4.0/i586/perl-suid-5.8.7-3.3.20060mlcs4.i586.rpm 3b23f4612d0a011d50c5eb6960ffa5c4 corporate/4.0/SRPMS/perl-5.8.7-3.3.20060mlcs4.src.rpm Corporate 4.0/X86_64: c42250a8c42a0e349102ff977c6659cc corporate/4.0/x86_64/perl-5.8.7-3.3.20060mlcs4.x86_64.rpm 82d2bcbda0229415464c10471f881517 corporate/4.0/x86_64/perl-base-5.8.7-3.3.20060mlcs4.x86_64.rpm 7f07eddd92d4c49b3ee5c32c69d52996 corporate/4.0/x86_64/perl-devel-5.8.7-3.3.20060mlcs4.x86_64.rpm 140b57c79fc305a52e13ce5550e7d05c corporate/4.0/x86_64/perl-doc-5.8.7-3.3.20060mlcs4.x86_64.rpm ec3007ca202716e0c3872c37141fc2cc corporate/4.0/x86_64/perl-suid-5.8.7-3.3.20060mlcs4.x86_64.rpm 3b23f4612d0a011d50c5eb6960ffa5c4 corporate/4.0/SRPMS/perl-5.8.7-3.3.20060mlcs4.src.rpm Multi Network Firewall 2.0: 8ea5d389e9ddd9ca2e1b78869ad14ca7 mnf/2.0/i586/perl-5.8.3-5.6.M20mdk.i586.rpm f53bd974980010568e5153578d628323 mnf/2.0/i586/perl-base-5.8.3-5.6.M20mdk.i586.rpm 1335c295512b38ea524e201c66551132 mnf/2.0/i586/perl-devel-5.8.3-5.6.M20mdk.i586.rpm 8e306b59ecbb8583d5c1e4e74ef62e34 mnf/2.0/i586/perl-doc-5.8.3-5.6.M20mdk.i586.rpm 7576ea8ec817978b4602f5bf4c3436c5 mnf/2.0/SRPMS/perl-5.8.3-5.6.M20mdk.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <securitymandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) iD8DBQFHL9FBmqjQ0CJFipgRAhxaAJ44oWRrf/Q1Zj9q+HP4Y3pj9Y8XugCg398H Rl9c0TwvCe/HjAyI42+NhlU= =o1R+ -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . Background ========== Perl is a stable, cross-platform programming language created by Larry Wall. b. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01362465 Version: 1 HPSBTU02311 SSRT080001 rev.1 - HP Tru64 UNIX running Perl, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2008-02-19 Last Updated: 2008-02-19 Potential Security Impact: Execution of Arbitrary Code Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY A potential security vulnerability has been identified in Perl 5.8.7 and earlier running on HP Tru64 UNIX. References: CVE-2007-5116 SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HP Tru64 UNIX v 5.1B-4 HP Tru64 UNIX v 5.1B-3 Internet Express (IX) for HP Tru64 UNIX v 6.7 BACKGROUND CVSS 2.0 Base Metrics Reference Base Vector Base Score CVE-2007-5116 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 Information on CVSS is documented in HP Customer Notice: HPSN-2008-002. RESOLUTION HP is releasing the following Early Release Patch (ERP) kits publicly for use by any customer until updates are available in mainstream release patch kits. The resolutions contained in the ERP kits are targeted for availability in the following mainstream kits: The Associated Products CD (APCD) associated with HP Tru64 UNIX v 5.1B-5 Internet Express (IX) for HP Tru64 UNIX v 6.8 The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERPs. Contact your service provider for assistance if the installation of the ERPs is blocked by any of your installed CSPs. The ERP kits distribute the following items: Patched version of Perl v 5.8.8 including source code HP Tru64 UNIX Version v5.1B-4 PREREQUISITE: HP Tru64 UNIX v5.1B-4 PK6 (BL27) Name: perl_V51BB27-ES-20080207 Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=perl_V51BB27-ES-20080207 HP Tru64 UNIX Version v5.1B-3 PREREQUISITE: HP Tru64 UNIX v5.1B-3 PK5 (BL26) Name: perl_V51BB26-ES-20080204 Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001399-V51BB26-ES-20071207 Internet Express (IX) for HP Tru64 UNIX v 6.7 PREREQUISITE: HP Tru64 UNIX v5.1B-3 PK5 (BL26) or HP Tru64 UNIX v5.1B-3 PK5 (BL26) NOTE: Use the Perl patch kit appropriate to the operating system version MD5 checksums are available from the ITRC patch database main page. From the patch database main page, click Tru64 UNIX, then click verifying MD5 checksums under useful links. PRODUCT SPECIFIC INFORMATION HISTORY Version:1 (rev.1) - 19 February 2008 Initial release Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For further information, contact normal HP Services support channel. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save. To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections. To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do * The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement." \xa9Copyright 2008 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners
var-201806-1462	An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site that triggers an @generatorState use-after-free. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. WebKit is one of the web browser engine components. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201808-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: WebkitGTK+: Multiple vulnerabilities Date: August 22, 2018 Bugs: #652820, #658168, #662974 ID: 201808-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in WebKitGTK+, the worst of which may lead to arbitrary code execution. Background ========== WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-libs/webkit-gtk < 2.20.4 >= 2.20.4 Description =========== Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the referenced CVE identifiers for details. Workaround ========== There is no known workaround at this time. Resolution ========== All WebkitGTK+ users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.20.4" References ========== [ 1 ] CVE-2018-11646 https://nvd.nist.gov/vuln/detail/CVE-2018-11646 [ 2 ] CVE-2018-11712 https://nvd.nist.gov/vuln/detail/CVE-2018-11712 [ 3 ] CVE-2018-11713 https://nvd.nist.gov/vuln/detail/CVE-2018-11713 [ 4 ] CVE-2018-12293 https://nvd.nist.gov/vuln/detail/CVE-2018-12293 [ 5 ] CVE-2018-12294 https://nvd.nist.gov/vuln/detail/CVE-2018-12294 [ 6 ] CVE-2018-4101 https://nvd.nist.gov/vuln/detail/CVE-2018-4101 [ 7 ] CVE-2018-4113 https://nvd.nist.gov/vuln/detail/CVE-2018-4113 [ 8 ] CVE-2018-4114 https://nvd.nist.gov/vuln/detail/CVE-2018-4114 [ 9 ] CVE-2018-4117 https://nvd.nist.gov/vuln/detail/CVE-2018-4117 [ 10 ] CVE-2018-4118 https://nvd.nist.gov/vuln/detail/CVE-2018-4118 [ 11 ] CVE-2018-4119 https://nvd.nist.gov/vuln/detail/CVE-2018-4119 [ 12 ] CVE-2018-4120 https://nvd.nist.gov/vuln/detail/CVE-2018-4120 [ 13 ] CVE-2018-4121 https://nvd.nist.gov/vuln/detail/CVE-2018-4121 [ 14 ] CVE-2018-4122 https://nvd.nist.gov/vuln/detail/CVE-2018-4122 [ 15 ] CVE-2018-4125 https://nvd.nist.gov/vuln/detail/CVE-2018-4125 [ 16 ] CVE-2018-4127 https://nvd.nist.gov/vuln/detail/CVE-2018-4127 [ 17 ] CVE-2018-4128 https://nvd.nist.gov/vuln/detail/CVE-2018-4128 [ 18 ] CVE-2018-4129 https://nvd.nist.gov/vuln/detail/CVE-2018-4129 [ 19 ] CVE-2018-4133 https://nvd.nist.gov/vuln/detail/CVE-2018-4133 [ 20 ] CVE-2018-4146 https://nvd.nist.gov/vuln/detail/CVE-2018-4146 [ 21 ] CVE-2018-4162 https://nvd.nist.gov/vuln/detail/CVE-2018-4162 [ 22 ] CVE-2018-4163 https://nvd.nist.gov/vuln/detail/CVE-2018-4163 [ 23 ] CVE-2018-4165 https://nvd.nist.gov/vuln/detail/CVE-2018-4165 [ 24 ] CVE-2018-4190 https://nvd.nist.gov/vuln/detail/CVE-2018-4190 [ 25 ] CVE-2018-4192 https://nvd.nist.gov/vuln/detail/CVE-2018-4192 [ 26 ] CVE-2018-4199 https://nvd.nist.gov/vuln/detail/CVE-2018-4199 [ 27 ] CVE-2018-4200 https://nvd.nist.gov/vuln/detail/CVE-2018-4200 [ 28 ] CVE-2018-4201 https://nvd.nist.gov/vuln/detail/CVE-2018-4201 [ 29 ] CVE-2018-4204 https://nvd.nist.gov/vuln/detail/CVE-2018-4204 [ 30 ] CVE-2018-4214 https://nvd.nist.gov/vuln/detail/CVE-2018-4214 [ 31 ] CVE-2018-4218 https://nvd.nist.gov/vuln/detail/CVE-2018-4218 [ 32 ] CVE-2018-4222 https://nvd.nist.gov/vuln/detail/CVE-2018-4222 [ 33 ] CVE-2018-4232 https://nvd.nist.gov/vuln/detail/CVE-2018-4232 [ 34 ] CVE-2018-4233 https://nvd.nist.gov/vuln/detail/CVE-2018-4233 [ 35 ] CVE-2018-4261 https://nvd.nist.gov/vuln/detail/CVE-2018-4261 [ 36 ] CVE-2018-4262 https://nvd.nist.gov/vuln/detail/CVE-2018-4262 [ 37 ] CVE-2018-4263 https://nvd.nist.gov/vuln/detail/CVE-2018-4263 [ 38 ] CVE-2018-4264 https://nvd.nist.gov/vuln/detail/CVE-2018-4264 [ 39 ] CVE-2018-4265 https://nvd.nist.gov/vuln/detail/CVE-2018-4265 [ 40 ] CVE-2018-4266 https://nvd.nist.gov/vuln/detail/CVE-2018-4266 [ 41 ] CVE-2018-4267 https://nvd.nist.gov/vuln/detail/CVE-2018-4267 [ 42 ] CVE-2018-4270 https://nvd.nist.gov/vuln/detail/CVE-2018-4270 [ 43 ] CVE-2018-4272 https://nvd.nist.gov/vuln/detail/CVE-2018-4272 [ 44 ] CVE-2018-4273 https://nvd.nist.gov/vuln/detail/CVE-2018-4273 [ 45 ] CVE-2018-4278 https://nvd.nist.gov/vuln/detail/CVE-2018-4278 [ 46 ] CVE-2018-4284 https://nvd.nist.gov/vuln/detail/CVE-2018-4284 [ 47 ] WebKitGTK+ Security Advisory WSA-2018-0003 https://webkitgtk.org/security/WSA-2018-0003.html [ 48 ] WebKitGTK+ Security Advisory WSA-2018-0004 https://webkitgtk.org/security/WSA-2018-0004.html [ 49 ] WebKitGTK+ Security Advisory WSA-2018-0005 https://webkitgtk.org/security/WSA-2018-0005.html [ 50 ] WebKitGTK+ Security Advisory WSA-2018-0006 https://webkitgtk.org/security/WSA-2018-0006.html Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201808-04 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2018 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . ------------------------------------------------------------------------ WebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0005 ------------------------------------------------------------------------ Date reported : June 13, 2018 Advisory ID : WSA-2018-0005 WebKitGTK+ Advisory URL : https://webkitgtk.org/security/WSA-2018-0005.html WPE WebKit Advisory URL : https://wpewebkit.org/security/WSA-2018-0005.html CVE identifiers : CVE-2018-4190, CVE-2018-4192, CVE-2018-4199, CVE-2018-4201, CVE-2018-4214, CVE-2018-4218, CVE-2018-4222, CVE-2018-4232, CVE-2018-4233, CVE-2018-11646, CVE-2018-11712, CVE-2018-11713, CVE-2018-12293, CVE-2018-12294. Several vulnerabilities were discovered in WebKitGTK+ and WPE WebKit. Credit to Jun Kokatsu (@shhnjk). Impact: Visiting a maliciously crafted website may leak sensitive data. Description: Credentials were unexpectedly sent when fetching CSS mask images. This was addressed by using a CORS-enabled fetch method. Credit to Markus Gaasedelen, Nick Burnett, and Patrick Biernat of Ret2 Systems, Inc working with Trend Micro's Zero Day Initiative. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: A race condition was addressed with improved locking. Credit to Alex Plaskett, Georgi Geshev, Fabi Beterke, and Nils of MWR Labs working with Trend Micro's Zero Day Initiative. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: A buffer overflow issue was addressed with improved memory handling. Credit to an anonymous researcher. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to OSS-Fuzz. Impact: Processing maliciously crafted web content may lead to an unexpected application crash. Description: A memory corruption issue was addressed with improved input validation. Credit to Natalie Silvanovich of Google Project Zero. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Natalie Silvanovich of Google Project Zero. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: An out-of-bounds read was addressed with improved input validation. Credit to Aymeric Chaib. Impact: Visiting a maliciously crafted website may lead to cookies being overwritten. Description: A permissions issue existed in the handling of web browser cookies. This issue was addressed with improved restrictions. Credit to Samuel Gross (@5aelo) working with Trend Micro's Zero Day Initiative. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Mishra Dhiraj. Credit to Metrological Group B.V. The libsoup network backend of WebKit failed to perform TLS certificate verification for WebSocket connections. Credit to Dirkjan Ochtman. The libsoup network backend of WebKit unexpectedly failed to use system proxy settings for WebSocket connections. As a result, users could be deanonymized by crafted web sites via a WebSocket connection. Credit to ADlab of Venustech. Maliciously crafted web content could achieve a heap buffer overflow in ImageBufferCairo by exploiting multiple integer overflow issues. Credit to ADlab of Venustech. Maliciously crafted web content could trigger a use-after-free of a TextureMapperLayer object. We recommend updating to the latest stable versions of WebKitGTK+ and WPE WebKit. It is the best way to ensure that you are running a safe version of WebKit. Please check our websites for information about the latest stable releases. Further information about WebKitGTK+ and WPE WebKit security advisories can be found at https://webkitgtk.org/security.html or https://wpewebkit.org/security/. The WebKitGTK+ and WPE WebKit team, June 13, 2018 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-06-01-4 iOS 11.4 iOS 11.4 addresses the following: Bluetooth Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to elevate privileges Description: A buffer overflow was addressed with improved size validation. CVE-2018-4215: Abraham Masri (@cheesecakeufo) Contacts Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted vcf file may lead to a denial of service Description: A validation issue existed in the handling of phone numbers. CVE-2018-4100: Abraham Masri (@cheesecakeufo) FontParser Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved validation. CVE-2018-4211: Proteas of Qihoo 360 Nirvan Team iBooks Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker in a privileged network position may be able to spoof password prompts in iBooks Description: An input validation issue was addressed with improved input validation. CVE-2018-4202: Jerry Decime Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker in a privileged position may be able to perform a denial of service attack Description: A denial of service issue was addressed with improved validation. CVE-2018-4249: Kevin Backhouse of Semmle Ltd. Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A buffer overflow was addressed with improved bounds checking. CVE-2018-4241: Ian Beer of Google Project Zero CVE-2018-4243: Ian Beer of Google Project Zero libxpc Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A logic issue was addressed with improved validation. CVE-2018-4237: Samuel GroA (@5aelo) working with Trend Micro's Zero Day Initiative Magnifier Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to an iOS device may be able to view the last image used in Magnifier from the lockscreen Description: A permissions issue existed in Magnifier. This was addressed with additional permission checks. CVE-2018-4239: an anonymous researcher Mail Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker may be able to exfiltrate the contents of S/MIME-encrypted e-mail Description: An issue existed in the handling of encrypted Mail. CVE-2018-4227: Damian Poddebniak of MA1/4nster University of Applied Sciences, Christian Dresen of MA1/4nster University of Applied Sciences, Jens MA1/4ller of Ruhr University Bochum, Fabian Ising of MA1/4nster University of Applied Sciences, Sebastian Schinzel of MA1/4nster University of Applied Sciences, Simon Friedberger of KU Leuven, Juraj Somorovsky of Ruhr University Bochum, JAPrg Schwenk of Ruhr University Bochum Messages Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to conduct impersonation attacks Description: An injection issue was addressed with improved input validation. CVE-2018-4235: Anurodh Pokharel of Salesforce.com Messages Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted message may lead to a denial of service Description: This issue was addressed with improved message validation. CVE-2018-4240: Sriram (@Sri_Hxor) of PrimeFort Pvt. Ltd CVE-2018-4250: Metehan YA+-lmaz of Sesim Sarpkaya Safari Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious website may be able to cause a denial of service Description: A denial of service issue was addressed with improved validation. CVE-2018-4247: FranASSois Renaud, Jesse Viviano of Verizon Enterprise Solutions Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to read a persistent account identifier Description: An authorization issue was addressed with improved state management. CVE-2018-4223: Abraham Masri (@cheesecakeufo) Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Users may be tracked by malicious websites using client certificates Description: An issue existed in the handling of S-MIME certificaties. CVE-2018-4221: Damian Poddebniak of MA1/4nster University of Applied Sciences, Christian Dresen of MA1/4nster University of Applied Sciences, Jens MA1/4ller of Ruhr University Bochum, Fabian Ising of MA1/4nster University of Applied Sciences, Sebastian Schinzel of MA1/4nster University of Applied Sciences, Simon Friedberger of KU Leuven, Juraj Somorovsky of Ruhr University Bochum, JAPrg Schwenk of Ruhr University Bochum Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to read a persistent device identifier Description: An authorization issue was addressed with improved state management. CVE-2018-4224: Abraham Masri (@cheesecakeufo) Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to modify the state of the Keychain Description: An authorization issue was addressed with improved state management. CVE-2018-4225: Abraham Masri (@cheesecakeufo) Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to view sensitive user information Description: An authorization issue was addressed with improved state management. CVE-2018-4226: Abraham Masri (@cheesecakeufo) Siri Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to an iOS device may be able to enable Siri from the lock screen Description: An issue existed with Siri permissions. CVE-2018-4238: Baljinder Singh, Muhammad khizer javed, Onur Can BIKMAZ (@CanBkmaz) of Mustafa Kemal University Siri Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to an iOS device may be able to use Siri to read notifications of content that is set not to be displayed at the lock screen Description: An issue existed with Siri permissions. CVE-2018-4252: Hunter Byrnes, Martin Winkelmann (@Winkelmannnn) Siri Contacts Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker with physical access to a device may be able to see private contact information Description: An issue existed with Siri permissions. CVE-2018-4244: an anonymous researcher UIKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted text file may lead to a denial of service Description: A validation issue existed in the handling of text. CVE-2018-4198: Hunter Byrnes WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2018-4188: YoKo Kho (@YoKoAcc) of Mitra Integrasi Informatika, PT WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4201: an anonymous researcher CVE-2018-4218: Natalie Silvanovich of Google Project Zero CVE-2018-4233: Samuel GroA (@5aelo) working with Trend Micro's Zero Day Initiative WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling. CVE-2018-4199: Alex Plaskett, Georgi Geshev, Fabi Beterke, and Nils of MWR Labs working with Trend Micro's Zero Day Initiative WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a maliciously crafted website may lead to cookies being overwritten Description: A permissions issue existed in the handling of web browser cookies. CVE-2018-4192: Markus Gaasedelen, Nick Burnett, and Patrick Biernat of Ret2 Systems, Inc working with Trend Micro's Zero Day Initiative WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4204: found by OSS-Fuzz, Richard Zhu (fluorescence) working with Trend Micro's Zero Day Initiative WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved memory handling. CVE-2018-4246: found by OSS-Fuzz WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a maliciously crafted website may leak sensitive data Description: Credentials were unexpectedly sent when fetching CSS mask images. CVE-2018-4222: Natalie Silvanovich of Google Project Zero Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "iOS 11.4". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQJdBAEBCABHFiEEWpnGpHhyhjM9LuGIyxcaHpDFUHMFAlsRa1ApHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQyxcaHpDFUHObHBAA jBRwdrK3Eks7V798k16MQFOvlqkofZWO3D+Qxb5OSzxixGy0r/vml78tnerJ546C p9UrL/1IxH1PERiWevubg6nbWFstBrOhY0FWLiope9oLAMB92iMM/7a+O/6EHjOc 9p6Y/Bud0OwFHEoJmN4HLGMUubm1uTAdalXSmfanxuFvjpxAeczYvW/+wAblOnHr KfclXy68dfUlW0NMP0kbQwnk1lVrb8QKEeayYli19c8zSVC38eYyKYZwhRC37yWT ViBRSz9zVvgJQKX4JgjV6cRO3uIFZX+sksr6VdMM0nHjsTUT6Mc+IAe9Is3YlJCO x0H8+WeloeKrwNDs60Grz7tRNVpevIlInLEQJkuoOD3niWqzt0Q40IzCNlgd8FBv ZB5iencgWy/ObRJSgoOq29EIlt+KEb9nSJx3h6kByo0ZxYhSVrDm44cHzCF0+/zN vY4XR3hJpc1S3ySiSkWHIhqjPAEP7cb/D7Az/5SGgle8cklem5haOdzAkeOHnzim laKEg+F3vue6W+n9iv0x0byVBhC5Xr1iNuRh7+uor5TIVPR2s4moWOWvyTruG2Kk RLlL700y2OZl/04nTgxxShCwLygXiKd07nuFIh4fKiMcGw31HKx1Choof6sPHqzo Grg2dx9YQXTCTIsdDNG581MIwzVvJPLSM5OeNsHQEd0= =7ZCv -----END PGP SIGNATURE----- . Alternatively, on your watch, select "My Watch > General > About". ========================================================================== Ubuntu Security Notice USN-3687-1 June 18, 2018 webkit2gtk vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS - Ubuntu 17.10 - Ubuntu 16.04 LTS Summary: Several security issues were fixed in WebKitGTK+. Software Description: - webkit2gtk: Web content engine library for GTK+ Details: A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: libjavascriptcoregtk-4.0-18 2.20.3-0ubuntu0.18.04.1 libwebkit2gtk-4.0-37 2.20.3-0ubuntu0.18.04.1 Ubuntu 17.10: libjavascriptcoregtk-4.0-18 2.20.3-0ubuntu0.17.10.1 libwebkit2gtk-4.0-37 2.20.3-0ubuntu0.17.10.1 Ubuntu 16.04 LTS: libjavascriptcoregtk-4.0-18 2.20.3-0ubuntu0.16.04.1 libwebkit2gtk-4.0-37 2.20.3-0ubuntu0.16.04.1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK+, such as Epiphany, to make all the necessary changes. References: https://usn.ubuntu.com/usn/usn-3687-1 CVE-2018-12293, CVE-2018-4190, CVE-2018-4199, CVE-2018-4218, CVE-2018-4222, CVE-2018-4232, CVE-2018-4233 Package Information: https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.3-0ubuntu0.18.04.1 https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.3-0ubuntu0.17.10.1 https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.3-0ubuntu0.16.04.1
var-200107-0019	Cisco routers and switches running IOS 12.0 through 12.2.1 allows a remote attacker to cause a denial of service via a flood of UDP packets. The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial of service. Due to a problem parsing carriage return/line feeds in RFC822 format mail messages, The Bat! mail client may permaturely detect the end of a mail message, causing an error to occur. This error may prevent the mail user from retrieving other mail messages until the message with the error is removed. If numerous requests are made for MS DOS device names, ncgihttp.exe inappropriately handles them, resulting in the exhaustion of system resources. A potential denial of service condition may exist in Cisco's IOS firmware. The problem reportedly occurs when a large number of UDP packets are sent to device running IOS. This causes the system to use all available CPU resources and thus become unresponsive. The device may have to be reset manually if the attack is successful. -----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Security Alert Summary May 10, 2001 Volume 6 Number 6 X-Force Vulnerability and Threat Database: http://xforce.iss.net/ To receive these Alert Summaries as well as other Alerts and Advisories, subscribe to the Internet Security Systems Alert mailing list at: http://xforce.iss.net/maillists/index.php This summary can be found at: http://xforce.iss.net/alerts/vol-6_num-6.php _____ Contents: * 120 Reported Vulnerabilities * Risk Factor Key _____ Date Reported: 04/02/2001 Brief Description: The Bat! masked file type in email attachment could allow execution of code Risk Factor: Low Attack Type: Host Based / Network Based Platforms Affected: The Bat! 1.49 and earlier Vulnerability: thebat-masked-file-type X-Force URL: http://xforce.iss.net/static/6324.php Date Reported: 04/02/2001 Brief Description: PHP-Nuke could allow attackers to redirect ad banner URL links Risk Factor: Medium Attack Type: Network Based Platforms Affected: PHP-Nuke 4.4 and earlier Vulnerability: php-nuke-url-redirect X-Force URL: http://xforce.iss.net/static/6342.php Date Reported: 04/03/2001 Brief Description: Orinoco RG-1000 Residential Gateway default SSID reveals WEP encryption key Risk Factor: Low Attack Type: Host Based / Network Based Platforms Affected: Orinoco Residential Gateway RG-1000 Vulnerability: orinoco-rg1000-wep-key X-Force URL: http://xforce.iss.net/static/6328.php Date Reported: 04/03/2001 Brief Description: Navision Financials server denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: Navision Financials 2.5 and 2.6 Vulnerability: navision-server-dos X-Force URL: http://xforce.iss.net/static/6318.php Date Reported: 04/03/2001 Brief Description: uStorekeeper online shopping system allows remote file retrieval Risk Factor: Medium Attack Type: Network Based Platforms Affected: uStorekeeper 1.61 Vulnerability: ustorekeeper-retrieve-files X-Force URL: http://xforce.iss.net/static/6319.php Date Reported: 04/03/2001 Brief Description: Resin server allows remote attackers to view Javabean files Risk Factor: Medium Attack Type: Network Based Platforms Affected: Resin 1.2.x, Resin 1.3b1 Vulnerability: resin-view-javabean X-Force URL: http://xforce.iss.net/static/6320.php Date Reported: 04/03/2001 Brief Description: BPFTP could allow attackers to obtain login credentials Risk Factor: High Attack Type: Network Based Platforms Affected: BPFTP 2.0 Vulnerability: bpftp-obtain-credentials X-Force URL: http://xforce.iss.net/static/6330.php Date Reported: 04/04/2001 Brief Description: Ntpd server readvar control message buffer overflow Risk Factor: Low Attack Type: Host Based / Network Based Platforms Affected: SCO Openserver 5.0.0 to 5.0.6, AIX 5.1, Slackware Linux 7.1, Engarde Secure Linux 1.0.1, Progeny Linux, SuSE Linux 7.1, ntpd 4.0.99k and earlier, FreeBSD 4.2-Stable, Mandrake Linux Corporate Server 1.0.1, Mandrake Linux 7.2, Trustix Secure Linux, Immunix Linux 7.0, NetBSD 1.5, SuSE Linux 7.0, Caldera OpenLinux eServer 2.3.1 Vulnerability: ntpd-remote-bo X-Force URL: http://xforce.iss.net/static/6321.php Date Reported: 04/04/2001 Brief Description: Cisco CSS debug mode allows users to gain administrative access Risk Factor: Low Attack Type: Host Based / Network Based Platforms Affected: Cisco Content Services Switch 11050, Cisco Content Services Switch 11150, Cisco Content Services Switch 11800 Vulnerability: cisco-css-elevate-privileges X-Force URL: http://xforce.iss.net/static/6322.php Date Reported: 04/04/2001 Brief Description: BEA Tuxedo may allow access to remote services Risk Factor: Medium Attack Type: Network Based Platforms Affected: BEA Tuxedo 7.1 Vulnerability: bea-tuxedo-remote-access X-Force URL: http://xforce.iss.net/static/6326.php Date Reported: 04/05/2001 Brief Description: Ultimate Bulletin Board could allow attackers to bypass authentication Risk Factor: High Attack Type: Network Based Platforms Affected: Ultimate Bulletin Board 5.43, Ultimate Bulletin Board 5.4.7e Vulnerability: ultimatebb-bypass-authentication X-Force URL: http://xforce.iss.net/static/6339.php Date Reported: 04/05/2001 Brief Description: BinTec X4000 NMAP denial of service Risk Factor: Low Attack Type: Network Based Platforms Affected: BinTec X4000 5.1.6P10 and prior, BinTec X1000, BinTec X1200 Vulnerability: bintec-x4000-nmap-dos X-Force URL: http://xforce.iss.net/static/6323.php Date Reported: 04/05/2001 Brief Description: WatchGuard Firebox II kernel denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: WatchGuard Firebox II prior to 4.6 Vulnerability: firebox-kernel-dos X-Force URL: http://xforce.iss.net/static/6327.php Date Reported: 04/06/2001 Brief Description: Cisco PIX denial of service due to multiple TACACS+ requests Risk Factor: Medium Attack Type: Network Based Platforms Affected: Cisco PIX Firewall 5.1.4 Vulnerability: cisco-pix-tacacs-dos X-Force URL: http://xforce.iss.net/static/6353.php Date Reported: 04/06/2001 Brief Description: Darren Reed's IP Filter allows attackers to access UDP and TCP ports Risk Factor: Medium Attack Type: Network Based Platforms Affected: IP Filter 3.4.16 Vulnerability: ipfilter-access-ports X-Force URL: http://xforce.iss.net/static/6331.php Date Reported: 04/06/2001 Brief Description: Veritas NetBackup nc (netcat) command denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: NetBackup 3.2 Vulnerability: veritas-netbackup-nc-dos X-Force URL: http://xforce.iss.net/static/6329.php Date Reported: 04/08/2001 Brief Description: PGP may allow malicious users to access authenticated split keys Risk Factor: Medium Attack Type: Host Based Platforms Affected: PGP 7.0 Vulnerability: nai-pgp-split-keys X-Force URL: http://xforce.iss.net/static/6341.php Date Reported: 04/09/2001 Brief Description: Solaris kcms_configure command line buffer overflow Risk Factor: Low Attack Type: Host Based Platforms Affected: Solaris 7, Solaris 8 Vulnerability: solaris-kcms-command-bo X-Force URL: http://xforce.iss.net/static/6359.php Date Reported: 04/09/2001 Brief Description: TalkBack CGI script could allow remote attackers to read files on the Web server Risk Factor: Medium Attack Type: Network Based Platforms Affected: TalkBack prior to 1.2 Vulnerability: talkback-cgi-read-files X-Force URL: http://xforce.iss.net/static/6340.php Date Reported: 04/09/2001 Brief Description: Multiple FTP glob(3) implementation Risk Factor: Low Attack Type: Network Based Platforms Affected: FreeBSD 4.2, Solaris 8, IRIX 6.5.x, OpenBSD 2.8, HP-UX 11.00, NetBSD Vulnerability: ftp-glob-implementation X-Force URL: http://xforce.iss.net/static/6333.php Date Reported: 04/09/2001 Brief Description: Pine mail client temp file symbolic link Risk Factor: Medium Attack Type: Host Based Platforms Affected: Pine prior to 4.33, Red Hat Linux 5.2, Red Hat Linux 6.2, Red Hat Linux 7.0 Vulnerability: pine-tmp-file-symlink X-Force URL: http://xforce.iss.net/static/6367.php Date Reported: 04/09/2001 Brief Description: Multiple FTP glob(3) expansion Risk Factor: Low Attack Type: Network Based Platforms Affected: HP-UX 11.00, NetBSD, Solaris 8, IRIX 6.5.x, OpenBSD 2.8, FreeBSD 4.2, MIT Kerberos 5 Vulnerability: ftp-glob-expansion X-Force URL: http://xforce.iss.net/static/6332.php Date Reported: 04/09/2001 Brief Description: Netscape embedded JavaScript in GIF file comments can be used to access remote data Risk Factor: Medium Attack Type: Host Based / Network Based Platforms Affected: Netscape Communicator 4.76, Red Hat Linux 6.2, Debian Linux 2.2, Conectiva Linux, Red Hat Linux 7.0, Immunix Linux 6.2, Immunix Linux 7.0 Beta, Red Hat Linux 7.1 Vulnerability: netscape-javascript-access-data X-Force URL: http://xforce.iss.net/static/6344.php Date Reported: 04/09/2001 Brief Description: STRIP generates weak passwords Risk Factor: Low Attack Type: Host Based Platforms Affected: STRIP 0.5 and earlier Vulnerability: strip-weak-passwords X-Force URL: http://xforce.iss.net/static/6362.php Date Reported: 04/10/2001 Brief Description: Solaris Xsun HOME environment variable buffer overflow Risk Factor: Low Attack Type: Host Based Platforms Affected: Solaris 7 Vulnerability: solaris-xsun-home-bo X-Force URL: http://xforce.iss.net/static/6343.php Date Reported: 04/10/2001 Brief Description: Compaq Presario Active X denial of service Risk Factor: Low Attack Type: Network Based Platforms Affected: Compaq Presario, Windows 98, Windows ME Vulnerability: compaq-activex-dos X-Force URL: http://xforce.iss.net/static/6355.php Date Reported: 04/10/2001 Brief Description: Alcatel ADSL modems 'EXPERT' account Risk Factor: Low Attack Type: Host Based / Network Based Platforms Affected: Alcatel ADSL Network Termination Device 1000, Alcatel Speed Touch ADSL modem Home Vulnerability: alcatel-expert-account X-Force URL: http://xforce.iss.net/static/6354.php Date Reported: 04/10/2001 Brief Description: Alcatel ADSL modems allow attacker on LAN to gain access using TFTP Risk Factor: Low Attack Type: Host Based / Network Based Platforms Affected: Alcatel ADSL Network Termination Device 1000, Alcatel Speed Touch ADSL modem Home Vulnerability: alcatel-tftp-lan-access X-Force URL: http://xforce.iss.net/static/6336.php Date Reported: 04/10/2001 Brief Description: Alcatel ADSL modems allow attacker on WAN to gain access using TFTP Risk Factor: Low Attack Type: Network Based Platforms Affected: Alcatel ADSL Network Termination Device 1000, Alcatel Speed Touch ADSL modem Home Vulnerability: alcatel-tftp-wan-access X-Force URL: http://xforce.iss.net/static/6337.php Date Reported: 04/10/2001 Brief Description: Oracle Application Server shared library (ndwfn4.so) buffer overflow Risk Factor: Low Attack Type: Network Based Platforms Affected: iPlanet Web Server 4.x, Oracle Application Server 4.0.8.2 Vulnerability: oracle-appserver-ndwfn4-bo X-Force URL: http://xforce.iss.net/static/6334.php Date Reported: 04/10/2001 Brief Description: Alcatel ADSL modems use blank password by default Risk Factor: Low Attack Type: Host Based / Network Based Platforms Affected: Alcatel ADSL Network Termination Device 1000, Alcatel Speed Touch ADSL modem Home Vulnerability: alcatel-blank-password X-Force URL: http://xforce.iss.net/static/6335.php Date Reported: 04/11/2001 Brief Description: Solaris dtsession buffer overflow Risk Factor: Low Attack Type: Host Based Platforms Affected: Solaris 7 Vulnerability: solaris-dtsession-bo X-Force URL: http://xforce.iss.net/static/6366.php Date Reported: 04/11/2001 Brief Description: Solaris kcsSUNWIOsolf.so buffer overflow Risk Factor: Low Attack Type: Host Based Platforms Affected: Solaris 7, Solaris 8 Vulnerability: solaris-kcssunwiosolf-bo X-Force URL: http://xforce.iss.net/static/6365.php Date Reported: 04/11/2001 Brief Description: Lightwave ConsoleServer brute force password attack Risk Factor: High Attack Type: Network Based Platforms Affected: Lightwave ConsoleServer 3200 Vulnerability: lightwave-consoleserver-brute-force X-Force URL: http://xforce.iss.net/static/6345.php Date Reported: 04/11/2001 Brief Description: nph-maillist allows user to execute code Risk Factor: Low Attack Type: Host Based Platforms Affected: Email List Generator 3.5 and earlier Vulnerability: nph-maillist-execute-code X-Force URL: http://xforce.iss.net/static/6363.php Date Reported: 04/11/2001 Brief Description: Symantec Ghost Configuration Server denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: Ghost 6.5 Vulnerability: ghost-configuration-server-dos X-Force URL: http://xforce.iss.net/static/6357.php Date Reported: 04/11/2001 Brief Description: Lotus Domino Web Server DOS device denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: Lotus Domino R5 prior to 5.0.7 Vulnerability: lotus-domino-device-dos X-Force URL: http://xforce.iss.net/static/6348.php Date Reported: 04/11/2001 Brief Description: Lotus Domino Web Server HTTP header denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: Lotus Domino R5 prior to 5.0.7 Vulnerability: lotus-domino-header-dos X-Force URL: http://xforce.iss.net/static/6347.php Date Reported: 04/11/2001 Brief Description: Lotus Domino Web Server URL parsing denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: Lotus Domino R5 prior to 5.0.7 Vulnerability: lotus-domino-url-dos X-Force URL: http://xforce.iss.net/static/6351.php Date Reported: 04/11/2001 Brief Description: Lotus Domino Web Server CORBA denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: Lotus Domino R5 prior to 5.0.7 Vulnerability: lotus-domino-corba-dos X-Force URL: http://xforce.iss.net/static/6350.php Date Reported: 04/11/2001 Brief Description: Symantec Ghost database engine denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: Ghost 6.5, Sybase Adaptive Server Database Engine 6.0.3.2747 Vulnerability: ghost-database-engine-dos X-Force URL: http://xforce.iss.net/static/6356.php Date Reported: 04/11/2001 Brief Description: cfingerd daemon remote format string Risk Factor: Low Attack Type: Network Based Platforms Affected: Debian Linux 2.1, Debian Linux 2.2, cfingerd 1.4.3 and earlier Vulnerability: cfingerd-remote-format-string X-Force URL: http://xforce.iss.net/static/6364.php Date Reported: 04/11/2001 Brief Description: Lotus Domino Web Server Unicode denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: Lotus Domino R5 prior to 5.0.7 Vulnerability: lotus-domino-unicode-dos X-Force URL: http://xforce.iss.net/static/6349.php Date Reported: 04/11/2001 Brief Description: Linux mkpasswd generates weak passwords Risk Factor: High Attack Type: Host Based Platforms Affected: Red Hat Linux 6.2, Red Hat Linux 7.0, mkpasswd Vulnerability: mkpasswd-weak-passwords X-Force URL: http://xforce.iss.net/static/6382.php Date Reported: 04/12/2001 Brief Description: Solaris ipcs utility buffer overflow Risk Factor: Medium Attack Type: Host Based / Network Based Platforms Affected: Solaris 7 Vulnerability: solaris-ipcs-bo X-Force URL: http://xforce.iss.net/static/6369.php Date Reported: 04/12/2001 Brief Description: InterScan VirusWall ISADMIN service buffer overflow Risk Factor: Low Attack Type: Network Based Platforms Affected: Linux kernel , InterScan VirusWall 3.0.1 Vulnerability: interscan-viruswall-isadmin-bo X-Force URL: http://xforce.iss.net/static/6368.php Date Reported: 04/12/2001 Brief Description: HylaFAX hfaxd format string Risk Factor: Low Attack Type: Host Based / Network Based Platforms Affected: HylaFAX 4.1B3 and prior, SuSE Linux 6.x, SuSE Linux 7.0, Mandrake Linux 7.1, FreeBSD 3.5.1, Mandrake Linux 7.2, Mandrake Linux Corporate Server 1.0.1, FreeBSD 4.2, SuSE Linux 7.1 Vulnerability: hylafax-hfaxd-format-string X-Force URL: http://xforce.iss.net/static/6377.php Date Reported: 04/12/2001 Brief Description: Cisco VPN 3000 Concentrators invalid IP Option denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: Cisco VPN 3000 Concentrators prior to 2.5.2 F Vulnerability: cisco-vpn-ip-dos X-Force URL: http://xforce.iss.net/static/6360.php Date Reported: 04/13/2001 Brief Description: Net.Commerce package in IBM WebSphere reveals installation path Risk Factor: High Attack Type: Network Based Platforms Affected: IBM Websphere, Solaris 2.6, AIX 4.3.x, Solaris 7, Windows NT 4.0 Vulnerability: ibm-websphere-reveals-path X-Force URL: http://xforce.iss.net/static/6371.php Date Reported: 04/13/2001 Brief Description: QPC ftpd buffer overflow Risk Factor: Medium Attack Type: Host Based / Network Based Platforms Affected: QVT/Term 5.0, QVT/Net 5.0 Vulnerability: qpc-ftpd-bo X-Force URL: http://xforce.iss.net/static/6376.php Date Reported: 04/13/2001 Brief Description: QPC ftpd directory traversal Risk Factor: High Attack Type: Network Based Platforms Affected: QVT/Net 5.0, QVT/Term 5.0 Vulnerability: qpc-ftpd-directory-traversal X-Force URL: http://xforce.iss.net/static/6375.php Date Reported: 04/13/2001 Brief Description: QPC popd buffer overflow Risk Factor: Medium Attack Type: Host Based / Network Based Platforms Affected: QVT/Net 5.0 Vulnerability: qpc-popd-bo X-Force URL: http://xforce.iss.net/static/6374.php Date Reported: 04/13/2001 Brief Description: NCM Content Management System access database Risk Factor: Low Attack Type: Network Based Platforms Affected: NCM Content Management System Vulnerability: ncm-content-database-access X-Force URL: http://xforce.iss.net/static/6386.php Date Reported: 04/13/2001 Brief Description: Netscape SmartDownload 'sdph20.dll' buffer overflow Risk Factor: Low Attack Type: Host Based / Network Based Platforms Affected: Netscape SmartDownload 1.3, Windows NT, Windows 95, Windows 98 Vulnerability: netscape-smartdownload-sdph20-bo X-Force URL: http://xforce.iss.net/static/6403.php Date Reported: 04/13/2001 Brief Description: SCO OpenServer accept buffer overflow Risk Factor: Low Attack Type: Host Based Platforms Affected: SCO Openserver 5.0.0 to 5.0.6 Vulnerability: sco-openserver-accept-bo X-Force URL: http://xforce.iss.net/static/6404.php Date Reported: 04/13/2001 Brief Description: SCO OpenServer cancel buffer overflow Risk Factor: Low Attack Type: Host Based Platforms Affected: SCO Openserver 5.0.0 to 5.0.6 Vulnerability: sco-openserver-cancel-bo X-Force URL: http://xforce.iss.net/static/6406.php Date Reported: 04/13/2001 Brief Description: SCO OpenServer disable buffer overflow Risk Factor: Low Attack Type: Host Based Platforms Affected: SCO Openserver 5.0.0 to 5.0.6 Vulnerability: sco-openserver-disable-bo X-Force URL: http://xforce.iss.net/static/6407.php Date Reported: 04/13/2001 Brief Description: SCO OpenServer enable buffer overflow Risk Factor: Low Attack Type: Host Based Platforms Affected: SCO Openserver 5.0.0 to 5.0.6 Vulnerability: sco-openserver-enable-bo X-Force URL: http://xforce.iss.net/static/6409.php Date Reported: 04/13/2001 Brief Description: SCO OpenServer lp buffer overflow Risk Factor: Low Attack Type: Host Based Platforms Affected: SCO Openserver 5.0.0 to 5.0.6 Vulnerability: sco-openserver-lp-bo X-Force URL: http://xforce.iss.net/static/6410.php Date Reported: 04/13/2001 Brief Description: SCO OpenServer lpfilter buffer overflow Risk Factor: Low Attack Type: Host Based Platforms Affected: SCO Openserver 5.0.0 to 5.0.6 Vulnerability: sco-openserver-lpfilter-bo X-Force URL: http://xforce.iss.net/static/6411.php Date Reported: 04/13/2001 Brief Description: SCO OpenServer lpstat buffer overflow Risk Factor: Low Attack Type: Host Based Platforms Affected: SCO Openserver 5.0.0 to 5.0.6 Vulnerability: sco-openserver-lpstat-bo X-Force URL: http://xforce.iss.net/static/6413.php Date Reported: 04/13/2001 Brief Description: SCO OpenServer reject buffer overflow Risk Factor: Low Attack Type: Host Based Platforms Affected: SCO Openserver 5.0.0 to 5.0.6 Vulnerability: sco-openserver-reject-bo X-Force URL: http://xforce.iss.net/static/6414.php Date Reported: 04/13/2001 Brief Description: SCO OpenServer rmail buffer overflow Risk Factor: Low Attack Type: Host Based Platforms Affected: SCO Openserver 5.0.0 to 5.0.6 Vulnerability: sco-openserver-rmail-bo X-Force URL: http://xforce.iss.net/static/6415.php Date Reported: 04/13/2001 Brief Description: SCO OpenServer tput buffer overflow Risk Factor: Low Attack Type: Host Based Platforms Affected: SCO Openserver 5.0.0 to 5.0.6 Vulnerability: sco-openserver-tput-bo X-Force URL: http://xforce.iss.net/static/6416.php Date Reported: 04/13/2001 Brief Description: IBM WebSphere CGI macro denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: IBM Websphere, Windows NT 4.0, Solaris 2.6, AIX 4.3.x, Solaris 7 Vulnerability: ibm-websphere-macro-dos X-Force URL: http://xforce.iss.net/static/6372.php Date Reported: 04/13/2001 Brief Description: SCO OpenServer lpmove buffer overflow Risk Factor: Low Attack Type: Host Based Platforms Affected: SCO Openserver 5.0.0 to 5.0.6 Vulnerability: sco-openserver-lpmove-bo X-Force URL: http://xforce.iss.net/static/6412.php Date Reported: 04/14/2001 Brief Description: Siemens Reliant Unix ppd -T symlink Risk Factor: Medium Attack Type: Host Based Platforms Affected: Reliant Unix 5.45, Reliant Unix 5.43, Reliant Unix 5.44 Vulnerability: reliant-unix-ppd-symlink X-Force URL: http://xforce.iss.net/static/6408.php Date Reported: 04/15/2001 Brief Description: Linux Exuberant Ctags package symbolic link Risk Factor: Medium Attack Type: Host Based Platforms Affected: Debian Linux 2.2, exuberant-ctags Vulnerability: exuberant-ctags-symlink X-Force URL: http://xforce.iss.net/static/6388.php Date Reported: 04/15/2001 Brief Description: processit.pl CGI could allow attackers to view sensitive information about the Web server Risk Factor: Medium Attack Type: Network Based Platforms Affected: processit.pl Vulnerability: processit-cgi-view-info X-Force URL: http://xforce.iss.net/static/6385.php Date Reported: 04/16/2001 Brief Description: Microsoft ISA Server Web Proxy denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: Microsoft ISA Server 2000 Vulnerability: isa-web-proxy-dos X-Force URL: http://xforce.iss.net/static/6383.php Date Reported: 04/16/2001 Brief Description: Microsoft Internet Explorer altering CLSID action allows malicious file execution Risk Factor: Low Attack Type: Host Based Platforms Affected: Windows 2000, Internet Explorer 5.5, Windows 98 Vulnerability: ie-clsid-execute-files X-Force URL: http://xforce.iss.net/static/6426.php Date Reported: 04/16/2001 Brief Description: Cisco Catalyst 5000 series switch 802.1x denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: Cisco Catalyst 5000 Series Vulnerability: cisco-catalyst-8021x-dos X-Force URL: http://xforce.iss.net/static/6379.php Date Reported: 04/16/2001 Brief Description: BubbleMon allows users to gain elevated privileges Risk Factor: Low Attack Type: Host Based Platforms Affected: BubbleMon prior to 1.32, FreeBSD Vulnerability: bubblemon-elevate-privileges X-Force URL: http://xforce.iss.net/static/6378.php Date Reported: 04/16/2001 Brief Description: DCForum CGI az= field directory traversal Risk Factor: High Attack Type: Network Based Platforms Affected: DCForum 2000 1.0 Vulnerability: dcforum-az-directory-traversal X-Force URL: http://xforce.iss.net/static/6391.php Date Reported: 04/16/2001 Brief Description: DCForum CGI az= field allows attacker to