|
var-201806-1482
|
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafted web site that leverages a race condition. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. WebKit is one of the web browser engine components. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201808-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebkitGTK+: Multiple vulnerabilities
Date: August 22, 2018
Bugs: #652820, #658168, #662974
ID: 201808-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in WebKitGTK+, the worst of
which may lead to arbitrary code execution.
Background
==========
WebKitGTK+ is a full-featured port of the WebKit rendering engine,
suitable for projects requiring any kind of web integration, from
hybrid HTML/CSS applications to full-fledged web browsers.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.20.4 >= 2.20.4
Description
===========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the referenced CVE identifiers for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All WebkitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.20.4"
References
==========
[ 1 ] CVE-2018-11646
https://nvd.nist.gov/vuln/detail/CVE-2018-11646
[ 2 ] CVE-2018-11712
https://nvd.nist.gov/vuln/detail/CVE-2018-11712
[ 3 ] CVE-2018-11713
https://nvd.nist.gov/vuln/detail/CVE-2018-11713
[ 4 ] CVE-2018-12293
https://nvd.nist.gov/vuln/detail/CVE-2018-12293
[ 5 ] CVE-2018-12294
https://nvd.nist.gov/vuln/detail/CVE-2018-12294
[ 6 ] CVE-2018-4101
https://nvd.nist.gov/vuln/detail/CVE-2018-4101
[ 7 ] CVE-2018-4113
https://nvd.nist.gov/vuln/detail/CVE-2018-4113
[ 8 ] CVE-2018-4114
https://nvd.nist.gov/vuln/detail/CVE-2018-4114
[ 9 ] CVE-2018-4117
https://nvd.nist.gov/vuln/detail/CVE-2018-4117
[ 10 ] CVE-2018-4118
https://nvd.nist.gov/vuln/detail/CVE-2018-4118
[ 11 ] CVE-2018-4119
https://nvd.nist.gov/vuln/detail/CVE-2018-4119
[ 12 ] CVE-2018-4120
https://nvd.nist.gov/vuln/detail/CVE-2018-4120
[ 13 ] CVE-2018-4121
https://nvd.nist.gov/vuln/detail/CVE-2018-4121
[ 14 ] CVE-2018-4122
https://nvd.nist.gov/vuln/detail/CVE-2018-4122
[ 15 ] CVE-2018-4125
https://nvd.nist.gov/vuln/detail/CVE-2018-4125
[ 16 ] CVE-2018-4127
https://nvd.nist.gov/vuln/detail/CVE-2018-4127
[ 17 ] CVE-2018-4128
https://nvd.nist.gov/vuln/detail/CVE-2018-4128
[ 18 ] CVE-2018-4129
https://nvd.nist.gov/vuln/detail/CVE-2018-4129
[ 19 ] CVE-2018-4133
https://nvd.nist.gov/vuln/detail/CVE-2018-4133
[ 20 ] CVE-2018-4146
https://nvd.nist.gov/vuln/detail/CVE-2018-4146
[ 21 ] CVE-2018-4162
https://nvd.nist.gov/vuln/detail/CVE-2018-4162
[ 22 ] CVE-2018-4163
https://nvd.nist.gov/vuln/detail/CVE-2018-4163
[ 23 ] CVE-2018-4165
https://nvd.nist.gov/vuln/detail/CVE-2018-4165
[ 24 ] CVE-2018-4190
https://nvd.nist.gov/vuln/detail/CVE-2018-4190
[ 25 ] CVE-2018-4192
https://nvd.nist.gov/vuln/detail/CVE-2018-4192
[ 26 ] CVE-2018-4199
https://nvd.nist.gov/vuln/detail/CVE-2018-4199
[ 27 ] CVE-2018-4200
https://nvd.nist.gov/vuln/detail/CVE-2018-4200
[ 28 ] CVE-2018-4201
https://nvd.nist.gov/vuln/detail/CVE-2018-4201
[ 29 ] CVE-2018-4204
https://nvd.nist.gov/vuln/detail/CVE-2018-4204
[ 30 ] CVE-2018-4214
https://nvd.nist.gov/vuln/detail/CVE-2018-4214
[ 31 ] CVE-2018-4218
https://nvd.nist.gov/vuln/detail/CVE-2018-4218
[ 32 ] CVE-2018-4222
https://nvd.nist.gov/vuln/detail/CVE-2018-4222
[ 33 ] CVE-2018-4232
https://nvd.nist.gov/vuln/detail/CVE-2018-4232
[ 34 ] CVE-2018-4233
https://nvd.nist.gov/vuln/detail/CVE-2018-4233
[ 35 ] CVE-2018-4261
https://nvd.nist.gov/vuln/detail/CVE-2018-4261
[ 36 ] CVE-2018-4262
https://nvd.nist.gov/vuln/detail/CVE-2018-4262
[ 37 ] CVE-2018-4263
https://nvd.nist.gov/vuln/detail/CVE-2018-4263
[ 38 ] CVE-2018-4264
https://nvd.nist.gov/vuln/detail/CVE-2018-4264
[ 39 ] CVE-2018-4265
https://nvd.nist.gov/vuln/detail/CVE-2018-4265
[ 40 ] CVE-2018-4266
https://nvd.nist.gov/vuln/detail/CVE-2018-4266
[ 41 ] CVE-2018-4267
https://nvd.nist.gov/vuln/detail/CVE-2018-4267
[ 42 ] CVE-2018-4270
https://nvd.nist.gov/vuln/detail/CVE-2018-4270
[ 43 ] CVE-2018-4272
https://nvd.nist.gov/vuln/detail/CVE-2018-4272
[ 44 ] CVE-2018-4273
https://nvd.nist.gov/vuln/detail/CVE-2018-4273
[ 45 ] CVE-2018-4278
https://nvd.nist.gov/vuln/detail/CVE-2018-4278
[ 46 ] CVE-2018-4284
https://nvd.nist.gov/vuln/detail/CVE-2018-4284
[ 47 ] WebKitGTK+ Security Advisory WSA-2018-0003
https://webkitgtk.org/security/WSA-2018-0003.html
[ 48 ] WebKitGTK+ Security Advisory WSA-2018-0004
https://webkitgtk.org/security/WSA-2018-0004.html
[ 49 ] WebKitGTK+ Security Advisory WSA-2018-0005
https://webkitgtk.org/security/WSA-2018-0005.html
[ 50 ] WebKitGTK+ Security Advisory WSA-2018-0006
https://webkitgtk.org/security/WSA-2018-0006.html
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201808-04
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2018 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2018-7-23-3 Additional information for
APPLE-SA-2018-06-01-4 iOS 11.4
iOS 11.4 addresses the following:
Bluetooth
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious application may be able to elevate privileges
Description: A buffer overflow was addressed with improved size
validation.
CVE-2018-4215: Abraham Masri (@cheesecakeufo)
Bluetooth
Available for: iPhone X, iPhone 8, iPhone 8 Plus,
iPad 6th generation, and iPad Air 2
Not impacted: HomePod
Impact: An attacker in a privileged network position may be able to
intercept Bluetooth traffic
Description: An input validation issue existed in Bluetooth.
CVE-2018-5383: Lior Neumann and Eli Biham
Entry added July 23, 2018
Contacts
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted vcf file may lead to a
denial of service
Description: A validation issue existed in the handling of phone
numbers.
CVE-2018-4100: Abraham Masri (@cheesecakeufo)
FontParser
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
validation.
CVE-2018-4211: Proteas of Qihoo 360 Nirvan Team
iBooks
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker in a privileged network position may be able to
spoof password prompts in iBooks
Description: An input validation issue was addressed with improved
input validation.
CVE-2018-4202: Jerry Decime
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A denial of service issue was addressed with improved
validation.
CVE-2018-4249: Kevin Backhouse of Semmle Ltd.
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A buffer overflow was addressed with improved bounds
checking.
CVE-2018-4241: Ian Beer of Google Project Zero
CVE-2018-4243: Ian Beer of Google Project Zero
libxpc
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: A logic issue was addressed with improved validation.
CVE-2018-4237: Samuel GroA (@5aelo) working with Trend Micro's Zero
Day Initiative
Magnifier
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A person with physical access to an iOS device may be able to
view the last image used in Magnifier from the lockscreen
Description: A permissions issue existed in Magnifier. This was
addressed with additional permission checks.
CVE-2018-4239: an anonymous researcher
Mail
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker may be able to exfiltrate the contents of
S/MIME-encrypted e-mail
Description: An issue existed in the handling of encrypted Mail.
CVE-2018-4227: Damian Poddebniak of MA1/4nster University of Applied
Sciences, Christian Dresen of MA1/4nster University of Applied Sciences,
Jens MA1/4ller of Ruhr University Bochum, Fabian Ising of MA1/4nster
University of Applied Sciences, Sebastian Schinzel of MA1/4nster
University of Applied Sciences, Simon Friedberger of KU Leuven, Juraj
Somorovsky of Ruhr University Bochum, JAPrg Schwenk of Ruhr University
Bochum
Messages
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local user may be able to conduct impersonation attacks
Description: An injection issue was addressed with improved input
validation.
CVE-2018-4235: Anurodh Pokharel of Salesforce.com
Messages
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted message may lead to a denial
of service
Description: This issue was addressed with improved message
validation.
CVE-2018-4240: Sriram (@Sri_Hxor) of PrimeFort Pvt. Ltd
CVE-2018-4250: Metehan YA+-lmaz of Sesim Sarpkaya
Safari
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious website may be able to cause a denial of service
Description: A denial of service issue was addressed with improved
validation.
CVE-2018-4247: FranASSois Renaud, Jesse Viviano of Verizon Enterprise
Solutions
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local user may be able to read a persistent account
identifier
Description: An authorization issue was addressed with improved state
management.
CVE-2018-4223: Abraham Masri (@cheesecakeufo)
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Users may be tracked by malicious websites using client
certificates
Description: An issue existed in the handling of S-MIME
certificaties.
CVE-2018-4221: Damian Poddebniak of MA1/4nster University of Applied
Sciences, Christian Dresen of MA1/4nster University of Applied Sciences,
Jens MA1/4ller of Ruhr University Bochum, Fabian Ising of MA1/4nster
University of Applied Sciences, Sebastian Schinzel of MA1/4nster
University of Applied Sciences, Simon Friedberger of KU Leuven, Juraj
Somorovsky of Ruhr University Bochum, JAPrg Schwenk of Ruhr University
Bochum
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local user may be able to read a persistent device
identifier
Description: An authorization issue was addressed with improved state
management.
CVE-2018-4224: Abraham Masri (@cheesecakeufo)
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local user may be able to modify the state of the Keychain
Description: An authorization issue was addressed with improved state
management.
CVE-2018-4225: Abraham Masri (@cheesecakeufo)
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local user may be able to view sensitive user information
Description: An authorization issue was addressed with improved state
management.
CVE-2018-4226: Abraham Masri (@cheesecakeufo)
Siri
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A person with physical access to an iOS device may be able to
enable Siri from the lock screen
Description: An issue existed with Siri permissions.
CVE-2018-4238: Baljinder Singh, Muhammad khizer javed, Onur Can
BIKMAZ (@CanBkmaz) of Mustafa Kemal University
Siri
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A person with physical access to an iOS device may be able to
use Siri to read notifications of content that is set not to be
displayed at the lock screen
Description: An issue existed with Siri permissions.
CVE-2018-4252: Hunter Byrnes, Martin Winkelmann (@Winkelmannnn)
Siri Contacts
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker with physical access to a device may be able to
see private contact information
Description: An issue existed with Siri permissions.
CVE-2018-4244: an anonymous researcher
UIKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted text file may lead to a
denial of service
Description: A validation issue existed in the handling of text.
CVE-2018-4198: Hunter Byrnes
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a malicious website may lead to address bar spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2018-4188: YoKo Kho (@YoKoAcc) of Mitra Integrasi Informatika, PT
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4201: an anonymous researcher
CVE-2018-4218: Natalie Silvanovich of Google Project Zero
CVE-2018-4233: Samuel GroA (@5aelo) working with Trend Micro's Zero
Day Initiative
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A buffer overflow issue was addressed with improved
memory handling.
CVE-2018-4199: Alex Plaskett, Georgi Geshev, Fabi Beterke, and Nils
of MWR Labs working with Trend Micro's Zero Day Initiative
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a maliciously crafted website may lead to cookies
being overwritten
Description: A permissions issue existed in the handling of web
browser cookies.
CVE-2018-4192: Markus Gaasedelen, Nick Burnett, and Patrick Biernat
of Ret2 Systems, Inc working with Trend Micro's Zero Day Initiative
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to an
unexpected Safari crash
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4204: found by OSS-Fuzz, Richard Zhu (fluorescence) working
with Trend Micro's Zero Day Initiative
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed with improved
memory handling.
CVE-2018-4246: found by OSS-Fuzz
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a maliciously crafted website may leak sensitive
data
Description: Credentials were unexpectedly sent when fetching CSS
mask images.
CVE-2018-4222: Natalie Silvanovich of Google Project Zero
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 11.4".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEfcwwPWJ3e0Ig26mf8ecVjteJiCYFAltUshMACgkQ8ecVjteJ
iCbspA//aVxu/EdiaNxNRmRDFB8LpqKa3xjJdfkK9cJRYZ+eBHJZjBfzj4BzABuG
Xow7FkEE7LSQpCeJ08Ggo6vVQUdR4+etQ2UfjQWGX6qIvLZUXK0lw2x5XdTP0q4m
WmNoZcdK3cmbVXGMWUZRUrYPTWwMnTMsPpPoDoptaQRseN+K/0kdwsQZtdqeN9sq
GN3Qp6AW6WR1gUAgDriIyzFXTxJ8NmKx2+4B5O2w0TbmzxGa/F5ZUjw4D/wwJJPA
/RXAwseJMghPfbi9tNcjUhbGFfcnr5JvyGfY2GESFc7odWt2XSpePHr6qaJzogBr
KeJKOVpgTdS4PO37+KDUfQDIElSnYQVTff8Tinxg/Zojafp0PxYkDYRxw7i16YKU
HsB7R0o5Yi5YD4uG5ioMj4RspQDWozzveVvvtah6/bWChQQwD3XHr6JRM6oJ106G
wNx2EHfRRXFQCY680RfE8hN/98IJRrCF6nIdO9zBbzGM/Ihzr02F0qSrdB5/PXSq
S6EwJi0M5ia/KMFSO7EY5qQ2aipyDC3WPkvQrHtpsqstMrktyJOYGbm/t39WmIBb
gC92rxvNFr5mO8Owypu1/tloGr15zIxPGR6OXA/DVxdRm2/UmW1tsqQfKgporJMD
de6uiZJb8p8X36KC7YmHLTApYL3CaZebJIIOmf8tKjQUxxbR9wE=
=nII0
-----END PGP SIGNATURE-----
. ------------------------------------------------------------------------
WebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0005
------------------------------------------------------------------------
Date reported : June 13, 2018
Advisory ID : WSA-2018-0005
WebKitGTK+ Advisory URL :
https://webkitgtk.org/security/WSA-2018-0005.html
WPE WebKit Advisory URL :
https://wpewebkit.org/security/WSA-2018-0005.html
CVE identifiers : CVE-2018-4190, CVE-2018-4192, CVE-2018-4199,
CVE-2018-4201, CVE-2018-4214, CVE-2018-4218,
CVE-2018-4222, CVE-2018-4232, CVE-2018-4233,
CVE-2018-11646, CVE-2018-11712,
CVE-2018-11713, CVE-2018-12293,
CVE-2018-12294.
Several vulnerabilities were discovered in WebKitGTK+ and WPE WebKit.
Credit to Jun Kokatsu (@shhnjk).
Impact: Visiting a maliciously crafted website may leak sensitive
data. Description: Credentials were unexpectedly sent when fetching
CSS mask images. This was addressed by using a CORS-enabled fetch
method.
Credit to Markus Gaasedelen, Nick Burnett, and Patrick Biernat of
Ret2 Systems, Inc working with Trend Micro's Zero Day Initiative. Description: A race condition was
addressed with improved locking.
Credit to Alex Plaskett, Georgi Geshev, Fabi Beterke, and Nils of
MWR Labs working with Trend Micro's Zero Day Initiative. Description: A buffer overflow issue was
addressed with improved memory handling.
Credit to an anonymous researcher. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to OSS-Fuzz.
Impact: Processing maliciously crafted web content may lead to an
unexpected application crash. Description: A memory corruption issue
was addressed with improved input validation.
Credit to Natalie Silvanovich of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Natalie Silvanovich of Google Project Zero. Description: An out-of-bounds read was
addressed with improved input validation.
Credit to Aymeric Chaib.
Impact: Visiting a maliciously crafted website may lead to cookies
being overwritten. Description: A permissions issue existed in the
handling of web browser cookies. This issue was addressed with
improved restrictions.
Credit to Samuel Gross (@5aelo) working with Trend Micro's Zero Day
Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Mishra Dhiraj.
Maliciously crafted web content could trigger an application crash
in WebKitFaviconDatabase, caused by mishandling unexpected input.
Credit to Metrological Group B.V.
The libsoup network backend of WebKit failed to perform TLS
certificate verification for WebSocket connections.
Credit to Dirkjan Ochtman.
The libsoup network backend of WebKit unexpectedly failed to use
system proxy settings for WebSocket connections. As a result, users
could be deanonymized by crafted web sites via a WebSocket
connection.
Credit to ADlab of Venustech.
Maliciously crafted web content could achieve a heap buffer overflow
in ImageBufferCairo by exploiting multiple integer overflow issues.
Credit to ADlab of Venustech.
Maliciously crafted web content could trigger a use-after-free of a
TextureMapperLayer object.
We recommend updating to the latest stable versions of WebKitGTK+ and
WPE WebKit. It is the best way to ensure that you are running a safe
version of WebKit. Please check our websites for information about the
latest stable releases.
Further information about WebKitGTK+ and WPE WebKit security advisories
can be found at https://webkitgtk.org/security.html or
https://wpewebkit.org/security/.
The WebKitGTK+ and WPE WebKit team,
June 13, 2018
.
Alternatively, on your watch, select "My Watch > General > About" |
|
var-202010-1295
|
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. This vulnerability allows remote attackers to disclose sensitive information code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the getAnimations method. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. Apple iPadOS is an operating system for iPad tablets. WebKit is one of the web browser engine components. A security vulnerability exists in the WebKit component of several Apple products. The following products and versions are affected: Apple iOS prior to 13.6; iPadOS prior to 13.6; tvOS prior to 13.4.8; watchOS prior to 6.2.8; Safari prior to 13.1.2; Windows-based iTunes prior to 12.10.8. Description:
Red Hat OpenShift Container Storage is software-defined storage integrated
with and optimized for the Red Hat OpenShift Container Platform. Red Hat
OpenShift Container Storage is a highly scalable, production-grade
persistent storage for stateful applications running in the Red Hat
OpenShift Container Platform. In addition to persistent storage, Red Hat
OpenShift Container Storage provisions a multicloud data management service
with an S3 compatible API.
These updated images include numerous security fixes, bug fixes, and
enhancements. Bugs fixed (https://bugzilla.redhat.com/):
1806266 - Require an extension to the cephfs subvolume commands, that can return metadata regarding a subvolume
1813506 - Dockerfile not compatible with docker and buildah
1817438 - OSDs not distributed uniformly across OCS nodes on a 9-node AWS IPI setup
1817850 - [BAREMETAL] rook-ceph-operator does not reconcile when osd deployment is deleted when performed node replacement
1827157 - OSD hitting default CPU limit on AWS i3en.2xlarge instances limiting performance
1829055 - [RFE] add insecureEdgeTerminationPolicy: Redirect to noobaa mgmt route (http to https)
1833153 - add a variable for sleep time of rook operator between checks of downed OSD+Node.
1836299 - NooBaa Operator deploys with HPA that fires maxreplicas alerts by default
1842254 - [NooBaa] Compression stats do not add up when compression id disabled
1845976 - OCS 4.5 Independent mode: must-gather commands fails to collect ceph command outputs from external cluster
1849771 - [RFE] Account created by OBC should have same permissions as bucket owner
1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash
1854500 - [tracker-rhcs bug 1838931] mgr/volumes: add command to return metadata of a subvolume snapshot
1854501 - [Tracker-rhcs bug 1848494 ]pybind/mgr/volumes: Add the ability to keep snapshots of subvolumes independent of the source subvolume
1854503 - [tracker-rhcs-bug 1848503] cephfs: Provide alternatives to increase the total cephfs subvolume snapshot counts to greater than the current 400 across a Cephfs volume
1856953 - CVE-2020-15586 golang: data race in certain net/http servers including ReverseProxy can lead to DoS
1858195 - [GSS] registry pod stuck in ContainerCreating due to pvc from cephfs storage class fail to mount
1859183 - PV expansion is failing in retry loop in pre-existing PV after upgrade to OCS 4.5 (i.e. if the PV spec does not contain expansion params)
1859229 - Rook should delete extra MON PVCs in case first reconcile takes too long and rook skips "b" and "c" (spawned from Bug 1840084#c14)
1859478 - OCS 4.6 : Upon deployment, CSI Pods in CLBO with error - flag provided but not defined: -metadatastorage
1860022 - OCS 4.6 Deployment: LBP CSV and pod should not be deployed since ob/obc CRDs are owned from OCS 4.5 onwards
1860034 - OCS 4.6 Deployment in ocs-ci : Toolbox pod in ContainerCreationError due to key admin-secret not found
1860670 - OCS 4.5 Uninstall External: Openshift-storage namespace in Terminating state as CephObjectStoreUser had finalizers remaining
1860848 - Add validation for rgw-pool-prefix in the ceph-external-cluster-details-exporter script
1861780 - [Tracker BZ1866386][IBM s390x] Mount Failed for CEPH while running couple of OCS test cases.
1865938 - CSIDrivers missing in OCS 4.6
1867024 - [ocs-operator] operator v4.6.0-519.ci is in Installing state
1867099 - CVE-2020-16845 golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs
1868060 - [External Cluster] Noobaa-default-backingstore PV in released state upon OCS 4.5 uninstall (Secret not found)
1868703 - [rbd] After volume expansion, the new size is not reflected on the pod
1869411 - capture full crash information from ceph
1870061 - [RHEL][IBM] OCS un-install should make the devices raw
1870338 - OCS 4.6 must-gather : ocs-must-gather-xxx-helper pod in ContainerCreationError (couldn't find key admin-secret)
1870631 - OCS 4.6 Deployment : RGW pods went into 'CrashLoopBackOff' state on Z Platform
1872119 - Updates don't work on StorageClass which will keep PV expansion disabled for upgraded cluster
1872696 - [ROKS][RFE]NooBaa Configure IBM COS as default backing store
1873864 - Noobaa: On an baremetal RHCOS cluster, some backingstores are stuck in PROGRESSING state with INVALID_ENDPOINT TemporaryError
1874606 - CVE-2020-7720 nodejs-node-forge: prototype pollution via the util.setPath function
1875476 - Change noobaa logo in the noobaa UI
1877339 - Incorrect use of logr
1877371 - NooBaa UI warning message on Deploy Kubernetes Pool process - typo and shown number is incorrect
1878153 - OCS 4.6 must-gather: collect node information under cluster_scoped_resources/oc_output directory
1878714 - [FIPS enabled] BadDigest error on file upload to noobaa bucket
1878853 - [External Mode] ceph-external-cluster-details-exporter.py does not tolerate TLS enabled RGW
1879008 - ocs-osd-removal job fails because it can't find admin-secret in rook-ceph-mon secret
1879072 - Deployment with encryption at rest is failing to bring up OSD pods
1879919 - [External] Upgrade mechanism from OCS 4.5 to OCS 4.6 needs to be fixed
1880255 - Collect rbd info and subvolume info and snapshot info command output
1881028 - CVE-2020-8237 nodejs-json-bigint: Prototype pollution via `__proto__` assignment could result in DoS
1881071 - [External] Upgrade mechanism from OCS 4.5 to OCS 4.6 needs to be fixed
1882397 - MCG decompression problem with snappy on s390x arch
1883253 - CSV doesn't contain values required for UI to enable minimal deployment and cluster encryption
1883398 - Update csi sidecar containers in rook
1883767 - Using placement strategies in cluster-service.yaml causes ocs-operator to crash
1883810 - [External mode] RGW metrics is not available after OCS upgrade from 4.5 to 4.6
1883927 - Deployment with encryption at rest is failing to bring up OSD pods
1885175 - Handle disappeared underlying device for encrypted OSD
1885428 - panic seen in rook-ceph during uninstall - "close of closed channel"
1885648 - [Tracker for https://bugzilla.redhat.com/show_bug.cgi?id=1885700] FSTYPE for localvolumeset devices shows up as ext2 after uninstall
1885971 - ocs-storagecluster-cephobjectstore doesn't report true state of RGW
1886308 - Default VolumeSnapshot Classes not created in External Mode
1886348 - osd removal job failed with status "Error"
1886551 - Clone creation failed after timeout of 5 hours of Azure platrom for 3 CephFS PVCs ( PVC sizes: 1, 25 and 100 GB)
1886709 - [External] RGW storageclass disappears after upgrade from OCS 4.5 to 4.6
1886859 - OCS 4.6: Uninstall stuck indefinitely if any Ceph pods are in Pending state before uninstall
1886873 - [OCS 4.6 External/Internal Uninstall] - Storage Cluster deletion stuck indefinitely, "failed to delete object store", remaining users: [noobaa-ceph-objectstore-user]
1888583 - [External] When deployment is attempted without specifying the monitoring-endpoint while generating JSON, the CSV is stuck in installing state
1888593 - [External] Add validation for monitoring-endpoint and port in the exporter script
1888614 - [External] Unreachable monitoring-endpoint used during deployment causes ocs-operator to crash
1889441 - Traceback error message while running OCS 4.6 must-gather
1889683 - [GSS] Noobaa Problem when setting public access to a bucket
1889866 - Post node power off/on, an unused MON PVC still stays back in the cluster
1890183 - [External] ocs-operator logs are filled with "failed to reconcile metrics exporter"
1890638 - must-gather helper pod should be deleted after collecting ceph crash info
1890971 - [External] RGW metrics are not available if anything else except 9283 is provided as the monitoring-endpoint-port
1891856 - ocs-metrics-exporter pod should have tolerations for OCS taint
1892206 - [GSS] Ceph image/version mismatch
1892234 - clone #95 creation failed for CephFS PVC ( 10 GB PVC size) during multiple clones creation test
1893624 - Must Gather is not collecting the tar file from NooBaa diagnose
1893691 - OCS4.6 must_gather failes to complete in 600sec
1893714 - Bad response for upload an object with encryption
1895402 - Mon pods didn't get upgraded in 720 second timeout from OCS 4.5 upgrade to 4.6
1896298 - [RFE] Monitoring for Namespace buckets and resources
1896831 - Clone#452 for RBD PVC ( PVC size 1 GB) failed to be created for 600 secs
1898521 - [CephFS] Deleting cephfsplugin pod along with app pods will make PV remain in Released state after deleting the PVC
1902627 - must-gather should wait for debug pods to be in ready state
1904171 - RGW Service is unavailable for a short period during upgrade to OCS 4.6
5. Solution:
Download the release images via:
quay.io/redhat/quay:v3.3.3
quay.io/redhat/clair-jwt:v3.3.3
quay.io/redhat/quay-builder:v3.3.3
quay.io/redhat/clair:v3.3.3
4. Bugs fixed (https://bugzilla.redhat.com/):
1905758 - CVE-2020-27831 quay: email notifications authorization bypass
1905784 - CVE-2020-27832 quay: persistent XSS in repository notification display
5. JIRA issues fixed (https://issues.jboss.org/):
PROJQUAY-1124 - NVD feed is broken for latest Clair v2 version
6. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202007-61
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebKitGTK+: Multiple vulnerabilities
Date: July 31, 2020
Bugs: #734584
ID: 202007-61
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
=======
Multiple vulnerabilities have been found in WebKitGTK+, the worst of
which could result in the arbitrary execution of code.
Background
=========
WebKitGTK+ is a full-featured port of the WebKit rendering engine,
suitable for projects requiring any kind of web integration, from
hybrid HTML/CSS applications to full-fledged web browsers.
Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.28.4 >= 2.28.4
Description
==========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the CVE identifiers referenced below for details.
Impact
=====
Please review the referenced CVE identifiers for details.
Workaround
=========
There is no known workaround at this time.
Resolution
=========
All WebKitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.28.4"
References
=========
[ 1 ] CVE-2020-9862
https://nvd.nist.gov/vuln/detail/CVE-2020-9862
[ 2 ] CVE-2020-9893
https://nvd.nist.gov/vuln/detail/CVE-2020-9893
[ 3 ] CVE-2020-9894
https://nvd.nist.gov/vuln/detail/CVE-2020-9894
[ 4 ] CVE-2020-9895
https://nvd.nist.gov/vuln/detail/CVE-2020-9895
[ 5 ] CVE-2020-9915
https://nvd.nist.gov/vuln/detail/CVE-2020-9915
[ 6 ] CVE-2020-9925
https://nvd.nist.gov/vuln/detail/CVE-2020-9925
Availability
===========
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202007-61
Concerns?
========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
======
Copyright 2020 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
.
The compliance-operator image updates are now available for OpenShift
Container Platform 4.6.
This advisory provides the following updates among others:
* Enhances profile parsing time.
* Fixes excessive resource consumption from the Operator.
* Fixes default content image.
* Fixes outdated remediation handling. Solution:
For OpenShift Container Platform 4.6 see the following documentation, which
will be updated shortly for this release, for important instructions on how
to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel
ease-notes.html
Details on how to access this content are available at
https://docs.openshift.com/container-platform/4.6/updating/updating-cluster
- -cli.html. Bugs fixed (https://bugzilla.redhat.com/):
1897635 - CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers
1918990 - ComplianceSuite scans use quay content image for initContainer
1919135 - [OCP v46] The autoApplyRemediation pauses the machineConfigPool if there is outdated complianceRemediation object present
1919846 - After remediation applied, the compliancecheckresults still reports Failed status for some rules
1920999 - Compliance operator is not displayed when disconnected mode is selected in the OpenShift Web-Console. Bugs fixed (https://bugzilla.redhat.com/):
1732329 - Virtual Machine is missing documentation of its properties in yaml editor
1783192 - Guest kernel panic when start RHEL6.10 guest with q35 machine type and virtio disk in cnv
1791753 - [RFE] [SSP] Template validator should check validations in template's parent template
1804533 - CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic
1848954 - KMP missing CA extensions in cabundle of mutatingwebhookconfiguration
1848956 - KMP requires downtime for CA stabilization during certificate rotation
1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash
1853911 - VM with dot in network name fails to start with unclear message
1854098 - NodeNetworkState on workers doesn't have "status" key due to nmstate-handler pod failure to run "nmstatectl show"
1856347 - SR-IOV : Missing network name for sriov during vm setup
1856953 - CVE-2020-15586 golang: data race in certain net/http servers including ReverseProxy can lead to DoS
1859235 - Common Templates - after upgrade there are 2 common templates per each os-workload-flavor combination
1860714 - No API information from `oc explain`
1860992 - CNV upgrade - users are not removed from privileged SecurityContextConstraints
1864577 - [v2v][RHV to CNV non migratable source VM fails to import to Ceph-rbd / File system due to overhead required for Filesystem
1866593 - CDI is not handling vm disk clone
1867099 - CVE-2020-16845 golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs
1868817 - Container-native Virtualization 2.6.0 Images
1873771 - Improve the VMCreationFailed error message caused by VM low memory
1874812 - SR-IOV: Guest Agent expose link-local ipv6 address for sometime and then remove it
1878499 - DV import doesn't recover from scratch space PVC deletion
1879108 - Inconsistent naming of "oc virt" command in help text
1881874 - openshift-cnv namespace is getting stuck if the user tries to delete it while CNV is running
1883232 - Webscale: kubevirt/CNV datavolume importer pod inability to disable sidecar injection if namespace has sidecar injection enabled but VM Template does NOT
1883371 - CVE-2020-26160 jwt-go: access restriction bypass vulnerability
1885153 - [v2v][RHV to CNv VM import] Wrong Network mapping do not show a relevant error message
1885418 - [openshift-cnv] issues with memory overhead calculation when limits are used
1887398 - [openshift-cnv][CNV] nodes need to exist and be labeled first, *before* the NodeNetworkConfigurationPolicy is applied
1889295 - [v2v][VMware to CNV VM import API] diskMappings: volumeMode Block is not passed on to PVC request.
1891285 - Common templates and kubevirt-config cm - update machine-type
1891440 - [v2v][VMware to CNV VM import API]Source VM with no network interface fail with unclear error
1892227 - [SSP] cluster scoped resources are not being reconciled
1893278 - openshift-virtualization-os-images namespace not seen by user
1893646 - [HCO] Pod placement configuration - dry run is not performed for all the configuration stanza
1894428 - Message for VMI not migratable is not clear enough
1894824 - [v2v][VM import] Pick the smallest template for the imported VM, and not always Medium
1894897 - [v2v][VMIO] VMimport CR is not reported as failed when target VM is deleted during the import
1895414 - Virt-operator is accepting updates to the placement of its workload components even with running VMs
1897635 - CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers
1898072 - Add Fedora33 to Fedora common templates
1898840 - [v2v] VM import VMWare to CNV Import 63 chars vm name should not fail
1899558 - CNV 2.6 - nmstate fails to set state
1901480 - VM disk io can't worked if namespace have label kubemacpool
1902046 - Not possible to edit CDIConfig (through CDI CR / CDIConfig)
1902111 - CVE-2020-27813 golang-github-gorilla-websocket: integer overflow leads to denial of service
1903014 - hco-webhook pod in CreateContainerError
1903585 - [v2v] Windows 2012 VM imported from RHV goes into Windows repair mode
1904797 - [VMIO][vmware] A migrated RHEL/Windows VM starts in emergency mode/safe mode when target storage is NFS and target namespace is NOT "default"
1906199 - [CNV-2.5] CNV Tries to Install on Windows Workers
1907151 - kubevirt version is not reported correctly via virtctl
1907352 - VM/VMI link changes to `kubevirt.io~v1~VirtualMachineInstance` on CNV 2.6
1907691 - [CNV] Configuring NodeNetworkConfigurationPolicy caused "Internal error occurred" for creating datavolume
1907988 - VM loses dynamic IP address of its default interface after migration
1908363 - Applying NodeNetworkConfigurationPolicy for different NIC than default disables br-ex bridge and nodes lose connectivity
1908421 - [v2v] [VM import RHV to CNV] Windows imported VM boot failed: INACCESSIBLE BOOT DEVICE error
1908883 - CVE-2020-29652 golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
1909458 - [V2V][VMware to CNV VM import via api using VMIO] VM import to Ceph RBD/BLOCK fails on "qemu-img: /data/disk.img" error
1910857 - Provide a mechanism to enable the HotplugVolumes feature gate via HCO
1911118 - Windows VMI LiveMigration / shutdown fails on 'XML error: non unique alias detected: ua-')
1911396 - Set networkInterfaceMultiqueue false in rhel 6 template for e1000e interface
1911662 - el6 guests don't work properly if virtio bus is specified on various devices
1912908 - Allow using "scsi" bus for disks in template validation
1913248 - Creating vlan interface on top of a bond device via NodeNetworkConfigurationPolicy fails
1913320 - Informative message needed with virtctl image-upload, that additional step is needed from the user
1913717 - Users should have read permitions for golden images data volumes
1913756 - Migrating to Ceph-RBD + Block fails when skipping zeroes
1914177 - CNV does not preallocate blank file data volumes
1914608 - Obsolete CPU models (kubevirt-cpu-plugin-configmap) are set on worker nodes
1914947 - HPP golden images - DV shoudld not be created with WaitForFirstConsumer
1917908 - [VMIO] vmimport pod fail to create when using ceph-rbd/block
1917963 - [CNV 2.6] Unable to install CNV disconnected - requires kvm-info-nfd-plugin which is not mirrored
1919391 - CVE-2021-20206 containernetworking-cni: Arbitrary path injection via type field in CNI configuration
1920576 - HCO can report ready=true when it failed to create a CR for a component operator
1920610 - e2e-aws-4.7-cnv consistently failing on Hyperconverged Cluster Operator
1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
1923979 - kubernetes-nmstate: nmstate-handler pod crashes when configuring bridge device using ip tool
1927373 - NoExecute taint violates pdb; VMIs are not live migrated
1931376 - VMs disconnected from nmstate-defined bridge after CNV-2.5.4->CNV-2.6.0 upgrade
5. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2020-07-15-1 iOS 13.6 and iPadOS 13.6
iOS 13.6 and iPadOS 13.6 are now available and address the following:
Audio
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2020-9888: JunDong Xie and XingWei Li of Ant-financial Light-Year
Security Lab
CVE-2020-9890: JunDong Xie and XingWei Li of Ant-financial Light-Year
Security Lab
CVE-2020-9891: JunDong Xie and XingWei Li of Ant-financial Light-Year
Security Lab
Audio
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2020-9889: JunDong Xie and XingWei Li of Ant-financial Light-Year
Security Lab
AVEVideoEncoder
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed by removing the
vulnerable code.
CVE-2020-9907: an anonymous researcher
Bluetooth
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A remote attacker may cause an unexpected application
termination
Description: A denial of service issue was addressed with improved
input validation.
CVE-2020-9931: Dennis Heinze (@ttdennis) of TU Darmstadt, Secure
Mobile Networking Lab
CoreFoundation
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A local user may be able to view sensitive user information
Description: An issue existed in the handling of environment
variables.
CVE-2020-9934: an anonymous researcher
Crash Reporter
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A malicious application may be able to break out of its
sandbox
Description: A memory corruption issue was addressed by removing the
vulnerable code.
CVE-2020-9865: Zhuo Liang of Qihoo 360 Vulcan Team working with 360
BugCloud
GeoServices
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A malicious application may be able to read sensitive
location information
Description: An authorization issue was addressed with improved state
management.
CVE-2020-9933: Min (Spark) Zheng and Xiaolong Bai of Alibaba Inc.
iAP
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An attacker in a privileged network position may be able to
execute arbitrary code
Description: An input validation issue existed in Bluetooth.
CVE-2020-9914: Andy Davis of NCC Group
ImageIO
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2020-9936: Mickey Jin of Trend Micro
Kernel
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A malicious application may be able to execute arbitrary code
with system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2020-9923: Proteas
Kernel
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An attacker in a privileged network position may be able to
inject into active connections within a VPN tunnel
Description: A routing issue was addressed with improved
restrictions.
CVE-2019-14899: William J. Tolley, Beau Kujath, and Jedidiah R.
Crandall
Kernel
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An attacker that has already achieved kernel code execution
may be able to bypass kernel memory mitigations
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2020-9909: Brandon Azad of Google Project Zero
Mail
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A remote attacker can cause a limited out-of-bounds write,
resulting in a denial of service
Description: An input validation issue was addressed.
CVE-2019-19906
Messages
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A user that is removed from an iMessage group could rejoin
the group
Description: An issue existed in the handling of iMessage tapbacks.
The issue was resolved with additional verification.
CVE-2020-9885: an anonymous researcher, Suryansh Mansharamani, of WWP
High School North (medium.com/@suryanshmansha)
Model I/O
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing a maliciously crafted USD file may lead to
unexpected application termination or arbitrary code execution
Description: A buffer overflow issue was addressed with improved
memory handling.
CVE-2020-9878: Holger Fuhrmannek of Deutsche Telekom Security
Safari Login AutoFill
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A malicious attacker may cause Safari to suggest a password
for the wrong domain
Description: A logic issue was addressed with improved restrictions.
CVE-2020-9903: Nikhil Mittal (@c0d3G33k) of Payatu Labs (payatu.com)
Safari Reader
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An issue in Safari Reader mode may allow a remote attacker to
bypass the Same Origin Policy
Description: A logic issue was addressed with improved restrictions.
CVE-2020-9911: Nikhil Mittal (@c0d3G33k) of Payatu Labs (payatu.com)
WebKit
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-9894: 0011 working with Trend Micro Zero Day Initiative
WebKit
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing maliciously crafted web content may prevent
Content Security Policy from being enforced
Description: An access issue existed in Content Security Policy.
CVE-2020-9915: an anonymous researcher
WebKit
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: A use after free issue was addressed with improved
memory management.
CVE-2020-9893: 0011 working with Trend Micro Zero Day Initiative
CVE-2020-9895: Wen Xu of SSLab, Georgia Tech
WebKit
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2020-9925: an anonymous researcher
WebKit
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A malicious attacker with arbitrary read and write capability
may be able to bypass Pointer Authentication
Description: Multiple issues were addressed with improved logic.
CVE-2020-9910: Samuel Groß of Google Project Zero
WebKit Page Loading
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A malicious attacker may be able to conceal the destination
of a URL
Description: A URL Unicode encoding issue was addressed with improved
state management.
CVE-2020-9916: Rakesh Mane (@RakeshMane10)
WebKit Web Inspector
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Copying a URL from Web Inspector may lead to command
injection
Description: A command injection issue existed in Web Inspector.
CVE-2020-9862: Ophir Lojkine (@lovasoa)
Wi-Fi
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A remote attacker may be able to cause unexpected system
termination or corrupt kernel memory
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-9918: Jianjun Dai of 360 Alpha Lab working with 360 BugCloud
(bugcloud.360.cn)
WiFi
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A remote attacker may be able to cause a denial of service
Description: This issue was addressed with improved checks.
CVE-2020-9917: an anonymous researcher, Pradeep Deokate of Harman
Additional recognition
Bluetooth
We would like to acknowledge Andy Davis of NCC Group for their
assistance.
Kernel
We would like to acknowledge Brandon Azad of Google Project Zero for
their assistance.
USB Audio
We would like to acknowledge Andy Davis of NCC Group for their
assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 13.6 and iPadOS 13.6".
-----BEGIN PGP SIGNATURE-----
iQIyBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl8POhUACgkQBz4uGe3y
0M3VAA/3ciev1rSP1w547PW3gsdGviEqUD6d5cNWfVKyIywIwqhXD24bNn471XPe
ufoLyxB/SlH9yKcHjuNYmeL+tu+4Gqx+YvaNTrKkBlh0DP7bB7y1vKVDbHjTsSbx
ecrPfDI3ZHXXux9+1fYZ47ISnJDakqVEI3bAw7JFtwL4DmQYdyk+xaUVTXTXksoV
YwXin1usgQUZp921ygUNzP5kMwwdmbwenMS+U5s270TlSFPLflB61iykZCEOt7n4
sQqpv1A1GQPigTAPZOevl/TyfUAzRxXhOjXoBw6GSHXmfrLdkT72cw+VuIxZ2rpG
5VGkORd8S0PNDPndLYUb3VxKa4GucbuFd/f4YY4xhJuyZj1ANidPmSn1QkviqCjz
47pvdvWIQpRAQZv4yhlCfcZPYYwkHOPLsmSYbUdfKZvMHx+GneJp4T6ofZ5E7pvQ
W354Asbg8fSFbx0jbmQpI0jJIgwLy8ydMVf1HsqToM/mSwTRQBjONNGQweHIdfXQ
Z1PJ4cmOTutRmGLgDHIikVkq8mIu+1EOWBkLAXoZrn7d9pbosHZG/5OT3rpXpQU2
FykbSj7EkVyEJ978rAaynixaiuNbaw39osKaP4H5LcFhzyM8tF3paiR0gXKhizTB
w57KB0YW0QrWBupRIdAd+yH2jt6iNviLfkq7fUAzZ3hb1iikVw==
=Tlxk
-----END PGP SIGNATURE-----
. To check for available updates, use the OpenShift Console
or the CLI oc command. Instructions for upgrading a cluster are available
at
https://docs.openshift.com/container-platform/4.7/updating/updating-cluster
- -between-minor.html#understanding-upgrade-channels_updating-cluster-between
- -minor. Bugs fixed (https://bugzilla.redhat.com/):
1823765 - nfd-workers crash under an ipv6 environment
1838802 - mysql8 connector from operatorhub does not work with metering operator
1838845 - Metering operator can't connect to postgres DB from Operator Hub
1841883 - namespace-persistentvolumeclaim-usage query returns unexpected values
1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash
1868294 - NFD operator does not allow customisation of nfd-worker.conf
1882310 - CVE-2020-24750 jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration
1890672 - NFD is missing a build flag to build correctly
1890741 - path to the CA trust bundle ConfigMap is broken in report operator
1897346 - NFD worker pods not scheduler on a 3 node master/worker cluster
1898373 - Metering operator failing upgrade from 4.4 to 4.6 channel
1900125 - FIPS error while generating RSA private key for CA
1906129 - OCP 4.7: Node Feature Discovery (NFD) Operator in CrashLoopBackOff when deployed from OperatorHub
1908492 - OCP 4.7: Node Feature Discovery (NFD) Operator Custom Resource Definition file in olm-catalog is not in sync with the one in manifests dir leading to failed deployment from OperatorHub
1913837 - The CI and ART 4.7 metering images are not mirrored
1914869 - OCP 4.7 NFD - Operand configuration options for NodeFeatureDiscovery are empty, no supported image for ppc64le
1916010 - olm skip range is set to the wrong range
1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
1923998 - NFD Operator is failing to update and remains in Replacing state
5. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: GNOME security, bug fix, and enhancement update
Advisory ID: RHSA-2020:4451-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:4451
Issue date: 2020-11-03
CVE Names: CVE-2019-8625 CVE-2019-8710 CVE-2019-8720
CVE-2019-8743 CVE-2019-8764 CVE-2019-8766
CVE-2019-8769 CVE-2019-8771 CVE-2019-8782
CVE-2019-8783 CVE-2019-8808 CVE-2019-8811
CVE-2019-8812 CVE-2019-8813 CVE-2019-8814
CVE-2019-8815 CVE-2019-8816 CVE-2019-8819
CVE-2019-8820 CVE-2019-8823 CVE-2019-8835
CVE-2019-8844 CVE-2019-8846 CVE-2020-3862
CVE-2020-3864 CVE-2020-3865 CVE-2020-3867
CVE-2020-3868 CVE-2020-3885 CVE-2020-3894
CVE-2020-3895 CVE-2020-3897 CVE-2020-3899
CVE-2020-3900 CVE-2020-3901 CVE-2020-3902
CVE-2020-9802 CVE-2020-9803 CVE-2020-9805
CVE-2020-9806 CVE-2020-9807 CVE-2020-9843
CVE-2020-9850 CVE-2020-9862 CVE-2020-9893
CVE-2020-9894 CVE-2020-9895 CVE-2020-9915
CVE-2020-9925 CVE-2020-10018 CVE-2020-11793
CVE-2020-14391 CVE-2020-15503
====================================================================
1. Summary:
An update for GNOME is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64
Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64
3. Description:
GNOME is the default desktop environment of Red Hat Enterprise Linux.
The following packages have been upgraded to a later upstream version:
gnome-remote-desktop (0.1.8), pipewire (0.3.6), vte291 (0.52.4),
webkit2gtk3 (2.28.4), xdg-desktop-portal (1.6.0), xdg-desktop-portal-gtk
(1.6.0). (BZ#1775345, BZ#1779691, BZ#1817143, BZ#1832347, BZ#1837406)
Security Fix(es):
* webkitgtk: Multiple security issues (CVE-2019-8625, CVE-2019-8710,
CVE-2019-8720, CVE-2019-8743, CVE-2019-8764, CVE-2019-8766, CVE-2019-8769,
CVE-2019-8771, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811,
CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816,
CVE-2019-8819, CVE-2019-8820, CVE-2019-8823, CVE-2019-8835, CVE-2019-8844,
CVE-2019-8846, CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867,
CVE-2020-3868, CVE-2020-3885, CVE-2020-3894, CVE-2020-3895, CVE-2020-3897,
CVE-2020-3899, CVE-2020-3900, CVE-2020-3901, CVE-2020-3902, CVE-2020-9802,
CVE-2020-9803, CVE-2020-9805, CVE-2020-9806, CVE-2020-9807, CVE-2020-9843,
CVE-2020-9850, CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895,
CVE-2020-9915, CVE-2020-9925, CVE-2020-10018, CVE-2020-11793)
* gnome-settings-daemon: Red Hat Customer Portal password logged and passed
as command line argument when user registers through GNOME control center
(CVE-2020-14391)
* LibRaw: lack of thumbnail size range check can lead to buffer overflow
(CVE-2020-15503)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.3 Release Notes linked from the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
GDM must be restarted for this update to take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1207179 - Select items matching non existing pattern does not unselect already selected
1566027 - can't correctly compute contents size if hidden files are included
1569868 - Browsing samba shares using gvfs is very slow
1652178 - [RFE] perf-tool run on wayland
1656262 - The terminal's character display is unclear on rhel8 guest after installing gnome
1668895 - [RHEL8] Timedlogin Fails when Userlist is Disabled
1692536 - login screen shows after gnome-initial-setup
1706008 - Sound Effect sometimes fails to change to selected option.
1706076 - Automatic suspend for 90 minutes is set for 80 minutes instead.
1715845 - JS ERROR: TypeError: this._workspacesViews[i] is undefined
1719937 - GNOME Extension: Auto-Move-Windows Not Working Properly
1758891 - tracker-devel subpackage missing from el8 repos
1775345 - Rebase xdg-desktop-portal to 1.6
1778579 - Nautilus does not respect umask settings.
1779691 - Rebase xdg-desktop-portal-gtk to 1.6
1794045 - There are two different high contrast versions of desktop icons
1804719 - Update vte291 to 0.52.4
1805929 - RHEL 8.1 gnome-shell-extension errors
1811721 - CVE-2020-10018 webkitgtk: Use-after-free issue in accessibility/AXObjectCache.cpp
1814820 - No checkbox to install updates in the shutdown dialog
1816070 - "search for an application to open this file" dialog broken
1816678 - CVE-2019-8846 webkitgtk: Use after free issue may lead to remote code execution
1816684 - CVE-2019-8835 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
1816686 - CVE-2019-8844 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
1817143 - Rebase WebKitGTK to 2.28
1820759 - Include IO stall fixes
1820760 - Include IO fixes
1824362 - [BZ] Setting in gnome-tweak-tool Window List will reset upon opening
1827030 - gnome-settings-daemon: subscription notification on CentOS Stream
1829369 - CVE-2020-11793 webkitgtk: use-after-free via crafted web content
1832347 - [Rebase] Rebase pipewire to 0.3.x
1833158 - gdm-related dconf folders and keyfiles are not found in fresh 8.2 install
1837381 - Backport screen cast improvements to 8.3
1837406 - Rebase gnome-remote-desktop to PipeWire 0.3 version
1837413 - Backport changes needed by xdg-desktop-portal-gtk-1.6
1837648 - Vendor.conf should point to https://access.redhat.com/site/solutions/537113
1840080 - Can not control top bar menus via keys in Wayland
1840788 - [flatpak][rhel8] unable to build potrace as dependency
1843486 - Software crash after clicking Updates tab
1844578 - anaconda very rarely crashes at startup with a pygobject traceback
1846191 - usb adapters hotplug crashes gnome-shell
1847051 - JS ERROR: TypeError: area is null
1847061 - File search doesn't work under certain locales
1847062 - gnome-remote-desktop crash on QXL graphics
1847203 - gnome-shell: get_top_visible_window_actor(): gnome-shell killed by SIGSEGV
1853477 - CVE-2020-15503 LibRaw: lack of thumbnail size range check can lead to buffer overflow
1854734 - PipeWire 0.2 should be required by xdg-desktop-portal
1866332 - Remove obsolete libusb-devel dependency
1868260 - [Hyper-V][RHEL8] VM starts GUI failed on Hyper-V 2019/2016, hangs at "Started GNOME Display Manager" - GDM regression issue.