upload files Risk Factor: Low Attack Type: Network Based Platforms Affected: DCForum 2000 1.0 Vulnerability: dcforum-az-file-upload X-Force URL: http://xforce.iss.net/static/6393.php Date Reported: 04/16/2001 Brief Description: DCForum CGI az= field EXPR allows attacker to execute commands Risk Factor: Low Attack Type: Network Based Platforms Affected: DCForum 2000 1.0 Vulnerability: dcforum-az-expr X-Force URL: http://xforce.iss.net/static/6392.php Date Reported: 04/16/2001 Brief Description: Linux NetFilter IPTables Risk Factor: Low Attack Type: Network Based Platforms Affected: Linux kernel 2.4, Red Hat Linux 7.1 Vulnerability: linux-netfilter-iptables X-Force URL: http://xforce.iss.net/static/6390.php Date Reported: 04/17/2001 Brief Description: Xitami Web server denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: Xitami Web server 2.4d7, Xitami Web server 2.5b4 Vulnerability: xitami-server-dos X-Force URL: http://xforce.iss.net/static/6389.php Date Reported: 04/17/2001 Brief Description: Samba tmpfile symlink attack could allow elevated privileges Risk Factor: Low Attack Type: Host Based Platforms Affected: Trustix Secure Linux 1.2, Mandrake Linux 8.0, Progeny Linux, Caldera OpenLinux eBuilder, Trustix Secure Linux 1.01, Mandrake Linux Corporate Server 1.0.1, FreeBSD 4.2, Immunix Linux 7.0, Immunix Linux 6.2, Immunix Linux 7.0 Beta, Caldera OpenLinux eServer 2.3.1, Caldera OpenLinux eDesktop 2.4, FreeBSD 3.5.1 Vulnerability: samba-tmpfile-symlink X-Force URL: http://xforce.iss.net/static/6396.php Date Reported: 04/17/2001 Brief Description: GoAhead WebServer "aux" denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: GoAhead Web Server 2.1, Windows 98, Windows ME Vulnerability: goahead-aux-dos X-Force URL: http://xforce.iss.net/static/6400.php Date Reported: 04/17/2001 Brief Description: AnalogX SimpleServer:WWW "aux" denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: SimpleServer:WWW 1.03 to 1.08 Vulnerability: analogx-simpleserver-aux-dos X-Force URL: http://xforce.iss.net/static/6395.php Date Reported: 04/17/2001 Brief Description: Viking Server hexadecimal URL encoded format directory traversal Risk Factor: Medium Attack Type: Network Based Platforms Affected: Viking Server prior to 1.07-381 Vulnerability: viking-hex-directory-traversal X-Force URL: http://xforce.iss.net/static/6394.php Date Reported: 04/17/2001 Brief Description: Solaris FTP server allows attacker to recover shadow file Risk Factor: Medium Attack Type: Host Based Platforms Affected: Solaris 2.6 Vulnerability: solaris-ftp-shadow-recovery X-Force URL: http://xforce.iss.net/static/6422.php Date Reported: 04/18/2001 Brief Description: The Bat! pop3 denial of service Risk Factor: High Attack Type: Network Based Platforms Affected: The Bat! 1.51, Windows Vulnerability: thebat-pop3-dos X-Force URL: http://xforce.iss.net/static/6423.php Date Reported: 04/18/2001 Brief Description: Eudora allows attacker to obtain files using plain text attachments Risk Factor: Medium Attack Type: Network Based Platforms Affected: Eudora 5.0.2 Vulnerability: eudora-plain-text-attachment X-Force URL: http://xforce.iss.net/static/6431.php Date Reported: 04/18/2001 Brief Description: VMware vmware-mount.pl symlink Risk Factor: Medium Attack Type: Host Based Platforms Affected: VMware Vulnerability: vmware-mount-symlink X-Force URL: http://xforce.iss.net/static/6420.php Date Reported: 04/18/2001 Brief Description: KFM tmpfile symbolic link could allow local attackers to overwrite files Risk Factor: Medium Attack Type: Host Based Platforms Affected: SuSE Linux 7.0, K File Manager (KFM) Vulnerability: kfm-tmpfile-symlink X-Force URL: http://xforce.iss.net/static/6428.php Date Reported: 04/18/2001 Brief Description: CyberScheduler timezone remote buffer overflow Risk Factor: Low Attack Type: Network Based Platforms Affected: CyberScheduler, Mandrake Linux, Windows 2000, IIS 5.0, Solaris 8, SuSE Linux, Solaris 7, Slackware Linux, Red Hat Linux, IIS 4.0, Debian Linux, Solaris 2.5, Solaris 2.6, Caldera OpenLinux, Windows NT Vulnerability: cyberscheduler-timezone-bo X-Force URL: http://xforce.iss.net/static/6401.php Date Reported: 04/18/2001 Brief Description: Microsoft Data Access Component Internet Publishing Provider allows WebDAV access Risk Factor: Medium Attack Type: Network Based Platforms Affected: Microsoft Data Access Component 8.103.2519.0, Windows 95, Windows NT 4.0, Windows 98, Windows 98 Second Edition, Windows 2000, Windows ME Vulnerability: ms-dacipp-webdav-access X-Force URL: http://xforce.iss.net/static/6405.php Date Reported: 04/18/2001 Brief Description: Oracle tnslsnr80.exe denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: Oracle 8.x, Windows NT 4.0 SP6, Solaris 8 Vulnerability: oracle-tnslsnr80-dos X-Force URL: http://xforce.iss.net/static/6427.php Date Reported: 04/18/2001 Brief Description: innfeed -c flag buffer overflow Risk Factor: Low Attack Type: Host Based Platforms Affected: Red Hat Linux, Slackware Linux, Mandrake Linux, INN prior to 2.3.1 Vulnerability: innfeed-c-bo X-Force URL: http://xforce.iss.net/static/6398.php Date Reported: 04/18/2001 Brief Description: iPlanet Calendar Server stores username and password in plaintext Risk Factor: Low Attack Type: Host Based Platforms Affected: iPlanet Calendar Server 5.0p2 Vulnerability: iplanet-calendar-plaintext-password X-Force URL: http://xforce.iss.net/static/6402.php Date Reported: 04/18/2001 Brief Description: Linux NEdit symlink when printing Risk Factor: High Attack Type: Host Based Platforms Affected: SuSE Linux 6.3, SuSE Linux 6.4, Debian Linux 2.2, Mandrake Linux 7.1, Mandrake Linux 7.2, SuSE Linux 7.0, Mandrake Linux Corporate Server 1.0.1, SuSE Linux 7.1, Mandrake Linux 8.0 Vulnerability: nedit-print-symlink X-Force URL: http://xforce.iss.net/static/6424.php Date Reported: 04/19/2001 Brief Description: CheckBO TCP buffer overflow Risk Factor: Medium Attack Type: Network Based Platforms Affected: CheckBO 1.56 and earlier Vulnerability: checkbo-tcp-bo X-Force URL: http://xforce.iss.net/static/6436.php Date Reported: 04/19/2001 Brief Description: HP-UX pcltotiff uses insecure permissions Risk Factor: Medium Attack Type: Host Based Platforms Affected: HP-UX 10.01, HP-UX 10.10, HP-UX 10.20, HP-UX 10.26 Vulnerability: hp-pcltotiff-insecure-permissions X-Force URL: http://xforce.iss.net/static/6447.php Date Reported: 04/19/2001 Brief Description: Netopia Timbuktu allows unauthorized system access Risk Factor: Low Attack Type: Host Based Platforms Affected: Timbuktu Pro, Macintosh OS X Vulnerability: netopia-timbuktu-gain-access X-Force URL: http://xforce.iss.net/static/6452.php Date Reported: 04/20/2001 Brief Description: Cisco CBOS could allow attackers to gain privileged information Risk Factor: High Attack Type: Host Based / Network Based Platforms Affected: Cisco CBOS 2.4.1, Cisco CBOS 2.3.053 Vulnerability: cisco-cbos-gain-information X-Force URL: http://xforce.iss.net/static/6453.php Date Reported: 04/20/2001 Brief Description: Internet Explorer 5.x allows active scripts using XML stylesheets Risk Factor: Low Attack Type: Host Based / Network Based Platforms Affected: Internet Explorer 5.x, Outlook Express 5.x Vulnerability: ie-xml-stylesheets-scripting X-Force URL: http://xforce.iss.net/static/6448.php Date Reported: 04/20/2001 Brief Description: Linux gftp format string Risk Factor: Low Attack Type: Network Based Platforms Affected: gftp prior to 2.0.8, Mandrake Linux 8.0, Mandrake Linux Corporate Server 1.0.1, Immunix Linux 7.0, Red Hat Linux 7.1, Mandrake Linux 7.2, Immunix Linux 6.2, Immunix 7.0 beta, Red Hat Linux 6.2, Mandrake Linux 7.1, Red Hat Linux 7.0 Vulnerability: gftp-format-string X-Force URL: http://xforce.iss.net/static/6478.php Date Reported: 04/20/2001 Brief Description: Novell BorderManager VPN client SYN requests denial of service Risk Factor: Medium Attack Type: Host Based / Network Based Platforms Affected: Novell BorderManager 3.5 Vulnerability: bordermanager-vpn-syn-dos X-Force URL: http://xforce.iss.net/static/6429.php Date Reported: 04/20/2001 Brief Description: SAFT sendfiled could allow the execution of arbitrary code Risk Factor: Low Attack Type: Host Based Platforms Affected: Debian Linux 2.2, Progeny Linux, sendfile Vulnerability: saft-sendfiled-execute-code X-Force URL: http://xforce.iss.net/static/6430.php Date Reported: 04/21/2001 Brief Description: Mercury MTA for Novell Netware buffer overflow Risk Factor: Medium Attack Type: Network Based Platforms Affected: Mercury MTA 1.47 and earlier, Novell NetWare Vulnerability: mercury-mta-bo X-Force URL: http://xforce.iss.net/static/6444.php Date Reported: 04/21/2001 Brief Description: QNX allows attacker to read files on FAT partition Risk Factor: High Attack Type: Host Based / Network Based Platforms Affected: QNX 2.4 Vulnerability: qnx-fat-file-read X-Force URL: http://xforce.iss.net/static/6437.php Date Reported: 04/23/2001 Brief Description: Viking Server "dot dot" (\...\) directory traversal Risk Factor: Medium Attack Type: Network Based Platforms Affected: Viking Server 1.0.7 Vulnerability: viking-dot-directory-traversal X-Force URL: http://xforce.iss.net/static/6450.php Date Reported: 04/24/2001 Brief Description: NetCruiser Web Server could reveal directory path Risk Factor: High Attack Type: Network Based Platforms Affected: NetCruiser Web Server 0.1.2.8 Vulnerability: netcruiser-server-path-disclosure X-Force URL: http://xforce.iss.net/static/6468.php Date Reported: 04/24/2001 Brief Description: Perl Web Server directory traversal Risk Factor: Medium Attack Type: Network Based Platforms Affected: Perl Web Server 0.3 and prior Vulnerability: perl-webserver-directory-traversal X-Force URL: http://xforce.iss.net/static/6451.php Date Reported: 04/24/2001 Brief Description: Small HTTP Server /aux denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: Small HTTP Server 2.03 Vulnerability: small-http-aux-dos X-Force URL: http://xforce.iss.net/static/6446.php Date Reported: 04/24/2001 Brief Description: IPSwitch IMail SMTP daemon mailing list handler buffer overflow Risk Factor: Low Attack Type: Network Based Platforms Affected: IPSwitch Imail 6.06 and earlier Vulnerability: ipswitch-imail-smtp-bo X-Force URL: http://xforce.iss.net/static/6445.php Date Reported: 04/25/2001 Brief Description: MIT Kerberos 5 could allow attacker to gain root access by injecting base64-encoded data Risk Factor: Low Attack Type: Network Based Platforms Affected: MIT Kerberos 5 Vulnerability: kerberos-inject-base64-encode X-Force URL: http://xforce.iss.net/static/6454.php Date Reported: 04/26/2001 Brief Description: IRIX netprint -n allows attacker to access shared library Risk Factor: Low Attack Type: Host Based / Network Based Platforms Affected: IRIX 6.x Vulnerability: irix-netprint-shared-library X-Force URL: http://xforce.iss.net/static/6473.php Date Reported: 04/26/2001 Brief Description: WebXQ "dot dot" directory traversal Risk Factor: High Attack Type: Network Based Platforms Affected: Windows, WebXQ 2.1.204 Vulnerability: webxq-dot-directory-traversal X-Force URL: http://xforce.iss.net/static/6466.php Date Reported: 04/26/2001 Brief Description: RaidenFTPD "dot dot" directory traversal Risk Factor: Medium Attack Type: Network Based Platforms Affected: Windows NT 4.0, Windows 2000, RaidenFTPD 2.1 Vulnerability: raidenftpd-dot-directory-traversal X-Force URL: http://xforce.iss.net/static/6455.php Date Reported: 04/27/2001 Brief Description: PerlCal CGI cal_make.pl script directory traversal Risk Factor: High Attack Type: Network Based Platforms Affected: Unix, PerlCal 2.95 and prior Vulnerability: perlcal-calmake-directory-traversal X-Force URL: http://xforce.iss.net/static/6480.php Date Reported: 04/28/2001 Brief Description: ICQ Web Front plugin denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: ICQ Web Front, ICQ 2000b 3278 and earlier Vulnerability: icq-webfront-dos X-Force URL: http://xforce.iss.net/static/6474.php Date Reported: 04/28/2001 Brief Description: Alex FTP Server "dot dot" directory traversal Risk Factor: Medium Attack Type: Network Based Platforms Affected: Alex's FTP Server 0.7 Vulnerability: alex-ftp-directory-traversal X-Force URL: http://xforce.iss.net/static/6475.php Date Reported: 04/28/2001 Brief Description: BRS WebWeaver FTP path disclosure Risk Factor: High Attack Type: Network Based Platforms Affected: BRS WebWeaver 0.63 Vulnerability: webweaver-ftp-path-disclosure X-Force URL: http://xforce.iss.net/static/6477.php Date Reported: 04/28/2001 Brief Description: BRS WebWeaver Web server "dot dot" directory traversal Risk Factor: Medium Attack Type: Network Based Platforms Affected: BRS WebWeaver 0.63 Vulnerability: webweaver-web-directory-traversal X-Force URL: http://xforce.iss.net/static/6476.php Date Reported: 04/29/2001 Brief Description: Winamp AIP buffer overflow Risk Factor: Low Attack Type: Host Based / Network Based Platforms Affected: Winamp 2.6x and 2.7x Vulnerability: winamp-aip-bo X-Force URL: http://xforce.iss.net/static/6479.php Date Reported: 04/29/2001 Brief Description: BearShare "dot dot" allows remote attacker to traverse directories and download any file Risk Factor: Medium Attack Type: Network Based Platforms Affected: BearShare 2.2.2 and prior, Windows 95, Windows 98, Windows ME Vulnerability: bearshare-dot-download-files X-Force URL: http://xforce.iss.net/static/6481.php Date Reported: 05/01/2001 Brief Description: IIS 5.0 ISAPI extension buffer overflow Risk Factor: High Attack Type: Network Based Platforms Affected: IIS 5.0, Windows 2000 Server, Windows 2000 Advanced Server, Windows 2000 Datacenter Server Vulnerability: iis-isapi-bo X-Force URL: http://xforce.iss.net/static/6485.php _____ Risk Factor Key: High Any vulnerability that provides an attacker with immediate access into a machine, gains superuser access, or bypasses a firewall. Example: A vulnerable Sendmail 8.6.5 version that allows an intruder to execute commands on mail server. Medium Any vulnerability that provides information that has a high potential of giving system access to an intruder. Example: A misconfigured TFTP or vulnerable NIS server that allows an intruder to get the password file that could contain an account with a guessable password. Low Any vulnerability that provides information that potentially could lead to a compromise. Example: A finger that allows an intruder to find out who is online and potential accounts to attempt to crack passwords via brute force methods. ________ About Internet Security Systems (ISS) Internet Security Systems is a leading global provider of security management solutions for the Internet, protecting digital assets and ensuring safe and uninterrupted e-business. With its industry-leading intrusion detection and vulnerability assessment software, remote managed security services, and strategic consulting and education offerings, ISS is a trusted security provider to more than 8,000 customers worldwide including 21 of the 25 largest U.S. commercial banks and the top 10 U.S. telecommunications companies. Founded in 1994, ISS is headquartered in Atlanta, GA, with additional offices throughout North America and international operations in Asia, Australia, Europe, Latin America and the Middle East. For more information, visit the Internet Security Systems web site at www.iss.net or call 888-901-7477. Copyright (c) 2001 by Internet Security Systems, Inc. Permission is hereby granted for the redistribution of this Alert electronically. It is not to be edited in any way without express consent of the X-Force. If you wish to reprint the whole or any part of this Alert in any other medium excluding electronic medium, please e-mail xforce@iss.net for permission. Disclaimer The information within this paper may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties with regard to this information. In no event shall the author be liable for any damages whatsoever arising out of or in connection with the use or spread of this information. Any use of this information is at the user's own risk. X-Force PGP Key available at: http://xforce.iss.net/sensitive.php as well as on MIT's PGP key server and PGP.com's key server. Please send suggestions, updates, and comments to: X-Force xforce@iss.net of Internet Security Systems, Inc. -----BEGIN PGP SIGNATURE----- Version: 2.6.3a Charset: noconv iQCVAwUBOvrtmTRfJiV99eG9AQFRFwP+NhRj20kY5edBZBvSMBZKAOKEQGpJPPnD J/YCCB9TkzoWt65a7HR6c2MbimbnCo8YrhkjgFcvPmArCOFMS/68lhcStKd769PO rbojCoys8l1woaFDwzPnQeWVoNMen83sVvsiy7Bwk5Sm0cjM3gZC+X0vqG8EI59Y OAtrNiOkj7o= =kYl+ -----END PGP SIGNATURE-----
var-201804-1178	An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. WebKit is one of the web browser engine components. A security vulnerability exists in the WebKit component of several Apple products. The following products and versions are affected: Apple iOS prior to 11.3; Safari prior to 11.1; Windows-based iCloud prior to 7.4; Windows-based iTunes prior to 12.7.4; tvOS prior to 11.3. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201808-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: WebkitGTK+: Multiple vulnerabilities Date: August 22, 2018 Bugs: #652820, #658168, #662974 ID: 201808-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in WebKitGTK+, the worst of which may lead to arbitrary code execution. Background ========== WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-libs/webkit-gtk < 2.20.4 >= 2.20.4 Description =========== Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the referenced CVE identifiers for details. Workaround ========== There is no known workaround at this time. Resolution ========== All WebkitGTK+ users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.20.4" References ========== [ 1 ] CVE-2018-11646 https://nvd.nist.gov/vuln/detail/CVE-2018-11646 [ 2 ] CVE-2018-11712 https://nvd.nist.gov/vuln/detail/CVE-2018-11712 [ 3 ] CVE-2018-11713 https://nvd.nist.gov/vuln/detail/CVE-2018-11713 [ 4 ] CVE-2018-12293 https://nvd.nist.gov/vuln/detail/CVE-2018-12293 [ 5 ] CVE-2018-12294 https://nvd.nist.gov/vuln/detail/CVE-2018-12294 [ 6 ] CVE-2018-4101 https://nvd.nist.gov/vuln/detail/CVE-2018-4101 [ 7 ] CVE-2018-4113 https://nvd.nist.gov/vuln/detail/CVE-2018-4113 [ 8 ] CVE-2018-4114 https://nvd.nist.gov/vuln/detail/CVE-2018-4114 [ 9 ] CVE-2018-4117 https://nvd.nist.gov/vuln/detail/CVE-2018-4117 [ 10 ] CVE-2018-4118 https://nvd.nist.gov/vuln/detail/CVE-2018-4118 [ 11 ] CVE-2018-4119 https://nvd.nist.gov/vuln/detail/CVE-2018-4119 [ 12 ] CVE-2018-4120 https://nvd.nist.gov/vuln/detail/CVE-2018-4120 [ 13 ] CVE-2018-4121 https://nvd.nist.gov/vuln/detail/CVE-2018-4121 [ 14 ] CVE-2018-4122 https://nvd.nist.gov/vuln/detail/CVE-2018-4122 [ 15 ] CVE-2018-4125 https://nvd.nist.gov/vuln/detail/CVE-2018-4125 [ 16 ] CVE-2018-4127 https://nvd.nist.gov/vuln/detail/CVE-2018-4127 [ 17 ] CVE-2018-4128 https://nvd.nist.gov/vuln/detail/CVE-2018-4128 [ 18 ] CVE-2018-4129 https://nvd.nist.gov/vuln/detail/CVE-2018-4129 [ 19 ] CVE-2018-4133 https://nvd.nist.gov/vuln/detail/CVE-2018-4133 [ 20 ] CVE-2018-4146 https://nvd.nist.gov/vuln/detail/CVE-2018-4146 [ 21 ] CVE-2018-4162 https://nvd.nist.gov/vuln/detail/CVE-2018-4162 [ 22 ] CVE-2018-4163 https://nvd.nist.gov/vuln/detail/CVE-2018-4163 [ 23 ] CVE-2018-4165 https://nvd.nist.gov/vuln/detail/CVE-2018-4165 [ 24 ] CVE-2018-4190 https://nvd.nist.gov/vuln/detail/CVE-2018-4190 [ 25 ] CVE-2018-4192 https://nvd.nist.gov/vuln/detail/CVE-2018-4192 [ 26 ] CVE-2018-4199 https://nvd.nist.gov/vuln/detail/CVE-2018-4199 [ 27 ] CVE-2018-4200 https://nvd.nist.gov/vuln/detail/CVE-2018-4200 [ 28 ] CVE-2018-4201 https://nvd.nist.gov/vuln/detail/CVE-2018-4201 [ 29 ] CVE-2018-4204 https://nvd.nist.gov/vuln/detail/CVE-2018-4204 [ 30 ] CVE-2018-4214 https://nvd.nist.gov/vuln/detail/CVE-2018-4214 [ 31 ] CVE-2018-4218 https://nvd.nist.gov/vuln/detail/CVE-2018-4218 [ 32 ] CVE-2018-4222 https://nvd.nist.gov/vuln/detail/CVE-2018-4222 [ 33 ] CVE-2018-4232 https://nvd.nist.gov/vuln/detail/CVE-2018-4232 [ 34 ] CVE-2018-4233 https://nvd.nist.gov/vuln/detail/CVE-2018-4233 [ 35 ] CVE-2018-4261 https://nvd.nist.gov/vuln/detail/CVE-2018-4261 [ 36 ] CVE-2018-4262 https://nvd.nist.gov/vuln/detail/CVE-2018-4262 [ 37 ] CVE-2018-4263 https://nvd.nist.gov/vuln/detail/CVE-2018-4263 [ 38 ] CVE-2018-4264 https://nvd.nist.gov/vuln/detail/CVE-2018-4264 [ 39 ] CVE-2018-4265 https://nvd.nist.gov/vuln/detail/CVE-2018-4265 [ 40 ] CVE-2018-4266 https://nvd.nist.gov/vuln/detail/CVE-2018-4266 [ 41 ] CVE-2018-4267 https://nvd.nist.gov/vuln/detail/CVE-2018-4267 [ 42 ] CVE-2018-4270 https://nvd.nist.gov/vuln/detail/CVE-2018-4270 [ 43 ] CVE-2018-4272 https://nvd.nist.gov/vuln/detail/CVE-2018-4272 [ 44 ] CVE-2018-4273 https://nvd.nist.gov/vuln/detail/CVE-2018-4273 [ 45 ] CVE-2018-4278 https://nvd.nist.gov/vuln/detail/CVE-2018-4278 [ 46 ] CVE-2018-4284 https://nvd.nist.gov/vuln/detail/CVE-2018-4284 [ 47 ] WebKitGTK+ Security Advisory WSA-2018-0003 https://webkitgtk.org/security/WSA-2018-0003.html [ 48 ] WebKitGTK+ Security Advisory WSA-2018-0004 https://webkitgtk.org/security/WSA-2018-0004.html [ 49 ] WebKitGTK+ Security Advisory WSA-2018-0005 https://webkitgtk.org/security/WSA-2018-0005.html [ 50 ] WebKitGTK+ Security Advisory WSA-2018-0006 https://webkitgtk.org/security/WSA-2018-0006.html Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201808-04 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2018 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . ------------------------------------------------------------------------ WebKitGTK+ Security Advisory WSA-2018-0003 ------------------------------------------------------------------------ Date reported : April 04, 2018 Advisory ID : WSA-2018-0003 Advisory URL : https://webkitgtk.org/security/WSA-2018-0003.html CVE identifiers : CVE-2018-4101, CVE-2018-4113, CVE-2018-4114, CVE-2018-4117, CVE-2018-4118, CVE-2018-4119, CVE-2018-4120, CVE-2018-4122, CVE-2018-4125, CVE-2018-4127, CVE-2018-4128, CVE-2018-4129, CVE-2018-4133, CVE-2018-4146, CVE-2018-4161, CVE-2018-4162, CVE-2018-4163, CVE-2018-4165. Several vulnerabilities were discovered in WebKitGTK+. Credit to Yuan Deng of Ant-financial Light-Year Security Lab. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to OSS-Fuzz. Impact: Unexpected interaction with indexing types causing an ASSERT failure. Description: An array indexing issue existed in the handling of a function in JavaScriptCore. This issue was addressed through improved checks. Credit to OSS-Fuzz. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to an anonymous researcher. Impact: A malicious website may exfiltrate data cross-origin. Description: A cross-origin issue existed with the fetch API. This was addressed through improved input validation. Credit to Jun Kokatsu (@shhnjk). Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to an anonymous researcher working with Trend Microys Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to an anonymous researcher working with Trend Microys Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Zach Markley. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to likemeng of Baidu Security Lab working with Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Anton Lopanitsyn of Wallarm, Linus Sarud of Detectify (detectify.com), Yuji Tounai of NTT Communications Corporation. Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack. This issue was addressed with improved URL validation. Credit to OSS-Fuzz. Impact: Processing maliciously crafted web content may lead to a denial of service. Description: A memory corruption issue was addressed through improved input validation. Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team. Description: Multiple memory corruption issues were addressed with improved memory handling. We recommend updating to the last stable version of WebKitGTK+. It is the best way of ensuring that you are running a safe version of WebKitGTK+. Please check our website for information about the last stable releases. Further information about WebKitGTK+ Security Advisories can be found at: https://webkitgtk.org/security.html The WebKitGTK+ team, April 04, 2018 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2018-3-29-1 iOS 11.3 iOS 11.3 is now available and addresses the following: Clock Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to an iOS device may be able to see the email address used for iTunes Description: An information disclosure issue existed in the handling of alarms and timers. CVE-2018-4123: Zaheen Hafzar M M (@zaheenhafzer) CoreFoundation Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4155: Samuel GroA (@5aelo) CVE-2018-4158: Samuel GroA (@5aelo) CoreText Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted string may lead to a denial of service Description: A denial of service issue was addressed through improved memory handling. CVE-2018-4142: Robin Leroy of Google Switzerland GmbH File System Events Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4167: Samuel GroA (@5aelo) Files Widget Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: File Widget may display contents on a locked device Description: The File Widget was displaying cached data when in the locked state. CVE-2018-4168: Brandon Moore Find My iPhone Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to the device may be able to disable Find My iPhone without entering an iCloud password Description: A state management issue existed when restoring from a back up. CVE-2018-4172: Viljami VastamA$?ki iCloud Drive Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4151: Samuel GroA (@5aelo) Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4150: an anonymous researcher Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2018-4104: The UK's National Cyber Security Centre (NCSC) Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4143: derrek (@derrekr6) Mail Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker in a privileged network position may be able to intercept the contents of S/MIME-encrypted e-mail Description: An inconsistent user interface issue was addressed with improved state management. CVE-2018-4174: an anonymous researcher, an anonymous researcher NSURLSession Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4166: Samuel GroA (@5aelo) PluginKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4156: Samuel GroA (@5aelo) Quick Look Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4157: Samuel GroA (@5aelo) Safari Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a malicious website by clicking a link may lead to user interface spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2018-4134: xisigr of Tencent's Xuanwu Lab (tencent.com), Zhiyang Zeng (@Wester) of Tencent Security Platform Department Safari Login AutoFill Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious website may be able to exfiltrate autofilled data in Safari without explicit user interaction. Description: Safari autofill did not require explicit user interaction before taking place. CVE-2018-4137: SafariViewController Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a malicious website may lead to user interface spoofing Description: A state management issue was addressed by disabling text input until the destination page loads. CVE-2018-4149: Abhinash Jain (@abhinashjain) Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to elevate privileges Description: A buffer overflow was addressed with improved size validation. CVE-2018-4144: Abraham Masri (@cheesecakeufo) Storage Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4154: Samuel GroA (@5aelo) System Preferences Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A configuration profile may incorrectly remain in effect after removal Description: An issue existed in CFPreferences. CVE-2018-4115: Johann Thalakada, Vladimir Zubkov, and Matt Vlasach of Wandera Telephony Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A remote attacker can cause a device to unexpectedly restart Description: A null pointer dereference issue existed when handling Class 0 SMS messages. CVE-2018-4140: @mjonsson, Arjan van der Oest of Voiceworks BV Web App Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Cookies may unexpectedly persist in web app Description: A cookie management issue was addressed through improved state management. CVE-2018-4110: Ben Compton and Jason Colley of Cerner Corporation WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4146: found by OSS-Fuzz WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious website may exfiltrate data cross-origin Description: A cross-origin issue existed with the fetch API. CVE-2018-4117: an anonymous researcher, an anonymous researcher WindowServer Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An unprivileged application may be able to log keystrokes entered into other applications even when secure input mode is enabled Description: By scanning key states, an unprivileged application could log keystrokes entered into other applications even when secure input mode was enabled. CVE-2018-4131: Andreas Hegenberg of folivora.AI GmbH Additional recognition WebKit We would like to acknowledge Johnny Nipper of Tinder Security Team for their assistance. Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlq9GlopHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEbhLRAA to9k0U/CI3PfYp2o2lluS7LgE3jvA7+pXvdjbvoh14BFHf9Wv+yhdtyLQEDSne+0 TM8BkiMgEmo+uKKcVFCDeV9GrkWqO7ocBfT65hj4A/vxPAS6xlBTV9mjZXiqvSWs +Cbb4Nd53o6m2QRORkjNVZ2h0ow53J5RirnyzjWt4LMdCpc4jMG87OCuQheKzjxq g6gOlwblVrRxH6aMX5if/SetGGxzZeY5sKwe1Xhz6yIYsm1Gw45REt3FJs4KEh5Z oL+yWVvaGLOPDzC+DBX0dXJmsqLx9wzDJsqQ2J6Mb/nh1Tgh6NDdHkDCAZ7P6CeU 0IpXK7aaPkRy5GUbkAdzdPEFql9e0/jGlqMf/rZlNTItbgtn0+9e2zsJ0UPPRcWi +7IQygkXnXmYUZ0wrh/Wdye/jAJZpLdsUuWr1RalTdmDASU/tzgpoglf3EyTQoRy IqFGRSe6+no8Pw1qCLUvZz8C6dTKvE+Jv5oe9XbCEjsvpRmQZK64FiQ0HIaAMHKo Rl9OY6+evzyqdAtivE4AFCRT7Z15pktFYAVefWkdVFbVU2mCYF+peXIq6tGg4o+g 70E29XaDZBakcVho9bW4e2rDA+m606ILuZ4AyjEEvfRYH+d+WTvDqdIywq0V7grj qlU787sRw/tVx646jcHVqbYZEgZVmeAvcT8C2c0Zhvo= =RJi8 -----END PGP SIGNATURE----- . ========================================================================== Ubuntu Security Notice USN-3635-1 April 30, 2018 webkit2gtk vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 17.10 - Ubuntu 16.04 LTS Summary: Several security issues were fixed in WebKitGTK+. Software Description: - webkit2gtk: Web content engine library for GTK+ Details: A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 17.10: libjavascriptcoregtk-4.0-18 2.20.1-0ubuntu0.17.10.1 libwebkit2gtk-4.0-37 2.20.1-0ubuntu0.17.10.1 Ubuntu 16.04 LTS: libjavascriptcoregtk-4.0-18 2.20.1-0ubuntu0.16.04.1 libwebkit2gtk-4.0-37 2.20.1-0ubuntu0.16.04.1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK+, such as Epiphany, to make all the necessary changes. References: https://usn.ubuntu.com/usn/usn-3635-1 CVE-2018-4101, CVE-2018-4113, CVE-2018-4114, CVE-2018-4117, CVE-2018-4118, CVE-2018-4119, CVE-2018-4120, CVE-2018-4122, CVE-2018-4125, CVE-2018-4127, CVE-2018-4128, CVE-2018-4129, CVE-2018-4133, CVE-2018-4146, CVE-2018-4161, CVE-2018-4162, CVE-2018-4163, CVE-2018-4165 Package Information: https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.1-0ubuntu0.17.10.1 https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.1-0ubuntu0.16.04.1 . Installation note: Safari 11.1 may be obtained from the Mac App Store
var-201904-1323	A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. WebKit is prone to a memory-corruption vulnerability. A remote attacker can leverage this issue to execute arbitrary code in the context of the user running the application. Failed exploit attempts may result in a denial-of-service condition. Apple Safari, etc. are all products of Apple (Apple). Apple Safari is a web browser that is the default browser included with the Mac OS X and iOS operating systems. Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. WebKit is one of the web browser engine components. A buffer error vulnerability exists in the WebKit component of several Apple products. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. WebKit: JSC: A bug in JSArray::shiftCountWithArrayStorage CVE-2018-4441 bool JSArray::shiftCountWithArrayStorage(VM& vm, unsigned startIndex, unsigned count, ArrayStorage* storage) { unsigned oldLength = storage->length(); RELEASE_ASSERT(count <= oldLength); // If the array contains holes or is otherwise in an abnormal state, // use the generic algorithm in ArrayPrototype. if ((storage->hasHoles() && this->structure(vm)->holesMustForwardToPrototype(vm, this)) \|\| hasSparseMap() \|\| shouldUseSlowPut(indexingType())) { return false; } if (!oldLength) return true; unsigned length = oldLength - count; storage->m_numValuesInVector -= count; storage->setLength(length); Considering the comment, I think the method is supposed to prevent an array with holes from going through to the code "storage->m_numValuesInVector -= count". But that kind of arrays actually can get there by only having the holesMustForwardToPrototype method return false. Unless the array has any indexed accessors on it or Proxy objects in the prototype chain, the method will just return false. So "storage->m_numValuesInVector" can be controlled by the user. In the PoC, it changes m_numValuesInVector to 0xfffffff0 that equals to the new length, making the hasHoles method return true, leading to OOB reads/writes in the JSArray::unshiftCountWithArrayStorage method. PoC: function main() { let arr = [1]; arr.length = 0x100000; arr.splice(0, 0x11); arr.length = 0xfffffff0; arr.splice(0xfffffff0, 0, 1); } main(); This bug is subject to a 90 day disclosure deadline. After 90 days elapse or a patch has been made broadly available (whichever is earlier), the bug report will become visible to the public. Found by: lokihardt . CVE-2018-4438: lokihardt of Google Project Zero Additional recognition Profiles We would like to acknowledge Luke Deshotels, Jordan Beichler, and William Enck of North Carolina State University; Costin CarabaE and RAzvan Deaconescu of University POLITEHNICA of Bucharest for their assistance. CVE-2018-4439: xisigr of Tencent's Xuanwu Lab (tencent.com) Safari Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.1 Impact: A user may be unable to fully delete browsing history Description: "Clear History and Website Data" did not clear the history. CVE-2018-4438: lokihardt of Google Project Zero Installation note: Safari 12.0.2 may be obtained from the Mac App Store. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-12-06-1 watchOS 5.1.2 watchOS 5.1.2 is now available and addresses the following: Airport Available for: Apple Watch Series 1 and later Impact: A malicious application may be able to elevate privileges Description: A type confusion issue was addressed with improved memory handling. CVE-2018-4303: Mohamed Ghannam (@_simo36) Disk Images Available for: Apple Watch Series 1 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4465: Pangu Team Kernel Available for: Apple Watch Series 1 and later Impact: An attacker in a privileged position may be able to perform a denial of service attack Description: A denial of service issue was addressed by removing the vulnerable code. CVE-2018-4460: Kevin Backhouse of Semmle Security Research Team Kernel Available for: Apple Watch Series 1 and later Impact: A local user may be able to read kernel memory Description: A memory initialization issue was addressed with improved memory handling. CVE-2018-4431: An independent security researcher has reported this vulnerability to Beyond Security's SecuriTeam Secure Disclosure program Kernel Available for: Apple Watch Series 1 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2018-4447: Juwei Lin(@panicaII) and Zhengyu Dong of TrendMicro Mobile Security Team Kernel Available for: Apple Watch Series 1 and later Impact: A malicious application may be able to elevate privileges Description: A logic issue was addressed with improved restrictions. CVE-2018-4435: Jann Horn of Google Project Zero, Juwei Lin(@panicaII) and Junzhi Lu of TrendMicro Mobile Security Team Kernel Available for: Apple Watch Series 1 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4461: Ian Beer of Google Project Zero LinkPresentation Available for: Apple Watch Series 1 and later Impact: Processing a maliciously crafted email may lead to user interface spoofing Description: A spoofing issue existed in the handling of URLs. CVE-2018-4429: Victor Le Pochat of imec-DistriNet, KU Leuven Profiles Available for: Apple Watch Series 1 and later Impact: An untrusted configuration profile may be incorrectly displayed as verified Description: A certificate validation issue existed in configuration profiles. This was addressed with additional checks. CVE-2018-4436: James Seeley @Code4iOS, Joseph S. CVE-2018-4441: lokihardt of Google Project Zero CVE-2018-4442: lokihardt of Google Project Zero CVE-2018-4443: lokihardt of Google Project Zero WebKit Available for: Apple Watch Series 1 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A logic issue existed resulting in memory corruption. CVE-2018-4438: lokihardt of Google Project Zero Installation note: Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About". Alternatively, on your watch, select "My Watch > General > About". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlwJWL0pHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3GN+xAA u1S9PoDcWtzSI14X0wKpmUQdHukulRjPCufglaaLQbo6pTPesnb1IFZ+jvj+NpS9 WQabjt/9e1ad9Oc3uMmzhGU5uuRCg1TPg/+MHyxnILwDFr/AHYmVrWrOk3tQ6rw9 egbglSNbytNVQbdR5GH3yXhVy0TBI6GnzUt8MgVUfYRUOoNuL0GypqI3S9X7PvI1 SfqoL/O+NqapPhnClPx+SFMrQltrvEGayBAEpLUV193suFDiHf3/YSB7+z1NMvZg hhfrc6aE2mwkKlBdV4/XtcKJKSe8wNgZJR10+6R1UIWQX503CoBgDC5joVnPulZR Boa3X/nGb5iu2DY2ZnR9UJn2MHVL/Xi7gesyhvc7dUgSttxXnupJGJFF0Fy4eAqB /WWzbJO/2kfKR+PJnowWZd+09sSHLq2bD9LCNvMyNrbDjJzqVPSCSM3ao2O9VCta 5aUVPt1Xa7nK4N31etXXBNxA37r5GIA2M1UNk4zKxpuhij4OOiDxWwvtzBEuBw1p ktDBQ0bvSwzJiqhDwS/EQLfw8TuXBf/th3P/Szx7zLZQCu3o9uUfI7500wDPZW/R VUhOrEbKRpvKyKFC1Kia+yef4oK9rjwb9wtYsXk86X3pCxinhJe27u862PSVS3IJ cTa2Cwy8jUiLaA2EomRwzk9Hp0HFf+eF6sSwYz5VolQ=kQmr -----END PGP SIGNATURE----- . ------------------------------------------------------------------------ WebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0009 ------------------------------------------------------------------------ Date reported : December 13, 2018 Advisory ID : WSA-2018-0009 WebKitGTK+ Advisory URL : https://webkitgtk.org/security/WSA-2018-0009.html WPE WebKit Advisory URL : https://wpewebkit.org/security/WSA-2018-0009.html CVE identifiers : CVE-2018-4437, CVE-2018-4438, CVE-2018-4441, CVE-2018-4442, CVE-2018-4443, CVE-2018-4464. Credit to HyungSeok Han, DongHyeon Oh, and Sang Kil Cha of KAIST Softsec Lab, Korea. Processing maliciously crafted web content may lead to arbitrary code execution. Credit to lokihardt of Google Project Zero. Processing maliciously crafted web content may lead to arbitrary code execution. Credit to lokihardt of Google Project Zero. Processing maliciously crafted web content may lead to arbitrary code execution. Credit to lokihardt of Google Project Zero. Processing maliciously crafted web content may lead to arbitrary code execution. Credit to lokihardt of Google Project Zero. Processing maliciously crafted web content may lead to arbitrary code execution. Credit to HyungSeok Han, DongHyeon Oh, and Sang Kil Cha of KAIST Softsec Lab, Korea. Processing maliciously crafted web content may lead to arbitrary code execution. We recommend updating to the latest stable versions of WebKitGTK+ and WPE WebKit. It is the best way to ensure that you are running safe versions of WebKit. Please check our websites for information about the latest stable releases. Further information about WebKitGTK+ and WPE WebKit security advisories can be found at: https://webkitgtk.org/security.html or https://wpewebkit.org/security/. The WebKitGTK+ and WPE WebKit team, December 13, 2018
var-200608-0037	The Download Validation in LaunchServices for Apple Mac OS X 10.4.7 can identify certain HTML as "safe", which could allow attackers to execute Javascript code in local context when the "Open 'safe' files after downloading" option is enabled in Safari. These issue affect Mac OS X and various applications including AFP Server, Bluetooth, Bom, DHCP, Image RAW, ImageIO, Launch Services, OpenSSH, and WebKit. A remote attacker may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, and disclose potentially sensitive information
var-202202-0114	xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. There is a security vulnerability before Expat2.4.5, which can be exploited by an attacker to insert a namespace separator into a namespace URI. Bugs fixed (https://bugzilla.redhat.com/): 2062751 - CVE-2022-24730 argocd: path traversal and improper access control allows leaking out-of-bound files 2062755 - CVE-2022-24731 argocd: path traversal allows leaking out-of-bound files 2064682 - CVE-2022-1025 Openshift-Gitops: Improper access control allows admin privilege escalation 5. These packages include redhat-release-virtualization-host. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Bug Fix(es): * RHV-H has been rebased on RHEL-7.9.z #13 (BZ#2048409) 4. Description: Red Hat Advanced Cluster Management for Kubernetes 2.3.8 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release: https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/ Security updates: * nanoid: Information disclosure via valueOf() function (CVE-2021-23566) * nodejs-shelljs: improper privilege management (CVE-2022-0144) * follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor (CVE-2022-0155) * node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235) * follow-redirects: Exposure of Sensitive Information via Authorization Header leak (CVE-2022-0536) Bug fix: * RHACM 2.3.8 images (Bugzilla #2062316) 3. Bugs fixed (https://bugzilla.redhat.com/): 2043535 - CVE-2022-0144 nodejs-shelljs: improper privilege management 2044556 - CVE-2022-0155 follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor 2044591 - CVE-2022-0235 node-fetch: exposure of sensitive information to an unauthorized actor 2050853 - CVE-2021-23566 nanoid: Information disclosure via valueOf() function 2053259 - CVE-2022-0536 follow-redirects: Exposure of Sensitive Information via Authorization Header leak 2062316 - RHACM 2.3.8 images 5. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.7.0. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. All OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html 3. Solution: For OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html Details on how to access this content are available at https://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html 4. Bugs fixed (https://bugzilla.redhat.com/): 2059996 - read_lines_limit needs to be adjusted according to the setting of buffer_chunk_size 2066837 - CVE-2022-24769 moby: Default inheritable capabilities for linux container should be empty 5. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202209-24 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Expat: Multiple Vulnerabilities Date: September 29, 2022 Bugs: #791703, #830422, #831918, #833431, #870097 ID: 202209-24 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been discovered in Expat, the worst of which could result in arbitrary code execution. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-libs/expat < 2.4.9 >= 2.4.9 Description ========== Multiple vulnerabilities have been discovered in Expat. Please review the CVE identifiers referenced below for details. Impact ===== Please review the referenced CVE identifiers for details. Workaround ========= There is no known workaround at this time. Resolution ========= All Expat users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">\xdev-libs/expat-2.4.9" References ========= [ 1 ] CVE-2021-45960 https://nvd.nist.gov/vuln/detail/CVE-2021-45960 [ 2 ] CVE-2021-46143 https://nvd.nist.gov/vuln/detail/CVE-2021-46143 [ 3 ] CVE-2022-22822 https://nvd.nist.gov/vuln/detail/CVE-2022-22822 [ 4 ] CVE-2022-22823 https://nvd.nist.gov/vuln/detail/CVE-2022-22823 [ 5 ] CVE-2022-22824 https://nvd.nist.gov/vuln/detail/CVE-2022-22824 [ 6 ] CVE-2022-22825 https://nvd.nist.gov/vuln/detail/CVE-2022-22825 [ 7 ] CVE-2022-22826 https://nvd.nist.gov/vuln/detail/CVE-2022-22826 [ 8 ] CVE-2022-22827 https://nvd.nist.gov/vuln/detail/CVE-2022-22827 [ 9 ] CVE-2022-23852 https://nvd.nist.gov/vuln/detail/CVE-2022-23852 [ 10 ] CVE-2022-23990 https://nvd.nist.gov/vuln/detail/CVE-2022-23990 [ 11 ] CVE-2022-25235 https://nvd.nist.gov/vuln/detail/CVE-2022-25235 [ 12 ] CVE-2022-25236 https://nvd.nist.gov/vuln/detail/CVE-2022-25236 [ 13 ] CVE-2022-25313 https://nvd.nist.gov/vuln/detail/CVE-2022-25313 [ 14 ] CVE-2022-25314 https://nvd.nist.gov/vuln/detail/CVE-2022-25314 [ 15 ] CVE-2022-25315 https://nvd.nist.gov/vuln/detail/CVE-2022-25315 [ 16 ] CVE-2022-40674 https://nvd.nist.gov/vuln/detail/CVE-2022-40674 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202209-24 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: mingw-expat security update Advisory ID: RHSA-2022:7811-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:7811 Issue date: 2022-11-08 CVE Names: CVE-2022-23990 CVE-2022-25235 CVE-2022-25236 CVE-2022-25313 CVE-2022-25314 CVE-2022-25315 ==================================================================== 1. Summary: An update for mingw-expat is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder (v. 8) - noarch 3. Description: Expat is a C library for parsing XML documents. The mingw-expat packages provide a port of the Expat library for MinGW. The following packages have been upgraded to a later upstream version: mingw-expat (2.4.8). (BZ#2057023, BZ#2057037, BZ#2057127) Security Fix(es): * expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution (CVE-2022-25235) * expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution (CVE-2022-25236) * expat: Integer overflow in storeRawNames() (CVE-2022-25315) * expat: Stack exhaustion in doctype parsing (CVE-2022-25313) * expat: Integer overflow in copyString() (CVE-2022-25314) * expat: Integer overflow in the doProlog function (CVE-2022-23990) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2048356 - CVE-2022-23990 expat: integer overflow in the doProlog function 2056350 - CVE-2022-25313 expat: Stack exhaustion in doctype parsing 2056354 - CVE-2022-25314 expat: Integer overflow in copyString() 2056363 - CVE-2022-25315 expat: Integer overflow in storeRawNames() 2056366 - CVE-2022-25235 expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution 2056370 - CVE-2022-25236 expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution 6. Package List: Red Hat CodeReady Linux Builder (v. 8): Source: mingw-expat-2.4.8-1.el8.src.rpm noarch: mingw32-expat-2.4.8-1.el8.noarch.rpm mingw32-expat-debuginfo-2.4.8-1.el8.noarch.rpm mingw64-expat-2.4.8-1.el8.noarch.rpm mingw64-expat-debuginfo-2.4.8-1.el8.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-23990 https://access.redhat.com/security/cve/CVE-2022-25235 https://access.redhat.com/security/cve/CVE-2022-25236 https://access.redhat.com/security/cve/CVE-2022-25313 https://access.redhat.com/security/cve/CVE-2022-25314 https://access.redhat.com/security/cve/CVE-2022-25315 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY2pSN9zjgjWX9erEAQiUug//S0FwujIXoFODWtJgEPijbfoA28JgVjcz lRdWl0wmXyMSlFkkBVIrOeGgxM4oLUpAwOdOPWIzb/M29xEfo4h3e8lHlwAwqklO lQcv663dY57lHRfbKgunlYWKTZ4+3kZbziZB/Zv58rw6bPDQ/wE96urY3/O0m1ct Dkk3j4zKiAnIFKWEvUHCwui7tOeUHXNAasCXifYoePimf9+lgta+pnYf86parIBg D3afd0S6meUnLqW6EtD0WTJPh6eztjDFEJ/9LKpXo2SL8FAYTrI9yfGQJNsHkGc4 9NaAd3QeBKoGqcg/qBdb9FfwQqHZJGot4BtTui8/E5xnUg3F+/1PuMGxtQ4jI6X9 ey6sWsUKCXMdlhv3TxAs/LFTR1cnkT7heEag/f58eo/W8VBow09k7cs3iktrNd+M 4REv3cfyJ+kFAfA6N6plHb27lFP0aTMveH7FYiWpFGqPH15u3NFcPdsk8qijv4WZ sREJ6LgDknk80Rmla2td+l3Vo4iTCWEL7gvoY9uhzWCbuMvj1SSk5rOqVXtOEvuF 8MpPM+xShIgGbYrFPxeMjYF16p+FxYVDcapSGrIORksAKOunAWDOHmZf+jR7iCMX ts3y9wxwNBObMK+Jr+ApYRohz9obamvxjlwBwXSWJ6xlsFyu5Y3e6IzSm/EJpK1i f25ydDFruA4=jL/2 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce
var-200801-0578	The chrp_show_cpuinfo function (chrp/setup.c) in Linux kernel 2.4.21 through 2.6.18-53, when running on PowerPC, might allow local users to cause a denial of service (crash) via unknown vectors that cause the of_get_property function to fail, which triggers a NULL pointer dereference. The Linux kernel is prone to a local denial-of-service vulnerability. Attackers can exploit this issue to crash the affected kernel, denying service to legitimate users. This issue affects Linux kernel 2.4.21 through 2.6.18-53 running on the PowerPC architecture. The NFSv4 implementation is one of the distributed file system protocols. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------- Debian Security Advisory DSA-1565-1 security@debian.org http://www.debian.org/security/ dann frazier May 1, 2008 http://www.debian.org/security/faq - ---------------------------------------------------------------------- Package : linux-2.6 Vulnerability : several vulnerabilities Problem type : local Debian-specific: no CVE Id(s) : CVE-2007-6694 CVE-2008-0007 CVE-2008-1294 CVE-2008-1375 Several local vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-6694 Cyrill Gorcunov reported a NULL pointer dereference in code specific to the CHRP PowerPC platforms. CVE-2008-1294 David Peer discovered that users could escape administrator imposed cpu time limitations (RLIMIT_CPU) by setting a limit of 0. CVE-2008-1375 Alexander Viro discovered a race condition in the directory notification subsystem that allows local users to cause a Denial of Service (oops) and possibly result in an escalation of priveleges. For the stable distribution (etch), this problem has been fixed in version 2.6.18.dfsg.1-18etch3. The unstable (sid) and testing distributions will be fixed soon. We recommend that you upgrade your linux-2.6, fai-kernels, and user-mode-linux packages. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages The following matrix lists additional source packages that were rebuilt for compatability with or to take advantage of this update: Debian 4.0 (etch) fai-kernels 1.17+etch.18etch3 user-mode-linux 2.6.18-1um-2etch.18etch3 You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - ------------------------------- Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch3.dsc Size/MD5 checksum: 740 950fed7ed7c289cfea9c1b39f0f41bc0 http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch2.dsc Size/MD5 checksum: 740 6f6faa132a53e808bcc61823d140290a http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-18etch3.diff.gz Size/MD5 checksum: 5395308 ae08d42b58cd3cf93a23fe31615ac2fd http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um.orig.tar.gz Size/MD5 checksum: 14435 4d10c30313e11a24621f7218c31f3582 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1.orig.tar.gz Size/MD5 checksum: 52225460 6a1ab0948d6b5b453ea0fce0fcc29060 http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.18etch3.dsc Size/MD5 checksum: 892 ca5cdee7568704bc9f6c58f786d0daae http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch3.tar.gz Size/MD5 checksum: 55267 981e9a0a1d79b1605164588eef7da492 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-18etch3.dsc Size/MD5 checksum: 5672 4e4714f542968b30b2c3f94e203e1e04 http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch2.tar.gz Size/MD5 checksum: 55185 0a46d75b3ced870a96ea41b900f1ecaa http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.18etch2.diff.gz Size/MD5 checksum: 16873 868c1f27ad2c8db782bbd2bdc3618d70 http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.18etch2.dsc Size/MD5 checksum: 892 52c602d55bdc301a0622ed8a63745f29 http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.18etch3.diff.gz Size/MD5 checksum: 16968 ff99991657e11545a0f557b623962c52 Architecture independent packages: http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.18_2.6.18.dfsg.1-18etch3_all.deb Size/MD5 checksum: 3589210 d2033347599e8db12e2446fd75c0ce37 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.18_2.6.18.dfsg.1-18etch3_all.deb Size/MD5 checksum: 54558 3362cfa5f1de0c80b1aa96f22d846c7e http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.18_2.6.18.dfsg.1-18etch3_all.deb Size/MD5 checksum: 1586214 a496f633c826ce730ce6150dff49209f http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.18_2.6.18.dfsg.1-18etch3_all.deb Size/MD5 checksum: 41463452 67e56915cd61f4b0058aa668e284ca8c http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.18_2.6.18.dfsg.1-18etch3_all.deb Size/MD5 checksum: 1085670 9c6513bc6e29a63d0aedc8da8958fc3f http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.18-6_2.6.18.dfsg.1-18etch3_all.deb Size/MD5 checksum: 3752262 e2f225858212089b10aa319236d300f3 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch3_alpha.deb Size/MD5 checksum: 3027694 ef8b352212a8184702407e69cb7046bd http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-legacy_2.6.18.dfsg.1-18etch3_alpha.deb Size/MD5 checksum: 268330 7b7d0ab15fe537a59c68b35531750739 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch3_alpha.deb Size/MD5 checksum: 54038 f42aafb19b9fae6445d0581277b60e92 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-alpha_2.6.18.dfsg.1-18etch3_alpha.deb Size/MD5 checksum: 23531650 8633558cda9f10fbadbc9299dde77575 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-alpha_2.6.18.dfsg.1-18etch3_alpha.deb Size/MD5 checksum: 54074 f4b61f5f330a7a2248d91432fa307f41 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-generic_2.6.18.dfsg.1-18etch3_alpha.deb Size/MD5 checksum: 268076 09bdbafb6d32a4d9f8ceab5f1a6c666e http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-generic_2.6.18.dfsg.1-18etch3_alpha.deb Size/MD5 checksum: 23484202 d14e2e1d8537aa0cb2f2367f6ddd6762 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-smp_2.6.18.dfsg.1-18etch3_alpha.deb Size/MD5 checksum: 23844262 0cb427290707d8a59a3afdf68f523e6b http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch3_alpha.deb Size/MD5 checksum: 3052524 4323a32807ee9a2a7f13bc605ef0a9c7 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-alpha_2.6.18.dfsg.1-18etch3_alpha.deb Size/MD5 checksum: 268772 bcec817953f14a50253dbe83e16d6c70 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-legacy_2.6.18.dfsg.1-18etch3_alpha.deb Size/MD5 checksum: 23462618 f6873f376755c4f29b24d0d11c9d70ae http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-smp_2.6.18.dfsg.1-18etch3_alpha.deb Size/MD5 checksum: 267446 376df6aed1989d65f8144f8790862e17 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-amd64_2.6.18.dfsg.1-18etch3_amd64.deb Size/MD5 checksum: 15260738 6c000df81a113d2d69a9473a3d764f08 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-amd64_2.6.18.dfsg.1-18etch3_amd64.deb Size/MD5 checksum: 16859134 9480377d14efcd65c7bde090d2c18023 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver_2.6.18.dfsg.1-18etch3_amd64.deb Size/MD5 checksum: 3357018 fcb1a842f85110b4a37d246621027ad3 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-amd64_2.6.18.dfsg.1-18etch3_amd64.deb Size/MD5 checksum: 271914 9a7953d1adbcfbbea07a1357450f34a0 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-18etch3_amd64.deb Size/MD5 checksum: 15272470 2581dfa79e27ead359eb27642748b3df http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-amd64_2.6.18.dfsg.1-18etch3_amd64.deb Size/MD5 checksum: 54066 ce821a602278441fb157d2e8dffa7840 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-amd64_2.6.18.dfsg.1-18etch3_amd64.deb Size/MD5 checksum: 16820486 a1540f416895111ff4a4f6dc8d5ae2ad http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch3_amd64.deb Size/MD5 checksum: 3191118 dae286014c3a55824e3cb3040948caa4 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-amd64_2.6.18.dfsg.1-18etch3_amd64.deb Size/MD5 checksum: 271584 5246a3f1ccb78bde203aab0338e90cd3 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch3_amd64.deb Size/MD5 checksum: 54038 20567a8f59997151900492fbbdb5a5bf http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-amd64_2.6.18.dfsg.1-18etch3_amd64.deb Size/MD5 checksum: 54012 fcd8a752e777bf97667914fe658ca440 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch3_amd64.deb Size/MD5 checksum: 3167674 8fed61ce7278a060d600e54481851c2b http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen_2.6.18.dfsg.1-18etch3_amd64.deb Size/MD5 checksum: 3334306 bd7dd1d9b1518e0e52f3d513ad9f7cea http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-amd64_2.6.18.dfsg.1-18etch3_amd64.deb Size/MD5 checksum: 1650934 92ab0f73f6d2a1699f975ebede812c99 http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-18etch3_amd64.deb Size/MD5 checksum: 54034 224990e92d1255bac74a4a540ef8ee15 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-amd64_2.6.18.dfsg.1-18etch3_amd64.deb Size/MD5 checksum: 271184 4d2dfd603bf61408db599c9a972d6824 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-18etch3_amd64.deb Size/MD5 checksum: 1682946 a2ccb197f0b4bc35e889a61c095add5e http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-18etch3_amd64.deb Size/MD5 checksum: 272850 4cab43a5199e6764b4857a91aaa52e09 arm architecture (ARM) http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-iop32x_2.6.18.dfsg.1-18etch3_arm.deb Size/MD5 checksum: 7924514 6f93e2c2e0f3e5ddeddb95bd50d560ef http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-footbridge_2.6.18.dfsg.1-18etch3_arm.deb Size/MD5 checksum: 233088 acb0dd092348b024f08e0fc2467c31f3 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-arm_2.6.18.dfsg.1-18etch3_arm.deb Size/MD5 checksum: 54104 1437f25c10919b2f944295b8d7f168d8 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch3_arm.deb Size/MD5 checksum: 54064 1afdbacaa80466a4705a9b7ef50a4a9d http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-ixp4xx_2.6.18.dfsg.1-18etch3_arm.deb Size/MD5 checksum: 239810 542097b2625db36fa56dfd7a29b66f37 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-iop32x_2.6.18.dfsg.1-18etch3_arm.deb Size/MD5 checksum: 233830 e9a09a7d2a3927486adc68e1f1f7f0f8 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch3_arm.deb Size/MD5 checksum: 3410416 dfc64565c01ac1f01784d72a8befa378 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-footbridge_2.6.18.dfsg.1-18etch3_arm.deb Size/MD5 checksum: 7566074 822c9f74d2a88f4ac8e94210ecb06752 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-s3c2410_2.6.18.dfsg.1-18etch3_arm.deb Size/MD5 checksum: 204874 1b773fb8b26f20629b8c868db90c5521 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s3c2410_2.6.18.dfsg.1-18etch3_arm.deb Size/MD5 checksum: 5009022 ef23e40a692019b29f03f1ef7c864e12 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-rpc_2.6.18.dfsg.1-18etch3_arm.deb Size/MD5 checksum: 4586924 66c55044ecf936cf08b69e3f78f8318e http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-ixp4xx_2.6.18.dfsg.1-18etch3_arm.deb Size/MD5 checksum: 8870890 a5a52727b1e019791b260c65d4793911 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-rpc_2.6.18.dfsg.1-18etch3_arm.deb Size/MD5 checksum: 198750 09c8bda5566b05dd0f969dedfc316d4c hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc_2.6.18.dfsg.1-18etch3_hppa.deb Size/MD5 checksum: 10552252 247e3774a6493211af6575531966a8a4 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch3_hppa.deb Size/MD5 checksum: 3020374 69fbbe6591cdab73257c9f68bacb63c0 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch3_hppa.deb Size/MD5 checksum: 54044 77f6c66523dba6bb546b28b6b40b51e9 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc64_2.6.18.dfsg.1-18etch3_hppa.deb Size/MD5 checksum: 196344 3ed099784ab8fe2f625462b1689ea7cd http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc-smp_2.6.18.dfsg.1-18etch3_hppa.deb Size/MD5 checksum: 196818 f0d8bbb055a380b4c2b6064bbd9de0ac http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-hppa_2.6.18.dfsg.1-18etch3_hppa.deb Size/MD5 checksum: 54068 f91b5aa270a091f57a246e4cf1f6924a http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc_2.6.18.dfsg.1-18etch3_hppa.deb Size/MD5 checksum: 195368 29352673ddd4364e7dab3f5a1eb6e2d1 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc64-smp_2.6.18.dfsg.1-18etch3_hppa.deb Size/MD5 checksum: 197570 bde8500410397921905e78f71cd68a10 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc64_2.6.18.dfsg.1-18etch3_hppa.deb Size/MD5 checksum: 11398348 8201e0a1b33c60d737fb2821dadb8d18 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc-smp_2.6.18.dfsg.1-18etch3_hppa.deb Size/MD5 checksum: 10999924 6a0b08925946b094d1638ca20095df15 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc64-smp_2.6.18.dfsg.1-18etch3_hppa.deb Size/MD5 checksum: 11806360 7e63ef04531d59c2e3d0c93893d09bf0 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-686_2.6.18.dfsg.1-18etch3_i386.deb Size/MD5 checksum: 16376092 f7e958b27f039bb044d46f94cc0c9231 http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-686_2.6.18.dfsg.1-18etch3_i386.deb Size/MD5 checksum: 54014 593ee26c9bed3b3c853511c6bbbd13ea http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.18etch2_i386.deb Size/MD5 checksum: 25583354 6cc7cc34a241783bb8f3b2c9da7595a2 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-k7_2.6.18.dfsg.1-18etch3_i386.deb Size/MD5 checksum: 278502 0f7f0e13f78438eeb1a939a637b8070c http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-k7_2.6.18.dfsg.1-18etch3_i386.deb Size/MD5 checksum: 16466936 99c66acfa3cd0c109f0d3e2eaedf8877 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-k7_2.6.18.dfsg.1-18etch3_i386.deb Size/MD5 checksum: 279716 62626201a89882bab17d10ce706b2df5 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-18etch3_i386.deb Size/MD5 checksum: 14289932 049b2b4696e9cbeec20ec8c2056c7185 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-686_2.6.18.dfsg.1-18etch3_i386.deb Size/MD5 checksum: 277596 042152b79d08eea568fd7481b4849386 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-k7_2.6.18.dfsg.1-18etch3_i386.deb Size/MD5 checksum: 16507076 a1a5845401d351c6fa1f380565bcb5d6 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-486_2.6.18.dfsg.1-18etch3_i386.deb Size/MD5 checksum: 16190600 6c50e29e1616140b367e626c93db2ae4 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-686_2.6.18.dfsg.1-18etch3_i386.deb Size/MD5 checksum: 271900 8d74262b41e039125ce896f8e8d2f8bd http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-18etch3_i386.deb Size/MD5 checksum: 272690 94db026fc7d498b48c5ac0b504f63390 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-686_2.6.18.dfsg.1-18etch3_i386.deb Size/MD5 checksum: 1299670 879785b1ee5f4ef0bec7423e5c7599e9 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-686_2.6.18.dfsg.1-18etch3_i386.deb Size/MD5 checksum: 14279230 3101d59c0d8ad8bf617f4d0eefbbb7de http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-i386_2.6.18.dfsg.1-18etch3_i386.deb Size/MD5 checksum: 54088 e23a1d89d0f998caed5b594c5762dc19 http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-18etch3_i386.deb Size/MD5 checksum: 54032 d7b04d8d6f7a0d43579a499e4e0b681b http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch2_i386.deb Size/MD5 checksum: 5518204 0ce72fa3c9dfd208b1afa6912ffbcc3d http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-686_2.6.18.dfsg.1-18etch3_i386.deb Size/MD5 checksum: 16336828 0780d6d13e90466249f83e6d72ce1780 http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch3_i386.deb Size/MD5 checksum: 5518218 b86648769c5d3db2eb79b1bf6d490c50 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen_2.6.18.dfsg.1-18etch3_i386.deb Size/MD5 checksum: 3148608 633afcaaeb9d655b8bde34977bfd0bd5 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-amd64_2.6.18.dfsg.1-18etch3_i386.deb Size/MD5 checksum: 272236 a611f8a0301e945ce72af3610bc05350 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch3_i386.deb Size/MD5 checksum: 3054330 6cfae664f54be8c9ed3958c003f404c9 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch3_i386.deb Size/MD5 checksum: 3167916 756a4eed5e44d0530c5f20a7bc80d3d2 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-686-bigmem_2.6.18.dfsg.1-18etch3_i386.deb Size/MD5 checksum: 279366 357140fdeff990683639e8f290593b0c http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.18etch3_i386.deb Size/MD5 checksum: 25583596 f0c6d87c849d5384be99dba70d34fb0d http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-486_2.6.18.dfsg.1-18etch3_i386.deb Size/MD5 checksum: 282728 a6b21a6fc38381b3884b2d2cd052d306 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-amd64_2.6.18.dfsg.1-18etch3_i386.deb Size/MD5 checksum: 16836766 be9c22427d5666a80bf96e4c6501ebf7 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch3_i386.deb Size/MD5 checksum: 54030 125894b7dd2b90ba5f48de2e7f04518b http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-18etch3_i386.deb Size/MD5 checksum: 1326708 add492f75bb0337e6e69a4afb73114c6 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-686-bigmem_2.6.18.dfsg.1-18etch3_i386.deb Size/MD5 checksum: 16404432 9411c28cfbb27329417aa28b32de764c http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver_2.6.18.dfsg.1-18etch3_i386.deb Size/MD5 checksum: 3170704 6b86d80969e7f62ceaae5ee5af7f1a5c http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-686_2.6.18.dfsg.1-18etch3_i386.deb Size/MD5 checksum: 279198 92c75044e071977263a20c444ee655d0 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-itanium_2.6.18.dfsg.1-18etch3_ia64.deb Size/MD5 checksum: 255464 ad4b1e9a12ca70ebb46a4c0f77bb62bf http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-itanium_2.6.18.dfsg.1-18etch3_ia64.deb Size/MD5 checksum: 28013676 bacb3a11176542aa961867eaac8539d3 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-mckinley_2.6.18.dfsg.1-18etch3_ia64.deb Size/MD5 checksum: 28181506 d0c75846976e8ebcd8baf1ee64a46414 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch3_ia64.deb Size/MD5 checksum: 54036 746e70c193f28c412acec61cf63e4572 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-ia64_2.6.18.dfsg.1-18etch3_ia64.deb Size/MD5 checksum: 54050 fa3dc6c7671185e9ce4f7a00783990dc http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch3_ia64.deb Size/MD5 checksum: 3081858 970b72442606e4878d77a274d4fa4306 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-mckinley_2.6.18.dfsg.1-18etch3_ia64.deb Size/MD5 checksum: 255414 885054343ab6670ce1d90f7bdda61ef2 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r5k-ip32_2.6.18.dfsg.1-18etch3_mips.deb Size/MD5 checksum: 167030 7bce3329b9fc5d10faafecfac21bc70a http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-18etch3_mips.deb Size/MD5 checksum: 186870 37e9b246abeb84886cd9a6215187f229 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r4k-ip22_2.6.18.dfsg.1-18etch3_mips.deb Size/MD5 checksum: 8309262 893346de1a07ed015320fe333fc41037 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-18etch3_mips.deb Size/MD5 checksum: 15653182 1938128d29990cc16bc3f829d3fa1cbf http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-qemu_2.6.18.dfsg.1-18etch3_mips.deb Size/MD5 checksum: 6125514 e6842c7aedc7b70d5a4a5d8e624e9627 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r4k-ip22_2.6.18.dfsg.1-18etch3_mips.deb Size/MD5 checksum: 162870 5ebcff098fd97c89bc0f3057f68c3e31 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-mips_2.6.18.dfsg.1-18etch3_mips.deb Size/MD5 checksum: 54110 9408231d8eb91431b2ca495f1e94f3cb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch3_mips.deb Size/MD5 checksum: 54054 ed109dbb8bf134256164d6d07bd061f6 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch3_mips.deb Size/MD5 checksum: 3413590 6013078ea705dbf5367d284f6ae401a4 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-qemu_2.6.18.dfsg.1-18etch3_mips.deb Size/MD5 checksum: 154266 e5775b643e07055ec7121815d9316e62 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-18etch3_mips.deb Size/MD5 checksum: 186682 9027d5504f2739d64d1bb4111ec5e136 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-18etch3_mips.deb Size/MD5 checksum: 15677870 4b5a1f2e56c587a0d470ea17fab07647 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r5k-ip32_2.6.18.dfsg.1-18etch3_mips.deb Size/MD5 checksum: 9075438 02f535440d5018de7b6233b232aa04de mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r5k-cobalt_2.6.18.dfsg.1-18etch3_mipsel.deb Size/MD5 checksum: 9863510 a6c8def78ca64e8e8b6ef10533186d30 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-qemu_2.6.18.dfsg.1-18etch3_mipsel.deb Size/MD5 checksum: 149960 2e09d53e58663189a043b7d7493cec8e http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r4k-kn04_2.6.18.dfsg.1-18etch3_mipsel.deb Size/MD5 checksum: 5926528 cb0dfe477608a2da181596f9b78ceddc http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r3k-kn02_2.6.18.dfsg.1-18etch3_mipsel.deb Size/MD5 checksum: 155716 76a619c24cc74cfe22ab42f9f2964096 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch3_mipsel.deb Size/MD5 checksum: 54040 affef50872a733868e2e3d58d566993a http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r4k-kn04_2.6.18.dfsg.1-18etch3_mipsel.deb Size/MD5 checksum: 155772 dd2d75f96ee5dd4c7a7ff8250f631649 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-18etch3_mipsel.deb Size/MD5 checksum: 182490 f6be30e57bbff0ecace79826d4474bb3 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r3k-kn02_2.6.18.dfsg.1-18etch3_mipsel.deb Size/MD5 checksum: 5941862 45689ea22cb4ebdfb71936f79e00eebe http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r5k-cobalt_2.6.18.dfsg.1-18etch3_mipsel.deb Size/MD5 checksum: 178194 4baf9d4d2fed0b5e3f12add06fae014b http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch3_mipsel.deb Size/MD5 checksum: 3350066 4938243e89da8ace26c47d00bc60acf1 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-18etch3_mipsel.deb Size/MD5 checksum: 182706 84024a93ebcd9d394f179c8ee254ef1b http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-18etch3_mipsel.deb Size/MD5 checksum: 15053292 024f0d5e1fbaf5c7d5664aca87ac8741 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-mipsel_2.6.18.dfsg.1-18etch3_mipsel.deb Size/MD5 checksum: 54102 d25d6e1de865a3da93959dd8f8034d7f http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-qemu_2.6.18.dfsg.1-18etch3_mipsel.deb Size/MD5 checksum: 6027404 26b3c01fd8f1c798189c1ee5ec44d11c http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-18etch3_mipsel.deb Size/MD5 checksum: 15030096 69c0f1d1c25f49c3201a0b3edc1873b0 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-prep_2.6.18.dfsg.1-18etch3_powerpc.deb Size/MD5 checksum: 16402406 7f918a1714d84f8ccb6aaf1a13fc518e http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-powerpc_2.6.18.dfsg.1-18etch3_powerpc.deb Size/MD5 checksum: 17016786 c06998d5b9b3c192bde5ecc4119830a1 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-powerpc_2.6.18.dfsg.1-18etch3_powerpc.deb Size/MD5 checksum: 54088 3683bf42ff1af3009202bf4c6a0e30cd http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc_2.6.18.dfsg.1-18etch3_powerpc.deb Size/MD5 checksum: 16626352 37c3c60edcd7f7b22ededfcda073b5a8 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc_2.6.18.dfsg.1-18etch3_powerpc.deb Size/MD5 checksum: 251358 20ade66e354f4473ff045bb0e4e2f7c5 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc-miboot_2.6.18.dfsg.1-18etch3_powerpc.deb Size/MD5 checksum: 229986 a6996ddd8cd1f5439aecfc4693ab83f9 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch3_powerpc.deb Size/MD5 checksum: 54036 d451146b15c05d5d630f72a3399a3464 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc64_2.6.18.dfsg.1-18etch3_powerpc.deb Size/MD5 checksum: 253356 69fd6bca694ce1aea2788658eb530d3e http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-powerpc64_2.6.18.dfsg.1-18etch3_powerpc.deb Size/MD5 checksum: 18348404 6899ee7990a534276f4c98970a05a843 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch3_powerpc.deb Size/MD5 checksum: 3414514 54cad7ae1cd248f0125aa12c9823f0c7 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc64_2.6.18.dfsg.1-18etch3_powerpc.deb Size/MD5 checksum: 18293832 2025add962d50482de362ee202f8bb79 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-powerpc_2.6.18.dfsg.1-18etch3_powerpc.deb Size/MD5 checksum: 252806 ed8f3ba9ab6384096d25204af0594ed1 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch3_powerpc.deb Size/MD5 checksum: 3392288 02cba07fa4ab35192737f7a40907cf53 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc-smp_2.6.18.dfsg.1-18etch3_powerpc.deb Size/MD5 checksum: 16969082 d986973f5c4d0e577b169c96ffa0cec4 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc-miboot_2.6.18.dfsg.1-18etch3_powerpc.deb Size/MD5 checksum: 15157518 c3ae440ddcd66b9aaa80260824f91967 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-powerpc64_2.6.18.dfsg.1-18etch3_powerpc.deb Size/MD5 checksum: 253230 4d2e3ce370d0c3caf798cfee0dfc44d2 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-prep_2.6.18.dfsg.1-18etch3_powerpc.deb Size/MD5 checksum: 246254 fa91c1654d4f46128856838066eb11bf http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc-smp_2.6.18.dfsg.1-18etch3_powerpc.deb Size/MD5 checksum: 252272 5eda39b6177f4e66f082c06a159f5719 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-s390_2.6.18.dfsg.1-18etch3_s390.deb Size/MD5 checksum: 54058 9e8a26d5500ffcd7a6a29dfac6d570b8 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch3_s390.deb Size/MD5 checksum: 54032 350d6fe5dcfdefcc6f92e364f0ffba3f http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390_2.6.18.dfsg.1-18etch3_s390.deb Size/MD5 checksum: 5401990 4af4cf18cb011bb00bb882f7a03c9a21 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-s390_2.6.18.dfsg.1-18etch3_s390.deb Size/MD5 checksum: 143264 76db142c20b22a4d0847f6309e0a10da http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch3_s390.deb Size/MD5 checksum: 2966014 81cfb914839c4709399e25ffe9eb2cb5 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-s390x_2.6.18.dfsg.1-18etch3_s390.deb Size/MD5 checksum: 143688 4291bc7d9865c2842a181b22a7992188 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-s390x_2.6.18.dfsg.1-18etch3_s390.deb Size/MD5 checksum: 5661534 8f7661bfe58017b2e3aa2eb9ca3ffadd http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390-tape_2.6.18.dfsg.1-18etch3_s390.deb Size/MD5 checksum: 1438796 18d9f041343153cf48f441eeed112885 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390x_2.6.18.dfsg.1-18etch3_s390.deb Size/MD5 checksum: 5619704 7213d869d6e23933ae5e55c87fade8f6 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-s390x_2.6.18.dfsg.1-18etch3_s390.deb Size/MD5 checksum: 144632 5df45b01064fc7de2106e8b532946cb5 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch3_s390.deb Size/MD5 checksum: 2942938 7dcac05e6588849c7491ef1004759f39 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch3_sparc.deb Size/MD5 checksum: 3168126 ef5277a44be4e2fb95d7f7feca1cc568 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sparc32_2.6.18.dfsg.1-18etch3_sparc.deb Size/MD5 checksum: 165126 8d82f98016c375c250105791051e3021 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sparc32_2.6.18.dfsg.1-18etch3_sparc.deb Size/MD5 checksum: 6411270 7106725061d98e4036d0ebabd01ca7fa http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sparc64-smp_2.6.18.dfsg.1-18etch3_sparc.deb Size/MD5 checksum: 195102 73419b6d64a68410924a0471f0d3bf62 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sparc64_2.6.18.dfsg.1-18etch3_sparc.deb Size/MD5 checksum: 10391364 f35ec6950afc88b69fa814d005b68550 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch3_sparc.deb Size/MD5 checksum: 54046 dbd49273f393e72c21f056d50f94cf02 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch3_sparc.deb Size/MD5 checksum: 3190444 40bc9af5142779024dea09675f833778 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sparc64_2.6.18.dfsg.1-18etch3_sparc.deb Size/MD5 checksum: 194260 80fdc90e470899b21ae831aaa06702b9 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-sparc64_2.6.18.dfsg.1-18etch3_sparc.deb Size/MD5 checksum: 195828 2036f355f29c418602074540bde81c65 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-sparc64_2.6.18.dfsg.1-18etch3_sparc.deb Size/MD5 checksum: 10693152 7bef279c0e967019fa5e8a07c1eb4019 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sparc64-smp_2.6.18.dfsg.1-18etch3_sparc.deb Size/MD5 checksum: 10647534 197798f662b6e4fc55d0f64dcea6eeff http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-sparc_2.6.18.dfsg.1-18etch3_sparc.deb Size/MD5 checksum: 54076 8a2d9ac2067a4c8a7b090da06faf4025 These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIGgmwhuANDBmkLRkRAoRpAKCCo/Ja0CkmHW8VQijCHN7Y5l113ACeKR48 1gWjfQ6MRn5jOphirPT8DZg= =22DK -----END PGP SIGNATURE----- . =========================================================== Ubuntu Security Notice USN-618-1 June 19, 2008 linux-source-2.6.15/20/22 vulnerabilities CVE-2007-4571, CVE-2007-5904, CVE-2007-6694, CVE-2008-0007, CVE-2008-1294, CVE-2008-1375, CVE-2008-1669 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: linux-image-2.6.15-52-386 2.6.15-52.67 linux-image-2.6.15-52-686 2.6.15-52.67 linux-image-2.6.15-52-amd64-generic 2.6.15-52.67 linux-image-2.6.15-52-amd64-k8 2.6.15-52.67 linux-image-2.6.15-52-amd64-server 2.6.15-52.67 linux-image-2.6.15-52-amd64-xeon 2.6.15-52.67 linux-image-2.6.15-52-hppa32 2.6.15-52.67 linux-image-2.6.15-52-hppa32-smp 2.6.15-52.67 linux-image-2.6.15-52-hppa64 2.6.15-52.67 linux-image-2.6.15-52-hppa64-smp 2.6.15-52.67 linux-image-2.6.15-52-itanium 2.6.15-52.67 linux-image-2.6.15-52-itanium-smp 2.6.15-52.67 linux-image-2.6.15-52-k7 2.6.15-52.67 linux-image-2.6.15-52-mckinley 2.6.15-52.67 linux-image-2.6.15-52-mckinley-smp 2.6.15-52.67 linux-image-2.6.15-52-powerpc 2.6.15-52.67 linux-image-2.6.15-52-powerpc-smp 2.6.15-52.67 linux-image-2.6.15-52-powerpc64-smp 2.6.15-52.67 linux-image-2.6.15-52-server 2.6.15-52.67 linux-image-2.6.15-52-server-bigiron 2.6.15-52.67 linux-image-2.6.15-52-sparc64 2.6.15-52.67 linux-image-2.6.15-52-sparc64-smp 2.6.15-52.67 Ubuntu 7.04: linux-image-2.6.20-17-386 2.6.20-17.36 linux-image-2.6.20-17-generic 2.6.20-17.36 linux-image-2.6.20-17-hppa32 2.6.20-17.36 linux-image-2.6.20-17-hppa64 2.6.20-17.36 linux-image-2.6.20-17-itanium 2.6.20-17.36 linux-image-2.6.20-17-lowlatency 2.6.20-17.36 linux-image-2.6.20-17-mckinley 2.6.20-17.36 linux-image-2.6.20-17-powerpc 2.6.20-17.36 linux-image-2.6.20-17-powerpc-smp 2.6.20-17.36 linux-image-2.6.20-17-powerpc64-smp 2.6.20-17.36 linux-image-2.6.20-17-server 2.6.20-17.36 linux-image-2.6.20-17-server-bigiron 2.6.20-17.36 linux-image-2.6.20-17-sparc64 2.6.20-17.36 linux-image-2.6.20-17-sparc64-smp 2.6.20-17.36 Ubuntu 7.10: linux-image-2.6.22-15-386 2.6.22-15.54 linux-image-2.6.22-15-cell 2.6.22-15.54 linux-image-2.6.22-15-generic 2.6.22-15.54 linux-image-2.6.22-15-hppa32 2.6.22-15.54 linux-image-2.6.22-15-hppa64 2.6.22-15.54 linux-image-2.6.22-15-itanium 2.6.22-15.54 linux-image-2.6.22-15-lpia 2.6.22-15.54 linux-image-2.6.22-15-lpiacompat 2.6.22-15.54 linux-image-2.6.22-15-mckinley 2.6.22-15.54 linux-image-2.6.22-15-powerpc 2.6.22-15.54 linux-image-2.6.22-15-powerpc-smp 2.6.22-15.54 linux-image-2.6.22-15-powerpc64-smp 2.6.22-15.54 linux-image-2.6.22-15-rt 2.6.22-15.54 linux-image-2.6.22-15-server 2.6.22-15.54 linux-image-2.6.22-15-sparc64 2.6.22-15.54 linux-image-2.6.22-15-sparc64-smp 2.6.22-15.54 linux-image-2.6.22-15-ume 2.6.22-15.54 linux-image-2.6.22-15-virtual 2.6.22-15.54 linux-image-2.6.22-15-xen 2.6.22-15.54 After a standard system upgrade you need to reboot your computer to effect the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. If you use linux-restricted-modules, you have to update that package as well to get modules which work with the new kernel version. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-386, linux-powerpc, linux-amd64-generic), a standard system upgrade will automatically perform this as well. Details follow: It was discovered that the ALSA /proc interface did not write the correct number of bytes when reporting memory allocations. A local attacker might be able to access sensitive kernel memory, leading to a loss of privacy. (CVE-2007-4571) Multiple buffer overflows were discovered in the handling of CIFS filesystems. A malicious CIFS server could cause a client system crash or possibly execute arbitrary code with kernel privileges. (CVE-2007-5904) It was discovered that PowerPC kernels did not correctly handle reporting certain system details. By requesting a specific set of information, a local attacker could cause a system crash resulting in a denial of service. (CVE-2007-6694) It was discovered that some device driver fault handlers did not correctly verify memory ranges. A local attacker could exploit this to access sensitive kernel memory, possibly leading to a loss of privacy. (CVE-2008-0007) It was discovered that CPU resource limits could be bypassed. A malicious local user could exploit this to avoid administratively imposed resource limits. (CVE-2008-1294) A race condition was discovered between dnotify fcntl() and close() in the kernel. If a local attacker performed malicious dnotify requests, they could cause memory consumption leading to a denial of service, or possibly send arbitrary signals to any process. (CVE-2008-1375) On SMP systems, a race condition existed in fcntl(). Local attackers could perform malicious locks, causing system crashes and leading to a denial of service. (CVE-2008-1669) Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/linux-backports-modules-2.6.15_2.6.15-52.10.dsc Size/MD5: 2611 f3dd319890b9704ecc00045636534db7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/linux-backports-modules-2.6.15_2.6.15-52.10.tar.gz Size/MD5: 446767 c94e2a00ecf18fce9dd031ac6e9cd052 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15-52.67.diff.gz Size/MD5: 2873504 d7723bb11612357b4608e8f60e4b8418 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15-52.67.dsc Size/MD5: 2374 45557a3d6035adbdd6ed5305b0833105 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15.orig.tar.gz Size/MD5: 57403387 88ab0747cb8c2ceed662e0fd1b27d81d http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15_2.6.15.12-52.3.diff.gz Size/MD5: 95993 a73703b2df5faf419f59a512078613a2 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15_2.6.15.12-52.3.dsc Size/MD5: 3194 c10a6c6c95b0be5c93d4681f2a5759b8 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15_2.6.15.12.orig.tar.gz Size/MD5: 97745908 fb5765cfa2b0fdb06deb54fd6e537772 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-doc-2.6.15_2.6.15-52.67_all.deb Size/MD5: 5162896 72f6b6c423959afebb74c6a804c0f388 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-kernel-devel_2.6.15-52.67_all.deb Size/MD5: 92962 51e59e2666145a31fb4ac47c3d4ab61e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15-52.67_all.deb Size/MD5: 44740314 06fa6b3c9496839b240aa285a9f85e26 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-common_2.6.15.12-52.3_all.deb Size/MD5: 18452 37a5059b2b5efaa59c7e688a6003c732 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/linux-backports-modules-2.6.15-52-amd64-generic_2.6.15-52.10_amd64.deb Size/MD5: 165150 0a73a8b05abfc08043f9e308459a3a9e http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/linux-backports-modules-2.6.15-52-amd64-k8_2.6.15-52.10_amd64.deb Size/MD5: 165240 50c208a7c25cdf1b13c4edc5703e23b1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/linux-backports-modules-2.6.15-52-amd64-server_2.6.15-52.10_amd64.deb Size/MD5: 165290 61dc26e3f218600402384d3dd495d6b7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/linux-backports-modules-2.6.15-52-amd64-xeon_2.6.15-52.10_amd64.deb Size/MD5: 156050 7a9506a56279a9e2f053c931a91cf5d3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/nic-updates-modules-2.6.15-52-amd64-generic-di_2.6.15-52.10_amd64.udeb Size/MD5: 84706 763f0c324d411c838e179af730f45d67 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/scsi-updates-modules-2.6.15-52-amd64-generic-di_2.6.15-52.10_amd64.udeb Size/MD5: 97394 0117222de0bf93e1a89af25d628d6c16 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/acpi-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 22342 72e3223d194781df52d35571f6325760 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 44764 43dcd9724184cf62e5f9cab54afe1e13 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 2304 4e9ebca859508d6c5464ff9f06e57ade http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 36244 5aaf7d1dbe903fbeeddf3ecfc8901128 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 102284 5065464eff55e17f28a35f5e57a842bc http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 38874 e26b198e7cc4a18f5797df9f44dd91dd http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fb-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 49134 4a80334564469d8118821235792f9bef http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/firewire-core-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 176690 9aacdae559d3bc97a2640ce4d58da0f6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/floppy-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 36768 8cffcbc067254877445e6105396a5f16 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 142248 4c44b18a12bf86917275670a71cd3720 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 51040 79823112f8894465b411b91357582252 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 140606 d94e572bb96c18f35c3b536042d34a24 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/irda-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 286872 653ea1a2020706629e7a4ec2abe489d7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/jfs-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 97788 6c0387e7d1b0f25d0335a4471931e0be http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 1650922 76ec5ee75959713b6a6b1cb18c14d646 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52-amd64-generic_2.6.15-52.67_amd64.deb Size/MD5: 865032 d6c05bd69946a41ff5973f94ff122aa8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52-amd64-k8_2.6.15-52.67_amd64.deb Size/MD5: 869106 ac69148ec23b3387116044527ae22eaf http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52-amd64-server_2.6.15-52.67_amd64.deb Size/MD5: 870098 07f513158e47bc6a167d5e535dc0162a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52-amd64-xeon_2.6.15-52.67_amd64.deb Size/MD5: 869108 ff2a239414471590ab6be64c50de8bf2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52_2.6.15-52.67_amd64.deb Size/MD5: 6921780 5fd6888d0cee59933c68eb44aa2c7a73 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-52-amd64-generic_2.6.15-52.67_amd64.deb Size/MD5: 20809038 6d59f0d3dfa5f99df35be979b1405a89 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-52-amd64-k8_2.6.15-52.67_amd64.deb Size/MD5: 20780064 160dc131a43e31bc0ac8901ca74985b3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-52-amd64-server_2.6.15-52.67_amd64.deb Size/MD5: 21629596 4069011a19bc0bbf68365146ae33c0aa http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-52-amd64-xeon_2.6.15-52.67_amd64.deb Size/MD5: 19896776 39907bab9abcf29f0bf969d3d402ed0c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 15622 6978c2690730ec2f561763ef5122bcb1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 240352 2ddb4ac8cf58569791230da89a30a9b4 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 202552 147e6b2684c8db670776a7e168ba0512 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 1048600 5da9db1b27e8954ee79eb80c41eec163 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 1543100 7ae3da3261b08b812d68021e9797f8af http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-pcmcia-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 161644 8a3bcf8f7850a714858ed668ef5b3976 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 9828 860022b69a682ef0bfa92249055e6e8d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-usb-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 80852 1b447c6d6339da87350b44bf223c7d93 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ntfs-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 49164 2d90f509d7d5ade4b623bc82ac3bea22 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/parport-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 35158 077981a17ebfe2bbefa3660f208f43b1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 70856 4c4c628331820d9ded9e2f8e00ff0ec2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-storage-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 6216 2652727a590c6e7248d3be4b2e0f838c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/plip-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 9058 92df3c6ba60457acd1f602696df3aac6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 57874 71fc227183b138479093e72d2dd964c1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 123330 19a834fb4cff1ac35b96eb6eec3fa5a6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/sata-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 101000 e595f2e9f9997f83b7658f0bd7138272 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 79230 59fb1d8c41d9ecaa1c483981dff8c31c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 1594716 2df0dbbe97e5c709125495de80a31c3c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/serial-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 72278 aeda6dfe658cec5ad60f9580f1c02141 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/socket-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 12646 612cd82d3c221c2494a95b10a75f03b9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ufs-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 33730 5991265208e2a44916d540822bd1ac9c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 138546 ef8d40670f8aa326b3de679d3843e42e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 38926 5cdd7a00236247e10834b2ca00aa938d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb Size/MD5: 278736 3d615d96e1648ed1f8a72b9b770fa847 http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.15/avm-fritz-kernel-source_3.11+2.6.15.12-52.3_amd64.deb Size/MD5: 2405512 0b06044aefe8becb1d0467f5bfdc247d http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.15/fglrx-kernel-source_8.25.18+2.6.15.12-52.3_amd64.deb Size/MD5: 