1872270 - WebKit renderer hangs on Cockpit
1873093 - CVE-2020-14391 gnome-settings-daemon: Red Hat Customer Portal password logged and passed as command line argument when user registers through GNOME control center
1873963 - Failed to start session: org.gnome.Mutter.ScreenCast API version 2 lower than minimum supported version 3
1876462 - CVE-2020-3885 webkitgtk: Incorrect processing of file URLs
1876463 - CVE-2020-3894 webkitgtk: Race condition allows reading of restricted memory
1876465 - CVE-2020-3895 webkitgtk: Memory corruption triggered by a malicious web content
1876468 - CVE-2020-3897 webkitgtk: Type confusion leading to arbitrary code execution
1876470 - CVE-2020-3899 webkitgtk: Memory consumption issue leading to arbitrary code execution
1876472 - CVE-2020-3900 webkitgtk: Memory corruption triggered by a malicious web content
1876473 - CVE-2020-3901 webkitgtk: Type confusion leading to arbitrary code execution
1876476 - CVE-2020-3902 webkitgtk: Input validation issue leading to cross-site script attack
1876516 - CVE-2020-3862 webkitgtk: Denial of service via incorrect memory handling
1876518 - CVE-2020-3864 webkitgtk: Non-unique security origin for DOM object contexts
1876521 - CVE-2020-3865 webkitgtk: Incorrect security check for a top-level DOM object context
1876522 - CVE-2020-3867 webkitgtk: Incorrect state management leading to universal cross-site scripting
1876523 - CVE-2020-3868 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876536 - CVE-2019-8710 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876537 - CVE-2019-8743 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876540 - CVE-2019-8764 webkitgtk: Incorrect state management leading to universal cross-site scripting
1876543 - CVE-2019-8766 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876545 - CVE-2019-8782 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876548 - CVE-2019-8783 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876549 - CVE-2019-8808 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876550 - CVE-2019-8811 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876552 - CVE-2019-8812 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876553 - CVE-2019-8813 webkitgtk: Incorrect state management leading to universal cross-site scripting
1876554 - CVE-2019-8814 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876555 - CVE-2019-8815 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876556 - CVE-2019-8816 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876590 - CVE-2019-8819 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876591 - CVE-2019-8820 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876594 - CVE-2019-8823 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876607 - CVE-2019-8625 webkitgtk: Incorrect state management leading to universal cross-site scripting
1876611 - CVE-2019-8720 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876617 - CVE-2019-8769 webkitgtk: Websites could reveal browsing history
1876619 - CVE-2019-8771 webkitgtk: Violation of iframe sandboxing policy
1877853 - File descriptors are being left behind on logout of RHEL 8 session
1879532 - CVE-2020-9862 webkitgtk: Command injection in web inspector
1879535 - CVE-2020-9893 webkitgtk: Use-after-free may lead to application termination or arbitrary code execution
1879536 - CVE-2020-9894 webkitgtk: Out-of-bounds read may lead to unexpected application termination or arbitrary code execution
1879538 - CVE-2020-9895 webkitgtk: Use-after-free may lead to application termination or arbitrary code execution
1879540 - CVE-2020-9915 webkitgtk: Access issue in content security policy
1879541 - CVE-2020-9925 webkitgtk: A logic issue may lead to cross site scripting
1879545 - CVE-2020-9802 webkitgtk: Logic issue may lead to arbitrary code execution
1879557 - CVE-2020-9803 webkitgtk: Memory corruption may lead to arbitrary code execution
1879559 - CVE-2020-9805 webkitgtk: Logic issue may lead to cross site scripting
1879563 - CVE-2020-9806 webkitgtk: Memory corruption may lead to arbitrary code execution
1879564 - CVE-2020-9807 webkitgtk: Memory corruption may lead to arbitrary code execution
1879566 - CVE-2020-9843 webkitgtk: Input validation issue may lead to cross site scripting
1879568 - CVE-2020-9850 webkitgtk: Logic issue may lead to arbitrary code execution
1880339 - Right GLX stereo texture is potentially leaked for each closed window
6. Package List:
Red Hat Enterprise Linux AppStream (v. 8):
Source:
LibRaw-0.19.5-2.el8.src.rpm
PackageKit-1.1.12-6.el8.src.rpm
dleyna-renderer-0.6.0-3.el8.src.rpm
frei0r-plugins-1.6.1-7.el8.src.rpm
gdm-3.28.3-34.el8.src.rpm
gnome-control-center-3.28.2-22.el8.src.rpm
gnome-photos-3.28.1-3.el8.src.rpm
gnome-remote-desktop-0.1.8-3.el8.src.rpm
gnome-session-3.28.1-10.el8.src.rpm
gnome-settings-daemon-3.32.0-11.el8.src.rpm
gnome-shell-3.32.2-20.el8.src.rpm
gnome-shell-extensions-3.32.1-11.el8.src.rpm
gnome-terminal-3.28.3-2.el8.src.rpm
gtk3-3.22.30-6.el8.src.rpm
gvfs-1.36.2-10.el8.src.rpm
mutter-3.32.2-48.el8.src.rpm
nautilus-3.28.1-14.el8.src.rpm
pipewire-0.3.6-1.el8.src.rpm
pipewire0.2-0.2.7-6.el8.src.rpm
potrace-1.15-3.el8.src.rpm
tracker-2.1.5-2.el8.src.rpm
vte291-0.52.4-2.el8.src.rpm
webkit2gtk3-2.28.4-1.el8.src.rpm
webrtc-audio-processing-0.3-9.el8.src.rpm
xdg-desktop-portal-1.6.0-2.el8.src.rpm
xdg-desktop-portal-gtk-1.6.0-1.el8.src.rpm
aarch64:
PackageKit-1.1.12-6.el8.aarch64.rpm
PackageKit-command-not-found-1.1.12-6.el8.aarch64.rpm
PackageKit-command-not-found-debuginfo-1.1.12-6.el8.aarch64.rpm
PackageKit-cron-1.1.12-6.el8.aarch64.rpm
PackageKit-debuginfo-1.1.12-6.el8.aarch64.rpm
PackageKit-debugsource-1.1.12-6.el8.aarch64.rpm
PackageKit-glib-1.1.12-6.el8.aarch64.rpm
PackageKit-glib-debuginfo-1.1.12-6.el8.aarch64.rpm
PackageKit-gstreamer-plugin-1.1.12-6.el8.aarch64.rpm
PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.aarch64.rpm
PackageKit-gtk3-module-1.1.12-6.el8.aarch64.rpm
PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.aarch64.rpm
frei0r-plugins-1.6.1-7.el8.aarch64.rpm
frei0r-plugins-debuginfo-1.6.1-7.el8.aarch64.rpm
frei0r-plugins-debugsource-1.6.1-7.el8.aarch64.rpm
frei0r-plugins-opencv-1.6.1-7.el8.aarch64.rpm
frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.aarch64.rpm
gdm-3.28.3-34.el8.aarch64.rpm
gdm-debuginfo-3.28.3-34.el8.aarch64.rpm
gdm-debugsource-3.28.3-34.el8.aarch64.rpm
gnome-control-center-3.28.2-22.el8.aarch64.rpm
gnome-control-center-debuginfo-3.28.2-22.el8.aarch64.rpm
gnome-control-center-debugsource-3.28.2-22.el8.aarch64.rpm
gnome-remote-desktop-0.1.8-3.el8.aarch64.rpm
gnome-remote-desktop-debuginfo-0.1.8-3.el8.aarch64.rpm
gnome-remote-desktop-debugsource-0.1.8-3.el8.aarch64.rpm
gnome-session-3.28.1-10.el8.aarch64.rpm
gnome-session-debuginfo-3.28.1-10.el8.aarch64.rpm
gnome-session-debugsource-3.28.1-10.el8.aarch64.rpm
gnome-session-wayland-session-3.28.1-10.el8.aarch64.rpm
gnome-session-xsession-3.28.1-10.el8.aarch64.rpm
gnome-settings-daemon-3.32.0-11.el8.aarch64.rpm
gnome-settings-daemon-debuginfo-3.32.0-11.el8.aarch64.rpm
gnome-settings-daemon-debugsource-3.32.0-11.el8.aarch64.rpm
gnome-shell-3.32.2-20.el8.aarch64.rpm
gnome-shell-debuginfo-3.32.2-20.el8.aarch64.rpm
gnome-shell-debugsource-3.32.2-20.el8.aarch64.rpm
gnome-terminal-3.28.3-2.el8.aarch64.rpm
gnome-terminal-debuginfo-3.28.3-2.el8.aarch64.rpm
gnome-terminal-debugsource-3.28.3-2.el8.aarch64.rpm
gnome-terminal-nautilus-3.28.3-2.el8.aarch64.rpm
gnome-terminal-nautilus-debuginfo-3.28.3-2.el8.aarch64.rpm
gsettings-desktop-schemas-devel-3.32.0-5.el8.aarch64.rpm
gtk-update-icon-cache-3.22.30-6.el8.aarch64.rpm
gtk-update-icon-cache-debuginfo-3.22.30-6.el8.aarch64.rpm
gtk3-3.22.30-6.el8.aarch64.rpm
gtk3-debuginfo-3.22.30-6.el8.aarch64.rpm
gtk3-debugsource-3.22.30-6.el8.aarch64.rpm
gtk3-devel-3.22.30-6.el8.aarch64.rpm
gtk3-devel-debuginfo-3.22.30-6.el8.aarch64.rpm
gtk3-immodule-xim-3.22.30-6.el8.aarch64.rpm
gtk3-immodule-xim-debuginfo-3.22.30-6.el8.aarch64.rpm
gtk3-immodules-debuginfo-3.22.30-6.el8.aarch64.rpm
gtk3-tests-debuginfo-3.22.30-6.el8.aarch64.rpm
gvfs-1.36.2-10.el8.aarch64.rpm
gvfs-afc-1.36.2-10.el8.aarch64.rpm
gvfs-afc-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-afp-1.36.2-10.el8.aarch64.rpm
gvfs-afp-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-archive-1.36.2-10.el8.aarch64.rpm
gvfs-archive-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-client-1.36.2-10.el8.aarch64.rpm
gvfs-client-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-debugsource-1.36.2-10.el8.aarch64.rpm
gvfs-devel-1.36.2-10.el8.aarch64.rpm
gvfs-fuse-1.36.2-10.el8.aarch64.rpm
gvfs-fuse-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-goa-1.36.2-10.el8.aarch64.rpm
gvfs-goa-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-gphoto2-1.36.2-10.el8.aarch64.rpm
gvfs-gphoto2-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-mtp-1.36.2-10.el8.aarch64.rpm
gvfs-mtp-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-smb-1.36.2-10.el8.aarch64.rpm
gvfs-smb-debuginfo-1.36.2-10.el8.aarch64.rpm
libsoup-debuginfo-2.62.3-2.el8.aarch64.rpm
libsoup-debugsource-2.62.3-2.el8.aarch64.rpm
libsoup-devel-2.62.3-2.el8.aarch64.rpm
mutter-3.32.2-48.el8.aarch64.rpm
mutter-debuginfo-3.32.2-48.el8.aarch64.rpm
mutter-debugsource-3.32.2-48.el8.aarch64.rpm
mutter-tests-debuginfo-3.32.2-48.el8.aarch64.rpm
nautilus-3.28.1-14.el8.aarch64.rpm
nautilus-debuginfo-3.28.1-14.el8.aarch64.rpm
nautilus-debugsource-3.28.1-14.el8.aarch64.rpm
nautilus-extensions-3.28.1-14.el8.aarch64.rpm
nautilus-extensions-debuginfo-3.28.1-14.el8.aarch64.rpm
pipewire-0.3.6-1.el8.aarch64.rpm
pipewire-alsa-debuginfo-0.3.6-1.el8.aarch64.rpm
pipewire-debuginfo-0.3.6-1.el8.aarch64.rpm
pipewire-debugsource-0.3.6-1.el8.aarch64.rpm
pipewire-devel-0.3.6-1.el8.aarch64.rpm
pipewire-doc-0.3.6-1.el8.aarch64.rpm
pipewire-gstreamer-debuginfo-0.3.6-1.el8.aarch64.rpm
pipewire-libs-0.3.6-1.el8.aarch64.rpm
pipewire-libs-debuginfo-0.3.6-1.el8.aarch64.rpm
pipewire-utils-0.3.6-1.el8.aarch64.rpm
pipewire-utils-debuginfo-0.3.6-1.el8.aarch64.rpm
pipewire0.2-debugsource-0.2.7-6.el8.aarch64.rpm
pipewire0.2-devel-0.2.7-6.el8.aarch64.rpm
pipewire0.2-libs-0.2.7-6.el8.aarch64.rpm
pipewire0.2-libs-debuginfo-0.2.7-6.el8.aarch64.rpm
potrace-1.15-3.el8.aarch64.rpm
potrace-debuginfo-1.15-3.el8.aarch64.rpm
potrace-debugsource-1.15-3.el8.aarch64.rpm
pygobject3-debuginfo-3.28.3-2.el8.aarch64.rpm
pygobject3-debugsource-3.28.3-2.el8.aarch64.rpm
python3-gobject-3.28.3-2.el8.aarch64.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.aarch64.rpm
python3-gobject-debuginfo-3.28.3-2.el8.aarch64.rpm
tracker-2.1.5-2.el8.aarch64.rpm
tracker-debuginfo-2.1.5-2.el8.aarch64.rpm
tracker-debugsource-2.1.5-2.el8.aarch64.rpm
vte-profile-0.52.4-2.el8.aarch64.rpm
vte291-0.52.4-2.el8.aarch64.rpm
vte291-debuginfo-0.52.4-2.el8.aarch64.rpm
vte291-debugsource-0.52.4-2.el8.aarch64.rpm
vte291-devel-debuginfo-0.52.4-2.el8.aarch64.rpm
webkit2gtk3-2.28.4-1.el8.aarch64.rpm
webkit2gtk3-debuginfo-2.28.4-1.el8.aarch64.rpm
webkit2gtk3-debugsource-2.28.4-1.el8.aarch64.rpm
webkit2gtk3-devel-2.28.4-1.el8.aarch64.rpm
webkit2gtk3-devel-debuginfo-2.28.4-1.el8.aarch64.rpm
webkit2gtk3-jsc-2.28.4-1.el8.aarch64.rpm
webkit2gtk3-jsc-debuginfo-2.28.4-1.el8.aarch64.rpm
webkit2gtk3-jsc-devel-2.28.4-1.el8.aarch64.rpm
webkit2gtk3-jsc-devel-debuginfo-2.28.4-1.el8.aarch64.rpm
webrtc-audio-processing-0.3-9.el8.aarch64.rpm
webrtc-audio-processing-debuginfo-0.3-9.el8.aarch64.rpm
webrtc-audio-processing-debugsource-0.3-9.el8.aarch64.rpm
xdg-desktop-portal-1.6.0-2.el8.aarch64.rpm
xdg-desktop-portal-debuginfo-1.6.0-2.el8.aarch64.rpm
xdg-desktop-portal-debugsource-1.6.0-2.el8.aarch64.rpm
xdg-desktop-portal-gtk-1.6.0-1.el8.aarch64.rpm
xdg-desktop-portal-gtk-debuginfo-1.6.0-1.el8.aarch64.rpm
xdg-desktop-portal-gtk-debugsource-1.6.0-1.el8.aarch64.rpm
noarch:
gnome-classic-session-3.32.1-11.el8.noarch.rpm
gnome-control-center-filesystem-3.28.2-22.el8.noarch.rpm
gnome-shell-extension-apps-menu-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-auto-move-windows-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-common-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-dash-to-dock-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-desktop-icons-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-disable-screenshield-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-drive-menu-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-horizontal-workspaces-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-launch-new-instance-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-native-window-placement-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-no-hot-corner-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-panel-favorites-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-places-menu-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-screenshot-window-sizer-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-systemMonitor-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-top-icons-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-updates-dialog-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-user-theme-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-window-grouper-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-window-list-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-windowsNavigator-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-workspace-indicator-3.32.1-11.el8.noarch.rpm
ppc64le:
LibRaw-0.19.5-2.el8.ppc64le.rpm
LibRaw-debuginfo-0.19.5-2.el8.ppc64le.rpm
LibRaw-debugsource-0.19.5-2.el8.ppc64le.rpm
LibRaw-samples-debuginfo-0.19.5-2.el8.ppc64le.rpm
PackageKit-1.1.12-6.el8.ppc64le.rpm
PackageKit-command-not-found-1.1.12-6.el8.ppc64le.rpm
PackageKit-command-not-found-debuginfo-1.1.12-6.el8.ppc64le.rpm
PackageKit-cron-1.1.12-6.el8.ppc64le.rpm
PackageKit-debuginfo-1.1.12-6.el8.ppc64le.rpm
PackageKit-debugsource-1.1.12-6.el8.ppc64le.rpm
PackageKit-glib-1.1.12-6.el8.ppc64le.rpm
PackageKit-glib-debuginfo-1.1.12-6.el8.ppc64le.rpm
PackageKit-gstreamer-plugin-1.1.12-6.el8.ppc64le.rpm
PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.ppc64le.rpm
PackageKit-gtk3-module-1.1.12-6.el8.ppc64le.rpm
PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.ppc64le.rpm
dleyna-renderer-0.6.0-3.el8.ppc64le.rpm
dleyna-renderer-debuginfo-0.6.0-3.el8.ppc64le.rpm
dleyna-renderer-debugsource-0.6.0-3.el8.ppc64le.rpm
frei0r-plugins-1.6.1-7.el8.ppc64le.rpm
frei0r-plugins-debuginfo-1.6.1-7.el8.ppc64le.rpm
frei0r-plugins-debugsource-1.6.1-7.el8.ppc64le.rpm
frei0r-plugins-opencv-1.6.1-7.el8.ppc64le.rpm
frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.ppc64le.rpm
gdm-3.28.3-34.el8.ppc64le.rpm
gdm-debuginfo-3.28.3-34.el8.ppc64le.rpm
gdm-debugsource-3.28.3-34.el8.ppc64le.rpm
gnome-control-center-3.28.2-22.el8.ppc64le.rpm
gnome-control-center-debuginfo-3.28.2-22.el8.ppc64le.rpm
gnome-control-center-debugsource-3.28.2-22.el8.ppc64le.rpm
gnome-photos-3.28.1-3.el8.ppc64le.rpm
gnome-photos-debuginfo-3.28.1-3.el8.ppc64le.rpm
gnome-photos-debugsource-3.28.1-3.el8.ppc64le.rpm
gnome-photos-tests-3.28.1-3.el8.ppc64le.rpm
gnome-remote-desktop-0.1.8-3.el8.ppc64le.rpm
gnome-remote-desktop-debuginfo-0.1.8-3.el8.ppc64le.rpm
gnome-remote-desktop-debugsource-0.1.8-3.el8.ppc64le.rpm
gnome-session-3.28.1-10.el8.ppc64le.rpm
gnome-session-debuginfo-3.28.1-10.el8.ppc64le.rpm
gnome-session-debugsource-3.28.1-10.el8.ppc64le.rpm
gnome-session-wayland-session-3.28.1-10.el8.ppc64le.rpm
gnome-session-xsession-3.28.1-10.el8.ppc64le.rpm
gnome-settings-daemon-3.32.0-11.el8.ppc64le.rpm
gnome-settings-daemon-debuginfo-3.32.0-11.el8.ppc64le.rpm
gnome-settings-daemon-debugsource-3.32.0-11.el8.ppc64le.rpm
gnome-shell-3.32.2-20.el8.ppc64le.rpm
gnome-shell-debuginfo-3.32.2-20.el8.ppc64le.rpm
gnome-shell-debugsource-3.32.2-20.el8.ppc64le.rpm
gnome-terminal-3.28.3-2.el8.ppc64le.rpm
gnome-terminal-debuginfo-3.28.3-2.el8.ppc64le.rpm
gnome-terminal-debugsource-3.28.3-2.el8.ppc64le.rpm
gnome-terminal-nautilus-3.28.3-2.el8.ppc64le.rpm
gnome-terminal-nautilus-debuginfo-3.28.3-2.el8.ppc64le.rpm
gsettings-desktop-schemas-devel-3.32.0-5.el8.ppc64le.rpm
gtk-update-icon-cache-3.22.30-6.el8.ppc64le.rpm
gtk-update-icon-cache-debuginfo-3.22.30-6.el8.ppc64le.rpm
gtk3-3.22.30-6.el8.ppc64le.rpm
gtk3-debuginfo-3.22.30-6.el8.ppc64le.rpm
gtk3-debugsource-3.22.30-6.el8.ppc64le.rpm
gtk3-devel-3.22.30-6.el8.ppc64le.rpm
gtk3-devel-debuginfo-3.22.30-6.el8.ppc64le.rpm
gtk3-immodule-xim-3.22.30-6.el8.ppc64le.rpm
gtk3-immodule-xim-debuginfo-3.22.30-6.el8.ppc64le.rpm
gtk3-immodules-debuginfo-3.22.30-6.el8.ppc64le.rpm
gtk3-tests-debuginfo-3.22.30-6.el8.ppc64le.rpm
gvfs-1.36.2-10.el8.ppc64le.rpm
gvfs-afc-1.36.2-10.el8.ppc64le.rpm
gvfs-afc-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-afp-1.36.2-10.el8.ppc64le.rpm
gvfs-afp-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-archive-1.36.2-10.el8.ppc64le.rpm
gvfs-archive-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-client-1.36.2-10.el8.ppc64le.rpm
gvfs-client-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-debugsource-1.36.2-10.el8.ppc64le.rpm
gvfs-devel-1.36.2-10.el8.ppc64le.rpm
gvfs-fuse-1.36.2-10.el8.ppc64le.rpm
gvfs-fuse-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-goa-1.36.2-10.el8.ppc64le.rpm
gvfs-goa-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-gphoto2-1.36.2-10.el8.ppc64le.rpm
gvfs-gphoto2-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-mtp-1.36.2-10.el8.ppc64le.rpm
gvfs-mtp-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-smb-1.36.2-10.el8.ppc64le.rpm
gvfs-smb-debuginfo-1.36.2-10.el8.ppc64le.rpm
libsoup-debuginfo-2.62.3-2.el8.ppc64le.rpm
libsoup-debugsource-2.62.3-2.el8.ppc64le.rpm
libsoup-devel-2.62.3-2.el8.ppc64le.rpm
mutter-3.32.2-48.el8.ppc64le.rpm
mutter-debuginfo-3.32.2-48.el8.ppc64le.rpm
mutter-debugsource-3.32.2-48.el8.ppc64le.rpm
mutter-tests-debuginfo-3.32.2-48.el8.ppc64le.rpm
nautilus-3.28.1-14.el8.ppc64le.rpm
nautilus-debuginfo-3.28.1-14.el8.ppc64le.rpm
nautilus-debugsource-3.28.1-14.el8.ppc64le.rpm
nautilus-extensions-3.28.1-14.el8.ppc64le.rpm
nautilus-extensions-debuginfo-3.28.1-14.el8.ppc64le.rpm
pipewire-0.3.6-1.el8.ppc64le.rpm
pipewire-alsa-debuginfo-0.3.6-1.el8.ppc64le.rpm
pipewire-debuginfo-0.3.6-1.el8.ppc64le.rpm
pipewire-debugsource-0.3.6-1.el8.ppc64le.rpm
pipewire-devel-0.3.6-1.el8.ppc64le.rpm
pipewire-doc-0.3.6-1.el8.ppc64le.rpm
pipewire-gstreamer-debuginfo-0.3.6-1.el8.ppc64le.rpm
pipewire-libs-0.3.6-1.el8.ppc64le.rpm
pipewire-libs-debuginfo-0.3.6-1.el8.ppc64le.rpm
pipewire-utils-0.3.6-1.el8.ppc64le.rpm
pipewire-utils-debuginfo-0.3.6-1.el8.ppc64le.rpm
pipewire0.2-debugsource-0.2.7-6.el8.ppc64le.rpm
pipewire0.2-devel-0.2.7-6.el8.ppc64le.rpm
pipewire0.2-libs-0.2.7-6.el8.ppc64le.rpm
pipewire0.2-libs-debuginfo-0.2.7-6.el8.ppc64le.rpm
potrace-1.15-3.el8.ppc64le.rpm
potrace-debuginfo-1.15-3.el8.ppc64le.rpm
potrace-debugsource-1.15-3.el8.ppc64le.rpm
pygobject3-debuginfo-3.28.3-2.el8.ppc64le.rpm
pygobject3-debugsource-3.28.3-2.el8.ppc64le.rpm
python3-gobject-3.28.3-2.el8.ppc64le.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.ppc64le.rpm
python3-gobject-debuginfo-3.28.3-2.el8.ppc64le.rpm
tracker-2.1.5-2.el8.ppc64le.rpm
tracker-debuginfo-2.1.5-2.el8.ppc64le.rpm
tracker-debugsource-2.1.5-2.el8.ppc64le.rpm
vte-profile-0.52.4-2.el8.ppc64le.rpm
vte291-0.52.4-2.el8.ppc64le.rpm
vte291-debuginfo-0.52.4-2.el8.ppc64le.rpm
vte291-debugsource-0.52.4-2.el8.ppc64le.rpm
vte291-devel-debuginfo-0.52.4-2.el8.ppc64le.rpm
webkit2gtk3-2.28.4-1.el8.ppc64le.rpm
webkit2gtk3-debuginfo-2.28.4-1.el8.ppc64le.rpm
webkit2gtk3-debugsource-2.28.4-1.el8.ppc64le.rpm
webkit2gtk3-devel-2.28.4-1.el8.ppc64le.rpm
webkit2gtk3-devel-debuginfo-2.28.4-1.el8.ppc64le.rpm
webkit2gtk3-jsc-2.28.4-1.el8.ppc64le.rpm
webkit2gtk3-jsc-debuginfo-2.28.4-1.el8.ppc64le.rpm
webkit2gtk3-jsc-devel-2.28.4-1.el8.ppc64le.rpm
webkit2gtk3-jsc-devel-debuginfo-2.28.4-1.el8.ppc64le.rpm
webrtc-audio-processing-0.3-9.el8.ppc64le.rpm
webrtc-audio-processing-debuginfo-0.3-9.el8.ppc64le.rpm
webrtc-audio-processing-debugsource-0.3-9.el8.ppc64le.rpm
xdg-desktop-portal-1.6.0-2.el8.ppc64le.rpm
xdg-desktop-portal-debuginfo-1.6.0-2.el8.ppc64le.rpm
xdg-desktop-portal-debugsource-1.6.0-2.el8.ppc64le.rpm
xdg-desktop-portal-gtk-1.6.0-1.el8.ppc64le.rpm
xdg-desktop-portal-gtk-debuginfo-1.6.0-1.el8.ppc64le.rpm
xdg-desktop-portal-gtk-debugsource-1.6.0-1.el8.ppc64le.rpm
s390x:
PackageKit-1.1.12-6.el8.s390x.rpm
PackageKit-command-not-found-1.1.12-6.el8.s390x.rpm
PackageKit-command-not-found-debuginfo-1.1.12-6.el8.s390x.rpm
PackageKit-cron-1.1.12-6.el8.s390x.rpm
PackageKit-debuginfo-1.1.12-6.el8.s390x.rpm
PackageKit-debugsource-1.1.12-6.el8.s390x.rpm
PackageKit-glib-1.1.12-6.el8.s390x.rpm
PackageKit-glib-debuginfo-1.1.12-6.el8.s390x.rpm
PackageKit-gstreamer-plugin-1.1.12-6.el8.s390x.rpm
PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.s390x.rpm
PackageKit-gtk3-module-1.1.12-6.el8.s390x.rpm
PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.s390x.rpm
frei0r-plugins-1.6.1-7.el8.s390x.rpm
frei0r-plugins-debuginfo-1.6.1-7.el8.s390x.rpm
frei0r-plugins-debugsource-1.6.1-7.el8.s390x.rpm
frei0r-plugins-opencv-1.6.1-7.el8.s390x.rpm
frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.s390x.rpm
gdm-3.28.3-34.el8.s390x.rpm
gdm-debuginfo-3.28.3-34.el8.s390x.rpm
gdm-debugsource-3.28.3-34.el8.s390x.rpm
gnome-control-center-3.28.2-22.el8.s390x.rpm
gnome-control-center-debuginfo-3.28.2-22.el8.s390x.rpm
gnome-control-center-debugsource-3.28.2-22.el8.s390x.rpm
gnome-remote-desktop-0.1.8-3.el8.s390x.rpm
gnome-remote-desktop-debuginfo-0.1.8-3.el8.s390x.rpm
gnome-remote-desktop-debugsource-0.1.8-3.el8.s390x.rpm
gnome-session-3.28.1-10.el8.s390x.rpm
gnome-session-debuginfo-3.28.1-10.el8.s390x.rpm
gnome-session-debugsource-3.28.1-10.el8.s390x.rpm
gnome-session-wayland-session-3.28.1-10.el8.s390x.rpm
gnome-session-xsession-3.28.1-10.el8.s390x.rpm
gnome-settings-daemon-3.32.0-11.el8.s390x.rpm
gnome-settings-daemon-debuginfo-3.32.0-11.el8.s390x.rpm
gnome-settings-daemon-debugsource-3.32.0-11.el8.s390x.rpm
gnome-shell-3.32.2-20.el8.s390x.rpm
gnome-shell-debuginfo-3.32.2-20.el8.s390x.rpm
gnome-shell-debugsource-3.32.2-20.el8.s390x.rpm
gnome-terminal-3.28.3-2.el8.s390x.rpm
gnome-terminal-debuginfo-3.28.3-2.el8.s390x.rpm
gnome-terminal-debugsource-3.28.3-2.el8.s390x.rpm
gnome-terminal-nautilus-3.28.3-2.el8.s390x.rpm
gnome-terminal-nautilus-debuginfo-3.28.3-2.el8.s390x.rpm
gsettings-desktop-schemas-devel-3.32.0-5.el8.s390x.rpm
gtk-update-icon-cache-3.22.30-6.el8.s390x.rpm
gtk-update-icon-cache-debuginfo-3.22.30-6.el8.s390x.rpm
gtk3-3.22.30-6.el8.s390x.rpm
gtk3-debuginfo-3.22.30-6.el8.s390x.rpm
gtk3-debugsource-3.22.30-6.el8.s390x.rpm
gtk3-devel-3.22.30-6.el8.s390x.rpm
gtk3-devel-debuginfo-3.22.30-6.el8.s390x.rpm
gtk3-immodule-xim-3.22.30-6.el8.s390x.rpm
gtk3-immodule-xim-debuginfo-3.22.30-6.el8.s390x.rpm
gtk3-immodules-debuginfo-3.22.30-6.el8.s390x.rpm
gtk3-tests-debuginfo-3.22.30-6.el8.s390x.rpm
gvfs-1.36.2-10.el8.s390x.rpm
gvfs-afp-1.36.2-10.el8.s390x.rpm
gvfs-afp-debuginfo-1.36.2-10.el8.s390x.rpm
gvfs-archive-1.36.2-10.el8.s390x.rpm
gvfs-archive-debuginfo-1.36.2-10.el8.s390x.rpm
gvfs-client-1.36.2-10.el8.s390x.rpm
gvfs-client-debuginfo-1.36.2-10.el8.s390x.rpm
gvfs-debuginfo-1.36.2-10.el8.s390x.rpm
gvfs-debugsource-1.36.2-10.el8.s390x.rpm
gvfs-devel-1.36.2-10.el8.s390x.rpm
gvfs-fuse-1.36.2-10.el8.s390x.rpm
gvfs-fuse-debuginfo-1.36.2-10.el8.s390x.rpm
gvfs-goa-1.36.2-10.el8.s390x.rpm
gvfs-goa-debuginfo-1.36.2-10.el8.s390x.rpm
gvfs-gphoto2-1.36.2-10.el8.s390x.rpm
gvfs-gphoto2-debuginfo-1.36.2-10.el8.s390x.rpm
gvfs-mtp-1.36.2-10.el8.s390x.rpm
gvfs-mtp-debuginfo-1.36.2-10.el8.s390x.rpm
gvfs-smb-1.36.2-10.el8.s390x.rpm
gvfs-smb-debuginfo-1.36.2-10.el8.s390x.rpm
libsoup-debuginfo-2.62.3-2.el8.s390x.rpm
libsoup-debugsource-2.62.3-2.el8.s390x.rpm
libsoup-devel-2.62.3-2.el8.s390x.rpm
mutter-3.32.2-48.el8.s390x.rpm
mutter-debuginfo-3.32.2-48.el8.s390x.rpm
mutter-debugsource-3.32.2-48.el8.s390x.rpm
mutter-tests-debuginfo-3.32.2-48.el8.s390x.rpm
nautilus-3.28.1-14.el8.s390x.rpm
nautilus-debuginfo-3.28.1-14.el8.s390x.rpm
nautilus-debugsource-3.28.1-14.el8.s390x.rpm
nautilus-extensions-3.28.1-14.el8.s390x.rpm
nautilus-extensions-debuginfo-3.28.1-14.el8.s390x.rpm
pipewire-0.3.6-1.el8.s390x.rpm
pipewire-alsa-debuginfo-0.3.6-1.el8.s390x.rpm
pipewire-debuginfo-0.3.6-1.el8.s390x.rpm
pipewire-debugsource-0.3.6-1.el8.s390x.rpm
pipewire-devel-0.3.6-1.el8.s390x.rpm
pipewire-gstreamer-debuginfo-0.3.6-1.el8.s390x.rpm
pipewire-libs-0.3.6-1.el8.s390x.rpm
pipewire-libs-debuginfo-0.3.6-1.el8.s390x.rpm
pipewire-utils-0.3.6-1.el8.s390x.rpm
pipewire-utils-debuginfo-0.3.6-1.el8.s390x.rpm
pipewire0.2-debugsource-0.2.7-6.el8.s390x.rpm
pipewire0.2-devel-0.2.7-6.el8.s390x.rpm
pipewire0.2-libs-0.2.7-6.el8.s390x.rpm
pipewire0.2-libs-debuginfo-0.2.7-6.el8.s390x.rpm
potrace-1.15-3.el8.s390x.rpm
potrace-debuginfo-1.15-3.el8.s390x.rpm
potrace-debugsource-1.15-3.el8.s390x.rpm
pygobject3-debuginfo-3.28.3-2.el8.s390x.rpm
pygobject3-debugsource-3.28.3-2.el8.s390x.rpm
python3-gobject-3.28.3-2.el8.s390x.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.s390x.rpm
python3-gobject-debuginfo-3.28.3-2.el8.s390x.rpm
tracker-2.1.5-2.el8.s390x.rpm
tracker-debuginfo-2.1.5-2.el8.s390x.rpm
tracker-debugsource-2.1.5-2.el8.s390x.rpm
vte-profile-0.52.4-2.el8.s390x.rpm
vte291-0.52.4-2.el8.s390x.rpm
vte291-debuginfo-0.52.4-2.el8.s390x.rpm
vte291-debugsource-0.52.4-2.el8.s390x.rpm
vte291-devel-debuginfo-0.52.4-2.el8.s390x.rpm
webkit2gtk3-2.28.4-1.el8.s390x.rpm
webkit2gtk3-debuginfo-2.28.4-1.el8.s390x.rpm
webkit2gtk3-debugsource-2.28.4-1.el8.s390x.rpm
webkit2gtk3-devel-2.28.4-1.el8.s390x.rpm
webkit2gtk3-devel-debuginfo-2.28.4-1.el8.s390x.rpm
webkit2gtk3-jsc-2.28.4-1.el8.s390x.rpm
webkit2gtk3-jsc-debuginfo-2.28.4-1.el8.s390x.rpm
webkit2gtk3-jsc-devel-2.28.4-1.el8.s390x.rpm
webkit2gtk3-jsc-devel-debuginfo-2.28.4-1.el8.s390x.rpm
webrtc-audio-processing-0.3-9.el8.s390x.rpm
webrtc-audio-processing-debuginfo-0.3-9.el8.s390x.rpm
webrtc-audio-processing-debugsource-0.3-9.el8.s390x.rpm
xdg-desktop-portal-1.6.0-2.el8.s390x.rpm
xdg-desktop-portal-debuginfo-1.6.0-2.el8.s390x.rpm
xdg-desktop-portal-debugsource-1.6.0-2.el8.s390x.rpm
xdg-desktop-portal-gtk-1.6.0-1.el8.s390x.rpm
xdg-desktop-portal-gtk-debuginfo-1.6.0-1.el8.s390x.rpm
xdg-desktop-portal-gtk-debugsource-1.6.0-1.el8.s390x.rpm
x86_64:
LibRaw-0.19.5-2.el8.i686.rpm
LibRaw-0.19.5-2.el8.x86_64.rpm
LibRaw-debuginfo-0.19.5-2.el8.i686.rpm
LibRaw-debuginfo-0.19.5-2.el8.x86_64.rpm
LibRaw-debugsource-0.19.5-2.el8.i686.rpm
LibRaw-debugsource-0.19.5-2.el8.x86_64.rpm
LibRaw-samples-debuginfo-0.19.5-2.el8.i686.rpm
LibRaw-samples-debuginfo-0.19.5-2.el8.x86_64.rpm
PackageKit-1.1.12-6.el8.x86_64.rpm
PackageKit-command-not-found-1.1.12-6.el8.x86_64.rpm
PackageKit-command-not-found-debuginfo-1.1.12-6.el8.i686.rpm
PackageKit-command-not-found-debuginfo-1.1.12-6.el8.x86_64.rpm
PackageKit-cron-1.1.12-6.el8.x86_64.rpm
PackageKit-debuginfo-1.1.12-6.el8.i686.rpm
PackageKit-debuginfo-1.1.12-6.el8.x86_64.rpm
PackageKit-debugsource-1.1.12-6.el8.i686.rpm
PackageKit-debugsource-1.1.12-6.el8.x86_64.rpm
PackageKit-glib-1.1.12-6.el8.i686.rpm
PackageKit-glib-1.1.12-6.el8.x86_64.rpm
PackageKit-glib-debuginfo-1.1.12-6.el8.i686.rpm
PackageKit-glib-debuginfo-1.1.12-6.el8.x86_64.rpm
PackageKit-gstreamer-plugin-1.1.12-6.el8.x86_64.rpm
PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.i686.rpm
PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.x86_64.rpm
PackageKit-gtk3-module-1.1.12-6.el8.i686.rpm
PackageKit-gtk3-module-1.1.12-6.el8.x86_64.rpm
PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.i686.rpm
PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.x86_64.rpm
dleyna-renderer-0.6.0-3.el8.x86_64.rpm
dleyna-renderer-debuginfo-0.6.0-3.el8.x86_64.rpm
dleyna-renderer-debugsource-0.6.0-3.el8.x86_64.rpm
frei0r-plugins-1.6.1-7.el8.x86_64.rpm
frei0r-plugins-debuginfo-1.6.1-7.el8.x86_64.rpm
frei0r-plugins-debugsource-1.6.1-7.el8.x86_64.rpm
frei0r-plugins-opencv-1.6.1-7.el8.x86_64.rpm
frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.x86_64.rpm
gdm-3.28.3-34.el8.i686.rpm
gdm-3.28.3-34.el8.x86_64.rpm
gdm-debuginfo-3.28.3-34.el8.i686.rpm
gdm-debuginfo-3.28.3-34.el8.x86_64.rpm
gdm-debugsource-3.28.3-34.el8.i686.rpm
gdm-debugsource-3.28.3-34.el8.x86_64.rpm
gnome-control-center-3.28.2-22.el8.x86_64.rpm
gnome-control-center-debuginfo-3.28.2-22.el8.x86_64.rpm
gnome-control-center-debugsource-3.28.2-22.el8.x86_64.rpm
gnome-photos-3.28.1-3.el8.x86_64.rpm
gnome-photos-debuginfo-3.28.1-3.el8.x86_64.rpm
gnome-photos-debugsource-3.28.1-3.el8.x86_64.rpm
gnome-photos-tests-3.28.1-3.el8.x86_64.rpm
gnome-remote-desktop-0.1.8-3.el8.x86_64.rpm
gnome-remote-desktop-debuginfo-0.1.8-3.el8.x86_64.rpm
gnome-remote-desktop-debugsource-0.1.8-3.el8.x86_64.rpm
gnome-session-3.28.1-10.el8.x86_64.rpm
gnome-session-debuginfo-3.28.1-10.el8.x86_64.rpm
gnome-session-debugsource-3.28.1-10.el8.x86_64.rpm
gnome-session-wayland-session-3.28.1-10.el8.x86_64.rpm
gnome-session-xsession-3.28.1-10.el8.x86_64.rpm
gnome-settings-daemon-3.32.0-11.el8.x86_64.rpm
gnome-settings-daemon-debuginfo-3.32.0-11.el8.x86_64.rpm
gnome-settings-daemon-debugsource-3.32.0-11.el8.x86_64.rpm
gnome-shell-3.32.2-20.el8.x86_64.rpm
gnome-shell-debuginfo-3.32.2-20.el8.x86_64.rpm
gnome-shell-debugsource-3.32.2-20.el8.x86_64.rpm
gnome-terminal-3.28.3-2.el8.x86_64.rpm
gnome-terminal-debuginfo-3.28.3-2.el8.x86_64.rpm
gnome-terminal-debugsource-3.28.3-2.el8.x86_64.rpm
gnome-terminal-nautilus-3.28.3-2.el8.x86_64.rpm
gnome-terminal-nautilus-debuginfo-3.28.3-2.el8.x86_64.rpm
gsettings-desktop-schemas-3.32.0-5.el8.i686.rpm
gsettings-desktop-schemas-devel-3.32.0-5.el8.i686.rpm
gsettings-desktop-schemas-devel-3.32.0-5.el8.x86_64.rpm
gtk-update-icon-cache-3.22.30-6.el8.x86_64.rpm
gtk-update-icon-cache-debuginfo-3.22.30-6.el8.i686.rpm
gtk-update-icon-cache-debuginfo-3.22.30-6.el8.x86_64.rpm
gtk3-3.22.30-6.el8.i686.rpm
gtk3-3.22.30-6.el8.x86_64.rpm
gtk3-debuginfo-3.22.30-6.el8.i686.rpm
gtk3-debuginfo-3.22.30-6.el8.x86_64.rpm
gtk3-debugsource-3.22.30-6.el8.i686.rpm
gtk3-debugsource-3.22.30-6.el8.x86_64.rpm
gtk3-devel-3.22.30-6.el8.i686.rpm
gtk3-devel-3.22.30-6.el8.x86_64.rpm
gtk3-devel-debuginfo-3.22.30-6.el8.i686.rpm
gtk3-devel-debuginfo-3.22.30-6.el8.x86_64.rpm
gtk3-immodule-xim-3.22.30-6.el8.x86_64.rpm
gtk3-immodule-xim-debuginfo-3.22.30-6.el8.i686.rpm
gtk3-immodule-xim-debuginfo-3.22.30-6.el8.x86_64.rpm
gtk3-immodules-debuginfo-3.22.30-6.el8.i686.rpm
gtk3-immodules-debuginfo-3.22.30-6.el8.x86_64.rpm
gtk3-tests-debuginfo-3.22.30-6.el8.i686.rpm
gtk3-tests-debuginfo-3.22.30-6.el8.x86_64.rpm
gvfs-1.36.2-10.el8.x86_64.rpm
gvfs-afc-1.36.2-10.el8.x86_64.rpm
gvfs-afc-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-afc-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-afp-1.36.2-10.el8.x86_64.rpm
gvfs-afp-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-afp-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-archive-1.36.2-10.el8.x86_64.rpm
gvfs-archive-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-archive-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-client-1.36.2-10.el8.i686.rpm
gvfs-client-1.36.2-10.el8.x86_64.rpm
gvfs-client-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-client-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-debugsource-1.36.2-10.el8.i686.rpm
gvfs-debugsource-1.36.2-10.el8.x86_64.rpm
gvfs-devel-1.36.2-10.el8.i686.rpm
gvfs-devel-1.36.2-10.el8.x86_64.rpm
gvfs-fuse-1.36.2-10.el8.x86_64.rpm
gvfs-fuse-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-fuse-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-goa-1.36.2-10.el8.x86_64.rpm
gvfs-goa-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-goa-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-gphoto2-1.36.2-10.el8.x86_64.rpm
gvfs-gphoto2-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-gphoto2-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-mtp-1.36.2-10.el8.x86_64.rpm
gvfs-mtp-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-mtp-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-smb-1.36.2-10.el8.x86_64.rpm
gvfs-smb-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-smb-debuginfo-1.36.2-10.el8.x86_64.rpm
libsoup-debuginfo-2.62.3-2.el8.i686.rpm
libsoup-debuginfo-2.62.3-2.el8.x86_64.rpm
libsoup-debugsource-2.62.3-2.el8.i686.rpm
libsoup-debugsource-2.62.3-2.el8.x86_64.rpm
libsoup-devel-2.62.3-2.el8.i686.rpm
libsoup-devel-2.62.3-2.el8.x86_64.rpm
mutter-3.32.2-48.el8.i686.rpm
mutter-3.32.2-48.el8.x86_64.rpm
mutter-debuginfo-3.32.2-48.el8.i686.rpm
mutter-debuginfo-3.32.2-48.el8.x86_64.rpm
mutter-debugsource-3.32.2-48.el8.i686.rpm
mutter-debugsource-3.32.2-48.el8.x86_64.rpm
mutter-tests-debuginfo-3.32.2-48.el8.i686.rpm
mutter-tests-debuginfo-3.32.2-48.el8.x86_64.rpm
nautilus-3.28.1-14.el8.x86_64.rpm
nautilus-debuginfo-3.28.1-14.el8.i686.rpm
nautilus-debuginfo-3.28.1-14.el8.x86_64.rpm
nautilus-debugsource-3.28.1-14.el8.i686.rpm
nautilus-debugsource-3.28.1-14.el8.x86_64.rpm
nautilus-extensions-3.28.1-14.el8.i686.rpm
nautilus-extensions-3.28.1-14.el8.x86_64.rpm
nautilus-extensions-debuginfo-3.28.1-14.el8.i686.rpm
nautilus-extensions-debuginfo-3.28.1-14.el8.x86_64.rpm
pipewire-0.3.6-1.el8.i686.rpm
pipewire-0.3.6-1.el8.x86_64.rpm
pipewire-alsa-debuginfo-0.3.6-1.el8.i686.rpm
pipewire-alsa-debuginfo-0.3.6-1.el8.x86_64.rpm
pipewire-debuginfo-0.3.6-1.el8.i686.rpm
pipewire-debuginfo-0.3.6-1.el8.x86_64.rpm
pipewire-debugsource-0.3.6-1.el8.i686.rpm
pipewire-debugsource-0.3.6-1.el8.x86_64.rpm
pipewire-devel-0.3.6-1.el8.i686.rpm
pipewire-devel-0.3.6-1.el8.x86_64.rpm
pipewire-doc-0.3.6-1.el8.x86_64.rpm
pipewire-gstreamer-debuginfo-0.3.6-1.el8.i686.rpm
pipewire-gstreamer-debuginfo-0.3.6-1.el8.x86_64.rpm
pipewire-libs-0.3.6-1.el8.i686.rpm
pipewire-libs-0.3.6-1.el8.x86_64.rpm
pipewire-libs-debuginfo-0.3.6-1.el8.i686.rpm
pipewire-libs-debuginfo-0.3.6-1.el8.x86_64.rpm
pipewire-utils-0.3.6-1.el8.x86_64.rpm
pipewire-utils-debuginfo-0.3.6-1.el8.i686.rpm
pipewire-utils-debuginfo-0.3.6-1.el8.x86_64.rpm
pipewire0.2-debugsource-0.2.7-6.el8.i686.rpm
pipewire0.2-debugsource-0.2.7-6.el8.x86_64.rpm
pipewire0.2-devel-0.2.7-6.el8.i686.rpm
pipewire0.2-devel-0.2.7-6.el8.x86_64.rpm
pipewire0.2-libs-0.2.7-6.el8.i686.rpm
pipewire0.2-libs-0.2.7-6.el8.x86_64.rpm
pipewire0.2-libs-debuginfo-0.2.7-6.el8.i686.rpm
pipewire0.2-libs-debuginfo-0.2.7-6.el8.x86_64.rpm
potrace-1.15-3.el8.i686.rpm
potrace-1.15-3.el8.x86_64.rpm
potrace-debuginfo-1.15-3.el8.i686.rpm
potrace-debuginfo-1.15-3.el8.x86_64.rpm
potrace-debugsource-1.15-3.el8.i686.rpm
potrace-debugsource-1.15-3.el8.x86_64.rpm
pygobject3-debuginfo-3.28.3-2.el8.i686.rpm
pygobject3-debuginfo-3.28.3-2.el8.x86_64.rpm
pygobject3-debugsource-3.28.3-2.el8.i686.rpm
pygobject3-debugsource-3.28.3-2.el8.x86_64.rpm
python3-gobject-3.28.3-2.el8.i686.rpm
python3-gobject-3.28.3-2.el8.x86_64.rpm
python3-gobject-base-3.28.3-2.el8.i686.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.i686.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.x86_64.rpm
python3-gobject-debuginfo-3.28.3-2.el8.i686.rpm
python3-gobject-debuginfo-3.28.3-2.el8.x86_64.rpm
tracker-2.1.5-2.el8.i686.rpm
tracker-2.1.5-2.el8.x86_64.rpm
tracker-debuginfo-2.1.5-2.el8.i686.rpm
tracker-debuginfo-2.1.5-2.el8.x86_64.rpm
tracker-debugsource-2.1.5-2.el8.i686.rpm
tracker-debugsource-2.1.5-2.el8.x86_64.rpm
vte-profile-0.52.4-2.el8.x86_64.rpm
vte291-0.52.4-2.el8.i686.rpm
vte291-0.52.4-2.el8.x86_64.rpm
vte291-debuginfo-0.52.4-2.el8.i686.rpm
vte291-debuginfo-0.52.4-2.el8.x86_64.rpm
vte291-debugsource-0.52.4-2.el8.i686.rpm
vte291-debugsource-0.52.4-2.el8.x86_64.rpm
vte291-devel-debuginfo-0.52.4-2.el8.i686.rpm
vte291-devel-debuginfo-0.52.4-2.el8.x86_64.rpm
webkit2gtk3-2.28.4-1.el8.i686.rpm
webkit2gtk3-2.28.4-1.el8.x86_64.rpm
webkit2gtk3-debuginfo-2.28.4-1.el8.i686.rpm
webkit2gtk3-debuginfo-2.28.4-1.el8.x86_64.rpm
webkit2gtk3-debugsource-2.28.4-1.el8.i686.rpm
webkit2gtk3-debugsource-2.28.4-1.el8.x86_64.rpm
webkit2gtk3-devel-2.28.4-1.el8.i686.rpm
webkit2gtk3-devel-2.28.4-1.el8.x86_64.rpm
webkit2gtk3-devel-debuginfo-2.28.4-1.el8.i686.rpm
webkit2gtk3-devel-debuginfo-2.28.4-1.el8.x86_64.rpm
webkit2gtk3-jsc-2.28.4-1.el8.i686.rpm
webkit2gtk3-jsc-2.28.4-1.el8.x86_64.rpm
webkit2gtk3-jsc-debuginfo-2.28.4-1.el8.i686.rpm
webkit2gtk3-jsc-debuginfo-2.28.4-1.el8.x86_64.rpm
webkit2gtk3-jsc-devel-2.28.4-1.el8.i686.rpm
webkit2gtk3-jsc-devel-2.28.4-1.el8.x86_64.rpm
webkit2gtk3-jsc-devel-debuginfo-2.28.4-1.el8.i686.rpm
webkit2gtk3-jsc-devel-debuginfo-2.28.4-1.el8.x86_64.rpm
webrtc-audio-processing-0.3-9.el8.i686.rpm
webrtc-audio-processing-0.3-9.el8.x86_64.rpm
webrtc-audio-processing-debuginfo-0.3-9.el8.i686.rpm
webrtc-audio-processing-debuginfo-0.3-9.el8.x86_64.rpm
webrtc-audio-processing-debugsource-0.3-9.el8.i686.rpm
webrtc-audio-processing-debugsource-0.3-9.el8.x86_64.rpm
xdg-desktop-portal-1.6.0-2.el8.x86_64.rpm
xdg-desktop-portal-debuginfo-1.6.0-2.el8.x86_64.rpm
xdg-desktop-portal-debugsource-1.6.0-2.el8.x86_64.rpm
xdg-desktop-portal-gtk-1.6.0-1.el8.x86_64.rpm
xdg-desktop-portal-gtk-debuginfo-1.6.0-1.el8.x86_64.rpm
xdg-desktop-portal-gtk-debugsource-1.6.0-1.el8.x86_64.rpm
Red Hat Enterprise Linux BaseOS (v. 8):
Source:
gsettings-desktop-schemas-3.32.0-5.el8.src.rpm
libsoup-2.62.3-2.el8.src.rpm
pygobject3-3.28.3-2.el8.src.rpm
aarch64:
gsettings-desktop-schemas-3.32.0-5.el8.aarch64.rpm
libsoup-2.62.3-2.el8.aarch64.rpm
libsoup-debuginfo-2.62.3-2.el8.aarch64.rpm
libsoup-debugsource-2.62.3-2.el8.aarch64.rpm
pygobject3-debuginfo-3.28.3-2.el8.aarch64.rpm
pygobject3-debugsource-3.28.3-2.el8.aarch64.rpm
python3-gobject-base-3.28.3-2.el8.aarch64.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.aarch64.rpm
python3-gobject-debuginfo-3.28.3-2.el8.aarch64.rpm
ppc64le:
gsettings-desktop-schemas-3.32.0-5.el8.ppc64le.rpm
libsoup-2.62.3-2.el8.ppc64le.rpm
libsoup-debuginfo-2.62.3-2.el8.ppc64le.rpm
libsoup-debugsource-2.62.3-2.el8.ppc64le.rpm
pygobject3-debuginfo-3.28.3-2.el8.ppc64le.rpm
pygobject3-debugsource-3.28.3-2.el8.ppc64le.rpm
python3-gobject-base-3.28.3-2.el8.ppc64le.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.ppc64le.rpm
python3-gobject-debuginfo-3.28.3-2.el8.ppc64le.rpm
s390x:
gsettings-desktop-schemas-3.32.0-5.el8.s390x.rpm
libsoup-2.62.3-2.el8.s390x.rpm
libsoup-debuginfo-2.62.3-2.el8.s390x.rpm
libsoup-debugsource-2.62.3-2.el8.s390x.rpm
pygobject3-debuginfo-3.28.3-2.el8.s390x.rpm
pygobject3-debugsource-3.28.3-2.el8.s390x.rpm
python3-gobject-base-3.28.3-2.el8.s390x.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.s390x.rpm
python3-gobject-debuginfo-3.28.3-2.el8.s390x.rpm
x86_64:
gsettings-desktop-schemas-3.32.0-5.el8.x86_64.rpm
libsoup-2.62.3-2.el8.i686.rpm
libsoup-2.62.3-2.el8.x86_64.rpm
libsoup-debuginfo-2.62.3-2.el8.i686.rpm
libsoup-debuginfo-2.62.3-2.el8.x86_64.rpm
libsoup-debugsource-2.62.3-2.el8.i686.rpm
libsoup-debugsource-2.62.3-2.el8.x86_64.rpm
pygobject3-debuginfo-3.28.3-2.el8.x86_64.rpm
pygobject3-debugsource-3.28.3-2.el8.x86_64.rpm
python3-gobject-base-3.28.3-2.el8.x86_64.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.x86_64.rpm
python3-gobject-debuginfo-3.28.3-2.el8.x86_64.rpm
Red Hat CodeReady Linux Builder (v. 8):
Source:
gtk-doc-1.28-2.el8.src.rpm
aarch64:
PackageKit-command-not-found-debuginfo-1.1.12-6.el8.aarch64.rpm
PackageKit-debuginfo-1.1.12-6.el8.aarch64.rpm
PackageKit-debugsource-1.1.12-6.el8.aarch64.rpm
PackageKit-glib-debuginfo-1.1.12-6.el8.aarch64.rpm
PackageKit-glib-devel-1.1.12-6.el8.aarch64.rpm
PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.aarch64.rpm
PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.aarch64.rpm
frei0r-devel-1.6.1-7.el8.aarch64.rpm
frei0r-plugins-debuginfo-1.6.1-7.el8.aarch64.rpm
frei0r-plugins-debugsource-1.6.1-7.el8.aarch64.rpm
frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.aarch64.rpm
gtk-doc-1.28-2.el8.aarch64.rpm
mutter-debuginfo-3.32.2-48.el8.aarch64.rpm
mutter-debugsource-3.32.2-48.el8.aarch64.rpm
mutter-devel-3.32.2-48.el8.aarch64.rpm
mutter-tests-debuginfo-3.32.2-48.el8.aarch64.rpm
nautilus-debuginfo-3.28.1-14.el8.aarch64.rpm
nautilus-debugsource-3.28.1-14.el8.aarch64.rpm
nautilus-devel-3.28.1-14.el8.aarch64.rpm
nautilus-extensions-debuginfo-3.28.1-14.el8.aarch64.rpm
pygobject3-debuginfo-3.28.3-2.el8.aarch64.rpm
pygobject3-debugsource-3.28.3-2.el8.aarch64.rpm
pygobject3-devel-3.28.3-2.el8.aarch64.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.aarch64.rpm
python3-gobject-debuginfo-3.28.3-2.el8.aarch64.rpm
tracker-debuginfo-2.1.5-2.el8.aarch64.rpm
tracker-debugsource-2.1.5-2.el8.aarch64.rpm
tracker-devel-2.1.5-2.el8.aarch64.rpm
vte291-debuginfo-0.52.4-2.el8.aarch64.rpm
vte291-debugsource-0.52.4-2.el8.aarch64.rpm
vte291-devel-0.52.4-2.el8.aarch64.rpm
vte291-devel-debuginfo-0.52.4-2.el8.aarch64.rpm
ppc64le:
LibRaw-debuginfo-0.19.5-2.el8.ppc64le.rpm
LibRaw-debugsource-0.19.5-2.el8.ppc64le.rpm
LibRaw-devel-0.19.5-2.el8.ppc64le.rpm
LibRaw-samples-debuginfo-0.19.5-2.el8.ppc64le.rpm
PackageKit-command-not-found-debuginfo-1.1.12-6.el8.ppc64le.rpm
PackageKit-debuginfo-1.1.12-6.el8.ppc64le.rpm
PackageKit-debugsource-1.1.12-6.el8.ppc64le.rpm
PackageKit-glib-debuginfo-1.1.12-6.el8.ppc64le.rpm
PackageKit-glib-devel-1.1.12-6.el8.ppc64le.rpm
PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.ppc64le.rpm
PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.ppc64le.rpm
frei0r-devel-1.6.1-7.el8.ppc64le.rpm
frei0r-plugins-debuginfo-1.6.1-7.el8.ppc64le.rpm
frei0r-plugins-debugsource-1.6.1-7.el8.ppc64le.rpm
frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.ppc64le.rpm
gtk-doc-1.28-2.el8.ppc64le.rpm
mutter-debuginfo-3.32.2-48.el8.ppc64le.rpm
mutter-debugsource-3.32.2-48.el8.ppc64le.rpm
mutter-devel-3.32.2-48.el8.ppc64le.rpm
mutter-tests-debuginfo-3.32.2-48.el8.ppc64le.rpm
nautilus-debuginfo-3.28.1-14.el8.ppc64le.rpm
nautilus-debugsource-3.28.1-14.el8.ppc64le.rpm
nautilus-devel-3.28.1-14.el8.ppc64le.rpm
nautilus-extensions-debuginfo-3.28.1-14.el8.ppc64le.rpm
pygobject3-debuginfo-3.28.3-2.el8.ppc64le.rpm
pygobject3-debugsource-3.28.3-2.el8.ppc64le.rpm
pygobject3-devel-3.28.3-2.el8.ppc64le.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.ppc64le.rpm
python3-gobject-debuginfo-3.28.3-2.el8.ppc64le.rpm
tracker-debuginfo-2.1.5-2.el8.ppc64le.rpm
tracker-debugsource-2.1.5-2.el8.ppc64le.rpm
tracker-devel-2.1.5-2.el8.ppc64le.rpm
vte291-debuginfo-0.52.4-2.el8.ppc64le.rpm
vte291-debugsource-0.52.4-2.el8.ppc64le.rpm
vte291-devel-0.52.4-2.el8.ppc64le.rpm
vte291-devel-debuginfo-0.52.4-2.el8.ppc64le.rpm
s390x:
PackageKit-command-not-found-debuginfo-1.1.12-6.el8.s390x.rpm
PackageKit-debuginfo-1.1.12-6.el8.s390x.rpm
PackageKit-debugsource-1.1.12-6.el8.s390x.rpm
PackageKit-glib-debuginfo-1.1.12-6.el8.s390x.rpm
PackageKit-glib-devel-1.1.12-6.el8.s390x.rpm
PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.s390x.rpm
PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.s390x.rpm
frei0r-devel-1.6.1-7.el8.s390x.rpm
frei0r-plugins-debuginfo-1.6.1-7.el8.s390x.rpm
frei0r-plugins-debugsource-1.6.1-7.el8.s390x.rpm
frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.s390x.rpm
gtk-doc-1.28-2.el8.s390x.rpm
mutter-debuginfo-3.32.2-48.el8.s390x.rpm
mutter-debugsource-3.32.2-48.el8.s390x.rpm
mutter-devel-3.32.2-48.el8.s390x.rpm
mutter-tests-debuginfo-3.32.2-48.el8.s390x.rpm
nautilus-debuginfo-3.28.1-14.el8.s390x.rpm
nautilus-debugsource-3.28.1-14.el8.s390x.rpm
nautilus-devel-3.28.1-14.el8.s390x.rpm
nautilus-extensions-debuginfo-3.28.1-14.el8.s390x.rpm
pygobject3-debuginfo-3.28.3-2.el8.s390x.rpm
pygobject3-debugsource-3.28.3-2.el8.s390x.rpm
pygobject3-devel-3.28.3-2.el8.s390x.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.s390x.rpm
python3-gobject-debuginfo-3.28.3-2.el8.s390x.rpm
tracker-debuginfo-2.1.5-2.el8.s390x.rpm
tracker-debugsource-2.1.5-2.el8.s390x.rpm
tracker-devel-2.1.5-2.el8.s390x.rpm
vte291-debuginfo-0.52.4-2.el8.s390x.rpm
vte291-debugsource-0.52.4-2.el8.s390x.rpm
vte291-devel-0.52.4-2.el8.s390x.rpm
vte291-devel-debuginfo-0.52.4-2.el8.s390x.rpm
x86_64:
LibRaw-debuginfo-0.19.5-2.el8.i686.rpm
LibRaw-debuginfo-0.19.5-2.el8.x86_64.rpm
LibRaw-debugsource-0.19.5-2.el8.i686.rpm
LibRaw-debugsource-0.19.5-2.el8.x86_64.rpm
LibRaw-devel-0.19.5-2.el8.i686.rpm
LibRaw-devel-0.19.5-2.el8.x86_64.rpm
LibRaw-samples-debuginfo-0.19.5-2.el8.i686.rpm
LibRaw-samples-debuginfo-0.19.5-2.el8.x86_64.rpm
PackageKit-command-not-found-debuginfo-1.1.12-6.el8.i686.rpm
PackageKit-command-not-found-debuginfo-1.1.12-6.el8.x86_64.rpm
PackageKit-debuginfo-1.1.12-6.el8.i686.rpm
PackageKit-debuginfo-1.1.12-6.el8.x86_64.rpm
PackageKit-debugsource-1.1.12-6.el8.i686.rpm
PackageKit-debugsource-1.1.12-6.el8.x86_64.rpm
PackageKit-glib-debuginfo-1.1.12-6.el8.i686.rpm
PackageKit-glib-debuginfo-1.1.12-6.el8.x86_64.rpm
PackageKit-glib-devel-1.1.12-6.el8.i686.rpm
PackageKit-glib-devel-1.1.12-6.el8.x86_64.rpm
PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.i686.rpm
PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.x86_64.rpm
PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.i686.rpm
PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.x86_64.rpm
frei0r-devel-1.6.1-7.el8.i686.rpm
frei0r-devel-1.6.1-7.el8.x86_64.rpm
frei0r-plugins-1.6.1-7.el8.i686.rpm
frei0r-plugins-debuginfo-1.6.1-7.el8.i686.rpm
frei0r-plugins-debuginfo-1.6.1-7.el8.x86_64.rpm
frei0r-plugins-debugsource-1.6.1-7.el8.i686.rpm
frei0r-plugins-debugsource-1.6.1-7.el8.x86_64.rpm
frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.i686.rpm
frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.x86_64.rpm
gtk-doc-1.28-2.el8.x86_64.rpm
gvfs-1.36.2-10.el8.i686.rpm
gvfs-afc-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-afp-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-archive-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-client-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-debugsource-1.36.2-10.el8.i686.rpm
gvfs-fuse-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-goa-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-gphoto2-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-mtp-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-smb-debuginfo-1.36.2-10.el8.i686.rpm
mutter-debuginfo-3.32.2-48.el8.i686.rpm
mutter-debuginfo-3.32.2-48.el8.x86_64.rpm
mutter-debugsource-3.32.2-48.el8.i686.rpm
mutter-debugsource-3.32.2-48.el8.x86_64.rpm
mutter-devel-3.32.2-48.el8.i686.rpm
mutter-devel-3.32.2-48.el8.x86_64.rpm
mutter-tests-debuginfo-3.32.2-48.el8.i686.rpm
mutter-tests-debuginfo-3.32.2-48.el8.x86_64.rpm
nautilus-3.28.1-14.el8.i686.rpm
nautilus-debuginfo-3.28.1-14.el8.i686.rpm
nautilus-debuginfo-3.28.1-14.el8.x86_64.rpm
nautilus-debugsource-3.28.1-14.el8.i686.rpm
nautilus-debugsource-3.28.1-14.el8.x86_64.rpm
nautilus-devel-3.28.1-14.el8.i686.rpm
nautilus-devel-3.28.1-14.el8.x86_64.rpm
nautilus-extensions-debuginfo-3.28.1-14.el8.i686.rpm
nautilus-extensions-debuginfo-3.28.1-14.el8.x86_64.rpm
pygobject3-debuginfo-3.28.3-2.el8.i686.rpm
pygobject3-debuginfo-3.28.3-2.el8.x86_64.rpm
pygobject3-debugsource-3.28.3-2.el8.i686.rpm
pygobject3-debugsource-3.28.3-2.el8.x86_64.rpm
pygobject3-devel-3.28.3-2.el8.i686.rpm
pygobject3-devel-3.28.3-2.el8.x86_64.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.i686.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.x86_64.rpm
python3-gobject-debuginfo-3.28.3-2.el8.i686.rpm
python3-gobject-debuginfo-3.28.3-2.el8.x86_64.rpm
tracker-debuginfo-2.1.5-2.el8.i686.rpm
tracker-debuginfo-2.1.5-2.el8.x86_64.rpm
tracker-debugsource-2.1.5-2.el8.i686.rpm
tracker-debugsource-2.1.5-2.el8.x86_64.rpm
tracker-devel-2.1.5-2.el8.i686.rpm
tracker-devel-2.1.5-2.el8.x86_64.rpm
vte291-debuginfo-0.52.4-2.el8.i686.rpm
vte291-debuginfo-0.52.4-2.el8.x86_64.rpm
vte291-debugsource-0.52.4-2.el8.i686.rpm
vte291-debugsource-0.52.4-2.el8.x86_64.rpm
vte291-devel-0.52.4-2.el8.i686.rpm
vte291-devel-0.52.4-2.el8.x86_64.rpm
vte291-devel-debuginfo-0.52.4-2.el8.i686.rpm
vte291-devel-debuginfo-0.52.4-2.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2019-8625
https://access.redhat.com/security/cve/CVE-2019-8710
https://access.redhat.com/security/cve/CVE-2019-8720
https://access.redhat.com/security/cve/CVE-2019-8743
https://access.redhat.com/security/cve/CVE-2019-8764
https://access.redhat.com/security/cve/CVE-2019-8766
https://access.redhat.com/security/cve/CVE-2019-8769
https://access.redhat.com/security/cve/CVE-2019-8771
https://access.redhat.com/security/cve/CVE-2019-8782
https://access.redhat.com/security/cve/CVE-2019-8783
https://access.redhat.com/security/cve/CVE-2019-8808
https://access.redhat.com/security/cve/CVE-2019-8811
https://access.redhat.com/security/cve/CVE-2019-8812
https://access.redhat.com/security/cve/CVE-2019-8813
https://access.redhat.com/security/cve/CVE-2019-8814
https://access.redhat.com/security/cve/CVE-2019-8815
https://access.redhat.com/security/cve/CVE-2019-8816
https://access.redhat.com/security/cve/CVE-2019-8819
https://access.redhat.com/security/cve/CVE-2019-8820
https://access.redhat.com/security/cve/CVE-2019-8823
https://access.redhat.com/security/cve/CVE-2019-8835
https://access.redhat.com/security/cve/CVE-2019-8844
https://access.redhat.com/security/cve/CVE-2019-8846
https://access.redhat.com/security/cve/CVE-2020-3862
https://access.redhat.com/security/cve/CVE-2020-3864
https://access.redhat.com/security/cve/CVE-2020-3865
https://access.redhat.com/security/cve/CVE-2020-3867
https://access.redhat.com/security/cve/CVE-2020-3868
https://access.redhat.com/security/cve/CVE-2020-3885
https://access.redhat.com/security/cve/CVE-2020-3894
https://access.redhat.com/security/cve/CVE-2020-3895
https://access.redhat.com/security/cve/CVE-2020-3897
https://access.redhat.com/security/cve/CVE-2020-3899
https://access.redhat.com/security/cve/CVE-2020-3900
https://access.redhat.com/security/cve/CVE-2020-3901
https://access.redhat.com/security/cve/CVE-2020-3902
https://access.redhat.com/security/cve/CVE-2020-9802
https://access.redhat.com/security/cve/CVE-2020-9803
https://access.redhat.com/security/cve/CVE-2020-9805
https://access.redhat.com/security/cve/CVE-2020-9806
https://access.redhat.com/security/cve/CVE-2020-9807
https://access.redhat.com/security/cve/CVE-2020-9843
https://access.redhat.com/security/cve/CVE-2020-9850
https://access.redhat.com/security/cve/CVE-2020-9862
https://access.redhat.com/security/cve/CVE-2020-9893
https://access.redhat.com/security/cve/CVE-2020-9894
https://access.redhat.com/security/cve/CVE-2020-9895
https://access.redhat.com/security/cve/CVE-2020-9915
https://access.redhat.com/security/cve/CVE-2020-9925
https://access.redhat.com/security/cve/CVE-2020-10018
https://access.redhat.com/security/cve/CVE-2020-11793
https://access.redhat.com/security/cve/CVE-2020-14391
https://access.redhat.com/security/cve/CVE-2020-15503
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc |
|
var-201210-0272
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Security. Oracle Java SE is prone to a remote vulnerability in Java Runtime Environment.