511050 e10b89624f7e210d063a0197902e19eb http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.15/nvidia-kernel-source_1.0.8776+2.6.15.12-52.3_amd64.deb Size/MD5: 1754564 c5c2d9b0533602e9c3e3de858184a655 http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.15/nvidia-legacy-kernel-source_1.0.7174+2.6.15.12-52.3_amd64.deb Size/MD5: 1406452 0ea039bbeca0570589afa2e51744c3c1 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/avm-fritz-firmware-2.6.15-52_3.11+2.6.15.12-52.3_amd64.deb Size/MD5: 475572 4432740400b495606aa776d96ba4ba18 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/fglrx-control_8.25.18+2.6.15.12-52.3_amd64.deb Size/MD5: 76748 cc23398150beebe4a1d561bf9ff81706 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15-52-amd64-generic_2.6.15.12-52.3_amd64.deb Size/MD5: 6861864 0654701d92f5de082562a776d201c110 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15-52-amd64-k8_2.6.15.12-52.3_amd64.deb Size/MD5: 6861248 3ea71d011938ba44253b417acb105e80 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15-52-amd64-xeon_2.6.15.12-52.3_amd64.deb Size/MD5: 6837846 6642dc1eff1db10dedd772a63641124a http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nic-restricted-firmware-2.6.15-52-amd64-generic-di_2.6.15.12-52.3_amd64.udeb Size/MD5: 798882 0dfab4528cb8a35acaefe9927000f685 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nic-restricted-modules-2.6.15-52-amd64-generic-di_2.6.15.12-52.3_amd64.udeb Size/MD5: 497228 5922e6e6038e6144f2e9643bf8de2287 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nvidia-glx-dev_1.0.8776+2.6.15.12-52.3_amd64.deb Size/MD5: 167244 eb84a383434ff2a22cc68fb0ca060215 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nvidia-glx-legacy-dev_1.0.7174+2.6.15.12-52.3_amd64.deb Size/MD5: 162302 fa7b1343f60ffbc8298da3bb0f7ac206 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nvidia-glx-legacy_1.0.7174+2.6.15.12-52.3_amd64.deb Size/MD5: 6071704 db1d1a77b262ccd2e7d4bf4212919e1b http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nvidia-glx_1.0.8776+2.6.15.12-52.3_amd64.deb Size/MD5: 7328604 305ee65ddbd1e715d5c8fc0d2e411db7 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/xorg-driver-fglrx-dev_7.0.0-8.25.18+2.6.15.12-52.3_amd64.deb Size/MD5: 125880 fe13a90e72b74c93432a97c4c2ecf88f http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/xorg-driver-fglrx_7.0.0-8.25.18+2.6.15.12-52.3_amd64.deb Size/MD5: 17297042 88992a1f7adea96330b4b1909a5a0605 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/linux-backports-modules-2.6.15-52-386_2.6.15-52.10_i386.deb Size/MD5: 169386 de66f59240599c189971ff2617a32471 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/linux-backports-modules-2.6.15-52-686_2.6.15-52.10_i386.deb Size/MD5: 177254 c645c75cefa72df027ecf9992a0321d3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/linux-backports-modules-2.6.15-52-k7_2.6.15-52.10_i386.deb Size/MD5: 175374 a78aeb6390f3b9056e0ba884aa7dea73 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/linux-backports-modules-2.6.15-52-server-bigiron_2.6.15-52.10_i386.deb Size/MD5: 178040 ab1e27ab921d3c062af1d83a2711fd26 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/linux-backports-modules-2.6.15-52-server_2.6.15-52.10_i386.deb Size/MD5: 178004 36432e0be482eff2ad7d7b11e3393685 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/nic-updates-modules-2.6.15-52-386-di_2.6.15-52.10_i386.udeb Size/MD5: 90234 532960ad957a474af1d36f22c6f09d45 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/scsi-updates-modules-2.6.15-52-386-di_2.6.15-52.10_i386.udeb Size/MD5: 90404 47bdb4c98e5bec0e9987190d0abc4ff6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/acpi-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 18968 d4428c28842acd44ebbc900062265429 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 43448 09b66d5cc8ce769329e5cb1f5c5ff88a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 105204 7a968c3b6170d141b0cd6ae69d9ccb57 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 2280 724ecd00ebbddee0cedc950d13e39c7e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 34572 257f312f78de2f814a6909fb11a51be3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 96958 b7e56256c4e585f3d2b6ad110370aebc http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 37092 be752e4622e517275a340cff56052a0f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fb-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 44060 f2dc9462c8b4fb93e16f0cbbc39b5efb http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/firewire-core-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 167734 762f6dd3391cb3477c7eae7c5cf0ba8d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/floppy-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 33928 6685b0652c78ded543a1cf9e49da7c50 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 137840 7698662c1142eb2c2f94b79145ec08ae http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 46872 f91472c2465256ba325975329f7ab850 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 132966 0fe968b8f8abfcb323e2834e60c100f5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/irda-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 273450 f16f2f5c2cf9b35f5411785d1c57fc31 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/jfs-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 102252 10b945d089d0b473f999afedd1b922aa http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 1595606 0a4698dbff475bb5b82e70606f207a37 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52-386_2.6.15-52.67_i386.deb Size/MD5: 859020 2b9ebda6ae3855a7732bd3d3641bd568 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52-686_2.6.15-52.67_i386.deb Size/MD5: 858486 2e8859c47eb2536c12b47f57d1ebae95 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52-k7_2.6.15-52.67_i386.deb Size/MD5: 859998 bd6e70b3830d5219e66a5414a1665dc7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52-server-bigiron_2.6.15-52.67_i386.deb Size/MD5: 864228 d74d9ae20edecf320bb41b2e48c48e79 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52-server_2.6.15-52.67_i386.deb Size/MD5: 858828 b27f151fa2fbf48ed5b3f5f9899f3adc http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52_2.6.15-52.67_i386.deb Size/MD5: 6913986 281a26735bed07a88bcb08df8cbd717e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-52-386_2.6.15-52.67_i386.deb Size/MD5: 21709730 fae2c52a1f4def5d9335feafd8d598cd http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-52-686_2.6.15-52.67_i386.deb Size/MD5: 22506028 869a8657c02443b272666d8fb1a20a1c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-52-k7_2.6.15-52.67_i386.deb Size/MD5: 22248206 b7c51bd51c0e66825a5bb4b098588756 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-52-server-bigiron_2.6.15-52.67_i386.deb Size/MD5: 23606178 bd2a7c7353793db1baf04eb545a1241d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-52-server_2.6.15-52.67_i386.deb Size/MD5: 23170614 47e400c98cb6f4f1073a7f36842a5753 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 15502 f5a50985b9f50e270313efd51c2893b7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 238534 4c6212ceee7d24bcbc795d95bc69e828 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 196974 a9b29abd1bd7f5d1785f3544541eedca http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 1048372 82c9bfc637ebd618304f722095df5c40 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 1740976 0400bbac3c7bbe293e2430299799128a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-pcmcia-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 160808 110bfbc0ed35dedcd74bf81dfce3c965 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 9160 326fcb48a6d761e7d6fdc3395b6a05d3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-usb-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 76472 2152f88992c83e99b7c6873a2d4e5429 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ntfs-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 53252 0a9985175e890c75d41898fe2a305ff7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/parport-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 33048 bcc3df2f0b1013c1929e25ee78123640 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 85618 90b6e1f3e431ac12634cfa076eac5bd2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-storage-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 6018 7954bb0452b484484c6eb1705c23f40d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/plip-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 8758 e823e4ef623bb5340a0c10d820b0890d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 53588 0c5cedfaa84510004be3540b21780568 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 130770 7e007a7496f3bcaa2b48eb7cac38f5be http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/sata-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 98436 1bbfcdc956a8e8ef4081f8a66d553744 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 77176 58b8471224582c0f06064e11630f65b4 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 1768402 b16dff64c8931b07180dff1957b6327c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/serial-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 69552 2ecd40960f5beca9dad68467f7df8179 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/socket-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 11760 cfc0671977f053bf36c857f98bfe2f1d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ufs-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 36000 960e928198df9cc14f2b72ac6f87ac25 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 132582 a386519ba722acccea97790bc9b4032d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 38546 4324a6661a6f1969929a1fb36a428125 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb Size/MD5: 299114 41b70c88021a4251235b931f264f004c http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.15/avm-fritz-kernel-source_3.11+2.6.15.12-52.3_i386.deb Size/MD5: 3692834 595b8d31f672e6d2b5e94648da587ff7 http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.15/fglrx-kernel-source_8.25.18+2.6.15.12-52.3_i386.deb Size/MD5: 661002 63b1640dc6f25d8bbf442eaeb5e2173e http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.15/nvidia-kernel-source_1.0.8776+2.6.15.12-52.3_i386.deb Size/MD5: 1694452 ec63480260bd4686acf628b8f2d0a4d5 http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.15/nvidia-legacy-kernel-source_1.0.7174+2.6.15.12-52.3_i386.deb Size/MD5: 1401938 90d1be1d02ca2570e1ff9a53108a1062 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/avm-fritz-firmware-2.6.15-52_3.11+2.6.15.12-52.3_i386.deb Size/MD5: 1205122 63e3ce320bcceeb4b493534fd06878c8 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/fglrx-control_8.25.18+2.6.15.12-52.3_i386.deb Size/MD5: 73654 c5b237fa6f40a5e0c7c936398d10f4c2 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15-52-386_2.6.15.12-52.3_i386.deb Size/MD5: 8139028 ab19aa5d26256f4a49b2567c575a6f81 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15-52-686_2.6.15.12-52.3_i386.deb Size/MD5: 7940228 6bc6899225c548f30bb282c6fefbcd29 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15-52-k7_2.6.15.12-52.3_i386.deb Size/MD5: 7939054 c910ba191cbe2ff1d2d98053fe4cb956 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nic-restricted-firmware-2.6.15-52-386-di_2.6.15.12-52.3_i386.udeb Size/MD5: 798676 7645cf5367888c041a55cbf5b77b2889 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nic-restricted-modules-2.6.15-52-386-di_2.6.15.12-52.3_i386.udeb Size/MD5: 476148 871e3b1a338b99efc146cc9366eb887a http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nvidia-glx-dev_1.0.8776+2.6.15.12-52.3_i386.deb Size/MD5: 148028 25e50651fb1151932866f1acc8e8bfe9 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nvidia-glx-legacy-dev_1.0.7174+2.6.15.12-52.3_i386.deb Size/MD5: 140470 cbe30a4e6fa074a07309cff5132626f2 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nvidia-glx-legacy_1.0.7174+2.6.15.12-52.3_i386.deb Size/MD5: 3060728 3a15df06c905db7f71f027207c5e88e2 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nvidia-glx_1.0.8776+2.6.15.12-52.3_i386.deb Size/MD5: 4063682 fe3a1277228b560e712727679f593062 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/xorg-driver-fglrx-dev_7.0.0-8.25.18+2.6.15.12-52.3_i386.deb Size/MD5: 111310 3fd2866dfad94c7765e6abb204fcb612 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/xorg-driver-fglrx_7.0.0-8.25.18+2.6.15.12-52.3_i386.deb Size/MD5: 10557498 51bf0387f432ed54accfa5c826c506fe powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/linux-backports-modules-2.6.15-52-powerpc-smp_2.6.15-52.10_powerpc.deb Size/MD5: 185626 edd40cd6bcfb7d3b3e7e0c2fad187dc4 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/linux-backports-modules-2.6.15-52-powerpc64-smp_2.6.15-52.10_powerpc.deb Size/MD5: 203454 6f359968188452ef0a9f7a47f2bc906b http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/linux-backports-modules-2.6.15-52-powerpc_2.6.15-52.10_powerpc.deb Size/MD5: 183962 8899aea634394a432632795a0dab6848 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/nic-updates-modules-2.6.15-52-powerpc-di_2.6.15-52.10_powerpc.udeb Size/MD5: 98104 2f7a355c7da2fe10c4e09e7b9ff57627 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/nic-updates-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.10_powerpc.udeb Size/MD5: 121798 b21635edd66e1723b2613f336da66c8d http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/scsi-updates-modules-2.6.15-52-powerpc-di_2.6.15-52.10_powerpc.udeb Size/MD5: 103292 290aefd555053af550427729d243bd34 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/scsi-updates-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.10_powerpc.udeb Size/MD5: 112204 ee138e7f1bcf34a4521a3e0df2da6aec http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/affs-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 23730 bafae4f6b819e29a91cd933f137dbee6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/affs-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 25944 e19db8be47babd9bf1499a78d9ff15e6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 49308 e146b2a92e8f0e07164a7c9cff823ace http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 51516 9925e90269a01bd21dd3c54ff6642e45 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 2302 c500d101fcce3284f388ba0021517811 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 2478 4fd66e5160f5aae620afe96a8272390f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 40186 da2f5a32687c2f750206d2061dc63f80 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 43754 ed7b4e37cce3baf959c15cdbc2b98bfb http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 112598 4a2ff713c81aa3682d62f41d3b6243a1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 120652 6271a631ab6ceae1fafb4285f39d5d61 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 40848 88aecdbe93d317449c0ec94131afc1d6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 45942 3eee30e2488a40f350925e08f2ce92a8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fb-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 29022 a283d73e23a684b192ae938631669212 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fb-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 29894 1a360f1958fcd42894a77c8784eb84f5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/firewire-core-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 211398 becd75f98073840525214ae1c4fafa06 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/firewire-core-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 225200 058c9c8645b2068508a97f2740f6234c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/floppy-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 45054 2626be12e63debc289a31b51a9034dc8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/floppy-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 40210 3eb61d86887039d2958fcff75b64dec1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fs-common-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 1934 1454a948886eea5d833fec5846bd0e6a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fs-common-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 2196 c49c45ecafeb391ee281333f4afef63b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/hfs-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 80608 64e955478edb55a6b9c16d3e6ceae72c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/hfs-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 85960 d7b342ae619eecffa1175394541247be http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 111632 e550b1816f61b16b4c5144f7a0b35dd3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 125776 844c66cbc66605eb82f75e23f339a29f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 53404 faa41b9e613f37a472d120528df77530 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 58476 57cc72611a1491286e1c1dbb2c59683f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 147760 cc53b9050ec43a8be5c2fd324930109c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 161706 dd3b423f109d3a038d69e59428339c36 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/irda-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 317482 a4585a426ce71864308dfbbb654003c6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/irda-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 287578 bad62b03eaa33f90e5781ce66418321f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/jfs-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 115852 af781795a328154d7d18723622483c27 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/jfs-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 116516 fba37884eb62c2bb4e3d80be97364328 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 1923634 2ad21fe5b3130be19104739d8c21af45 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 2436304 fe1b77572b869ff3581ce308a08328e8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52-powerpc-smp_2.6.15-52.67_powerpc.deb Size/MD5: 871692 b53dc4f8bfb05db45bc2b7159bcec9e2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52-powerpc64-smp_2.6.15-52.67_powerpc.deb Size/MD5: 871228 fd1ff1169304220802a98cabdc359372 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52-powerpc_2.6.15-52.67_powerpc.deb Size/MD5: 866352 dfb1f043c87f244459bc0af06126ffa5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52_2.6.15-52.67_powerpc.deb Size/MD5: 6943480 1258b9362939477454f7261a4c13d890 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-52-powerpc-smp_2.6.15-52.67_powerpc.deb Size/MD5: 22774270 3bfefe03a694939bae93a233b64d1f6b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-52-powerpc64-smp_2.6.15-52.67_powerpc.deb Size/MD5: 23664326 5b31b6d396b849636292e7043a4611a6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-52-powerpc_2.6.15-52.67_powerpc.deb Size/MD5: 22348144 5213ef717d34a6d8bb4f506f0fec3b26 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 17780 b0e265505fb1bd0453d03edb2cb5426f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 17372 cdd2956b96258f82dbb8f668b464e37c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 261264 1975724b533e96481dd6906fc384a0ff http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 282496 f62273e6089393c90ea51b6f95218280 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 227454 dbc3fe1f8d75dd2973446141b925ce2a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 248664 64c26003076ca1201d79313688cc7039 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 1048458 ffc37e2c7ed2f294a02c250e689b54a2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 1048580 22a6b57fc17ec95380e8f2f4d72b0af6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 1737720 462902297ae37f6e081d6b48e45de15a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 1877414 5c369eb9af92233f54092b7cf2825507 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-pcmcia-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 250930 faac4c4f3b46c3ec3b6bc8e04d800748 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-pcmcia-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 233674 594d3e744920b4e6cd776b7f20515d49 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 13032 c01ba80cd1249d8af8819276f46d1c5e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 13522 7693bec428e9a07f30070db7df241e89 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-usb-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 84832 4b8ed4a1b5096797af1c01f42cf1312a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-usb-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 52186 c9f8e4dbc56681db68d0b1b182c00fbc http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 73924 03a0e9b0752b8b8580b9952cd2fba4f4 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 85838 34bc729811018bd09664fcfeb9d03db6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-storage-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 6614 9fd2a1d6903afe55930f6669a04cd114 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-storage-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 7062 e56de4812f4da9b9e1c4741fb5066fdf http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 60358 df0a203e8212f473557900df240a9d50 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 70346 c242bb51750263d67282f2bfcab2ac3a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 128538 117433fce2532d394c1b474367c71e6a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 157788 d7e5c445c7af7f110588c2bc9f0fb29b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/sata-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 108036 2815ba8053c87b229ac39933295e2f11 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/sata-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 126056 7e632cf1ae8fe20130ec287c454dcabf http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 87298 60c6c5d3144579569de99ff84450790f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 93304 1951df808f7bc6ae0c36c17bf9fe4b10 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 2013954 7d06ed44aa7beb09a1eb08efb541025f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 1988040 32ec754026d6f8f6ab81dcfaef222b82 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/serial-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 104106 9af2db11a4ff42e09bab375304b42bbc http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/serial-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 115698 8849c21b901df3bd1a8c920ea7a1324e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/socket-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 12734 41664c2c832d96647ee317ff21cb782f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/socket-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 14432 896df8d28f56e236b1a520140829d353 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ufs-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 39948 108a2f64b5b0b0d4faa9c40c76281a1e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ufs-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 41464 5f919e671b76f55b57c9d5e0ef79f18e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 149316 ffbd1581cbd0e311836a81dd758ee03a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 168082 74195d6b16d3f930bb8a6a4c10340463 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 42262 925d969199a9002cd81156d4cc3b899f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 44862 1582101a87737c696a538ed0d92fe264 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb Size/MD5: 320286 ca366a6cd2422bba2ce24e6a8935b4da http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb Size/MD5: 324716 ee0f3870540ef254de0d9378c66397e3 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15-52-powerpc-smp_2.6.15.12-52.3_powerpc.deb Size/MD5: 1340274 d3c1ea04d4a5f99b3de867f55e0159b1 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15-52-powerpc_2.6.15.12-52.3_powerpc.deb Size/MD5: 1335414 6f90faf30c0f0f8dabacd51929cfd0cf http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nic-restricted-firmware-2.6.15-52-powerpc-di_2.6.15.12-52.3_powerpc.udeb Size/MD5: 798764 4071886c6215c22e4496ab9b8cdfd0e2 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nic-restricted-modules-2.6.15-52-powerpc-di_2.6.15.12-52.3_powerpc.udeb Size/MD5: 508404 77282618d7de69192b3454dc6a755413 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/linux-backports-modules-2.6.15-52-sparc64-smp_2.6.15-52.10_sparc.deb Size/MD5: 186944 deac3ddc394261c31894b2b350b491d9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/linux-backports-modules-2.6.15-52-sparc64_2.6.15-52.10_sparc.deb Size/MD5: 185516 b815ad36987028ff6dcf8e0889e48ae3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/nic-updates-modules-2.6.15-52-sparc64-di_2.6.15-52.10_sparc.udeb Size/MD5: 100670 eb4ab70462b50bcf7e614b4b03b88760 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/scsi-updates-modules-2.6.15-52-sparc64-di_2.6.15-52.10_sparc.udeb Size/MD5: 105832 23739442c690623b0070062ee0ab255a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb Size/MD5: 50464 2b4cbadad1f1a9b25d98994fd2ef9ad3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb Size/MD5: 2352 177ea4a5a957fc0af1009f43f5675c47 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb Size/MD5: 40322 ff3a3117839dd36e8b625ef60863e52a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb Size/MD5: 110518 e1aa12134ab3fa21bda1a1b87af00703 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb Size/MD5: 41170 5176277d9c10e5a6714353953d08db38 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb Size/MD5: 104232 5db5dfeaa4b8550bd7eececbd765e104 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb Size/MD5: 7432 f7d3b9cb1c8b1a80e8570a8f6a24ef29 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb Size/MD5: 149016 4099cb20f575606ad7bcad3ec54e5916 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb Size/MD5: 1707920 68bbd4cda5113476731a2b74cb51dce9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52-sparc64-smp_2.6.15-52.67_sparc.deb Size/MD5: 768974 08ae76621d41766c99741d3c2fe36109 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52-sparc64_2.6.15-52.67_sparc.deb Size/MD5: 764708 14b683cf3884a8117ad68198ea996861 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52_2.6.15-52.67_sparc.deb Size/MD5: 6958650 b471540d77edfdf4d81a6168ed3d1910 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-52-sparc64-smp_2.6.15-52.67_sparc.deb Size/MD5: 15003738 10899c77cec105edf1f8a9fbe29b9244 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-52-sparc64_2.6.15-52.67_sparc.deb Size/MD5: 14821832 a451316e0b171f1cacad49e94638e03d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb Size/MD5: 7420 77f554ffc62be87d34ca5b82dc2ac6f4 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb Size/MD5: 248676 31f51fe66bf5f1eea3555ceae5be642c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb Size/MD5: 212258 bdbd80ea31dd1eda1b2dcf3f4b321706 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb Size/MD5: 1048456 c9fb8123dfe5103239b40e775e21ee57 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb Size/MD5: 1481828 e82ed81cf6cd3bf54fea8055e5c28043 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb Size/MD5: 10118 67cd4cc9006195c5d51a36b931daafd5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/parport-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb Size/MD5: 40178 562aa33225baf0ec83caafdfe73423e6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/plip-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb Size/MD5: 9360 aa8331b3eaa227b21172bef6a2cc6d99 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb Size/MD5: 61434 ca7a64fe2897c1fd0222d296b2f80ac8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb Size/MD5: 163010 85b771d6fdc6b1169d5ab763ae942e0f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb Size/MD5: 63986 4f889a61f86c3d809e47bce1b48b4aee http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb Size/MD5: 1235084 542ba4933f965846516690eea419dec8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb Size/MD5: 59350 8342814c277e3041b900a770bb45b59f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb Size/MD5: 37396 844833e2c84f080810e27fa65e7caba0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb Size/MD5: 280070 bc70d76611118d743bd7a3e4895e373b http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15-52-sparc64-smp_2.6.15.12-52.3_sparc.deb Size/MD5: 828134 ff32a8aa76a07003aae33dc835fae59f http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15-52-sparc64_2.6.15.12-52.3_sparc.deb Size/MD5: 828052 81fa3eb580ecc71da7da9e6e9a34775a Updated packages for Ubuntu 7.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/linux-backports-modules-2.6.20_2.6.20-17.12.dsc Size/MD5: 1830 ee053f39bcc59b701002b82a2f1142b7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/linux-backports-modules-2.6.20_2.6.20-17.12.tar.gz Size/MD5: 214716 a4ba6d17d1ca9fc3919d6a93c3b93006 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-source-2.6.20_2.6.20-17.36.diff.gz Size/MD5: 1605830 f97c70596b4a1c07a42a1f7459c5470b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-source-2.6.20_2.6.20-17.36.dsc Size/MD5: 2472 6f8fb4f7127a66e87321c19a4853f91b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-source-2.6.20_2.6.20.orig.tar.gz Size/MD5: 62174876 f19203b2488d943a640abe8f3cd20f57 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/linux-restricted-modules-2.6.20_2.6.20.6-17.31.diff.gz Size/MD5: 107789 78e768b26348b89c3990418e43ac1a82 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/linux-restricted-modules-2.6.20_2.6.20.6-17.31.dsc Size/MD5: 2683 db1ca1e3fe165edb5686d5c72e5cecab http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/linux-restricted-modules-2.6.20_2.6.20.6.orig.tar.gz Size/MD5: 139814900 ab2c852e27c86d11d0156920ca5f8d56 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-doc-2.6.20_2.6.20-17.36_all.deb Size/MD5: 4878228 eb8bdcbfc83b2bb63fd8b89fdbddcc1e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-kernel-devel_2.6.20-17.36_all.deb Size/MD5: 86074 51908b87928f5c45caa9e653cd23621e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-source-2.6.20_2.6.20-17.36_all.deb Size/MD5: 47829976 380a8bbde35a67a38600479e12ced4f5 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/linux-restricted-modules-common_2.6.20.6-17.31_all.deb Size/MD5: 21782 cb5f5829ce6104fbb47192ee619c3865 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/linux-backports-modules-2.6.20-17-generic_2.6.20-17.12_amd64.deb Size/MD5: 84016 046b408466c3ad9cb2963634c15fcaf7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/linux-backports-modules-2.6.20-17-server_2.6.20-17.12_amd64.deb Size/MD5: 83900 c077d33308773f0d98c7270f631148ec http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/updates-modules-2.6.20-17-generic-di_2.6.20-17.12_amd64.udeb Size/MD5: 84310 e0063a1e0ac8cd869577ff79e34f0498 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/acpi-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 24498 83d220d8424f7f5dd858a804198d9505 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/block-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 202082 4c0872eb2c550fe8de39973db0d98e8e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fat-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 39354 2591f7379f4e296433ed8bfead9e2b95 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fb-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 50908 928fd03a9ccc2edeb8504d4dd9e47633 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/firewire-core-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 187506 f6bf3e342f0263535c9ca41f410a8fa9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/floppy-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 34910 dcc7af80943547b0f75299ee5dee5d37 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fs-core-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 644402 d695410618b99ae784fbee8fe1c72345 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fs-secondary-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 174670 177a305dfc124bb636fd2d5acc663af9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ide-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 76422 080143b9afe7d15f3e59095535394ce7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/input-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 57888 fc2d61caa7ed5d30e101a102989bc51e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ipv6-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 140010 c608eb9689d31f285c8fc2e2b92d4858 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/irda-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 277468 35d83db663c60bf2171279255ca65145 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/kernel-image-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 1904118 1c3f6df9f72926afe461cca5b6926aaf http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17-generic_2.6.20-17.36_amd64.deb Size/MD5: 857786 3a3284f60874c75d4641b22cc1034fbe http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17-lowlatency_2.6.20-17.36_amd64.deb Size/MD5: 857068 8f055119b227038a319b0d1bc6298001 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17-server_2.6.20-17.36_amd64.deb Size/MD5: 856470 cded6b39e168be3a267c377744242113 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17_2.6.20-17.36_amd64.deb Size/MD5: 8130814 e225cd619d90a28cd2a06448e94fbac1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-2.6.20-17-generic_2.6.20-17.36_amd64.deb Size/MD5: 23065906 0bb094b3e3e33dd870d11a24264bebec http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-2.6.20-17-server_2.6.20-17.36_amd64.deb Size/MD5: 23388296 6e4364f4c3e0c83b9227333a63273efb http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-debug-2.6.20-17-generic_2.6.20-17.36_amd64.deb Size/MD5: 18428992 bfb0e2d482378ce4fd82314938976d14 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-debug-2.6.20-17-server_2.6.20-17.36_amd64.deb Size/MD5: 18702670 84607703fab1742f0cc794012047413e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-libc-dev_2.6.20-17.36_amd64.deb Size/MD5: 669118 d9c3d7bfb62b823d98b17c0b5808747e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/md-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 246430 e1adefaf889dd8b6f7d893cf9ba6e72a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/message-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 144482 79e0151386812271e8842e22e1e53e85 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nfs-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 225134 4fd97d2c39caa88726f4c8f3e69c3af0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-firmware-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 1110528 4a3d2217a7cc1f0ab1d5c871d380e0fd http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 1754794 dd8aa6f7e4887a33835894b72b830f57 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-pcmcia-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 140910 716411a33647dacbb9d6f36987616414 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-shared-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 163384 a9453d5d98d01dacb394f08b974bc5e9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-usb-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 265716 e9d69ef9af3e1b382ed7a93447d54246 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/parport-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 34300 387b7ce88b201bf30fd85094dacce3cb http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/pata-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 38444 30ad6ce1a65789a06c44db484ec2fc40 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/pcmcia-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 67682 89f6dd1781e6fbb20cabe9d6e3f00f73 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/pcmcia-storage-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 20962 5599c63ef7510aac1462b411a176c961 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/plip-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 8328 e32be0998506e928aa8bde678536f738 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ppp-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 54578 6eae6d7521ff4f0cb7dc415a12a7eb2c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/sata-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 86018 6915f222ab03d798c242b6483499b8d1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/scsi-firmware-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 322570 a9b6d4c17f077f143b34c43afec20f82 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/scsi-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 1046832 e05164c749d0bf41ac30e373305af62d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/serial-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 43974 920cce83c5fe4a05913f7da88ccd31ac http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/socket-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 12018 0506e4f214ab149362b54e5bb4cf69ae http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/speakup-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 61918 b61a0a87f6fcb62c514dadad3b7ab4e6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/storage-core-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 377838 7a7bc188d85a8963cd573484c411ea81 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/usb-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb Size/MD5: 66658 83ced3e583998815ea676b567d634e1b http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.20/avm-fritz-kernel-source_3.11+2.6.20.6-17.31_amd64.deb Size/MD5: 2131262 4223aeb6ce81e492aefe65f54224c44a http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.20/fglrx-kernel-source_8.34.8+2.6.20.6-17.31_amd64.deb Size/MD5: 217878 3cae80df9595d6b7f74b006ad973763c http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.20/linux-restricted-modules-2.6.20-17-lowlatency_2.6.20.6-17.31_amd64.deb Size/MD5: 13550948 0a272201cfa95745ba7901330809f1fb http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.20/nvidia-glx-legacy-dev_1.0.7184+2.6.20.6-17.31_amd64.deb Size/MD5: 163996 5c317968914b891bee9324f06196bac0 http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.20/nvidia-glx-legacy_1.0.7184+2.6.20.6-17.31_amd64.deb Size/MD5: 6069522 51ab4ccd9b011259d5d1e38652e7b825 http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.20/nvidia-kernel-source_1.0.9631+2.6.20.6-17.31_amd64.deb Size/MD5: 1860088 159dc95ed774f2500e38614f09bf9df3 http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.20/nvidia-legacy-kernel-source_1.0.7184+2.6.20.6-17.31_amd64.deb Size/MD5: 1384748 40c8107290253b0eaa833e03c269dc26 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/avm-fritz-firmware-2.6.20-17_3.11+2.6.20.6-17.31_amd64.deb Size/MD5: 478354 adef863c988defae88838f04655fdfc1 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/fglrx-control_8.34.8+2.6.20.6-17.31_amd64.deb Size/MD5: 80422 6fc9d1603c409c335b2c2ba44f709ac0 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/linux-restricted-modules-2.6.20-17-generic_2.6.20.6-17.31_amd64.deb Size/MD5: 13537128 459552ec904aa5d19def26cc27f2f268 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nic-restricted-firmware-2.6.20-17-generic-di_2.6.20.6-17.31_amd64.udeb Size/MD5: 966300 fdb989c1ea5c525f5d19d428670270bb http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nic-restricted-modules-2.6.20-17-generic-di_2.6.20.6-17.31_amd64.udeb Size/MD5: 1942518 37a0f6de40f21cceed0ed442ec0defe4 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nvidia-glx-dev_1.0.9631+2.6.20.6-17.31_amd64.deb Size/MD5: 176226 342d5577d90cfaa204c7d6bbe4bde381 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nvidia-glx-new-dev_1.0.9755+2.6.20.6-17.31_amd64.deb Size/MD5: 176654 b33320a686ca2b8bf2726902decaa904 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nvidia-glx-new_1.0.9755+2.6.20.6-17.31_amd64.deb Size/MD5: 8682258 f78d47759f71aab0cc0cd34688c5be1f http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nvidia-glx_1.0.9631+2.6.20.6-17.31_amd64.deb Size/MD5: 7995534 20d837b318cf3fc366508de6def3f67d http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nvidia-new-kernel-source_1.0.9755+2.6.20.6-17.31_amd64.deb Size/MD5: 2525496 9a28bf56d5d594a60036aad4076a8fb1 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/vmware-player-kernel-modules-2.6.20-17_2.6.20.6-17.31_amd64.deb Size/MD5: 1068838 daa14f0e96bc830293c8d33f8ce281d7 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/vmware-server-kernel-modules-2.6.20-17_2.6.20.6-17.31_amd64.deb Size/MD5: 1630294 50e4ec261ba923c8141c1be34188b81e http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/vmware-tools-kernel-modules-2.6.20-17_2.6.20.6-17.31_amd64.deb Size/MD5: 357824 db0e5a5d2b3168a63ac78661f0f26050 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/xorg-driver-fglrx-dev_7.1.0-8.34.8+2.6.20.6-17.31_amd64.deb Size/MD5: 147092 cee36d8e57c8c4308764ccc0eb7f67fb http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/xorg-driver-fglrx_7.1.0-8.34.8+2.6.20.6-17.31_amd64.deb Size/MD5: 9822876 d6f3a88b6185f9af8c4fc2c11383516c http://security.ubuntu.com/ubuntu/pool/universe/l/linux-source-2.6.20/linux-image-2.6.20-17-lowlatency_2.6.20-17.36_amd64.deb Size/MD5: 23127496 7512c6818a2cfb363e6de96c7a0fd933 http://security.ubuntu.com/ubuntu/pool/universe/l/linux-source-2.6.20/linux-image-debug-2.6.20-17-lowlatency_2.6.20-17.36_amd64.deb Size/MD5: 18482084 77c7bb1c7b37a9f180a67a3d4c4c615d i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/linux-backports-modules-2.6.20-17-386_2.6.20-17.12_i386.deb Size/MD5: 86842 188cca44b7e7428066a02673f719eddb http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/linux-backports-modules-2.6.20-17-generic_2.6.20-17.12_i386.deb Size/MD5: 87360 e232efb909fa8c310f2c0d7b14ce15d1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/linux-backports-modules-2.6.20-17-server-bigiron_2.6.20-17.12_i386.deb Size/MD5: 87868 f40955e4ca733e6666184c3ca70055e1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/linux-backports-modules-2.6.20-17-server_2.6.20-17.12_i386.deb Size/MD5: 87818 2ca82b0ef30a59b7c44e7859e6391031 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/updates-modules-2.6.20-17-386-di_2.6.20-17.12_i386.udeb Size/MD5: 84182 5e576f3aea901f6140d308474a09c6a0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/updates-modules-2.6.20-17-generic-di_2.6.20-17.12_i386.udeb Size/MD5: 84886 38236107ff8f5fe920efc4c8279d1964 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/acpi-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 20326 9164e0834ec52ff52488e431cd540f3a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/acpi-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 22892 cb6a438e822597816ca22eba4d027117 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/block-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 210082 1114f0c2617cf8a7e7b12307cb7fdcda http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/block-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 212234 b4389be66b9a2de24aa47f1fca764075 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/cdrom-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 88686 2b33f5bf88e9cbccdca938a41d024cf0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/cdrom-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 35624 af9e722096a6e8bb396d9f5bdf2644c8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fat-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 37736 0a3798e29dc9017614910743ff71fe86 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fat-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 38408 019a0be0f53df06a8510084404e413cd http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fb-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 45640 764c449147614d444f5bd809cfe741c2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fb-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 45798 8451b700451bc4c3fb1fd436e8aff28e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/firewire-core-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 179460 3ee7930d30e01f2d7ac05fe0ad56d675 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/firewire-core-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 179826 6bbdde505787788aacad92568ca06b14 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/floppy-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 32100 3958d982992556c2eea54ac8b0aedf75 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/floppy-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 32432 369e2795e856b352702be2c90db9460d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fs-core-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 648592 fef7358c65f78d2f8796780cbec46730 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fs-core-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 667482 c36df77a008193efc98e7dcfe83cbb46 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fs-secondary-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 178208 5eb5a994fb3dc3d429e8e59dfc5ef870 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fs-secondary-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 181296 6deb4719a42de6f54f76b83bcec75f80 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ide-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 72396 bc422bb9a10152ab919a8d5232cd3646 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ide-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 74040 91fecfc61f8b9208abbc4b9542ac5751 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/input-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 53576 2f7e777ae61ffd13d738579fc2732d25 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/input-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 54782 f9cb368f9476cb00e5ea50e90fea9cf5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ipv6-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 129208 2561a2e204d0f0cf1be3fe933c583cd3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ipv6-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 134862 38d76d10a700c21dac765cccb137416d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/irda-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 275954 b6e9b4df7533754ccc73f4b74b629b34 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/irda-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 274956 94996c553bf55ea5457c588cb5a8d490 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/kernel-image-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 1816146 cb9e49c3cf63514cf0e2c8566d34f355 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/kernel-image-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 1886462 cdaa4d27814274989b6a5083e99d1468 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17-386_2.6.20-17.36_i386.deb Size/MD5: 848474 cf3ef71c1ab7b2d98e4165c9c1f50b95 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17-generic_2.6.20-17.36_i386.deb Size/MD5: 841798 11cc8e6ca8752a4b5aa003256653f673 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17-lowlatency_2.6.20-17.36_i386.deb Size/MD5: 848690 3849d43f5d59f12f9858efa36c2e63a7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17-server-bigiron_2.6.20-17.36_i386.deb Size/MD5: 844936 b934d25879e62864a5472939edf41804 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17-server_2.6.20-17.36_i386.deb Size/MD5: 842824 a20ea95041deebdf0f3f78677962c120 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17_2.6.20-17.36_i386.deb Size/MD5: 8120852 9cf19d50af64fa5402f5ee0b28f2d8b9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-2.6.20-17-386_2.6.20-17.36_i386.deb Size/MD5: 23747822 05e00a5b92c8095dab78c1869f8c5b92 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-2.6.20-17-generic_2.6.20-17.36_i386.deb Size/MD5: 23815004 077ca83a6f88ed749e6f27614c1392a9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-2.6.20-17-server-bigiron_2.6.20-17.36_i386.deb Size/MD5: 24376484 2b4e84bee148e87c0eb01e032552d4eb http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-2.6.20-17-server_2.6.20-17.36_i386.deb Size/MD5: 23866964 2e4c61c3b57ed209bd4e2e6a81a5ae97 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-debug-2.6.20-17-386_2.6.20-17.36_i386.deb Size/MD5: 23590486 b90067007b1c07dd79d7284497755547 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-debug-2.6.20-17-generic_2.6.20-17.36_i386.deb Size/MD5: 24169290 94ce3aa4d7e7f240e9396b3833d797ed http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-debug-2.6.20-17-server-bigiron_2.6.20-17.36_i386.deb Size/MD5: 25665260 c8e1bd368b1da472152f9fdb024fffbf http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-debug-2.6.20-17-server_2.6.20-17.36_i386.deb Size/MD5: 24395356 1291ec15c480d18c926af098dc86d78a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-libc-dev_2.6.20-17.36_i386.deb Size/MD5: 669136 984e8b38450985659cdde7c8078f62e5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/md-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 244612 c9fe618b2c386c8a0e3b93c700f846d5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/md-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 250160 d77ad34335e0332b8ae62f472d04319d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/message-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 132546 04cb386d3b29d3f85d97b08fff95c12b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/message-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 133070 753d1a7b4118661907b670cc93866118 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nfs-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 213366 aabe85be12c68a079e03b8781567e506 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nfs-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 220780 2e08b3d087dc753bae16ad4b9129f871 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-firmware-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 1110422 393e5139ecad7796bc8b72ca03a29731 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-firmware-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 1110530 c36dcc035ef324964739d43ed3730e94 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 1951210 ceb7460c3af74d76337bd3eceafd18f7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 1974680 62564aa09706a756d9061fc141b0379e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-pcmcia-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 149848 85c4f4be8856a6e29743e1a738d2f933 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-pcmcia-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 142494 1b4a54e2cd488b1533536e85c0b22d8a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-shared-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 160754 761a44199326e79f428f93b9bf1de34b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-shared-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 161952 df5dfac32aac66a50b8015b8bbef1d61 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-usb-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 252928 9278357037422699cc8d417d831d9719 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-usb-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 255510 188e6909c6f36c5e92ee0f780bde1367 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/parport-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 32760 a02f028dd76e530920de4164aa1ef686 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/parport-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 33328 511c6543e5aa044297a67b62c1c88fa3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/pata-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 38018 82accd7c72f15c613cddfb318cddadcb http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/pata-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 38314 954c2e9d314276f13d499bff665bfde7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/pcmcia-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 81850 29805b33afc8664363d142368568df5d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/pcmcia-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 82108 96aee6a89a0b04ba3e3760db4ddac78e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/pcmcia-storage-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 47686 6ba37e2bf10918c95db76ac2d417663e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/pcmcia-storage-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 47708 2ccca5eb028aef1ac3f07078b654e967 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/plip-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 8258 28b6853ce133922673a62d68359209d8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/plip-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 8496 05daa9534a6d99cd44b17b62109eb39f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ppp-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 49948 d5382680a57228bd677edfaece400b3e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ppp-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 51870 09303feef1283d5b2cc31040af2e5270 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/sata-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 78846 438aaabd87a1ea789fc3be3e33ab8646 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/sata-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 79490 b0a0f74d52305a342d3bcfb9504181ab http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/scsi-firmware-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 322546 26c7b5500cea5aa9f4e70f3da2f6fef0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/scsi-firmware-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 322570 0501a223e9a70712006f13d13431659a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/scsi-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 1362474 f67e3a7dfaa82f5412792bfff3316500 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/scsi-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 1348042 fb9f6d6ccc587b2113876624bcfef226 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/serial-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 42458 84eb68966a8c2dd68c2b4722efb34bde http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/serial-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 42232 2c57cdc8bd71b4dce9f1cb1a7308bb52 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/socket-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 10762 cead5edaa9fd8608035ea7c71cc7cc7c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/socket-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 11400 93ec5d7e1628428ce1d4fabe4ebd49ee http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/speakup-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 55992 4e5e603c5574b3b614b92a640d305c77 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/speakup-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 56890 fca150d57bce6f91574676ce771865ef http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/storage-core-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 360300 bd62f504c6b28fab113f63a96a8fa2ba http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/storage-core-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 363212 524d7cfe4ae30d28eb3c2320dd64359c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/usb-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb Size/MD5: 63168 450d97c982ac79e92a1bb2f4560be1ea http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/usb-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb Size/MD5: 63836 13f5e0b9090bd7b2866a46f978360142 http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.20/avm-fritz-kernel-source_3.11+2.6.20.6-17.31_i386.deb Size/MD5: 3427088 a0644c93a95cbadc3e05a936d07866bf http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.20/fglrx-kernel-source_8.34.8+2.6.20.6-17.31_i386.deb Size/MD5: 217868 bb15afa23bee098b2c73ccabf16aeed0 http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.20/linux-restricted-modules-2.6.20-17-lowlatency_2.6.20.6-17.31_i386.deb Size/MD5: 16103192 933fbffa39a9db8812c197356906e8ba http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.20/nvidia-glx-legacy-dev_1.0.7184+2.6.20.6-17.31_i386.deb Size/MD5: 143102 9323142a37e668ee9f1201250f392f98 http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.20/nvidia-glx-legacy_1.0.7184+2.6.20.6-17.31_i386.deb Size/MD5: 3064282 0566dcf2de8751dee79339a5b7d86d90 http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.20/nvidia-kernel-source_1.0.9631+2.6.20.6-17.31_i386.deb Size/MD5: 1763250 0f0cb7cb6f68759e3052cdad1f1ca473 http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.20/nvidia-legacy-kernel-source_1.0.7184+2.6.20.6-17.31_i386.deb Size/MD5: 1376080 39281eee5e0b5d6ea831675349ee365f http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/avm-fritz-firmware-2.6.20-17_3.11+2.6.20.6-17.31_i386.deb Size/MD5: 1207908 b07a58f361554e355338ca08d44e8554 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/fglrx-control_8.34.8+2.6.20.6-17.31_i386.deb Size/MD5: 77680 b30bcb45b4d6f7421ef5fb757554d830 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/linux-restricted-modules-2.6.20-17-386_2.6.20.6-17.31_i386.deb Size/MD5: 16340226 0e7dd6aacb36a5601e80ba98555edc11 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/linux-restricted-modules-2.6.20-17-generic_2.6.20.6-17.31_i386.deb Size/MD5: 16096356 77590a41029409066d5093fcdf1127e9 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nic-restricted-firmware-2.6.20-17-386-di_2.6.20.6-17.31_i386.udeb Size/MD5: 966226 3a154fc15eecb9458f89939015ce51de http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nic-restricted-firmware-2.6.20-17-generic-di_2.6.20.6-17.31_i386.udeb Size/MD5: 966294 cb62f0ea1152f4c9c890b80e4427521e http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nic-restricted-modules-2.6.20-17-386-di_2.6.20.6-17.31_i386.udeb Size/MD5: 2120570 11bc64fd197a751a742a6956ae0fd9a6 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nic-restricted-modules-2.6.20-17-generic-di_2.6.20.6-17.31_i386.udeb Size/MD5: 2160580 6d566ca1acbd7fc9b5f795daeeaedd88 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nvidia-glx-dev_1.0.9631+2.6.20.6-17.31_i386.deb Size/MD5: 156130 bd651a0a3892fdc3d5ff187cc0a45488 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nvidia-glx-new-dev_1.0.9755+2.6.20.6-17.31_i386.deb Size/MD5: 156600 5a124f9290921dac4d77a349b3ac070e http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nvidia-glx-new_1.0.9755+2.6.20.6-17.31_i386.deb Size/MD5: 4833270 1e6deb4cfbd5cbf29d8f79b0e597c454 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nvidia-glx_1.0.9631+2.6.20.6-17.31_i386.deb Size/MD5: 4492558 c56ab1045d05d8560a41a7b87e2a1c39 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nvidia-new-kernel-source_1.0.9755+2.6.20.6-17.31_i386.deb Size/MD5: 2454162 55179cc72ce26c101aedb84841e1eb08 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/vmware-player-kernel-modules-2.6.20-17_2.6.20.6-17.31_i386.deb Size/MD5: 1666848 ebb6fbab6e18332d046fa0d79abc9c0f http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/vmware-server-kernel-modules-2.6.20-17_2.6.20.6-17.31_i386.deb Size/MD5: 2860690 ae88be47f7596e2c8316f4e3a22377ec http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/vmware-tools-kernel-modules-2.6.20-17_2.6.20.6-17.31_i386.deb Size/MD5: 760492 a392956778451398b8da03b1c79bc051 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/xorg-driver-fglrx-dev_7.1.0-8.34.8+2.6.20.6-17.31_i386.deb Size/MD5: 130326 755509fec142e17ce0dd45b9e929064c http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/xorg-driver-fglrx_7.1.0-8.34.8+2.6.20.6-17.31_i386.deb Size/MD5: 6143092 6d6f3014f01f78b0dd8783366bc5563f http://security.ubuntu.com/ubuntu/pool/universe/l/linux-source-2.6.20/linux-image-2.6.20-17-lowlatency_2.6.20-17.36_i386.deb Size/MD5: 23844798 a165f36a05f57654361b4646218e9e9e http://security.ubuntu.com/ubuntu/pool/universe/l/linux-source-2.6.20/linux-image-debug-2.6.20-17-lowlatency_2.6.20-17.36_i386.deb Size/MD5: 24183826 a75c933ed52aa1c39a22bec126889627 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/linux-backports-modules-2.6.20-17-powerpc-smp_2.6.20-17.12_powerpc.deb Size/MD5: 93372 810566bb7bb90b911ee2dc796e8c6cfd http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/linux-backports-modules-2.6.20-17-powerpc64-smp_2.6.20-17.12_powerpc.deb Size/MD5: 118178 08fecf5875b7515466304a5e556d9c82 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/linux-backports-modules-2.6.20-17-powerpc_2.6.20-17.12_powerpc.deb Size/MD5: 92842 4d4192118b9b0f015678bfcd21e6445c http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/updates-modules-2.6.20-17-powerpc-di_2.6.20-17.12_powerpc.udeb Size/MD5: 95164 2c39459a0a423d23a74a52229d48d9cd http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/updates-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.12_powerpc.udeb Size/MD5: 130572 82ae1b3368e8e7779670bd70196cde66 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/block-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 328832 592f394abdc8a41de6f89a16aa8dceed http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/block-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 325582 d502b2644f843efde702815b028c1618 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fat-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 41184 31ce69aa1a6c5a51fb21dd2546ddb7d5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fat-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 47450 6fbc8b234f4b98e3f66d8ff4f187c74c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/firewire-core-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 219678 9516e67812981692229cc9aba7e9b155 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/firewire-core-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 239166 7f7662bb24b02f1a44f738354686ae93 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/floppy-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 43654 b44df31b967a80e31758c41e05ef2c09 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/floppy-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 39792 5cfed09a0fa48ce3838b2ba21ba4dad1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fs-core-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 717818 5375198b75e2a9a5d9f410af42d95524 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fs-core-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 776424 83319a673c7c9b10461de0aefd6e988b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fs-secondary-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 205086 aa0011d2dedf01aa32c1837777c7c2f5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fs-secondary-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 209728 caee4552ea2b0b3d9e43b9610ca91adf http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ide-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 59226 bd1604cf99df7ca4b0522ba0c1441452 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ide-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 66860 a47c0ac4b101a2b40bb2f311424d0515 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/input-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 64206 08027501addf0c66a9ea6cfb41227300 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/input-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 65330 5e617fdfc44c7335fc985e642d6c4130 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ipv6-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 144094 6ee22538b68ddda69ad8469d03cefec6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ipv6-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 162836 4258bd871f4baf4f81a1d5cc940058e4 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/irda-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 383348 0d6dd42f3a57d99915c48252c47c7c6d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/irda-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 251812 b7f4e7cd8e7661da5f3c57d67d395420 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/kernel-image-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 2157764 98a7bbb74cc5e35b7bddc4d8fc12dd35 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/kernel-image-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 3083674 83e44937cfeecffdef687e70f13b1093 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17-powerpc-smp_2.6.20-17.36_powerpc.deb Size/MD5: 864430 7bf3208e87d976b60431d01aa84703d2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17-powerpc64-smp_2.6.20-17.36_powerpc.deb Size/MD5: 868770 0212168af66d47b1953bf59beb405822 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17-powerpc_2.6.20-17.36_powerpc.deb Size/MD5: 862718 0edc424b8e413441e74362954ba58b09 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17_2.6.20-17.36_powerpc.deb Size/MD5: 8151920 cc6e385dce05073af3df268acce45ebd http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-2.6.20-17-powerpc-smp_2.6.20-17.36_powerpc.deb Size/MD5: 24517498 cf103d3e1ed625118d0998b12bab86bb http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-2.6.20-17-powerpc64-smp_2.6.20-17.36_powerpc.deb Size/MD5: 26861638 cbde33235ec6a7a6046ee860176b1593 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-2.6.20-17-powerpc_2.6.20-17.36_powerpc.deb Size/MD5: 24220490 e556a72ab4e97dfb786e72d740fa2f24 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-debug-2.6.20-17-powerpc-smp_2.6.20-17.36_powerpc.deb Size/MD5: 2128680 cfe9700869769c505d5b8d1d1c196e4b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-debug-2.6.20-17-powerpc64-smp_2.6.20-17.36_powerpc.deb Size/MD5: 2855084 b3cc89ef46e5e4d06b2653172fe3b283 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-debug-2.6.20-17-powerpc_2.6.20-17.36_powerpc.deb Size/MD5: 2050182 3bc2e7f25ebe8bea2839aebde16ffcd3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-libc-dev_2.6.20-17.36_powerpc.deb Size/MD5: 645210 3c8a7642f76a3bab805c4deb34a7cac0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/md-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 253008 447d9c9761dfe18be30d647e1b96ba74 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/md-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 295072 a08094ed9b4cdb0b20b4ef07fe6a5496 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/message-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 155558 8c9bcba70f826b2c4fb871ebf3a12730 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/message-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 168430 19b9a0c1a718af5acaa1a97d28f23450 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nfs-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 248328 7a33c002d5adebd73837fb91df317c41 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nfs-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 280138 8d505bd1e195b9b165529180732ca1af http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-firmware-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 1110500 8f0022f1c5e95795aaaa1a07e814957c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-firmware-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 1110660 881fe6e0eaa3db15879e0e893684509d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 1951192 7e74e7050d2af4763c728f9e6f52b8d4 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 2253422 13f6832a0289630d2e088812dbe1f8d6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-pcmcia-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 233498 0e5efa4dc2c1d60f2d63f736dcd3f720 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-pcmcia-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 223070 da1c37cf1a9665c274cdedb7d7d13dce http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-shared-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 172914 879737cfde3f122ef489bd0a34e8d1f5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-shared-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 205506 5b476284715dabe07a18acd0365b3f23 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-usb-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 280976 1c05e11f0c7f33fa2ed6ed13650b396e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-usb-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 316584 b4c7b3b1ec87ba54dddcc5d7ed85f148 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/parport-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 44652 92750df6fd5855b3b84539e7ee40bad7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/parport-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 43410 7de7ea097bbd5b0097c8a8dc21c362b1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/pata-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 41212 85c1a08a0dcc9cdc4999243b4607f277 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/pata-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 53694 3a9e0e870d09ff29d98ea397eb9ca38f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/pcmcia-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 72814 f069b8db376da6ba6523c1f1a1744a05 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/pcmcia-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 85272 6dc2d289a49942a9beba89f338f11bca http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/pcmcia-storage-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 74542 64495f2bd744e1285c20f04aa7dc3a98 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/pcmcia-storage-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 29722 26ac6df4a55fd8a7168ded5d445aa891 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/plip-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 8396 a7dee9e87ee7e13108a2abf55958ee31 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/plip-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 9878 1c5f8521e8c11ec701f492a2b14d220f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ppp-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 56170 927213142db35ecd6e22cb7b6c64314e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ppp-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 67412 3eef4694fda05e830ac9b0d649879387 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/sata-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 86632 244854a18a5ed03c371bb05b9f2142c4 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/sata-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 129200 a76825598a96c16432ed54bbd9288f5f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/scsi-firmware-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 322566 7f7779fa071fce5f29f59ce076e21853 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/scsi-firmware-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 322588 0cafc2b9ef45c349253c52e3de0c5c36 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/scsi-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 1415810 bf842d6db566d7be83f36be0e045cdec http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/scsi-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 1345396 0463bf1a542fbf4ecf4ce2e4420a933c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/serial-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 74242 2b6a9627312c1586aabdcdf4f7c8892b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/serial-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 83244 6bac15c4400ddefb121c19b440bd30a4 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/socket-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 12020 430e6dd156acd4313105e5e8d808c0ee http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/socket-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 13940 2080831826d60e6e87672ddf66f0c6c5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/speakup-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 78350 0b82c56c00c548e9a96c2ca73cec6f2b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/speakup-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 85460 4361070d89cfb39069ea8989da654076 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/storage-core-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 398184 3a97b6bc7374983dfd5d99ba425886d8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/storage-core-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 445198 85fe66984eccab5882988b168735b544 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/usb-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb Size/MD5: 76712 6da01c2a1af08c51050eb89082bc244c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/usb-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb Size/MD5: 100188 ba1822b9e7dacd482afa36a1a853db3e http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/linux-restricted-modules-2.6.20-17-powerpc-smp_2.6.20.6-17.31_powerpc.deb Size/MD5: 1295164 bfd9c631a8c1eaf0d77f960052c83dd4 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/linux-restricted-modules-2.6.20-17-powerpc64-smp_2.6.20.6-17.31_powerpc.deb Size/MD5: 998682 a82f0cb709d699144fecad690e04f602 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/linux-restricted-modules-2.6.20-17-powerpc_2.6.20.6-17.31_powerpc.deb Size/MD5: 1292544 1bd7e025d89460f69ad71fcbd8731781 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nic-restricted-firmware-2.6.20-17-powerpc-di_2.6.20.6-17.31_powerpc.udeb Size/MD5: 966288 8b862192df81aba11c1f6cfe2bd4eee1 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nic-restricted-modules-2.6.20-17-powerpc-di_2.6.20.6-17.31_powerpc.udeb Size/MD5: 295204 df056e69d9aa45f76533009d499c6585 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/linux-backports-modules-2.6.20-17-sparc64-smp_2.6.20-17.12_sparc.deb Size/MD5: 95642 6d7c17541cee91e8eb06912a9f20a396 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/linux-backports-modules-2.6.20-17-sparc64_2.6.20-17.12_sparc.deb Size/MD5: 95344 8db377d069385f539a621e562b2df10b http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/updates-modules-2.6.20-17-sparc64-di_2.6.20-17.12_sparc.udeb Size/MD5: 99130 2f245b90b8b087f61da2caf49f524fbe http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/block-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb Size/MD5: 53734 0680b9f0398d7e48c53e7295c77cab8f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fat-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb Size/MD5: 42158 3da50612014614dac0ab87c946c65e6f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/firewire-core-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb Size/MD5: 211716 77368597943d10a9a5586f8a1ecc06db http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fs-core-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb Size/MD5: 607912 8da7a2b5371fb5f1a302a6e57e4ae95e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fs-secondary-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb Size/MD5: 142716 73f99532873b9c75317de0adb7471740 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ide-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb Size/MD5: 51444 f42e7104565f89629799aa413dca2b7b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/input-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb Size/MD5: 37414 12f0474f7342185f4d1b0b587c55f2f3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ipv6-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb Size/MD5: 151172 086fc37a2e1e76e3022f2254574affc8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/kernel-image-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb Size/MD5: 1933034 e1905a3433fad1d9462bea90cdc91535 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17-sparc64-smp_2.6.20-17.36_sparc.deb Size/MD5: 780696 0ec6f4b5e642f0193e6c02ea4465008a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17-sparc64_2.6.20-17.36_sparc.deb Size/MD5: 776890 0e303a6399f5d569ee7984a2b010c500 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17_2.6.20-17.36_sparc.deb Size/MD5: 8122866 d8d4552de1aa0078c02c0e428b6dd48a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-2.6.20-17-sparc64-smp_2.6.20-17.36_sparc.deb Size/MD5: 16953716 0b6bcacad41c64b40fa2d3b97557acf3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-2.6.20-17-sparc64_2.6.20-17.36_sparc.deb Size/MD5: 16601038 9033c13349be02c8001f47d79888e214 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-debug-2.6.20-17-sparc64-smp_2.6.20-17.36_sparc.deb Size/MD5: 2264344 ab3e7e36ec1257d862dd600eff70ccaf http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-debug-2.6.20-17-sparc64_2.6.20-17.36_sparc.deb Size/MD5: 2178562 67786fc133bf741d728c88ba444d3537 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-libc-dev_2.6.20-17.36_sparc.deb Size/MD5: 700414 8b12ede19495f6b05c30288cfe31f866 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/md-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb Size/MD5: 264342 9906bcc6b5467bf2c1245eca6054eae5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/message-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb Size/MD5: 156570 4191f2a0d742efeccb67443b3945ff44 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nfs-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb Size/MD5: 241232 e8523b32012e66d586f5df1cd381ea73 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-firmware-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb Size/MD5: 1110488 174c4c5a9e61867ad11e78dd808f9d42 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb Size/MD5: 1571838 e2e6a5ffe044c14520e27bcb5f5f47d5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-shared-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb Size/MD5: 180424 9ba8a77f742b1b835bb1c772ca962e21 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-usb-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb Size/MD5: 310072 427ac0b7e51cb2ad23fe0ec83962cc5f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/parport-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb Size/MD5: 39666 f866b608114c567f28f9289a0d85c393 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/pata-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb Size/MD5: 37984 aa56f559318f20f2e417026970a6bb56 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/plip-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb Size/MD5: 8646 b4b5071fe7b4ab2e438d7901370dc94f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ppp-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb Size/MD5: 59422 9d072776affde02fc4c1a90906ed2353 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/sata-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb Size/MD5: 90818 1be13bc72f1ccc91803bba932730c25d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/scsi-firmware-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb Size/MD5: 322570 a483b9ea45cad7ab5c8029e96ea80d4d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/scsi-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb Size/MD5: 882448 7bb2910febf841cb05000dfd1de8a39f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/serial-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb Size/MD5: 9822 b5066195c7efedec27f28e166ee4967f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/storage-core-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb Size/MD5: 290142 732ddc7d6de7127a9b3163a76531473f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/usb-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb Size/MD5: 54806 a249da34b1433114facbfda16afb0584 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/linux-restricted-modules-2.6.20-17-sparc64-smp_2.6.20.6-17.31_sparc.deb Size/MD5: 998636 e5e1018d1febb0a25443a1608d84d3d8 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/linux-restricted-modules-2.6.20-17-sparc64_2.6.20.6-17.31_sparc.deb Size/MD5: 998568 5dc6e3bd57278f3876e0ac6d1e5ac06a Updated packages for Ubuntu 7.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22_2.6.22-15.16.dsc Size/MD5: 2124 215e3f71f504f09cb9d67ba3bce891c9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22_2.6.22-15.16.tar.gz Size/MD5: 3074102 dcede517498030950f00193fd7636cba http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-source-2.6.22_2.6.22-15.54.diff.gz Size/MD5: 3546714 bc3375a85185bb7c896f5373d04f927e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-source-2.6.22_2.6.22-15.54.dsc Size/MD5: 2262 6d8aecb432a702d53ad5e15f9fce41d1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-source-2.6.22_2.6.22.orig.tar.gz Size/MD5: 56913972 c98e1329975a8a7931ae63bafe39b63a http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22_2.6.22-15.39.dsc Size/MD5: 2224 3fb717a6f4c6ca172730606024026677 http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22_2.6.22-15.39.tar.gz Size/MD5: 6963922 51c929273ac6d58421cec603e65fdbc5 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22_2.6.22.4-15.11.diff.gz Size/MD5: 552663 40de07a2a55ec6e25250ef591fa1a70b http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22_2.6.22.4-15.11.dsc Size/MD5: 2735 6b99b949b4bdcac45c5ba49caf55d763 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22_2.6.22.4.orig.tar.gz Size/MD5: 143875748 ccbf90c68bf682e9df2371cd85c83c86 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-doc-2.6.22_2.6.22-15.54_all.deb Size/MD5: 4615002 41f0e4a86eb60e4f347677842fc1a7b8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15_2.6.22-15.54_all.deb Size/MD5: 7777268 5cce85c4b4a889d0cbc9a1b5abb3c9a3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-kernel-devel_2.6.22-15.54_all.deb Size/MD5: 48284 20aff25c6f59f891366b96484814bf10 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-source-2.6.22_2.6.22-15.54_all.deb Size/MD5: 45358212 f4fbc3ed3178453493924895e400b616 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/linux-restricted-modules-common_2.6.22.4-15.11_all.deb Size/MD5: 23372 1e08b20ca5d505d55d734e1e1aa7c212 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-generic_2.6.22-15.16_amd64.deb Size/MD5: 1181490 06a8c108ea3eb048aa7f7ade85b1ead6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-server_2.6.22-15.16_amd64.deb Size/MD5: 3758 62f7ea6c0cbb542ed06904426dfc097a http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/updates-modules-2.6.22-15-generic-di_2.6.22-15.16_amd64.udeb Size/MD5: 646 5aed5ef44cf626f067fb5225ef8fccf1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/acpi-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 24800 531185f6ecc73aa2e5be4b792cc4498e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/block-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 216562 347e3fa6b1550d55c77537eeb557f89d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/crypto-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 49168 107ddc3f1c939471379d549fa2b0febf http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fat-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 40034 d7b9a5d8878064b9aa69bcaad29267ae http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fb-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 51758 fd8ed4458bef221560be980e99dd9578 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/firewire-core-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 87876 75cd9e963aa71a3765bb3316f72757b2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/floppy-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 35848 1328b905ca910427bdb7473f268bce86 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fs-core-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 652046 8edc4095a4e1af4691431bb8c46169dd http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fs-secondary-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 205958 069e62303753e4b075d6143d019e1314 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ide-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 55596 409a1ea9cd365c2e54f3bd7dcad681c5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/input-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 60512 d8cc2ae93537ec154afd9655aeba4cfd http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ipv6-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 146252 b33b05e3b2f87bbf0fce5e0a969db483 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/irda-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 285930 b020b5eec97f02b2b5a7f8cad963a878 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/kernel-image-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 1947322 62487759486e99cac46c84eb141dcf48 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-generic_2.6.22-15.54_amd64.deb Size/MD5: 593756 0cfa2f7530954f717b9bca97595e7ea2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-rt_2.6.22-15.54_amd64.deb Size/MD5: 1165316 0816ef9517f5e049c22437f89add88fd http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-server_2.6.22-15.54_amd64.deb Size/MD5: 593956 b508af1ec08db9b68fe53097acb42809 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-xen_2.6.22-15.54_amd64.deb Size/MD5: 949302 3c49468b650469542a3fc85c9a85d309 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-2.6.22-15-generic_2.6.22-15.54_amd64.deb Size/MD5: 17543644 7c467ec6abac34b98b6fc72a5b0a08e2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-2.6.22-15-server_2.6.22-15.54_amd64.deb Size/MD5: 17586456 947e9312ac817b9aaf36a0bae43af3a1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-debug-2.6.22-15-generic_2.6.22-15.54_amd64.deb Size/MD5: 18740292 d8f5abc64c06e0d951f00295db516f7d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-debug-2.6.22-15-server_2.6.22-15.54_amd64.deb Size/MD5: 19045588 2c29290b72f5dcf8cde1de91b6c8b061 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-libc-dev_2.6.22-15.54_amd64.deb Size/MD5: 653630 06c7f1cab32983620ce58fab3ed12288 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/md-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 252194 6490c4cf504d462e965ad16f9326a7e6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/message-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 150734 52651e2b2ec7a9348bef67b3c8add406 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nfs-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 236406 d03ab1e8dab84b9818448c6579286a25 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 1449288 149bbcbfb2f4801fd74e251c6dd68ebf http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-pcmcia-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 142738 dbf111770227c3ed685c2a79d028e233 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-shared-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 148666 f6b788f8348f92f08c5a81a66e7a02cc http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-usb-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 86010 52eca61e95705ecc9e1db45c37ef0d5e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/parport-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 35446 8942a8ccbe1be9e71f07d109875771c0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pata-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 38396 f506ccb2cb0d35c0f36f676cec4ca394 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pcmcia-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 70052 773f942a98207464ca5d62c6f955bc98 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pcmcia-storage-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 21462 acbac49df228ab72c5ea07d12865bea7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/plip-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 8658 da2dac3d46f3ea80526ed9a29c83f56c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ppp-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 56404 0d818ef611df79adaf83e383bcb93b3d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/sata-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 88010 0de65f917fd1f6dc28018a910fe29fcc http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/scsi-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 1101072 474a9588c6c099d13bdd5404860d3c47 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/serial-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 45206 069e3168b034cd9756e1726e52f401d1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/socket-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 12676 e66b970e6acd7e648a6dd8fa91711913 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/storage-core-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 462914 b54bda2ce3b03da51c7b0a48b9a2635f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/usb-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb Size/MD5: 71790 ac4a611b906456588036bcc639c354cc http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-generic_2.6.22-15.39_amd64.deb Size/MD5: 3013948 86e7a6e87eddd16d2e9ce82e9ec269a1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-server_2.6.22-15.39_amd64.deb Size/MD5: 3012046 41d80f29a78860b4f323a669a1fb71b4 http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/nic-firmware-2.6.22-15-generic-di_2.6.22-15.39_amd64.udeb Size/MD5: 1048448 a5be33841544473a7cc80eb6cba14766 http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/scsi-firmware-2.6.22-15-generic-di_2.6.22-15.39_amd64.udeb Size/MD5: 322530 6ec01c4069caf838edc3830ea5b92c85 http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/ubuntu-modules-2.6.22-15-generic-di_2.6.22-15.39_amd64.udeb Size/MD5: 477916 813f8a19f99dcefbe272b17561d22f50 http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.22/avm-fritz-kernel-source_3.11+2.6.22.4-15.11_amd64.deb Size/MD5: 2134688 59b6823d1adf0dc7ff2dc0155ea21607 http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.22/fglrx-kernel-source_8.37.6+2.6.22.4-15.11_amd64.deb Size/MD5: 191952 3b03fae1017d369824d7955ba655445c http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22-15-rt_2.6.22.4-15.11_amd64.deb Size/MD5: 13660818 b3e3951e1a061dff40d3a05d997c30f1 http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22-15-xen_2.6.22.4-15.11_amd64.deb Size/MD5: 9854790 9938d8c957c31d19435a3f8158863f02 http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.22/nvidia-glx-legacy-dev_1.0.7185+2.6.22.4-15.11_amd64.deb