The vulnerability can be exploited over multiple protocols. This issue affects the 'Security' sub-component.
This vulnerability affects the following supported versions:
7 Update 7, 6 Update 35, 5.0 Update 36, 1.4.2_38. Further
information about these flaws can be found on the Oracle Java SE Critical
Patch Update Advisory and Oracle Security Alert pages, listed in the
References section.
Background
==========
IcedTea is a distribution of the Java OpenJDK source code built with
free build tools. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Note: the current version of the following document is available here:
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c03596813
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03596813
Version: 1
HPSBOV02833 SSRT101043 rev.1 - OpenVMS running Java on Integrity Servers,
Remote Unauthorized Access, Disclosure of Information, and Other
Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.
Release Date: 2013-01-07
Last Updated: 2013-01-07
Potential Security Impact: Remote unauthorized access, disclosure of
information, and other vulnerabilities
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified in Java Runtime
Environment (JRE) and Java Developer Kit (JDK) running on OpenVMS Integrity
Servers. These vulnerabilities could allow remote unauthorized access,
disclosure of information, and other exploits.
OpenVMS Integrity JDK and JRE 6.0-3.p1 and earlier.
BACKGROUND
CVSS 2.0 Base Metrics
===========================================================
Reference Base Vector Base Score
CVE-2012-1531 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2012-1532 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2012-1533 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2012-3143 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2012-3159 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2012-3216 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6
CVE-2012-4416 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4
CVE-2012-5068 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2012-5069 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8
CVE-2012-5071 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4
CVE-2012-5072 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2012-5073 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0
CVE-2012-5075 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2012-5077 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6
CVE-2012-5079 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0
CVE-2012-5081 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2012-5083 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2012-5084 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6
CVE-2012-5085 (AV:N/AC:M/Au:S/C:N/I:N/A:N) 0.0
CVE-2012-5086 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2012-5087 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2012-5089 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve these
vulnerabilities.
The updates are available from the following location:
http://h18012.www1.hp.com/java/alpha
Kit Name
Java SE Development Kit (JDK) 6.0-4 for the OpenVMS I64 Operating System
Java SE Runtime Environment (JRE) 6.0-4 for the OpenVMS I64 Operating System
HISTORY
Version:1 (rev.1) - 7 January 2013 Initial release
Third Party Security Patches: Third party security patches that are to be
installed on systems running HP software products should be applied in
accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security
Bulletin, contact normal HP Services support channel. For other issues about
the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported
product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin
alerts via Email:
http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin List: A list of HP Security Bulletins, updated
periodically, is contained in HP Security Notice HPSN-2011-001:
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c02964430
Security Bulletin Archive: A list of recently released Security Bulletins is
available here:
http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in
the title by the two characters following HPSB.
3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
MP = MPE/iX
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PI = Printing and Imaging
PV = ProCurve
ST = Storage Software
TU = Tru64 UNIX
UX = HP-UX
Copyright 2013 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors
or omissions contained herein. The information provided is provided "as is"
without warranty of any kind. To the extent permitted by law, neither HP or
its affiliates, subcontractors or suppliers will be liable for
incidental,special or consequential damages including downtime cost; lost
profits;damages relating to the procurement of substitute products or
services; or damages for loss of data, or software restoration. The
information in this document is subject to change without notice.
Hewlett-Packard Company and the names of Hewlett-Packard products referenced
herein are trademarks of Hewlett-Packard Company in the United States and
other countries. Other product and company names mentioned herein may be
trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2012-10-16-1 Java for OS X 2012-006 and
Java for Mac OS X 10.6 Update 11
Java for OS X 2012-006 and Java for Mac OS X 10.6 Update 11 are now
available and address the following:
Java
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,
OS X Lion v10.7 or later, OS X Lion Server v10.7 or later,
OS X Mountain Lion 10.8 or later
Impact: Multiple vulnerabilities in Java 1.6.0_35
Description: Multiple vulnerabilities exist in Java 1.6.0_35, the
most serious of which may allow an untrusted Java applet to execute
arbitrary code outside the Java sandbox. Visiting a web page
containing a maliciously crafted untrusted Java applet may lead to
arbitrary code execution with the privileges of the current user.
These issues are addressed by updating to Java version 1.6.0_37.
Further information is available via the Java website at http://www.o
racle.com/technetwork/java/javase/releasenotes-136954.html
CVE-ID
CVE-2012-1531
CVE-2012-1532
CVE-2012-1533
CVE-2012-3143
CVE-2012-3159
CVE-2012-3216
CVE-2012-4416
CVE-2012-5068
CVE-2012-5069
CVE-2012-5071
CVE-2012-5072
CVE-2012-5073
CVE-2012-5075
CVE-2012-5077
CVE-2012-5081
CVE-2012-5083
CVE-2012-5084
CVE-2012-5086
CVE-2012-5089
CVE-2012-5979
Java for OS X 2012-006 and Java for Mac OS X 10.6 Update 11
may be obtained from the Software Update pane in System Preferences,
Mac App Store, or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/
For Mac OS X v10.6 systems
The download file is named: JavaForMacOSX10.6.dmg
Its SHA-1 digest is: 2ca7594a6f7849b502715e8473cf46ef73570da6
For OS X Lion and Mountain Lion systems
The download file is named: JavaForOSX.dmg
Its SHA-1 digest is: eff777cdc39b4e3336b3477f60e8ad769ded8532
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJQfZ+bAAoJEPefwLHPlZEwF+YP/iVGN+CqCkLf7SavQUwyTQ08
a6+I34hefvCQcLCQ4EBYOzDXUJIlcH2azcGnvQsrrgWgpoE6ykqyj4fkpwLM0nF1
CfcSGOV8hmC2ZtR2PgJLcaP4FDKyNoOqLtKY6KtZnUQNcKBYcdM/y3OON9Zc0F2/
m/nQGnm3RfuXYXzSmTwJVKjuR1MkhUfZ9N6cwYUfjQC6cQaRs4tjeezd1jaobeXZ
lfk5Mo/kp3KTwAKsjdwqIThGX/UXdHQm9PnGfU9ktNv0429vKTX4VarPjyLsIeiO
GcBjfzRKzWYrbzTyKqKRAmtC/TcTnGJ8AfOjCP6HedeelJEbHB3iBb4ugqHzcPGG
ffZ9rZy8SMVppJyv3NeJJN86Kl3etdShmhj7maxyQUopDanpZQraaarkNlSYyLql
I0z4/IGX6W4Y2HYI+5wRchSewZi9mU9tw1HFZaoINaPBynEC0jihbeT5P9olX7mL
1OrWyPMPeaXtD9VRaSlV1WwPojJp26XrcWFUu6gqCOWRTzL0h83hNJrQJwTW7PrT
g6ryifMGItMkmOuINyniuUbz1PcOiQZ5VhtQn8XbvjX4BpGS6GJ4IAJ0rv9nSeON
PGv6JcpEAdjEdsChnDTGGTyUzQSN+HU/KTd7Jngg/Bu1v96ZAqrmVzFVkZi+6dtN
8KhhmiZ54RdiudmsUgFu
=TWGY
-----END PGP SIGNATURE-----
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201401-30
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: Oracle JRE/JDK: Multiple vulnerabilities
Date: January 27, 2014
Bugs: #404071, #421073, #433094, #438706, #451206, #455174,
#458444, #460360, #466212, #473830, #473980, #488210, #498148
ID: 201401-30
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in the Oracle JRE/JDK,
allowing attackers to cause unspecified impact.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-java/sun-jdk <= 1.6.0.45 Vulnerable!
2 dev-java/oracle-jdk-bin < 1.7.0.51 >= 1.7.0.51 *
3 dev-java/sun-jre-bin <= 1.6.0.45 Vulnerable!
4 dev-java/oracle-jre-bin < 1.7.0.51 >= 1.7.0.51 *
5 app-emulation/emul-linux-x86-java
< 1.7.0.51 >= 1.7.0.51 *
-------------------------------------------------------------------
NOTE: Certain packages are still vulnerable. Users should migrate
to another package if one is available or wait for the
existing packages to be marked stable by their
architecture maintainers.
-------------------------------------------------------------------
NOTE: Packages marked with asterisks require manual intervention!
-------------------------------------------------------------------
5 affected packages
Description
===========
Multiple vulnerabilities have been reported in the Oracle Java
implementation. Please review the CVE identifiers referenced below for
details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Oracle JDK 1.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=dev-java/oracle-jdk-bin-1.7.0.51"
All Oracle JRE 1.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=dev-java/oracle-jre-bin-1.7.0.51"
All users of the precompiled 32-bit Oracle JRE should upgrade to the
latest version:
# emerge --sync
# emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.7.0.51"
All Sun Microsystems JDK/JRE 1.6 users are suggested to upgrade to one
of the newer Oracle packages like dev-java/oracle-jdk-bin or
dev-java/oracle-jre-bin or choose another alternative we provide; eg.
the IBM JDK/JRE or the open source IcedTea.
References
==========
[ 1 ] CVE-2011-3563
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563
[ 2 ] CVE-2011-5035
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035
[ 3 ] CVE-2012-0497
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497
[ 4 ] CVE-2012-0498
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0498
[ 5 ] CVE-2012-0499
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0499
[ 6 ] CVE-2012-0500
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0500
[ 7 ] CVE-2012-0501
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501
[ 8 ] CVE-2012-0502
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502
[ 9 ] CVE-2012-0503
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503
[ 10 ] CVE-2012-0504
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0504
[ 11 ] CVE-2012-0505
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505
[ 12 ] CVE-2012-0506
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506
[ 13 ] CVE-2012-0507
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0507
[ 14 ] CVE-2012-0547
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547
[ 15 ] CVE-2012-1531
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1531
[ 16 ] CVE-2012-1532
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1532
[ 17 ] CVE-2012-1533
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1533
[ 18 ] CVE-2012-1541
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1541
[ 19 ] CVE-2012-1682
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1682
[ 20 ] CVE-2012-1711
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711
[ 21 ] CVE-2012-1713
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713
[ 22 ] CVE-2012-1716
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716
[ 23 ] CVE-2012-1717
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717
[ 24 ] CVE-2012-1718
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718
[ 25 ] CVE-2012-1719
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719
[ 26 ] CVE-2012-1721
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1721
[ 27 ] CVE-2012-1722
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1722
[ 28 ] CVE-2012-1723
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723
[ 29 ] CVE-2012-1724
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724
[ 30 ] CVE-2012-1725
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725
[ 31 ] CVE-2012-1726
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726
[ 32 ] CVE-2012-3136
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3136
[ 33 ] CVE-2012-3143
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3143
[ 34 ] CVE-2012-3159
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3159
[ 35 ] CVE-2012-3174
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3174
[ 36 ] CVE-2012-3213
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3213
[ 37 ] CVE-2012-3216
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216
[ 38 ] CVE-2012-3342
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3342
[ 39 ] CVE-2012-4416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416
[ 40 ] CVE-2012-4681
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4681
[ 41 ] CVE-2012-5067
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5067
[ 42 ] CVE-2012-5068
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068
[ 43 ] CVE-2012-5069
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069
[ 44 ] CVE-2012-5070
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070
[ 45 ] CVE-2012-5071
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071
[ 46 ] CVE-2012-5072
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072
[ 47 ] CVE-2012-5073
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073
[ 48 ] CVE-2012-5074
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074
[ 49 ] CVE-2012-5075
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075
[ 50 ] CVE-2012-5076
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076
[ 51 ] CVE-2012-5077
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077
[ 52 ] CVE-2012-5079
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5079
[ 53 ] CVE-2012-5081
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081
[ 54 ] CVE-2012-5083
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5083
[ 55 ] CVE-2012-5084
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084
[ 56 ] CVE-2012-5085
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085
[ 57 ] CVE-2012-5086
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086
[ 58 ] CVE-2012-5087
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087
[ 59 ] CVE-2012-5088
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5088
[ 60 ] CVE-2012-5089
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089
[ 61 ] CVE-2013-0169
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169
[ 62 ] CVE-2013-0351
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0351
[ 63 ] CVE-2013-0401
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401
[ 64 ] CVE-2013-0402
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0402
[ 65 ] CVE-2013-0409
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0409
[ 66 ] CVE-2013-0419
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0419
[ 67 ] CVE-2013-0422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0422
[ 68 ] CVE-2013-0423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0423
[ 69 ] CVE-2013-0430
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0430
[ 70 ] CVE-2013-0437
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0437
[ 71 ] CVE-2013-0438
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0438
[ 72 ] CVE-2013-0445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0445
[ 73 ] CVE-2013-0446
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0446
[ 74 ] CVE-2013-0448
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0448
[ 75 ] CVE-2013-0449
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0449
[ 76 ] CVE-2013-0809
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809
[ 77 ] CVE-2013-1473
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1473
[ 78 ] CVE-2013-1479
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1479
[ 79 ] CVE-2013-1481
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1481
[ 80 ] CVE-2013-1484
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484
[ 81 ] CVE-2013-1485
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485
[ 82 ] CVE-2013-1486
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486
[ 83 ] CVE-2013-1487
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1487
[ 84 ] CVE-2013-1488
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488
[ 85 ] CVE-2013-1491
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1491
[ 86 ] CVE-2013-1493
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493
[ 87 ] CVE-2013-1500
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500
[ 88 ] CVE-2013-1518
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518
[ 89 ] CVE-2013-1537
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537
[ 90 ] CVE-2013-1540
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1540
[ 91 ] CVE-2013-1557
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557
[ 92 ] CVE-2013-1558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1558
[ 93 ] CVE-2013-1561
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1561
[ 94 ] CVE-2013-1563
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1563
[ 95 ] CVE-2013-1564
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1564
[ 96 ] CVE-2013-1569
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569
[ 97 ] CVE-2013-1571
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571
[ 98 ] CVE-2013-2383
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383
[ 99 ] CVE-2013-2384
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384
[ 100 ] CVE-2013-2394
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2394
[ 101 ] CVE-2013-2400
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2400
[ 102 ] CVE-2013-2407
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407
[ 103 ] CVE-2013-2412
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412
[ 104 ] CVE-2013-2414
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2414
[ 105 ] CVE-2013-2415
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415
[ 106 ] CVE-2013-2416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2416
[ 107 ] CVE-2013-2417
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417
[ 108 ] CVE-2013-2418
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2418
[ 109 ] CVE-2013-2419
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419
[ 110 ] CVE-2013-2420
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420
[ 111 ] CVE-2013-2421
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421
[ 112 ] CVE-2013-2422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422
[ 113 ] CVE-2013-2423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423
[ 114 ] CVE-2013-2424
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424
[ 115 ] CVE-2013-2425
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2425
[ 116 ] CVE-2013-2426
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426
[ 117 ] CVE-2013-2427
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2427
[ 118 ] CVE-2013-2428
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2428
[ 119 ] CVE-2013-2429
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429
[ 120 ] CVE-2013-2430
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430
[ 121 ] CVE-2013-2431
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431
[ 122 ] CVE-2013-2432
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2432
[ 123 ] CVE-2013-2433
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2433
[ 124 ] CVE-2013-2434
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2434
[ 125 ] CVE-2013-2435
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2435
[ 126 ] CVE-2013-2436
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436
[ 127 ] CVE-2013-2437
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2437
[ 128 ] CVE-2013-2438
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2438
[ 129 ] CVE-2013-2439
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2439
[ 130 ] CVE-2013-2440
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2440
[ 131 ] CVE-2013-2442
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2442
[ 132 ] CVE-2013-2443
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443
[ 133 ] CVE-2013-2444
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444
[ 134 ] CVE-2013-2445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445
[ 135 ] CVE-2013-2446
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446
[ 136 ] CVE-2013-2447
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447
[ 137 ] CVE-2013-2448
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448
[ 138 ] CVE-2013-2449
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449
[ 139 ] CVE-2013-2450
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450
[ 140 ] CVE-2013-2451
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451
[ 141 ] CVE-2013-2452
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452
[ 142 ] CVE-2013-2453
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453
[ 143 ] CVE-2013-2454
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454
[ 144 ] CVE-2013-2455
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455
[ 145 ] CVE-2013-2456
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456
[ 146 ] CVE-2013-2457
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457
[ 147 ] CVE-2013-2458
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458
[ 148 ] CVE-2013-2459
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459
[ 149 ] CVE-2013-2460
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460
[ 150 ] CVE-2013-2461
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461
[ 151 ] CVE-2013-2462
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2462
[ 152 ] CVE-2013-2463
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463
[ 153 ] CVE-2013-2464
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2464
[ 154 ] CVE-2013-2465
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465
[ 155 ] CVE-2013-2466
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2466
[ 156 ] CVE-2013-2467
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2467
[ 157 ] CVE-2013-2468
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2468
[ 158 ] CVE-2013-2469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469
[ 159 ] CVE-2013-2470
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470
[ 160 ] CVE-2013-2471
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471
[ 161 ] CVE-2013-2472
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472
[ 162 ] CVE-2013-2473
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473
[ 163 ] CVE-2013-3743
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3743
[ 164 ] CVE-2013-3744
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3744
[ 165 ] CVE-2013-3829
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829
[ 166 ] CVE-2013-5772
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772
[ 167 ] CVE-2013-5774
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774
[ 168 ] CVE-2013-5775
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5775
[ 169 ] CVE-2013-5776
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5776
[ 170 ] CVE-2013-5777
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5777
[ 171 ] CVE-2013-5778
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778
[ 172 ] CVE-2013-5780
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780
[ 173 ] CVE-2013-5782
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782
[ 174 ] CVE-2013-5783
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783
[ 175 ] CVE-2013-5784
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784
[ 176 ] CVE-2013-5787
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5787
[ 177 ] CVE-2013-5788
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5788
[ 178 ] CVE-2013-5789
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5789
[ 179 ] CVE-2013-5790
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790
[ 180 ] CVE-2013-5797
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797
[ 181 ] CVE-2013-5800
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800
[ 182 ] CVE-2013-5801
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5801
[ 183 ] CVE-2013-5802
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802
[ 184 ] CVE-2013-5803
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803
[ 185 ] CVE-2013-5804
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804
[ 186 ] CVE-2013-5805
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805
[ 187 ] CVE-2013-5806
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806
[ 188 ] CVE-2013-5809
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809
[ 189 ] CVE-2013-5810
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5810
[ 190 ] CVE-2013-5812
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5812
[ 191 ] CVE-2013-5814
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814
[ 192 ] CVE-2013-5817
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817
[ 193 ] CVE-2013-5818
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5818
[ 194 ] CVE-2013-5819
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5819
[ 195 ] CVE-2013-5820
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820
[ 196 ] CVE-2013-5823
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823
[ 197 ] CVE-2013-5824
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5824
[ 198 ] CVE-2013-5825
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825
[ 199 ] CVE-2013-5829
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829
[ 200 ] CVE-2013-5830
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830
[ 201 ] CVE-2013-5831
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5831
[ 202 ] CVE-2013-5832
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5832
[ 203 ] CVE-2013-5838
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5838
[ 204 ] CVE-2013-5840
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840
[ 205 ] CVE-2013-5842
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842
[ 206 ] CVE-2013-5843
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5843
[ 207 ] CVE-2013-5844
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5844
[ 208 ] CVE-2013-5846
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5846
[ 209 ] CVE-2013-5848
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5848
[ 210 ] CVE-2013-5849
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849
[ 211 ] CVE-2013-5850
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850
[ 212 ] CVE-2013-5851
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851
[ 213 ] CVE-2013-5852
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5852
[ 214 ] CVE-2013-5854
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5854
[ 215 ] CVE-2013-5870
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5870
[ 216 ] CVE-2013-5878
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5878
[ 217 ] CVE-2013-5887
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5887
[ 218 ] CVE-2013-5888
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5888
[ 219 ] CVE-2013-5889
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5889
[ 220 ] CVE-2013-5893
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5893
[ 221 ] CVE-2013-5895
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5895
[ 222 ] CVE-2013-5896
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5896
[ 223 ] CVE-2013-5898
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5898
[ 224 ] CVE-2013-5899
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5899
[ 225 ] CVE-2013-5902
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5902
[ 226 ] CVE-2013-5904
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5904
[ 227 ] CVE-2013-5905
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5905
[ 228 ] CVE-2013-5906
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5906
[ 229 ] CVE-2013-5907
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5907
[ 230 ] CVE-2013-5910
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5910
[ 231 ] CVE-2014-0368
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0368
[ 232 ] CVE-2014-0373
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0373
[ 233 ] CVE-2014-0375
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0375
[ 234 ] CVE-2014-0376
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0376
[ 235 ] CVE-2014-0382
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0382
[ 236 ] CVE-2014-0385
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0385
[ 237 ] CVE-2014-0387
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0387
[ 238 ] CVE-2014-0403
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0403
[ 239 ] CVE-2014-0408
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0408
[ 240 ] CVE-2014-0410
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0410
[ 241 ] CVE-2014-0411
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0411
[ 242 ] CVE-2014-0415
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0415
[ 243 ] CVE-2014-0416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0416
[ 244 ] CVE-2014-0417
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0417
[ 245 ] CVE-2014-0418
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0418
[ 246 ] CVE-2014-0422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0422
[ 247 ] CVE-2014-0423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0423
[ 248 ] CVE-2014-0424
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0424
[ 249 ] CVE-2014-0428
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0428
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201401-30.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2014 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. (CVE-2012-5085)
Note: If the web browser plug-in provided by the icedtea-web package was
installed, the issues exposed via Java applets could have been exploited
without user interaction if a user visited a malicious website. ============================================================================
Ubuntu Security Notice USN-1619-1
October 26, 2012
openjdk-6, openjdk-7 vulnerabilities
============================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.04 LTS
Summary:
Several security issues were fixed in OpenJDK. An attacker could exploit these
to cause a denial of service.
These issues only affected Ubuntu 12.10. (CVE-2012-5067, CVE-2012-5070)
Vulnerabilities were discovered in the OpenJDK JRE related to data
integrity. (CVE-2012-5073, CVE-2012-5079)
A vulnerability was discovered in the OpenJDK JRE related to information
disclosure and data integrity. This issue only affected Ubuntu 12.10. An attacker could exploit these
to cause a denial of service. These issues only affected Ubuntu 12.10.
(CVE-2012-5076, CVE-2012-5087, CVE-2012-5088)
A denial of service vulnerability was found in OpenJDK. (CVE-2012-5081)
Please see the following for more information:
http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.10:
icedtea-7-jre-cacao 7u9-2.3.3-0ubuntu1~12.10.1
icedtea-7-jre-jamvm 7u9-2.3.3-0ubuntu1~12.10.1
openjdk-7-jre 7u9-2.3.3-0ubuntu1~12.10.1
openjdk-7-jre-headless 7u9-2.3.3-0ubuntu1~12.10.1
openjdk-7-jre-lib 7u9-2.3.3-0ubuntu1~12.10.1
openjdk-7-jre-zero 7u9-2.3.3-0ubuntu1~12.10.1
Ubuntu 12.04 LTS:
icedtea-6-jre-cacao 6b24-1.11.5-0ubuntu1~12.04.1
icedtea-6-jre-jamvm 6b24-1.11.5-0ubuntu1~12.04.1
openjdk-6-jre 6b24-1.11.5-0ubuntu1~12.04.1
openjdk-6-jre-headless 6b24-1.11.5-0ubuntu1~12.04.1
openjdk-6-jre-lib 6b24-1.11.5-0ubuntu1~12.04.1
openjdk-6-jre-zero 6b24-1.11.5-0ubuntu1~12.04.1
Ubuntu 11.10:
icedtea-6-jre-cacao 6b24-1.11.5-0ubuntu1~11.10.1
icedtea-6-jre-jamvm 6b24-1.11.5-0ubuntu1~11.10.1
openjdk-6-jre 6b24-1.11.5-0ubuntu1~11.10.1
openjdk-6-jre-headless 6b24-1.11.5-0ubuntu1~11.10.1
openjdk-6-jre-lib 6b24-1.11.5-0ubuntu1~11.10.1
openjdk-6-jre-zero 6b24-1.11.5-0ubuntu1~11.10.1
Ubuntu 11.04:
icedtea-6-jre-cacao 6b24-1.11.5-0ubuntu1~11.04.1
icedtea-6-jre-jamvm 6b24-1.11.5-0ubuntu1~11.04.1
openjdk-6-jre 6b24-1.11.5-0ubuntu1~11.04.1
openjdk-6-jre-headless 6b24-1.11.5-0ubuntu1~11.04.1
openjdk-6-jre-lib 6b24-1.11.5-0ubuntu1~11.04.1
openjdk-6-jre-zero 6b24-1.11.5-0ubuntu1~11.04.1
Ubuntu 10.04 LTS:
icedtea-6-jre-cacao 6b24-1.11.5-0ubuntu1~10.04.2
openjdk-6-jre 6b24-1.11.5-0ubuntu1~10.04.2
openjdk-6-jre-headless 6b24-1.11.5-0ubuntu1~10.04.2
openjdk-6-jre-lib 6b24-1.11.5-0ubuntu1~10.04.2
openjdk-6-jre-zero 6b24-1.11.5-0ubuntu1~10.04.2
This update uses a new upstream release, which includes additional bug
fixes. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Important: java-1.7.0-openjdk security update
Advisory ID: RHSA-2012:1386-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1386.html
Issue date: 2012-10-17
CVE Names: CVE-2012-3216 CVE-2012-4416 CVE-2012-5068
CVE-2012-5069 CVE-2012-5070 CVE-2012-5071
CVE-2012-5072 CVE-2012-5073 CVE-2012-5074
CVE-2012-5075 CVE-2012-5076 CVE-2012-5077
CVE-2012-5079 CVE-2012-5081 CVE-2012-5084
CVE-2012-5085 CVE-2012-5086 CVE-2012-5087
CVE-2012-5088 CVE-2012-5089
=====================================================================
1. Summary:
Updated java-1.7.0-openjdk packages that fix several security issues are
now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64
3. Description:
These packages provide the OpenJDK 7 Java Runtime Environment and the
OpenJDK 7 Software Development Kit.
Multiple improper permission check issues were discovered in the Beans,
Libraries, Swing, and JMX components in OpenJDK. An untrusted Java
application or applet could use these flaws to bypass Java sandbox
restrictions. (CVE-2012-5086, CVE-2012-5087, CVE-2012-5088, CVE-2012-5084,
CVE-2012-5089)
The default Java security properties configuration did not restrict access
to certain com.sun.org.glassfish packages. An untrusted Java application
or applet could use these flaws to bypass Java sandbox restrictions. This
update lists those packages as restricted. (CVE-2012-5076, CVE-2012-5074)
Multiple improper permission check issues were discovered in the Scripting,
JMX, Concurrency, Libraries, and Security components in OpenJDK. An
untrusted Java application or applet could use these flaws to bypass
certain Java sandbox restrictions. (CVE-2012-5068, CVE-2012-5071,
CVE-2012-5069, CVE-2012-5073, CVE-2012-5072)
It was discovered that java.util.ServiceLoader could create an instance of
an incompatible class while performing provider lookup. An untrusted Java
application or applet could use this flaw to bypass certain Java sandbox
restrictions. (CVE-2012-5079)
It was discovered that the Java Secure Socket Extension (JSSE) SSL/TLS
implementation did not properly handle handshake records containing an
overly large data length value. An unauthenticated, remote attacker could
possibly use this flaw to cause an SSL/TLS server to terminate with an
exception. (CVE-2012-5081)
It was discovered that the JMX component in OpenJDK could perform certain
actions in an insecure manner. An untrusted Java application or applet
could possibly use these flaws to disclose sensitive information.
(CVE-2012-5070, CVE-2012-5075)
A bug in the Java HotSpot Virtual Machine optimization code could cause it
to not perform array initialization in certain cases. An untrusted Java
application or applet could use this flaw to disclose portions of the
virtual machine's memory. (CVE-2012-4416)
It was discovered that the SecureRandom class did not properly protect
against the creation of multiple seeders. An untrusted Java application or
applet could possibly use this flaw to disclose sensitive information.
(CVE-2012-5077)
It was discovered that the java.io.FilePermission class exposed the hash
code of the canonicalized path name. An untrusted Java application or
applet could possibly use this flaw to determine certain system paths, such
as the current working directory. (CVE-2012-3216)
This update disables Gopher protocol support in the java.net package by
default. Gopher support can be enabled by setting the newly introduced
property, "jdk.net.registerGopherProtocol", to true. (CVE-2012-5085)
This erratum also upgrades the OpenJDK package to IcedTea7 2.3.3. Refer to
the NEWS file, linked to in the References, for further information.
All users of java-1.7.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
5. Bugs fixed (http://bugzilla.redhat.com/):
856124 - CVE-2012-4416 OpenJDK: uninitialized Array JVM memory disclosure (Hotspot, 7198606)
865346 - CVE-2012-3216 OpenJDK: java.io.FilePermission information leak (Libraries, 6631398)
865348 - CVE-2012-5068 OpenJDK: RhinoScriptEngine security bypass (Scripting, 7143535)
865350 - CVE-2012-5070 OpenJDK: EnvHelp information disclosure (JMX, 7158796)
865352 - CVE-2012-5076 OpenJDK: com.sun.org.glassfish.* not restricted packages (JAX-WS, 7163198)
865354 - CVE-2012-5077 OpenJDK: SecureRandom mulitple seeders information disclosure (Security, 7167656)
865357 - CVE-2012-5073 OpenJDK: LogManager security bypass (Libraries, 7169884)
865359 - CVE-2012-5074 OpenJDK: com.sun.org.glassfish.* not restricted packages (JAX-WS, 7169887)
865363 - CVE-2012-5075 OpenJDK: RMIConnectionImpl information disclosure (JMX, 7169888)
865365 - CVE-2012-5072 OpenJDK: AccessController.doPrivilegedWithCombiner() information disclosure (Security, 7172522)
865370 - CVE-2012-5081 OpenJDK: JSSE denial of service (JSSE, 7186286)
865428 - CVE-2012-5086 OpenJDK: XMLDecoder sandbox restriction bypass (Beans, 7195917)
865434 - CVE-2012-5087 OpenJDK: PropertyElementHandler insufficient access checks (Beans, 7195549)
865471 - CVE-2012-5088 OpenJDK: MethodHandle insufficient access control checks (Libraries, 7196190)
865511 - CVE-2012-5084 OpenJDK: DefaultFormatter insufficient data validation (Swing, 7195194)
865514 - CVE-2012-5089 OpenJDK: RMIConnectionImpl insufficient access control checks (JMX, 7198296)
865519 - CVE-2012-5071 OpenJDK: DescriptorSupport insufficient package access checks (JMX, 7192975)
865531 - CVE-2012-5069 OpenJDK: Executors state handling issues (Concurrency, 7189103)
865541 - CVE-2012-5085 OpenJDK: disable Gopher support by default (Gopher, 7189567)
865568 - CVE-2012-5079 OpenJDK: ServiceLoader reject not subtype classes without instantiating (Libraries, 7195919)
6. Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm
i386:
java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.i686.rpm
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm
x86_64:
java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm
i386:
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm
java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.i686.rpm
java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.i686.rpm
java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.i686.rpm
noarch:
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm
x86_64:
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm
noarch:
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm
x86_64:
java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm
i386:
java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.i686.rpm
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm
x86_64:
java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm
i386:
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm
java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.i686.rpm
java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.i686.rpm
java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.i686.rpm
noarch:
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm
x86_64:
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm
i386:
java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.i686.rpm
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm
x86_64:
java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm
i386:
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm
java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.i686.rpm
java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.i686.rpm
java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.i686.rpm
noarch:
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm
x86_64:
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2012-3216.html
https://www.redhat.com/security/data/cve/CVE-2012-4416.html
https://www.redhat.com/security/data/cve/CVE-2012-5068.html
https://www.redhat.com/security/data/cve/CVE-2012-5069.html
https://www.redhat.com/security/data/cve/CVE-2012-5070.html
https://www.redhat.com/security/data/cve/CVE-2012-5071.html
https://www.redhat.com/security/data/cve/CVE-2012-5072.html
https://www.redhat.com/security/data/cve/CVE-2012-5073.html
https://www.redhat.com/security/data/cve/CVE-2012-5074.html
https://www.redhat.com/security/data/cve/CVE-2012-5075.html
https://www.redhat.com/security/data/cve/CVE-2012-5076.html
https://www.redhat.com/security/data/cve/CVE-2012-5077.html
https://www.redhat.com/security/data/cve/CVE-2012-5079.html
https://www.redhat.com/security/data/cve/CVE-2012-5081.html
https://www.redhat.com/security/data/cve/CVE-2012-5084.html
https://www.redhat.com/security/data/cve/CVE-2012-5085.html
https://www.redhat.com/security/data/cve/CVE-2012-5086.html
https://www.redhat.com/security/data/cve/CVE-2012-5087.html
https://www.redhat.com/security/data/cve/CVE-2012-5088.html
https://www.redhat.com/security/data/cve/CVE-2012-5089.html
https://access.redhat.com/security/updates/classification/#important
http://icedtea.classpath.org/hg/release/icedtea7-2.3/file/icedtea-2.3.3/NEWS
http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFQftouXlSAg2UNWIIRAu4QAJ9oluAxlU3ZC8CvezRk4Erm08HD+QCeNlqf
GG07IH3dgJiG+gj47Cm1WNQ=
=8X+P
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
|
|
var-202008-0248
|
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network.
To exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access.
Microsoft is addressing the vulnerability in a phased two-part rollout. These updates address the vulnerability by modifying how Netlogon handles the usage of Netlogon secure channels.
For guidelines on how to manage the changes required for this vulnerability and more information on the phased rollout, see How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472 (updated September 28, 2020).
When the second phase of Windows updates become available in Q1 2021, customers will be notified via a revision to this security vulnerability. If you wish to be notified when these updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this advisory. See Microsoft Technical Security Notifications. The Microsoft Windows Netlogon Remote Protocol (MS-NRPC) reuses a known, static, zero-value initialization vector (IV) in AES-CFB8 mode. plural Microsoft Windows The product contains an elevation of privilege vulnerability. Both Microsoft Windows and Microsoft Windows Server are products of Microsoft Corporation. Microsoft Windows is an operating system for personal devices. Microsoft Windows Server is a server operating system. Netlogon is a service used to register all SRV resource records for domain controllers. The following products and versions are affected: Microsoft Windows Server 2008 R2 SP1, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Server 2019, Windows Server 1903, Windows Server 1909, Windows Server 2004. A flaw was found in the way samba handled file and directory permissions. (CVE-2020-14318)
A null pointer dereference flaw was found in Samba's winbind service. This flaw allows a local user to crash the winbind service, causing a denial of service. The highest threat from this vulnerability is to system availability. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2020-1472). 8) - aarch64, noarch, ppc64le, s390x, x86_64
3.
The following packages have been upgraded to a later upstream version:
samba (4.13.3).
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.4 Release Notes linked from the References section. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202012-24
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Samba: Multiple vulnerabilities
Date: December 24, 2020
Bugs: #743433, #751724
ID: 202012-24
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in Samba, the worst of which
could result in a Denial of Service condition.
Background
==========
Samba is a suite of SMB and CIFS client/server programs.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-fs/samba < 4.12.9 >= 4.12.9
Description
===========
Multiple vulnerabilities have been discovered in Samba. Please review
the CVE identifiers referenced below for details.
Impact
======
Please review the referenced CVE identifiers for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Samba users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-fs/samba-4.12.9"
References
==========
[ 1 ] CVE-2020-14318
https://nvd.nist.gov/vuln/detail/CVE-2020-14318
[ 2 ] CVE-2020-14323
https://nvd.nist.gov/vuln/detail/CVE-2020-14323
[ 3 ] CVE-2020-14383
https://nvd.nist.gov/vuln/detail/CVE-2020-14383
[ 4 ] CVE-2020-1472
https://nvd.nist.gov/vuln/detail/CVE-2020-1472
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202012-24
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2020 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: samba security and bug fix update
Advisory ID: RHSA-2020:5439-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:5439
Issue date: 2020-12-15
CVE Names: CVE-2020-1472 CVE-2020-14318 CVE-2020-14323
=====================================================================
1. Summary:
An update for samba is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Resilient Storage (v. 7) - ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64
3. Description:
Samba is an open-source implementation of the Server Message Block (SMB)
protocol and the related Common Internet File System (CIFS) protocol, which
allow PC-compatible machines to share files, printers, and various
information.
Security Fix(es):
* samba: Netlogon elevation of privilege vulnerability (Zerologon)
(CVE-2020-1472)
* samba: Missing handle permissions check in SMB1/2/3 ChangeNotify
(CVE-2020-14318)
* samba: Unprivileged user can crash winbind (CVE-2020-14323)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
* The 'require_membership_of' documentation in pam_winbind manpage is
incorrect (BZ#1853272)
* Malfunctioning %U substitution in valid users option (BZ#1868917)
* Regression: smbd and nmbd are restarted when samba-winbind package is
upgraded (BZ#1878205)
* winbindd memory leak on wbinfo -u with security=ADS (BZ#1892313)
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the smb service will be restarted
automatically.
5. Bugs fixed (https://bugzilla.redhat.com/):
1853272 - The 'require_membership_of' documentation in pam_winbind manpage is incorrect [rhel-7.9.z]
1868917 - Malfunctioning %U substitution in valid users option [rhel-7.9.z]
1878205 - Regression: smbd and nmbd are restarted when samba-winbind package is upgraded [rhel-7.9.z]
1879822 - CVE-2020-1472 samba: Netlogon elevation of privilege vulnerability (Zerologon)
1891685 - CVE-2020-14323 samba: Unprivileged user can crash winbind
1892313 - winbindd memory leak on wbinfo -u with security=ADS [rhel-7.9.z]
1892631 - CVE-2020-14318 samba: Missing handle permissions check in SMB1/2/3 ChangeNotify
6. Package List:
Red Hat Enterprise Linux Client (v. 7):
Source:
samba-4.10.16-9.el7_9.src.rpm
noarch:
samba-common-4.10.16-9.el7_9.noarch.rpm
x86_64:
libsmbclient-4.10.16-9.el7_9.i686.rpm
libsmbclient-4.10.16-9.el7_9.x86_64.rpm
libwbclient-4.10.16-9.el7_9.i686.rpm
libwbclient-4.10.16-9.el7_9.x86_64.rpm
samba-client-4.10.16-9.el7_9.x86_64.rpm
samba-client-libs-4.10.16-9.el7_9.i686.rpm
samba-client-libs-4.10.16-9.el7_9.x86_64.rpm
samba-common-libs-4.10.16-9.el7_9.i686.rpm
samba-common-libs-4.10.16-9.el7_9.x86_64.rpm
samba-common-tools-4.10.16-9.el7_9.x86_64.rpm
samba-debuginfo-4.10.16-9.el7_9.i686.rpm
samba-debuginfo-4.10.16-9.el7_9.x86_64.rpm
samba-krb5-printing-4.10.16-9.el7_9.x86_64.rpm
samba-libs-4.10.16-9.el7_9.i686.rpm
samba-libs-4.10.16-9.el7_9.x86_64.rpm
samba-winbind-4.10.16-9.el7_9.x86_64.rpm
samba-winbind-clients-4.10.16-9.el7_9.x86_64.rpm
samba-winbind-modules-4.10.16-9.el7_9.i686.rpm
samba-winbind-modules-4.10.16-9.el7_9.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
noarch:
samba-pidl-4.10.16-9.el7_9.noarch.rpm
x86_64:
libsmbclient-devel-4.10.16-9.el7_9.i686.rpm
libsmbclient-devel-4.10.16-9.el7_9.x86_64.rpm
libwbclient-devel-4.10.16-9.el7_9.i686.rpm
libwbclient-devel-4.10.16-9.el7_9.x86_64.rpm
samba-4.10.16-9.el7_9.x86_64.rpm
samba-dc-4.10.16-9.el7_9.x86_64.rpm
samba-dc-libs-4.10.16-9.el7_9.x86_64.rpm
samba-debuginfo-4.10.16-9.el7_9.i686.rpm
samba-debuginfo-4.10.16-9.el7_9.x86_64.rpm
samba-devel-4.10.16-9.el7_9.i686.rpm
samba-devel-4.10.16-9.el7_9.x86_64.rpm
samba-python-4.10.16-9.el7_9.i686.rpm
samba-python-4.10.16-9.el7_9.x86_64.rpm
samba-python-test-4.10.16-9.el7_9.x86_64.rpm
samba-test-4.10.16-9.el7_9.x86_64.rpm
samba-test-libs-4.10.16-9.el7_9.i686.rpm
samba-test-libs-4.10.16-9.el7_9.x86_64.rpm
samba-vfs-glusterfs-4.10.16-9.el7_9.x86_64.rpm
samba-winbind-krb5-locator-4.10.16-9.el7_9.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source:
samba-4.10.16-9.el7_9.src.rpm
noarch:
samba-common-4.10.16-9.el7_9.noarch.rpm
x86_64:
libsmbclient-4.10.16-9.el7_9.i686.rpm
libsmbclient-4.10.16-9.el7_9.x86_64.rpm
libwbclient-4.10.16-9.el7_9.i686.rpm
libwbclient-4.10.16-9.el7_9.x86_64.rpm
samba-client-4.10.16-9.el7_9.x86_64.rpm
samba-client-libs-4.10.16-9.el7_9.i686.rpm
samba-client-libs-4.10.16-9.el7_9.x86_64.rpm
samba-common-libs-4.10.16-9.el7_9.i686.rpm
samba-common-libs-4.10.16-9.el7_9.x86_64.rpm
samba-common-tools-4.10.16-9.el7_9.x86_64.rpm
samba-debuginfo-4.10.16-9.el7_9.i686.rpm
samba-debuginfo-4.10.16-9.el7_9.x86_64.rpm
samba-libs-4.10.16-9.el7_9.i686.rpm
samba-libs-4.10.16-9.el7_9.x86_64.rpm
samba-winbind-4.10.16-9.el7_9.x86_64.rpm
samba-winbind-clients-4.10.16-9.el7_9.x86_64.rpm
samba-winbind-modules-4.10.16-9.el7_9.i686.rpm
samba-winbind-modules-4.10.16-9.el7_9.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
noarch:
samba-pidl-4.10.16-9.el7_9.noarch.rpm
x86_64:
libsmbclient-devel-4.10.16-9.el7_9.i686.rpm
libsmbclient-devel-4.10.16-9.el7_9.x86_64.rpm
libwbclient-devel-4.10.16-9.el7_9.i686.rpm
libwbclient-devel-4.10.16-9.el7_9.x86_64.rpm
samba-4.10.16-9.el7_9.x86_64.rpm
samba-dc-4.10.16-9.el7_9.x86_64.rpm
samba-dc-libs-4.10.16-9.el7_9.x86_64.rpm
samba-debuginfo-4.10.16-9.el7_9.i686.rpm
samba-debuginfo-4.10.16-9.el7_9.x86_64.rpm
samba-devel-4.10.16-9.el7_9.i686.rpm
samba-devel-4.10.16-9.el7_9.x86_64.rpm
samba-krb5-printing-4.10.16-9.el7_9.x86_64.rpm
samba-python-4.10.16-9.el7_9.i686.rpm
samba-python-4.10.16-9.el7_9.x86_64.rpm
samba-python-test-4.10.16-9.el7_9.x86_64.rpm
samba-test-4.10.16-9.el7_9.x86_64.rpm
samba-test-libs-4.10.16-9.el7_9.i686.rpm
samba-test-libs-4.10.16-9.el7_9.x86_64.rpm
samba-vfs-glusterfs-4.10.16-9.el7_9.x86_64.rpm
samba-winbind-krb5-locator-4.10.16-9.el7_9.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source:
samba-4.10.16-9.el7_9.src.rpm
noarch:
samba-common-4.10.16-9.el7_9.noarch.rpm
ppc64:
libsmbclient-4.10.16-9.el7_9.ppc.rpm
libsmbclient-4.10.16-9.el7_9.ppc64.rpm
libwbclient-4.10.16-9.el7_9.ppc.rpm
libwbclient-4.10.16-9.el7_9.ppc64.rpm
samba-4.10.16-9.el7_9.ppc64.rpm
samba-client-4.10.16-9.el7_9.ppc64.rpm
samba-client-libs-4.10.16-9.el7_9.ppc.rpm
samba-client-libs-4.10.16-9.el7_9.ppc64.rpm
samba-common-libs-4.10.16-9.el7_9.ppc.rpm
samba-common-libs-4.10.16-9.el7_9.ppc64.rpm
samba-common-tools-4.10.16-9.el7_9.ppc64.rpm
samba-debuginfo-4.10.16-9.el7_9.ppc.rpm
samba-debuginfo-4.10.16-9.el7_9.ppc64.rpm
samba-krb5-printing-4.10.16-9.el7_9.ppc64.rpm
samba-libs-4.10.16-9.el7_9.ppc.rpm
samba-libs-4.10.16-9.el7_9.ppc64.rpm
samba-winbind-4.10.16-9.el7_9.ppc64.rpm
samba-winbind-clients-4.10.16-9.el7_9.ppc64.rpm
samba-winbind-modules-4.10.16-9.el7_9.ppc.rpm
samba-winbind-modules-4.10.16-9.el7_9.ppc64.rpm
ppc64le:
libsmbclient-4.10.16-9.el7_9.ppc64le.rpm
libwbclient-4.10.16-9.el7_9.ppc64le.rpm
samba-4.10.16-9.el7_9.ppc64le.rpm
samba-client-4.10.16-9.el7_9.ppc64le.rpm
samba-client-libs-4.10.16-9.el7_9.ppc64le.rpm
samba-common-libs-4.10.16-9.el7_9.ppc64le.rpm
samba-common-tools-4.10.16-9.el7_9.ppc64le.rpm
samba-debuginfo-4.10.16-9.el7_9.ppc64le.rpm
samba-krb5-printing-4.10.16-9.el7_9.ppc64le.rpm
samba-libs-4.10.16-9.el7_9.ppc64le.rpm
samba-winbind-4.10.16-9.el7_9.ppc64le.rpm
samba-winbind-clients-4.10.16-9.el7_9.ppc64le.rpm
samba-winbind-modules-4.10.16-9.el7_9.ppc64le.rpm
s390x:
libsmbclient-4.10.16-9.el7_9.s390.rpm
libsmbclient-4.10.16-9.el7_9.s390x.rpm
libwbclient-4.10.16-9.el7_9.s390.rpm
libwbclient-4.10.16-9.el7_9.s390x.rpm
samba-4.10.16-9.el7_9.s390x.rpm
samba-client-4.10.16-9.el7_9.s390x.rpm
samba-client-libs-4.10.16-9.el7_9.s390.rpm
samba-client-libs-4.10.16-9.el7_9.s390x.rpm
samba-common-libs-4.10.16-9.el7_9.s390.rpm
samba-common-libs-4.10.16-9.el7_9.s390x.rpm
samba-common-tools-4.10.16-9.el7_9.s390x.rpm
samba-debuginfo-4.10.16-9.el7_9.s390.rpm
samba-debuginfo-4.10.16-9.el7_9.s390x.rpm
samba-krb5-printing-4.10.16-9.el7_9.s390x.rpm
samba-libs-4.10.16-9.el7_9.s390.rpm
samba-libs-4.10.16-9.el7_9.s390x.rpm
samba-winbind-4.10.16-9.el7_9.s390x.rpm
samba-winbind-clients-4.10.16-9.el7_9.s390x.rpm
samba-winbind-modules-4.10.16-9.el7_9.s390.rpm
samba-winbind-modules-4.10.16-9.el7_9.s390x.rpm
x86_64:
libsmbclient-4.10.16-9.el7_9.i686.rpm
libsmbclient-4.10.16-9.el7_9.x86_64.rpm
libwbclient-4.10.16-9.el7_9.i686.rpm
libwbclient-4.10.16-9.el7_9.x86_64.rpm
samba-4.10.16-9.el7_9.x86_64.rpm
samba-client-4.10.16-9.el7_9.x86_64.rpm
samba-client-libs-4.10.16-9.el7_9.i686.rpm
samba-client-libs-4.10.16-9.el7_9.x86_64.rpm
samba-common-libs-4.10.16-9.el7_9.i686.rpm
samba-common-libs-4.10.16-9.el7_9.x86_64.rpm
samba-common-tools-4.10.16-9.el7_9.x86_64.rpm
samba-debuginfo-4.10.16-9.el7_9.i686.rpm
samba-debuginfo-4.10.16-9.el7_9.x86_64.rpm
samba-krb5-printing-4.10.16-9.el7_9.x86_64.rpm
samba-libs-4.10.16-9.el7_9.i686.rpm
samba-libs-4.10.16-9.el7_9.x86_64.rpm
samba-python-4.10.16-9.el7_9.i686.rpm
samba-python-4.10.16-9.el7_9.x86_64.rpm
samba-winbind-4.10.16-9.el7_9.x86_64.rpm
samba-winbind-clients-4.10.16-9.el7_9.x86_64.rpm
samba-winbind-modules-4.10.16-9.el7_9.i686.rpm
samba-winbind-modules-4.10.16-9.el7_9.x86_64.rpm
Red Hat Enterprise Linux Server Resilient Storage (v. 7):
ppc64le:
ctdb-4.10.16-9.el7_9.ppc64le.rpm
ctdb-tests-4.10.16-9.el7_9.ppc64le.rpm
samba-debuginfo-4.10.16-9.el7_9.ppc64le.rpm
s390x:
ctdb-4.10.16-9.el7_9.s390x.rpm
ctdb-tests-4.10.16-9.el7_9.s390x.rpm
samba-debuginfo-4.10.16-9.el7_9.s390x.rpm
x86_64:
ctdb-4.10.16-9.el7_9.x86_64.rpm
ctdb-tests-4.10.16-9.el7_9.x86_64.rpm
samba-debuginfo-4.10.16-9.el7_9.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
noarch:
samba-pidl-4.10.16-9.el7_9.noarch.rpm
ppc64:
libsmbclient-devel-4.10.16-9.el7_9.ppc.rpm
libsmbclient-devel-4.10.16-9.el7_9.ppc64.rpm
libwbclient-devel-4.10.16-9.el7_9.ppc.rpm
libwbclient-devel-4.10.16-9.el7_9.ppc64.rpm
samba-dc-4.10.16-9.el7_9.ppc64.rpm
samba-dc-libs-4.10.16-9.el7_9.ppc64.rpm
samba-debuginfo-4.10.16-9.el7_9.ppc.rpm
samba-debuginfo-4.10.16-9.el7_9.ppc64.rpm
samba-devel-4.10.16-9.el7_9.ppc.rpm
samba-devel-4.10.16-9.el7_9.ppc64.rpm
samba-python-4.10.16-9.el7_9.ppc.rpm
samba-python-4.10.16-9.el7_9.ppc64.rpm
samba-python-test-4.10.16-9.el7_9.ppc64.rpm
samba-test-4.10.16-9.el7_9.ppc64.rpm
samba-test-libs-4.10.16-9.el7_9.ppc.rpm
samba-test-libs-4.10.16-9.el7_9.ppc64.rpm
samba-winbind-krb5-locator-4.10.16-9.el7_9.ppc64.rpm
ppc64le:
libsmbclient-devel-4.10.16-9.el7_9.ppc64le.rpm
libwbclient-devel-4.10.16-9.el7_9.ppc64le.rpm
samba-dc-4.10.16-9.el7_9.ppc64le.rpm
samba-dc-libs-4.10.16-9.el7_9.ppc64le.rpm
samba-debuginfo-4.10.16-9.el7_9.ppc64le.rpm
samba-devel-4.10.16-9.el7_9.ppc64le.rpm
samba-python-4.10.16-9.el7_9.ppc64le.rpm
samba-python-test-4.10.16-9.el7_9.ppc64le.rpm
samba-test-4.10.16-9.el7_9.ppc64le.rpm
samba-test-libs-4.10.16-9.el7_9.ppc64le.rpm
samba-winbind-krb5-locator-4.10.16-9.el7_9.ppc64le.rpm
s390x:
libsmbclient-devel-4.10.16-9.el7_9.s390.rpm
libsmbclient-devel-4.10.16-9.el7_9.s390x.rpm
libwbclient-devel-4.10.16-9.el7_9.s390.rpm
libwbclient-devel-4.10.16-9.el7_9.s390x.rpm
samba-dc-4.10.16-9.el7_9.s390x.rpm
samba-dc-libs-4.10.16-9.el7_9.s390x.rpm
samba-debuginfo-4.10.16-9.el7_9.s390.rpm
samba-debuginfo-4.10.16-9.el7_9.s390x.rpm
samba-devel-4.10.16-9.el7_9.s390.rpm
samba-devel-4.10.16-9.el7_9.s390x.rpm
samba-python-4.10.16-9.el7_9.s390.rpm
samba-python-4.10.16-9.el7_9.s390x.rpm
samba-python-test-4.10.16-9.el7_9.s390x.rpm
samba-test-4.10.16-9.el7_9.s390x.rpm
samba-test-libs-4.10.16-9.el7_9.s390.rpm
samba-test-libs-4.10.16-9.el7_9.s390x.rpm
samba-winbind-krb5-locator-4.10.16-9.el7_9.s390x.rpm
x86_64:
libsmbclient-devel-4.10.16-9.el7_9.i686.rpm
libsmbclient-devel-4.10.16-9.el7_9.x86_64.rpm
libwbclient-devel-4.10.16-9.el7_9.i686.rpm
libwbclient-devel-4.10.16-9.el7_9.x86_64.rpm
samba-dc-4.10.16-9.el7_9.x86_64.rpm
samba-dc-libs-4.10.16-9.el7_9.x86_64.rpm
samba-debuginfo-4.10.16-9.el7_9.i686.rpm
samba-debuginfo-4.10.16-9.el7_9.x86_64.rpm
samba-devel-4.10.16-9.el7_9.i686.rpm
samba-devel-4.10.16-9.el7_9.x86_64.rpm
samba-python-test-4.10.16-9.el7_9.x86_64.rpm
samba-test-4.10.16-9.el7_9.x86_64.rpm
samba-test-libs-4.10.16-9.el7_9.i686.rpm
samba-test-libs-4.10.16-9.el7_9.x86_64.rpm
samba-vfs-glusterfs-4.10.16-9.el7_9.x86_64.rpm
samba-winbind-krb5-locator-4.10.16-9.el7_9.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
samba-4.10.16-9.el7_9.src.rpm
noarch:
samba-common-4.10.16-9.el7_9.noarch.rpm
x86_64:
libsmbclient-4.10.16-9.el7_9.i686.rpm
libsmbclient-4.10.16-9.el7_9.x86_64.rpm
libwbclient-4.10.16-9.el7_9.i686.rpm
libwbclient-4.10.16-9.el7_9.x86_64.rpm
samba-4.10.16-9.el7_9.x86_64.rpm
samba-client-4.10.16-9.el7_9.x86_64.rpm
samba-client-libs-4.10.16-9.el7_9.i686.rpm
samba-client-libs-4.10.16-9.el7_9.x86_64.rpm
samba-common-libs-4.10.16-9.el7_9.i686.rpm
samba-common-libs-4.10.16-9.el7_9.x86_64.rpm
samba-common-tools-4.10.16-9.el7_9.x86_64.rpm
samba-debuginfo-4.10.16-9.el7_9.i686.rpm
samba-debuginfo-4.10.16-9.el7_9.x86_64.rpm
samba-krb5-printing-4.10.16-9.el7_9.x86_64.rpm
samba-libs-4.10.16-9.el7_9.i686.rpm
samba-libs-4.10.16-9.el7_9.x86_64.rpm
samba-python-4.10.16-9.el7_9.i686.rpm
samba-python-4.10.16-9.el7_9.x86_64.rpm
samba-winbind-4.10.16-9.el7_9.x86_64.rpm
samba-winbind-clients-4.10.16-9.el7_9.x86_64.rpm
samba-winbind-modules-4.10.16-9.el7_9.i686.rpm
samba-winbind-modules-4.10.16-9.el7_9.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
noarch:
samba-pidl-4.10.16-9.el7_9.noarch.rpm
x86_64:
libsmbclient-devel-4.10.16-9.el7_9.i686.rpm
libsmbclient-devel-4.10.16-9.el7_9.x86_64.rpm
libwbclient-devel-4.10.16-9.el7_9.i686.rpm
libwbclient-devel-4.10.16-9.el7_9.x86_64.rpm
samba-dc-4.10.16-9.el7_9.x86_64.rpm
samba-dc-libs-4.10.16-9.el7_9.x86_64.rpm
samba-debuginfo-4.10.16-9.el7_9.i686.rpm
samba-debuginfo-4.10.16-9.el7_9.x86_64.rpm
samba-devel-4.10.16-9.el7_9.i686.rpm
samba-devel-4.10.16-9.el7_9.x86_64.rpm
samba-python-test-4.10.16-9.el7_9.x86_64.rpm
samba-test-4.10.16-9.el7_9.x86_64.rpm
samba-test-libs-4.10.16-9.el7_9.i686.rpm
samba-test-libs-4.10.16-9.el7_9.x86_64.rpm
samba-vfs-glusterfs-4.10.16-9.el7_9.x86_64.rpm
samba-winbind-krb5-locator-4.10.16-9.el7_9.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2020-1472
https://access.redhat.com/security/cve/CVE-2020-14318
https://access.redhat.com/security/cve/CVE-2020-14323
https://access.redhat.com/security/updates/classification/#moderate
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBX9idqtzjgjWX9erEAQhLxg//aGgge7wuhwtrhosIFhpoMEPD3hrlBtLk
5uRe7SaKoJa65TxAbnAD2IRP118/bZyXkS4zi1NMW3cDubvdz+pXJEq5Avfp28qp
7HcfGUKrgcDzRXlAUGBMk9P7kfCUx+jiGluhO/qsFs3TbMxcZoQ8HJxP1php4tCd
ibIHVRPRS8Z+o2SzwvSW0AnkYJTTBGCht0JZKN9rIaWwljYgUXW1Fy9CTAGd48Jc
EcRDHn4sDNGKl60g77e/7FVpIz7HjNyD+AWtVx8hhf6IguJnPJF9LnP1Msu0fjMd
K1eCVDOwlIbZYE11+bJ28sy90HEzsihUO5KJgUgn1yj28JVaezm6dm9TT8RG/N0P
6p4tJhW8OkmVgM7ltbPI6ENfyFih/LWKekEc0LUxbFUmD3u/aytwl8OaF/0vxdGV
L/7fY5QIAdLKsgNrDl817XAHmtVaarwg6swfM/iOwICatlNiAIeEr4hbCc/ZvkCI
iiVLKa64AXcBuIXBERa4lzqqjeCbAc0vuXG5zyk9wY23fORfrxZBYvU9SSfstubQ
OR3F7Q3wDX9Nx7pdYnSmwwhHnVq8kNXO62agaKvlmQ3Z7exeLzdDM6Wy1wdXpYzi
4bPulpSOhcwDieCQLfPb+fMo13lbkfLX1eX1PeG0pK/nv//KBkkiTp1nLlHwRZzM
2lNVzS89G3A=
=hQrq
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. =========================================================================
Ubuntu Security Notice USN-4510-2
September 17, 2020
samba vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 ESM
Summary:
Samba would allow unintended access to files over the network. This update provides
the corresponding update for Ubuntu 14.04 ESM.
Original advisory details:
Tom Tervoort discovered that the Netlogon protocol implemented by Samba
incorrectly handled the authentication scheme.
This update fixes the issue by changing the "server schannel" setting to
default to "yes", instead of "auto", which will force a secure netlogon
channel. This may result in compatibility issues with older devices. A
future update may allow a finer-grained control over this setting.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 ESM:
samba 2:4.3.11+dfsg-0ubuntu0.14.04.20+esm9
In general, a standard system update will make all the necessary changes. See the following link for
examples: https://www.samba.org/samba/security/CVE-2020-1472.html
In addition, this update adds additional server checks for the protocol
attack in the client-specified challenge to provide some protection when
'server schannel = no/auto' and avoid the false-positive results when
running the proof-of-concept exploit. Description:
Red Hat Gluster Storage is a software only scale-out storage solution that
provides flexible and affordable unstructured data storage. It unifies data
storage and infrastructure, increases performance, and improves
availability and manageability to meet enterprise-level storage challenges. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied |
|
var-201205-0297
|
The Linux kernel before 3.3.1, when KVM is used, allows guest OS users to cause a denial of service (host OS crash) by leveraging administrative access to the guest OS, related to the pmd_none_or_clear_bad function and page faults for huge pages. Cross scripting and preconfigured password vulnerabilities have been reported to exist in the Quantum Scalar i500, Dell ML6000 and IBM TS3310 tape libraries. The Linux kernel is prone to a local denial-of-service vulnerability.
Attackers can exploit this issue to cause the kernel to crash, denying service to legitimate users.
Linux Kernel 2.6.x is vulnerable. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update
Advisory ID: RHSA-2012:0743-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0743.html
Issue date: 2012-06-18
CVE Names: CVE-2012-0044 CVE-2012-1179 CVE-2012-2119
CVE-2012-2121 CVE-2012-2123 CVE-2012-2136
CVE-2012-2137 CVE-2012-2372 CVE-2012-2373
=====================================================================
1. Summary:
Updated kernel packages that fix multiple security issues and several bugs
are now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
3.
This update fixes the following security issues:
* A local, unprivileged user could use an integer overflow flaw in
drm_mode_dirtyfb_ioctl() to cause a denial of service or escalate their
privileges. (CVE-2012-0044, Important)
* A buffer overflow flaw was found in the macvtap device driver, used for
creating a bridged network between the guest and the host in KVM
(Kernel-based Virtual Machine) environments. A privileged guest user in a
KVM guest could use this flaw to crash the host. Note: This issue only
affected hosts that have the vhost_net module loaded with the
experimental_zcopytx module option enabled (it is not enabled by default),
and that also have macvtap configured for at least one guest.
(CVE-2012-2119, Important)
* When a set user ID (setuid) application is executed, certain personality
flags for controlling the application's behavior are cleared (that is, a
privileged application will not be affected by those flags). It was found
that those flags were not cleared if the application was made privileged
via file system capabilities. A local, unprivileged user could use this
flaw to change the behavior of such applications, allowing them to bypass
intended restrictions. Note that for default installations, no application
shipped by Red Hat for Red Hat Enterprise Linux is made privileged via file
system capabilities. (CVE-2012-2123, Important)
* It was found that the data_len parameter of the sock_alloc_send_pskb()
function in the Linux kernel's networking implementation was not validated
before use. A privileged guest user in a KVM guest could use this flaw to
crash the host or, possibly, escalate their privileges on the host.
(CVE-2012-2136, Important)
* A buffer overflow flaw was found in the setup_routing_entry() function in
the KVM subsystem of the Linux kernel in the way the Message Signaled
Interrupts (MSI) routing entry was handled. A local, unprivileged user
could use this flaw to cause a denial of service or, possibly, escalate
their privileges. (CVE-2012-2137, Important)
* A race condition was found in the Linux kernel's memory management
subsystem in the way pmd_none_or_clear_bad(), when called with mmap_sem in
read mode, and Transparent Huge Pages (THP) page faults interacted. A
privileged user in a KVM guest with the ballooning functionality enabled
could potentially use this flaw to crash the host. A local, unprivileged
user could use this flaw to crash the system. (CVE-2012-1179, Moderate)
* A flaw was found in the way device memory was handled during guest device
removal. Upon successful device removal, memory used by the device was not
properly unmapped from the corresponding IOMMU or properly released from
the kernel, leading to a memory leak. A malicious user on a KVM host who
has the ability to assign a device to a guest could use this flaw to crash
the host. (CVE-2012-2121, Moderate)
* A flaw was found in the Linux kernel's Reliable Datagram Sockets (RDS)
protocol implementation. A local, unprivileged user could use this flaw to
cause a denial of service. (CVE-2012-2372, Moderate)
* A race condition was found in the Linux kernel's memory management
subsystem in the way pmd_populate() and pte_offset_map_lock() interacted on
32-bit x86 systems with more than 4GB of RAM. A local, unprivileged user
could use this flaw to cause a denial of service. (CVE-2012-2373, Moderate)
Red Hat would like to thank Chen Haogang for reporting CVE-2012-0044.
This update also fixes several bugs. Documentation for these changes will
be available shortly from the Technical Notes document linked to in the
References section.
Users should upgrade to these updated packages, which contain backported
patches to correct these issues, and fix the bugs noted in the Technical
Notes. The system must be rebooted for this update to take effect.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.
5. Bugs fixed (http://bugzilla.redhat.com/):
772894 - CVE-2012-0044 kernel: drm: integer overflow in drm_mode_dirtyfb_ioctl()
803793 - CVE-2012-1179 kernel: thp:__split_huge_page() mapcount != page_mapcount BUG_ON()
806722 - CVE-2012-2123 kernel: fcaps: clear the same personality flags as suid when fcaps are used
814149 - CVE-2012-2121 kvm: device assignment page leak
814278 - CVE-2012-2119 kernel: macvtap: zerocopy: vector length is not validated before pinning user pages
814657 - kernel crash at ieee80211_mgd_probe_ap_send [rhel-6.2.z]
816151 - CVE-2012-2137 kernel: kvm: buffer overflow in kvm_set_irq()
816226 - add option to disable 5GHz band to iwlwifi [rhel-6.2.z]
816289 - CVE-2012-2136 kernel: net: insufficient data_len validation in sock_alloc_send_pskb()
818504 - Disable LRO for all NICs that have LRO enabled [rhel-6.2.z]
818505 - xen: fix drive naming [rhel-6.2.z]
819614 - 2.6.32-220 kernel does not work on a HP DL385G6 with HP Smart Array P410 controller and hpsa driver [rhel-6.2.z]
822754 - CVE-2012-2372 kernel: rds-ping cause kernel panic
822821 - CVE-2012-2373 kernel: mm: read_pmd_atomic: 32bit PAE pmd walk vs pmd_populate SMP race condition
6. Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/kernel-2.6.32-220.23.1.el6.src.rpm
i386:
kernel-2.6.32-220.23.1.el6.i686.rpm
kernel-debug-2.6.32-220.23.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-220.23.1.el6.i686.rpm
kernel-debug-devel-2.6.32-220.23.1.el6.i686.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-220.23.1.el6.i686.rpm
kernel-devel-2.6.32-220.23.1.el6.i686.rpm
kernel-headers-2.6.32-220.23.1.el6.i686.rpm
perf-2.6.32-220.23.1.el6.i686.rpm
perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm
noarch:
kernel-doc-2.6.32-220.23.1.el6.noarch.rpm
kernel-firmware-2.6.32-220.23.1.el6.noarch.rpm
x86_64:
kernel-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debug-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-220.23.1.el6.x86_64.rpm
kernel-devel-2.6.32-220.23.1.el6.x86_64.rpm
kernel-headers-2.6.32-220.23.1.el6.x86_64.rpm
perf-2.6.32-220.23.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/kernel-2.6.32-220.23.1.el6.src.rpm
i386:
kernel-debug-debuginfo-2.6.32-220.23.1.el6.i686.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-220.23.1.el6.i686.rpm
perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm
python-perf-2.6.32-220.23.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm
x86_64:
kernel-debug-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-220.23.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
python-perf-2.6.32-220.23.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/kernel-2.6.32-220.23.1.el6.src.rpm
noarch:
kernel-doc-2.6.32-220.23.1.el6.noarch.rpm
kernel-firmware-2.6.32-220.23.1.el6.noarch.rpm
x86_64:
kernel-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debug-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-220.23.1.el6.x86_64.rpm
kernel-devel-2.6.32-220.23.1.el6.x86_64.rpm
kernel-headers-2.6.32-220.23.1.el6.x86_64.rpm
perf-2.6.32-220.23.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/kernel-2.6.32-220.23.1.el6.src.rpm
x86_64:
kernel-debug-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-220.23.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
python-perf-2.6.32-220.23.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/kernel-2.6.32-220.23.1.el6.src.rpm
i386:
kernel-2.6.32-220.23.1.el6.i686.rpm
kernel-debug-2.6.32-220.23.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-220.23.1.el6.i686.rpm
kernel-debug-devel-2.6.32-220.23.1.el6.i686.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-220.23.1.el6.i686.rpm
kernel-devel-2.6.32-220.23.1.el6.i686.rpm
kernel-headers-2.6.32-220.23.1.el6.i686.rpm
perf-2.6.32-220.23.1.el6.i686.rpm
perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm
noarch:
kernel-doc-2.6.32-220.23.1.el6.noarch.rpm
kernel-firmware-2.6.32-220.23.1.el6.noarch.rpm
ppc64:
kernel-2.6.32-220.23.1.el6.ppc64.rpm
kernel-bootwrapper-2.6.32-220.23.1.el6.ppc64.rpm
kernel-debug-2.6.32-220.23.1.el6.ppc64.rpm
kernel-debug-debuginfo-2.6.32-220.23.1.el6.ppc64.rpm
kernel-debug-devel-2.6.32-220.23.1.el6.ppc64.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.ppc64.rpm
kernel-debuginfo-common-ppc64-2.6.32-220.23.1.el6.ppc64.rpm
kernel-devel-2.6.32-220.23.1.el6.ppc64.rpm
kernel-headers-2.6.32-220.23.1.el6.ppc64.rpm
perf-2.6.32-220.23.1.el6.ppc64.rpm
perf-debuginfo-2.6.32-220.23.1.el6.ppc64.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.ppc64.rpm
s390x:
kernel-2.6.32-220.23.1.el6.s390x.rpm
kernel-debug-2.6.32-220.23.1.el6.s390x.rpm
kernel-debug-debuginfo-2.6.32-220.23.1.el6.s390x.rpm
kernel-debug-devel-2.6.32-220.23.1.el6.s390x.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-220.23.1.el6.s390x.rpm
kernel-devel-2.6.32-220.23.1.el6.s390x.rpm
kernel-headers-2.6.32-220.23.1.el6.s390x.rpm
kernel-kdump-2.6.32-220.23.1.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-220.23.1.el6.s390x.rpm
kernel-kdump-devel-2.6.32-220.23.1.el6.s390x.rpm
perf-2.6.32-220.23.1.el6.s390x.rpm
perf-debuginfo-2.6.32-220.23.1.el6.s390x.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.s390x.rpm
x86_64:
kernel-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debug-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-220.23.1.el6.x86_64.rpm
kernel-devel-2.6.32-220.23.1.el6.x86_64.rpm
kernel-headers-2.6.32-220.23.1.el6.x86_64.rpm
perf-2.6.32-220.23.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/kernel-2.6.32-220.23.1.el6.src.rpm
i386:
kernel-debug-debuginfo-2.6.32-220.23.1.el6.i686.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-220.23.1.el6.i686.rpm
perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm
python-perf-2.6.32-220.23.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm
ppc64:
kernel-debug-debuginfo-2.6.32-220.23.1.el6.ppc64.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.ppc64.rpm
kernel-debuginfo-common-ppc64-2.6.32-220.23.1.el6.ppc64.rpm
perf-debuginfo-2.6.32-220.23.1.el6.ppc64.rpm
python-perf-2.6.32-220.23.1.el6.ppc64.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.ppc64.rpm
s390x:
kernel-debug-debuginfo-2.6.32-220.23.1.el6.s390x.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-220.23.1.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-220.23.1.el6.s390x.rpm
perf-debuginfo-2.6.32-220.23.1.el6.s390x.rpm
python-perf-2.6.32-220.23.1.el6.s390x.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.s390x.rpm
x86_64:
kernel-debug-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-220.23.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
python-perf-2.6.32-220.23.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/kernel-2.6.32-220.23.1.el6.src.rpm
i386:
kernel-2.6.32-220.23.1.el6.i686.rpm
kernel-debug-2.6.32-220.23.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-220.23.1.el6.i686.rpm
kernel-debug-devel-2.6.32-220.23.1.el6.i686.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-220.23.1.el6.i686.rpm
kernel-devel-2.6.32-220.23.1.el6.i686.rpm
kernel-headers-2.6.32-220.23.1.el6.i686.rpm
perf-2.6.32-220.23.1.el6.i686.rpm
perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm
noarch:
kernel-doc-2.6.32-220.23.1.el6.noarch.rpm
kernel-firmware-2.6.32-220.23.1.el6.noarch.rpm
x86_64:
kernel-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debug-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-220.23.1.el6.x86_64.rpm
kernel-devel-2.6.32-220.23.1.el6.x86_64.rpm
kernel-headers-2.6.32-220.23.1.el6.x86_64.rpm
perf-2.6.32-220.23.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/kernel-2.6.32-220.23.1.el6.src.rpm
i386:
kernel-debug-debuginfo-2.6.32-220.23.1.el6.i686.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-220.23.1.el6.i686.rpm
perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm
python-perf-2.6.32-220.23.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm
x86_64:
kernel-debug-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-220.23.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
python-perf-2.6.32-220.23.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2012-0044.html
https://www.redhat.com/security/data/cve/CVE-2012-1179.html
https://www.redhat.com/security/data/cve/CVE-2012-2119.html
https://www.redhat.com/security/data/cve/CVE-2012-2121.html
https://www.redhat.com/security/data/cve/CVE-2012-2123.html
https://www.redhat.com/security/data/cve/CVE-2012-2136.html
https://www.redhat.com/security/data/cve/CVE-2012-2137.html
https://www.redhat.com/security/data/cve/CVE-2012-2372.html
https://www.redhat.com/security/data/cve/CVE-2012-2373.html
https://access.redhat.com/security/updates/classification/#important
https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/6.2_Technical_Notes/kernel.html#RHSA-2012-0743
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFP3zJcXlSAg2UNWIIRAlFPAJ9ov0UCSkIqz63r+6YXL9bf0+ADOQCfUIzx
w/ZsFuOkCnr15/XGPkEszEQ=
=D/pm
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. (CVE-2012-0045)
A flaw was discovered in the Linux kernel's cifs file system. (CVE-2012-1090)
H.
(CVE-2012-1097)
A flaw was discovered in the Linux kernel's cgroups subset. (CVE-2012-1146)
A flaw was found in the Linux kernel's handling of paged memory. (CVE-2012-1179)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 11.10:
linux-image-3.0.0-19-generic 3.0.0-19.33
linux-image-3.0.0-19-generic-pae 3.0.0-19.33
linux-image-3.0.0-19-omap 3.0.0-19.33
linux-image-3.0.0-19-powerpc 3.0.0-19.33
linux-image-3.0.0-19-powerpc-smp 3.0.0-19.33
linux-image-3.0.0-19-powerpc64-smp 3.0.0-19.33
linux-image-3.0.0-19-server 3.0.0-19.33
linux-image-3.0.0-19-virtual 3.0.0-19.33
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester!
Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface.
Download it here!
http://secunia.com/psi_30_beta_launch
----------------------------------------------------------------------
TITLE:
Ubuntu update for linux-lts-backport-oneiric
SECUNIA ADVISORY ID:
SA48987
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/48987/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=48987
RELEASE DATE:
2012-05-01
DISCUSS ADVISORY:
http://secunia.com/advisories/48987/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/48987/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=48987
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Ubuntu has issued an update for linux-lts-backport-oneiric.
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
ORIGINAL ADVISORY:
USN-1433-1:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2012-May/001672.html
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
.
(CVE-2011-4347, Moderate)
* A flaw was found in the way the Linux kernel's XFS file system
implementation handled on-disk Access Control Lists (ACLs).
(CVE-2012-0038, Moderate)
* It was found that the Linux kernel's register set (regset) common
infrastructure implementation did not check if the required get and set
handlers were initialized. Peter Anvin for reporting CVE-2012-1097.
This update also fixes the following bugs:
* When a RoCE (RDMA over Converged Ethernet) adapter with active RoCE
communications was taken down suddenly (either by adapter failure or the
intentional shutdown of the interface), the ongoing RoCE communications
could cause the kernel to panic and render the machine unusable. A patch
has been provided to protect the kernel in this situation and to pass an
error up to the application still using the interface after it has been
taken down instead. (BZ#799944)
* The fix for Red Hat Bugzilla bug 713494, released via RHSA-2011:0928,
introduced a regression. Attempting to change the state of certain
features, such as GRO (Generic Receive Offload) or TSO (TCP segment
offloading), for a 10 Gigabit Ethernet card that is being used in a
virtual LAN (VLAN) resulted in a kernel panic. (BZ#816974)
* If a new file was created on a Network File System version 4 (NFSv4)
share, the ownership was set to nfsnobody (-2) until it was possible to
upcall to the idmapper. As a consequence, subsequent file system operations
could incorrectly use "-2" for the user and group IDs for the given file,
causing certain operations to fail. In reported cases, this issue also
caused "Viminfo file is not writable" errors for users running Vim with
files on an NFSv4 share. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04135307
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04135307
Version: 1
HPSBGN02970 rev.1 - HP Rapid Deployment Pack (RDP) or HP Insight Control
Server Deployment, Multiple Remote Vulnerabilities affecting Confidentiality,
Integrity and Availability
NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.
Release Date: 2014-03-10
Last Updated: 2014-03-10
Potential Security Impact: Multiple remote vulnerabilities affecting
confidentiality, integrity and availability
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential vulnerabilities have been identified with HP Rapid Deployment Pack
(RDP) or HP Insight Control Server Deployment. The vulnerabilities could be
exploited remotely affecting confidentiality, integrity and availability.
References: CVE-2010-4008
CVE-2010-4494
CVE-2011-2182
CVE-2011-2213
CVE-2011-2492
CVE-2011-2518
CVE-2011-2689
CVE-2011-2723
CVE-2011-3188
CVE-2011-4077
CVE-2011-4110
CVE-2012-0058
CVE-2012-0879
CVE-2012-1088
CVE-2012-1179
CVE-2012-2137
CVE-2012-2313
CVE-2012-2372
CVE-2012-2373
CVE-2012-2375
CVE-2012-2383
CVE-2012-2384
CVE-2013-6205
CVE-2013-6206
SSRT101443
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP Rapid Deployment Pack (RDP) -- All versions
HP Insight Control Server Deployment -- All versions
BACKGROUND
CVSS 2.0 Base Metrics
===========================================================
Reference Base Vector Base Score
CVE-2013-6205 (AV:L/AC:M/Au:S/C:P/I:P/A:P) 4.1
CVE-2013-6206 (AV:N/AC:L/Au:N/C:C/I:P/A:P) 9.0
CVE-2010-4008 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3
CVE-2010-4494 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-2182 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2
CVE-2011-2213 (AV:L/AC:L/Au:N/C:N/I:N/A:C) 4.9
CVE-2011-2492 (AV:L/AC:M/Au:N/C:P/I:N/A:N) 1.9
CVE-2011-2518 (AV:L/AC:L/Au:N/C:N/I:N/A:C) 4.9
CVE-2011-2689 (AV:L/AC:L/Au:N/C:N/I:N/A:C) 4.9
CVE-2011-2723 (AV:A/AC:M/Au:N/C:N/I:N/A:C) 5.7
CVE-2011-3188 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8
CVE-2011-4077 (AV:L/AC:M/Au:N/C:C/I:C/A:C) 6.9
CVE-2011-4110 (AV:L/AC:L/Au:N/C:N/I:N/A:P) 2.1
CVE-2012-0058 (AV:L/AC:L/Au:N/C:N/I:N/A:C) 4.9
CVE-2012-0879 (AV:L/AC:L/Au:N/C:N/I:N/A:C) 4.9
CVE-2012-1088 (AV:L/AC:M/Au:N/C:N/I:P/A:P) 3.3
CVE-2012-1179 (AV:A/AC:M/Au:S/C:N/I:N/A:C) 5.2
CVE-2012-2137 (AV:L/AC:M/Au:N/C:C/I:C/A:C) 6.9
CVE-2012-2313 (AV:L/AC:H/Au:N/C:N/I:N/A:P) 1.2
CVE-2012-2372 (AV:L/AC:M/Au:S/C:N/I:N/A:C) 4.4
CVE-2012-2373 (AV:L/AC:H/Au:N/C:N/I:N/A:C) 4.0
CVE-2012-2375 (AV:A/AC:H/Au:N/C:N/I:N/A:C) 4.6
CVE-2012-2383 (AV:L/AC:L/Au:N/C:N/I:N/A:C) 4.9
CVE-2012-2384 (AV:L/AC:L/Au:N/C:N/I:N/A:C) 4.9
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP recommends that HP Rapid Deployment Pack (RDP) or HP Insight Control
Server Deployment should only be run on private secure networks to prevent
the risk of security compromise.
HISTORY
Version:1 (rev.1) - 10 March 2014 Initial release
Third Party Security Patches: Third party security patches that are to be
installed on systems running HP software products should be applied in
accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security
Bulletin, contact normal HP Services support channel. For other issues about
the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported
product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin
alerts via Email:
http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is
available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in
the title by the two characters following HPSB.
3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
MP = MPE/iX
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PI = Printing and Imaging
PV = ProCurve
ST = Storage Software
TU = Tru64 UNIX
UX = HP-UX
Copyright 2014 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors
or omissions contained herein. The information provided is provided "as is"
without warranty of any kind. To the extent permitted by law, neither HP or
its affiliates, subcontractors or suppliers will be liable for
incidental,special or consequential damages including downtime cost; lost
profits; damages relating to the procurement of substitute products or
services; or damages for loss of data, or software restoration. The
information in this document is subject to change without notice.
Hewlett-Packard Company and the names of Hewlett-Packard products referenced
herein are trademarks of Hewlett-Packard Company in the United States and
other countries. Other product and company names mentioned herein may be
trademarks of their respective owners |
|
var-201205-0393
|
Multiple stack-based buffer overflows in Apple QuickTime before 7.7.2 on Windows allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TeXML file. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of XML elements within a TeXML file. Specifically, when handling the style XML element the code within QuickTime3GPP.qtx does not properly validate the length of the data within specific sub-fields. By providing specially crafted data, the code can be made to copy too much into a fixed-length buffer on the stack.
These issues arise when the application handles specially crafted files.
Versions prior to QuickTime 7.7.2 are vulnerable on Windows 7, Vista and XP.
This BID is being retired. The following individual records exist to better document the issues:
53584 Apple QuickTime Prior To 7.7.2 '.pict' Files Memory Corruption Vulnerability
53583 Apple QuickTime Prior To 7.7.2 QTVR Files Remote Code Execution Vulnerability
53582 Apple QuickTime Prior To 7.7.2 'sean' Atoms Integer Overflow Vulnerability
53580 Apple QuickTime Prior To 7.7.2 Sorenson Files Buffer Overflow Vulnerability
53579 Apple QuickTime Prior To 7.7.2 RLE Files Buffer Overflow Vulnerability
53578 Apple QuickTime Prior To 7.7.2 File Path Handling Stack Overflow Vulnerability
53577 Apple QuickTime Prior To 7.7.2 QTMovie Objects Stack Overflow Vulnerability
53576 Apple QuickTime Prior To 7.7.2 H.264 Encoded Heap Overflow Vulnerability
53574 Apple QuickTime Prior To 7.7.2 Text Tracks Heap Overflow Vulnerability
53571 Apple QuickTime Prior To 7.7.2 Multiple Stack Overflow Vulnerabilities. Apple QuickTime is a multimedia playback software developed by Apple (Apple). The software is capable of handling multiple sources such as digital video, media segments, and more. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
ZDI-12-095 : Apple Quicktime TeXML transform Attribute Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-12-095
June 21, 2012
- -- CVE ID:
CVE-2012-0663
- -- CVSS:
7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P
- -- Affected Vendors:
Apple
- -- Affected Products:
Apple QuickTime
- -- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 12405.
- -- Vendor Response:
Apple has issued an update to correct this vulnerability. More details can
be found at:
http://support.apple.com/kb/HT1222
- -- Disclosure Timeline:
2011-10-21 - Vulnerability reported to vendor
2012-06-21 - Coordinated public release of advisory
- -- Credit:
This vulnerability was discovered by:
* Alexander Gavrun
- -- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research
through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is
used. TippingPoint does not re-sell the vulnerability details or any
exploit code. Instead, upon notifying the affected product vendor,
TippingPoint provides its customers with zero day protection through
its intrusion prevention technology. Explicit details regarding the
specifics of the vulnerability are not exposed to any parties until
an official vendor patch is publicly available. Furthermore, with the
altruistic aim of helping to secure a broader user base, TippingPoint
provides this vulnerability information confidentially to security
vendors (including competitors) who have a vulnerability protection or
mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 10.2.0 (Build 1950)
Charset: utf-8
wsBVAwUBT+OLA1VtgMGTo1scAQJI7Qf+OnfYeok9hy6ohcokglQSew5g0w2FfAUP
J9Y899T0z94b00bsE7dRG3DADKnvsFkGXmgID94YCwdQL9hJ4MKNZepaBwL+LsdV
lv4Wrm+Q7Zoy22EdeuUu1QU4MfrWyKfxxKgrH1Salk7BcWCjXKHh07dDBB0Ep7TG
ECd1DAf+yRP6Ax3MKB0CfgRsdNcRtU7jOoZsf199UfCBqQr1wL4vxknXi8bP3mb1
8+2/xJcJ0CiIO7lkeYSxXY+me9ufQiuNLP1H3CgYT75oTdJtdm0lUqmunPiBaNum
uOnRPZswFoNuQsKt+GOn7cw8KZR7BJS0akhzDGfQ3hPZFJ0EkCQ6Iw==
=xhVI
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2012-05-15-1 QuickTime 7.7.2
QuickTime 7.7.2 is now available and addresses the following:
QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description: Multiple stack overflows existed in QuickTime's
handling of TeXML files. These issues do not affect OS X systems.
CVE-ID
CVE-2012-0663 : Alexander Gavrun working with HP's Zero Day
Initiative
QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Viewing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: A heap overflow existed in QuickTime's handling of text
tracks. This issue does not affect OS X systems.
CVE-ID
CVE-2012-0664 : Alexander Gavrun working with HP's Zero Day
Initiative
QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Viewing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: A heap buffer overflow existed in the handling of H.264
encoded movie files.
CVE-ID
CVE-2012-0665 : Luigi Auriemma working with HP's Zero Day Initiative
QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Opening a maliciously crafted MP4 encoded file may lead to
an unexpected application termination or arbitrary code execution
Description: An uninitialized memory access issue existed in the
handling of MP4 encoded files. For OS X Lion systems, this issue is
addressed in OS X Lion v10.7.3. For Mac OS X v10.6 systems, this
issue is addressed in Security Update 2012-001.
CVE-ID
CVE-2011-3458 : Luigi Auriemma and pa_kt both working with HP's Zero
Day Initiative
QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Viewing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: An off by one buffer overflow existed in the handling
of rdrf atoms in QuickTime movie files. For OS X Lion systems, this
issue is addressed in OS X Lion v10.7.3. For Mac OS X v10.6 systems,
this issue is addressed in Security Update 2012-001.
CVE-ID
CVE-2011-3459 : Luigi Auriemma working with HP's Zero Day Initiative
QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Viewing a maliciously crafted movie file during progressive
download may lead to an unexpected application termination or
arbitrary code execution
Description: A buffer overflow existed in the handling of audio
sample tables. For OS X Lion systems, this issue is addressed in OS X
Lion v10.7.4. For Mac OS X v10.6 systems, this issue is addressed in
Security Update 2012-002.
CVE-ID
CVE-2012-0658 : Luigi Auriemma working with HP's Zero Day Initiative
QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Viewing a maliciously crafted MPEG file may lead to an
unexpected application termination or arbitrary code execution
Description: An integer overflow existed in the handling of MPEG
files. For OS X Lion systems, this issue is addressed in OS X Lion
v10.7.4. For Mac OS X v10.6 systems, this issue is addressed in
Security Update 2012-002.
CVE-ID
CVE-2012-0659 : An anonymous researcher working with HP's Zero Day
Initiative
QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description: A stack buffer overflow existed in the QuickTime
plugin's handling of QTMovie objects. This issue does not affect OS X
systems.
CVE-ID
CVE-2012-0666 : CHkr_D591 working with HP's Zero Day Initiative
QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Processing a maliciously crafted PNG image may lead to an
unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in the handling of PNG files.
For OS X Lion systems, this issue is addressed in OS X Lion v10.7.3.
For Mac OS X v10.6 systems, this issue is addressed in Security
Update 2012-001.
CVE-ID
CVE-2011-3460 : Luigi Auriemma working with HP's Zero Day Initiative
QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Viewing a maliciously crafted QTVR movie file may lead to an
unexpected application termination or arbitrary code execution
Description: A signedness issue existed in the handling of QTVR
movie files. This issue does not affect OS X systems.
CVE-ID
CVE-2012-0667 : Alin Rad Pop working with HP's Zero Day Initiative
QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Viewing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: A use after free issue existed in the handling of
JPEG2000 encoded movie files. This issue does not affect systems
prior to OS X Lion. For OS X Lion systems, this issue is addressed in
OS X Lion v10.7.4.
CVE-ID
CVE-2012-0661 : Damian Put working with HP's Zero Day Initiative
QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Viewing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in the handling of RLE
encoded movie files.
CVE-ID
CVE-2012-0668 : Luigi Auriemma working with HP's Zero Day Initiative
QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Viewing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in QuickTime's handling of
Sorenson encoded movie files. This issue does not affect OS X
systems.
CVE-ID
CVE-2012-0669 : Damian Put working with HP's Zero Day Initiative
QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Viewing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: An integer overflow existed in QuickTime's handling of
sean atoms.
CVE-ID
CVE-2012-0670 : Tom Gallagher (Microsoft) and Paul Bates (Microsoft)
working with HP's Zero Day Initiative
QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Viewing a maliciously crafted .pict file may lead to an
unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in the handling of
.pict files.
CVE-ID
CVE-2012-0671 : Rodrigo Rubira Branco (twitter.com/bsdaemon) from the
Qualys Vulnerability & Malware Research Labs (VMRL)
QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Opening a file in a maliciously crafted path may lead to an
unexpected application termination or arbitrary code execution
Description: A stack buffer overflow existed in QuickTime's handling
of file paths. This issue does not affect OS X systems.
CVE-ID
CVE-2012-0265 : Tielei Wang of Georgia Tech Information Security
Center via Secunia SVCRP
QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Viewing a maliciously crafted MPEG file may lead to an
unexpected application termination or arbitrary code execution
Description: An integer underflow existed in QuickTime's handling of
audio streams in MPEG files.
CVE-ID
CVE-2012-0660 : Justin Kim at Microsoft and Microsoft Vulnerability
Research (MSVR)
QuickTime 7.7.2 may be obtained from the QuickTime Downloads site:
http://www.apple.com/quicktime/download/
The download file is named: "QuickTimeInstaller.exe"
Its SHA-1 digest is: ed569d62b3f8c24ac8e9aec7275f17cbb14d2124
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJPsobhAAoJEPefwLHPlZEwk/sP/0C8iXVhnG481GbA03CMhKXJ
XDooIlCG6YeoeJxGfri/vqlzqcHe3R90K6R89z1dKGU2bWGvtITh95E+WKll++7F
hHYq6YC+r/o1cP1SjBi6A3swhN57m1nQZRIEnnIm+nBSxaiHA6xdRSUaK4ighLSA
jbOVfu/6NPuGSlgWBPKSISDY2FhL0GH0QVLW/piVtMTrxhizlE7dgieipAPoVvRC
SW2W0te7ujo2X167f2GS8EwplUkj/yVeScdr/6HjLkAXIQ1B9RNqTeOdyQZjTxay
32xhZTQ+JfSQzY6VSGoF0bqlK39u5UyzySIKS446OxclYI6xGKSFvTN3nBUwERd+
W+E/4k3Ry4OYEkgZ5yltXO8bJvGZtmpLOkq94Vb4w7EaEgJ452J/YjqCEEbmtAKM
0W9g1jt5av5Hv+vQ7rufR1tJ6CqkIDDr0f3qY+W/F8ZtdA8Bkvm9568d3L1Vlbai
zy89w39Z1RTPMLccZEhtd+80f75P+R3n88X5czjXYignrUJbxhM/S8meqQB5GUB9
nJvZtWB1wlACHJ/EKUTv6miK20XE1OukRyvW0o7WWplqBj5KFWvRcV0tovfybGY9
EKwmao4Hwmq+ovJBFLZj/TV6MMxsJjS9qVea/yOlzZCy+6dwok38yyMAqy+m2dLT
X2aq0dgzK7qjPx0FRyOx
=BPXs
-----END PGP SIGNATURE-----
|
|
var-201806-1459
|
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "FontParser" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file. Apple iOS, macOS High Sierra, tvOS, and watchOS are all products of Apple Inc. in the United States. Apple iOS is an operating system developed for mobile devices; macOS High Sierra is a dedicated operating system developed for Mac computers; tvOS is a smart TV operating system; watchOS is a smart watch operating system. The following products and versions are affected: Apple iOS prior to 11.4; macOS High Sierra prior to 10.13.5; tvOS prior to 11.4; watchOS prior to 4.3.1.
CVE-2018-4196: G.
CVE-2018-4253: shrek_wzw of Qihoo 360 Nirvan Team
apache_mod_php
Available for: macOS High Sierra 10.13.4
Impact: Issues in php were addressed in this update
Description: This issue was addressed by updating to php version
7.1.16.
CVE-2018-4219: Mohamed Ghannam (@_simo36)
Bluetooth
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6
Impact: A malicious application may be able to determine kernel
memory layout.
Description: An information disclosure issue existed in device
properties.
CVE-2018-4171: shrek_wzw of Qihoo 360 Nirvan Team
Bluetooth
Available for: MacBook Pro (Retina, 15-inch, Mid 2015), MacBook Pro
(Retina, 15-inch, 2015), MacBook Pro (Retina, 13-inch, Early 2015),
MacBook Pro (15-inch, 2017), MacBook Pro (15-inch, 2016),
MacBook Pro (13-inch, Late 2016, Two Thunderbolt 3 Ports),
MacBook Pro (13-inch, Late 2016, Four Thunderbolt 3 Ports),
MacBook Pro (13-inch, 2017, Four Thunderbolt 3 Ports),
MacBook (Retina, 12-inch, Early 2016), MacBook
(Retina, 12-inch, Early 2015), MacBook (Retina, 12-inch, 2017),
iMac Pro, iMac (Retina 5K, 27-inch, Late 2015), iMac
(Retina 5K, 27-inch, 2017), iMac (Retina 4K, 21.5-inch, Late 2015),
iMac (Retina 4K, 21.5-inch, 2017), iMac (21.5-inch, Late 2015), and
iMac (21.5-inch, 2017)
Impact: An attacker in a privileged network position may be able to
intercept Bluetooth traffic
Description: An input validation issue existed in Bluetooth.
CVE-2018-4211: Proteas of Qihoo 360 Nirvan Team
Grand Central Dispatch
Available for: macOS High Sierra 10.13.4
Impact: A sandboxed process may be able to circumvent sandbox
restrictions
Description: An issue existed in parsing entitlement plists. The issue appears to be from an undocumented
side effect of the instructions. An attacker might utilize this
exception handling to gain access to Ring 0 and access sensitive
memory or control operating system processes.
CVE-2018-4226: Abraham Masri (@cheesecakeufo)
Speech
Available for: macOS High Sierra 10.13.4
Impact: A sandboxed process may be able to circumvent sandbox
restrictions
Description: A sandbox issue existed in the handling of microphone
access. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2018-7-23-3 Additional information for
APPLE-SA-2018-06-01-4 iOS 11.4
iOS 11.4 addresses the following:
Bluetooth
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious application may be able to elevate privileges
Description: A buffer overflow was addressed with improved size
validation.
CVE-2018-4215: Abraham Masri (@cheesecakeufo)
Bluetooth
Available for: iPhone X, iPhone 8, iPhone 8 Plus,
iPad 6th generation, and iPad Air 2
Not impacted: HomePod
Impact: An attacker in a privileged network position may be able to
intercept Bluetooth traffic
Description: An input validation issue existed in Bluetooth. This
issue was addressed with improved input validation.
CVE-2018-5383: Lior Neumann and Eli Biham
Entry added July 23, 2018
Contacts
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted vcf file may lead to a
denial of service
Description: A validation issue existed in the handling of phone
numbers. This issue was addressed with improved validation of phone
numbers.
CVE-2018-4100: Abraham Masri (@cheesecakeufo)
FontParser
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
validation.
CVE-2018-4211: Proteas of Qihoo 360 Nirvan Team
iBooks
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker in a privileged network position may be able to
spoof password prompts in iBooks
Description: An input validation issue was addressed with improved
input validation.
CVE-2018-4202: Jerry Decime
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A denial of service issue was addressed with improved
validation.
CVE-2018-4249: Kevin Backhouse of Semmle Ltd.
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A buffer overflow was addressed with improved bounds
checking.
CVE-2018-4241: Ian Beer of Google Project Zero
CVE-2018-4243: Ian Beer of Google Project Zero
libxpc
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: A logic issue was addressed with improved validation.
CVE-2018-4237: Samuel GroA (@5aelo) working with Trend Micro's Zero
Day Initiative
Magnifier
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A person with physical access to an iOS device may be able to
view the last image used in Magnifier from the lockscreen
Description: A permissions issue existed in Magnifier. This was
addressed with additional permission checks.
CVE-2018-4239: an anonymous researcher
Mail
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker may be able to exfiltrate the contents of
S/MIME-encrypted e-mail
Description: An issue existed in the handling of encrypted Mail. This
issue was addressed with improved isolation of MIME in Mail.
CVE-2018-4227: Damian Poddebniak of MA1/4nster University of Applied
Sciences, Christian Dresen of MA1/4nster University of Applied Sciences,
Jens MA1/4ller of Ruhr University Bochum, Fabian Ising of MA1/4nster
University of Applied Sciences, Sebastian Schinzel of MA1/4nster
University of Applied Sciences, Simon Friedberger of KU Leuven, Juraj
Somorovsky of Ruhr University Bochum, JAPrg Schwenk of Ruhr University
Bochum
Messages
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local user may be able to conduct impersonation attacks
Description: An injection issue was addressed with improved input
validation.
CVE-2018-4235: Anurodh Pokharel of Salesforce.com
Messages
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted message may lead to a denial
of service
Description: This issue was addressed with improved message
validation.
CVE-2018-4240: Sriram (@Sri_Hxor) of PrimeFort Pvt. Ltd
CVE-2018-4250: Metehan YA+-lmaz of Sesim Sarpkaya
Safari
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious website may be able to cause a denial of service
Description: A denial of service issue was addressed with improved
validation.
CVE-2018-4247: FranASSois Renaud, Jesse Viviano of Verizon Enterprise
Solutions
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local user may be able to read a persistent account
identifier
Description: An authorization issue was addressed with improved state
management.
CVE-2018-4223: Abraham Masri (@cheesecakeufo)
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Users may be tracked by malicious websites using client
certificates
Description: An issue existed in the handling of S-MIME
certificaties. This issue was addressed with improved validation of
S-MIME certificates.
CVE-2018-4221: Damian Poddebniak of MA1/4nster University of Applied
Sciences, Christian Dresen of MA1/4nster University of Applied Sciences,
Jens MA1/4ller of Ruhr University Bochum, Fabian Ising of MA1/4nster
University of Applied Sciences, Sebastian Schinzel of MA1/4nster
University of Applied Sciences, Simon Friedberger of KU Leuven, Juraj
Somorovsky of Ruhr University Bochum, JAPrg Schwenk of Ruhr University
Bochum
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local user may be able to read a persistent device
identifier
Description: An authorization issue was addressed with improved state
management.
CVE-2018-4224: Abraham Masri (@cheesecakeufo)
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local user may be able to modify the state of the Keychain
Description: An authorization issue was addressed with improved state
management.
CVE-2018-4225: Abraham Masri (@cheesecakeufo)
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local user may be able to view sensitive user information
Description: An authorization issue was addressed with improved state
management.
CVE-2018-4226: Abraham Masri (@cheesecakeufo)
Siri
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A person with physical access to an iOS device may be able to
enable Siri from the lock screen
Description: An issue existed with Siri permissions. This was
addressed with improved permission checking.
CVE-2018-4238: Baljinder Singh, Muhammad khizer javed, Onur Can
BIKMAZ (@CanBkmaz) of Mustafa Kemal University
Siri
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A person with physical access to an iOS device may be able to
use Siri to read notifications of content that is set not to be
displayed at the lock screen
Description: An issue existed with Siri permissions. This was
addressed with improved permission checking.
CVE-2018-4252: Hunter Byrnes, Martin Winkelmann (@Winkelmannnn)
Siri Contacts
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker with physical access to a device may be able to
see private contact information
Description: An issue existed with Siri permissions. This was
addressed with improved permission checking.
CVE-2018-4244: an anonymous researcher
UIKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted text file may lead to a
denial of service
Description: A validation issue existed in the handling of text. This
issue was addressed with improved validation of text.
CVE-2018-4198: Hunter Byrnes
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a malicious website may lead to address bar spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2018-4188: YoKo Kho (@YoKoAcc) of Mitra Integrasi Informatika, PT
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4201: an anonymous researcher
CVE-2018-4218: Natalie Silvanovich of Google Project Zero
CVE-2018-4233: Samuel GroA (@5aelo) working with Trend Micro's Zero
Day Initiative
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A buffer overflow issue was addressed with improved
memory handling.
CVE-2018-4199: Alex Plaskett, Georgi Geshev, Fabi Beterke, and Nils
of MWR Labs working with Trend Micro's Zero Day Initiative
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a maliciously crafted website may lead to cookies
being overwritten
Description: A permissions issue existed in the handling of web
browser cookies. This issue was addressed with improved restrictions.
CVE-2018-4232: an anonymous researcher, Aymeric Chaib
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A race condition was addressed with improved locking.