Size/MD5: 169332 c6f2bf946b8030afe43d6cd74228151f http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.22/nvidia-glx-legacy_1.0.7185+2.6.22.4-15.11_amd64.deb Size/MD5: 6070814 e857a22069a35ed93d2c5efeef1fa10e http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.22/nvidia-kernel-source_1.0.9639+2.6.22.4-15.11_amd64.deb Size/MD5: 1862772 96fbbf557068a82ed152100ef0262672 http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.22/nvidia-legacy-kernel-source_1.0.7185+2.6.22.4-15.11_amd64.deb Size/MD5: 1390454 60065b0b590d25df1d6f9a0c0bc1377d http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/avm-fritz-firmware-2.6.22-15_3.11+2.6.22.4-15.11_amd64.deb Size/MD5: 479942 325f03b109f752ca8789d0c9e186e68c http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/fglrx-control_8.37.6+2.6.22.4-15.11_amd64.deb Size/MD5: 82088 41d91b8db807afe1807fbd68d7d31556 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22-15-generic_2.6.22.4-15.11_amd64.deb Size/MD5: 13457086 a7c759a22c8004230c597d2337c56a71 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nic-restricted-firmware-2.6.22-15-generic-di_2.6.22.4-15.11_amd64.udeb Size/MD5: 766 ddf18ca1250601123959bdedc2d2c79b http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nic-restricted-modules-2.6.22-15-generic-di_2.6.22.4-15.11_amd64.udeb Size/MD5: 734 753130cf45e4d916ce3792326662ed90 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nvidia-glx-dev_1.0.9639+2.6.22.4-15.11_amd64.deb Size/MD5: 178324 763f49138f65bcd25344b3165caf624d http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nvidia-glx-new-dev_100.14.19+2.6.22.4-15.11_amd64.deb Size/MD5: 158248 da89d68c5bf9bd4a953699b0a7a677c5 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nvidia-glx-new_100.14.19+2.6.22.4-15.11_amd64.deb Size/MD5: 8890896 044fcbd4369090fb6ddfef265c68eda0 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nvidia-glx_1.0.9639+2.6.22.4-15.11_amd64.deb Size/MD5: 7996392 f71195542bcffbd3c5617cd04976dcff http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nvidia-new-kernel-source_100.14.19+2.6.22.4-15.11_amd64.deb Size/MD5: 2279348 cbea5190dcb7ebae1c6cae41f812d43c http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/xorg-driver-fglrx-dev_7.1.0-8.37.6+2.6.22.4-15.11_amd64.deb Size/MD5: 67596 6c459900b9d5f076f8db357dd024b33d http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/xorg-driver-fglrx_7.1.0-8.37.6+2.6.22.4-15.11_amd64.deb Size/MD5: 12254418 cfd39f34d91e4a48573ded79c6215427 http://security.ubuntu.com/ubuntu/pool/universe/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-rt_2.6.22-15.16_amd64.deb Size/MD5: 3754 81ca2ccde6e44e42d0acb8b6f4f8d766 http://security.ubuntu.com/ubuntu/pool/universe/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-xen_2.6.22-15.16_amd64.deb Size/MD5: 3782 76929d77a0fbbb99e401a179efe3d40c http://security.ubuntu.com/ubuntu/pool/universe/l/linux-source-2.6.22/linux-image-2.6.22-15-rt_2.6.22-15.54_amd64.deb Size/MD5: 17592292 0cdb657d868402a744dd67acbd9c7b46 http://security.ubuntu.com/ubuntu/pool/universe/l/linux-source-2.6.22/linux-image-2.6.22-15-xen_2.6.22-15.54_amd64.deb Size/MD5: 17355358 5cf6d90812d22fe685c4930f6ab5b99a http://security.ubuntu.com/ubuntu/pool/universe/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-rt_2.6.22-15.39_amd64.deb Size/MD5: 3017126 58a8de462a320964eb37d4713ef063e9 http://security.ubuntu.com/ubuntu/pool/universe/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-xen_2.6.22-15.39_amd64.deb Size/MD5: 3013834 3b2735bb3fe07a149a0c6d7216c3e08d i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-386_2.6.22-15.16_i386.deb Size/MD5: 3756 38e40f57e2213ec44de12fd1586c9a28 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-generic_2.6.22-15.16_i386.deb Size/MD5: 1379014 512338d9fa1b651ecbc39b1db0285688 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-server_2.6.22-15.16_i386.deb Size/MD5: 3768 4c0ab45a0ba5dc56a9006e0797ac8a7f http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/updates-modules-2.6.22-15-386-di_2.6.22-15.16_i386.udeb Size/MD5: 644 5f31cf301f6b8971e7e8733e85c212db http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/updates-modules-2.6.22-15-generic-di_2.6.22-15.16_i386.udeb Size/MD5: 644 df4807c07fdd185f50ef8dc3743bc4bb http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/acpi-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 20418 0f9de8a6295d16cae1fe7b9d25f4c822 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/acpi-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 23228 5e895d82dd9023b629fef23526464f91 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/block-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 211438 5e635a70e6b1d97021164f5a6bd11d51 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/block-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 213080 df89aaa52d9017a795bf22dec05ec035 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/cdrom-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 89010 2e70caf2aa5cefb7070ec8668212188c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/cdrom-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 35754 d7642234f8bd7dea30b36dea8816b934 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/crypto-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 50008 21d399d289ffc1c0a787d6d1814ac7fe http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/crypto-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 50140 127fa8d9247590932c3bec3d2fba5029 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fat-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 37956 3d389edb98991e385f671f0d44178d53 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fat-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 38610 f07c2e59ed2764026399ebc28685a107 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fb-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 44950 3e9f0f01a37259c48855afbfc5043f26 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fb-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 45204 60ed4bebdd8f793b28687067956b6460 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/firewire-core-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 85328 a1340f905e08fabee46c8c643fdaa5f6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/firewire-core-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 85656 ca69911c4bdab605ba471592f9b22d24 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/floppy-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 32344 0f9de7030cccebbb73316b74ee81d04d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/floppy-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 32646 201910ec059ef8901a70fc6748648b90 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fs-core-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 640694 5c2e673d57c1a9aecea86edc15a08664 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fs-core-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 659482 c805fd12258be8e0f94c43b9dc5017b0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fs-secondary-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 206054 6b84aacb3a21d7c5ecca022fec9b7758 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fs-secondary-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 209784 ba33674cfcea7eabc5d3365a4725472c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ide-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 52652 b81d9b2a4d891f5176ff23e03c931ac4 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ide-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 53866 089d7bcd4eecff3ae3cdfa3dae74988e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/input-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 55524 cbddfa0961691f5af1e5078f1fbc6341 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/input-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 56914 4975e2e7e8a9cf550c7b763390de6353 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ipv6-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 130910 a56c5b5ef04d03fc9d7abe4dd9ad1dd8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ipv6-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 137790 2d9998c3221d20bab47ef3c3c885ca36 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/irda-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 277866 52a5a0032d93c63d390bde041de9e987 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/irda-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 276378 364eef19bd824a34498065e9bc011a98 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/kernel-image-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 1834666 4d1004a88c1f30305467a1151b05caff http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/kernel-image-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 1905930 521d19edf828d41bda242061f580f39c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-386_2.6.22-15.54_i386.deb Size/MD5: 579506 e31e25124b45afdea454fa2e5df96981 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-generic_2.6.22-15.54_i386.deb Size/MD5: 581308 5978bd43dba625bcc0d90d78ea7976f6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-rt_2.6.22-15.54_i386.deb Size/MD5: 1154954 331ef788b8936ca09297278c54fe0a73 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-server_2.6.22-15.54_i386.deb Size/MD5: 581292 d13dfb1538bbeb0406869f9988e63966 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-ume_2.6.22-15.54_i386.deb Size/MD5: 527716 38db2de69c705b3848b362d6285a78cd http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-virtual_2.6.22-15.54_i386.deb Size/MD5: 466996 581eb343942f0753c7021374cf203dd7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-xen_2.6.22-15.54_i386.deb Size/MD5: 923522 de45312cd1e8ef642be2a1e321719a73 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-2.6.22-15-386_2.6.22-15.54_i386.deb Size/MD5: 18568374 73fa4b00dea5d4ed59a1bf81b9e7f70c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-2.6.22-15-generic_2.6.22-15.54_i386.deb Size/MD5: 18542298 6ed41de04e6b219e5b45a7de205cfe96 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-2.6.22-15-server_2.6.22-15.54_i386.deb Size/MD5: 18630526 c0b10915988e225c3978d51a7f94ee71 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-2.6.22-15-virtual_2.6.22-15.54_i386.deb Size/MD5: 6704572 fddd05f27808e8e114d958ec6cbe7928 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-debug-2.6.22-15-386_2.6.22-15.54_i386.deb Size/MD5: 23478456 6271a25d209b9092e6e266e0d2760c4a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-debug-2.6.22-15-generic_2.6.22-15.54_i386.deb Size/MD5: 24123012 c4ae07814e5cb34954bcf9af2d065b8f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-debug-2.6.22-15-server_2.6.22-15.54_i386.deb Size/MD5: 24388984 8ec3bfe06020cde3427e0a223b5229c6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-debug-2.6.22-15-virtual_2.6.22-15.54_i386.deb Size/MD5: 22814866 a6717fed353a6c8db978f2bdaa87dab3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-libc-dev_2.6.22-15.54_i386.deb Size/MD5: 653638 28d2e17c8dd12239709f7d26dfe847d6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/md-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 247896 d1913a5288822f9a4c5d8252de2380b3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/md-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 254864 05670a61ba685422884b35b4b36a849d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/message-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 137044 653ab55a5d2fac7514dcfa427a729de4 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/message-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 137394 5ef931689ae1d45255c7be7042291088 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nfs-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 221114 e363197d0c5452adfbe718d129b56eb1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nfs-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 228418 689a74ed0f50826efc882955901d8661 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 1627050 4fc2c87e20fc465fe8819c5835a9bb4b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 1647312 adf8ab86dfd814c0753ca926609a0f28 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-pcmcia-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 150434 e24b4ec46d62dc664d08bdffa2184239 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-pcmcia-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 142510 c41820cbdb83d7661351e2d6ab6759c3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-shared-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 141124 f2890109982c84417b97e4f9b0ec47e6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-shared-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 142488 b307586a011a4b90aacb9d7c0ea7832f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-usb-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 79274 95f09af1d5d8d44641d95b99f664d743 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-usb-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 80914 7b3af901119a8f441ce29a39390a0585 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/parport-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 33340 7f3b5c8fa51fa3511dfbd49d50d86b8d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/parport-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 33872 441b2e45c5ecec67c362122134e19040 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pata-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 37978 31e7de73aa0a902ed47777522cee9688 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pata-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 38250 653c0b1df6df39d123596f3cdfccff1a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pcmcia-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 83258 6dfb13d2cd4481fb354d29b43f1a34d2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pcmcia-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 83440 b945199f9b0e767a04e752f7e9a4289e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pcmcia-storage-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 48210 7826c79ecf33f121e5f2df228ba901bb http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pcmcia-storage-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 48188 f4694ad1e5f586f83dd577e4c13ee041 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/plip-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 8188 2e0ad32b18f1bac73aef856de27399dc http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/plip-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 8410 46d5527c5e1c951dd7cf20cfebd00285 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ppp-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 50454 a2dda1b9a98c02c0f4dfcf14f7352f64 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ppp-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 52362 17070ff42e9fd0daa887ad2bee2584fe http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/sata-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 79486 39c05ac72f00b488c2e4657922fd845a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/sata-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 79792 f9d1fd2ee477806b6f5f8c6eac8fc433 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/scsi-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 1388110 3d00dfd9e297f0f5c13cb6c216257fbd http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/scsi-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 1367550 c167a877b6a66d820c462e1a42c464df http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/serial-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 43022 ee80c18e4c855f38b300b3298bcac9cb http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/serial-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 42490 6e38df6c8dd793414db655b4df862b89 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/socket-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 11274 457f9450561026c51e7dce62b99492a2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/socket-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 11860 a005b1cdbcaf9916c60144b96a068a3b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/storage-core-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 435680 c410f7c8d57506611fb299d6219b193a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/storage-core-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 438856 8442dc0500a51949003790c676c9e6e1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/usb-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb Size/MD5: 65898 3518afe7357301623e77d92f29ef7cd1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/usb-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb Size/MD5: 66818 b3eee8a3a0e5de1b73abad161b92977a http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-386_2.6.22-15.39_i386.deb Size/MD5: 3043288 ccb4308e0bc160c24707f5854eb2e412 http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-generic_2.6.22-15.39_i386.deb Size/MD5: 3054328 2d56c435cd060b2745a0ca6206366bb9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-server_2.6.22-15.39_i386.deb Size/MD5: 3056128 04a9e15849ffb6ae029d63ebb323a1c0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-virtual_2.6.22-15.39_i386.deb Size/MD5: 1551418 650f8adbb27269b364282c89c0b24c23 http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/nic-firmware-2.6.22-15-386-di_2.6.22-15.39_i386.udeb Size/MD5: 1048342 919b46aecdba9098a5ae27b479cc1f4f http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/nic-firmware-2.6.22-15-generic-di_2.6.22-15.39_i386.udeb Size/MD5: 1048442 931c9093fdc92d6f6634202320559901 http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/scsi-firmware-2.6.22-15-386-di_2.6.22-15.39_i386.udeb Size/MD5: 322512 e639c5c2c3439f93a2ae0c37ea28c7b8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/scsi-firmware-2.6.22-15-generic-di_2.6.22-15.39_i386.udeb Size/MD5: 322534 934ae69176bb17670c6f081a1b1a4979 http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/ubuntu-modules-2.6.22-15-386-di_2.6.22-15.39_i386.udeb Size/MD5: 453408 77a229a8e4d2f83fd56740ac24e655c6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/ubuntu-modules-2.6.22-15-generic-di_2.6.22-15.39_i386.udeb Size/MD5: 453002 ab5b8dae55c15f59956c339c2017f3dc http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.22/avm-fritz-kernel-source_3.11+2.6.22.4-15.11_i386.deb Size/MD5: 4084628 5c38b21f36b5d04056d0ee3d683630d2 http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.22/fglrx-kernel-source_8.37.6+2.6.22.4-15.11_i386.deb Size/MD5: 191960 162aecb99815f6b9a339b1299e2973c7 http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22-15-rt_2.6.22.4-15.11_i386.deb Size/MD5: 16791012 ad32c528dee8398448700bc5c132576f http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22-15-xen_2.6.22.4-15.11_i386.deb Size/MD5: 12658912 4ed7f2b8ecfb4ce974648c7bc8b2c7aa http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.22/nvidia-glx-legacy-dev_1.0.7185+2.6.22.4-15.11_i386.deb Size/MD5: 148548 b712289da5c1c90c3504c49c066ab579 http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.22/nvidia-glx-legacy_1.0.7185+2.6.22.4-15.11_i386.deb Size/MD5: 3065766 ec9626779a8a817c329bb84bfcfa5a9c http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.22/nvidia-kernel-source_1.0.9639+2.6.22.4-15.11_i386.deb Size/MD5: 1764500 9aa631e66d1c4cf18369b10ff8361539 http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.22/nvidia-legacy-kernel-source_1.0.7185+2.6.22.4-15.11_i386.deb Size/MD5: 1378112 b2cad4be9641a5ffd6cdf959b9971898 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/avm-fritz-firmware-2.6.22-15_3.11+2.6.22.4-15.11_i386.deb Size/MD5: 1209490 042181978d41e4e68fd55c90564822ec http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/fglrx-control_8.37.6+2.6.22.4-15.11_i386.deb Size/MD5: 79368 fe206f7ee03e52a803275d72446ecd1d http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22-15-386_2.6.22.4-15.11_i386.deb Size/MD5: 16742196 585c649b0be6bfe04c1b07a5a65b86b8 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22-15-generic_2.6.22.4-15.11_i386.deb Size/MD5: 16533700 efb709c3e9b7d468eb8eb19cd4bd24c1 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nic-restricted-firmware-2.6.22-15-386-di_2.6.22.4-15.11_i386.udeb Size/MD5: 764 812cbf6f07ef3f8e82a9740b9d8f4833 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nic-restricted-firmware-2.6.22-15-generic-di_2.6.22.4-15.11_i386.udeb Size/MD5: 766 df205d71cd5d3b82fe07e703042aa7f4 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nic-restricted-modules-2.6.22-15-386-di_2.6.22.4-15.11_i386.udeb Size/MD5: 732 4283d253d3cedde341a7a75d530af147 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nic-restricted-modules-2.6.22-15-generic-di_2.6.22.4-15.11_i386.udeb Size/MD5: 734 856c774ebdbe8ec4acc0e1a6a9130669 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nvidia-glx-dev_1.0.9639+2.6.22.4-15.11_i386.deb Size/MD5: 158286 c3037f07e6753221e09ffe4afa5cb17a http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nvidia-glx-new-dev_100.14.19+2.6.22.4-15.11_i386.deb Size/MD5: 146010 ad9c127bef125b66085db9c7bb0bb547 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nvidia-glx-new_100.14.19+2.6.22.4-15.11_i386.deb Size/MD5: 5013914 7a529396a64deb58e8e5beea3941b5b9 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nvidia-glx_1.0.9639+2.6.22.4-15.11_i386.deb Size/MD5: 4493322 db303977d7fc8fd18a6e2d4eb6c75881 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nvidia-new-kernel-source_100.14.19+2.6.22.4-15.11_i386.deb Size/MD5: 2253080 b9d0c5159b5973755f853087980c37a4 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/xorg-driver-fglrx-dev_7.1.0-8.37.6+2.6.22.4-15.11_i386.deb Size/MD5: 67078 c38c30bc72618a411b2b40a07575c3e4 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/xorg-driver-fglrx_7.1.0-8.37.6+2.6.22.4-15.11_i386.deb Size/MD5: 8558012 826ec61e79243432e14df3c4fe01c482 http://security.ubuntu.com/ubuntu/pool/universe/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-rt_2.6.22-15.16_i386.deb Size/MD5: 1379430 890e80ab2cb552da35613c66accdff3d http://security.ubuntu.com/ubuntu/pool/universe/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-ume_2.6.22-15.16_i386.deb Size/MD5: 3734 395b2624c54f03633eb87f0cbc97a4ae http://security.ubuntu.com/ubuntu/pool/universe/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-xen_2.6.22-15.16_i386.deb Size/MD5: 3770 56a1c5dfbd6840d5bb6dc589e50e59fe http://security.ubuntu.com/ubuntu/pool/universe/l/linux-source-2.6.22/linux-image-2.6.22-15-rt_2.6.22-15.54_i386.deb Size/MD5: 18593802 a23697c081e4de446386196207ba172d http://security.ubuntu.com/ubuntu/pool/universe/l/linux-source-2.6.22/linux-image-2.6.22-15-ume_2.6.22-15.54_i386.deb Size/MD5: 8651184 5485ade0608249b603b2d29f52796a60 http://security.ubuntu.com/ubuntu/pool/universe/l/linux-source-2.6.22/linux-image-2.6.22-15-xen_2.6.22-15.54_i386.deb Size/MD5: 17337476 f7c0dc20dd33587cb7170cf9b0547399 http://security.ubuntu.com/ubuntu/pool/universe/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-rt_2.6.22-15.39_i386.deb Size/MD5: 3067524 cd3cb7109cbbd0276ee4193b47bb925f http://security.ubuntu.com/ubuntu/pool/universe/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-ume_2.6.22-15.39_i386.deb Size/MD5: 3049602 578b1c56c65249fd8f2a45c1f35193ff http://security.ubuntu.com/ubuntu/pool/universe/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-xen_2.6.22-15.39_i386.deb Size/MD5: 3058274 c933d038855ffac90f36a2f4c4db42fb lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/acpi-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb Size/MD5: 31564 6ee7cad81861752974ccab8913be4923 http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/block-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb Size/MD5: 174622 a7075817c8becfc18ecc3c3909a9bb80 http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/crypto-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb Size/MD5: 47544 b88af59e21f122d1eff2dcd287727ba6 http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/fat-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb Size/MD5: 34816 850e9452d08f4cbb8b64a51d6ce8dc1a http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/fb-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb Size/MD5: 25670 18b1cfc1c9c9b017da1cb5742fc62fdf http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/firewire-core-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb Size/MD5: 78152 7f6682322618840f38766edc66b861ef http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/floppy-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb Size/MD5: 29642 b48d5450abf39b2768d684c240b38b85 http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/fs-core-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb Size/MD5: 123420 4def6fc4ff8e55b307db81e27fb762f5 http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/fs-secondary-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb Size/MD5: 68574 e17c91ebd8e489f5a4ca4426925a0aee http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/ide-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb Size/MD5: 1394 d2263d8cc68c8150124ca32cbb6ceaa0 http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/input-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb Size/MD5: 50900 f37be62f538f6c92ba9179f36435ef16 http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/ipv6-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb Size/MD5: 123346 a1622a607060d17717762687be2f1585 http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/irda-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb Size/MD5: 246236 f729caa2c10a68e4ca7b2c2c4282c99d http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/kernel-image-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb Size/MD5: 1534938 f3736b30f419b2cb39c586f58e80404f http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-lpia_2.6.22-15.54_lpia.deb Size/MD5: 581738 74e64d51193e30694c2a80acdb4a9126 http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-lpiacompat_2.6.22-15.54_lpia.deb Size/MD5: 595466 b51b81f74f87ea19594b4bafe7cc1c9e http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/linux-image-2.6.22-15-lpia_2.6.22-15.54_lpia.deb Size/MD5: 8328860 dd4ef30b143963c15af5cddef259e122 http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/linux-libc-dev_2.6.22-15.54_lpia.deb Size/MD5: 625872 496035aabc97f4a9baddf755c4f30eff http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/message-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb Size/MD5: 46924 a532ca40697d5ca69025f1f681987e0b http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/nfs-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb Size/MD5: 206940 8c33ba7be35ad9051ca16c96895f412c http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/nic-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb Size/MD5: 234188 fe8de6cd05a99936cd729308599a3d53 http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/nic-shared-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb Size/MD5: 124156 6fe418390d62c87d4bd031f3b27e4f8b http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/nic-usb-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb Size/MD5: 40326 c182a285e55e30dd4fd9f504a0be6550 http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/parport-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb Size/MD5: 30656 80a9a3217417ce60c11568d75a9be23a http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/pata-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb Size/MD5: 3666 11c3107c1f5a702d27fe2d29e5395deb http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/ppp-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb Size/MD5: 47230 9894aa9fbc062ca1ced5d3b0949ee1cf http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/sata-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb Size/MD5: 15768 c1ac8d8e1979307c2d1e0ef9da348072 http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/scsi-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb Size/MD5: 96662 c44a69eba22367197430d54acaa99580 http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/socket-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb Size/MD5: 10878 f831fc959d85f492e23caf138fba832f http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/storage-core-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb Size/MD5: 377552 a90580eb48e723f72335402d6e85d7ed http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/usb-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb Size/MD5: 52864 e6f4c21bece42c5ffff4204b818f39cf http://ports.ubuntu.com/pool/restricted/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22-15-lpia_2.6.22.4-15.11_lpia.deb Size/MD5: 2898792 c9bd2701af313e7910619956ff90964b http://ports.ubuntu.com/pool/restricted/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22-15-lpiacompat_2.6.22.4-15.11_lpia.deb Size/MD5: 3120354 faad74cdcdd2472127ab808a1c052d10 http://ports.ubuntu.com/pool/universe/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-lpia_2.6.22-15.16_lpia.deb Size/MD5: 3746 6a5675f03ca203a51233307ec24ee001 http://ports.ubuntu.com/pool/universe/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-lpiacompat_2.6.22-15.16_lpia.deb Size/MD5: 3772 c6ca093178a288087d42ccac5685182a http://ports.ubuntu.com/pool/universe/l/linux-backports-modules-2.6.22/updates-modules-2.6.22-15-lpia-di_2.6.22-15.16_lpia.udeb Size/MD5: 644 1496fbb995b406bd9cdc2c86c80ea312 http://ports.ubuntu.com/pool/universe/l/linux-source-2.6.22/linux-image-2.6.22-15-lpiacompat_2.6.22-15.54_lpia.deb Size/MD5: 18529856 30bada6dc184ab15505d0e4574716595 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-powerpc-smp_2.6.22-15.16_powerpc.deb Size/MD5: 3776 a865c756c85227c4b4c99bcdd3527da4 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-powerpc64-smp_2.6.22-15.16_powerpc.deb Size/MD5: 3802 aa1096bc346f2f035c958d334b62a6ae http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-powerpc_2.6.22-15.16_powerpc.deb Size/MD5: 3774 8588158f9ddfb583ab42815497394f5d http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/updates-modules-2.6.22-15-powerpc-di_2.6.22-15.16_powerpc.udeb Size/MD5: 646 19c2d7fee87ceacc358002a4e1a67367 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/updates-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.16_powerpc.udeb Size/MD5: 648 7ef35ae416bf2f80db27596032363462 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/block-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb Size/MD5: 315160 76de8fb0030716726ac881afdf912262 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/block-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb Size/MD5: 331806 945326f8e67dbe67dffca506fe70b68a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/block-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb Size/MD5: 310634 7d32348468e25b6e8161eb1e794dbbc3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/crypto-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb Size/MD5: 69108 9c0cc6d763c9a26965d95b1016f23366 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/crypto-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb Size/MD5: 59600 e8ad3dc8e454774b4b48e4d86903b3c1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/crypto-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb Size/MD5: 69124 a9694608ebda5380e1f31c6c6d48a71f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fat-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb Size/MD5: 47626 d4a71e109ab995054184e3880c5f85de http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fat-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb Size/MD5: 41296 3dc951a9e00d2992573df883125c9673 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fat-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb Size/MD5: 47628 ac297004e60d6daac2c5077b4f597af8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/firewire-core-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb Size/MD5: 107324 0af8c2548273b734d8d423b27943f1d6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/firewire-core-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb Size/MD5: 91162 b7cf64c5781cf1680f0b43984dbb8e8d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/firewire-core-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb Size/MD5: 107284 da3d9f2d058a9dd6d41a56fed7e5a166 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/floppy-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb Size/MD5: 40968 498b97586b06155aab845e21b15c6ffc http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/floppy-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb Size/MD5: 44734 93c489df9c18963cfef25f8d848fd702 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/floppy-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb Size/MD5: 40978 93a3f89c4bae49dbab525f2244ed90f6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fs-core-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb Size/MD5: 773510 5e3337dc062ce47a23744bab9630dd97 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fs-core-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb Size/MD5: 709242 e9365b33f36e855d6cfd841d97214e52 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fs-core-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb Size/MD5: 773420 6faf03e36789cc6bc1aa3296a7d4e07c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fs-secondary-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb Size/MD5: 243332 f842b8f9ba469616ea848991916f030a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fs-secondary-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb Size/MD5: 236400 b02a1eeca0b26e053f752da0d4541996 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fs-secondary-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb Size/MD5: 243298 ddf59a7f8b7e1abb0c16d50e5f7f3c5b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ide-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb Size/MD5: 53772 8d4cdc627ad212f655fa4771909a2631 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ide-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb Size/MD5: 47384 fca7ed43dba57b56d77c0afb5bc36fed http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ide-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb Size/MD5: 53740 8aacab34266a00ac6b864e380f498d23 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/input-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb Size/MD5: 69044 199cb6c932b1c57896e1765bbe4da986 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/input-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb Size/MD5: 62400 a01800fc7c294dd53eaf87f43fbe2330 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/input-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb Size/MD5: 68996 d07d16dc42d5daec47b8f364389d7433 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ipv6-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb Size/MD5: 166820 95db10ab499ab76aa49ca336ce6c17ef http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ipv6-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb Size/MD5: 147482 5d5b81ecf9970e96b48be6eefc8122fa http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ipv6-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb Size/MD5: 166684 ca4a1e06d95a88309fdb93d948b05ae8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/irda-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb Size/MD5: 347892 f845d2b1036cf7d96aa1ccc277a7b2ad http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/irda-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb Size/MD5: 385002 bcfa8c06cca8efca21d1661c91890e07 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/irda-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb Size/MD5: 347782 d2acb9f168d9403a7f1d6beb3edf80d0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/kernel-image-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb Size/MD5: 3204126 e0449de12be613e0ef6f71b33948a26f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/kernel-image-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb Size/MD5: 2182774 6b34a7331f66cc6360ee518134b31a9e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/kernel-image-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb Size/MD5: 3121074 94b278820db5d9364f3a11332c4bf6f7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-cell_2.6.22-15.54_powerpc.deb Size/MD5: 658542 224b256989d50b0babe3e046a8a5acd1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-powerpc-smp_2.6.22-15.54_powerpc.deb Size/MD5: 568724 14f0c68ecb1ea96fd589bdf0050c22f4 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-powerpc64-smp_2.6.22-15.54_powerpc.deb Size/MD5: 572426 1f588c7a9f543e235d4c985a13732fe3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-powerpc_2.6.22-15.54_powerpc.deb Size/MD5: 568282 ed5c8079a439162c175eca4913cb2dd0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-2.6.22-15-cell_2.6.22-15.54_powerpc.deb Size/MD5: 19766842 f303b6b54e23c220d5cfbeac66d4faaf http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-2.6.22-15-powerpc-smp_2.6.22-15.54_powerpc.deb Size/MD5: 18708820 3bdb75aaaa8961d3f3730976403cb8e9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-2.6.22-15-powerpc64-smp_2.6.22-15.54_powerpc.deb Size/MD5: 19744780 b9a76ee8362bc970adc9868bcb9b4309 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-2.6.22-15-powerpc_2.6.22-15.54_powerpc.deb Size/MD5: 18485548 1b1fd19601cb719bf42fc78ceefcb444 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-libc-dev_2.6.22-15.54_powerpc.deb Size/MD5: 629682 790e46628648d1b59b4796a607920d47 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/md-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb Size/MD5: 298656 ae2aae1d23ee9459c3a2c238f62b0c3f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/md-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb Size/MD5: 256442 6b9c9cf85cbf6caf9a904172ab8353bf http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/md-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb Size/MD5: 298538 e2e158aa1390c6650dc31f8bc6b666da http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/message-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb Size/MD5: 173322 46bc77ff2c7dfe168a99431aed9543fd http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/message-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb Size/MD5: 159610 e2562a075799cfd2d38ce8cc4f5b10bc http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/message-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb Size/MD5: 173266 95e55b6c7f32762abb49f3503aca44ec http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nfs-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb Size/MD5: 288574 86783294fef9eaecaf0fea407e01378b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nfs-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb Size/MD5: 256444 28dcf9ad4907afc1db0cd6ea2da52ce5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nfs-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb Size/MD5: 288540 1502f113e0c9f40f3d8a8629467f921a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb Size/MD5: 1931854 18199bd1925f2e7f7188ee3826dad7d3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb Size/MD5: 1654766 5813c15c304f8e11e7202867d43192b4 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb Size/MD5: 1909850 62c123566de18c9a33a1e06ede984735 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-pcmcia-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb Size/MD5: 216076 0b3682996152ba06ac5fd6373aa6d735 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-pcmcia-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb Size/MD5: 234448 3531ee385f9be4c3616294f69a7bb210 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-pcmcia-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb Size/MD5: 224102 f59d04573e8556fd788db3da5fb78a15 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-shared-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb Size/MD5: 181652 31e05543b341fa1fd3a2afc1d83fd1cf http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-shared-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb Size/MD5: 153868 7f32b2cb52a3ce4ae228efd44597d130 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-shared-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb Size/MD5: 181584 c6b132d7e6f8b4dd0bbeccdc03447a6b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-usb-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb Size/MD5: 103632 6645c56a57d8b9b5772c8d375b8e6bcd http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-usb-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb Size/MD5: 86736 3b0b2786ca7aae2e78027ab51eac2be6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-usb-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb Size/MD5: 103494 c569c090e64b3ca81508d060826925c8 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/parport-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb Size/MD5: 46978 7e539f3deae48b9bb62b10f8cfba97ad http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/parport-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb Size/MD5: 45402 628c4a5fe3245fcb4cb5c4dfe12a2bdc http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/parport-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb Size/MD5: 46996 da7e8a7ffdec8578333b4945278bad90 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pata-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb Size/MD5: 54468 9e847dace1f6bb96dd4b2a4a68f0a7bd http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pata-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb Size/MD5: 41570 6a7226a7fb2a98add60fcabfc5dd65ed http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pata-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb Size/MD5: 47806 2ef913db23ed334fe01c3000f1d3823c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pcmcia-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb Size/MD5: 87004 431473bc1306e9abadea45405d748f8f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pcmcia-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb Size/MD5: 74054 83b8bc0d89a70f616e47bebd2d4ae188 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pcmcia-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb Size/MD5: 86976 ebe28671e620e988936babd9dcaac03a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pcmcia-storage-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb Size/MD5: 30306 444a504fbe3a928fcf975c1c4de6911f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pcmcia-storage-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb Size/MD5: 76260 bcd35555297c4707bfe4998c78cf1aa9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pcmcia-storage-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb Size/MD5: 30332 0ba859f43a4526a51a02dc97e15845c6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/plip-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb Size/MD5: 9952 8f8a952c62200febb47630546ea2f7b7 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/plip-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb Size/MD5: 8458 44b8f28b718470b9a0f6544edf6e7d78 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/plip-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb Size/MD5: 9948 9be31362b48f63df01f9eb3bae241200 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ppp-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb Size/MD5: 68476 5dfcb2d47d20f04ab2fd730cd00d0e92 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ppp-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb Size/MD5: 56868 43a9199173d14b60514cce4e26c04e0d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ppp-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb Size/MD5: 68450 4d37835af2ccd7767f65bf5b862182f5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/sata-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb Size/MD5: 131418 2bbffb08183ef9737b1c7ee7d91c860f http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/sata-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb Size/MD5: 87806 d1f7fb7a127c3bb5ea17a71f1d47d26b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/sata-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb Size/MD5: 131240 f3472f484e00531c8d606deb7dedfe65 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/scsi-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb Size/MD5: 1432182 11115ebffcd3b842dbbc68f5a3f62b3c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/scsi-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb Size/MD5: 1441334 73962d3133f94fb2b761326db53c2167 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/scsi-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb Size/MD5: 1432046 5f35cce2c671c79e10b8cd43bea84d4b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/serial-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb Size/MD5: 70948 2d8686184d04697c8be62752cae815ab http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/serial-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb Size/MD5: 75508 d9105ae8e009613e616147e76f780b0a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/serial-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb Size/MD5: 84768 fd7f0edf50e458f429f1e87f3055f3ff http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/socket-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb Size/MD5: 14532 9a3539e3c59fb397abfc9508f5c9578a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/socket-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb Size/MD5: 12536 9c5146c46602c9ead4d328871d3f17af http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/socket-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb Size/MD5: 14528 73f06b41f5764ed81468e4d89e97dc0c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/storage-core-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb Size/MD5: 558348 5b80e2fb36c8ff6a55f896a5fb7e2e3d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/storage-core-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb Size/MD5: 492732 29b5a718362fe422c612f72c4da114a0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/storage-core-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb Size/MD5: 549300 4dec89e60b7d7b5060c0cc8455c2c9ac http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/usb-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb Size/MD5: 105380 ccfd8dc7b67ffe3abde899289adfc200 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/usb-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb Size/MD5: 79662 1b4022ffa935534a726498fce40b4eda http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/usb-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb Size/MD5: 104304 02c6251885f3f373d18446b958c2855f http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-cell_2.6.22-15.39_powerpc.deb Size/MD5: 2619590 af8281593571ced37b2129ed2342fccd http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-powerpc-smp_2.6.22-15.39_powerpc.deb Size/MD5: 2567378 20bf3027940d1142ad8803732870f36e http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-powerpc64-smp_2.6.22-15.39_powerpc.deb Size/MD5: 2620222 8073e56c511e70257e61599e18b5bd5e http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-powerpc_2.6.22-15.39_powerpc.deb Size/MD5: 2554464 27d7b5e667ec571d53285d4cbac8f203 http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/nic-firmware-2.6.22-15-cell-di_2.6.22-15.39_powerpc.udeb Size/MD5: 1048390 d4b1ca0b0ab22138ba04d681dc20f0c3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/nic-firmware-2.6.22-15-powerpc-di_2.6.22-15.39_powerpc.udeb Size/MD5: 1048432 e45f37ec5193154aa04c35fed50fdaee http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/nic-firmware-2.6.22-15-powerpc64-smp-di_2.6.22-15.39_powerpc.udeb Size/MD5: 1048558 0c6648aa9377a3ccc64477bf5dd08f38 http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/scsi-firmware-2.6.22-15-cell-di_2.6.22-15.39_powerpc.udeb Size/MD5: 322524 0fdea901bdf7b9173d89d49f10648d0f http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/scsi-firmware-2.6.22-15-powerpc-di_2.6.22-15.39_powerpc.udeb Size/MD5: 322536 5a36968fa11e67940cf88dfec8f5b90a http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/scsi-firmware-2.6.22-15-powerpc64-smp-di_2.6.22-15.39_powerpc.udeb Size/MD5: 322560 63ec46beb37b44f7e901d4a17d4d5002 http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/ubuntu-modules-2.6.22-15-cell-di_2.6.22-15.39_powerpc.udeb Size/MD5: 267156 690a55e73215d9bc450caa6b99fc4476 http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/ubuntu-modules-2.6.22-15-powerpc-di_2.6.22-15.39_powerpc.udeb Size/MD5: 220186 7710f01beebe09e0c9bf2cb812991139 http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/ubuntu-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.39_powerpc.udeb Size/MD5: 267210 651e58dc6fce70139c603386c92ff3bb http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22-15-powerpc-smp_2.6.22.4-15.11_powerpc.deb Size/MD5: 1300508 45e687319d4e0d2dac393138e6f2d6c6 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22-15-powerpc64-smp_2.6.22.4-15.11_powerpc.deb Size/MD5: 1002304 9f77a9427eeaea48276c6b68547d824f http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22-15-powerpc_2.6.22.4-15.11_powerpc.deb Size/MD5: 1298454 fc0dcab1f9958209c7f4266bc08de844 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nic-restricted-firmware-2.6.22-15-powerpc-di_2.6.22.4-15.11_powerpc.udeb Size/MD5: 764 d6233f778dcf936a4a0478aa80409d52 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nic-restricted-modules-2.6.22-15-powerpc-di_2.6.22.4-15.11_powerpc.udeb Size/MD5: 734 8505f5c770efe7e12619fc324996c31a sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-sparc64-smp_2.6.22-15.16_sparc.deb Size/MD5: 3802 e09e7173876354b9a1bb6846e9437b67 http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-sparc64_2.6.22-15.16_sparc.deb Size/MD5: 3772 586b2c371ca1f45ea3513cfa459fa08a http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/updates-modules-2.6.22-15-sparc64-di_2.6.22-15.16_sparc.udeb Size/MD5: 646 049e8815ed4659bbd756521f44d1b957 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/block-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb Size/MD5: 59312 4c07f24b58ed97db0fb543db5a8d4856 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/crypto-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb Size/MD5: 68268 a62b0e675c367386a3208a198f127949 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fat-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb Size/MD5: 42130 4b939c9f08fee124425bd784f7bf7d3a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/firewire-core-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb Size/MD5: 95330 eb40ad8d594615e788ecf89c529c1561 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fs-core-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb Size/MD5: 594048 cd592a5479c6d7119a2eabe234aba28c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fs-secondary-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb Size/MD5: 169390 703d55b772601b01ef874202350a9549 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ide-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb Size/MD5: 38254 691b333634c543721644e9126fb6f22e http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/input-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb Size/MD5: 38648 3c0eca639d2d669846051bc7b3acc3db http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ipv6-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb Size/MD5: 154606 57fb00f92f0dcc365e0c41540b5efc41 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/kernel-image-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb Size/MD5: 1993026 46125df549b3d01d4d8cc9b4356e9fb1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-sparc64-smp_2.6.22-15.54_sparc.deb Size/MD5: 475654 c92a5bb9e70c8af93c8ba14d222d2b54 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-sparc64_2.6.22-15.54_sparc.deb Size/MD5: 474486 2c0f22707763247036f715195ea32cb2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-2.6.22-15-sparc64-smp_2.6.22-15.54_sparc.deb Size/MD5: 12415598 f88ba6815bda87f9f6bab3b1f08f2c02 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-2.6.22-15-sparc64_2.6.22-15.54_sparc.deb Size/MD5: 12179794 406b603b04315995ed3b535149d11ae2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-libc-dev_2.6.22-15.54_sparc.deb Size/MD5: 684538 d20de9a13d35cd857709d8e97110d89a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/md-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb Size/MD5: 265810 e454ac8cfbb55798d897f6b8f915aaec http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/message-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb Size/MD5: 159904 f25815be23aae799ff31fb30b0f660ee http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nfs-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb Size/MD5: 247460 576ba769410c3856461f98143f89064a http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb Size/MD5: 1254066 0ae70dfca4fac5dc7187d025654c811c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-shared-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb Size/MD5: 159996 f945e232f58c9a3c54ee4dc317c24005 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-usb-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb Size/MD5: 91978 762357557c147272e8227fb1394886f9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/parport-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb Size/MD5: 40636 bc40eb4e9aaa6c4a798f93a58e4ea196 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pata-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb Size/MD5: 38574 da8bb028537d9379b91be3524de7cfdc http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/plip-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb Size/MD5: 8646 ecd7b4d5a5cd5ab219902b3cf2f87227 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ppp-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb Size/MD5: 60070 4adf7e7028b4fe0cef8a3f463b8c6ba4 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/sata-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb Size/MD5: 90990 a46723f940c9b17edd69478fba14a9ce http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/scsi-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb Size/MD5: 875908 833753a21da42ec786aaf013767c85e5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/serial-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb Size/MD5: 9762 fa7c339472c4bdfda8b82021c0c45dbf http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/storage-core-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb Size/MD5: 369314 55df073f08fb5e80aa5f7211d3585417 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/usb-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb Size/MD5: 56888 eb89eaebdec3149988ab5fd1652a116c http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-sparc64-smp_2.6.22-15.39_sparc.deb Size/MD5: 2578980 89f82b147630b1a42234d7a7f428905f http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-sparc64_2.6.22-15.39_sparc.deb Size/MD5: 2568738 a4a1af735ea7160b6f47ef0c749689a1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/nic-firmware-2.6.22-15-sparc64-di_2.6.22-15.39_sparc.udeb Size/MD5: 1048456 ee8f6d236b1ab8877f7fe255c748c082 http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/scsi-firmware-2.6.22-15-sparc64-di_2.6.22-15.39_sparc.udeb Size/MD5: 322536 7891ae3bb1a75ad4a68f895e3d8632d0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/ubuntu-modules-2.6.22-15-sparc64-di_2.6.22-15.39_sparc.udeb Size/MD5: 227024 7a30e435d568400043ce19e83390e38b http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22-15-sparc64-smp_2.6.22.4-15.11_sparc.deb Size/MD5: 1002242 96e1f749c39577efa970f85dffb277a7 http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22-15-sparc64_2.6.22.4-15.11_sparc.deb Size/MD5: 1002138 657b9f2f3b28d2585178c447c7e7745c
var-200701-0320	The InternalUnpackBits function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PICT file that triggers memory corruption in the _GetSrcBits32ARGB function. NOTE: this issue might overlap CVE-2007-0462. Apple QuickDraw contains a heap buffer overflow vulnerability. This vulnerability may allow an attacker to execute arbitrary code or create a denial-of-service condition. Quicktime Used in etc. Mac OS X QuickDraw is prone to a remote memory-corruption vulnerability because the software fails to properly handle malformed PICT image files. Successfully exploiting this issue allows remote attackers to corrupt memory and to crash the affected software. Mac OS X 10.4.8 is vulnerable to this issue; other versions are also likely affected, since the vulnerable component has been included in Apple operating systems since System 6.0.4. QuickDraw is a graphics processing tool bundled in the Apple operating system. A memory corruption vulnerability exists in QuickDraw when parsing PICT graphics with malformed ARGB records. Remote attackers may exploit this vulnerability to perform denial of service attacks on user machines. If the user is tricked into opening a malicious graphics file, this vulnerability will be triggered, destroying the pointer sent to the _GetSrcBits32ARGB function, resulting in a denial of service. ---------------------------------------------------------------------- To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German. The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios. This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links Read the full description: http://corporate.secunia.com/products/48/?r=l Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l ---------------------------------------------------------------------- TITLE: Mac OS X Mach-O Universal Binary Memory Corruption SECUNIA ADVISORY ID: SA23088 VERIFY ADVISORY: http://secunia.com/advisories/23088/ CRITICAL: Less critical IMPACT: DoS, System access WHERE: Local system OPERATING SYSTEM: Apple Macintosh OS X http://secunia.com/product/96/ DESCRIPTION: LMH has reported a vulnerability in Mac OS X, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or potentially gain escalated privileges. The vulnerability is caused due to an error in the fatfile_getarch2() function. This can be exploited to cause an integer overflow and may potentially allow execution of arbitrary code with kernel privileges via a specially crafted Mach-O Universal binary. The vulnerability is reported in a fully patched Mac OS X (2006-11-26). Other versions may also be affected. SOLUTION: Grant only trusted users access to affected systems. PROVIDED AND/OR DISCOVERED BY: LMH ORIGINAL ADVISORY: http://projects.info-pull.com/mokb/MOKB-26-11-2006.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
var-201107-0023	WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. When freeing the container holding the Frame element, the reference will still be available. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within how the application manages a reference to an anonymous block located near a particular element within the document. When cloning this element, the application will duplicate a reference to the block and then later re-attach this element to the rendering tree. During this process the library will free the original rendering element. Subsequent access to the same element will then cause the library to use the freed object. This can be utilized to achieve code execution under the context of the application. WebKit is prone to a memory corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user into visiting a malicious webpage. Successful attacks may result in information disclosure, remote code execution, denial of service, or other consequences. Failed exploit attempts will result in a denial-of-service condition. NOTE: This issue was previously discussed in 48808 (Apple Safari Prior to 5.1 and 5.0.6 Multiple Security Vulnerabilities) but has been given its own record to better document it. This may lead to a cross-site scripting attack on sites that allow untrusted users to post text files. To mitigate this issue, Safari has been updated to utilize protection mechanisms recently added to Windows. This issue does not affect Mac OS X systems. This issue does not affect Mac OS X systems. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. This issue does not affect Mac OS X systems. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. This issue is addressed by generating an ID based on the difference between the addresses of two heap buffers. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. This issue is addressed by displaying all fields that will be filled, and requiring the user's consent before AutoFill information is available to the form. CVE-ID CVE-2011-0217 : Florian Rienhardt of BSI, Alex Lambert, [Jeremiah Grossman] Safari Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: With a certain Java configuration, visiting a malicious website may lead to unexpected text being displayed on other sites Description: A cross origin issue existed in the handling of Java Applets. This applies when Java is enabled in Safari, and Java is configured to run within the browser process. Fonts loaded by a Java applet could affect the display of text content from other sites. A maliciously crafted website may have been able to cause a different URL to be shown in the address bar. CVE-ID CVE-2011-0244 : Jason Hullinger WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Applications that use WebKit, such as mail clients, may connect to an arbitrary DNS server upon processing HTML content Description: DNS prefetching was enabled by default in WebKit. Applications that use WebKit, such a s mail clients, may connect to an arbitrary DNS server upon processing HTML content. This update addresses the issue by requiring applications to opt in to DNS prefetching. CVE-ID CVE-2010-3829 : Mike Cardwell of Cardwell IT Ltd. Note: Safari 5.1 is included with OS X Lion. Safari 5.1 and Safari 5.0.6 address the same set of security issues. Safari 5.1 is provided for Mac OS X v10.6, and Windows systems. Safari 5.0.6 is provided for Mac OS X v10.5 systems. ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Apple Safari Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45325 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45325/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45325 RELEASE DATE: 2011-07-22 DISCUSS ADVISORY: http://secunia.com/advisories/45325/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45325/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45325 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness and multiple vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to disclose sensitive information, manipulate certain data, conduct cross-site scripting and spoofing attacks, bypass certain security restrictions, and compromise a user's system. 1) An error within CFNetwork when handling the "text/plain" content type can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 3) An error exists within CFNetwork when handling SSL certificates, which does not properly verify disabled root certificates. 4) An integer overflow error exists within the ColorSync component. For more information see vulnerability #5 in: SA45054 5) An off-by-one error exists within the CoreFoundation framework. For more information see vulnerability #6 in: SA45054 6) An integer overflow error exists in CoreGraphics. For more information see vulnerability #7 in: SA45054 7) An error exists within ICU (International Components for Unicode). For more information see vulnerability #11 in: SA45054 8) An error exists in ImageIO within the handling of TIFF files when handling certain uppercase strings. For more information see vulnerability #9 in: SA45054 9) An error in ImageIO within the handling of CCITT Group 4 encoded TIFF image files can be exploited to cause a heap-based buffer overflow. 10) A use-after-free error within WebKit when handling TIFF images can result in an invalid pointer being dereferenced when a user views a specially crafted web page. 11) An error within libxslt can be exploited to disclose certain addresses from the heap. For more information see vulnerability #2 in: SA43832 12) An off-by-one error within libxml when handling certain XML data can be exploited to cause a heap-based buffer overflow. 13) An error in the "AutoFill web forms" feature can be exploited to disclose certain information from the user's Address Book by tricking a user into visiting a specially crafted web page. 15) Multiple unspecified errors in the WebKit component can be exploited to corrupt memory. 16) An error within WebKit when handling libxslt configurations can be exploited to create arbitrary files. 18) A cross-origin error when handling certain URLs containing a username can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of an affected site. 19) A cross-origin error when handling DOM nodes can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of an affected site. 20) An error within the handling of DOM history objects can be exploited to display arbitrary content while showing the URL of a trusted web site in the address bar. 22) A weakness in WebKit can lead to remote DNS prefetching For more information see vulnerability #6 in: SA42312 23) A use-after-free error within WebKit when processing MathML markup tags can result in an invalid pointer being dereferenced when a user views a specially crafted web page. 24) An error within WebKit when parsing a frameset element can be exploited to cause a heap-based buffer overflow. 25) A use-after-free error within WebKit when handling XHTML tags can result in an invalid tag pointer being dereferenced when a user views a specially crafted web page. 26) A use-after-free error within WebKit when handling SVG tags can result in an invalid pointer being dereferenced when a user views a specially crafted web page. PROVIDED AND/OR DISCOVERED BY: 10) Juan Pablo Lopez Yacubian via iDefense 4) binaryproof via ZDI 8) Dominic Chell, NGS Secure 23, 25, 26) wushi, team509 via iDefense 24) Jose A. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. iDefense Security Advisory 07.20.11 http://labs.idefense.com/intelligence/vulnerabilities/ Jul 20, 2011 I. BACKGROUND Safari is Apple's web browser, and is based on the open source WebKit browser engine. MobileSafari is Safari for Apple's mobile devices including the iPad and iPhone. For more information, see the vendor's site found at the following link. http://www.apple.com/safari/ II. Safari is Apple's Web browser and is based on the open source WebKit browser engine. This vulnerability occurs when Safari incorrectly handles an error state when encountering a broken XHTML tag. Specifically, the tag enclosing the tag being processed is freed and is then referenced after it has already been freed. III. An attacker typically accomplishes this via social engineering or injecting content into compromised, trusted sites. IV. DETECTION Safari versions prior to 5.1 and 5.0.6 are vulnerable. V. WORKAROUND Disabling JavaScript is an effective workaround for this vulnerability. VI. VENDOR RESPONSE Apple Inc. For more information, consult their advisory at the following URL: http://support.apple.com/kb/HT4808 VII. CVE INFORMATION The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2011-0234 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org/), which standardizes names for security problems. VIII. DISCLOSURE TIMELINE 06/01/2011 Initial Vendor Notification 06/01/2011 Initial Vendor Reply 07/20/2011 Coordinated Public Disclosure IX. CREDIT This vulnerability was reported to iDefense by wushi of team509. Get paid for vulnerability research http://labs.idefense.com/methodology/vulnerability/vcp.php Free tools, research and upcoming events http://labs.idefense.com/ X. LEGAL NOTICES Copyright © 2011 Verisign Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDefense. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please e-mail customerservice@idefense.com for permission. Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-10-12-1 iOS 5 Software Update iOS 5 Software Update is now available and addresses the following: CalDAV Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: An attacker with a privileged network position may intercept user credentials or other sensitive information from a CalDAV calendar server Description: CalDAV did not check that the SSL certificate presented by the server was trusted. CVE-ID CVE-2011-3253 : Leszek Tasiemski of nSense Calendar Available for: iOS 4.2.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 4.2.0 through 4.3.5 for iPod touch (3rd generation) and later, iOS 4.2.0 through 4.3.5 for iPad Impact: Viewing a maliciously crafted calendar invitation may inject script in the local domain Description: A script injection issue existed in Calendar's handling of invitation notes. This issue is addressed through improved escaping of special characters in invitation notes. This issues does not affect devices prior to iOS 4.2.0. CVE-ID CVE-2011-3254 : Rick Deacon CFNetwork Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: User's AppleID password may be logged to a local file Description: A user's AppleID password and username were logged to a file that was readable by applications on the system. This is resolved by no longer logging these credentials. CVE-ID CVE-2011-3255 : Peter Quade of qdevelop CFNetwork Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive information Description: An issue existed in CFNetwork's handling of HTTP cookies. When accessing a maliciously crafted HTTP or HTTPS URL, CFNetwork could incorrectly send the cookies for a domain to a server outside that domain. CVE-ID CVE-2011-3246 : Erling Ellingsen of Facebook CoreFoundation Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Viewing a maliciously crafted website or e-mail message may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in CoreFoundation's handling of string tokenization. CVE-ID CVE-2011-0259 : Apple CoreGraphics Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Viewing a document containing a maliciously crafted font may lead to arbitrary code execution Description: Multiple memory corruption existed in freetype, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. CVE-ID CVE-2011-3256 : Apple CoreMedia Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to the disclosure of video data from another site Description: A cross-origin issue existed in CoreMedia's handling of cross-site redirects. This issue is addressed through improved origin tracking. CVE-ID CVE-2011-0187 : Nirankush Panchbhai and Microsoft Vulnerability Research (MSVR) Data Access Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: An exchange mail cookie management issue could incorrectly cause data synchronization across different accounts Description: When multiple mail exchange accounts are configured which connect to the same server, a session could potentially receive a valid cookie corresponding to a different account. This issue is addressed by ensuring that cookies are separated across different accounts. CVE-ID CVE-2011-3257 : Bob Sielken of IBM Data Security Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: An attacker with a privileged network position may intercept user credentials or other sensitive information Description: Fraudulent certificates were issued by multiple certificate authorities operated by DigiNotar. This issue is addressed by removing DigiNotar from the list of trusted root certificates, from the list of Extended Validation (EV) certificate authorities, and by configuring default system trust settings so that DigiNotar's certificates, including those issued by other authorities, are not trusted. Data Security Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Support for X.509 certificates with MD5 hashes may expose users to spoofing and information disclosure as attacks improve Description: Certificates signed using the MD5 hash algorithm were accepted by iOS. This algorithm has known cryptographic weaknesses. Further research or a misconfigured certificate authority could have allowed the creation of X.509 certificates with attacker controlled values that would have been trusted by the system. This would have exposed X.509 based protocols to spoofing, man in the middle attacks, and information disclosure. This update disables support for an X.509 certificate with an MD5 hash for any use other than as a trusted root certificate. CVE-ID CVE-2011-3427 Data Security Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: An attacker could decrypt part of a SSL connection Description: Only the SSLv3 and TLS 1.0 versions of SSL were supported. These versions are subject to a protocol weakness when using block ciphers. A man-in-the-middle attacker could have injected invalid data, causing the connection to close but revealing some information about the previous data. If the same connection was attempted repeatedly the attacker may eventually have been able to decrypt the data being sent, such as a password. This issue is addressed by adding support for TLS 1.2. CVE-ID CVE-2011-3389 Home screen Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Switching between applications may lead to the disclosure of sensitive application information Description: When switching between applications with the four- finger app switching gesture, the display could have revealed the previous application state. This issue is addressed by ensuring that the system properly calls the applicationWillResignActive: method when transitioning between applications. CVE-ID CVE-2011-3431 : Abe White of Hedonic Software Inc. ImageIO Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Viewing a maliciously crafted TIFF image may result in an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in libTIFF's handling of CCITT Group 4 encoded TIFF images. CVE-ID CVE-2011-0192 : Apple ImageIO Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in ImageIO's handling of CCITT Group 4 encoded TIFF images. CVE-ID CVE-2011-0241 : Cyril CATTIAUX of Tessi Technologies International Components for Unicode Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Applications that use ICU may be vulnerable to an unexpected application termination or arbitrary code execution Description: A buffer overflow issue existed in ICU's generation of collation keys for long strings of mostly uppercase letters. CVE-ID CVE-2011-0206 : David Bienvenu of Mozilla Kernel Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: A remote attacker may cause a device reset Description: The kernel failed to promptly reclaim memory from incomplete TCP connections. An attacker with the ability to connect to a listening service on an iOS device could exhaust system resources. CVE-ID CVE-2011-3259 : Wouter van der Veer of Topicus I&I, and Josh Enders Kernel Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: A local user may be able to cause a system reset Description: A null dereference issue existed in the handling of IPV6 socket options. CVE-ID CVE-2011-1132 : Thomas Clement of Intego Keyboards Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: A user may be able to determine information about the last character of a password Description: The keyboard used to type the last character of a password was briefly displayed the next time the keyboard was used. CVE-ID CVE-2011-3245 : Paul Mousdicas libxml Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A one-byte heap buffer overflow existed in libxml's handling of XML data. CVE-ID CVE-2011-0216 : Billy Rios of the Google Security Team OfficeImport Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Viewing a maliciously crafted Word file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in OfficeImport's handling of Microsoft Word documents. CVE-ID CVE-2011-3260 : Tobias Klein working with Verisign iDefense Labs OfficeImport Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Viewing a maliciously crafted Excel file may lead to an unexpected application termination or arbitrary code execution Description: A double free issue existed in OfficeImport's handling of Excel files. CVE-ID CVE-2011-3261 : Tobias Klein of www.trapkit.de OfficeImport Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Downloading a maliciously crafted Microsoft Office file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in OfficeImport's handling of Microsoft Office files. CVE-ID CVE-2011-0208 : Tobias Klein working with iDefense VCP OfficeImport Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Downloading a maliciously crafted Excel file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in OfficeImport's handling of Excel files. CVE-ID CVE-2011-0184 : Tobias Klein working with iDefense VCP Safari Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Opening maliciously crafted files on certain websites may lead to a cross-site scripting attack Description: iOS did not support the 'attachment' value for the HTTP Content-Disposition header. This header is used by many websites to serve files that were uploaded to the site by a third-party, such as attachments in web-based e-mail applications. Any script in files served with this header value would run as if the file had been served inline, with full access to other resources on the origin server. This issue is addressed by loading attachments in an isolated security origin with no access to resources on other sites. CVE-ID CVE-2011-3426 : Christian Matthies working with iDefense VCP, Yoshinori Oota from Business Architects Inc working with JP/CERT Settings Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: An attacker with physical access to a device may be able to recover the restrictions passcode Description: The parental restrictions functionality enforces UI restrictions. Configuring parental restrictions is protected by a passcode, which was previously stored in plaintext on disk. This issue is addressed by securely storing the parental restrictions passcode in the system keychain. CVE-ID CVE-2011-3429 : an anonymous reporter Settings Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Misleading UI Description: Configurations and settings applied via configuration profiles did not appear to function properly under any non-English language. Settings could be improperly displayed as a result. This issue is addressed by fixing a localization error. CVE-ID CVE-2011-3430 : Florian Kreitmaier of Siemens CERT UIKit Alerts Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a malicious website may cause an unexpected device hang Description: An excessive maximum text layout length permitted malicious websites to cause iOS to hang when drawing acceptance dialogs for very long tel: URIs. This issue is addressed by using a more reasonable maximum URI size. CVE-ID CVE-2011-3432 : Simon Young of Anglia Ruskin University WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. CVE-ID CVE-2011-0218 : SkyLined of Google Chrome Security Team CVE-2011-0221 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0222 : Nikita Tarakanov and Alex Bazhanyuk of the CISS Research Team, and Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0225 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0232 : J23 working with TippingPoint's Zero Day Initiative CVE-2011-0233 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-0234 : Rob King working with TippingPoint's Zero Day Initiative, wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-0235 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0238 : Adam Barth of Google Chrome Security Team CVE-2011-0254 : An anonymous researcher working with TippingPoint's Zero Day Initiative CVE-2011-0255 : An anonymous reporter working with TippingPoint's Zero Day Initiative CVE-2011-0981 : Rik Cabanier of Adobe Systems, Inc CVE-2011-0983 : Martin Barbella CVE-2011-1109 : Sergey Glazunov CVE-2011-1114 : Martin Barbella CVE-2011-1115 : Martin Barbella CVE-2011-1117 : wushi of team509 CVE-2011-1121 : miaubiz CVE-2011-1188 : Martin Barbella CVE-2011-1203 : Sergey Glazunov CVE-2011-1204 : Sergey Glazunov CVE-2011-1288 : Andreas Kling of Nokia CVE-2011-1293 : Sergey Glazunov CVE-2011-1296 : Sergey Glazunov CVE-2011-1449 : Marek Majkowski CVE-2011-1451 : Sergey Glazunov CVE-2011-1453 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-1457 : John Knottenbelt of Google CVE-2011-1462 : wushi of team509 CVE-2011-1797 : wushi of team509 CVE-2011-2338 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2339 : Cris Neckar of the Google Chrome Security Team CVE-2011-2341 : Apple CVE-2011-2351 : miaubiz CVE-2011-2352 : Apple CVE-2011-2354 : Apple CVE-2011-2356 : Adam Barth and Abhishek Arya of Google Chrome Security Team using AddressSanitizer CVE-2011-2359 : miaubiz CVE-2011-2788 : Mikolaj Malecki of Samsung CVE-2011-2790 : miaubiz CVE-2011-2792 : miaubiz CVE-2011-2797 : miaubiz CVE-2011-2799 : miaubiz CVE-2011-2809 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-2813 : Cris Neckar of Google Chrome Security Team using AddressSanitizer CVE-2011-2814 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2816 : Apple CVE-2011-2817 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2818 : Martin Barbella CVE-2011-2820 : Raman Tenneti and Philip Rogers of Google CVE-2011-2823 : SkyLined of Google Chrome Security Team CVE-2011-2827 : miaubiz CVE-2011-2831 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-3232 : Aki Helin of OUSPG CVE-2011-3234 : miaubiz CVE-2011-3235 : Dimitri Glazkov, Kent Tamura, Dominic Cooney of the Chromium development community, and Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-3236 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-3237 : Dimitri Glazkov, Kent Tamura, Dominic Cooney of the Chromium development community, and Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-3244 : vkouchna WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-origin issue existed in the handling of URLs with an embedded username. This issue is addressed through improved handling of URLs with an embedded username. CVE-ID CVE-2011-0242 : Jobert Abma of Online24 WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-origin issue existed in the handling of DOM nodes. CVE-ID CVE-2011-1295 : Sergey Glazunov WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: A maliciously crafted website may be able to cause a different URL to be shown in the address bar Description: A URL spoofing issue existed in the handling of the DOM history object. CVE-ID CVE-2011-1107 : Jordi Chancel WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A configuration issue existed in WebKit's use of libxslt. Visiting a maliciously crafted website may lead to arbitrary files being created with the privileges of the user, which may lead to arbitrary code execution. This issue is addressed through improved libxslt security settings. CVE-ID CVE-2011-1774 : Nicolas Gregoire of Agarri WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a malicious website and dragging content in the page may lead to an information disclosure Description: A cross-origin issue existed in WebKit's handling of HTML5 drag and drop. This issue is addressed by disallowing drag and drop across different origins. CVE-ID CVE-2011-0166 : Michal Zalewski of Google Inc. WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to an information disclosure Description: A cross-origin issue existed in the handling of Web Workers. CVE-ID CVE-2011-1190 : Daniel Divricean of divricean.ro WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-origin issue existed in the handling of the window.open method. CVE-ID CVE-2011-2805 : Sergey Glazunov WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-origin issue existed in the handling of inactive DOM windows. CVE-ID CVE-2011-3243 : Sergey Glazunov WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-origin issue existed in the handling of the document.documentURI property. CVE-ID CVE-2011-2819 : Sergey Glazunov WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: A maliciously crafted website may be able to track the URLs that a user visits within a frame Description: A cross-origin issue existed in the handling of the beforeload event. CVE-ID CVE-2011-2800 : Juho Nurminen WiFi Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: WiFi credentials may be logged to a local file Description: WiFi credentials including the passphrase and encryption keys were logged to a file that was readable by applications on the system. This is resolved by no longer logging these credentials. CVE-ID CVE-2011-3434 : Laurent OUDOT of TEHTRI Security Installation note: This update is only available through iTunes, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes will automatically check Apple's update server on its weekly schedule. When an update is detected, it will download it. When the iPhone, iPod touch or iPad is docked, iTunes will present the user with the option to install the update. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iPhone, iPod touch, or iPad. The automatic update process may take up to a week depending on the day that iTunes checks for updates. You may manually obtain the update via the Check for Updates button within iTunes. After doing this, the update can be applied when your iPhone, iPod touch, or iPad is docked to your computer. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "5 (9A334)". Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin) iQEcBAEBAgAGBQJOldmtAAoJEGnF2JsdZQee/qMIAIPxmIiOqj+FMLFHZtPeC/Dp 3s4JliKOOgNnjXkxErfaNvYGmeVbDaUER5jdVrWccTauzlYmy8G4uK0An2GD2YiP gB5AiCQXpONdBCi38QNdRqrYoYjc8Sa0nUp4r5uWPoiHoj5KfxvBpgygEL+zjHXS fmnrONOCWhOYp0w4q6mdTg5BH2uJCbXscD/JjbmgHQI0Vs/iUZKSRyqFo2b0Mvze NiSyzcj/4l62Cxx7xM9VbdrYL7Al2yyHfNYJQsZmoeDUlJQcdgEgEMXvOuhY3sFK maxYr2oCp6Mtf53fplAeJIV4ijLynEWAKxTuTznAyW1k7oiGrDTfORSFKPEB9MQ= =LCQZ -----END PGP SIGNATURE-----