CVE-2018-4192: Markus Gaasedelen, Nick Burnett, and Patrick Biernat
of Ret2 Systems, Inc working with Trend Micro's Zero Day Initiative
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to an
unexpected Safari crash
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4214: found by OSS-Fuzz
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4204: found by OSS-Fuzz, Richard Zhu (fluorescence) working
with Trend Micro's Zero Day Initiative
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed with improved
memory handling.
CVE-2018-4246: found by OSS-Fuzz
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a maliciously crafted website may leak sensitive
data
Description: Credentials were unexpectedly sent when fetching CSS
mask images. This was addressed by using a CORS-enabled fetch method.
CVE-2018-4190: Jun Kokatsu (@shhnjk)
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2018-4222: Natalie Silvanovich of Google Project Zero
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 11.4".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEfcwwPWJ3e0Ig26mf8ecVjteJiCYFAltUshMACgkQ8ecVjteJ
iCbspA//aVxu/EdiaNxNRmRDFB8LpqKa3xjJdfkK9cJRYZ+eBHJZjBfzj4BzABuG
Xow7FkEE7LSQpCeJ08Ggo6vVQUdR4+etQ2UfjQWGX6qIvLZUXK0lw2x5XdTP0q4m
WmNoZcdK3cmbVXGMWUZRUrYPTWwMnTMsPpPoDoptaQRseN+K/0kdwsQZtdqeN9sq
GN3Qp6AW6WR1gUAgDriIyzFXTxJ8NmKx2+4B5O2w0TbmzxGa/F5ZUjw4D/wwJJPA
/RXAwseJMghPfbi9tNcjUhbGFfcnr5JvyGfY2GESFc7odWt2XSpePHr6qaJzogBr
KeJKOVpgTdS4PO37+KDUfQDIElSnYQVTff8Tinxg/Zojafp0PxYkDYRxw7i16YKU
HsB7R0o5Yi5YD4uG5ioMj4RspQDWozzveVvvtah6/bWChQQwD3XHr6JRM6oJ106G
wNx2EHfRRXFQCY680RfE8hN/98IJRrCF6nIdO9zBbzGM/Ihzr02F0qSrdB5/PXSq
S6EwJi0M5ia/KMFSO7EY5qQ2aipyDC3WPkvQrHtpsqstMrktyJOYGbm/t39WmIBb
gC92rxvNFr5mO8Owypu1/tloGr15zIxPGR6OXA/DVxdRm2/UmW1tsqQfKgporJMD
de6uiZJb8p8X36KC7YmHLTApYL3CaZebJIIOmf8tKjQUxxbR9wE=
=nII0
-----END PGP SIGNATURE-----
.
Alternatively, on your watch, select "My Watch > General > About" |
|
var-201203-0196
|
Google Chrome before 17.0.963.65 does not properly handle text, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document. Google Chrome is prone to multiple security vulnerabilities.
Attackers can exploit these issues to execute arbitrary code in the context of the browser or cause denial-of-service conditions; other attacks may also be possible.
Google Chrome versions prior to 17.0.963.65 are vulnerable. Google Chrome is a web browser developed by Google (Google). This update removes handling of feed:// URLs. This update removes handling of feed:// URLs. This
header is used by many websites to serve files that were uploaded to
the site by a third-party, such as attachments in web-based e-mail
applications. Any script in files served with this header value would
run as if the file had been served inline, with full access to other
resources on the origin server.
CVE-ID
CVE-2012-3689 : David Bloom of Cue
WebKit
Available for: OS X Lion v10.7.4, OS X Lion Server v10.7.4
Impact: Dragging and dropping selected text on a web page may cause
files from the user's system to be sent to a remote server
Description: An access control issue existed in the handling of drag
and drop events.
CVE-ID
CVE-2011-2845 : Jordi Chancel
WebKit
Available for: OS X Lion v10.7.4, OS X Lion Server v10.7.4
Impact: An attacker may be able to escape the sandbox and access any
file the current user has access to
Description: An access control issue existed in the handling of file
URLs. An attacker who gains arbitrary code execution in a Safari
WebProcess may be able to bypass the sandbox and access any file that
the user running Safari has access to. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201203-19
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Chromium: Multiple vulnerabilities
Date: March 25, 2012
Bugs: #406975, #407465, #407755, #409251
ID: 201203-19
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been reported in Chromium, some of which
may allow execution of arbitrary code.
Background
==========
Chromium is an open source web browser project.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/chromium < 17.0.963.83 >= 17.0.963.83
Description
===========
Multiple vulnerabilities have been discovered in Chromium. Please
review the CVE identifiers and release notes referenced below for
details.
Impact
======
A remote attacker could entice a user to open a specially crafted web
site using Chromium, possibly resulting in the execution of arbitrary
code with the privileges of the process, a Denial of Service condition,
Universal Cross-Site Scripting, or installation of an extension without
user interaction.
A remote attacker could also entice a user to install a specially
crafted extension that would interfere with browser-issued web
requests.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Chromium users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-client/chromium-17.0.963.83"
References
==========
[ 1 ] CVE-2011-3031
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3031
[ 2 ] CVE-2011-3032
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3032
[ 3 ] CVE-2011-3033
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3033
[ 4 ] CVE-2011-3034
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3034
[ 5 ] CVE-2011-3035
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3035
[ 6 ] CVE-2011-3036
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3036
[ 7 ] CVE-2011-3037
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3037
[ 8 ] CVE-2011-3038
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3038
[ 9 ] CVE-2011-3039
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3039
[ 10 ] CVE-2011-3040
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3040
[ 11 ] CVE-2011-3041
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3041
[ 12 ] CVE-2011-3042
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3042
[ 13 ] CVE-2011-3043
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3043
[ 14 ] CVE-2011-3044
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3044
[ 15 ] CVE-2011-3046
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3046
[ 16 ] CVE-2011-3047
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3047
[ 17 ] CVE-2011-3049
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3049
[ 18 ] CVE-2011-3050
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3050
[ 19 ] CVE-2011-3051
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3051
[ 20 ] CVE-2011-3052
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3052
[ 21 ] CVE-2011-3053
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3053
[ 22 ] CVE-2011-3054
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3054
[ 23 ] CVE-2011-3055
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3055
[ 24 ] CVE-2011-3056
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3056
[ 25 ] CVE-2011-3057
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3057
[ 26 ] Release Notes 17.0.963.65
http://googlechromereleases.blogspot.com/2012/03/chrome-stable-update.htm=
l
[ 27 ] Release Notes 17.0.963.78
http://googlechromereleases.blogspot.com/2012/03/chrome-stable-channel-up=
date.html
[ 28 ] Release Notes 17.0.963.79
http://googlechromereleases.blogspot.com/2012/03/chrome-stable-update_10.=
html
[ 29 ] Release Notes 17.0.963.83
http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21=
.html
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201203-19.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us.
License
=======
Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2012-09-19-1 iOS 6
iOS 6 is now available and addresses the following:
CFNetwork
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: Visiting a maliciously crafted website may lead to the
disclosure of sensitive information
Description: An issue existed in CFNetwork's handling of malformed
URLs. CFNetwork may send requests to an incorrect hostname, resulting
in the disclosure of sensitive information. This issue was addressed
through improvements to URL handling.
CVE-ID
CVE-2012-3724 : Erling Ellingsen of Facebook
CoreGraphics
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: Multiple vulnerabilities in FreeType
Description: Multiple vulnerabilities existed in FreeType, the most
serious of which may lead to arbitrary code execution when processing
a maliciously crafted font. These issues were addressed by updating
FreeType to version 2.4.9. Further information is available via the
FreeType site at http://www.freetype.org/
CVE-ID
CVE-2012-1126
CVE-2012-1127
CVE-2012-1128
CVE-2012-1129
CVE-2012-1130
CVE-2012-1131
CVE-2012-1132
CVE-2012-1133
CVE-2012-1134
CVE-2012-1135
CVE-2012-1136
CVE-2012-1137
CVE-2012-1138
CVE-2012-1139
CVE-2012-1140
CVE-2012-1141
CVE-2012-1142
CVE-2012-1143
CVE-2012-1144
CoreMedia
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: Viewing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: An uninitialized memory access existed in the handling
of Sorenson encoded movie files. This issue was addressed through
improved memory initialization.
CVE-ID
CVE-2012-3722 : Will Dormann of the CERT/CC
DHCP
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: A malicious Wi-Fi network may be able to determine networks
a device has previously accessed
Description: Upon connecting to a Wi-Fi network, iOS may broadcast
MAC addresses of previously accessed networks per the DNAv4 protocol.
This issue was addressed by disabling DNAv4 on unencrypted Wi-Fi
networks.
CVE-ID
CVE-2012-3725 : Mark Wuergler of Immunity, Inc.
ImageIO
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: Viewing a maliciously crafted TIFF file may lead to an
unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in libtiff's handling of
ThunderScan encoded TIFF images. This issue was addressed by updating
libtiff to version 3.9.5.
CVE-ID
CVE-2011-1167
ImageIO
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: Viewing a maliciously crafted PNG image may lead to an
unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues existed in libpng's
handling of PNG images. These issues were addressed through improved
validation of PNG images.
CVE-ID
CVE-2011-3026 : Juri Aedla
CVE-2011-3048
CVE-2011-3328
ImageIO
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: Viewing a maliciously crafted JPEG image may lead to an
unexpected application termination or arbitrary code execution
Description: A double free issue existed in ImageIO's handling of
JPEG images. This issue was addressed through improved memory
management.
CVE-ID
CVE-2012-3726 : Phil of PKJE Consulting
ImageIO
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: Viewing a maliciously crafted TIFF image may lead to an
unexpected application termination or arbitrary code execution
Description: An integer overflow issue existed in libTIFF's handling
of TIFF images. This issue was addressed through improved validation
of TIFF images.
CVE-ID
CVE-2012-1173 : Alexander Gavrun working with HP's Zero Day
Initiative
International Components for Unicode
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: Applications that use ICU may be vulnerable to an unexpected
application termination or arbitrary code execution
Description: A stack buffer overflow existed in the handling of ICU
locale IDs. This issue was addressed through improved bounds
checking.
CVE-ID
CVE-2011-4599
IPSec
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: Loading a maliciously crafted racoon configuration file may
lead to arbitrary code execution
Description: A buffer overflow existed in the handling of racoon
configuration files. This issue was addressed through improved bounds
checking.
CVE-ID
CVE-2012-3727 : iOS Jailbreak Dream Team
Kernel
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: A local user may be able to execute arbitrary code with
system privileges
Description: An invalid pointer dereference issue existed in the
kernel's handling of packet filter ioctls. This may allow an attacker
to alter kernel memory. This issue was addressed through improved
error handling.
CVE-ID
CVE-2012-3728 : iOS Jailbreak Dream Team
Kernel
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: A local user may be able to determine kernel memory layout
Description: An uninitialized memory access issue existed in the
Berkeley Packet Filter interpreter, which led to the disclosure of
memory content. This issue was addressed through improved memory
initialization.
CVE-ID
CVE-2012-3729 : Dan Rosenberg
libxml
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: Viewing a maliciously crafted web page may lead to an
unexpected application termination or arbitrary code execution
Description: Multiple vulnerabilities existed in libxml, the most
serious of which may lead to an unexpected application termination or
arbitrary code execution. These issues were addressed by applying the
relevant upstream patches.
CVE-ID
CVE-2011-1944 : Chris Evans of Google Chrome Security Team
CVE-2011-2821 : Yang Dingning of NCNIPC, Graduate University of
Chinese Academy of Sciences
CVE-2011-2834 : Yang Dingning of NCNIPC, Graduate University of
Chinese Academy of Sciences
CVE-2011-3919 : Juri Aedla
Mail
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: Mail may present the wrong attachment in a message
Description: A logic issue existed in Mail's handling of
attachments. If a subsequent mail attachment used the same Content-ID
as a previous one, the previous attachment would be displayed, even
in the case where the 2 mails originated from different senders. This
could facilitate some spoofing or phishing attacks. This issue was
addressed through improved handling of attachments.
CVE-ID
CVE-2012-3730 : Angelo Prado of the salesforce.com Product Security
Team
Mail
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: Email attachments may be read without user's passcode
Description: A logic issue existed in Mail's use of Data Protection
on email attachments. This issue was addressed by properly setting
the Data Protection class for email attachments.
CVE-ID
CVE-2012-3731 : Stephen Prairie of Travelers Insurance, Erich
Stuntebeck of AirWatch
Mail
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: An attacker may spoof the sender of a S/MIME signed message
Description: S/MIME signed messages displayed the untrusted 'From'
address, instead of the name associated with the message signer's
identity. This issue was addressed by displaying the address
associated with the message signer's identity when it is available.
CVE-ID
CVE-2012-3732 : An anonymous researcher
Messages
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: A user may unintentionally disclose the existence of their
email addresses
Description: When a user had multiple email addresses associated
with iMessage, replying to a message may have resulted in the reply
being sent from a different email address. This may disclose another
email address associated to the user's account. This issue was
addressed by always replying from the email address the original
message was sent to.
CVE-ID
CVE-2012-3733 : Rodney S. Foley of Gnomesoft, LLC
Office Viewer
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: Unencrypted document data may be written to a temporary file
Description: An information disclosure issue existed in the support
for viewing Microsoft Office files. When viewing a document, the
Office Viewer would write a temporary file containing data from the
viewed document to the temporary directory of the invoking process.
For an application that uses data protection or other encryption to
protect the user's files, this could lead to information
disclosure. This issue was addressed by avoiding creation of
temporary files when viewing Office documents.
CVE-ID
CVE-2012-3734 : Salvatore Cataudella of Open Systems Technologies
OpenGL
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: Applications that use OS X's OpenGL implementation may be
vulnerable to an unexpected application termination or arbitrary code
execution
Description: Multiple memory corruption issues existed in the
handling of GLSL compilation. These issues were addressed through
improved validation of GLSL shaders.
CVE-ID
CVE-2011-3457 : Chris Evans of the Google Chrome Security Team, and
Marc Schoenefeld of the Red Hat Security Response Team
Passcode Lock
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: A person with physical access to the device could briefly
view the last used third-party app on a locked device
Description: A logic issue existed with the display of the "Slide to
Power Off" slider on the lock screen. This issue was addressed
through improved lock state management.
CVE-ID
CVE-2012-3735 : Chris Lawrence DBB
Passcode Lock
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: A person with physical access to the device may be able to
bypass the screen lock
Description: A logic issue existed in the termination of FaceTime
calls from the lock screen. This issue was addressed through improved
lock state management.
CVE-ID
CVE-2012-3736 : Ian Vitek of 2Secure AB
Passcode Lock
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: All photos may be accessible at the lock screen
Description: A design issue existed in the support for viewing
photos that were taken at the lock screen. In order to determine
which photos to permit access to, the passcode lock consulted the
time at which the device was locked and compared it to the time that
a photo was taken. By spoofing the current time, an attacker could
gain access to photos that were taken before the device was locked.
This issues was addressed by explicitly keeping track of the photos
that were taken while the device was locked.
CVE-ID
CVE-2012-3737 : Ade Barkah of BlueWax Inc.
Passcode Lock
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: A person with physical access to a locked device may perform
FaceTime calls
Description: A logic issue existed in the Emergency Dialer screen,
which permitted FaceTime calls via Voice Dialing on the locked
device. This could also disclose the user's contacts via contact
suggestions. This issue was addressed by disabling Voice Dialing on
the Emergency Dialer screen.
CVE-ID
CVE-2012-3738 : Ade Barkah of BlueWax Inc.
Passcode Lock
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: A person with physical access to the device may be able to
bypass the screen lock
Description: Using the camera from the screen lock could in some
cases interfere with automatic lock functionality, allowing a person
with physical access to the device to bypass the Passcode Lock
screen. This issue was addressed through improved lock state
management.
CVE-ID
CVE-2012-3739 : Sebastian Spanninger of the Austrian Federal
Computing Centre (BRZ)
Passcode Lock
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: A person with physical access to the device may be able to
bypass the screen lock
Description: A state management issue existed in the handling of the
screen lock. This issue was addressed through improved lock state
management.
CVE-ID
CVE-2012-3740 : Ian Vitek of 2Secure AB
Restrictions
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: A user may be able to make purchases without entering Apple
ID credentials
Description: After disabling Restrictions, iOS may not ask for the
user's password during a transaction. This issue was addressed by
additional enforcement of purchase authorization.
CVE-ID
CVE-2012-3741 : Kevin Makens of Redwood High School
Safari
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: Websites may use characters with an appearance similar to
the lock icon in their titles
Description: Websites could use a Unicode character to create a lock
icon in the page title. This icon was similar in appearance to the
icon used to indicate a secure connection, and could have lead the
user to believe a secure connection had been established. This issue
was addressed by removing these characters from page titles.
CVE-ID
CVE-2012-3742 : Boku Kihara of Lepidum
Safari
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: Passwords may autocomplete even when the site specifies that
autocomplete should be disabled
Description: Password input elements with the autocomplete attribute
set to "off" were being autocompleted. This issue was addressed
through improved handling of the autocomplete attribute.
CVE-ID
CVE-2012-0680 : Dan Poltawski of Moodle
System Logs
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: Sandboxed apps may obtain system log content
Description: Sandboxed apps had read access to /var/log directory,
which may allow them to obtain sensitive information contained in
system logs. This issue was addressed by denying sandboxed apps
access to the /var/log directory.
CVE-ID
CVE-2012-3743
Telephony
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: An SMS message may appear to have been sent by an arbitrary
user
Description: Messages displayed the return address of an SMS message
as the sender. Return addresses may be spoofed. This issue was
addressed by always displaying the originating address instead of the
return address.
CVE-ID
CVE-2012-3744 : pod2g
Telephony
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: An SMS message may disrupt cellular connectivity
Description: An off-by-one buffer overflow existed in the handling
of SMS user data headers. This issue was addressed through improved
bounds checking.
CVE-ID
CVE-2012-3745 : pod2g
UIKit
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: An attacker that gains access to a device's filesystem may
be able to read files that were being displayed in a UIWebView
Description: Applications that use UIWebView may leave unencrypted
files on the file system even when a passcode is enabled. This issue
was addressed through improved use of data protection.
CVE-ID
CVE-2012-3746 : Ben Smith of Box
WebKit
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues existed in WebKit.
These issues were addressed through improved memory handling.
CVE-ID
CVE-2011-3016 : miaubiz
CVE-2011-3021 : Arthur Gerkis
CVE-2011-3027 : miaubiz
CVE-2011-3032 : Arthur Gerkis
CVE-2011-3034 : Arthur Gerkis
CVE-2011-3035 : wushi of team509 working with iDefense VCP, Arthur
Gerkis
CVE-2011-3036 : miaubiz
CVE-2011-3037 : miaubiz
CVE-2011-3038 : miaubiz
CVE-2011-3039 : miaubiz
CVE-2011-3040 : miaubiz
CVE-2011-3041 : miaubiz
CVE-2011-3042 : miaubiz
CVE-2011-3043 : miaubiz
CVE-2011-3044 : Arthur Gerkis
CVE-2011-3050 : miaubiz
CVE-2011-3053 : miaubiz
CVE-2011-3059 : Arthur Gerkis
CVE-2011-3060 : miaubiz
CVE-2011-3064 : Atte Kettunen of OUSPG
CVE-2011-3068 : miaubiz
CVE-2011-3069 : miaubiz
CVE-2011-3071 : pa_kt working with HP's Zero Day Initiative
CVE-2011-3073 : Arthur Gerkis
CVE-2011-3074 : Slawomir Blazek
CVE-2011-3075 : miaubiz
CVE-2011-3076 : miaubiz
CVE-2011-3078 : Martin Barbella of the Google Chrome Security Team
CVE-2011-3081 : miaubiz
CVE-2011-3086 : Arthur Gerkis
CVE-2011-3089 : Skylined of the Google Chrome Security Team, miaubiz
CVE-2011-3090 : Arthur Gerkis
CVE-2011-3105 : miaubiz
CVE-2011-3913 : Arthur Gerkis
CVE-2011-3924 : Arthur Gerkis
CVE-2011-3926 : Arthur Gerkis
CVE-2011-3958 : miaubiz
CVE-2011-3966 : Aki Helin of OUSPG
CVE-2011-3968 : Arthur Gerkis
CVE-2011-3969 : Arthur Gerkis
CVE-2011-3971 : Arthur Gerkis
CVE-2012-0682 : Apple Product Security
CVE-2012-0683 : Dave Mandelin of Mozilla
CVE-2012-1520 : Martin Barbella of the Google Chrome Security Team
using AddressSanitizer, Jose A. This issue was addressed through improved origin
tracking.
CVE-ID
CVE-2012-3691 : Apple
WebKit
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: A malicious website may be able to replace the contents of
an iframe on another site
Description: A cross-origin issue existed in the handling of iframes
in popup windows. This issue was addressed through improved origin
tracking.
CVE-ID
CVE-2011-3067 : Sergey Glazunov
WebKit
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Visiting a maliciously crafted website may lead to a cross-
site disclosure of information
Description: A cross-origin issue existed in the handling of iframes
and fragment identifiers. This issue was addressed through improved
origin tracking.
CVE-ID
CVE-2012-2815 : Elie Bursztein, Baptiste Gourdin, Gustav Rydstedt,
and Dan Boneh of the Stanford University Security Laboratory
WebKit
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: Look-alike characters in a URL could be used to masquerade a
website
Description: The International Domain Name (IDN) support and Unicode
fonts embedded in Safari could have been used to create a URL which
contains look-alike characters. These could have been used in a
malicious website to direct the user to a spoofed site that visually
appears to be a legitimate domain. This issue was addressed by
supplementing WebKit's list of known look-alike characters. Look-
alike characters are rendered in Punycode in the address bar.
CVE-ID
CVE-2012-3693 : Matt Cooley of Symantec
WebKit
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: Visiting a maliciously crafted website may lead to a cross-
site scripting attack
Description: A canonicalization issue existed in the handling of
URLs. This may have led to cross-site scripting on sites which use
the location.href property. This issue was addressed through improved
canonicalization of URLs.
CVE-ID
CVE-2012-3695 : Masato Kinugawa
WebKit
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: Visiting a maliciously crafted website may lead to HTTP
request splitting
Description: An HTTP header injection issue existed in the handling
of WebSockets. This issue was addressed through improved WebSockets
URI sanitization.
CVE-ID
CVE-2012-3696 : David Belcher of the BlackBerry Security Incident
Response Team
WebKit
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: A maliciously crafted website may be able to spoof the value
in the URL bar
Description: A state management issue existed in the handling of
session history. Navigations to a fragment on the current page may
cause Safari to display incorrect information in the URL bar. This
issue was addressed through improved session state tracking.
CVE-ID
CVE-2011-2845 : Jordi Chancel
WebKit
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: Visiting a maliciously crafted website may lead to the
disclosure of the disclosure of memory contents
Description: An uninitialized memory access issue existed in the
handling of SVG images. This issue was addressed through improved
memory initialization.
CVE-ID
CVE-2012-3650 : Apple
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update will be "6.0".
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJQWeYHAAoJEPefwLHPlZEwFlwP/1Ib/2m8K7orlPb3zmsKTyjo
3T0rFqu1LbXNzwLRhan7E7KiJoQ7U6yVO4045o/19AYZM+zGVNnHsCkUc3+Vcpa5
TZIM9Rik2iXKMxzttFfc5tvhE1u18PstsDLU/jvyW+s3XxMVL54wnSmW1R+P0de0
8+Q++IANogUj+scJzQkTaFDNDN5v1p0BT0+cifCcqktXB4H/PoaQ7drIWiDGYB/9
n4IL5AjM0BJBzWkldfjPimZ0BseSA0BxdeVCopmAgdnigyB60G4cWGzkU7E35VnP
dWgdU9rnIIvGGe/vP912f7AoPtWs1b8n6DYCJgGRXvaRfPoHFUlXaRoVB6vJlMVs
JXyMrw/RSDfYEgJdNbFOSxyJXHUkTkt4+aNW4KcoMR6raI/W5zKDyMEICw1wpkwP
id6Dz4e6ncf+cfvAFqXpk02OC7iJqn71IJN2MvU/hC7797l++PINIoOHwJZolt+T
xL3wV8p3Lk8K6lZx3Q9Tu6Dd7GYkxtjLCgV1NgdHOwPKDUOJ47oG6RjZAd6hpicp
RqYXbk5bJpd3nZv+X6FrCZqGfeuwREWW7FJ0dI+/8ohlnisTz16f48W9FtuN3HIj
bmxFJ46P4LGxrizwDSdBngxf3Utkh+7hGLuMH51/jR8+tCqDIEgpKBA+2F+IOmyP
XtT4lS60xKz63YSg79dd
=LvMt
-----END PGP SIGNATURE-----
|
|
var-202003-1779
|
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms). FasterXML jackson-databind There is an unspecified vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. FasterXML Jackson is a data processing tool for Java developed by American FasterXML Company. jackson-databind is one of the components with data binding function. A security vulnerability exists in FasterXML jackson-databind 2.x prior to 2.9.10.4 due to insecure deserialization by org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aries.transaction.jms) . A remote attacker could exploit this vulnerability with specially crafted input to execute arbitrary code on the system. Description:
Red Hat Decision Manager is an open source decision management platform
that combines business rules management, complex event processing, Decision
Model & Notation (DMN) execution, and Business Optimizer for solving
planning problems. It automates business decisions and makes that logic
available to the entire business.
It is recommended to halt the server by stopping the JBoss Application
Server process before installing this update; after installing the update,
restart the server by starting the JBoss Application Server process. Summary:
This is a security update for JBoss EAP Continuous Delivery 19. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: Red Hat Data Grid 7.3.7 security update
Advisory ID: RHSA-2020:3779-01
Product: Red Hat JBoss Data Grid
Advisory URL: https://access.redhat.com/errata/RHSA-2020:3779
Issue date: 2020-09-17
CVE Names: CVE-2017-7658 CVE-2019-10172 CVE-2020-1695
CVE-2020-1710 CVE-2020-1719 CVE-2020-1745
CVE-2020-1748 CVE-2020-1757 CVE-2020-8840
CVE-2020-9488 CVE-2020-9546 CVE-2020-9547
CVE-2020-9548 CVE-2020-10672 CVE-2020-10673
CVE-2020-10714 CVE-2020-10968 CVE-2020-10969
CVE-2020-11111 CVE-2020-11112 CVE-2020-11113
CVE-2020-11612 CVE-2020-11619 CVE-2020-11620
====================================================================
1. Summary:
An update for Red Hat Data Grid is now available.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Description:
Red Hat Data Grid is a distributed, in-memory, NoSQL datastore based on the
Infinispan project.
This release of Red Hat Data Grid 7.3.7 serves as a replacement for Red Hat
Data Grid 7.3.6 and includes bug fixes and enhancements, which are
described in the Release Notes, linked to in the References section of this
erratum.
Security Fix(es):
* jetty: Incorrect header handling (CVE-2017-7658)
* EAP: field-name is not parsed in accordance to RFC7230 (CVE-2020-1710)
* undertow: AJP File Read/Inclusion Vulnerability (CVE-2020-1745)
* undertow: servletPath is normalized incorrectly leading to dangerous
application mapping which could result in security bypass (CVE-2020-1757)
* jackson-databind: Lacks certain xbean-reflect/JNDI blocking
(CVE-2020-8840)
* jackson-databind: Serialization gadgets in shaded-hikari-config
(CVE-2020-9546)
* jackson-databind: Serialization gadgets in ibatis-sqlmap (CVE-2020-9547)
* jackson-databind: Serialization gadgets in anteros-core (CVE-2020-9548)
* jackson-databind: mishandles the interaction between serialization
gadgets and typing which could result in remote command execution
(CVE-2020-10672)
* jackson-databind: mishandles the interaction between serialization
gadgets and typing which could result in remote command execution
(CVE-2020-10673)
* jackson-databind: Serialization gadgets in
org.aoju.bus.proxy.provider.*.RmiProvider (CVE-2020-10968)
* jackson-databind: Serialization gadgets in javax.swing.JEditorPane
(CVE-2020-10969)
* jackson-databind: Serialization gadgets in
org.apache.activemq.jms.pool.XaPooledConnectionFactory (CVE-2020-11111)
* jackson-databind: Serialization gadgets in
org.apache.commons.proxy.provider.remoting.RmiProvider (CVE-2020-11112)
* jackson-databind: Serialization gadgets in
org.apache.openjpa.ee.WASRegistryManagedRuntime (CVE-2020-11113)
* jackson-databind: Serialization gadgets in org.springframework:spring-aop
(CVE-2020-11619)
* jackson-databind: Serialization gadgets in commons-jelly:commons-jelly
(CVE-2020-11620)
* jackson-mapper-asl: XML external entity similar to CVE-2016-3720
(CVE-2019-10172)
* resteasy: Improper validation of response header in
MediaTypeHeaderDelegate.java class (CVE-2020-1695)
* Wildfly: EJBContext principal is not popped back after invoking another
EJB using a different Security Domain (CVE-2020-1719)
* Wildfly: Improper authorization issue in WildFlySecurityManager when
using alternative protection domain (CVE-2020-1748)
* wildfly-elytron: session fixation when using FORM authentication
(CVE-2020-10714)
* netty: compression/decompression codecs don't enforce limits on buffer
allocation sizes (CVE-2020-11612)
* log4j: improper validation of certificate with host mismatch in SMTP
appender (CVE-2020-9488)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
3. Solution:
To install this update, do the following:
1. Download the Data Grid 7.3.7 server patch from the customer portal. See
the download link in the References section.
2. Back up your existing Data Grid installation. You should back up
databases, configuration files, and so on.
3. Install the Data Grid 7.3.7 server patch. Refer to the 7.3 Release Notes
for patching instructions.
4. Restart Data Grid to ensure the changes take effect.
4. Bugs fixed (https://bugzilla.redhat.com/):
1595621 - CVE-2017-7658 jetty: Incorrect header handling
1715075 - CVE-2019-10172 jackson-mapper-asl: XML external entity similar to CVE-2016-3720
1730462 - CVE-2020-1695 resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class
1752770 - CVE-2020-1757 undertow: servletPath is normalized incorrectly leading to dangerous application mapping which could result in security bypass
1793970 - CVE-2020-1710 EAP: field-name is not parsed in accordance to RFC7230
1796617 - CVE-2020-1719 Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain
1807305 - CVE-2020-1745 undertow: AJP File Read/Inclusion Vulnerability
1807707 - CVE-2020-1748 Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain
1815470 - CVE-2020-10673 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution
1815495 - CVE-2020-10672 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution
1816216 - CVE-2020-11612 netty: compression/decompression codecs don't enforce limits on buffer allocation sizes
1816330 - CVE-2020-8840 jackson-databind: Lacks certain xbean-reflect/JNDI blocking
1816332 - CVE-2020-9546 jackson-databind: Serialization gadgets in shaded-hikari-config
1816337 - CVE-2020-9547 jackson-databind: Serialization gadgets in ibatis-sqlmap
1816340 - CVE-2020-9548 jackson-databind: Serialization gadgets in anteros-core
1819208 - CVE-2020-10968 jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider
1819212 - CVE-2020-10969 jackson-databind: Serialization gadgets in javax.swing.JEditorPane
1821304 - CVE-2020-11111 jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory
1821311 - CVE-2020-11112 jackson-databind: Serialization gadgets in org.apache.commons.proxy.provider.remoting.RmiProvider
1821315 - CVE-2020-11113 jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime
1825714 - CVE-2020-10714 wildfly-elytron: session fixation when using FORM authentication
1826798 - CVE-2020-11620 jackson-databind: Serialization gadgets in commons-jelly:commons-jelly
1826805 - CVE-2020-11619 jackson-databind: Serialization gadgets in org.springframework:spring-aop
1831139 - CVE-2020-9488 log4j: improper validation of certificate with host mismatch in SMTP appender
5. References:
https://access.redhat.com/security/cve/CVE-2017-7658
https://access.redhat.com/security/cve/CVE-2019-10172
https://access.redhat.com/security/cve/CVE-2020-1695
https://access.redhat.com/security/cve/CVE-2020-1710
https://access.redhat.com/security/cve/CVE-2020-1719
https://access.redhat.com/security/cve/CVE-2020-1745
https://access.redhat.com/security/cve/CVE-2020-1748
https://access.redhat.com/security/cve/CVE-2020-1757
https://access.redhat.com/security/cve/CVE-2020-8840
https://access.redhat.com/security/cve/CVE-2020-9488
https://access.redhat.com/security/cve/CVE-2020-9546
https://access.redhat.com/security/cve/CVE-2020-9547
https://access.redhat.com/security/cve/CVE-2020-9548
https://access.redhat.com/security/cve/CVE-2020-10672
https://access.redhat.com/security/cve/CVE-2020-10673
https://access.redhat.com/security/cve/CVE-2020-10714
https://access.redhat.com/security/cve/CVE-2020-10968
https://access.redhat.com/security/cve/CVE-2020-10969
https://access.redhat.com/security/cve/CVE-2020-11111
https://access.redhat.com/security/cve/CVE-2020-11112
https://access.redhat.com/security/cve/CVE-2020-11113
https://access.redhat.com/security/cve/CVE-2020-11612
https://access.redhat.com/security/cve/CVE-2020-11619
https://access.redhat.com/security/cve/CVE-2020-11620
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product\xdata.grid&downloadType=securityPatches&version=7.3
https://access.redhat.com/documentation/en-us/red_hat_data_grid/7.3/html/red_hat_data_grid_7.3_release_notes/index
6. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBX2Nf/dzjgjWX9erEAQifjA/7BlSA2KK7e4RlxfRAP3Sj7xT+CRlFcOJn
NVVI6DNpfZNtD/TJ4M5JFMP/yzKb+/FoaGVUexqiUxQBcrYsViZdfwfQ6PSwQgd8
5GAtC0NINGYmr0y7m6sKbAwAofnmCoEjNPjpdfLG632Err4vXDT9pGx1RNIrfS0A
qaOSuf2BjZkD9A6Azroupq/ePmRnDBW4ovWF4ES415Pa5T7N4rmoyZ3UnGrbubmm
GisjzhBbFyjL2wM1gMtqKlf5Qdre0XQIio4YLEnK1DaS7qLS36L04UJP9rwtB/nn
aCOKZE/4Ch0gYcNlwniH4MK4Aiy/z/OGQopuhJoKFADJ3Y5lnJwCWDMjMKwWSj1G
DvKG4uSIa8l2oxGQURThwxY1Jr7sbQTy2QXCVoyZj9oOKoGel+qJaGVFVnwsOpB7
MB8nPAuINZ91RR7xSBLv/AyoLnXV3dI97kOyTwEhld6THIwAUWqk+V2y7M6Onlx9
Pf+whfe0ORHzeCj/UBZh2NqcuShUpjdE9aLyYyefa2VV4t+0L4XlIfnlNuL8Ja7j
wzLJlo/u8XMktoXRrBpMWZaCzcqN1+BTuQUXNZeqfNtgFmCgJVxp6tHyHni7flQq
P2M8FaCyQHyQ1ggSljgZ66AEdiwatYpqOxR4yUyrKmsXt9iPsX45TdA9zSKmF2Sb
PyKX8lLP6w8=n+2X
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
.
The purpose of this text-only errata is to inform you about the security
issues fixed in this release.
Security Fix(es):
* netty (CVE-2016-4970 CVE-2020-7238 CVE-2019-20444 CVE-2019-20445)
* dom4j (CVE-2018-1000632)
* elasticsearch (CVE-2018-3831)
* pdfbox (CVE-2018-11797)
* vertx (CVE-2018-12541)
* spring-data-jpa (CVE-2019-3797)
* mina-core (CVE-2019-0231)
* jackson-databind (CVE-2019-12086 CVE-2019-16335 CVE-2019-14540
CVE-2019-17267 CVE-2019-14892 CVE-2019-14893 CVE-2019-16942 CVE-2019-16943
CVE-2019-17531 CVE-2019-20330 CVE-2020-10673 CVE-2020-10672 CVE-2020-8840
CVE-2020-9546 CVE-2020-9547 CVE-2020-9548 CVE-2020-10968 CVE-2020-10969
CVE-2020-11111 CVE-2020-11112 CVE-2020-11113 CVE-2020-11620 CVE-2020-11619
CVE-2020-14195 CVE-2020-14060 CVE-2020-14061 CVE-2020-14062)
* jackson-mapper-asl (CVE-2019-10172)
* hawtio (CVE-2019-9827)
* undertow (CVE-2019-9511 CVE-2020-1757 CVE-2019-14888 CVE-2020-1745)
* santuario (CVE-2019-12400)
* apache-commons-beanutils (CVE-2019-10086)
* cxf (CVE-2019-17573)
* apache-commons-configuration (CVE-2020-1953)
For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in
the References section.
Installation instructions are available from the Fuse 7.7.0 product
documentation page:
https://access.redhat.com/documentation/en-us/red_hat_fuse/7.7/
4. Bugs fixed (https://bugzilla.redhat.com/):
1343616 - CVE-2016-4970 netty: Infinite loop vulnerability when handling renegotiation using SslProvider.OpenSsl
1620529 - CVE-2018-1000632 dom4j: XML Injection in Class: Element. Methods: addElement, addAttribute which can impact the integrity of XML documents
1632452 - CVE-2018-3831 elasticsearch: Information exposure via _cluster/settings API
1637492 - CVE-2018-11797 pdfbox: unbounded computation in parser resulting in a denial of service
1638391 - CVE-2018-12541 vertx: WebSocket HTTP upgrade implementation holds the entire http request in memory before the handshake
1697598 - CVE-2019-3797 spring-data-jpa: Additional information exposure with Spring Data JPA derived queries
1700016 - CVE-2019-0231 mina-core: Retaining an open socket in close_notify SSL-TLS leading to Information disclosure.
1713468 - CVE-2019-12086 jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details about how to apply this update, see:
https://access.redhat.com/articles/11258
5. JIRA issues fixed (https://issues.jboss.org/):
JBEAP-18366 - [GSS](7.2.z) Upgrade Hibernate ORM from 5.3.15 to 5.3.16
JBEAP-18667 - [GSS](7.2.z) Upgrade wildfly-http-client from 1.0.20.Final-redhat-00001 to 1.0.21.Final-redhat-00001
JBEAP-18849 - [GSS](7.2.z) Upgrade RESTEasy from 3.6.1.SP8 to 3.6.1.SP9
JBEAP-18880 - [GSS](7.2.z) Upgrade JSF based on Mojarra 2.3.5.SP3-redhat-00009 to 2.3.5.SP4-redhat-00001
JBEAP-18906 - [GSS](7.2.z) Upgrade weld from 3.0.6.Final-redhat-00003 to 3.0.7.Final-redhat-00001
JBEAP-18919 - [GSS](7.2.z) Upgrade HAL from 3.0.21.Final to 3.0.22.Final
JBEAP-18965 - (7.2.z) Upgrade IronJacamar from 1.4.20.Final to 1.4.21.Final
JBEAP-19040 - Tracker bug for the EAP 7.2.9 release for RHEL-8
JBEAP-19058 - [GSS] (7.2.z) Upgrade Undertow from 2.0.30.SP1-redhat-00001 to 2.0.30.SP2-redhat-00001
JBEAP-19120 - [GSS](7.2.z) Upgrade org.jboss.genericjms from 2.0.2.Final-redhat-00001 to 2.0.4.Final-redhat-00001
JBEAP-19163 - [GSS](7.2.z) Upgrade Infinispan from 9.3.8.Final-redhat-00001 to 9.3.9.Final-redhat-00001
JBEAP-19255 - (7.2.z) Upgrade jboss-logmanager from 2.1.14.Final to 2.1.15.Final
JBEAP-19271 - (7.2.z) Upgrade WildFly Core from 6.0.27.Final-redhat-00001 to 6.0.28.Final-redhat-00001
JBEAP-19315 - [GSS](7.2.z) Upgrade XNIO from 3.7.6.SP2 to 3.7.6.SP3
JBEAP-19463 - (7.2.z) Upgrade wildfly-transaction-client from 1.1.10.Final-redhat-00001 to 1.1.11.Final-redhat-00001
JBEAP-19565 - (7.2.z) Upgrade jboss-ejb-client from 4.0.31.Final-redhat-00001 to 4.0.33.Final-redhat-00001
JBEAP-19587 - [GSS](7.2.z) Upgrade org.jboss.genericjms from 2.0.2.Final-redhat-00001 to 2.0.6.Final-redhat-00001
JBEAP-19620 - (7.2.z) Upgrade JBoss JSF API from 2.3.5.SP2-redhat-00003 to 2.3.5.SP2-redhat-00005
JBEAP-19624 - (7.2.z) Upgrade wildfly-naming-client from 1.0.12.Final-redhat-00001 to 1.0.13.Final-redhat-00001
JBEAP-19703 - [GSS](7.2.z) Upgrade JBoss Modules from 1.8.9 to 1.8.10
JBEAP-19704 - (7.2.z) Upgrade WildFly Core from 6.0.28.Final-redhat-00001 to 6.0.29.Final-redhat-00001
JBEAP-19798 - [GSS](7.2.z) Upgrade HAL from 3.0.22.Final to 3.0.23.Final
JBEAP-19837 - (7.2.z) Upgrade WildFly Core from 6.0.29.Final-redhat-00001 to 6.0.30.Final-redhat-00001
JBEAP-19875 - [GSS](7.2.z) Upgrade wildfly-http-ejb-client from 1.0.21.Final to 1.0.22.Final
7. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
8 |
|
var-201611-0386
|
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW.". Linux Implemented in the kernel memory subsystem copy-on-write The mechanism contains a vulnerability that causes a race condition. Race condition (CWE-362) - CVE-2016-5195 Linux The kernel memory subsystem copy-on-write Due to the implementation problem of the mechanism, A vulnerability exists that causes a race condition. Detailed information such as reproduction code Dirty COW Please refer to. Dirty COW https://dirtycow.ninja/ Attack activity using this vulnerability has been confirmed.Depending on who can log in, root You may get permission. Linux kernel is prone to a local privilege-escalation vulnerability.
Local attackers may exploit this issue to gain elevated privileges.
==========================================================================
Ubuntu Security Notice USN-3105-1
October 20, 2016
linux vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
Summary:
The system could be made to run programs as an administrator.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS:
linux-image-3.13.0-100-generic 3.13.0-100.147
linux-image-3.13.0-100-generic-lpae 3.13.0-100.147
linux-image-3.13.0-100-lowlatency 3.13.0-100.147
linux-image-3.13.0-100-powerpc-e500 3.13.0-100.147
linux-image-3.13.0-100-powerpc-e500mc 3.13.0-100.147
linux-image-3.13.0-100-powerpc-smp 3.13.0-100.147
linux-image-3.13.0-100-powerpc64-emb 3.13.0-100.147
linux-image-3.13.0-100-powerpc64-smp 3.13.0-100.147
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security update
Advisory ID: RHSA-2016:2105-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-2105.html
Issue date: 2016-10-25
CVE Names: CVE-2016-5195
=====================================================================
1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
3. An unprivileged, local user could use this flaw to gain write
access to otherwise read-only memory mappings and thus increase their
privileges on the system. (CVE-2016-5195, Important)
Red Hat would like to thank Phil Oester for reporting this issue.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1384344 - CVE-2016-5195 kernel: mm: privilege escalation via MAP_PRIVATE COW breakage
6. Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source:
kernel-2.6.32-642.6.2.el6.src.rpm
i386:
kernel-2.6.32-642.6.2.el6.i686.rpm
kernel-debug-2.6.32-642.6.2.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-642.6.2.el6.i686.rpm
kernel-debug-devel-2.6.32-642.6.2.el6.i686.rpm
kernel-debuginfo-2.6.32-642.6.2.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-642.6.2.el6.i686.rpm
kernel-devel-2.6.32-642.6.2.el6.i686.rpm
kernel-headers-2.6.32-642.6.2.el6.i686.rpm
perf-2.6.32-642.6.2.el6.i686.rpm
perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm
python-perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm
noarch:
kernel-abi-whitelists-2.6.32-642.6.2.el6.noarch.rpm
kernel-doc-2.6.32-642.6.2.el6.noarch.rpm
kernel-firmware-2.6.32-642.6.2.el6.noarch.rpm
x86_64:
kernel-2.6.32-642.6.2.el6.x86_64.rpm
kernel-debug-2.6.32-642.6.2.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-642.6.2.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm
kernel-debug-devel-2.6.32-642.6.2.el6.i686.rpm
kernel-debug-devel-2.6.32-642.6.2.el6.x86_64.rpm
kernel-debuginfo-2.6.32-642.6.2.el6.i686.rpm
kernel-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm
kernel-debuginfo-common-i686-2.6.32-642.6.2.el6.i686.rpm
kernel-debuginfo-common-x86_64-2.6.32-642.6.2.el6.x86_64.rpm
kernel-devel-2.6.32-642.6.2.el6.x86_64.rpm
kernel-headers-2.6.32-642.6.2.el6.x86_64.rpm
perf-2.6.32-642.6.2.el6.x86_64.rpm
perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm
perf-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm
python-perf-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386:
kernel-debug-debuginfo-2.6.32-642.6.2.el6.i686.rpm
kernel-debuginfo-2.6.32-642.6.2.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-642.6.2.el6.i686.rpm
perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm
python-perf-2.6.32-642.6.2.el6.i686.rpm
python-perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm
x86_64:
kernel-debug-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm
kernel-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-642.6.2.el6.x86_64.rpm
perf-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm
python-perf-2.6.32-642.6.2.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source:
kernel-2.6.32-642.6.2.el6.src.rpm
noarch:
kernel-abi-whitelists-2.6.32-642.6.2.el6.noarch.rpm
kernel-doc-2.6.32-642.6.2.el6.noarch.rpm
kernel-firmware-2.6.32-642.6.2.el6.noarch.rpm
x86_64:
kernel-2.6.32-642.6.2.el6.x86_64.rpm
kernel-debug-2.6.32-642.6.2.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-642.6.2.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm
kernel-debug-devel-2.6.32-642.6.2.el6.i686.rpm
kernel-debug-devel-2.6.32-642.6.2.el6.x86_64.rpm
kernel-debuginfo-2.6.32-642.6.2.el6.i686.rpm
kernel-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm
kernel-debuginfo-common-i686-2.6.32-642.6.2.el6.i686.rpm
kernel-debuginfo-common-x86_64-2.6.32-642.6.2.el6.x86_64.rpm
kernel-devel-2.6.32-642.6.2.el6.x86_64.rpm
kernel-headers-2.6.32-642.6.2.el6.x86_64.rpm
perf-2.6.32-642.6.2.el6.x86_64.rpm
perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm
perf-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm
python-perf-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64:
kernel-debug-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm
kernel-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-642.6.2.el6.x86_64.rpm
perf-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm
python-perf-2.6.32-642.6.2.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source:
kernel-2.6.32-642.6.2.el6.src.rpm
i386:
kernel-2.6.32-642.6.2.el6.i686.rpm
kernel-debug-2.6.32-642.6.2.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-642.6.2.el6.i686.rpm
kernel-debug-devel-2.6.32-642.6.2.el6.i686.rpm
kernel-debuginfo-2.6.32-642.6.2.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-642.6.2.el6.i686.rpm
kernel-devel-2.6.32-642.6.2.el6.i686.rpm
kernel-headers-2.6.32-642.6.2.el6.i686.rpm
perf-2.6.32-642.6.2.el6.i686.rpm
perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm
python-perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm
noarch:
kernel-abi-whitelists-2.6.32-642.6.2.el6.noarch.rpm
kernel-doc-2.6.32-642.6.2.el6.noarch.rpm
kernel-firmware-2.6.32-642.6.2.el6.noarch.rpm
ppc64:
kernel-2.6.32-642.6.2.el6.ppc64.rpm
kernel-bootwrapper-2.6.32-642.6.2.el6.ppc64.rpm
kernel-debug-2.6.32-642.6.2.el6.ppc64.rpm
kernel-debug-debuginfo-2.6.32-642.6.2.el6.ppc64.rpm
kernel-debug-devel-2.6.32-642.6.2.el6.ppc64.rpm
kernel-debuginfo-2.6.32-642.6.2.el6.ppc64.rpm
kernel-debuginfo-common-ppc64-2.6.32-642.6.2.el6.ppc64.rpm
kernel-devel-2.6.32-642.6.2.el6.ppc64.rpm
kernel-headers-2.6.32-642.6.2.el6.ppc64.rpm
perf-2.6.32-642.6.2.el6.ppc64.rpm
perf-debuginfo-2.6.32-642.6.2.el6.ppc64.rpm
python-perf-debuginfo-2.6.32-642.6.2.el6.ppc64.rpm
s390x:
kernel-2.6.32-642.6.2.el6.s390x.rpm
kernel-debug-2.6.32-642.6.2.el6.s390x.rpm
kernel-debug-debuginfo-2.6.32-642.6.2.el6.s390x.rpm
kernel-debug-devel-2.6.32-642.6.2.el6.s390x.rpm
kernel-debuginfo-2.6.32-642.6.2.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-642.6.2.el6.s390x.rpm
kernel-devel-2.6.32-642.6.2.el6.s390x.rpm
kernel-headers-2.6.32-642.6.2.el6.s390x.rpm
kernel-kdump-2.6.32-642.6.2.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-642.6.2.el6.s390x.rpm
kernel-kdump-devel-2.6.32-642.6.2.el6.s390x.rpm
perf-2.6.32-642.6.2.el6.s390x.rpm
perf-debuginfo-2.6.32-642.6.2.el6.s390x.rpm
python-perf-debuginfo-2.6.32-642.6.2.el6.s390x.rpm
x86_64:
kernel-2.6.32-642.6.2.el6.x86_64.rpm
kernel-debug-2.6.32-642.6.2.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-642.6.2.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm
kernel-debug-devel-2.6.32-642.6.2.el6.i686.rpm
kernel-debug-devel-2.6.32-642.6.2.el6.x86_64.rpm
kernel-debuginfo-2.6.32-642.6.2.el6.i686.rpm
kernel-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm
kernel-debuginfo-common-i686-2.6.32-642.6.2.el6.i686.rpm
kernel-debuginfo-common-x86_64-2.6.32-642.6.2.el6.x86_64.rpm
kernel-devel-2.6.32-642.6.2.el6.x86_64.rpm
kernel-headers-2.6.32-642.6.2.el6.x86_64.rpm
perf-2.6.32-642.6.2.el6.x86_64.rpm
perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm
perf-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm
python-perf-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386:
kernel-debug-debuginfo-2.6.32-642.6.2.el6.i686.rpm
kernel-debuginfo-2.6.32-642.6.2.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-642.6.2.el6.i686.rpm
perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm
python-perf-2.6.32-642.6.2.el6.i686.rpm
python-perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm
ppc64:
kernel-debug-debuginfo-2.6.32-642.6.2.el6.ppc64.rpm
kernel-debuginfo-2.6.32-642.6.2.el6.ppc64.rpm
kernel-debuginfo-common-ppc64-2.6.32-642.6.2.el6.ppc64.rpm
perf-debuginfo-2.6.32-642.6.2.el6.ppc64.rpm
python-perf-2.6.32-642.6.2.el6.ppc64.rpm
python-perf-debuginfo-2.6.32-642.6.2.el6.ppc64.rpm
s390x:
kernel-debug-debuginfo-2.6.32-642.6.2.el6.s390x.rpm
kernel-debuginfo-2.6.32-642.6.2.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-642.6.2.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-642.6.2.el6.s390x.rpm
perf-debuginfo-2.6.32-642.6.2.el6.s390x.rpm
python-perf-2.6.32-642.6.2.el6.s390x.rpm
python-perf-debuginfo-2.6.32-642.6.2.el6.s390x.rpm
x86_64:
kernel-debug-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm
kernel-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-642.6.2.el6.x86_64.rpm
perf-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm
python-perf-2.6.32-642.6.2.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source:
kernel-2.6.32-642.6.2.el6.src.rpm
i386:
kernel-2.6.32-642.6.2.el6.i686.rpm
kernel-debug-2.6.32-642.6.2.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-642.6.2.el6.i686.rpm
kernel-debug-devel-2.6.32-642.6.2.el6.i686.rpm
kernel-debuginfo-2.6.32-642.6.2.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-642.6.2.el6.i686.rpm
kernel-devel-2.6.32-642.6.2.el6.i686.rpm
kernel-headers-2.6.32-642.6.2.el6.i686.rpm
perf-2.6.32-642.6.2.el6.i686.rpm
perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm
python-perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm
noarch:
kernel-abi-whitelists-2.6.32-642.6.2.el6.noarch.rpm
kernel-doc-2.6.32-642.6.2.el6.noarch.rpm
kernel-firmware-2.6.32-642.6.2.el6.noarch.rpm
x86_64:
kernel-2.6.32-642.6.2.el6.x86_64.rpm
kernel-debug-2.6.32-642.6.2.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-642.6.2.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm
kernel-debug-devel-2.6.32-642.6.2.el6.i686.rpm
kernel-debug-devel-2.6.32-642.6.2.el6.x86_64.rpm
kernel-debuginfo-2.6.32-642.6.2.el6.i686.rpm
kernel-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm
kernel-debuginfo-common-i686-2.6.32-642.6.2.el6.i686.rpm
kernel-debuginfo-common-x86_64-2.6.32-642.6.2.el6.x86_64.rpm
kernel-devel-2.6.32-642.6.2.el6.x86_64.rpm
kernel-headers-2.6.32-642.6.2.el6.x86_64.rpm
perf-2.6.32-642.6.2.el6.x86_64.rpm
perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm
perf-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm
python-perf-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386:
kernel-debug-debuginfo-2.6.32-642.6.2.el6.i686.rpm
kernel-debuginfo-2.6.32-642.6.2.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-642.6.2.el6.i686.rpm
perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm
python-perf-2.6.32-642.6.2.el6.i686.rpm
python-perf-debuginfo-2.6.32-642.6.2.el6.i686.rpm
x86_64:
kernel-debug-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm
kernel-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-642.6.2.el6.x86_64.rpm
perf-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm
python-perf-2.6.32-642.6.2.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-642.6.2.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2016-5195
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/2706661
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD4DBQFYEJcBXlSAg2UNWIIRAiWLAKCCzQq/hlgGpFbZwm1VmGEtsf8qbwCYhOVp
coEi7YBOAF6JIj/7g1jNNg==
=enSu
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
|
|
var-201205-0406
|
WebKit in Apple iOS before 5.1.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. WebKit is prone to an unspecified memory-corruption vulnerability.
An attacker can exploit this issue by enticing an unsuspecting user into visiting a malicious webpage with a vulnerable application.
Very few technical details are currently available. We will update this BID when more information emerges. iTunes is a free application for your Mac or PC. It lets you organize and play digital music and video on your computer. It can automatically download new music, app, and book purchases across all your devices and computers. And it’s a store that has everything you need to be entertained. Anywhere. a specially crafted .M3U file. Successful exploitation could allow execution of arbitrary code on the affected node.<br/><br/> --------------------------------------------------------------------------------<br/><br/><code> (940.fc0): Access violation - code c0000005 (!!! second chance !!!)<br/> eax=41414141 ebx=08508cd8 ecx=41414141 edx=052a6528 esi=052a64b0 edi=0559ef20<br/> eip=41414141 esp=0012d8e8 ebp=7c90ff2d iopl=0 nv up ei pl nz na pe nc<br/> cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000206<br/><unloaded_card.dll>+0x41414130:<br/> 41414141 ?? ???<br/><br/> ~~~<br/><br/> (6b0.a04): Access violation - code c0000005 (!!! second chance !!!)<br/> eax=41414141 ebx=00000000 ecx=00000014 edx=41414141 esi=41414141 edi=0187e10d<br/> eip=0187deec esp=0b0cfcd0 ebp=0b0cfcf0 iopl=0 nv up ei pl nz na pe nc<br/> cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000206<br/> Defaulted to export symbols for C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll -<br/> CoreFoundation!CFWriteStreamCreateWithAllocatedBuffers+0x40:<br/> 0187deec 8b00 mov eax,dword ptr [eax] ds:0023:41414141=????????<br/></unloaded_card.dll></code><br/> --------------------------------------------------------------------------------<br/><br/>Tested on: Microsoft Windows XP Professional SP3 EN (32bit)Microsoft Windows 7 Ultimate SP1 EN (64bit). WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. Vulnerabilities exist in WebKit versions prior to Apple iOS 5.1.1. ============================================================================
Ubuntu Security Notice USN-1524-1
August 08, 2012
webkit vulnerabilities
============================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
Summary:
Multiple security vulnerabilities were fixed in WebKit.