var-201006-1183	WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly perform ordered list insertions, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document, related to the insertion of an unspecified element into an editable container and the access of an uninitialized element. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's Webkit. User interaction is required in that a user must be coerced into visiting a malicious website.The specific flaw exists within the way Webkit inserts an element into an editable container. Immediately before the actual insertion the library will manipulate the contents of the field in order to insert the new node. Upon traversal of the tree by the library, the application will attempt to access an uninitialized element that was created prior to the insertion. Successful exploitation can lead to code execution under the context of the application. An attacker can exploit this issue by enticing an unsuspecting victim into viewing a malicious webpage. Failed exploit attempts will result in a denial-of-service condition. NOTE: This issue was previously covered in BID 40620 (Apple Safari Prior to 5.0 and 4.1 Multiple Security Vulnerabilities) but has been given its own record to better document it. Apple Apple Safari is a web browser developed by Apple (Apple), and is the default browser included with Mac OS X and iOS operating systems. ZDI-10-097: Apple Webkit ContentEditable moveParagraphs Uninitialized Element Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-097 June 8, 2010 -- CVE ID: CVE-2010-1398 -- Affected Vendors: Apple -- Affected Products: Apple WebKit -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 9850. -- Vendor Response: Apple has issued an update to correct this vulnerability. More details can be found at: http://support.apple.com/kb/HT4196 -- Disclosure Timeline: 2010-02-18 - Vulnerability reported to vendor 2010-06-08 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * wushi of team509 -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/ Follow the ZDI on Twitter: http://twitter.com/thezdi. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2011:039 http://www.mandriva.com/security/ _______________________________________________________________________ Package : webkit Date : March 2, 2011 Affected: 2010.1 _______________________________________________________________________ Problem Description: Multiple cross-site scripting, denial of service and arbitrary code execution security flaws were discovered in webkit. Please consult the CVE web links for further information. The updated packages have been upgraded to the latest version (1.2.7) to correct these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2797 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2841 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0046 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0047 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0048 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0049 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0050 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0051 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0052 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0053 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0054 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0314 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0647 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0650 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0651 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0656 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1386 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1387 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1389 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1390 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1391 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1392 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1393 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1394 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1395 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1396 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1397 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1398 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1400 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1401 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1402 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1403 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1404 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1405 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1406 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1407 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1408 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1409 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1410 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1412 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1414 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1416 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1417 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1418 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1419 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1421 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1422 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1501 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1664 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1665 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1758 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1759 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1760 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1761 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1762 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1764 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1766 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1767 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1770 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1771 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1772 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1773 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1774 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1780 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1781 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1782 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1783 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1784 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1785 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1786 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1787 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1788 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1790 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1791 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1792 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1793 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1807 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1812 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1814 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1815 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2264 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2647 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2648 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3113 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3114 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3115 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3116 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3119 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3248 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3255 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3257 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3259 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3812 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3813 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4040 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4197 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4206 _______________________________________________________________________ Updated Packages: Mandriva Linux 2010.1: 141f3cd181b875d1bb40b67a507b6db1 2010.1/i586/libwebkitgtk1.0_2-1.2.7-0.1mdv2010.2.i586.rpm 054886a3c645b3ce710b9b9daec1d5f9 2010.1/i586/libwebkitgtk1.0-devel-1.2.7-0.1mdv2010.2.i586.rpm bef556ca3f281f6ef4086292c3b658d2 2010.1/i586/webkit1.0-1.2.7-0.1mdv2010.2.i586.rpm a1ff7ac638646aeb64e3bbdca9bc945d 2010.1/i586/webkit1.0-webinspector-1.2.7-0.1mdv2010.2.i586.rpm 3f40e3ebc62bad67097a9e102e0e79c2 2010.1/i586/webkit-1.2.7-0.1mdv2010.2.i586.rpm 50875cf1bc8718cedce1a45dc509b44b 2010.1/i586/webkit-gtklauncher-1.2.7-0.1mdv2010.2.i586.rpm 625d27780d1cc9edb935d4ac3521ae16 2010.1/i586/webkit-jsc-1.2.7-0.1mdv2010.2.i586.rpm 8d02c28d8f21a022130be4c49f9d27be 2010.1/SRPMS/webkit-1.2.7-0.1mdv2010.2.src.rpm Mandriva Linux 2010.1/X86_64: 5ce57cd6ab823f8084030033c7c230d7 2010.1/x86_64/lib64webkitgtk1.0_2-1.2.7-0.1mdv2010.2.x86_64.rpm 690d8718a97af93f58de3bb2357fbe9b 2010.1/x86_64/lib64webkitgtk1.0-devel-1.2.7-0.1mdv2010.2.x86_64.rpm 7cc1d4aa77e1901ccc92f27faf85c9ea 2010.1/x86_64/webkit1.0-1.2.7-0.1mdv2010.2.x86_64.rpm 2b77a77159529c55f64343aba98c15d9 2010.1/x86_64/webkit1.0-webinspector-1.2.7-0.1mdv2010.2.x86_64.rpm 475cf83c5ddd8f6809c2c73a1f5a71d1 2010.1/x86_64/webkit-1.2.7-0.1mdv2010.2.x86_64.rpm b0f1c76107c3d54241daa7e61bfb29a9 2010.1/x86_64/webkit-gtklauncher-1.2.7-0.1mdv2010.2.x86_64.rpm 97deff5e94a625a79842b4c240b0b00d 2010.1/x86_64/webkit-jsc-1.2.7-0.1mdv2010.2.x86_64.rpm 8d02c28d8f21a022130be4c49f9d27be 2010.1/SRPMS/webkit-1.2.7-0.1mdv2010.2.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFNbgbemqjQ0CJFipgRAs9YAJ92z2WSC2ijj34b/wr42OIYLtv65gCg7XgL Yv/ButpYAcXsmnJWUG4ayxQ= =GRM6 -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
var-201912-0551	A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. apple's iCloud Products from multiple vendors, such as the following, contain out-of-bounds write vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Apple Safari is a web browser that is the default browser included with the Mac OS X and iOS operating systems. Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. A security vulnerability exists in the WebKit component of several Apple products. The following products and versions are affected: Apple iOS prior to 12.2; tvOS prior to 12.2; Safari prior to 12.1; Windows-based iTunes prior to 12.9.4; Windows-based iCloud prior to 7.11. WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization. This issue was corrected by changing the way livestreams are downloaded. (CVE-2019-6237) WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge. (CVE-2019-8601) An out-of-bounds read was addressed with improved input validation. (CVE-2019-8644) A logic issue existed in the handling of synchronous page loads. (CVE-2019-8689) A logic issue existed in the handling of document loads. (CVE-2019-8719) This fixes a remote code execution in webkitgtk4. No further details are available in NIST. This issue is fixed in watchOS 6.1. This issue is fixed in watchOS 6.1. This issue is fixed in watchOS 6.1. (CVE-2019-8766) "Clear History and Website Data" did not clear the history. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history items. (CVE-2019-8768) An issue existed in the drawing of web page elements. Visiting a maliciously crafted website may reveal browsing history. (CVE-2019-8846) WebKitGTK up to and including 2.26.4 and WPE WebKit up to and including 2.26.4 (which are the versions right prior to 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. (CVE-2020-10018) A use-after-free flaw exists in WebKitGTK. This flaw allows remote malicious users to execute arbitrary code or cause a denial of service. A malicious website may be able to cause a denial of service. A DOM object context may not have had a unique security origin. A file URL may be incorrectly processed. (CVE-2020-3885) A race condition was addressed with additional validation. An application may be able to read restricted memory. (CVE-2020-3902). - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201909-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: WebkitGTK+: Multiple vulnerabilities Date: September 06, 2019 Bugs: #683234, #686216, #693122 ID: 201909-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in WebkitGTK+, the worst of which could result in the arbitrary execution of code. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-libs/webkit-gtk < 2.24.4 >= 2.24.4 Description =========== Multiple vulnerabilities have been discovered in WebkitGTK+. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All WebkitGTK+ users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.24.4" References ========== [ 1 ] CVE-2019-11070 https://nvd.nist.gov/vuln/detail/CVE-2019-11070 [ 2 ] CVE-2019-6201 https://nvd.nist.gov/vuln/detail/CVE-2019-6201 [ 3 ] CVE-2019-6251 https://nvd.nist.gov/vuln/detail/CVE-2019-6251 [ 4 ] CVE-2019-7285 https://nvd.nist.gov/vuln/detail/CVE-2019-7285 [ 5 ] CVE-2019-7292 https://nvd.nist.gov/vuln/detail/CVE-2019-7292 [ 6 ] CVE-2019-8503 https://nvd.nist.gov/vuln/detail/CVE-2019-8503 [ 7 ] CVE-2019-8506 https://nvd.nist.gov/vuln/detail/CVE-2019-8506 [ 8 ] CVE-2019-8515 https://nvd.nist.gov/vuln/detail/CVE-2019-8515 [ 9 ] CVE-2019-8518 https://nvd.nist.gov/vuln/detail/CVE-2019-8518 [ 10 ] CVE-2019-8523 https://nvd.nist.gov/vuln/detail/CVE-2019-8523 [ 11 ] CVE-2019-8524 https://nvd.nist.gov/vuln/detail/CVE-2019-8524 [ 12 ] CVE-2019-8535 https://nvd.nist.gov/vuln/detail/CVE-2019-8535 [ 13 ] CVE-2019-8536 https://nvd.nist.gov/vuln/detail/CVE-2019-8536 [ 14 ] CVE-2019-8544 https://nvd.nist.gov/vuln/detail/CVE-2019-8544 [ 15 ] CVE-2019-8551 https://nvd.nist.gov/vuln/detail/CVE-2019-8551 [ 16 ] CVE-2019-8558 https://nvd.nist.gov/vuln/detail/CVE-2019-8558 [ 17 ] CVE-2019-8559 https://nvd.nist.gov/vuln/detail/CVE-2019-8559 [ 18 ] CVE-2019-8563 https://nvd.nist.gov/vuln/detail/CVE-2019-8563 [ 19 ] CVE-2019-8595 https://nvd.nist.gov/vuln/detail/CVE-2019-8595 [ 20 ] CVE-2019-8607 https://nvd.nist.gov/vuln/detail/CVE-2019-8607 [ 21 ] CVE-2019-8615 https://nvd.nist.gov/vuln/detail/CVE-2019-8615 [ 22 ] CVE-2019-8644 https://nvd.nist.gov/vuln/detail/CVE-2019-8644 [ 23 ] CVE-2019-8644 https://nvd.nist.gov/vuln/detail/CVE-2019-8644 [ 24 ] CVE-2019-8649 https://nvd.nist.gov/vuln/detail/CVE-2019-8649 [ 25 ] CVE-2019-8649 https://nvd.nist.gov/vuln/detail/CVE-2019-8649 [ 26 ] CVE-2019-8658 https://nvd.nist.gov/vuln/detail/CVE-2019-8658 [ 27 ] CVE-2019-8658 https://nvd.nist.gov/vuln/detail/CVE-2019-8658 [ 28 ] CVE-2019-8666 https://nvd.nist.gov/vuln/detail/CVE-2019-8666 [ 29 ] CVE-2019-8666 https://nvd.nist.gov/vuln/detail/CVE-2019-8666 [ 30 ] CVE-2019-8669 https://nvd.nist.gov/vuln/detail/CVE-2019-8669 [ 31 ] CVE-2019-8669 https://nvd.nist.gov/vuln/detail/CVE-2019-8669 [ 32 ] CVE-2019-8671 https://nvd.nist.gov/vuln/detail/CVE-2019-8671 [ 33 ] CVE-2019-8671 https://nvd.nist.gov/vuln/detail/CVE-2019-8671 [ 34 ] CVE-2019-8672 https://nvd.nist.gov/vuln/detail/CVE-2019-8672 [ 35 ] CVE-2019-8672 https://nvd.nist.gov/vuln/detail/CVE-2019-8672 [ 36 ] CVE-2019-8673 https://nvd.nist.gov/vuln/detail/CVE-2019-8673 [ 37 ] CVE-2019-8673 https://nvd.nist.gov/vuln/detail/CVE-2019-8673 [ 38 ] CVE-2019-8676 https://nvd.nist.gov/vuln/detail/CVE-2019-8676 [ 39 ] CVE-2019-8676 https://nvd.nist.gov/vuln/detail/CVE-2019-8676 [ 40 ] CVE-2019-8677 https://nvd.nist.gov/vuln/detail/CVE-2019-8677 [ 41 ] CVE-2019-8677 https://nvd.nist.gov/vuln/detail/CVE-2019-8677 [ 42 ] CVE-2019-8678 https://nvd.nist.gov/vuln/detail/CVE-2019-8678 [ 43 ] CVE-2019-8678 https://nvd.nist.gov/vuln/detail/CVE-2019-8678 [ 44 ] CVE-2019-8679 https://nvd.nist.gov/vuln/detail/CVE-2019-8679 [ 45 ] CVE-2019-8679 https://nvd.nist.gov/vuln/detail/CVE-2019-8679 [ 46 ] CVE-2019-8680 https://nvd.nist.gov/vuln/detail/CVE-2019-8680 [ 47 ] CVE-2019-8680 https://nvd.nist.gov/vuln/detail/CVE-2019-8680 [ 48 ] CVE-2019-8681 https://nvd.nist.gov/vuln/detail/CVE-2019-8681 [ 49 ] CVE-2019-8681 https://nvd.nist.gov/vuln/detail/CVE-2019-8681 [ 50 ] CVE-2019-8683 https://nvd.nist.gov/vuln/detail/CVE-2019-8683 [ 51 ] CVE-2019-8683 https://nvd.nist.gov/vuln/detail/CVE-2019-8683 [ 52 ] CVE-2019-8684 https://nvd.nist.gov/vuln/detail/CVE-2019-8684 [ 53 ] CVE-2019-8684 https://nvd.nist.gov/vuln/detail/CVE-2019-8684 [ 54 ] CVE-2019-8686 https://nvd.nist.gov/vuln/detail/CVE-2019-8686 [ 55 ] CVE-2019-8686 https://nvd.nist.gov/vuln/detail/CVE-2019-8686 [ 56 ] CVE-2019-8687 https://nvd.nist.gov/vuln/detail/CVE-2019-8687 [ 57 ] CVE-2019-8687 https://nvd.nist.gov/vuln/detail/CVE-2019-8687 [ 58 ] CVE-2019-8688 https://nvd.nist.gov/vuln/detail/CVE-2019-8688 [ 59 ] CVE-2019-8688 https://nvd.nist.gov/vuln/detail/CVE-2019-8688 [ 60 ] CVE-2019-8689 https://nvd.nist.gov/vuln/detail/CVE-2019-8689 [ 61 ] CVE-2019-8689 https://nvd.nist.gov/vuln/detail/CVE-2019-8689 [ 62 ] CVE-2019-8690 https://nvd.nist.gov/vuln/detail/CVE-2019-8690 [ 63 ] CVE-2019-8690 https://nvd.nist.gov/vuln/detail/CVE-2019-8690 [ 64 ] WSA-2019-0002 https://webkitgtk.org/security/WSA-2019-0002.html [ 65 ] WSA-2019-0004 https://webkitgtk.org/security/WSA-2019-0004.html Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201909-05 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2019 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . CVE-2019-8542: an anonymous researcher iTunes Available for: Windows 7 and later Impact: Running the iTunes installer in an untrusted directory may result in arbitrary code execution Description: A race condition existed during the installation of iTunes for Windows. CVE-2019-8551: Ryan Pickren (ryanpickren.com) Windows Installer Available for: Windows 7 and later Impact: Running the iCloud installer in an untrusted directory may result in arbitrary code execution Description: A race condition existed during the installation of iCloud for Windows. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: webkitgtk4 security, bug fix, and enhancement update Advisory ID: RHSA-2020:4035-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:4035 Issue date: 2020-09-29 CVE Names: CVE-2019-6237 CVE-2019-6251 CVE-2019-8506 CVE-2019-8524 CVE-2019-8535 CVE-2019-8536 CVE-2019-8544 CVE-2019-8551 CVE-2019-8558 CVE-2019-8559 CVE-2019-8563 CVE-2019-8571 CVE-2019-8583 CVE-2019-8584 CVE-2019-8586 CVE-2019-8587 CVE-2019-8594 CVE-2019-8595 CVE-2019-8596 CVE-2019-8597 CVE-2019-8601 CVE-2019-8607 CVE-2019-8608 CVE-2019-8609 CVE-2019-8610 CVE-2019-8611 CVE-2019-8615 CVE-2019-8619 CVE-2019-8622 CVE-2019-8623 CVE-2019-8625 CVE-2019-8644 CVE-2019-8649 CVE-2019-8658 CVE-2019-8666 CVE-2019-8669 CVE-2019-8671 CVE-2019-8672 CVE-2019-8673 CVE-2019-8674 CVE-2019-8676 CVE-2019-8677 CVE-2019-8678 CVE-2019-8679 CVE-2019-8680 CVE-2019-8681 CVE-2019-8683 CVE-2019-8684 CVE-2019-8686 CVE-2019-8687 CVE-2019-8688 CVE-2019-8689 CVE-2019-8690 CVE-2019-8707 CVE-2019-8710 CVE-2019-8719 CVE-2019-8720 CVE-2019-8726 CVE-2019-8733 CVE-2019-8735 CVE-2019-8743 CVE-2019-8763 CVE-2019-8764 CVE-2019-8765 CVE-2019-8766 CVE-2019-8768 CVE-2019-8769 CVE-2019-8771 CVE-2019-8782 CVE-2019-8783 CVE-2019-8808 CVE-2019-8811 CVE-2019-8812 CVE-2019-8813 CVE-2019-8814 CVE-2019-8815 CVE-2019-8816 CVE-2019-8819 CVE-2019-8820 CVE-2019-8821 CVE-2019-8822 CVE-2019-8823 CVE-2019-8835 CVE-2019-8844 CVE-2019-8846 CVE-2019-11070 CVE-2020-3862 CVE-2020-3864 CVE-2020-3865 CVE-2020-3867 CVE-2020-3868 CVE-2020-3885 CVE-2020-3894 CVE-2020-3895 CVE-2020-3897 CVE-2020-3899 CVE-2020-3900 CVE-2020-3901 CVE-2020-3902 CVE-2020-10018 CVE-2020-11793 ==================================================================== 1. Summary: An update for webkitgtk4 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, s390x Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch 3. Description: WebKitGTK+ is port of the WebKit portable web rendering engine to the GTK+ platform. These packages provide WebKitGTK+ for GTK+ 3. The following packages have been upgraded to a later upstream version: webkitgtk4 (2.28.2). (BZ#1817144) Security Fix(es): * webkitgtk: Multiple security issues (CVE-2019-6237, CVE-2019-6251, CVE-2019-8506, CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544, CVE-2019-8551, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563, CVE-2019-8571, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8607, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8625, CVE-2019-8644, CVE-2019-8649, CVE-2019-8658, CVE-2019-8666, CVE-2019-8669, CVE-2019-8671, CVE-2019-8672, CVE-2019-8673, CVE-2019-8674, CVE-2019-8676, CVE-2019-8677, CVE-2019-8678, CVE-2019-8679, CVE-2019-8680, CVE-2019-8681, CVE-2019-8683, CVE-2019-8684, CVE-2019-8686, CVE-2019-8687, CVE-2019-8688, CVE-2019-8689, CVE-2019-8690, CVE-2019-8707, CVE-2019-8710, CVE-2019-8719, CVE-2019-8720, CVE-2019-8726, CVE-2019-8733, CVE-2019-8735, CVE-2019-8743, CVE-2019-8763, CVE-2019-8764, CVE-2019-8765, CVE-2019-8766, CVE-2019-8768, CVE-2019-8769, CVE-2019-8771, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823, CVE-2019-8835, CVE-2019-8844, CVE-2019-8846, CVE-2019-11070, CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868, CVE-2020-3885, CVE-2020-3894, CVE-2020-3895, CVE-2020-3897, CVE-2020-3899, CVE-2020-3900, CVE-2020-3901, CVE-2020-3902, CVE-2020-10018, CVE-2020-11793) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Package List: Red Hat Enterprise Linux Client (v. 7): Source: webkitgtk4-2.28.2-2.el7.src.rpm x86_64: webkitgtk4-2.28.2-2.el7.i686.rpm webkitgtk4-2.28.2-2.el7.x86_64.rpm webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm webkitgtk4-jsc-2.28.2-2.el7.i686.rpm webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: webkitgtk4-doc-2.28.2-2.el7.noarch.rpm x86_64: webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm webkitgtk4-devel-2.28.2-2.el7.i686.rpm webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: webkitgtk4-2.28.2-2.el7.src.rpm x86_64: webkitgtk4-2.28.2-2.el7.i686.rpm webkitgtk4-2.28.2-2.el7.x86_64.rpm webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm webkitgtk4-jsc-2.28.2-2.el7.i686.rpm webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): noarch: webkitgtk4-doc-2.28.2-2.el7.noarch.rpm x86_64: webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm webkitgtk4-devel-2.28.2-2.el7.i686.rpm webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: webkitgtk4-2.28.2-2.el7.src.rpm ppc64: webkitgtk4-2.28.2-2.el7.ppc.rpm webkitgtk4-2.28.2-2.el7.ppc64.rpm webkitgtk4-debuginfo-2.28.2-2.el7.ppc.rpm webkitgtk4-debuginfo-2.28.2-2.el7.ppc64.rpm webkitgtk4-jsc-2.28.2-2.el7.ppc.rpm webkitgtk4-jsc-2.28.2-2.el7.ppc64.rpm ppc64le: webkitgtk4-2.28.2-2.el7.ppc64le.rpm webkitgtk4-debuginfo-2.28.2-2.el7.ppc64le.rpm webkitgtk4-devel-2.28.2-2.el7.ppc64le.rpm webkitgtk4-jsc-2.28.2-2.el7.ppc64le.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.ppc64le.rpm s390x: webkitgtk4-2.28.2-2.el7.s390.rpm webkitgtk4-2.28.2-2.el7.s390x.rpm webkitgtk4-debuginfo-2.28.2-2.el7.s390.rpm webkitgtk4-debuginfo-2.28.2-2.el7.s390x.rpm webkitgtk4-jsc-2.28.2-2.el7.s390.rpm webkitgtk4-jsc-2.28.2-2.el7.s390x.rpm x86_64: webkitgtk4-2.28.2-2.el7.i686.rpm webkitgtk4-2.28.2-2.el7.x86_64.rpm webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm webkitgtk4-devel-2.28.2-2.el7.i686.rpm webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm webkitgtk4-jsc-2.28.2-2.el7.i686.rpm webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): noarch: webkitgtk4-doc-2.28.2-2.el7.noarch.rpm ppc64: webkitgtk4-debuginfo-2.28.2-2.el7.ppc.rpm webkitgtk4-debuginfo-2.28.2-2.el7.ppc64.rpm webkitgtk4-devel-2.28.2-2.el7.ppc.rpm webkitgtk4-devel-2.28.2-2.el7.ppc64.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.ppc.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.ppc64.rpm s390x: webkitgtk4-debuginfo-2.28.2-2.el7.s390.rpm webkitgtk4-debuginfo-2.28.2-2.el7.s390x.rpm webkitgtk4-devel-2.28.2-2.el7.s390.rpm webkitgtk4-devel-2.28.2-2.el7.s390x.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.s390.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.s390x.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: webkitgtk4-2.28.2-2.el7.src.rpm x86_64: webkitgtk4-2.28.2-2.el7.i686.rpm webkitgtk4-2.28.2-2.el7.x86_64.rpm webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm webkitgtk4-devel-2.28.2-2.el7.i686.rpm webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm webkitgtk4-jsc-2.28.2-2.el7.i686.rpm webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: webkitgtk4-doc-2.28.2-2.el7.noarch.rpm These packages are GPG signed by Red Hat for security. References: https://access.redhat.com/security/cve/CVE-2019-6237 https://access.redhat.com/security/cve/CVE-2019-6251 https://access.redhat.com/security/cve/CVE-2019-8506 https://access.redhat.com/security/cve/CVE-2019-8524 https://access.redhat.com/security/cve/CVE-2019-8535 https://access.redhat.com/security/cve/CVE-2019-8536 https://access.redhat.com/security/cve/CVE-2019-8544 https://access.redhat.com/security/cve/CVE-2019-8551 https://access.redhat.com/security/cve/CVE-2019-8558 https://access.redhat.com/security/cve/CVE-2019-8559 https://access.redhat.com/security/cve/CVE-2019-8563 https://access.redhat.com/security/cve/CVE-2019-8571 https://access.redhat.com/security/cve/CVE-2019-8583 https://access.redhat.com/security/cve/CVE-2019-8584 https://access.redhat.com/security/cve/CVE-2019-8586 https://access.redhat.com/security/cve/CVE-2019-8587 https://access.redhat.com/security/cve/CVE-2019-8594 https://access.redhat.com/security/cve/CVE-2019-8595 https://access.redhat.com/security/cve/CVE-2019-8596 https://access.redhat.com/security/cve/CVE-2019-8597 https://access.redhat.com/security/cve/CVE-2019-8601 https://access.redhat.com/security/cve/CVE-2019-8607 https://access.redhat.com/security/cve/CVE-2019-8608 https://access.redhat.com/security/cve/CVE-2019-8609 https://access.redhat.com/security/cve/CVE-2019-8610 https://access.redhat.com/security/cve/CVE-2019-8611 https://access.redhat.com/security/cve/CVE-2019-8615 https://access.redhat.com/security/cve/CVE-2019-8619 https://access.redhat.com/security/cve/CVE-2019-8622 https://access.redhat.com/security/cve/CVE-2019-8623 https://access.redhat.com/security/cve/CVE-2019-8625 https://access.redhat.com/security/cve/CVE-2019-8644 https://access.redhat.com/security/cve/CVE-2019-8649 https://access.redhat.com/security/cve/CVE-2019-8658 https://access.redhat.com/security/cve/CVE-2019-8666 https://access.redhat.com/security/cve/CVE-2019-8669 https://access.redhat.com/security/cve/CVE-2019-8671 https://access.redhat.com/security/cve/CVE-2019-8672 https://access.redhat.com/security/cve/CVE-2019-8673 https://access.redhat.com/security/cve/CVE-2019-8674 https://access.redhat.com/security/cve/CVE-2019-8676 https://access.redhat.com/security/cve/CVE-2019-8677 https://access.redhat.com/security/cve/CVE-2019-8678 https://access.redhat.com/security/cve/CVE-2019-8679 https://access.redhat.com/security/cve/CVE-2019-8680 https://access.redhat.com/security/cve/CVE-2019-8681 https://access.redhat.com/security/cve/CVE-2019-8683 https://access.redhat.com/security/cve/CVE-2019-8684 https://access.redhat.com/security/cve/CVE-2019-8686 https://access.redhat.com/security/cve/CVE-2019-8687 https://access.redhat.com/security/cve/CVE-2019-8688 https://access.redhat.com/security/cve/CVE-2019-8689 https://access.redhat.com/security/cve/CVE-2019-8690 https://access.redhat.com/security/cve/CVE-2019-8707 https://access.redhat.com/security/cve/CVE-2019-8710 https://access.redhat.com/security/cve/CVE-2019-8719 https://access.redhat.com/security/cve/CVE-2019-8720 https://access.redhat.com/security/cve/CVE-2019-8726 https://access.redhat.com/security/cve/CVE-2019-8733 https://access.redhat.com/security/cve/CVE-2019-8735 https://access.redhat.com/security/cve/CVE-2019-8743 https://access.redhat.com/security/cve/CVE-2019-8763 https://access.redhat.com/security/cve/CVE-2019-8764 https://access.redhat.com/security/cve/CVE-2019-8765 https://access.redhat.com/security/cve/CVE-2019-8766 https://access.redhat.com/security/cve/CVE-2019-8768 https://access.redhat.com/security/cve/CVE-2019-8769 https://access.redhat.com/security/cve/CVE-2019-8771 https://access.redhat.com/security/cve/CVE-2019-8782 https://access.redhat.com/security/cve/CVE-2019-8783 https://access.redhat.com/security/cve/CVE-2019-8808 https://access.redhat.com/security/cve/CVE-2019-8811 https://access.redhat.com/security/cve/CVE-2019-8812 https://access.redhat.com/security/cve/CVE-2019-8813 https://access.redhat.com/security/cve/CVE-2019-8814 https://access.redhat.com/security/cve/CVE-2019-8815 https://access.redhat.com/security/cve/CVE-2019-8816 https://access.redhat.com/security/cve/CVE-2019-8819 https://access.redhat.com/security/cve/CVE-2019-8820 https://access.redhat.com/security/cve/CVE-2019-8821 https://access.redhat.com/security/cve/CVE-2019-8822 https://access.redhat.com/security/cve/CVE-2019-8823 https://access.redhat.com/security/cve/CVE-2019-8835 https://access.redhat.com/security/cve/CVE-2019-8844 https://access.redhat.com/security/cve/CVE-2019-8846 https://access.redhat.com/security/cve/CVE-2019-11070 https://access.redhat.com/security/cve/CVE-2020-3862 https://access.redhat.com/security/cve/CVE-2020-3864 https://access.redhat.com/security/cve/CVE-2020-3865 https://access.redhat.com/security/cve/CVE-2020-3867 https://access.redhat.com/security/cve/CVE-2020-3868 https://access.redhat.com/security/cve/CVE-2020-3885 https://access.redhat.com/security/cve/CVE-2020-3894 https://access.redhat.com/security/cve/CVE-2020-3895 https://access.redhat.com/security/cve/CVE-2020-3897 https://access.redhat.com/security/cve/CVE-2020-3899 https://access.redhat.com/security/cve/CVE-2020-3900 https://access.redhat.com/security/cve/CVE-2020-3901 https://access.redhat.com/security/cve/CVE-2020-3902 https://access.redhat.com/security/cve/CVE-2020-10018 https://access.redhat.com/security/cve/CVE-2020-11793 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX3OjINzjgjWX9erEAQjqsg/9FnSEJ3umFx0gtnsZIVRP9YxMIVZhVQ8z rNnK/LGQWq1nPlNC5OF60WRcWA7cC74lh1jl/+xU6p+9JXTq9y9hQTd7Fcf+6T01 RYj2zJe6kGBY/53rhZJKCdb9zNXz1CkqsuvTPqVGIabUWTTlsBFnd6l4GK6QL4kM XVQZyWtmSfmLII4Ocdav9WocJzH6o1TbEo+O9Fm6WjdVOK+/+VzPki0/dW50CQAK R8u5tTXZR5m52RLmvhs/LTv3yUnmhEkhvrR0TtuR8KRfcP1/ytNwn3VidFefuAO1 PWrgpjIPWy/kbtZaZWK4fBblYj6bKCVD1SiBKQcOfCq0f16aqRP2niFoDXdAy467 eGu0JHkRsIRCLG2rY+JfOau5KtLRhRr0iRe5AhOVpAtUelzjAvEQEcVv4GmZXcwX rXfeagSjWzdo8Mf55d7pjORXAKhGdO3FQSeiCvzq9miZq3NBX4Jm4raobeskw/rJ 1ONqg4fE7Gv7rks8QOy5xErwI8Ut1TGJAgYOD8rmRptr05hBWQFJCfmoc4KpxsMe PJoRag0AZfYxYoMe5avMcGCYHosU63z3wS7gao9flj37NkEi6M134vGmCpPNmpGr w5HQly9SO3mD0a92xOUn42rrXq841ZkVu89fR6j9wBn8NAKLWH6eUjZkVMNmLRzh PKg+HFNkMjk=dS3G -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Security Fix(es): * golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic (CVE-2020-9283) * SSL/TLS: CBC padding timing attack (lucky-13) (CVE-2013-0169) * grafana: XSS vulnerability via a column style on the "Dashboard > Table Panel" screen (CVE-2018-18624) * js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358) * npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions (CVE-2019-16769) * kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06) (CVE-2020-7013) * nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload (CVE-2020-7598) * npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser (CVE-2020-7662) * nodejs-lodash: prototype pollution in zipObjectDeep function (CVE-2020-8203) * jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022) * jQuery: passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023) * grafana: stored XSS (CVE-2020-11110) * grafana: XSS annotation popup vulnerability (CVE-2020-12052) * grafana: XSS via column.title or cellLinkTooltip (CVE-2020-12245) * nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures (CVE-2020-13822) * golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040) * nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function (CVE-2020-15366) * openshift/console: text injection on error page via crafted url (CVE-2020-10715) * kibana: X-Frame-Option not set by default might lead to clickjacking (CVE-2020-10743) * openshift: restricted SCC allows pods to craft custom network packets (CVE-2020-14336) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution: For OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel ease-notes.html Details on how to access this content are available at https://docs.openshift.com/container-platform/4.6/updating/updating-cluster - -cli.html. Bugs fixed (https://bugzilla.redhat.com/): 907589 - CVE-2013-0169 SSL/TLS: CBC padding timing attack (lucky-13) 1701972 - CVE-2019-11358 jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection 1767665 - CVE-2020-10715 openshift/console: text injection on error page via crafted url 1804533 - CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic 1813344 - CVE-2020-7598 nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload 1828406 - CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method 1834550 - CVE-2020-10743 kibana: X-Frame-Option not set by default might lead to clickjacking 1845982 - CVE-2020-7662 npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser 1848089 - CVE-2020-12052 grafana: XSS annotation popup vulnerability 1848092 - CVE-2019-16769 npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions 1848643 - CVE-2020-12245 grafana: XSS via column.title or cellLinkTooltip 1848647 - CVE-2020-13822 nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures 1849044 - CVE-2020-7013 kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06) 1850004 - CVE-2020-11023 jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution 1850572 - CVE-2018-18624 grafana: XSS vulnerability via a column style on the "Dashboard > Table Panel" screen 1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash 1857412 - CVE-2020-8203 nodejs-lodash: prototype pollution in zipObjectDeep function 1857977 - CVE-2020-15366 nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function 1858981 - CVE-2020-14336 openshift: restricted SCC allows pods to craft custom network packets 1861044 - CVE-2020-11110 grafana: stored XSS 1874671 - CVE-2020-14336 ose-machine-config-operator-container: openshift: restricted SCC allows pods to craft custom network packets [openshift-4] 5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2019-3-25-3 tvOS 12.2 tvOS 12.2 is now available and addresses the following: CFString Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing a maliciously crafted string may lead to a denial of service Description: A validation issue was addressed with improved logic. CVE-2019-8516: SWIPS Team of Frifee Inc. configd Available for: Apple TV 4K and Apple TV (4th generation) Impact: A malicious application may be able to elevate privileges Description: A memory initialization issue was addressed with improved memory handling. CVE-2019-8552: Mohamed Ghannam (@_simo36) CoreCrypto Available for: Apple TV 4K and Apple TV (4th generation) Impact: A malicious application may be able to elevate privileges Description: A buffer overflow was addressed with improved bounds checking. CVE-2019-8542: an anonymous researcher file Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing a maliciously crafted file might disclose user information Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2019-6237: an anonymous researcher Foundation Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to gain elevated privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2019-7286: an anonymous researcher, Clement Lecigne of Google Threat Analysis Group, Ian Beer of Google Project Zero, and Samuel Groß of Google Project Zero GeoServices Available for: Apple TV 4K and Apple TV (4th generation) Impact: Clicking a malicious SMS link may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved validation. CVE-2019-8553: an anonymous researcher iAP Available for: Apple TV 4K and Apple TV (4th generation) Impact: A malicious application may be able to elevate privileges Description: A buffer overflow was addressed with improved bounds checking. CVE-2019-8542: an anonymous researcher IOHIDFamily Available for: Apple TV 4K and Apple TV (4th generation) Impact: A local user may be able to cause unexpected system termination or read kernel memory Description: A memory corruption issue was addressed with improved state management. CVE-2019-8545: Adam Donenfeld (@doadam) of the Zimperium zLabs Team Kernel Available for: Apple TV 4K and Apple TV (4th generation) Impact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory Description: A buffer overflow was addressed with improved size validation. CVE-2019-8527: Ned Williamson of Google and derrek (@derrekr6) Kernel Available for: Apple TV 4K and Apple TV (4th generation) Impact: A malicious application may be able to determine kernel memory layout Description: A memory initialization issue was addressed with improved memory handling. CVE-2019-8540: Weibo Wang (@ma1fan) of Qihoo 360 Nirvan Team Kernel Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to gain elevated privileges Description: A logic issue was addressed with improved state management. CVE-2019-8514: Samuel Groß of Google Project Zero Kernel Available for: Apple TV 4K and Apple TV (4th generation) Impact: A local user may be able to read kernel memory Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-7293: Ned Williamson of Google Kernel Available for: Apple TV 4K and Apple TV (4th generation) Impact: A malicious application may be able to determine kernel memory layout Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. CVE-2019-6207: Weibo Wang of Qihoo 360 Nirvan Team (@ma1fan) CVE-2019-8510: Stefan Esser of Antid0te UG Power Management Available for: Apple TV 4K and Apple TV (4th generation) Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple input validation issues existed in MIG generated code. CVE-2019-8549: Mohamed Ghannam (@_simo36) of SSD Secure Disclosure (ssd-disclosure.com) Siri Available for: Apple TV 4K and Apple TV (4th generation) Impact: A malicious application may be able to initiate a Dictation request without user authorization Description: An API issue existed in the handling of dictation requests. CVE-2019-8502: Luke Deshotels of North Carolina State University, Jordan Beichler of North Carolina State University, William Enck of North Carolina State University, Costin Carabaș of University POLITEHNICA of Bucharest, and Răzvan Deaconescu of University POLITEHNICA of Bucharest TrueTypeScaler Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing a maliciously crafted font may result in the disclosure of process memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2019-8517: riusksk of VulWar Corp working with Trend Micro Zero Day Initiative WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue was addressed with improved validation. CVE-2019-8535: Zhiyang Zeng (@Wester) of Tencent Blade Team WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. Geshev working with Trend Micro Zero Day Initiative CVE-2019-8558: Samuel Groß of Google Project Zero CVE-2019-8559: Apple CVE-2019-8563: Apple WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: A memory corruption issue was addressed with improved validation. CVE-2019-8562: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8515: James Lee (@Windowsrcer) WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2019-8506: Samuel Groß of Google Project Zero WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: A malicious website may be able to execute scripts in the context of another website Description: A logic issue was addressed with improved validation. CVE-2019-7292: Zhunki and Zhiyi Zhang of 360 ESG Codesafe Team XPC Available for: Apple TV 4K and Apple TV (4th generation) Impact: A malicious application may be able to overwrite arbitrary files Description: This issue was addressed with improved checks. CVE-2019-8530: CodeColorist of Ant-Financial LightYear Labs Additional recognition Kernel We would like to acknowledge Brandon Azad of Google Project Zero for their assistance. Safari We would like to acknowledge Nikhil Mittal (@c0d3G33k) of Payatu Labs (payatu.com) for their assistance. WebKit We would like to acknowledge Andrey Kovalev of Yandex Security Team for their assistance. Installation note: Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> System -> Software Update -> Update Software." To check the current version of software, select "Settings -> General -> About." Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlyZM7gpHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3EWyBAA nFUeN7oBBPCdezabzgIAh29Mk1K+tgNeH0BIkyyPuoqeYd5UQK9cwZJ7Ww9J7uqB nAH30awuCq8r8h3oLLOn8X9A/ORNxFKUZRF+8AbH00G0taATIFjseSwGwGz5/rG7 aPoi/Mh4ilWh8luQJVvPO7KTHTeJLSsiBOuvqUmDaJVxu1y10inVW3j1s8RtrOVt BR+PZq7/BQ9wsSPxRS2bTQp3BX3m3aleadnZ9HkeXVB/9O8c5TrG6HIgfBNYMJFY mGpQoCM1nCh8jaWmoO1gjP7B0W2DKPhE6jFmCtuRsmnOG3ROhGbXi6T6AOOI9EX3 233FgygUVZgs7t4dhz0UZ1EczQiQ4dL0YYL7J/LYMjaM31qul2cdJWTPb9ZFARFt PHeyU1uHcJ2j67kGt1qepETUfWNa4W/RD3wUmKJdKBED65xOuwv9ijnEcAhzwh4F q6UefOTf1PwszuzWpAi7rCyOWq3TqDF+r6som9j5q15fMPx+TakBA6/TKViWLRw1 ydoi3g2OkKpvgapzBdVAm9Rtcvr4B0uXtLUXL7heB6TP12UheSum817QQiLs4aqV 9syBL5XpFOJUdQPD0SMIzuhvaN2dugH2wc1BDeiv5H8nYvMx6oiebJN8CgJ3uo8Y iJBethq6bdDVq8EfYN6vHCjH7bTFtcaCVgXWq5KJYp8= =8uDf -----END PGP SIGNATURE-----= . ------------------------------------------------------------------------ WebKitGTK and WPE WebKit Security Advisory WSA-2019-0002 ------------------------------------------------------------------------ Date reported : April 10, 2019 Advisory ID : WSA-2019-0002 WebKitGTK Advisory URL : https://webkitgtk.org/security/WSA-2019-0002.html WPE WebKit Advisory URL : https://wpewebkit.org/security/WSA-2019-0002.html CVE identifiers : CVE-2019-6201, CVE-2019-6251, CVE-2019-7285, CVE-2019-7292, CVE-2019-8503, CVE-2019-8506, CVE-2019-8515, CVE-2019-8518, CVE-2019-8523, CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544, CVE-2019-8551, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563, CVE-2019-11070. Several vulnerabilities were discovered in WebKitGTK and WPE WebKit. CVE-2019-6201 Versions affected: WebKitGTK before 2.22.6 and WPE WebKit before 2.22.4. Credit to dwfault working with ADLab of Venustech. CVE-2019-6251 Versions affected: WebKitGTK and WPE WebKit before 2.24.1. Credit to Dhiraj. CVE-2019-7285 Versions affected: WebKitGTK before 2.22.6 and WPE WebKit before 2.22.4. Credit to dwfault working at ADLab of Venustech. CVE-2019-7292 Versions affected: WebKitGTK before 2.22.6 and WPE WebKit before 2.22.4. Credit to Zhunki and Zhiyi Zhang of 360 ESG Codesafe Team. CVE-2019-8503 Versions affected: WebKitGTK before 2.22.6 and WPE WebKit before 2.22.4. Credit to Linus S\xe4rud of Detectify. CVE-2019-8506 Versions affected: WebKitGTK and WPE WebKit before 2.24.0. Credit to Samuel Gro\xdf of Google Project Zero. CVE-2019-8515 Versions affected: WebKitGTK before 2.22.6 and WPE WebKit before 2.22.4. Credit to James Lee, @Windowsrcer. A cross-origin issue existed with the fetch API. CVE-2019-8518 Versions affected: WebKitGTK before 2.22.7 and WPE WebKit before 2.22.5. Credit to Samuel Gro\xdf of Google Project Zero. CVE-2019-8523 Versions affected: WebKitGTK before 2.22.7 and WPE WebKit before 2.22.5. Credit to Apple. CVE-2019-8524 Versions affected: WebKitGTK and WPE WebKit before 2.24.0. Credit to G. Geshev working with Trend Micro Zero Day Initiative. CVE-2019-8535 Versions affected: WebKitGTK and WPE WebKit before 2.24.0. Credit to Zhiyang Zeng, @Wester, of Tencent Blade Team. CVE-2019-8536 Versions affected: WebKitGTK and WPE WebKit before 2.24.0. Credit to Apple. CVE-2019-8544 Versions affected: WebKitGTK and WPE WebKit before 2.24.0. Credit to an anonymous researcher. CVE-2019-8551 Versions affected: WebKitGTK and WPE WebKit before 2.24.0. Credit to Ryan Pickren, ryanpickren.com. CVE-2019-8558 Versions affected: WebKitGTK and WPE WebKit before 2.24.0. Credit to Samuel Gro\xdf of Google Project Zero. CVE-2019-8559 Versions affected: WebKitGTK and WPE WebKit before 2.24.0. Credit to Apple. CVE-2019-8563 Versions affected: WebKitGTK and WPE WebKit before 2.24.0. Credit to Apple. CVE-2019-11070 Versions affected: WebKitGTK and WPE WebKit before 2.24.1. Credit to Igalia. We recommend updating to the latest stable versions of WebKitGTK and WPE WebKit. It is the best way to ensure that you are running safe versions of WebKit. Please check our websites for information about the latest stable releases. Further information about WebKitGTK and WPE WebKit security advisories can be found at: https://webkitgtk.org/security.html or https://wpewebkit.org/security/. The WebKitGTK and WPE WebKit team, April 10, 2019

Vulnerabilities are sorted by update time (recent to old).
ID	Description	Publish Date	Update Date
jvndb-2022-000053	Django Extract and Trunc functions vulnerable to SQL injection	2022-07-12T13:47+09:00	2024-06-18T11:57+09:00
jvndb-2022-000057	WordPress Plugin "Newsletter" vulnerable to cross-site scripting	2022-07-25T14:30+09:00	2024-06-18T11:21+09:00
jvndb-2022-000033	Strapi vulnerable to cross-site scripting	2022-05-13T16:45+09:00	2024-06-18T11:17+09:00
jvndb-2022-000043	SHIRASAGI vulnerable to cross-site scripting	2022-06-09T13:31+09:00	2024-06-18T11:13+09:00
jvndb-2022-000040	Mobaoku-Auction & Flea Market App for iOS vulnerable to improper server certificate verification	2022-05-27T15:48+09:00	2024-06-18T11:06+09:00
jvndb-2022-000044	Cisco Catalyst 2940 Series Switches vulnerable to cross-site scripting	2022-06-14T13:46+09:00	2024-06-18T10:51+09:00
jvndb-2022-000047	web2py vulnerable to open redirect	2022-06-23T14:21+09:00	2024-06-18T10:48+09:00
jvndb-2022-000048	L2Blocker Sensor setup screen vulnerable to authentication bypass	2022-06-24T14:21+09:00	2024-06-18T10:45+09:00
jvndb-2022-000041	WordPress Plugin "Modern Events Calendar Lite" vulnerable to cross-site scripting	2022-06-01T13:39+09:00	2024-06-18T10:42+09:00
jvndb-2022-000042	T&D Data Server and THERMO RECORDER DATA SERVER contain a directory traversal vulnerability.	2022-06-01T16:12+09:00	2024-06-18T10:34+09:00
jvndb-2022-000051	Multiple vulnerabilities in Cybozu Garoon	2022-07-04T14:17+09:00	2024-06-17T16:49+09:00
jvndb-2022-000035	Multiple vulnerabilities in Cybozu Garoon	2022-05-16T14:25+09:00	2024-06-17T16:34+09:00
jvndb-2024-003539	Multiple vulnerabilities in Toshiba Tec and Oki Electric Industry MFPs	2024-06-17T15:21+09:00	2024-06-17T15:21+09:00
jvndb-2022-000058	Multiple vulnerabilities in untangle	2022-07-25T14:18+09:00	2024-06-17T11:03+09:00
jvndb-2022-000049	HOME SPOT CUBE2 vulnerable to OS command injection	2022-06-29T13:42+09:00	2024-06-17T10:45+09:00
jvndb-2022-000050	LiteCart vulnerable to cross-site scripting	2022-07-04T14:12+09:00	2024-06-17T10:39+09:00
jvndb-2022-002017	U-Boot squashfs filesystem implementation vulnerable to heap-based buffer overflow	2022-07-14T15:59+09:00	2024-06-14T17:53+09:00
jvndb-2022-000052	Passage Drive vulnerable to insufficient data verification	2022-07-08T13:42+09:00	2024-06-14T17:48+09:00
jvndb-2022-000055	Booked vulnerable to open redirect	2022-07-22T13:40+09:00	2024-06-14T17:43+09:00
jvndb-2022-002265	Trend Micro Endpoint security products for enterprises vulnerable to Link Following Local Privilege Escalation	2022-08-18T15:45+09:00	2024-06-14T17:11+09:00
jvndb-2022-000056	Multiple vulnerabilities in Nintendo Wi-Fi Network Adaptor WAP-001	2022-07-29T13:43+09:00	2024-06-14T16:27+09:00
jvndb-2023-001215	Zuken Elmic KASAGO uses insufficient random values for TCP Initial Sequence Numbers	2023-02-13T14:18+09:00	2024-06-14T15:45+09:00
jvndb-2022-002112	CONTEC SolarView Compact vulnerable to insufficient verification in uploading files	2022-08-03T17:40+09:00	2024-06-14T15:21+09:00
jvndb-2022-000059	"Hulu" App for Android uses a hard-coded API key for an external service	2022-07-28T09:14+09:00	2024-06-14T14:42+09:00
jvndb-2022-002338	PLANEX MZK-DP150N contains hidden administrative functionality	2022-08-23T15:02+09:00	2024-06-14T14:06+09:00
jvndb-2022-000054	Multiple vulnerabilities in Cybozu Office	2022-07-20T17:28+09:00	2024-06-14T14:02+09:00
jvndb-2022-000060	"Hulu" App for iOS vulnerable to improper server certificate verification	2022-07-28T09:51+09:00	2024-06-14T12:25+09:00
jvndb-2022-000063	PukiWiki vulnerable to cross-site scripting	2022-08-23T14:40+09:00	2024-06-14T12:00+09:00
jvndb-2022-002339	Multiple vulnerabilities in PukiWiki	2022-08-24T14:17+09:00	2024-06-14T11:55+09:00
jvndb-2022-000065	Multiple vulnerabilities in Exment	2022-08-24T14:23+09:00	2024-06-14T11:09+09:00