Software Description:
- webkit: Web content engine library for GTK+
Details:
A large number of security issues were discovered in the WebKit browser and
JavaScript engines.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 LTS:
libjavascriptcoregtk-1.0-0 1.8.1-0ubuntu0.12.04.1
libjavascriptcoregtk-3.0-0 1.8.1-0ubuntu0.12.04.1
libwebkitgtk-1.0-0 1.8.1-0ubuntu0.12.04.1
libwebkitgtk-3.0-0 1.8.1-0ubuntu0.12.04.1
After a standard system update you need to restart your session to make all
the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1524-1
CVE-2011-3046, CVE-2011-3050, CVE-2011-3067, CVE-2011-3068,
CVE-2011-3069, CVE-2011-3071, CVE-2011-3073, CVE-2011-3074,
CVE-2011-3075, CVE-2011-3078, CVE-2012-0672, CVE-2012-3615,
CVE-2012-3655, CVE-2012-3656, CVE-2012-3680, https://launchpad.net/bugs/1027283
Package Information:
https://launchpad.net/ubuntu/+source/webkit/1.8.1-0ubuntu0.12.04.1
. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester!
Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface.
Download it here!
http://secunia.com/psi_30_beta_launch
----------------------------------------------------------------------
TITLE:
Apple iTunes Two Vulnerabilities
SECUNIA ADVISORY ID:
SA49489
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/49489/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=49489
RELEASE DATE:
2012-06-12
DISCUSS ADVISORY:
http://secunia.com/advisories/49489/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/49489/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=49489
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Apple has reported two vulnerabilities in Apple iTunes, which can be
exploited by malicious people to compromise a user's system.
1) An error in the handling of .m3u playlists can be exploited to
cause a heap-based buffer overflow via a specially crafted M3U
(".m3u") file.
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY:
The vendor credits:
1) Gjoko Krstic, Zero Science Lab.
ORIGINAL ADVISORY:
Apple:
http://support.apple.com/kb/HT5318
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2012-05-07-1 iOS 5.1.1 Software Update
iOS 5.1.1 Software Update is now available and addresses the
following:
Safari
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: A maliciously crafted website may be able to spoof the
address in the location bar
Description: A URL spoofing issue existed in Safari. This could be
used in a malicious web site to direct the user to a spoofed site
that visually appeared to be a legitimate domain. This issue is
addressed through improved URL handling. This issue does not affect
OS X systems.
CVE-ID
CVE-2012-0674 : David Vieira-Kurz of MajorSecurity
(majorsecurity.net)
WebKit
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Visiting a maliciously crafted website may lead to a cross-
site scripting attack
Description: Multiple cross-site scripting issues existed in WebKit.
CVE-ID
CVE-2011-3046 : Sergey Glazunov working with Google's Pwnium contest
CVE-2011-3056 : Sergey Glazunov
WebKit
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in WebKit.
CVE-ID
CVE-2012-0672 : Adam Barth and Abhishek Arya of the Google Chrome
Security Team
Installation note:
This update is only available through iTunes, and will not appear
in your computer's Software Update application, or in the Apple
Downloads site. Make sure you have an Internet connection and have
installed the latest version of iTunes from www.apple.com/itunes/
iTunes will automatically check Apple's update server on its weekly
schedule. When an update is detected, it will download it. When
the iPhone, iPod touch or iPad is docked, iTunes will present the
user with the option to install the update. We recommend applying
the update immediately if possible. Selecting Don't Install will
present the option the next time you connect your iPhone, iPod touch,
or iPad.
The automatic update process may take up to a week depending on the
day that iTunes checks for updates. You may manually obtain the
update via the Check for Updates button within iTunes. After doing
this, the update can be applied when your iPhone, iPod touch, or iPad
is docked to your computer.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "5.1.1".
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
iQEcBAEBAgAGBQJPpBcyAAoJEGnF2JsdZQeexJYH/0aYO0MULFXYARidSV22JdjG
a1+yXKn8Rv2vv+8yStgKK2mWu18hvYWQ+whtvCzs1OefiVsq1nOvdCL1G62ybcYv
O9BiHEDsuu+On2nAPiglu+luokByKLlZcIaM1Qa3pXHkiI8jlH7y7XuuoFsVt1Vc
284JgvV/sHnvesne2GsNyoRBJjfkliqXCgb1zmQWO9xX7HEJCaMNlc5Bwdonm26q
3OEKr2UQxvmWCbnCroiQ5KmEM+gLJSfLLOymow9xa4gM8aM87BXGWNMEKVs8LRLm
dHngmEmzEa/Fx9PnR7rqjTCAMS8hR7aFcCYNTWjfR+keRXx7OHhCm88MfndryS8=
=qhqL
-----END PGP SIGNATURE-----
.
CVE-ID
CVE-2012-0672 : Adam Barth and Abhishek Arya of the Google Chrome
Security Team
WebKit
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,
OS X Lion v10.7.4, OS X Lion Server v10.7.4, Windows 7, Vista,
XP SP2 or later
Impact: A maliciously crafted website may be able to populate form
inputs on another website with arbitrary values
Description: A state tracking issue existed in WebKit's handling of
forms.
CVE-ID
CVE-2012-0676 : Andreas Akre Solberg of UNINETT AS, Aaron Roots of
Deakin University ITSD, Tyler Goen
Note: In addition, this update disables Adobe Flash Player if it
is older than 10.1.102.64 by moving its files to a new directory.
This update presents the option to install an updated version of
Flash Player from the Adobe website |
|
var-200102-0029
|
Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a large ICMP echo (ping) packet. The Oracle LDAP Daemon (oidldapd version 2.1.1.1), which ships with Oracle version 8i for Linux version 8.1.7, does not check write permissions properly. This can allow a local user to delete or write to any file on the system. There is a buffer overflow in the IBM AIX setclock command that may allow local attackers to gain root privileges. Broadband Operating System is prone to a denial-of-service vulnerability. The vulnerability exists in Cisco 600 routers running CBOS 2.4.1 and earlier versions. -----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary
January 1, 2001
Volume 6 Number 2
The following computer security issues have been publicly reported and
documented in the X-Force Vulnerability and Threat Database
(http://xforce.iss.net).
This document is available at
http://xforce.iss.net/alerts/vol-06_num-02.php. To receive these Alert
Summaries:
- - Subscribe to the Alert mailing list from
http://xforce.iss.net/maillists/index.php
- - Or send an email to majordomo@iss.net, and within the body of the
message type:
- - 'subscribe alert' (without the quotes).
_____
Contents
115 Reported Vulnerabilities
Risk Factor Key
_____
Date Reported: 12/31/00
Vulnerability: exmh-error-symlink
Platforms Affected: exmh 2.2 and earlier
Risk Factor: High
Attack Type: Host Based
Brief Description: exmh error message symlink
X-Force URL: http://xforce.iss.net/static/5829.php
_____
Date Reported: 12/30/00
Vulnerability: informix-webdriver-symlink
Platforms Affected: Informix Webdriver
Risk Factor: High
Attack Type: Host Based
Brief Description: Informix Webdriver symbolic link
X-Force URL: http://xforce.iss.net/static/5827.php
_____
Date Reported: 12/30/00
Vulnerability: informix-webdriver-admin-access
Platforms Affected: Informix Webdriver
Risk Factor: High
Attack Type: Network Based
Brief Description: Informix Webdriver remote Admin access
X-Force URL: http://xforce.iss.net/static/5833.php
_____
Date Reported: 12/29/00
Vulnerability: zonealarm-mutex-dos
Platforms Affected: ZoneAlarm Pro
Risk Factor: Medium
Attack Type: Host Based
Brief Description: ZoneAlarm and ZoneAlarm Pro Mutex creation denial
of service
X-Force URL: http://xforce.iss.net/static/5821.php
_____
Date Reported: 12/29/00
Vulnerability: zonealarm-batfile-dos
Platforms Affected: ZoneAlarm Pro
Risk Factor: Medium
Attack Type: Host Based
Brief Description: ZoneAlarm and ZoneAlarm Pro can be taken down with
a batch file
X-Force URL: http://xforce.iss.net/static/5822.php
_____
Date Reported: 12/29/00
Vulnerability: shockwave-flash-swf-bo
Platforms Affected: Shockwave Plugin 8.0 and prior
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Shockwave Flash SWF file buffer overflow
X-Force URL: http://xforce.iss.net/static/5826.php
_____
Date Reported: 12/29/00
Vulnerability: macos-multiple-users
Platforms Affected: MacOS 9.0
Risk Factor: High
Attack Type: Host Based
Brief Description: Mac OS 'Multiple Users' bypass password
X-Force URL: http://xforce.iss.net/static/5830.php
_____
Date Reported: 12/28/00
Vulnerability: http-cgi-ikonboard
Platforms Affected: Ikonboard 2.1.7b and prior
Risk Factor: High
Attack Type: Host Based
Brief Description: Ikonboard allows remote attacker to execute
commands
X-Force URL: http://xforce.iss.net/static/5819.php
_____
Date Reported: 12/27/00
Vulnerability: http-cgi-technote-main
Platforms Affected: TECH-NOTE (000, 2001, Pro)
Risk Factor: High
Attack Type: Network Based
Brief Description: TECH-NOTE main.cgi reveals files
X-Force URL: http://xforce.iss.net/static/5813.php
_____
Date Reported: 12/26/00
Vulnerability: xwindows-char-dos
Platforms Affected: XFree86
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: X Windows multiple character denial of service
X-Force URL: http://xforce.iss.net/static/5834.php
_____
Date Reported: 12/25/00
Vulnerability: 1stup-mail-server-bo
Platforms Affected: 1st Up Mail Server 4.1
Risk Factor: Medium
Attack Type: Network Based
Brief Description: 1st Up Mail Server buffer overflow
X-Force URL: http://xforce.iss.net/static/5808.php
_____
Date Reported: 12/25/00
Vulnerability: dialog-symlink
Platforms Affected: Linux Debian 2.2
Risk Factor: High
Attack Type: Host Based
Brief Description: Linux dialog package symlink attack
X-Force URL: http://xforce.iss.net/static/5809.php
_____
Date Reported: 12/25/00
Vulnerability: ibm-wcs-admin
Platforms Affected: IBM Websphere Commerce Suite
Risk Factor: High
Attack Type: Host Based
Brief Description: IBM WCS admin.config allows user to execute
arbitrary commands
X-Force URL: http://xforce.iss.net/static/5831.php
_____
Date Reported: 12/23/00
Vulnerability: http-cgi-technote-print
Platforms Affected: TECH-NOTE (2000, 2001, Pro)
Risk Factor: Medium
Attack Type: Network Based
Brief Description: TECH-NOTE print.cgi reveals files
X-Force URL: http://xforce.iss.net/static/5815.php
_____
Date Reported: 12/22/00
Vulnerability: iis-web-form-submit
Platforms Affected: IIS (4.0, 5.0)
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IIS Web form submission
X-Force URL: http://xforce.iss.net/static/5823.php
_____
Date Reported: 12/21/00
Vulnerability: hpux-kermit-bo
Platforms Affected: HPUX (10.01, 10.10, 10.20, 11.00)
Risk Factor: Medium
Attack Type: Host Based
Brief Description: HP-UX kermit buffer overflow
X-Force URL: http://xforce.iss.net/static/5793.php
_____
Date Reported: 12/21/00
Vulnerability: bsguest-cgi-execute-commands
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Network Based
Brief Description: bsguest.cgi allows remote execution of commands on
server
X-Force URL: http://xforce.iss.net/static/5796.php
_____
Date Reported: 12/21/00
Vulnerability: bslist-cgi-execute-commands
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Network Based
Brief Description: bslist.cgi allows remote execution of commands on
server
X-Force URL: http://xforce.iss.net/static/5797.php
_____
Date Reported: 12/21/00
Vulnerability: infinite-interchange-dos
Platforms Affected: Infinite Interchange 3.61
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Infinite InterChange denial of service
X-Force URL: http://xforce.iss.net/static/5798.php
_____
Date Reported: 12/21/00
Vulnerability: oracle-execute-plsql
Platforms Affected: Oracle Application Server
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Oracle remote procedure execution
X-Force URL: http://xforce.iss.net/static/5817.php
_____
Date Reported: 12/21/00
Vulnerability: ksh-redirection-symlink
Platforms Affected: IRIX (6.2, 6.5.x)
Solaris (2.5.1, 2.6, 7)
HPUX 9.00
Digital Unix 5.0
Risk Factor: High
Attack Type: Host Based
Brief Description: ksh redirection symlink attack
X-Force URL: http://xforce.iss.net/static/5811.php
_____
Date Reported: 12/21/00
Vulnerability: oracle-webdb-admin-access
Platforms Affected: Oracle Internet Application Server 3.0.7
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Oracle IAS allows administrative access
X-Force URL: http://xforce.iss.net/static/5818.php
_____
Date Reported: 12/21/00
Vulnerability: infinite-interchange-dos
Platforms Affected: Infinite Interchange 3.61
Risk Factor: Web Scan
Attack Type: Network/Host Based
Brief Description: Infinite InterChange denial of service
X-Force URL: http://xforce.iss.net/static/5798.php
_____
Date Reported: 12/20/00
Vulnerability: gnupg-detached-sig-modify
Platforms Affected: GnuPG (1.0, 1.0.1, 1.0.2, 1.0.3)
Risk Factor: Medium
Attack Type: Host Based
Brief Description: GnuPG allows users to modify signed messages with
detached signatures
X-Force URL: http://xforce.iss.net/static/5802.php
_____
Date Reported: 12/20/00
Vulnerability: gnupg-reveal-private
Platforms Affected: GnuPG (1.0, 1.0.1, 1.0.2, 1.0.3)
Risk Factor: Medium
Attack Type: Host Based
Brief Description: GnuPG will import private keys along with public
keys
X-Force URL: http://xforce.iss.net/static/5803.php
_____
Date Reported: 12/20/00
Vulnerability: zonealarm-nmap-scans
Platforms Affected: ZoneAlarm
Risk Factor: High
Attack Type: Network Based
Brief Description: ZoneAlarm does not detect NMAP scans
X-Force URL: http://xforce.iss.net/static/5799.php
_____
Date Reported: 12/20/00
Vulnerability: zonealarm-open-shares
Platforms Affected: ZoneAlarm
Risk Factor: High
Attack Type: Network Based
Brief Description: ZoneAlarm open shares
X-Force URL: http://xforce.iss.net/static/5825.php
_____
Date Reported: 12/19/00
Vulnerability: win2k-index-service-activex
Platforms Affected: Windows 2000
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: Windows 2000 Index Service ActiveX controls allow
unauthorized access to file information
X-Force URL: http://xforce.iss.net/static/5800.php
_____
Date Reported: 12/19/00
Vulnerability: proftpd-size-memory-leak
Platforms Affected: Proftpd
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: proftpd memory leak when using SIZE command
X-Force URL: http://xforce.iss.net/static/5801.php
_____
Date Reported: 12/19/00
Vulnerability: weblogic-dot-bo
Platforms Affected: WebLogic
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BEA WebLogic Server "dotdot" URL buffer overflow
X-Force URL: http://xforce.iss.net/static/5782.php
_____
Date Reported: 12/19/00
Vulnerability: mdaemon-imap-dos
Platforms Affected: MDaemon
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: MDaemon IMAP buffer overflow denial of service
X-Force URL: http://xforce.iss.net/static/5805.php
_____
Date Reported: 12/19/00
Vulnerability: zope-calculate-roles
Platforms Affected: Zp[e
Risk Factor: High
Attack Type: Host Based
Brief Description: zope package in Linux calculates local roles
incorrectly
X-Force URL: http://xforce.iss.net/static/5777.php
_____
Date Reported: 12/19/00
Vulnerability: itetris-svgalib-path
Platforms Affected: svgalib
Risk Factor: High
Attack Type: Host Based
Brief Description: Itetris svgalib PATH
X-Force URL: http://xforce.iss.net/static/5795.php
_____
Date Reported: 12/18/00
Vulnerability: bsd-ftpd-replydirname-bo
Platforms Affected: BSD Based Operating Systems
Risk Factor: High
Attack Type: Network Based
Brief Description: BSD ftpd replydirname() function buffer overflow
X-Force URL: http://xforce.iss.net/static/5776.php
_____
Date Reported: 12/18/00
Vulnerability: sonata-command-execute
Platforms Affected: Sonata
Risk Factor: High
Attack Type: Host Based
Brief Description: Sonata argument command line execution
X-Force URL: http://xforce.iss.net/static/5787.php
_____
Date Reported: 12/18/00
Vulnerability: solaris-catman-symlink
Platforms Affected: Solaris
Risk Factor: High
Attack Type: Host Based
Brief Description: Solaris catman command symlink attack
X-Force URL: http://xforce.iss.net/static/5788.php
_____
Date Reported: 12/18/00
Vulnerability: solaris-patchadd-symlink
Platforms Affected: Solaris
Risk Factor: High
Attack Type: Host Based
Brief Description: Solaris patchadd symlink attack
X-Force URL: http://xforce.iss.net/static/5789.php
_____
Date Reported: 12/18/00
Vulnerability: stunnel-format-logfile
Platforms Affected: Stunnel
Risk Factor: High
Attack Type: Network Based
Brief Description: Stunnel format allows user to write to logfile
X-Force URL: http://xforce.iss.net/static/5807.php
_____
Date Reported: 12/17/00
Vulnerability: hp-top-sys-files
Platforms Affected: HPUX
Risk Factor: Low
Attack Type: Host Based
Brief Description: HP-UX top command could be used to overwrite files
X-Force URL: http://xforce.iss.net/static/5773.php
_____
Date Reported: 12/16/00
Vulnerability: zope-legacy-names
Platforms Affected: Zope
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Linux zope package "legacy" names
X-Force URL: http://xforce.iss.net/static/5824.php
_____
Date Reported: 12/15/00
Vulnerability: mrj-runtime-malicious-applets
Platforms Affected: MRJ
Risk Factor: Low
Attack Type: Host Based
Brief Description: MRJ runtime environment could allow malicious
applets to be executed
X-Force URL: http://xforce.iss.net/static/5784.php
_____
Date Reported: 12/14/00
Vulnerability: coffeecup-ftp-weak-encryption
Platforms Affected: CoffeeCup FTP
Risk Factor: Low
Attack Type: Host Based
Brief Description: CoffeeCup FTP client has weak password encryption
X-Force URL: http://xforce.iss.net/static/5744.php
_____
Date Reported: 12/14/00
Vulnerability: watchguard-soho-fragmented-packets
Platforms Affected: WatchGuard
Risk Factor: Medium
Attack Type: Network Based
Brief Description: WatchGuard SOHO Firewall fragmented IP packet
attack
X-Force URL: http://xforce.iss.net/static/5749.php
_____
Date Reported: 12/14/00
Vulnerability: jpilot-perms
Platforms Affected: J-Pilot
Risk Factor: Medium
Attack Type: Host Based
Brief Description: J-Pilot permissions could reveal sensitive
information
X-Force URL: http://xforce.iss.net/static/5762.php
_____
Date Reported: 12/14/00
Vulnerability: mediaservices-dropped-connection-dos
Platforms Affected: Microsoft Media Services
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Microsoft Media Services dropped connection denial
of service
X-Force URL: http://xforce.iss.net/static/5785.php
_____
Date Reported: 12/14/00
Vulnerability: watchguard-soho-web-auth
Platforms Affected: WatchGuard
Risk Factor: High
Attack Type: Network Based
Brief Description: WatchGuard SOHO Web config server could allow
unauthenticated access
X-Force URL: http://xforce.iss.net/static/5554.php
_____
Date Reported: 12/14/00
Vulnerability: watchguard-soho-passcfg-reset
Platforms Affected: WatchGuard
Risk Factor: High
Attack Type: Network Based
Brief Description: WatchGuard SOHO administrator password can be
remotely reset
X-Force URL: http://xforce.iss.net/static/5742.php
_____
Date Reported: 12/14/00
Vulnerability: http-cgi-simplestguest
Platforms Affected: simplestguest.cgi
Risk Factor: High
Attack Type: Network Based
Brief Description: simplestguest.cgi input validation error
X-Force URL: http://xforce.iss.net/static/5743.php
_____
Date Reported: 12/14/00
Vulnerability: safeword-palm-pin-extraction
Platforms Affected: SafeWord
e.iD Palm Authenticator
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: SafeWord and e.iD Palm Authenticator allows
attacker to clone Palm device
X-Force URL: http://xforce.iss.net/static/5753.php
_____
Date Reported: 12/14/00
Vulnerability: mdaemon-lock-bypass-password
Platforms Affected: MDaemon
Risk Factor: High
Attack Type: Host Based
Brief Description: MDaemon "lock" bypass password
X-Force URL: http://xforce.iss.net/static/5763.php
_____
Date Reported: 12/13/00
Vulnerability: cisco-catalyst-ssh-mismatch
Platforms Affected: Cisco Catalyst
Risk Factor: Low
Attack Type: Network Based
Brief Description: Cisco Catalyst SSH protocol mismatch
X-Force URL: http://xforce.iss.net/static/5760.php
_____
Date Reported: 12/13/00
Vulnerability: microsoft-iis-file-disclosure
Platforms Affected: IIS
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Microsoft IIS Far East editions file disclosure
X-Force URL: http://xforce.iss.net/static/5729.php
_____
Date Reported: 12/13/00
Vulnerability: ezshopper-cgi-file-disclosure
Platforms Affected: loadpage.cgi
Risk Factor: Medium
Attack Type: Network Based
Brief Description: EZshopper loadpage.cgi file disclosure
X-Force URL: http://xforce.iss.net/static/5740.php
_____
Date Reported: 12/13/00
Vulnerability: winnt-mstask-dos
Platforms Affected: Windows NT
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Windows NT MSTask.exe denial of service
X-Force URL: http://xforce.iss.net/static/5746.php
_____
Date Reported: 12/13/00
Vulnerability: bftpd-site-chown-bo
Platforms Affected: BFTPD
Risk Factor: High
Attack Type: Network Based
Brief Description: BFTPD SITE CHOWN buffer overflow
X-Force URL: http://xforce.iss.net/static/5775.php
_____
Date Reported: 12/12/00
Vulnerability: aim-remote-bo
Platforms Affected: AOL Instant Messenger
Risk Factor: Medium
Attack Type: Network Based
Brief Description: AOL Instant Messenger buffer overflow
X-Force URL: http://xforce.iss.net/static/5732.php
_____
Date Reported: 12/12/00
Vulnerability: subscribemelite-gain-admin-access
Platforms Affected: Subscribe Me Lite
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Subscribe Me Lite mailing list manager
unauthorized access
X-Force URL: http://xforce.iss.net/static/5735.php
_____
Date Reported: 12/12/00
Vulnerability: zope-image-file
Platforms Affected: Zope
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux zope package Image and File objects
X-Force URL: http://xforce.iss.net/static/5778.php
_____
Date Reported: 12/12/00
Vulnerability: http-cgi-everythingform
Platforms Affected: everythingform.cgi
Risk Factor: High
Attack Type: Network Based
Brief Description: everythingform.cgi input validation error
X-Force URL: http://xforce.iss.net/static/5736.php
_____
Date Reported: 12/12/00
Vulnerability: http-cgi-simplestmail
Platforms Affected: simplestmail.cgi
Risk Factor: High
Attack Type: Network Based
Brief Description: simplestmail.cgi input validation error
X-Force URL: http://xforce.iss.net/static/5739.php
_____
Date Reported: 12/12/00
Vulnerability: http-cgi-ad
Platforms Affected: ad.cgi
Risk Factor: High
Attack Type: Network Based
Brief Description: ad.cgi input validation error
X-Force URL: http://xforce.iss.net/static/5741.php
_____
Date Reported: 12/12/00
Vulnerability: kde-kmail-weak-encryption
Platforms Affected: KDE KMail
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: KDE KMail weak password encryption
X-Force URL: http://xforce.iss.net/static/5761.php
_____
Date Reported: 12/12/00
Vulnerability: aolim-buddyicon-bo
Platforms Affected: AOL Instant Messenger
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: AOL Instant Messenger Buddy Icon buffer overflow
X-Force URL: http://xforce.iss.net/static/5786.php
_____
Date Reported: 12/12/00
Vulnerability: aim-remote-bo
Platforms Affected: AOL Instant Messenger
Risk Factor: Medium
Attack Type: Network Based
Brief Description: AOL Instant Messenger buffer overflow
X-Force URL: http://xforce.iss.net/static/5732.php
_____
Date Reported: 12/11/00
Vulnerability: rppppoe-zero-length-dos
Platforms Affected: rp-pppoe
Risk Factor: Medium
Attack Type: Network Based
Brief Description: rp-pppoe "zero-length" option denial of service
X-Force URL: http://xforce.iss.net/static/5727.php
_____
Date Reported: 12/11/00
Vulnerability: proftpd-modsqlpw-unauth-access
Platforms Affected: ProFTPd
Risk Factor: Medium
Attack Type: Network Based
Brief Description: ProFTPD system using mod_sqlpw unauthorized access
X-Force URL: http://xforce.iss.net/static/5737.php
_____
Date Reported: 12/11/00
Vulnerability: gnu-ed-symlink
Platforms Affected: GNU ed
Risk Factor: High
Attack Type: Host Based
Brief Description: GNU ed symlink
X-Force URL: http://xforce.iss.net/static/5723.php
_____
Date Reported: 12/11/00
Vulnerability: oops-ftputils-bo
Platforms Affected: Oops Proxy Server
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Oops Proxy Server ftp_utils buffer overflow
X-Force URL: http://xforce.iss.net/static/5725.php
_____
Date Reported: 12/11/00
Vulnerability: oracle-oidldap-write-permission
Platforms Affected: Oracle Internet Directory
Risk Factor: High
Attack Type: Host Based
Brief Description: Oracle Internet Directory write permission
X-Force URL: http://xforce.iss.net/static/5804.php
_____
Date Reported: 12/9/00
Vulnerability: foolproof-security-bypass
Platforms Affected: FoolProof
Risk Factor: High
Attack Type: Host Based
Brief Description: FoolProof Security restriction bypass using FTP
X-Force URL: http://xforce.iss.net/static/5758.php
_____
Date Reported: 12/8/00
Vulnerability: broadvision-bv1to1-reveal-path
Platforms Affected: BroadVision One-To-One Enterprise Server
Risk Factor: Low
Attack Type: Network Based
Brief Description: BroadVision One-To-One Enterprise Server reveals
path to server
X-Force URL: http://xforce.iss.net/static/5661.php
_____
Date Reported: 12/8/00
Vulnerability: ssldump-format-strings
Platforms Affected: ssldump
Risk Factor: Medium
Attack Type: Network Based
Brief Description: ssldump format string could allow arbitrary
execution of code
X-Force URL: http://xforce.iss.net/static/5717.php
_____
Date Reported: 12/8/00
Vulnerability: coldfusion-sample-dos
Platforms Affected: ColdFusion
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: ColdFusion sample script denial of service
X-Force URL: http://xforce.iss.net/static/5755.php
_____
Date Reported: 12/8/00
Vulnerability: kerberos4-arbitrary-proxy
Platforms Affected: Kerberos 4
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: KTH Kerberos 4 arbitrary proxy enviornment
variable
X-Force URL: http://xforce.iss.net/static/5733.php
_____
Date Reported: 12/8/00
Vulnerability: kerberos4-auth-packet-overflow
Platforms Affected: Kerberos 4
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: KTH Kerberos 4 authentication packet buffer
overflow
X-Force URL: http://xforce.iss.net/static/5734.php
_____
Date Reported: 12/8/00
Vulnerability: kerberos4-user-config
Platforms Affected: Kerberos 4
Risk Factor: High
Attack Type: Host Based
Brief Description: KTH Kerberos 4 user supplied configuration files
X-Force URL: http://xforce.iss.net/static/5738.php
_____
Date Reported: 12/8/00
Vulnerability: kerberos4-tmpfile-dos
Platforms Affected: Kerberos 4
Risk Factor: High
Attack Type: Host Based
Brief Description: KTH Kerberos 4 race condition
X-Force URL: http://xforce.iss.net/static/5754.php
_____
Date Reported: 12/7/00
Vulnerability: homeseer-directory-traversal
Platforms Affected: HomeSeer
Risk Factor: Low
Attack Type: Network Based
Brief Description: HomeSeer allows directory traversal
X-Force URL: http://xforce.iss.net/static/5663.php
_____
Date Reported: 12/7/00
Vulnerability: offline-explorer-reveal-files
Platforms Affected: MetaProducts Offline Explorer
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: MetaProducts Offline Explorer can reveal file
system
X-Force URL: http://xforce.iss.net/static/5728.php
_____
Date Reported: 12/7/00
Vulnerability: imail-smtp-auth-dos
Platforms Affected: IMail
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IMail SMTP auth denial of service
X-Force URL: http://xforce.iss.net/static/5674.php
_____
Date Reported: 12/6/00
Vulnerability: apc-apcupsd-dos
Platforms Affected: APC apcupsd
Risk Factor: Medium
Attack Type: Host Based
Brief Description: APC apcupsd denial of service
X-Force URL: http://xforce.iss.net/static/5654.php
_____
Date Reported: 12/6/00
Vulnerability: cisco-catalyst-telnet-dos
Platforms Affected: Cisco Catalyst
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Cisco Catalyst telnet server memory leak denial of
service
X-Force URL: http://xforce.iss.net/static/5656.php
_____
Date Reported: 12/6/00
Vulnerability: apache-php-disclose-files
Platforms Affected: Apache Web server
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Apache Web server discloses files when used with
php script
X-Force URL: http://xforce.iss.net/static/5659.php
_____
Date Reported: 12/6/00
Vulnerability: ultraseek-reveal-path
Platforms Affected: Ultraseek
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Ultraseek Server can reveal the path and source
code to certain files
X-Force URL: http://xforce.iss.net/static/5660.php
_____
Date Reported: 12/6/00
Vulnerability: irc-dreamforge-dns-dos
Platforms Affected: DreamForge IRCd
Risk Factor: Medium
Attack Type: Network Based
Brief Description: DreamForge IRCd DNS denial of service
X-Force URL: http://xforce.iss.net/static/5721.php
_____
Date Reported: 12/6/00
Vulnerability: mailman-alternate-templates
Platforms Affected: MailMan
Risk Factor: High
Attack Type: Network Based
Brief Description: MailMan Alternate Templates form variable allows
remote attacker to execute commands
X-Force URL: http://xforce.iss.net/static/5649.php
_____
Date Reported: 12/6/00
Vulnerability: phpgroupware-include-files
Platforms Affected:
Risk Factor: High
Attack Type: Network Based
Brief Description: phpGroupWare include files allows remote attacker
to execute commands
X-Force URL: http://xforce.iss.net/static/5650.php
_____
Date Reported: 12/6/00
Vulnerability: markvision-printer-driver-bo
Platforms Affected: Lexmark MarkVision
Risk Factor: High
Attack Type: Host Based
Brief Description: Lexmark MarkVision printer drivers for Unix buffer
overflows
X-Force URL: http://xforce.iss.net/static/5651.php
_____
Date Reported: 12/6/00
Vulnerability: nt-ras-reg-perms
Platforms Affected: Windows NT
Risk Factor: High
Attack Type: Host Based
Brief Description: Windows NT RAS registry permissions
X-Force URL: http://xforce.iss.net/static/5671.php
_____
Date Reported: 12/6/00
Vulnerability: nt-snmp-reg-perms
Platforms Affected: Windows NT
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Windows NT SNMP registry permissions
X-Force URL: http://xforce.iss.net/static/5672.php
_____
Date Reported: 12/6/00
Vulnerability: nt-mts-reg-perms
Platforms Affected: Windows NT
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Windows NT MTS registry permissions
X-Force URL: http://xforce.iss.net/static/5673.php
_____
Date Reported: 12/6/00
Vulnerability: irc-bitchx-dns-bo
Platforms Affected: BitchX
Risk Factor: High
Attack Type: Network Based
Brief Description: BitchX IRC DNS buffer overflow
X-Force URL: http://xforce.iss.net/static/5701.php
_____
Date Reported: 12/5/00
Vulnerability: ibm-db2-gain-access
Platforms Affected: IBM DB2
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IBM DB2 Universal Database can give access through
default username and password
X-Force URL: http://xforce.iss.net/static/5662.php
_____
Date Reported: 12/5/00
Vulnerability: ibm-db2-dos
Platforms Affected: IBM DB2
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IBM DB2 Universal Database denial of service
X-Force URL: http://xforce.iss.net/static/5664.php
_____
Date Reported: 12/5/00
Vulnerability: vsu-source-routing
Platforms Affected: VSU
Risk Factor: Medium
Attack Type: Network Based
Brief Description: VPNet VSU gateways contain source routing
X-Force URL: http://xforce.iss.net/static/5667.php
_____
Date Reported: 12/5/00
Vulnerability: vsu-ip-bridging
Platforms Affected: VSU
Risk Factor: Medium
Attack Type: Network Based
Brief Description: VPNet VSU gateways contain bridging code
X-Force URL: http://xforce.iss.net/static/5670.php
_____
Date Reported: 12/5/00
Vulnerability: ftp-servu-homedir-travers
Platforms Affected: Serv-U FTP
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: FTP Serv-U home directory traversal could allow
access to FTProot
X-Force URL: http://xforce.iss.net/static/5639.php
_____
Date Reported: 12/4/00
Vulnerability: cisco-cbos-web-access
Platforms Affected: CISCO CBOS
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Cisco CBOS Web access enabled denial of service
X-Force URL: http://xforce.iss.net/static/5626.php
_____
Date Reported: 12/4/00
Vulnerability: watchguard-soho-get-dos
Platforms Affected: WatchGuard SOHO
Risk Factor: Medium
Attack Type: Network Based
Brief Description: WatchGuard SOHO Firewall multiple GET requests
denial of service
X-Force URL: http://xforce.iss.net/static/5665.php
_____
Date Reported: 12/4/00
Vulnerability: phone-book-service-bo
Platforms Affected: Windows 2000
Windows NT
Risk Factor: High
Attack Type: Network Based
Brief Description: Windows NT and 2000 Phone Book service buffer
overflow
X-Force URL: http://xforce.iss.net/static/5623.php
_____
Date Reported: 12/4/00
Vulnerability: cisco-cbos-syn-packets
Platforms Affected: CISCO CBOS
Risk Factor: High
Attack Type: Network Based
Brief Description: Cisco CBOS SYN packets denial of service
X-Force URL: http://xforce.iss.net/static/5627.php
_____
Date Reported: 12/4/00
Vulnerability: cisco-cbos-invalid-login
Platforms Affected: CISCO CBOS
Risk Factor: High
Attack Type: Network Based
Brief Description: Cisco CBOS does not log invalid logins
X-Force URL: http://xforce.iss.net/static/5628.php
_____
Date Reported: 12/4/00
Vulnerability: cisco-cbos-icmp-echo
Platforms Affected: CISCO CBOS
Risk Factor: High
Attack Type: Network Based
Brief Description: Cisco CBOS large ICMP ECHO packet denial of
service
X-Force URL: http://xforce.iss.net/static/5629.php
_____
Date Reported: 12/2/00
Vulnerability: phpweblog-bypass-authentication
Platforms Affected: phpWebLog
Risk Factor: High
Attack Type: Host Based
Brief Description: phpWebLog allows users to bypass authentication
X-Force URL: http://xforce.iss.net/static/5625.php
_____
Date Reported: 12/1/00
Vulnerability: linux-diskcheck-race-symlink
Platforms Affected: Linux
Risk Factor: Low
Attack Type: Host Based
Brief Description: Linux diskcheck race condition could allow a tmp
file symbolic link attack
X-Force URL: http://xforce.iss.net/static/5624.php
_____
Date Reported: 12/1/00
Vulnerability: ie-form-file-upload
Platforms Affected: Microsoft Internet Explorer
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Internet Explorer file upload form
X-Force URL: http://xforce.iss.net/static/5615.php
_____
Date Reported: 12/1/00
Vulnerability: mssql-xp-paraminfo-bo
Platforms Affected:
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Microsoft SQL XP srv_paraminfo() buffer overflow
X-Force URL: http://xforce.iss.net/static/5622.php
_____
Date Reported: 12/1/00
Vulnerability: majordomo-auth-execute-commands
Platforms Affected: Majordomo
Risk Factor: High
Attack Type: Network Based
Brief Description: Majordomo allows administrative access without
password
X-Force URL: http://xforce.iss.net/static/5611.php
_____
Date Reported: 12/1/00
Vulnerability: ie-print-template
Platforms Affected: Microsoft Internet Explorer
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Internet Explorer print template
X-Force URL: http://xforce.iss.net/static/5614.php
_____
Date Reported: 12/1/00
Vulnerability: aix-piobe-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX piobe buffer overflow
X-Force URL: http://xforce.iss.net/static/5616.php
_____
Date Reported: 12/1/00
Vulnerability: aix-pioout-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX pioout buffer overflow
X-Force URL: http://xforce.iss.net/static/5617.php
_____
Date Reported: 12/1/00
Vulnerability: aix-setclock-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX setclock buffer overflow
X-Force URL: http://xforce.iss.net/static/5618.php
_____
Date Reported: 12/1/00
Vulnerability: aix-enq-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX enq buffer overflow
X-Force URL: http://xforce.iss.net/static/5619.php
_____
Date Reported: 12/1/00
Vulnerability: aix-digest-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX digest buffer overflow
X-Force URL: http://xforce.iss.net/static/5620.php
_____
Date Reported: 12/1/00
Vulnerability: aix-setsenv-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX setsenv buffer overflow
X-Force URL: http://xforce.iss.net/static/5621.php
Risk Factor Key:
High Any vulnerability that provides an attacker with immediate
access into a machine, gains superuser access, or bypasses
a firewall. Example: A vulnerable Sendmail 8.6.5 version
that allows an intruder to execute commands on mail
server.
Medium Any vulnerability that provides information that has a
high potential of giving system access to an intruder.
Example: A misconfigured TFTP or vulnerable NIS server
that allows an intruder to get the password file that
could contain an account with a guessable password.
Low Any vulnerability that provides information that
potentially could lead to a compromise. Example: A
finger that allows an intruder to find out who is online
and potential accounts to attempt to crack passwords
via brute force methods.
_____
Additional Information
This document is available at http://xforce.iss.net/alerts/advisennn.php.
To receive these Alerts and Advisories:
- - Subscribe to the Alert mailing list from
http://xforce.iss.net/maillists/index.php
- - Or send an email to majordomo@iss.net, and within the body of the
message type:
'subscribe alert' (without the quotes).
About Internet Security Systems (ISS)
Internet Security Systems, Inc. (ISS) (NASDAQ: ISSX) is the leading
global provider of security management solutions for the Internet.
By combining best of breed products, security management services,
aggressive research and development, and comprehensive educational
and consulting services, ISS is the trusted security advisor for
thousands of organizations around the world looking to protect their
mission critical information and networks.
Copyright (c) 2001 by Internet Security Systems, Inc.
Permission is hereby granted for the redistribution of this Alert
electronically. It is not to be edited in any way without express consent
of the X-Force. If you wish to reprint the whole or any part of this
Alert in any other medium excluding electronic medium, please e-mail
xforce@iss.net for permission.
Disclaimer
The information within this paper may change without notice. Use of this
information constitutes acceptance for use in an AS IS condition. There
are NO warranties with regard to this information. In no event shall the
author be liable for any damages whatsoever arising out of or in
connection with the use or spread of this information. Any use of this
information is at the user's own risk.
X-Force PGP Key available at: http://xforce.iss.net/sensitive.php as
well as on MIT's PGP key server and PGP.com's key server.
Please send suggestions, updates, and comments to: X-Force xforce@iss.net
of Internet Security Systems, Inc.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: noconv
iQCVAwUBOmd8xjRfJiV99eG9AQHGkAQAgX36zVSxItnmE160WG5ws5c6tp0F0Sr0
LLmTWkj7iiYUNv2dKxsw0L4IxItVyilHBYDDrQtjpD76ABE1YhaU2qxlFCeNqMoL
r21MXXYy0JZWfMCU+t7dk7VNtDzy/0EpbZIcBqziisvQJYgUin3viD54QK+gsYIw
jbM10AXVSHw=
=5U+8
-----END PGP SIGNATURE-----
|
|
var-201806-1505
|
System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel. Intel Core Systems with microprocessors contain information disclosure vulnerabilities.Information may be obtained. An attacker could exploit this vulnerability to obtain values about other processes stored in a number register. ==========================================================================
Ubuntu Security Notice USN-3696-2
July 02, 2018
linux-lts-xenial, linux-aws vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in the Linux kernel. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu
14.04 LTS.
It was discovered that an integer overflow existed in the perf subsystem of
the Linux kernel. A local attacker could use this to cause a denial of
service (system crash). (CVE-2017-18255)
Wei Fang discovered an integer overflow in the F2FS filesystem
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service. (CVE-2017-18257)
It was discovered that an information leak existed in the generic SCSI
driver in the Linux kernel. A local attacker could use this to expose
sensitive information (kernel memory). (CVE-2018-1000204)
It was discovered that the wait4() system call in the Linux kernel did not
properly validate its arguments in some situations. A local attacker could
possibly use this to cause a denial of service. (CVE-2018-10087)
It was discovered that the kill() system call implementation in the Linux
kernel did not properly validate its arguments in some situations. A local
attacker could possibly use this to cause a denial of service.
(CVE-2018-10124)
Julian Stecklina and Thomas Prescher discovered that FPU register states
(such as MMX, SSE, and AVX registers) which are lazily restored are
potentially vulnerable to a side channel attack. A local attacker could use
this to expose sensitive information. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2018-5814)
It was discovered that an information leak vulnerability existed in the
floppy driver in the Linux kernel. A local attacker could use this to
expose sensitive information (kernel memory). (CVE-2018-7755)
Seunghun Han discovered an information leak in the ACPI handling code in
the Linux kernel when handling early termination of ACPI table loading. A
local attacker could use this to expose sensitive informal (kernel address
locations). (CVE-2017-13695)
It was discovered that a memory leak existed in the Serial Attached SCSI
(SAS) implementation in the Linux kernel. A physically proximate attacker
could use this to cause a denial of service (memory exhaustion).
(CVE-2018-10021)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS:
linux-image-4.4.0-1024-aws 4.4.0-1024.25
linux-image-4.4.0-130-generic 4.4.0-130.156~14.04.1
linux-image-4.4.0-130-generic-lpae 4.4.0-130.156~14.04.1
linux-image-4.4.0-130-lowlatency 4.4.0-130.156~14.04.1
linux-image-4.4.0-130-powerpc-e500mc 4.4.0-130.156~14.04.1
linux-image-4.4.0-130-powerpc-smp 4.4.0-130.156~14.04.1
linux-image-4.4.0-130-powerpc64-emb 4.4.0-130.156~14.04.1
linux-image-4.4.0-130-powerpc64-smp 4.4.0-130.156~14.04.1
linux-image-aws 4.4.0.1024.24
linux-image-generic-lpae-lts-xenial 4.4.0.130.110
linux-image-generic-lts-xenial 4.4.0.130.110
linux-image-lowlatency-lts-xenial 4.4.0.130.110
linux-image-powerpc-e500mc-lts-xenial 4.4.0.130.110
linux-image-powerpc-smp-lts-xenial 4.4.0.130.110
linux-image-powerpc64-emb-lts-xenial 4.4.0.130.110
linux-image-powerpc64-smp-lts-xenial 4.4.0.130.110
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-SA-18:07.lazyfpu Security Advisory
The FreeBSD Project
Topic: Lazy FPU State Restore Information Disclosure
Category: core
Module: kernel
Announced: 2018-06-21
Credits: Julian Stecklina from Amazon Germany
Thomas Prescher from Cyberus Technology GmbH
Zdenek Sojka from SYSGO AG
Colin Percival
Affects: All supported version of FreeBSD.
Corrected: 2018-06-14 18:50:49 UTC (stable/11, 11.2-PRERELEASE)
2018-06-15 13:21:37 UTC (releng/11.2, 11.2-RC3)
2018-06-21 05:17:13 UTC (releng/11.1, 11.1-RELEASE-p11)
CVE Name: CVE-2018-3665
Special Note: This advisory only addresses this issue for FreeBSD 11.x on
i386 and amd64. We expect to update this advisory to include
10.x in the near future.
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:https://security.FreeBSD.org/>. Background
Modern CPUs have a floating point unit (FPU) which needs to maintain state
per thread. One technique is to only save and to only restore the FPU state
for a thread when a thread attempts to utilize the FPU.
II.
III. Impact
Any local thread can potentially read FPU state information from other
threads running on the host. This could include cryptographic keys when the
AES-NI CPU feature is present.
IV. Workaround
No workaround is available, but non-Intel branded CPUs are not believed
to be vulnerable.
V.
This new technique is the recommended practice from Intel and in some cases
can actually increase performance, depending on workload.
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.
Afterward, reboot the system.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
Afterward, reboot the system.
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
[FreeBSD 11.1]
# fetch https://security.FreeBSD.org/patches/SA-18:07/lazyfpu-11.patch
# fetch https://security.FreeBSD.org/patches/SA-18:07/lazyfpu-11.patch.asc
# gpg --verify lazyfpu-11.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile your kernel as described in
<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
system.
VI. Correction details
The following list contains the correction revision numbers for each
affected branch.
Branch/path Revision
- -------------------------------------------------------------------------
stable/11/ r335169
releng/11.2/ r335196
releng/11.1/ r335465
- -------------------------------------------------------------------------
To see which files were modified by a particular revision, run the
following command, replacing NNNNNN with the revision number, on a
machine with Subversion installed:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. (CVE-2018-3665)
Update instructions:
The problem can be corrected by updating your livepatches to the following
versions:
| Kernel | Version | flavors |
|--------------------------+----------+--------------------------|
| 4.4.0-124.148 | 40.6 | lowlatency, generic |
| 4.4.0-124.148~14.04.1 | 40.6 | generic, lowlatency |
| 4.4.0-127.153 | 40.6 | lowlatency, generic |
| 4.4.0-127.153~14.04.1 | 40.6 | lowlatency, generic |
| 4.4.0-128.154 | 40.6 | generic, lowlatency |
| 4.4.0-128.154~14.04.1 | 40.6 | generic, lowlatency |
| 4.15.0-20.21 | 40.7 | generic, lowlatency |
| 4.15.0-22.24 | 40.7 | lowlatency, generic |
| 4.15.0-23.25 | 40.7 | lowlatency, generic |
References:
CVE-2018-1093, CVE-2018-1092, CVE-2018-7755, CVE-2018-3665
--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
. 7) - noarch, ppc64le
3. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update
Advisory ID: RHSA-2018:2164-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2018:2164
Issue date: 2018-07-10
CVE Names: CVE-2018-3639 CVE-2018-3665 CVE-2018-10675
CVE-2018-10872
====================================================================
1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
3. Description:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
Security Fix(es):
* An industry-wide issue was found in the way many modern microprocessor
designs have implemented speculative execution of Load & Store instructions
(a commonly used performance optimization). It relies on the presence of a
precisely-defined instruction sequence in the privileged code as well as
the fact that memory read from address to which a recent memory write has
occurred may see an older value and subsequently cause an update into the
microprocessor's data cache even for speculatively executed instructions
that never actually commit (retire). As a result, an unprivileged attacker
could use this flaw to read privileged memory by conducting targeted cache
side-channel attacks. (CVE-2018-3639, x86 AMD)
* kernel: Use-after-free vulnerability in mm/mempolicy.c:do_get_mempolicy
function allows local denial of service or other unspecified impact
(CVE-2018-10675)
* Kernel: FPU state information leakage via lazy FPU restore
(CVE-2018-3665)
* kernel: error in exception handling leads to DoS (CVE-2018-8897
regression) (CVE-2018-10872)
For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in
the References section.
Red Hat would like to thank Ken Johnson (Microsoft Security Response
Center) and Jann Horn (Google Project Zero) for reporting CVE-2018-3639 and
Julian Stecklina (Amazon.de), Thomas Prescher (cyberus-technology.de), and
Zdenek Sojka (sysgo.com) for reporting CVE-2018-3665.
Bug Fix(es):
* Previously, microcode updates on 32 and 64-bit AMD and Intel
architectures were not synchronized. As a consequence, it was not possible
to apply the microcode updates. This fix adds the synchronization to the
microcode updates so that processors of the stated architectures receive
updates at the same time. As a result, microcode updates are now
synchronized. (BZ#1574592)
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1566890 - CVE-2018-3639 hw: cpu: speculative store bypass
1575065 - CVE-2018-10675 kernel: Use-after-free vulnerability in mm/mempolicy.c:do_get_mempolicy function allows local denial-of-service or other unspecified impact
1585011 - CVE-2018-3665 Kernel: FPU state information leakage via lazy FPU restore
1596094 - CVE-2018-10872 kernel: error in exception handling leads to DoS (CVE-2018-8897 regression)
6. Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source:
kernel-2.6.32-754.2.1.el6.src.rpm
i386:
kernel-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-754.2.1.el6.i686.rpm
kernel-devel-2.6.32-754.2.1.el6.i686.rpm
kernel-headers-2.6.32-754.2.1.el6.i686.rpm
perf-2.6.32-754.2.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
noarch:
kernel-abi-whitelists-2.6.32-754.2.1.el6.noarch.rpm
kernel-doc-2.6.32-754.2.1.el6.noarch.rpm
kernel-firmware-2.6.32-754.2.1.el6.noarch.rpm
x86_64:
kernel-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debug-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debuginfo-common-i686-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-common-x86_64-2.6.32-754.2.1.el6.x86_64.rpm
kernel-devel-2.6.32-754.2.1.el6.x86_64.rpm
kernel-headers-2.6.32-754.2.1.el6.x86_64.rpm
perf-2.6.32-754.2.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386:
kernel-debug-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-754.2.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
python-perf-2.6.32-754.2.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
x86_64:
kernel-debug-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-754.2.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
python-perf-2.6.32-754.2.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source:
kernel-2.6.32-754.2.1.el6.src.rpm
noarch:
kernel-abi-whitelists-2.6.32-754.2.1.el6.noarch.rpm
kernel-doc-2.6.32-754.2.1.el6.noarch.rpm
kernel-firmware-2.6.32-754.2.1.el6.noarch.rpm
x86_64:
kernel-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debug-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debuginfo-common-i686-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-common-x86_64-2.6.32-754.2.1.el6.x86_64.rpm
kernel-devel-2.6.32-754.2.1.el6.x86_64.rpm
kernel-headers-2.6.32-754.2.1.el6.x86_64.rpm
perf-2.6.32-754.2.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64:
kernel-debug-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-754.2.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
python-perf-2.6.32-754.2.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source:
kernel-2.6.32-754.2.1.el6.src.rpm
i386:
kernel-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-754.2.1.el6.i686.rpm
kernel-devel-2.6.32-754.2.1.el6.i686.rpm
kernel-headers-2.6.32-754.2.1.el6.i686.rpm
perf-2.6.32-754.2.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
noarch:
kernel-abi-whitelists-2.6.32-754.2.1.el6.noarch.rpm
kernel-doc-2.6.32-754.2.1.el6.noarch.rpm
kernel-firmware-2.6.32-754.2.1.el6.noarch.rpm
ppc64:
kernel-2.6.32-754.2.1.el6.ppc64.rpm
kernel-bootwrapper-2.6.32-754.2.1.el6.ppc64.rpm
kernel-debug-2.6.32-754.2.1.el6.ppc64.rpm
kernel-debug-debuginfo-2.6.32-754.2.1.el6.ppc64.rpm
kernel-debug-devel-2.6.32-754.2.1.el6.ppc64.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.ppc64.rpm
kernel-debuginfo-common-ppc64-2.6.32-754.2.1.el6.ppc64.rpm
kernel-devel-2.6.32-754.2.1.el6.ppc64.rpm
kernel-headers-2.6.32-754.2.1.el6.ppc64.rpm
perf-2.6.32-754.2.1.el6.ppc64.rpm
perf-debuginfo-2.6.32-754.2.1.el6.ppc64.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.ppc64.rpm
s390x:
kernel-2.6.32-754.2.1.el6.s390x.rpm
kernel-debug-2.6.32-754.2.1.el6.s390x.rpm
kernel-debug-debuginfo-2.6.32-754.2.1.el6.s390x.rpm
kernel-debug-devel-2.6.32-754.2.1.el6.s390x.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-754.2.1.el6.s390x.rpm
kernel-devel-2.6.32-754.2.1.el6.s390x.rpm
kernel-headers-2.6.32-754.2.1.el6.s390x.rpm
kernel-kdump-2.6.32-754.2.1.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-754.2.1.el6.s390x.rpm
kernel-kdump-devel-2.6.32-754.2.1.el6.s390x.rpm
perf-2.6.32-754.2.1.el6.s390x.rpm
perf-debuginfo-2.6.32-754.2.1.el6.s390x.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.s390x.rpm
x86_64:
kernel-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debug-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debuginfo-common-i686-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-common-x86_64-2.6.32-754.2.1.el6.x86_64.rpm
kernel-devel-2.6.32-754.2.1.el6.x86_64.rpm
kernel-headers-2.6.32-754.2.1.el6.x86_64.rpm
perf-2.6.32-754.2.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386:
kernel-debug-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-754.2.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
python-perf-2.6.32-754.2.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
ppc64:
kernel-debug-debuginfo-2.6.32-754.2.1.el6.ppc64.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.ppc64.rpm
kernel-debuginfo-common-ppc64-2.6.32-754.2.1.el6.ppc64.rpm
perf-debuginfo-2.6.32-754.2.1.el6.ppc64.rpm
python-perf-2.6.32-754.2.1.el6.ppc64.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.ppc64.rpm
s390x:
kernel-debug-debuginfo-2.6.32-754.2.1.el6.s390x.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-754.2.1.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-754.2.1.el6.s390x.rpm
perf-debuginfo-2.6.32-754.2.1.el6.s390x.rpm
python-perf-2.6.32-754.2.1.el6.s390x.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.s390x.rpm
x86_64:
kernel-debug-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-754.2.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
python-perf-2.6.32-754.2.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source:
kernel-2.6.32-754.2.1.el6.src.rpm
i386:
kernel-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-754.2.1.el6.i686.rpm
kernel-devel-2.6.32-754.2.1.el6.i686.rpm
kernel-headers-2.6.32-754.2.1.el6.i686.rpm
perf-2.6.32-754.2.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
noarch:
kernel-abi-whitelists-2.6.32-754.2.1.el6.noarch.rpm
kernel-doc-2.6.32-754.2.1.el6.noarch.rpm
kernel-firmware-2.6.32-754.2.1.el6.noarch.rpm
x86_64:
kernel-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debug-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debuginfo-common-i686-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-common-x86_64-2.6.32-754.2.1.el6.x86_64.rpm
kernel-devel-2.6.32-754.2.1.el6.x86_64.rpm
kernel-headers-2.6.32-754.2.1.el6.x86_64.rpm
perf-2.6.32-754.2.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386:
kernel-debug-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-754.2.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
python-perf-2.6.32-754.2.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
x86_64:
kernel-debug-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-754.2.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
python-perf-2.6.32-754.2.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2018-3639
https://access.redhat.com/security/cve/CVE-2018-3665
https://access.redhat.com/security/cve/CVE-2018-10675
https://access.redhat.com/security/cve/CVE-2018-10872
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2018 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBW0TykdzjgjWX9erEAQj7nQ/8DBiN11jNNGxND1Io2xuiZ+/RqzFz4IXv
VMTrhukotRz5vbQWziRcHl0DVUttBBbwzdoNUu4RH4rxHv0J0GTLYusgyWlyDJP8
D229CT7o6lK4RjPryXFsu/4YsIzu8Vz35KB8SpW6gUkXibANrCWDEHEqc9+6mQ6g
VFe0wAu1Tw3PKre0zK+XL/uxkvjk8ZeDINe8WVUDloBOnxFMnZZjEcZsIO9JfjBr
krlU1QTQcPeKsrv6gofNXBOeQn0JZS1BVDy0JiNoOihJqPPBLA5RkyZzWouy6FDt
xVTN7BEuILTUszfcygXA17OdNUzJm/L6a4rFXno4+eN5u5Ucx46/abXhWhRzcwvV
+7IuGNs83aTZufXNbWDtiGFkIyKE5NyX7U7SOoxz42AxesSxJ6SKJFD4iBu/0YrU
h9BvuHkkVNu+NsYT6rajqwz5ytkEbCJAX7xvNnu7Wi18tWKEWklqAFYSqVnpopO2
8xSW2+OTSkAQ9uiGAz9aTLLca2Zi/I8kjAcNyv4tASUcvodNzUE/OuERC5hvOZ6X
6j/POh7W7xA3cAg216EEj4X12BIwArqt8hjZ6hO5cd7ZfnWof7BVEjLnqtyJjhzi
Xap6Pf/NG4/iSO1kEFLo3Uw9sQVoPRU4Hg1KXJJy+XboBQ3/K9ctCU5qvTRApmmM
OjBeir/Q654=I9wq
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2018-7-23-1 Additional information for APPLE-SA-2018-7-9-4
macOS High Sierra 10.13.6, Security Update 2018-004 Sierra,
Security Update 2018-004 El Capitan
macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, and
Security Update 2018-004 El Capitan address the following:
AMD
Available for: macOS High Sierra 10.13.5
Impact: A malicious application may be able to determine kernel
memory layout
Description: An information disclosure issue was addressed by
removing the vulnerable code.
CVE-2018-4289: shrek_wzw of Qihoo 360 Nirvan Team
APFS
Available for: macOS High Sierra 10.13.5
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4268: Mac working with Trend Micro's Zero Day Initiative
ATS
Available for: macOS High Sierra 10.13.5
Impact: A malicious application may be able to gain root privileges
Description: A type confusion issue was addressed with improved
memory handling.
CVE-2018-4285: Mohamed Ghannam (@_simo36)
Bluetooth
Available for: MacBook Pro (15-inch, 2018), and MacBook Pro
(13-inch, 2018, Four Thunderbolt 3 Ports)
Other Mac models were addressed with macOS High Sierra 10.13.5.
Impact: An attacker in a privileged network position may be able to
intercept Bluetooth traffic
Description: An input validation issue existed in Bluetooth. This
issue was addressed with improved input validation.
CVE-2018-5383: Lior Neumann and Eli Biham
Entry added July 23, 2018
CFNetwork
Available for: macOS High Sierra 10.13.5
Impact: Cookies may unexpectedly persist in Safari
Description: A cookie management issue was addressed with improved
checks.
CVE-2018-4293: an anonymous researcher
CoreCrypto
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6
Impact: A malicious application may be able to break out of its
sandbox
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4269: Abraham Masri (@cheesecakeufo)
DesktopServices
Available for: macOS Sierra 10.12.6
Impact: A local user may be able to view sensitive user information
Description: A permissions issue existed in which execute permission
was incorrectly granted. This issue was addressed with improved
permission validation.
CVE-2018-4178: Arjen Hendrikse
IOGraphics
Available for: macOS High Sierra 10.13.5
Impact: A local user may be able to read kernel memory
Description: An out-of-bounds read issue existed that led to the
disclosure of kernel memory. This was addressed with improved input
validation.
An information disclosure issue was addressed with FP/SIMD register
state sanitization.
CVE-2018-3665: Julian Stecklina of Amazon Germany, Thomas Prescher of
Cyberus Technology GmbH (cyberus-technology.de), Zdenek Sojka of
SYSGO AG (sysgo.com), and Colin Percival
libxpc
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS
High Sierra 10.13.5
Impact: An application may be able to gain elevated privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4280: Brandon Azad
libxpc
Available for: macOS High Sierra 10.13.5
Impact: A malicious application may be able to read restricted memory
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2018-4248: Brandon Azad
LinkPresentation
Available for: macOS High Sierra 10.13.5
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A spoofing issue existed in the handling of URLs. This
issue was addressed with improved input validation.
CVE-2018-4277: xisigr of Tencent's Xuanwu Lab (tencent.com)
Additional recognition
Help Viewer
We would like to acknowledge Wojciech ReguAa (@_r3ggi) of SecuRing
for their assistance.
Help Viewer
We would like to acknowledge Wojciech ReguAa (@_r3ggi) of SecuRing
for their assistance.
Help Viewer
We would like to acknowledge Wojciech ReguAa (@_r3ggi) of SecuRing
for their assistance.
Help Viewer
We would like to acknowledge Wojciech ReguAa (@_r3ggi) of SecuRing
for their assistance.
Kernel
We would like to acknowledge juwei lin (@panicaII) of Trend Micro
working with Trend Micro's Zero Day Initiative for their
assistance.
Security
We would like to acknowledge Brad Dahlsten of Iowa State University
for their assistance.
Installation note:
macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, and
Security Update 2018-004 El Capitan may be obtained from the
Mac App Store or Apple's Software Downloads web site:
https://support.apple.com/downloads/
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEfcwwPWJ3e0Ig26mf8ecVjteJiCYFAltUscgACgkQ8ecVjteJ
iCYeUhAApT+4xU8iuXThUb/3bH207ZNLf8NC6eCtaPLP55Dn27hdNZYoQfGZYmY5
jKsGNXAiel02GWQLpsTeNZaWM+Tzeuus41iSFrvBFtoS4SobMYw9ymV1emxBSlY6
ZDV3L47IJOMHeF9HwE260BgIMFJDF9jMGkm22VhLE3U7uQOdIjHgOAmr/reoof4Z
84yNvBVK5/7DYlY4QxHL6bvsQG47FNs2P0WzpkrtLQwPXyz6y7I3VH4wc7G3J5dE
9YanAw/f9d31GH5lrIJLJt+pFtOsqOonHfzgf+mn7THNBIXsr7HHTiycw+6rRBlj
m9X2jL3VF25WNyU1Ir13z1Vt//Yksva8JluBFCUAMxFWi9FJhgF64Rscdmuj756u
ItMETXK15GSxc8X6Stoge3iMVfajS6nozVX99Pxf1I0XCBQNVNynQLkTL/ZzwJ7X
miBAMXywxgzZmSDo4LSs3Xs3dRk7eIPTQ7iY08wX2c5uJYfXs1deFIRaJPxsA0X3
BH2SAL1kpesU0Qk1YZGnPLtja8c4jzvWKx31EI2v0uASiwBMdswu4FL78/dq19AB
sqeW4xjmvCK2Yp9IEBp1oo0oTlfBrrl6dbnrwVFC0yBaJBAdCzlsO/oEm0VP5AKO
CqPNW3N1JAQIg0hplXq+2gLMXA7SNzxRLh0rTDRQ19mow47fDmk=
=Fo0i
-----END PGP SIGNATURE-----
. (CVE-2017-12154)
Fan Wu, Haoran Qiu, and Shixiong Zhao discovered that the associative array
implementation in the Linux kernel sometimes did not properly handle adding
a new entry |
|
var-201912-0643
|
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * Arbitrary code execution * Insufficient access restrictions * information leak * Service operation interruption (DoS) * Information falsification * Privilege escalation * Sandbox avoidance. Apple Safari is a web browser that is the default browser included with the Mac OS X and iOS operating systems. Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. WebKit is one of the web browser engine components. The following products and versions are affected: Apple iOS prior to 12.4; Windows-based iTunes prior to 12.9.6; tvOS prior to 12.4; Safari prior to 12.1.2; macOS Mojave prior to 10.14.6. ==========================================================================
Ubuntu Security Notice USN-4130-1
September 11, 2019
webkit2gtk vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 19.04
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in WebKitGTK+.
Software Description:
- webkit2gtk: Web content engine library for GTK+
Details:
A large number of security issues were discovered in the WebKitGTK+ Web and
JavaScript engines. If a user were tricked into viewing a malicious
website, a remote attacker could exploit a variety of issues related to web
browser security, including cross-site scripting attacks, denial of service
attacks, and arbitrary code execution.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 19.04:
libjavascriptcoregtk-4.0-18 2.24.4-0ubuntu0.19.04.1
libwebkit2gtk-4.0-37 2.24.4-0ubuntu0.19.04.1
Ubuntu 18.04 LTS:
libjavascriptcoregtk-4.0-18 2.24.4-0ubuntu0.18.04.1
libwebkit2gtk-4.0-37 2.24.4-0ubuntu0.18.04.1
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK+, such as Epiphany, to make all the necessary changes.
References:
https://usn.ubuntu.com/4130-1
CVE-2019-8644, CVE-2019-8649, CVE-2019-8658, CVE-2019-8666,
CVE-2019-8669, CVE-2019-8673, CVE-2019-8676, CVE-2019-8678,
CVE-2019-8680, CVE-2019-8681, CVE-2019-8683, CVE-2019-8684,
CVE-2019-8687, CVE-2019-8688, CVE-2019-8689, CVE-2019-8690
Package Information:
https://launchpad.net/ubuntu/+source/webkit2gtk/2.24.4-0ubuntu0.19.04.1
https://launchpad.net/ubuntu/+source/webkit2gtk/2.24.4-0ubuntu0.18.04.1
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201909-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebkitGTK+: Multiple vulnerabilities
Date: September 06, 2019
Bugs: #683234, #686216, #693122
ID: 201909-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in WebkitGTK+, the worst of
which could result in the arbitrary execution of code.
Background
==========
WebKitGTK+ is a full-featured port of the WebKit rendering engine,
suitable for projects requiring any kind of web integration, from
hybrid HTML/CSS applications to full-fledged web browsers.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.24.4 >= 2.24.4
Description
===========
Multiple vulnerabilities have been discovered in WebkitGTK+. Please
review the CVE identifiers referenced below for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All WebkitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.24.4"
References
==========
[ 1 ] CVE-2019-11070
https://nvd.nist.gov/vuln/detail/CVE-2019-11070
[ 2 ] CVE-2019-6201
https://nvd.nist.gov/vuln/detail/CVE-2019-6201
[ 3 ] CVE-2019-6251
https://nvd.nist.gov/vuln/detail/CVE-2019-6251
[ 4 ] CVE-2019-7285
https://nvd.nist.gov/vuln/detail/CVE-2019-7285
[ 5 ] CVE-2019-7292
https://nvd.nist.gov/vuln/detail/CVE-2019-7292
[ 6 ] CVE-2019-8503
https://nvd.nist.gov/vuln/detail/CVE-2019-8503
[ 7 ] CVE-2019-8506
https://nvd.nist.gov/vuln/detail/CVE-2019-8506
[ 8 ] CVE-2019-8515
https://nvd.nist.gov/vuln/detail/CVE-2019-8515
[ 9 ] CVE-2019-8518
https://nvd.nist.gov/vuln/detail/CVE-2019-8518
[ 10 ] CVE-2019-8523
https://nvd.nist.gov/vuln/detail/CVE-2019-8523
[ 11 ] CVE-2019-8524
https://nvd.nist.gov/vuln/detail/CVE-2019-8524
[ 12 ] CVE-2019-8535
https://nvd.nist.gov/vuln/detail/CVE-2019-8535
[ 13 ] CVE-2019-8536
https://nvd.nist.gov/vuln/detail/CVE-2019-8536
[ 14 ] CVE-2019-8544
https://nvd.nist.gov/vuln/detail/CVE-2019-8544
[ 15 ] CVE-2019-8551
https://nvd.nist.gov/vuln/detail/CVE-2019-8551
[ 16 ] CVE-2019-8558
https://nvd.nist.gov/vuln/detail/CVE-2019-8558
[ 17 ] CVE-2019-8559
https://nvd.nist.gov/vuln/detail/CVE-2019-8559
[ 18 ] CVE-2019-8563
https://nvd.nist.gov/vuln/detail/CVE-2019-8563
[ 19 ] CVE-2019-8595
https://nvd.nist.gov/vuln/detail/CVE-2019-8595
[ 20 ] CVE-2019-8607
https://nvd.nist.gov/vuln/detail/CVE-2019-8607
[ 21 ] CVE-2019-8615
https://nvd.nist.gov/vuln/detail/CVE-2019-8615
[ 22 ] CVE-2019-8644
https://nvd.nist.gov/vuln/detail/CVE-2019-8644
[ 23 ] CVE-2019-8644
https://nvd.nist.gov/vuln/detail/CVE-2019-8644
[ 24 ] CVE-2019-8649
https://nvd.nist.gov/vuln/detail/CVE-2019-8649
[ 25 ] CVE-2019-8649
https://nvd.nist.gov/vuln/detail/CVE-2019-8649
[ 26 ] CVE-2019-8658
https://nvd.nist.gov/vuln/detail/CVE-2019-8658
[ 27 ] CVE-2019-8658
https://nvd.nist.gov/vuln/detail/CVE-2019-8658
[ 28 ] CVE-2019-8666
https://nvd.nist.gov/vuln/detail/CVE-2019-8666
[ 29 ] CVE-2019-8666
https://nvd.nist.gov/vuln/detail/CVE-2019-8666
[ 30 ] CVE-2019-8669
https://nvd.nist.gov/vuln/detail/CVE-2019-8669
[ 31 ] CVE-2019-8669
https://nvd.nist.gov/vuln/detail/CVE-2019-8669
[ 32 ] CVE-2019-8671
https://nvd.nist.gov/vuln/detail/CVE-2019-8671
[ 33 ] CVE-2019-8671
https://nvd.nist.gov/vuln/detail/CVE-2019-8671
[ 34 ] CVE-2019-8672
https://nvd.nist.gov/vuln/detail/CVE-2019-8672
[ 35 ] CVE-2019-8672
https://nvd.nist.gov/vuln/detail/CVE-2019-8672
[ 36 ] CVE-2019-8673
https://nvd.nist.gov/vuln/detail/CVE-2019-8673
[ 37 ] CVE-2019-8673
https://nvd.nist.gov/vuln/detail/CVE-2019-8673
[ 38 ] CVE-2019-8676
https://nvd.nist.gov/vuln/detail/CVE-2019-8676
[ 39 ] CVE-2019-8676
https://nvd.nist.gov/vuln/detail/CVE-2019-8676
[ 40 ] CVE-2019-8677
https://nvd.nist.gov/vuln/detail/CVE-2019-8677
[ 41 ] CVE-2019-8677
https://nvd.nist.gov/vuln/detail/CVE-2019-8677
[ 42 ] CVE-2019-8678
https://nvd.nist.gov/vuln/detail/CVE-2019-8678
[ 43 ] CVE-2019-8678
https://nvd.nist.gov/vuln/detail/CVE-2019-8678
[ 44 ] CVE-2019-8679
https://nvd.nist.gov/vuln/detail/CVE-2019-8679
[ 45 ] CVE-2019-8679
https://nvd.nist.gov/vuln/detail/CVE-2019-8679
[ 46 ] CVE-2019-8680
https://nvd.nist.gov/vuln/detail/CVE-2019-8680
[ 47 ] CVE-2019-8680
https://nvd.nist.gov/vuln/detail/CVE-2019-8680
[ 48 ] CVE-2019-8681
https://nvd.nist.gov/vuln/detail/CVE-2019-8681
[ 49 ] CVE-2019-8681
https://nvd.nist.gov/vuln/detail/CVE-2019-8681
[ 50 ] CVE-2019-8683
https://nvd.nist.gov/vuln/detail/CVE-2019-8683
[ 51 ] CVE-2019-8683
https://nvd.nist.gov/vuln/detail/CVE-2019-8683
[ 52 ] CVE-2019-8684
https://nvd.nist.gov/vuln/detail/CVE-2019-8684
[ 53 ] CVE-2019-8684
https://nvd.nist.gov/vuln/detail/CVE-2019-8684
[ 54 ] CVE-2019-8686
https://nvd.nist.gov/vuln/detail/CVE-2019-8686
[ 55 ] CVE-2019-8686
https://nvd.nist.gov/vuln/detail/CVE-2019-8686
[ 56 ] CVE-2019-8687
https://nvd.nist.gov/vuln/detail/CVE-2019-8687
[ 57 ] CVE-2019-8687
https://nvd.nist.gov/vuln/detail/CVE-2019-8687
[ 58 ] CVE-2019-8688
https://nvd.nist.gov/vuln/detail/CVE-2019-8688
[ 59 ] CVE-2019-8688
https://nvd.nist.gov/vuln/detail/CVE-2019-8688
[ 60 ] CVE-2019-8689
https://nvd.nist.gov/vuln/detail/CVE-2019-8689
[ 61 ] CVE-2019-8689
https://nvd.nist.gov/vuln/detail/CVE-2019-8689
[ 62 ] CVE-2019-8690
https://nvd.nist.gov/vuln/detail/CVE-2019-8690
[ 63 ] CVE-2019-8690
https://nvd.nist.gov/vuln/detail/CVE-2019-8690
[ 64 ] WSA-2019-0002
https://webkitgtk.org/security/WSA-2019-0002.html
[ 65 ] WSA-2019-0004
https://webkitgtk.org/security/WSA-2019-0004.html
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201909-05
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2019 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4515-1 security@debian.org
https://www.debian.org/security/ Alberto Garcia
September 04, 2019 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : webkit2gtk
CVE ID : CVE-2019-8644 CVE-2019-8649 CVE-2019-8658 CVE-2019-8666
CVE-2019-8669 CVE-2019-8671 CVE-2019-8672 CVE-2019-8673
CVE-2019-8676 CVE-2019-8677 CVE-2019-8678 CVE-2019-8679
CVE-2019-8680 CVE-2019-8681 CVE-2019-8683 CVE-2019-8684
CVE-2019-8686 CVE-2019-8687 CVE-2019-8688 CVE-2019-8689
CVE-2019-8690
Several vulnerabilities have been discovered in the webkit2gtk web
engine:
CVE-2019-8644
G.
For the stable distribution (buster), these problems have been fixed in
version 2.24.4-1~deb10u1.
We recommend that you upgrade your webkit2gtk packages. ------------------------------------------------------------------------
WebKitGTK and WPE WebKit Security Advisory WSA-2019-0004
------------------------------------------------------------------------
Date reported : August 29, 2019
Advisory ID : WSA-2019-0004
WebKitGTK Advisory URL : https://webkitgtk.org/security/WSA-2019-0004.html
WPE WebKit Advisory URL : https://wpewebkit.org/security/WSA-2019-0004.html
CVE identifiers : CVE-2019-8644, CVE-2019-8649, CVE-2019-8658,
CVE-2019-8666, CVE-2019-8669, CVE-2019-8671,
CVE-2019-8672, CVE-2019-8673, CVE-2019-8676,
CVE-2019-8677, CVE-2019-8678, CVE-2019-8679,
CVE-2019-8680, CVE-2019-8681, CVE-2019-8683,
CVE-2019-8684, CVE-2019-8686, CVE-2019-8687,
CVE-2019-8688, CVE-2019-8689, CVE-2019-8690.
Several vulnerabilities were discovered in WebKitGTK and WPE WebKit.
CVE-2019-8644
Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before
2.24.3.
Credit to G. Geshev working with Trend Micro's Zero Day Initiative.
CVE-2019-8649
Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before
2.24.3.
Credit to Sergei Glazunov of Google Project Zero. A logic issue existed in the handling of
synchronous page loads.
CVE-2019-8658
Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before
2.24.3.
Credit to akayn working with Trend Micro's Zero Day Initiative.
CVE-2019-8666
Versions affected: WebKitGTK and WPE WebKit before 2.24.3.
Credit to Zongming Wang (王宗明) and Zhe Jin (金哲) from Chengdu Security
Response Center of Qihoo 360 Technology Co. Ltd.
CVE-2019-8669
Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before
2.24.3.
Credit to akayn working with Trend Micro's Zero Day Initiative.
CVE-2019-8671
Versions affected: WebKitGTK and WPE WebKit before 2.24.2.
Credit to Apple.
CVE-2019-8672
Versions affected: WebKitGTK and WPE WebKit before 2.24.2.
Credit to Samuel Groß of Google Project Zero.
CVE-2019-8673
Versions affected: WebKitGTK and WPE WebKit before 2.24.3.
Credit to Soyeon Park and Wen Xu of SSLab at Georgia Tech.
CVE-2019-8676
Versions affected: WebKitGTK and WPE WebKit before 2.24.3.
Credit to Soyeon Park and Wen Xu of SSLab at Georgia Tech.
CVE-2019-8677
Versions affected: WebKitGTK and WPE WebKit before 2.24.2.
Credit to Jihui Lu of Tencent KeenLab.
CVE-2019-8678
Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before
2.24.3.
Credit to an anonymous researcher, Anthony Lai (@darkfloyd1014) of
Knownsec, Ken Wong (@wwkenwong) of VXRL, Jeonghoon Shin (@singi21a)
of Theori, Johnny Yu (@straight_blast) of VX Browser Exploitation
Group, Chris Chan (@dr4g0nfl4me) of VX Browser Exploitation Group,
Phil Mok (@shadyhamsters) of VX Browser Exploitation Group, Alan Ho
(@alan_h0) of Knownsec, Byron Wai of VX Browser Exploitation.
CVE-2019-8679
Versions affected: WebKitGTK and WPE WebKit before 2.24.2.
Credit to Jihui Lu of Tencent KeenLab.
CVE-2019-8680
Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before
2.24.3.
Credit to Jihui Lu of Tencent KeenLab.
CVE-2019-8681
Versions affected: WebKitGTK and WPE WebKit before 2.24.3.
Credit to G. Geshev working with Trend Micro Zero Day Initiative.
CVE-2019-8683
Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before
2.24.3.
Credit to lokihardt of Google Project Zero.
CVE-2019-8684
Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before
2.24.3.
Credit to lokihardt of Google Project Zero.
CVE-2019-8686
Versions affected: WebKitGTK and WPE WebKit before 2.24.2.
Credit to G. Geshev working with Trend Micro's Zero Day Initiative.
CVE-2019-8687
Versions affected: WebKitGTK and WPE WebKit before 2.24.3.
Credit to Apple.
CVE-2019-8688
Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before
2.24.3.
Credit to Insu Yun of SSLab at Georgia Tech.
CVE-2019-8689
Versions affected: WebKitGTK and WPE WebKit before 2.24.3.
Credit to lokihardt of Google Project Zero.
CVE-2019-8690
Versions affected: WebKitGTK and WPE WebKit before 2.24.3.
Credit to Sergei Glazunov of Google Project Zero. A logic issue existed in the handling of
document loads.
We recommend updating to the latest stable versions of WebKitGTK and WPE
WebKit. It is the best way to ensure that you are running safe versions
of WebKit. Please check our websites for information about the latest
stable releases.
Further information about WebKitGTK and WPE WebKit security advisories
can be found at: https://webkitgtk.org/security.html or
https://wpewebkit.org/security/.
The WebKitGTK and WPE WebKit team,
August 29, 2019
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-8-13-4 Additional information for
APPLE-SA-2019-7-22-5 tvOS 12.4
tvOS 12.4 addresses the following:
Bluetooth
Available for: Apple TV 4K and Apple TV HD
Impact: An attacker in a privileged network position may be able to
intercept Bluetooth traffic (Key Negotiation of Bluetooth - KNOB)
Description: An input validation issue existed in Bluetooth.
CVE-2019-9506: Daniele Antonioli of SUTD, Singapore, Dr. Nils Ole
Tippenhauer of CISPA, Germany, and Prof. Kasper Rasmussen of
University of Oxford, England
Entry added August 13, 2019
Core Data
Available for: Apple TV 4K and Apple TV HD
Impact: A remote attacker may be able to leak memory
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8646: Natalie Silvanovich of Google Project Zero
Core Data
Available for: Apple TV 4K and Apple TV HD
Impact: A remote attacker may be able to cause arbitrary code
execution
Description: A use after free issue was addressed with improved
memory management.
CVE-2019-8647: Samuel Groß and Natalie Silvanovich of Google Project
Zero
Core Data
Available for: Apple TV 4K and Apple TV HD
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2019-8660: Samuel Groß and Natalie Silvanovich of Google Project
Zero
FaceTime
Available for: Apple TV 4K and Apple TV HD
Impact: A remote attacker may be able to cause arbitrary code
execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2019-8648: Tao Huang and Tielei Wang of Team Pangu
Foundation
Available for: Apple TV 4K and Apple TV HD
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8641: Samuel Groß and Natalie Silvanovich of Google Project
Zero
Heimdal
Available for: Apple TV 4K and Apple TV HD
Impact: An issue existed in Samba that may allow attackers to perform
unauthorized actions by intercepting communications between services
Description: This issue was addressed with improved checks to prevent
unauthorized actions.
CVE-2018-16860: Isaac Boukris and Andrew Bartlett of the Samba Team
and Catalyst
libxslt
Available for: Apple TV 4K and Apple TV HD
Impact: A remote attacker may be able to view sensitive information
Description: A stack overflow was addressed with improved input
validation.
CVE-2019-13118: found by OSS-Fuzz
Profiles
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious application may be able to restrict access to
websites
Description: A validation issue existed in the entitlement
verification.
CVE-2019-8698: Luke Deshotels, Jordan Beichler, and William Enck of
North Carolina State University; Costin Carabaș and Răzvan Deaconescu
of University POLITEHNICA of Bucharest
Quick Look
Available for: Apple TV 4K and Apple TV HD
Impact: An attacker may be able to trigger a use-after-free in an
application deserializing an untrusted NSDictionary
Description: This issue was addressed with improved checks.
CVE-2019-8662: Natalie Silvanovich and Samuel Groß of Google Project
Zero
Siri
Available for: Apple TV 4K and Apple TV HD
Impact: A remote attacker may be able to leak memory
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8646: Natalie Silvanovich of Google Project Zero
UIFoundation
Available for: Apple TV 4K and Apple TV HD
Impact: Parsing a maliciously crafted office document may lead to an
unexpected application termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8658: akayn working with Trend Micro's Zero Day Initiative
WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2019-8644: G. Geshev working with Trend Micro's Zero Day
Initiative
CVE-2019-8687: Apple
CVE-2019-8688: Insu Yun of SSLab at Georgia Tech
CVE-2019-8689: lokihardt of Google Project Zero
Additional recognition
Game Center
We would like to acknowledge Min (Spark) Zheng and Xiaolong Bai of
Alibaba Inc. for their assistance.
MobileInstallation
We would like to acknowledge Dany Lisiansky (@DanyL931) for their
assistance.
Installation note:
Apple TV will periodically check for software updates. Alternatively,
you may manually check for software updates by selecting
"Settings -> System -> Software Update -> Update Software."
To check the current version of software, select
"Settings -> General -> About."
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAl1S688pHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3HyXxAA
mG4VzHLTPDCtd3eXkDjN34xahbSiqapl+dcRPoJ4V8yTq2ZM7D+/6Ls4pRD/3oid
46YJfRDaH2J5kufrdYledP0fRXWZoi97tjfgewmP7qKJeftc/9y2qDqBPjnFzHxo
40BZaeVZjupKXyrPlT/Wy8kLZnBtufaEiwbrwkmR05hTuvP6MrQB9gC/YdQnVLTZ
8X7Rd9gIcTPl1cQ9lPvFRSxThsQMzQH69/amMYAhUfwuocn8GbVshVj8LNw7Ie2K
pNUqt/UuB+DhQfUTHAlNezVcuWGUWVELkCuF6xv5oy6Z8bbyClOnYmZUmV+Nhqe+
gHmUUGMlhVuJme1mf20eapB+bHX8eXzxC99ScVymHym459V9N2NpGKDQmh3Pb1Cg
OYMe7xyA7ckc8upqEl9WI+yyrRjlvuUUPXinmdldXnl0GFRfJfwbzsuoaQylIViE
CKd8oOpzcG/dU8FiRYp5vzW9H/LMOTLK2Q1zX5dDhK2V6J/yYfqemnSOEvHhYD5g
08Wm7GaY2kpPqmJ1Vvbtzh9+5AVTNRxpP38xJJde1G8rSUgXs+MkxAh5n6cv+pr/
xpGVpPNsO1uKeRzXjbkTERxH2r8q548caRgKEn6OoOGWhXm6O4YDzopkM6tbe8p1
yIawhwh3AST6+peshxryiatYNsHunnvjpYc72UDiuBU=
=KPlq
-----END PGP SIGNATURE-----
|
|
var-200906-0605
|
drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to have an unspecified impact via crafted packets, a related issue to CVE-2009-4537. The Linux e1000e driver is prone to a security-bypass vulnerability.
An attacker can exploit this issue to cause network traffic to be misinterpreted, which may allow the attacker to bypass intended security restrictions or launch further attacks. The Linux kernel is the kernel used by the open source operating system Linux released by the American Linux Foundation. The NFSv4 implementation is one of the distributed file system protocols. Although
security support for 'etch' officially ended on Feburary 15th, 2010,
this update was already in preparation before that date.
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service, sensitive memory leak or privilege
escalation. The Common Vulnerabilities and Exposures project
identifies the following problems:
CVE-2009-2691
Steve Beattie and Kees Cook reported an information leak in the
maps and smaps files available under /proc. Local users may be
able to read this data for setuid processes while the ELF binary
is being loaded.
CVE-2009-2695
Eric Paris provided several fixes to increase the protection
provided by the mmap_min_addr tunable against NULL pointer
dereference vulnerabilities.
CVE-2009-3080
Dave Jones reported an issue in the gdth SCSI driver. A missing
check for negative offsets in an ioctl call could be exploited by
local users to create a denial of service or potentially gain
elevated privileges.
CVE-2009-3726
Trond Myklebust reported an issue where a malicious NFS server
could cause a denial of service condition on its clients by
returning incorrect attributes during an open call.
CVE-2009-3889
Joe Malicki discovered an issue in the megaraid_sas driver.
Insufficient permissions on the sysfs dbg_lvl interface allow
local users to modify the debug logging behavior.
CVE-2009-4005
Roel Kluin discovered an issue in the hfc_usb driver, an ISDN
driver for Colognechip HFC-S USB chip.
CVE-2009-4020
Amerigo Wang discovered an issue in the HFS filesystem that would
allow a denial of service by a local user who has sufficient
privileges to mount a specially crafted filesystem. Avati discovered an issue in the fuse subsystem. If the
system is sufficiently low on memory, a local user can cause the
kernel to dereference an invalid pointer resulting in a denial of
service (oops) and potentially an escalation of privileges.
CVE-2009-4138
Jay Fenlason discovered an issue in the firewire stack that allows
local users to cause a denial of service (oops or crash) by making
a specially crafted ioctl call.
CVE-2009-4308
Ted Ts'o discovered an issue in the ext4 filesystem that allows
local users to cause a denial of service (NULL pointer
dereference).
CVE-2009-4536 & CVE-2009-4538
Fabian Yamaguchi reported issues in the e1000 and e1000e drivers
for Intel gigabit network adapters which allow remote users to
bypass packet filters using specially crafted Ethernet frames. This option is disabled by
default.
CVE-2010-0007
Florian Westphal reported a lack of capability checking in the
ebtables netfilter subsystem. If the ebtables module is loaded,
local users can add and modify ebtables rules.
CVE-2010-0410
Sebastian Krahmer discovered an issue in the netlink connector
subsystem that permits local users to allocate large amounts of
system memory resulting in a denial of service (out of memory).
CVE-2010-0415
Ramon de Carvalho Valle discovered an issue in the sys_move_pages
interface, limited to amd64, ia64 and powerpc64 flavors in Debian.
Local users can exploit this issue to cause a denial of service
(system crash) or gain access to sensitive kernel memory.
CVE-2010-0622
Jermome Marchand reported an issue in the futex subsystem that
allows a local user to force an invalid futex state which results
in a denial of service (oops).
For the oldstable distribution (etch), this problem has been fixed in
version 2.6.24-6~etchnhalf.9etch3.
We recommend that you upgrade your linux-2.6.24 packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- -------------------------------
Oldstable updates are available for alpha, amd64, arm, hppa, i386,
ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24-6~etchnhalf.9etch3.dsc
Size/MD5 checksum: 5118 e05bb21e7655cbfa39aed8d4fd6842eb
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24-6~etchnhalf.9etch3.diff.gz
Size/MD5 checksum: 4099250 127bad8d653046d37fc52115d4e3a332
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24.orig.tar.gz
Size/MD5 checksum: 59630522 6b8751d1eb8e71498ba74bbd346343af
Architecture independent packages:
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-doc-2.6.24_2.6.24-6~etchnhalf.9etch3_all.deb
Size/MD5 checksum: 4263554 6c56ff077d17eba766af47544ce0f414
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-tree-2.6.24_2.6.24-6~etchnhalf.9etch3_all.deb
Size/MD5 checksum: 83890 62cfd18ed176359831502e70d80b291a
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-source-2.6.24_2.6.24-6~etchnhalf.9etch3_all.deb
Size/MD5 checksum: 46871628 328ad30d3c07f90c56d821f76e186b40
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-manual-2.6.24_2.6.24-6~etchnhalf.9etch3_all.deb
Size/MD5 checksum: 1550090 1f114fdc3123f135017dbdcd0e4839c6
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-patch-debian-2.6.24_2.6.24-6~etchnhalf.9etch3_all.deb
Size/MD5 checksum: 1009878 c7b7abff092940a400703b9168e46daa
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-support-2.6.24-etchnhalf.1_2.6.24-6~etchnhalf.9etch3_all.deb
Size/MD5 checksum: 98248 a2a391008f8855d8358d5f18d9d76044
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-generic_2.6.24-6~etchnhalf.9etch3_alpha.deb
Size/MD5 checksum: 329786 a212d2b3a94f8a04611c0f20d3d324b9
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-smp_2.6.24-6~etchnhalf.9etch3_alpha.deb
Size/MD5 checksum: 27236282 b5bc553c4bf3a49843c45814fab72443
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch3_alpha.deb
Size/MD5 checksum: 83428 f5f27b9de4905239e6315c77393f1f03
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-alpha_2.6.24-6~etchnhalf.9etch3_alpha.deb
Size/MD5 checksum: 83454 5d152b5b6aa505982ebc7122a770b29b
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-generic_2.6.24-6~etchnhalf.9etch3_alpha.deb
Size/MD5 checksum: 26641900 c799e7d48937975036b46edf032ecd87
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-legacy_2.6.24-6~etchnhalf.9etch3_alpha.deb
Size/MD5 checksum: 26620162 eb1c3c27f1ac81959dc0f2ab497aee35
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch3_alpha.deb
Size/MD5 checksum: 3455268 da2d2cc2b7c4253ac408c30fcfddb28f
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-legacy_2.6.24-6~etchnhalf.9etch3_alpha.deb
Size/MD5 checksum: 329788 f589f8815f7adf02f8884e2dd3ac613f
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-smp_2.6.24-6~etchnhalf.9etch3_alpha.deb
Size/MD5 checksum: 329336 14bf085655b30adc8ab8f6ed4207d415
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.9etch3_amd64.deb
Size/MD5 checksum: 19482308 c49d2962c1a391fb00fb1b5f0598b24e
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch3_amd64.deb
Size/MD5 checksum: 3656476 f2f5de65037664d03208fcea83bf2ee2
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch3_amd64.deb
Size/MD5 checksum: 83422 600c7216143f43f9c61b0c2ccd118ea0
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-amd64_2.6.24-6~etchnhalf.9etch3_amd64.deb
Size/MD5 checksum: 83434 36f1d8f21ec39a473536dbeda2332e62
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.9etch3_amd64.deb
Size/MD5 checksum: 346940 d3f12fdd61f90749fdd08d857b326327
arm architecture (ARM)
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-footbridge_2.6.24-6~etchnhalf.9etch3_arm.deb
Size/MD5 checksum: 9357734 3e1165a0795d7db5f7ed8ef84205064b
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-footbridge_2.6.24-6~etchnhalf.9etch3_arm.deb
Size/MD5 checksum: 298744 50d8bfa3c06134e190409399a36c5aa9
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch3_arm.deb
Size/MD5 checksum: 83546 1742ab93afadd1827009bf1d714e76eb
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-arm_2.6.24-6~etchnhalf.9etch3_arm.deb
Size/MD5 checksum: 83578 07906e33f9ad267d986991c93eef1048
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-iop32x_2.6.24-6~etchnhalf.9etch3_arm.deb
Size/MD5 checksum: 10778670 cc38a718ad5fd1c6e92d23e416610bd6
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-iop32x_2.6.24-6~etchnhalf.9etch3_arm.deb
Size/MD5 checksum: 308138 34dbc7720b1844833f0b71aa307c37fa
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-ixp4xx_2.6.24-6~etchnhalf.9etch3_arm.deb
Size/MD5 checksum: 310714 6a2c6fbbc1dd000b8a532227e3b8b5ae
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch3_arm.deb
Size/MD5 checksum: 3939512 91c2ba626e754fe407d6dcf3fa01337a
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-ixp4xx_2.6.24-6~etchnhalf.9etch3_arm.deb
Size/MD5 checksum: 10786892 4d44a4ff751969855a01ad754a7c2b22
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc64_2.6.24-6~etchnhalf.9etch3_hppa.deb
Size/MD5 checksum: 14375048 fe6ed4dea09aa205d801476667ef03cb
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc-smp_2.6.24-6~etchnhalf.9etch3_hppa.deb
Size/MD5 checksum: 13847788 4adc3106a987d84e12215156a379f460
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc64_2.6.24-6~etchnhalf.9etch3_hppa.deb
Size/MD5 checksum: 259624 ac09dcabb624984b7321a5f6b6dbef54
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-hppa_2.6.24-6~etchnhalf.9etch3_hppa.deb
Size/MD5 checksum: 83578 e152e18748e5c80b6d06715db836cf83
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc-smp_2.6.24-6~etchnhalf.9etch3_hppa.deb
Size/MD5 checksum: 260838 44bc8ad5796c124b53d85a8c3a4ed912
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc64-smp_2.6.24-6~etchnhalf.9etch3_hppa.deb
Size/MD5 checksum: 262420 ff0641f04c409dd606c34373e8e16269
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc64-smp_2.6.24-6~etchnhalf.9etch3_hppa.deb
Size/MD5 checksum: 14830990 cce09e8022bee915dcde5dd8b9525428
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc_2.6.24-6~etchnhalf.9etch3_hppa.deb
Size/MD5 checksum: 13333594 a4dc863b0c84b9006c723db9a581c92e
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch3_hppa.deb
Size/MD5 checksum: 83546 990eb24056c7f6a63a4d55ec39563bae
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch3_hppa.deb
Size/MD5 checksum: 3446386 6ebfa4544252648df48cfb085cc3d2cc
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc_2.6.24-6~etchnhalf.9etch3_hppa.deb
Size/MD5 checksum: 258962 75184bed1f0b42cd8e002f93ed42198a
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch3_i386.deb
Size/MD5 checksum: 3656680 c5499cb98cdcdcadc48e3aa5bdf1d379
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-486_2.6.24-6~etchnhalf.9etch3_i386.deb
Size/MD5 checksum: 19214268 e3f564cae5a85355f4b5a9248a11af98
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-686_2.6.24-6~etchnhalf.9etch3_i386.deb
Size/MD5 checksum: 19148424 dd1d713c896888370a1667a16571c08c
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.9etch3_i386.deb
Size/MD5 checksum: 346982 6a6a08f74f9690705e6d770d1f3f2566
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-486_2.6.24-6~etchnhalf.9etch3_i386.deb
Size/MD5 checksum: 359548 b10fe011746b0df5fbd2587292af34ae
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.9etch3_i386.deb
Size/MD5 checksum: 19482314 5d9cc150e340aea40e253a757cfdc423
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-i386_2.6.24-6~etchnhalf.9etch3_i386.deb
Size/MD5 checksum: 83452 32a1614212e964a4423b161b34cd758d
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-686-bigmem_2.6.24-6~etchnhalf.9etch3_i386.deb
Size/MD5 checksum: 19213598 4f459c2d2cdb87a6f945cbee7d4500d4
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-686-bigmem_2.6.24-6~etchnhalf.9etch3_i386.deb
Size/MD5 checksum: 358212 58ba32b0701643f043ab38a487cae609
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch3_i386.deb
Size/MD5 checksum: 83424 c1e8493aff96df5b0fe33f5af4686f98
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-686_2.6.24-6~etchnhalf.9etch3_i386.deb
Size/MD5 checksum: 358752 4e3e9ef18a14fd191444591df571f80c
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch3_ia64.deb
Size/MD5 checksum: 3569470 9ae824064bfc785f4b3512db78119e46
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-mckinley_2.6.24-6~etchnhalf.9etch3_ia64.deb
Size/MD5 checksum: 32206374 badd40dd68e2c6634c65f79d9536e34d
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch3_ia64.deb
Size/MD5 checksum: 83432 64a48fa9283b1741e22f0a22dbb93b20
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-ia64_2.6.24-6~etchnhalf.9etch3_ia64.deb
Size/MD5 checksum: 83456 235a5572d5e109a4b575080a8262dc57
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-mckinley_2.6.24-6~etchnhalf.9etch3_ia64.deb
Size/MD5 checksum: 319938 d7dc0120458e93119879dcdd1e48017e
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-itanium_2.6.24-6~etchnhalf.9etch3_ia64.deb
Size/MD5 checksum: 32025762 7595d7dc21d3273f46b35b8c00b0e195
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-itanium_2.6.24-6~etchnhalf.9etch3_ia64.deb
Size/MD5 checksum: 320226 34731a37b519d726b133093e04d937c3
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.9etch3_mips.deb
Size/MD5 checksum: 22243472 532341ea0847ea19414413f7659ff13d
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.9etch3_mips.deb
Size/MD5 checksum: 248638 ce9da5c377d6328e9bb9be1c3945fff8
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-r5k-ip32_2.6.24-6~etchnhalf.9etch3_mips.deb
Size/MD5 checksum: 12001172 817c44fd5afbeef1b9f172522ff21bcb
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-r4k-ip22_2.6.24-6~etchnhalf.9etch3_mips.deb
Size/MD5 checksum: 10553972 20ddd95631b93efd52ae0aa38a5cd6d4
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-mips_2.6.24-6~etchnhalf.9etch3_mips.deb
Size/MD5 checksum: 83600 a7b66d71779dea207a3d49cb9f692fdb
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.9etch3_mips.deb
Size/MD5 checksum: 27858364 54998117445c20f413331d1197355745
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.9etch3_mips.deb
Size/MD5 checksum: 17212542 bf6c996fd387eef151e0db60d1bd00f2
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.9etch3_mips.deb
Size/MD5 checksum: 313302 314b57dc807eb91f617c10b1497e1617
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.9etch3_mips.deb
Size/MD5 checksum: 314602 2c127076bf189be2836a4c3a4c7736af
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch3_mips.deb
Size/MD5 checksum: 3804368 fbcb3bdd668db166ad3f08e6dbfbc6e0
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.9etch3_mips.deb
Size/MD5 checksum: 17194888 9bce41a8b9936a16a3aa9cca675b9638
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch3_mips.deb
Size/MD5 checksum: 83540 8acdb1b4a4bc57f55b9cc5b2b04043a4
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-r5k-ip32_2.6.24-6~etchnhalf.9etch3_mips.deb
Size/MD5 checksum: 229412 0b93c7c909eca04fad4fa45e3e73e96c
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.9etch3_mips.deb
Size/MD5 checksum: 248700 13266a2acd5fcbd75d11049dd5e5ad58
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-r4k-ip22_2.6.24-6~etchnhalf.9etch3_mips.deb
Size/MD5 checksum: 218314 4174dec1c73ca114469cbb88fba32926
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.9etch3_mipsel.deb
Size/MD5 checksum: 16567710 29d2ab68b4259a1822a2ca19e9494f5d
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.9etch3_mipsel.deb
Size/MD5 checksum: 309868 d69b27ef946f2ac62b115e0200fe8002
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.9etch3_mipsel.deb
Size/MD5 checksum: 26988356 f0d885b353b15dc42e4e76da8a8fb129
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.9etch3_mipsel.deb
Size/MD5 checksum: 248150 7c585f74e0752a631050b13b9740c0c3
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-r5k-cobalt_2.6.24-6~etchnhalf.9etch3_mipsel.deb
Size/MD5 checksum: 13318088 0b0a8b724245ac10817b03c4cf734827
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-mipsel_2.6.24-6~etchnhalf.9etch3_mipsel.deb
Size/MD5 checksum: 83484 a678208f18017a9c87d45548916fd98e
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.9etch3_mipsel.deb
Size/MD5 checksum: 311392 5b1f0957a2756b04be6c95ae8ca5e2c8
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.9etch3_mipsel.deb
Size/MD5 checksum: 21736368 02da1a4e543b8c5082476b156281cb31
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-r5k-cobalt_2.6.24-6~etchnhalf.9etch3_mipsel.deb
Size/MD5 checksum: 247968 929ca712a0aa0984f9dc2a6f68f405a5
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.9etch3_mipsel.deb
Size/MD5 checksum: 16632240 c9de1dfccb8a5cb5d5d652ca694a7108
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch3_mipsel.deb
Size/MD5 checksum: 3805532 be10a8b64da3adf7ece3846b0b0bf930
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch3_mipsel.deb
Size/MD5 checksum: 83434 ac0cb9b5939e4ea82c3c83a1a1d473ed
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.9etch3_mipsel.deb
Size/MD5 checksum: 248174 50e84058a7d710f013f92e1fe68a705c
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-powerpc-smp_2.6.24-6~etchnhalf.9etch3_powerpc.deb
Size/MD5 checksum: 322474 2d7e39cf0b78d98125a0baba377f1af0
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-powerpc_2.6.24-6~etchnhalf.9etch3_powerpc.deb
Size/MD5 checksum: 19195556 bb2bd8e203cee7b3c6739d5c5d11901a
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-powerpc64_2.6.24-6~etchnhalf.9etch3_powerpc.deb
Size/MD5 checksum: 324008 3b021bb4b3dac72dc68e701f4a209939
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-powerpc-miboot_2.6.24-6~etchnhalf.9etch3_powerpc.deb
Size/MD5 checksum: 295928 ca2bf1c3c12f409e469c516877a8e91c
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-powerpc64_2.6.24-6~etchnhalf.9etch3_powerpc.deb
Size/MD5 checksum: 21170062 4022dbff73ebfde3a846ce38896cf09c
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-powerpc_2.6.24-6~etchnhalf.9etch3_powerpc.deb
Size/MD5 checksum: 322502 4b76cce255e1fcc72cb82053cd34a1a2
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-powerpc-miboot_2.6.24-6~etchnhalf.9etch3_powerpc.deb
Size/MD5 checksum: 17459240 ad749c6e735e58d775b7190ff3d26e50
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-powerpc_2.6.24-6~etchnhalf.9etch3_powerpc.deb
Size/MD5 checksum: 83466 a041c0fdb383832cf725723ce22e40c0
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch3_powerpc.deb
Size/MD5 checksum: 83430 392d415932625b1a69dc6494d2f737e0
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch3_powerpc.deb
Size/MD5 checksum: 3674486 200fdcca2140a97f961a37d70db620d5
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-powerpc-smp_2.6.24-6~etchnhalf.9etch3_powerpc.deb
Size/MD5 checksum: 19487244 b42ad8431643d89a1f8b0e6e0aaeb39e
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch3_s390.deb
Size/MD5 checksum: 83532 a1c34683fe304f1a86bbc28f6cbc654c
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-s390_2.6.24-6~etchnhalf.9etch3_s390.deb
Size/MD5 checksum: 83556 bf7fed1ef4da92d782409fe8345f861a
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-s390_2.6.24-6~etchnhalf.9etch3_s390.deb
Size/MD5 checksum: 6976486 5b5db16fea4336068bbcd5bff56ad575
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-s390x_2.6.24-6~etchnhalf.9etch3_s390.deb
Size/MD5 checksum: 7228452 75c044fa17d6071de36579a1491c2e1b
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch3_s390.deb
Size/MD5 checksum: 3431908 18825f85900faca81b21e48d43af6ee7
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-s390x_2.6.24-6~etchnhalf.9etch3_s390.deb
Size/MD5 checksum: 197006 0a44248e77ec1ff027edd032ebe5b2c6
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-s390-tape_2.6.24-6~etchnhalf.9etch3_s390.deb
Size/MD5 checksum: 1503494 bd7f7b7bd4e120472bf60ad0b7d9184e
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-s390_2.6.24-6~etchnhalf.9etch3_s390.deb
Size/MD5 checksum: 196810 f03114c2f256a97b15f88d2659f9501b
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch3_sparc.deb
Size/MD5 checksum: 83428 1ea7179752fbb45e10e731991583db68
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sparc64_2.6.24-6~etchnhalf.9etch3_sparc.deb
Size/MD5 checksum: 263546 ef894d6917cbe692ec9197048538d5e7
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch3_sparc.deb
Size/MD5 checksum: 3651402 a0194c650712040f81e97d5b3b62bc79
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sparc64-smp_2.6.24-6~etchnhalf.9etch3_sparc.deb
Size/MD5 checksum: 264892 0b642e20f00b52c20b6ae9e0ee1f78b8
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-sparc_2.6.24-6~etchnhalf.9etch3_sparc.deb
Size/MD5 checksum: 83442 6d109d7f131dab564736e2ac6a85dd29
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sparc64-smp_2.6.24-6~etchnhalf.9etch3_sparc.deb
Size/MD5 checksum: 13318532 dbce062bfa560c331b75bed073868e1d
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sparc64_2.6.24-6~etchnhalf.9etch3_sparc.deb
Size/MD5 checksum: 13019464 b0b153fafa43b650e996a9d84bbb26d7
These changes will probably be included in the oldstable distribution on
its next update. ===========================================================
Ubuntu Security Notice USN-894-1 February 05, 2010
linux, linux-source-2.6.15 vulnerabilities
CVE-2009-4020, CVE-2009-4021, CVE-2009-4031, CVE-2009-4138,
CVE-2009-4141, CVE-2009-4308, CVE-2009-4536, CVE-2009-4538,
CVE-2010-0003, CVE-2010-0006, CVE-2010-0007, CVE-2010-0291
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04
Ubuntu 9.10
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
linux-image-2.6.15-55-386 2.6.15-55.82
linux-image-2.6.15-55-686 2.6.15-55.82
linux-image-2.6.15-55-amd64-generic 2.6.15-55.82
linux-image-2.6.15-55-amd64-k8 2.6.15-55.82
linux-image-2.6.15-55-amd64-server 2.6.15-55.82
linux-image-2.6.15-55-amd64-xeon 2.6.15-55.82
linux-image-2.6.15-55-hppa32 2.6.15-55.82
linux-image-2.6.15-55-hppa32-smp 2.6.15-55.82
linux-image-2.6.15-55-hppa64 2.6.15-55.82
linux-image-2.6.15-55-hppa64-smp 2.6.15-55.82
linux-image-2.6.15-55-itanium 2.6.15-55.82
linux-image-2.6.15-55-itanium-smp 2.6.15-55.82
linux-image-2.6.15-55-k7 2.6.15-55.82
linux-image-2.6.15-55-mckinley 2.6.15-55.82
linux-image-2.6.15-55-mckinley-smp 2.6.15-55.82
linux-image-2.6.15-55-powerpc 2.6.15-55.82
linux-image-2.6.15-55-powerpc-smp 2.6.15-55.82
linux-image-2.6.15-55-powerpc64-smp 2.6.15-55.82
linux-image-2.6.15-55-server 2.6.15-55.82
linux-image-2.6.15-55-server-bigiron 2.6.15-55.82
linux-image-2.6.15-55-sparc64 2.6.15-55.82
linux-image-2.6.15-55-sparc64-smp 2.6.15-55.82
Ubuntu 8.04 LTS:
linux-image-2.6.24-27-386 2.6.24-27.65
linux-image-2.6.24-27-generic 2.6.24-27.65
linux-image-2.6.24-27-hppa32 2.6.24-27.65
linux-image-2.6.24-27-hppa64 2.6.24-27.65
linux-image-2.6.24-27-itanium 2.6.24-27.65
linux-image-2.6.24-27-lpia 2.6.24-27.65
linux-image-2.6.24-27-lpiacompat 2.6.24-27.65
linux-image-2.6.24-27-mckinley 2.6.24-27.65
linux-image-2.6.24-27-openvz 2.6.24-27.65
linux-image-2.6.24-27-powerpc 2.6.24-27.65
linux-image-2.6.24-27-powerpc-smp 2.6.24-27.65
linux-image-2.6.24-27-powerpc64-smp 2.6.24-27.65
linux-image-2.6.24-27-rt 2.6.24-27.65
linux-image-2.6.24-27-server 2.6.24-27.65
linux-image-2.6.24-27-sparc64 2.6.24-27.65
linux-image-2.6.24-27-sparc64-smp 2.6.24-27.65
linux-image-2.6.24-27-virtual 2.6.24-27.65
linux-image-2.6.24-27-xen 2.6.24-27.65
Ubuntu 8.10:
linux-image-2.6.27-17-generic 2.6.27-17.45
linux-image-2.6.27-17-server 2.6.27-17.45
linux-image-2.6.27-17-virtual 2.6.27-17.45
Ubuntu 9.04:
linux-image-2.6.28-18-generic 2.6.28-18.59
linux-image-2.6.28-18-imx51 2.6.28-18.59
linux-image-2.6.28-18-iop32x 2.6.28-18.59
linux-image-2.6.28-18-ixp4xx 2.6.28-18.59
linux-image-2.6.28-18-lpia 2.6.28-18.59
linux-image-2.6.28-18-server 2.6.28-18.59
linux-image-2.6.28-18-versatile 2.6.28-18.59
linux-image-2.6.28-18-virtual 2.6.28-18.59
Ubuntu 9.10:
kernel-image-2.6.31-108-imx51-di 2.6.31-108.21
linux-image-2.6.31-19-386 2.6.31-19.56
linux-image-2.6.31-19-generic 2.6.31-19.56
linux-image-2.6.31-19-generic-pae 2.6.31-19.56
linux-image-2.6.31-19-ia64 2.6.31-19.56
linux-image-2.6.31-19-lpia 2.6.31-19.56
linux-image-2.6.31-19-powerpc 2.6.31-19.56
linux-image-2.6.31-19-powerpc-smp 2.6.31-19.56
linux-image-2.6.31-19-powerpc64-smp 2.6.31-19.56
linux-image-2.6.31-19-server 2.6.31-19.56
linux-image-2.6.31-19-sparc64 2.6.31-19.56
linux-image-2.6.31-19-sparc64-smp 2.6.31-19.56
linux-image-2.6.31-19-virtual 2.6.31-19.56
linux-image-2.6.31-211-dove 2.6.31-211.22
linux-image-2.6.31-211-dove-z0 2.6.31-211.22
linux-image-2.6.31-304-ec2 2.6.31-304.10
After a standard system upgrade you need to reboot your computer to
effect the necessary changes.
ATTENTION: Due to an unavoidable ABI change (except for Ubuntu 6.06)
the kernel updates have been given a new version number, which requires
you to recompile and reinstall all third party kernel modules you
might have installed. Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-server, linux-powerpc), a standard system
upgrade will automatically perform this as well.
Details follow:
Amerigo Wang and Eric Sesterhenn discovered that the HFS and ext4
filesystems did not correctly check certain disk structures. Ubuntu 9.10 was not
affected. (CVE-2009-4021)
It was discovered that KVM did not correctly decode certain guest
instructions. A local attacker in a guest could exploit this to
trigger high scheduling latency in the host, leading to a denial of
service. Ubuntu 6.06 was not affected. Ubuntu 6.06 was not
affected. (CVE-2009-4138)
Tavis Ormandy discovered that the kernel did not correctly handle
O_ASYNC on locked files. Only Ubuntu 9.04 and 9.10 were affected. (CVE-2009-4141)
Neil Horman and Eugene Teo discovered that the e1000 and e1000e
network drivers did not correctly check the size of Ethernet frames. (CVE-2009-4536, CVE-2009-4538)
It was discovered that "print-fatal-signals" reporting could show
arbitrary kernel memory contents. A local attacker could exploit
this, leading to a loss of privacy. (CVE-2010-0003)
Olli Jarva and Tuomo Untinen discovered that IPv6 did not correctly
handle jumbo frames. Only Ubuntu 9.04 and 9.10 were
affected. A local attacker could disrupt network
traffic, leading to a denial of service. (CVE-2010-0291)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15-55.82.diff.gz
Size/MD5: 2928444 765d0254f54d27d447de8f0b39548848
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15-55.82.dsc
Size/MD5: 2921 682576890de917043eccf6fc9398aed2
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15.orig.tar.gz
Size/MD5: 57403387 88ab0747cb8c2ceed662e0fd1b27d81d
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-doc-2.6.15_2.6.15-55.82_all.deb
Size/MD5: 5170062 ef1a9c95890c4ba600a3e5523d49bb59
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-kernel-devel_2.6.15-55.82_all.deb
Size/MD5: 96386 b184441d2f44037554d037d217688393
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15-55.82_all.deb
Size/MD5: 44742098 b5215eb163e357a179dbf36169ae1fa2
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/acpi-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 22350 d8934981c2fdd09168a5e576cc1b809a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 44768 74be7582e8f82aeb48af59731ce128be
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 2312 d464c76f98a4142add7a69aca1305739
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 36294 a65060e99feff7e2ecef38be6d92fbc3
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 102366 04d59c868ce03dc83b69116b022735b8
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 38892 e80a653bb000e86f38da594d4bc1742d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fb-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 49160 a512718368004f81e83063ea8972c871
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/firewire-core-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 176612 81ab4c185b3af1dea1a082283c1ec9b4
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/floppy-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 36776 fcb0833daefa645545a2451824094b21
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 142346 3e6446140bfad0b19c512c69377d8026
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 51060 a11ceed7ccb1b96c2a8b2e7f840061b9
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 140710 e1789bb9d7cdd542a862e8ef209de802
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/irda-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 287606 f3cc835959f215c209dc5a825596849c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/jfs-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 97828 05627ddbba40a6517ae7f8ca75f195c1
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 1652102 c9eea2df3fdde2a5e7d2f4dff99e6772
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-amd64-generic_2.6.15-55.82_amd64.deb
Size/MD5: 872314 6e8f80e117e13665c95fb75593853d49
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-amd64-k8_2.6.15-55.82_amd64.deb
Size/MD5: 872448 1a70a906bccd7642241535f79feddb57
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-amd64-server_2.6.15-55.82_amd64.deb
Size/MD5: 874570 0da9cd27666b58b5328e18dbc01c9b2e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-amd64-xeon_2.6.15-55.82_amd64.deb
Size/MD5: 872194 375aad441654cdcd2338c5809e6319ad
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55_2.6.15-55.82_amd64.deb
Size/MD5: 6926870 c5868857ae3e12da5ffd91ec60d75501
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-amd64-generic_2.6.15-55.82_amd64.deb
Size/MD5: 20817720 06e066129d82d4fa8e41a2a058dcb9f0
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-amd64-k8_2.6.15-55.82_amd64.deb
Size/MD5: 20798158 1e5bf064dc2aab9880b30448d06eba9d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-amd64-server_2.6.15-55.82_amd64.deb
Size/MD5: 21635636 0bb9fd3f753b4dcedf70fa8f36c48467
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-amd64-xeon_2.6.15-55.82_amd64.deb
Size/MD5: 19905244 a04e5f6463fe334c28598cbf13506043
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 15630 8d1da510f959f7b9a2d0aa73ab80ae39
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 240360 20cd65fa275cfe8a83743ddb5a95f528
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 202666 71d8be83541874d6c675945838b9e223
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 1048610 9125e9e6c294bb450e37643b3ed7397e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 1543634 ff7af4dcfc269a529f0adef3823a7244
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-pcmcia-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 161692 5623fa9ad6b280d0a5271917e89ca8ab
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 9832 bd5218587371f5b309ef2d1f77f98420
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-usb-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 80870 20f034d6199d2902130f8bba12f48afe
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ntfs-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 49294 e4a805200acaaea274e67995602294e6
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/parport-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 35158 0869bee234a54b1afe362123606efe66
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 70890 74ad81f0209c505c41d61c143b90f879
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-storage-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 6218 ab28cdccb61315cac14d9046821e264d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/plip-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 9060 6b179cd944eb7f83f03147e09025e6be
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 57924 5465064d051dec863ad3f4f1a91553f6
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 123380 18eabdae11c2d77a1694f0cd467107a3
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/sata-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 101078 efbe32714c0fed5aec8a70095af299df
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 79272 2fbe8585b11e0fa73fad8e94298082bf
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 1595398 3e11b94ed4701d1d84b6aeb303782d97
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/serial-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 72352 e413c3057779de1b3c8f0c4d8d7fb577
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/socket-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 12648 41487d8dc828d7f94a5c8ed495f06a99
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ufs-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 33806 ebf707126fa6326899d648786afa8779
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 138512 ff1e0d4f0e9c5efc7bbae4d92194da5d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 38938 75eb074224a6373013e621cdd5931a51
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-55-amd64-generic-di_2.6.15-55.82_amd64.udeb
Size/MD5: 278876 1586e5c6fc3fedf7f63f19c35a4fd9e8
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/acpi-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 18976 940a7c03cfe47e9d0543f49849c8765f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 43482 466c625f614e3624fa548bc5f96efa74
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 105216 d45ce18fb4d9c2cf5da6d14ae69a86c4
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 2284 de2293fa5c6e5493307a1913b606ad20
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 34572 4e302b4f7144fd504b2475a4103a3bf5
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 97044 eeafb6c943244dd33659e7e7db9a9f76
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 37128 d4d67e516f236bf54a00697b71a3219b
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fb-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 44122 1657e3520cbd2fbc832cf91bd6366a38
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/firewire-core-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 167738 7431ddaa7c8f0c9b6e583129cdc839f7
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/floppy-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 33954 8251d509fb9bacd314f62cc90bda5b96
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 137972 9b8295fffc47ab4cf16ec34f7ef8b7aa
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 46892 c12096744faa1ca0735b62ea045b0c65
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 133162 5805bb2e2bfab6158d8d217b08079cc2
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/irda-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 273806 be7956f256f494fe4f40e7e7129bdcd7
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/jfs-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 102330 d6a81f9c342c0ebe2010b66d4a7c59ae
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 1597678 ab989d0c749b837c67a2a839f139fbb2
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-386_2.6.15-55.82_i386.deb
Size/MD5: 863294 c444f51c8b2752c6a7bb7e6890917ae2
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-686_2.6.15-55.82_i386.deb
Size/MD5: 862506 1508b314277964abb0d05e8a274d2a26
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-k7_2.6.15-55.82_i386.deb
Size/MD5: 863628 69ee54c68825997e29779c3a2ab66625
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-server-bigiron_2.6.15-55.82_i386.deb
Size/MD5: 866414 fa045eb17626dde56b96d70431e9515b
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-server_2.6.15-55.82_i386.deb
Size/MD5: 865826 30916e33e56490d9a2acf31c03690e64
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55_2.6.15-55.82_i386.deb
Size/MD5: 6918500 a2bb7aa892eb2d21ea3d04f519b72482
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-386_2.6.15-55.82_i386.deb
Size/MD5: 21724666 e1390cea2d5e21dee938aaf3f88786f5
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-686_2.6.15-55.82_i386.deb
Size/MD5: 22516786 35a5512e74cf490346c35fd56f695fca
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-k7_2.6.15-55.82_i386.deb
Size/MD5: 22265258 07155a925272e66ace552f82d16b1b79
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-server-bigiron_2.6.15-55.82_i386.deb
Size/MD5: 23626692 d229112410ce8c9c9947f2f7cd32c883
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-server_2.6.15-55.82_i386.deb
Size/MD5: 23179552 9b108d16a1fc1716b78c4417150e311e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 15512 4a2a37534dc2bc6b0ce12df135d07105
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 238510 544c418a7426a5248e33ff549c6f4035
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 197134 9ec57cc477f5bc4e0dba11002d3988e5
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 1048370 cd87ff58b5cbea9c04eac21cf1b0784c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 1741406 0b97758852f283e148ec2ce290e678ef
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-pcmcia-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 160884 ce6d2a16b8a3af5706b694fe6f8ac4f5
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 9162 d5f4619ccc32c2ed8296823cd3c19e3e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-usb-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 76468 9f0911cef3a4b7afb14f1bd537ad337e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ntfs-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 53554 afc415fd0a28c363579986fc48464671
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/parport-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 33048 c710f55e8853bec0935df3338f2370c2
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 85618 b6ed96be15afaf31e6670a78ff1f4733
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-storage-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 6024 b0a622b932e40a7011d5e9ec9bd21eb3
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/plip-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 8762 6234ceb3aa1422433ee60ad4305c03e7
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 53636 e1a35b8801fb949295040028cd2cba5e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 130970 25d88aae6168f72c58ca17584b3f83e0
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/sata-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 98468 ddb974591a687460f50c26a2e2682593
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 77212 a9ec9f2fe551ec07e56200b26f1de4f8
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 1768830 477e2985e9f1fd2d4f333d651ce07e2f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/serial-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 69612 2547b29a65a8391d3a085bbf2ce476aa
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/socket-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 11764 88566d97534c428d1ef6b01b5adde2ab
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ufs-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 36102 10638cf7adf98d9afcc1e1475dbaf05c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 132672 fa6f13f8c0c0d017f50dc160bf2961fc
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 38578 32976528861368cdb936d5db4fc0c2b5
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-55-386-di_2.6.15-55.82_i386.udeb
Size/MD5: 299158 458051a07217501718f6e2a742bec0a3
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/affs-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 23726 0fbb9855c5833cb24187a701c10cdfbe
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/affs-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 26006 87108baca7e8450f580be0f6c77d95de
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 49328 c6fe9fa1f1e132f4906b21e555bfb079
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 51536 d2c7a02ac033097208c359312e95d246
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 2308 5b98b064d0e5c18d8c32caa86b2e43e5
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 2482 3c964c577c93d80cee55d06e78003951
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 40306 ad5c5c36d7dc08add999f8cf47d53b72
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 43848 0cfb559dfe56e4a50c99537f98392827
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 112606 9994a8d2bb1c9a45cf43416faca7f9fe
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 120734 092bb2c1dfcece144429a277f96b56e9
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 40906 84f84dc75718a347eb6623204cab6209
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 45996 69f5b1a8a9e82414d868ae459109f32c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fb-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 29024 1a12ad8c384bd5195208ce7eb478c011
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fb-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 29892 4a807f384985ae3376d509474716f13a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/firewire-core-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 211398 2e302e02bf08226ad9bf45c3a04840b3
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/firewire-core-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 225174 0c4edfa7ccdb502d5aefc7b02a2e81e5
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/floppy-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 45054 a2373aac90339698b2cba11e43978565
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/floppy-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 40220 06b0e3234fd6b0125df72fc04c4d0562
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fs-common-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 1934 0887612df6acbc867949c33251427c00
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fs-common-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 2198 d38a4ec22579275ff2f48805be734356
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/hfs-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 80760 0a71c80867de5b11bd73c9c6d2751448
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/hfs-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 86134 0531dff0f43a6073ae4e71e93e1d77ce
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 111580 ab42bedd2a1e1687015d5b6b4b327484
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 125734 3c526ccc2348c1f6dd65829c96fb1381
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 53412 13f7a9a412c8c38c4a22a0f4db2a2bd9
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 58486 0a62b4bc8aa5f594de9efc6b9f1dec6a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 147964 9751a30ed03bc5bde2b48be1e5dce6e3
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 161908 70564b18529d383509cb4c1d4898425a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/irda-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 318412 7944aa213ac28d37d390b48b3d5a9a8d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/irda-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 288032 2b93681e1b268517863ee4bf27ba0899
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/jfs-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 115862 3cd4a494b7d9652bd77eb9dda6d2eeb9
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/jfs-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 116548 a40033c7a63dda0aa5911caf2dd7f49a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 1925072 2c1fefed78a6ebc795887a2f27c9db4e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 2449126 39606af1d24872f0ff053ef5ddf790bd
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-powerpc-smp_2.6.15-55.82_powerpc.deb
Size/MD5: 872990 d1ced46d4302cb78b2d47c5ea678d6bc
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-powerpc64-smp_2.6.15-55.82_powerpc.deb
Size/MD5: 872596 8602056ab95806f02667587737cb3b59
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-powerpc_2.6.15-55.82_powerpc.deb
Size/MD5: 865624 336f5e63d1fc8a9f55e7e36f4177f54a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55_2.6.15-55.82_powerpc.deb
Size/MD5: 6947694 9ab99966a30e44788549998ae0e26798
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-powerpc-smp_2.6.15-55.82_powerpc.deb
Size/MD5: 22783922 2c7ace12a48de978cea2e7e939c3c900
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-powerpc64-smp_2.6.15-55.82_powerpc.deb
Size/MD5: 23693062 18b76996711d54f91edd68a52b45d666
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-powerpc_2.6.15-55.82_powerpc.deb
Size/MD5: 22365356 f8a73866c9b4334ace774f26ddaa0e38
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 17782 6a4cc5fc57579f3f602f582acb1231fb
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 17386 1abc2376b554610aec23e87f60998358
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 261350 a2a6eff082f29827c9505b45dee47f7d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 282620 93ef7729a3cc9f4639e9d34c8782d8c5
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 227808 73c5142c206284bb244b59586a93d8b6
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 248952 d0c1d09bb0b125ae113a70baa7a06cc0
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 1048470 66d28a86b670f1166faeb1c25a1547ad
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 1048600 178ea75b2bd02ef3b01c4cf940b6a713
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 1738490 8fdc1918d06d76e358e7645e24d763b5
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 1878020 0b6e4cc3971bb034e26a3aee110cbc58
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-pcmcia-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 250814 c48a5e0837fa30e3b1480c113c02d963
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-pcmcia-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 233524 676bf7f8905001fea721689f23ae5f6e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 13054 73a21ffbe4470fe4108886ee20990c35
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 13528 1105da0ce6deb9d13a19e8b6398827db
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-usb-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 84794 ccbc384bd76aacf39ac078437d709d51
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-usb-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 52204 acd012d94fac6fd62028de4920ff5a67
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 73922 a2d1c6a539934c1a852cf0b2c56ada43
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 85854 59c8914383ae0624690950d8f844c101
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-storage-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 6624 b926e6807098f087b5eab77015ef1aee
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-storage-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 7058 43cb29678a86a4ace2a784ef2c2e8843
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 60378 183583ac6a0ab738109499861a861ca2
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 70420 da9263ada0b850362f022c36b6769f22
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 128550 5eaff599374f099cbb06bb709f1ce68c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 157944 8ef2e5efb4749e8e1725c58a185871bd
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/sata-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 108166 1a09b1fb98eb414ba847dc8634a28a62
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/sata-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 126130 e2ae3a3d5d06c8e6a5394c2262381438
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 87294 610a552fd6a9c960f64c8ed4a74c5b39
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 93362 a7434712a48c99eba3cfd1dcdf4db489
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 2014708 a089ebb3c11c6fd25f65c069adc4f1cb
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 1988690 049558cbf765292686c49fc8e180ca0f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/serial-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 104130 cfa3ef8f4085a002160c319cdc9899ed
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/serial-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 115790 ac0661102201e3f682eda1052d987671
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/socket-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 12738 f683a291e68f38a5c2785aed5452f77c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/socket-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 14444 24e22f4de6be23c1fe122e8c3dbdfdc0
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ufs-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 39950 b8aa9421b4aaf324bc7349b026e3c30e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ufs-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 41540 c174de599d57427fbbe0544bdea28cf0
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 149344 f742184c85574c83ec84aa70cb9cdfea
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 168082 6f375034031b861fe42ba973c9390ded
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 42310 e24ddfc7d97416cdca5325a9ce197781
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 44918 de0152b64cf3da754a73ba952625e15b
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-55-powerpc-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 320326 87594e9f43ab0dff57a8ae731be77dfa
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-55-powerpc64-smp-di_2.6.15-55.82_powerpc.udeb
Size/MD5: 324872 a53f9d6f2e8118894b3c5ee8a98b7441
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb
Size/MD5: 50476 aea13d5d96a87d5b3a0cb897605f8226
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb
Size/MD5: 2358 b0af3cd8de1581e95acdba1dd91796e9
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb
Size/MD5: 40380 c083f0781fb33b64329d10c233affde2
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb
Size/MD5: 110556 cea10ae3446945f5dcc6b94a8050b4ad
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb
Size/MD5: 41214 b0728ed58d1e1a5bcc4309849d773e91
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb
Size/MD5: 104224 54844dc4f0225e051453b6a01934edb3
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb
Size/MD5: 7438 7cfdeca11c465cea2c2e8d768b39969e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb
Size/MD5: 149304 958f0b630326763cddddce5503f3319d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb
Size/MD5: 1712530 f967805acb454413bbcc2f377f5b3e36
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-sparc64-smp_2.6.15-55.82_sparc.deb
Size/MD5: 773010 979da22c264d122841ea140319b365ce
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55-sparc64_2.6.15-55.82_sparc.deb
Size/MD5: 772604 3106b0711e0e311f93d92624247f1eea
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-55_2.6.15-55.82_sparc.deb
Size/MD5: 6964184 fb615cef69d2a79b16cfda4b67bf4e50
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-sparc64-smp_2.6.15-55.82_sparc.deb
Size/MD5: 15017856 479231852577fdd0e402556287a02059
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-55-sparc64_2.6.15-55.82_sparc.deb
Size/MD5: 14831912 1bd18f6f1ccc6b70379e267a0173b9bb
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb
Size/MD5: 7436 87e52fb1ba93a9e9763a0f3984bc15a5
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb
Size/MD5: 248758 bc3db8ee9c85b0aaf1ec03290ae41cf3
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb
Size/MD5: 212566 70a9e482f9be5074d90bbd4ae5cf1246
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb
Size/MD5: 1048480 c535170499441feef6ef8b3062de2d30
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb
Size/MD5: 1482394 247faeb24ed7d02526dc54dfb194dec4
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb
Size/MD5: 10118 28a82b2b4d4934c028952b17676d515a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/parport-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb
Size/MD5: 40178 d44c9cb160749b87062ff38c0fc11340
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/plip-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb
Size/MD5: 9370 c7d50aabcba6ff111825da92f10dd219
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb
Size/MD5: 61398 df892cd2f9e118248246eb7d3c273df4
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb
Size/MD5: 163276 481deef18ee50e039791747737619c3e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb
Size/MD5: 64096 9ebc582fc849cdcf71ee887937313a22
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb
Size/MD5: 1235396 479e0c0baad9c8cf96fe44603c2fb9b9
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb
Size/MD5: 59308 83efde441d0de3f09bb163e53016a300
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb
Size/MD5: 37430 3646c295a3bbadafbe6df1fb22d8391e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-55-sparc64-di_2.6.15-55.82_sparc.udeb
Size/MD5: 280132 311d2d465db827f3e3f2e95bc265ddb6
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.24-27.65.diff.gz
Size/MD5: 4747158 57102623f2993049cb4d309f75748b5f
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.24-27.65.dsc
Size/MD5: 2689 3d66528dd1a11628dd0e2ec5fadfa2b0
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.24.orig.tar.gz
Size/MD5: 59085601 e4aad2f8c445505cbbfa92864f5941ab
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-doc-2.6.24_2.6.24-27.65_all.deb
Size/MD5: 4930936 41797a4c4537dc9e4abb06f5b811a6f4
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-27_2.6.24-27.65_all.deb
Size/MD5: 8146690 ea0f32ddeaa300bc68f90838a6466257
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-kernel-devel_2.6.24-27.65_all.deb
Size/MD5: 99216 bec450b038c03760a6f369323af1a0d5
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-source-2.6.24_2.6.24-27.65_all.deb
Size/MD5: 46970850 cadaea7041848682d5e46a181aa43fb4
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/l/linux/acpi-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 28614 de37ceb847d7f811723dee03e7fc9ab9
http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 224184 6b392a2ef779b2048c78f46c1e833e2f
http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 52646 2c736bab70f1efeade320f9062b74729
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 40644 a6209cbd666c38e1c4bc75115fda79f5
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 48646 6affd584126a9ecd4d3560dfa69a201f
http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 86332 097b613836ca5101cd37cabfe7299adc
http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 36316 f3915273cbd0e4a218a543ac525d7674
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 648728 9021fcdfc468efb5a2994dab918aad7a
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 209928 967a98f6cfa9c56dcecbe0872e98b617
http://security.ubuntu.com/ubuntu/pool/main/l/linux/ide-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 39194 5ad172f156b5e2ba43fee3a69a09fb49
http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 67996 9ca474a40f4225116d7d9befcde4dbb5
http://security.ubuntu.com/ubuntu/pool/main/l/linux/ipv6-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 145458 3e087634d61556643c32e342214a0642
http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 287262 202933f0bb0a3d09ae278a991139eaf1
http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 2130554 f0a40b4f0002803063b074d4b2b22775
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-27-generic_2.6.24-27.65_amd64.deb
Size/MD5: 673974 3ee01bd889b29b761f96eab35f839815
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-27-openvz_2.6.24-27.65_amd64.deb
Size/MD5: 1252948 e0734c904a26acf9daadc8dc13a5331c
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-27-rt_2.6.24-27.65_amd64.deb
Size/MD5: 1274832 4784ef460e510677dd0c62ba0e5d75a3
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-27-server_2.6.24-27.65_amd64.deb
Size/MD5: 674092 b2b2090661ff113ec00e1b08627238c3
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-27-xen_2.6.24-27.65_amd64.deb
Size/MD5: 1084370 ef5cd734b586855f7b94d5b93bb51c42
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.24-27-generic_2.6.24-27.65_amd64.deb
Size/MD5: 17809172 46d4f01f3cb62fc8c006c25d291bdbde
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.24-27-server_2.6.24-27.65_amd64.deb
Size/MD5: 17781410 589743282c76d9ae95751cefae7dcd1f
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-debug-2.6.24-27-generic_2.6.24-27.65_amd64.deb
Size/MD5: 21055946 71c5ed78b283260aa76abe43a5199869
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-debug-2.6.24-27-server_2.6.24-27.65_amd64.deb
Size/MD5: 21440010 76e220b0a64e1b1fb76a54aaa5cde808
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.24-27.65_amd64.deb
Size/MD5: 707586 4d51f71c8ac5227c9f02fbc0c6552453
http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 263678 73ef23d338fe298802ae13ea52af05a1
http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 176420 0709db4bda579f5146063e7bedeef8cf
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 254102 7b20912de5e61b0206319019c4800ef1
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 1641364 98d7399720bae5a9d3e1637cc6f13ce9
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 143718 419053c97211aea3dd9b2aa0833bc6bc
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 164466 16e2d4ad08a10d9e9d2b33dbee4c08ba
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 115858 74f2c34acf328f485356f38e86eb6aa2
http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 35056 5307b10f96b76f43c0bf983007f36021
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 64412 7cf4750ba6f0dd63678eae705da55fbf
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 69706 dedcbc58256ac2a43ed625eb7cae6e81
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 21598 6d6c27b8756a70466451449e096bd149
http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 8622 4414757aa7034cafa1e98d8bacf080f9
http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 57232 8690d6c34e1ec87d85b2c20cb280acb9
http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 103044 73c875b66060da7f1d39f2a5f8eecf36
http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 1212518 6e237c8e863f3cea5cc702afbd925b77
http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 45500 1883d8bdf4ed7b2aebc1a407502bd556
http://security.ubuntu.com/ubuntu/pool/main/l/linux/socket-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 12780 fa12802bfa4f6847c5409d4882e9aa9a
http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 498032 d5e81ea5e16357ae1be8c0ac77685256
http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.24-27-generic-di_2.6.24-27.65_amd64.udeb
Size/MD5: 75048 24c6c2fa1972611542270d68ccae59a6
http://security.ubuntu.com/ubuntu/pool/universe/l/linux/linux-image-2.6.24-27-openvz_2.6.24-27.65_amd64.deb
Size/MD5: 19256730 d7f5e8ae9464748ac2a6dbc46ed9f1c1
http://security.ubuntu.com/ubuntu/pool/universe/l/linux/linux-image-2.6.24-27-rt_2.6.24-27.65_amd64.deb
Size/MD5: 17909990 e4e3916570b7b5f06645d2623111b0ef
http://security.ubuntu.com/ubuntu/pool/universe/l/linux/linux-image-2.6.24-27-xen_2.6.24-27.65_amd64.deb
Size/MD5: 18911564 fd71e9397f8919af683848aa456c885f
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/l/linux/acpi-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 23690 ceb5d148f00965516252470b41d00b56
http://security.ubuntu.com/ubuntu/pool/main/l/linux/acpi-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 26794 50bb7020338de7d00265de0765578291
http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 218818 a3b52dd67e9817d4e60d8b048f542717
http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 220482 60bf430685f9b39568dbb078edf6041c
http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 51932 f708bc6cc86f313031745601d3d31aa9
http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 52068 bd20c8c1eb151b2b8d989d5081f8386b
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 38326 aeea101daeed1f87bb30f67c4011d737
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 39080 b8fc6fd4c6fa20a8cf2a92e150a1b969
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 45990 9c06ca831da0f4183ef6e15af4e9b3cb
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 46170 8d8cb61faaaf267e135ecd2844afd195
http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 83246 6941b39723fc655f7dcf2846e5c8a47e
http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 83662 d3f22aca87d23a99c75b3e6464eb22fd
http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 32396 402518c87d72b3dfc41656de51ebaa64
http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 32672 7135f346092b651dafed111b91aee44d
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 637694 e32a7d7a367597e18b305f6d97b93630
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 655982 7e8f7f69c261eaa0ce58ddb865205698
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 209878 1ca7ab42cb7cd39e37e711fabaae8b99
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 213640 bfc69b0b0b29485a95605fe7e091dd5c
http://security.ubuntu.com/ubuntu/pool/main/l/linux/ide-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 46544 90ef4a74882d5770a3f7d888ba288b35
http://security.ubuntu.com/ubuntu/pool/main/l/linux/ide-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 47602 e55422dc48484675642c96bdbc673595
http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 62270 cc798227f68e2c8c1d8a54b03bf0058a
http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 63626 a2d3587a68e63d2cf90e1cd3790d1079
http://security.ubuntu.com/ubuntu/pool/main/l/linux/ipv6-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 130538 c07adcef7438ef51821f9a8b750f7973
http://security.ubuntu.com/ubuntu/pool/main/l/linux/ipv6-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 137028 068fdde4394c7850abba6ea81e69c801
http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 279080 76c07612b0081c38122b1929c7f19f34
http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 277690 c635d04d78592fe9792024e84682ccc7
http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 2012458 d372c1d872861cd7c84ea9d06c4e8162
http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 2089276 69416120cd161789b598b2b93034db07
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-27-386_2.6.24-27.65_i386.deb
Size/MD5: 655314 4adb56a8d5211bba1acc02d76e9fb65d
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-27-generic_2.6.24-27.65_i386.deb
Size/MD5: 658154 7d6f7bccbf83f9a32664588ab5faaabe
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-27-openvz_2.6.24-27.65_i386.deb
Size/MD5: 1242098 c22eebab07e9ce3d85526ce2945da263
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-27-rt_2.6.24-27.65_i386.deb
Size/MD5: 1262772 85fe04ee16e27b961017cf148c4f1d21
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-27-server_2.6.24-27.65_i386.deb
Size/MD5: 659870 a3ebd23356d57307d124b62faf3fc2a2
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-27-virtual_2.6.24-27.65_i386.deb
Size/MD5: 561726 410d756762ce992d36864ce38efc2e1d
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.24-27-xen_2.6.24-27.65_i386.deb
Size/MD5: 1059932 350947cab60fcafb13483ab14ca0ff95
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.24-27-386_2.6.24-27.65_i386.deb
Size/MD5: 18380540 1da620cffb3b62617fc8213134b951e5
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.24-27-generic_2.6.24-27.65_i386.deb
Size/MD5: 18401264 dd7b7991e7f843ebcae7bc5c8700636d
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.24-27-server_2.6.24-27.65_i386.deb
Size/MD5: 18513796 c8b5dac38c445a72681bd5dd1c9a1f98
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.24-27-virtual_2.6.24-27.65_i386.deb
Size/MD5: 8730742 fc3305910b00833b509a4e34199e4a67
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-debug-2.6.24-27-386_2.6.24-27.65_i386.deb
Size/MD5: 25540786 ce01c05207f08195efd8b88b83a93549
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-debug-2.6.24-27-generic_2.6.24-27.65_i386.deb
Size/MD5: 26356028 ed8deb0b2243fd649476c43d245a9690
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-debug-2.6.24-27-server_2.6.24-27.65_i386.deb
Size/MD5: 27372622 d07e093dc192ad5a49be8c45b5c85dd4
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-debug-2.6.24-27-virtual_2.6.24-27.65_i386.deb
Size/MD5: 24872642 c28ebc89c9a427352186dea53d81ffe8
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.24-27.65_i386.deb
Size/MD5: 707576 d26794effd4e857da1db4d28e9407611
http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 258852 b86f8c37480cbd19131432c908013dd3
http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 264136 631fc78981097e46ee5643ec3cfc5616
http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 163268 1c98e7380c4f80c461a6181344914fea
http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 163034 9cc84b270528d0fef36320974b415392
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 236710 755a3caeceece8650e46706804c6e072
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 244984 cc330be20f314b308aa0fbcf95c0370c
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 1810274 169e24dc79c5fbde1ca1a2a5520286d7
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 1827436 cf166d9cdca76a06fd78b1a0669ed67b
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 150836 169c287e6bc754d02924a719d34aad29
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 143018 ee925199234ec977618a5c3c3b03954f
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 156072 9ff98bc4b62d033785de95858201c353
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 157158 75cdc15de6d5bdc90e05789eb00fe29d
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 107222 37ce3c67bd74d5040aa4d22223cbb486
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 108526 7e50df25fcc29d44c2cfdc3e5c046a66
http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 32958 b1b4b1a1b95db3b09923a39eb42c28e4
http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 33388 860c1b56a45914246929757c815f5ec4
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 60694 99aca1f49a5cd919f85ef1600ca757ef
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 61158 bbe05be947e606b614108423a7ca0b83
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 82652 8ffbf8ae116bd81b7632e2e3a58e0a76
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 82954 1532b447c1a1cc43d1cbf46b1e14020f
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 48562 d2569ab07923f67de18ed6c63940351c
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 48452 dcf73534ccf880da82f6ec8bdad54db7
http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 8192 2c3bac93f50147f7f67fffdcbb601b66
http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 8444 375a2103e5890c501433ae5b3d912fbb
http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 51104 8d242482ce8adca7ec8f5d0a40c04c20
http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 52950 8449d644f2a2455da01bf48922757fd3
http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 92156 232f32e69ea0f4daf4a17ad68542e45f
http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 92446 6525df043e2a865a6eb646f015140e31
http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 1443710 2746c7d1f27f2638dd6f141c5d7e68ce
http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 1427036 d049929f20e6cbec8c7338977af873a7
http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 43240 53538a90e2ae8dae72a91a8aa79ecb90
http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 42806 3b1d48b0e38b9acebe7581278a8e0408
http://security.ubuntu.com/ubuntu/pool/main/l/linux/socket-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 11402 83264faacaa7ff9c249144d8dd0061b0
http://security.ubuntu.com/ubuntu/pool/main/l/linux/socket-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 12016 7e17c39f818116eae09203af5f5dd870
http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 470484 bede1d05dc08ab51105feaff29b39093
http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 472422 d08cc1bf2e88df1908f35afc77fd696a
http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.24-27-386-di_2.6.24-27.65_i386.udeb
Size/MD5: 70518 751bdd069d86773b5a3cfc67a09b46a4
http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.24-27-generic-di_2.6.24-27.65_i386.udeb
Size/MD5: 71382 3aa45fd7cdb245416c60a2210066a353
http://security.ubuntu.com/ubuntu/pool/universe/l/linux/linux-image-2.6.24-27-openvz_2.6.24-27.65_i386.deb
Size/MD5: 20248150 fad37a976e62eb5c73f906fd44070b5a
http://security.ubuntu.com/ubuntu/pool/universe/l/linux/linux-image-2.6.24-27-rt_2.6.24-27.65_i386.deb
Size/MD5: 18543176 2f3a767f3505c51ebac878d921d3f3d8
http://security.ubuntu.com/ubuntu/pool/universe/l/linux/linux-image-2.6.24-27-xen_2.6.24-27.65_i386.deb
Size/MD5: 18782962 8a5a3287d174aa7fd1cceb71be94f347
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-27-lpia_2.6.24-27.65_lpia.deb
Size/MD5: 639434 d3cfd21a90ea311f0b1efa2ac28dfac0
http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-27-lpiacompat_2.6.24-27.65_lpia.deb
Size/MD5: 705462 81a381fb023a0e0074d8cfaa7fca88b8
http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.24-27.65_lpia.deb
Size/MD5: 707532 c6bf8f82d8bbc4e2320343f58629a562
http://ports.ubuntu.com/pool/universe/l/linux/linux-image-2.6.24-27-lpia_2.6.24-27.65_lpia.deb
Size/MD5: 14516344 29b153dcb44d72c1e5862191cb266c6b
http://ports.ubuntu.com/pool/universe/l/linux/linux-image-2.6.24-27-lpiacompat_2.6.24-27.65_lpia.deb
Size/MD5: 19816106 947ff90add29d1fc18a69145f39341d1
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 334046 06512921aae848be603af54dc56f72e6
http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 318530 4e8164b49e3ad90d33c9275bd1c7b45d
http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 62718 e53308b729496be4a0e343535769c74e
http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 73002 10bf1560cb8abc507ea079f6a495f91b
http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 41442 a9d6733876fcf91a271eb189eaffcb37
http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 47826 1d54194b81d12ac7b00b910f625f7a59
http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 89506 1d66e8fc56eb6437f783cb677e6c7061
http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 105746 034c14e0418581e1b8b56913246e96de
http://ports.ubuntu.com/pool/main/l/linux/floppy-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 44824 5430e2953cc84d26fd0c8e8c4e323a92
http://ports.ubuntu.com/pool/main/l/linux/floppy-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 40932 93dc2a167cf8ab1d80426dd296997295
http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 704830 ef370acc49192e464ef553984e361d88
http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 770960 ac691fac4ab28cb6d9627fa6b7a5b773
http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 243328 b280fefee27294e988529239616e68fe
http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 246310 c1d7e140ca2ba026b6a168c6c9748476
http://ports.ubuntu.com/pool/main/l/linux/ide-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 69160 665a09e07612701e5c6bc7efee856e5c
http://ports.ubuntu.com/pool/main/l/linux/ide-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 132586 f0e732beade4d5154e887aaa1b1f3625
http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 70252 d8f056e2c9d8aabe9acacfbe4e6c9de0
http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 77462 d69a84be1856d83b83faf1fa820803f6
http://ports.ubuntu.com/pool/main/l/linux/ipv6-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 146272 11a1d0911e3fda9667661975972e08b2
http://ports.ubuntu.com/pool/main/l/linux/ipv6-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 165002 c4276844b0ea79946508c0cd3a816541
http://ports.ubuntu.com/pool/main/l/linux/irda-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 387992 53b23049b6f79a9609349927adec3443
http://ports.ubuntu.com/pool/main/l/linux/irda-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 350468 694a94354856e10bcc935e2a7ba38a51
http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 2431460 3a8171d7d1e7e6b37573c6679812d2ae
http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 3473330 1037b52b34e3b26b05f68bfafb48850a
http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-27-powerpc-smp_2.6.24-27.65_powerpc.deb
Size/MD5: 652854 26483fb509f744914f646c49eb7b4d6c
http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-27-powerpc64-smp_2.6.24-27.65_powerpc.deb
Size/MD5: 657530 98dd4c49966d886237bed19fddb84057
http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-27-powerpc_2.6.24-27.65_powerpc.deb
Size/MD5: 652742 c9f225771751b175bc9a3d1ccb9b2b91
http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.24-27-powerpc-smp_2.6.24-27.65_powerpc.deb
Size/MD5: 20175388 98b77e06737b717f07a9f436bf292879
http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.24-27-powerpc64-smp_2.6.24-27.65_powerpc.deb
Size/MD5: 21378902 be6b07df3db6828d5d795954b3ad3c49
http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.24-27-powerpc_2.6.24-27.65_powerpc.deb
Size/MD5: 19948474 1a42e203300936a0a6bbd91270ac925d
http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.24-27.65_powerpc.deb
Size/MD5: 697738 b5f3e2a2bf27249b08f44ca708c75305
http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 266748 d71a805e23acc800f21449d312975e04
http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 307732 90c6243c8802cdc121bdf92145f7dc17
http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 192250 b114447f81aee3dfc51a3c40f2015d66
http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 201688 94056840984e621b385099d261ce2420
http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 272012 b6790aca1401ed43b8c04befaef9af51
http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 306006 50b970f3b69d4eda6d3e59353c9db152
http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 1807766 ec7ddb35df35bb103f7fa00168c827cd
http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 2119612 ee4db3863509964860b0a24a9a6d5951
http://ports.ubuntu.com/pool/main/l/linux/nic-pcmcia-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 235186 b6a1a89f7279818e17cac5d5b3a8b86e
http://ports.ubuntu.com/pool/main/l/linux/nic-pcmcia-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 225404 baf5ea09bdbab57626dee3afb306a39b
http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 170438 b6bae0ce9350745a5c5ba8d969ae34ef
http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 199752 9d4225f0960410c78279f61aa02471da
http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 117942 e88c2b968d47d71ef068dcb5abd4d9fd
http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 139272 5f4576b20a9dc27976d521d0942ad0c9
http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 45372 918120c1bd011bbbb8b95529c0978f09
http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 46836 10f5de3e02406e28d373098a6613860b
http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 51132 610f6b349ffcb68ca7f58dc7928a7558
http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 60292 9b17fdf2d2aa9cbcfd3dbfb1bfc3af41
http://ports.ubuntu.com/pool/main/l/linux/pcmcia-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 74186 053cc99e1839e95e6e48198a187c3e48
http://ports.ubuntu.com/pool/main/l/linux/pcmcia-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 87220 b730de88a2ee8d0b1503d2ee30f13e69
http://ports.ubuntu.com/pool/main/l/linux/pcmcia-storage-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 76092 0a6aab3a33606ec7e97d474de29a47db
http://ports.ubuntu.com/pool/main/l/linux/pcmcia-storage-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 30230 76c4d08ce66715d75db459c89405a0fb
http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 8486 80580934d5e5f6909c396732bedf2055
http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 10030 4e52e0e6b321b919404ffa406ccc2da1
http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 57438 24e1b5d61bcbe2b2faf9f31d9b6f7d3b
http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 68746 1b541e58e95b8022b84e7d050db97ecc
http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 101184 97ff0fdbf93ef2526b1a97b962592e37
http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 147834 eb62d695f6da016ae938924414bd15ed
http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 1565722 3bf6b2bd7ef98c403f8cedf220978814
http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 1514590 307c47dc707e3c96384e6ce043c745be
http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 76672 863a1d5aaef2e7d8f5ec43318a2b3f7a
http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 85976 b6bedff825f704ceb1269488d698bfbf
http://ports.ubuntu.com/pool/main/l/linux/socket-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 12702 cc2c9e83433b8f4092748b933292a46b
http://ports.ubuntu.com/pool/main/l/linux/socket-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 14560 60c8e6f2c5425b8bfea2cbee00dd50c2
http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 449632 ff75fd65c13af279e6652e0d09505887
http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 504134 364077fbb2c074eb8852249a757b89ae
http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.24-27-powerpc-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 83682 bcafd92384fdae95293c310f83443303
http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.24-27-powerpc64-smp-di_2.6.24-27.65_powerpc.udeb
Size/MD5: 108840 2254f5416b8a0cd8d1cd52a57d7a064a
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb
Size/MD5: 59570 0a8a1c6f109f6620c74d81880a6836ef
http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb
Size/MD5: 71732 e29b3839ae80a5cc8b8ca1756569e0bb
http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb
Size/MD5: 42454 35c72663f93201098e40f0fc36232ccc
http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb
Size/MD5: 91776 d7f14f387c9d325ba87761a2da581b5c
http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb
Size/MD5: 587190 a4606a71370a3dec9dc6a3aba35ec115
http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb
Size/MD5: 171076 2f15afec1e2aa78035659ac46b010cb3
http://ports.ubuntu.com/pool/main/l/linux/ide-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb
Size/MD5: 22356 aa2c6396604a45f318881df2e562f625
http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb
Size/MD5: 46058 5633652b0f71f9e2098ce2798e29269f
http://ports.ubuntu.com/pool/main/l/linux/ipv6-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb
Size/MD5: 152976 d7cbf92b5ae85f379d0335c693ccc256
http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb
Size/MD5: 2135270 f05d76791e5538fa887f7731d170dc58
http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-27-sparc64-smp_2.6.24-27.65_sparc.deb
Size/MD5: 565588 5d632e2a56604e4feff30e310f17f024
http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.24-27-sparc64_2.6.24-27.65_sparc.deb
Size/MD5: 563928 4b591c5db77c0f5bc41ffff32a14ee31
http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.24-27-sparc64-smp_2.6.24-27.65_sparc.deb
Size/MD5: 14098262 0170c4f2c460270add65ba17eb7acfd0
http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.24-27-sparc64_2.6.24-27.65_sparc.deb
Size/MD5: 13830862 e4b6c695ad5b3e4ad0b428947b4fd388
http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.24-27.65_sparc.deb
Size/MD5: 752654 6e9b50c2f72a60edf4df6e51d5448cc7
http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb
Size/MD5: 270064 879ee6667df636551d565e10ae5162fd
http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb
Size/MD5: 190360 388a92b9849a34e99f6a3d2817ca9b05
http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb
Size/MD5: 263030 82e8bd5f9f922af935f6f787942f4b2f
http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb
Size/MD5: 1386520 98436d21f7255a6c923b50900bd2de4d
http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb
Size/MD5: 175444 37239b1899dd449d5b4985163c46d678
http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb
Size/MD5: 122106 1b86f75278b7fab22bbffd2c0010eef5
http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb
Size/MD5: 40398 81325db98acd64573c100455f0cb5289
http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb
Size/MD5: 48060 dd1b8744fcecf5959d2dac4a23b8cd34
http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb
Size/MD5: 8698 a2a5a2941546e0137d8c57a38ba9ab2f
http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb
Size/MD5: 60516 08d388a60ac9be5c7d80d479f94fd4aa
http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb
Size/MD5: 106838 b350cddddb73537859dce8203c49ac1d
http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb
Size/MD5: 1002034 0756e59f467bdefbc26dcb06a6201457
http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb
Size/MD5: 9518 7bf2df83ac5364fef90bf13ea616e7e3
http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb
Size/MD5: 391514 9e98f9f4757387d261d6c7a1e8c7d61d
http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.24-27-sparc64-di_2.6.24-27.65_sparc.udeb
Size/MD5: 75924 b375f2838ce3f024a9f2b58d02f9d98e
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.27-17.45.diff.gz
Size/MD5: 3279295 99a1653c9f3eb96475ee9776faff3701
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.27-17.45.dsc
Size/MD5: 2761 3b7c2f9d1b970a69db9a1c2c2bd5d95c
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.27.orig.tar.gz
Size/MD5: 63721466 482b04f680ce6676114ccfaaf8f66a55
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-doc-2.6.27_2.6.27-17.45_all.deb
Size/MD5: 3492310 1dbaf1873425d41dfce3b359fc95728e
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-17_2.6.27-17.45_all.deb
Size/MD5: 5906568 e4cb3deaf39ad7c3917d33f0f1082a40
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-source-2.6.27_2.6.27-17.45_all.deb
Size/MD5: 52050112 2852d57c251b525e97d6ba66a94f1be5
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/l/linux/acpi-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 36530 ae958becd299698d5f30f722eb07cde7
http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 265218 1de0174009daaf9e0d3fb8f8e737fa40
http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 53438 46087922e5b4128b6a5f52dcacfbf840
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 43030 e25c2b8fbd4f46654a1ebc6089ef31bc
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 52344 4c16a22c0fe8f2a967f1503953ed5f8c
http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 89844 4cc23c275cc1fd6621ac977881b91345
http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 38180 24f5566a9c89334d394fb48d7c3d4949
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 677070 84220f4d0562b59edd2f0865120d4494
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 158618 edbaf560c5847b8f520ad94cd3f8d2d5
http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 46346 90f299bb91f23a67e0811ae8e0472e70
http://security.ubuntu.com/ubuntu/pool/main/l/linux/ipv6-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 154240 3ccfee605d2ef5a5e87aeb71320b337b
http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 313106 896f96e4eb01ff9381aaa78b6e1dc72d
http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 2604320 b50756ed8aeeee4a72873b8c60df10b6
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-17-generic_2.6.27-17.45_amd64.deb
Size/MD5: 663304 ef966b97630e8096fcf279d6c43b3960
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-17-server_2.6.27-17.45_amd64.deb
Size/MD5: 662184 599a4bf3bad78733d35ad1b4a5601a25
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-17-generic_2.6.27-17.45_amd64.deb
Size/MD5: 23073032 96da11b5c1a75a1694b4047c1a71b091
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-17-server_2.6.27-17.45_amd64.deb
Size/MD5: 23071096 162a682066d9c7d90df92c975698b2cd
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-17-virtual_2.6.27-17.45_amd64.deb
Size/MD5: 10479836 39042ef6e7f9049837b4d137450dc41a
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.27-17.45_amd64.deb
Size/MD5: 675844 3d711e518906ef37120bccabeaa1da2d
http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 434926 cc27207ed63847b17eab47e1978c98fd
http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 186500 940e6b351f4975369720543184596a04
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 275594 b525586af57630fd8b4e098cef404ad9
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 1810688 13f3abe5b38ff8a704c985dc8f3275b1
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 151324 d883249df4fb86d6d9d1146db5fa1020
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 194282 ee6a6162a8b0615e73a89978fcb9d172
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 168150 696ed64f02936c7200cc9a468302de40
http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 36428 ff94b9ab68b2108fd9d1d2475c211725
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 83436 3dceac801e8b0405790e1a28c960183f
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 71992 2b936af85a4eceb6312ad7ef93a18c88
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 23240 1d34a195f16d39f7895a2bf36281a6c8
http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 9012 454b1c03d70fbf4a917ff2431b6b4f2b
http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 68544 cd2e39978716c3448e54d6862877957c
http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 110302 ecb1005946c139f2340aaee3e80cd152
http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 1276186 d93285c15892be57cfb76798c746f88d
http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 47602 d2039335dc8bb4104fbb473b5ada0d96
http://security.ubuntu.com/ubuntu/pool/main/l/linux/socket-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 13480 5299f432e2db456a3e0743fd786c18f1
http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 393936 83cfaf207498b9a60d4e97cd21309095
http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 200806 5dfbdf4ce61cbe469582c94509160a42
http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.27-17-generic-di_2.6.27-17.45_amd64.udeb
Size/MD5: 13614 c860448fa643364e8776a4947cff9714
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/l/linux/acpi-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 33948 74da15b4b68dc6a03f2da65175b021bd
http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 244732 aee21df42a017731c52c53100cbf2f20
http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 55398 f4d1c18a70aec1e3e39572c36318115c
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 41206 42a8188a1ad868fa58aa779b31908d65
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 48698 7e06c0fbdb39f426e1259d35e8f1505e
http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 86942 49099dad48131ce191b10c154f096d6a
http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 34064 c8cf2cb88451687abb047df2faae44f9
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 675492 3e953f324652ef7a01f93aeaa2dc5e55
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 158402 aa593e2736e7b717ea8c561b1e11c27b
http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 43624 b2ca8774a7cf447123ea811781e80dbf
http://security.ubuntu.com/ubuntu/pool/main/l/linux/ipv6-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 145226 0fbb95dc0bc59baf91447250f19e7d45
http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 302390 991c8e4ef2dda71d6deda5599129a768
http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 2436572 4b845d0a28c2b48ad0c29521bae3a0b1
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-17-generic_2.6.27-17.45_i386.deb
Size/MD5: 645046 28f8ea5f653057c350d40feb64d68f2d
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-17-server_2.6.27-17.45_i386.deb
Size/MD5: 645340 a4d347f729beffbf9ff1701d21a5f9b2
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-17-generic_2.6.27-17.45_i386.deb
Size/MD5: 23499764 59f3275c547e9f13f97eba55955725f4
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-17-server_2.6.27-17.45_i386.deb
Size/MD5: 23635906 c096ba5db0db8b87f67309a9e9c6ff5f
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-17-virtual_2.6.27-17.45_i386.deb
Size/MD5: 10117090 7e1648c7b3a3ab2606263ecb20683ba1
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.27-17.45_i386.deb
Size/MD5: 675850 3e91710602fec2d4aebafe62a6cdfe80
http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 433078 d1439530f50069f41b4c30b010871b4f
http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 171298 68b786d8853574467c792efe3fa62ca5
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 264104 3a49c641e4a146fdb634b298c51ca6e9
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 1994518 105c6b0fb8b650949da502f3fee2018d
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 150964 dc4178cced6d9c1823d24b2204c15ae9
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 184058 a25940b16b7022a52f7b8c78e164a908
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 157856 c628cef1c909819dab1fe2d812dffeba
http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 34500 2ea55d8e77aa3065af30ff4d440c059d
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 78286 6d0f7704cdff848dbbfbd5fe60cf0ca7
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 86190 c7d8ec25c3d35ea8455e9cf7c1b4ec64
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 51332 79b56b5e7f79a17d45fb7c55f64954b3
http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 8796 e571105caa3bed5fc3576928b03eff31
http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 64316 bcb0f12340567e9db7a5dcc3549dcf0e
http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 102092 a2556a5171c52abe48ba423b008c6f13
http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 1450234 339572f5e579468fc438b1dd2cc2dcd3
http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 44520 68267a8c684d01c673d4b41bf5d4af69
http://security.ubuntu.com/ubuntu/pool/main/l/linux/socket-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 12642 80e228567fcb814cd67e54aec6abdb41
http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 373158 483599df2e1b6c82a688b413b74e5b91
http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 189720 156d822da222b7fc8b887a4d1b3b7c31
http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.27-17-generic-di_2.6.27-17.45_i386.udeb
Size/MD5: 12992 7232aad22eb02ec694fa0d41d367a69c
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.28-18.59.diff.gz
Size/MD5: 7350773 c09bf21927b9609694b39cdd55af21cf
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.28-18.59.dsc
Size/MD5: 3198 5ba9f01bd70b951901d1d1667b964b54
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.28.orig.tar.gz
Size/MD5: 66766084 062c29b626a55f09a65532538a6184d4
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-doc-2.6.28_2.6.28-18.59_all.deb
Size/MD5: 3636694 05fda32db7067b32c0fe593e1acf0533
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.28-18_2.6.28-18.59_all.deb
Size/MD5: 8701396 65f8df38ba832ad50c6486d22420efca
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-source-2.6.28_2.6.28-18.59_all.deb
Size/MD5: 56998214 3d33148ef29824c1060e1f66b470c6c4
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb
Size/MD5: 234600 929bceffa24f85104c08edf073ac1f0e
http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb
Size/MD5: 44110 6d94c9d8ecfe3b4673d25cce1db2b95b
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb
Size/MD5: 43316 d895b0ad91a70c9381fd7e17650fab75
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb
Size/MD5: 51116 da4c61dc01f5b5e8fb61cdf14bbbb40a
http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb
Size/MD5: 90082 dad217572b5b07064b9e12b0062d16b4
http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb
Size/MD5: 38016 5e886058b306b4937f5a4ebe22451db6
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb
Size/MD5: 521628 d9f3ffe45b307847935002619ac31ea0
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb
Size/MD5: 125818 6fbc3c76a739b91e01da41bd535f3791
http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb
Size/MD5: 58060 cc30f23edae38f46b0d56f621969fd62
http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb
Size/MD5: 312502 9a11c9f0f37fee6a92c59de9df5fca11
http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb
Size/MD5: 3872142 cdc4640244b192a5970dfc3d3efe4d7e
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.28-18-generic_2.6.28-18.59_amd64.deb
Size/MD5: 689228 bf7aedb2bbb365a73ed77a8976a2701e
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.28-18-server_2.6.28-18.59_amd64.deb
Size/MD5: 689122 80cfc63043a2d7231f86ef3e68f0a131
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.28-18-generic_2.6.28-18.59_amd64.deb
Size/MD5: 24344078 dca923a8044df0ba9c642d5f2b317867
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.28-18-server_2.6.28-18.59_amd64.deb
Size/MD5: 24335914 ad5a4fe70b4555e9399f9a45b58459f9
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.28-18-virtual_2.6.28-18.59_amd64.deb
Size/MD5: 10551276 b61ed90bb3d3f19f0d2e593c0e9f091a
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.28-18.59_amd64.deb
Size/MD5: 766282 f86ee0c95591ea10b578e848b6fdeb5f
http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb
Size/MD5: 215170 7939440a8813110d952d86b49113e146
http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb
Size/MD5: 189496 f7495840a58b11f4ebfaad4d8cf203fe
http://security.ubuntu.com/ubuntu/pool/main/l/linux/mouse-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb
Size/MD5: 29412 54845dbae313e98befcc172b5e87ac2c
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb
Size/MD5: 274480 e029f99b6550bd014f26c45997f76dcc
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb
Size/MD5: 1933908 6fa450fb440effd7f4a1d643f5e80ab9
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb
Size/MD5: 163464 208a84b0506fcd9cadb25f1b7f9d26b7
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb
Size/MD5: 194828 596399bbfa9a92e3116c8f8d3a7d1391
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb
Size/MD5: 152994 3cf4fb6614c5798cdcca7c8d7fd04a5b
http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb
Size/MD5: 36486 b3cf4deb0dc4e11f095eb9bcf81546df
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb
Size/MD5: 5842 085134ad282a8b2580aa12a6ed64fd9e
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb
Size/MD5: 72152 5b6bf270db5279c7d79cbd5fca8e14f6
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb
Size/MD5: 22714 a01ded50b855c5ed0580072a2277b74a
http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb
Size/MD5: 8874 f173072403f51e6e6da399debd91068f
http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb
Size/MD5: 47442 e822623d7e4ae0bec0ea5094fed67dcf
http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb
Size/MD5: 15656 2b2e6ad08af592fa3106adb4eb16324e
http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb
Size/MD5: 1273594 d873a895c58da3fcd5b8a0ea91f9a5ee
http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb
Size/MD5: 47204 c80f48bd49fddaae0188cf56350445f8
http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb
Size/MD5: 72706 dcc76877eef3af00d0280f96cafb6e45
http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb
Size/MD5: 126958 b184498c9d2a598d57e293bc09049cda
http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.28-18-generic-di_2.6.28-18.59_amd64.udeb
Size/MD5: 13472 1399e0100a81d92448659b83949a62a6
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb
Size/MD5: 215860 fe00a3406a5496e200d5c4e5975469f0
http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb
Size/MD5: 46662 d7a61d1e363f9766795132d3325f02c4
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb
Size/MD5: 41352 7d84e783cf7fc4111eaf964395440369
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb
Size/MD5: 47402 2cd024da2955f7e35fe4519c8df5add5
http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb
Size/MD5: 86924 515a3a07357e06f49b2e4384e2af7b8c
http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb
Size/MD5: 33578 452adbbc84f5a5218610ddad25eb3ea0
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb
Size/MD5: 525752 1a2c59458472f4a18538df9386396703
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb
Size/MD5: 125654 8678d7c3409daf24a373b4d11a0d9263
http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb
Size/MD5: 54874 94d4465b06d14b20af5803f2afddf53d
http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb
Size/MD5: 301338 64a58b9a7ee5d53c2d1a486fe32deb93
http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb
Size/MD5: 3746292 099947b9ddfb625da14b96bf1b9f59e6
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.28-18-generic_2.6.28-18.59_i386.deb
Size/MD5: 673824 c36739d12d66db8de4b6e270b1c91464
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.28-18-server_2.6.28-18.59_i386.deb
Size/MD5: 676398 c7091523d59d0b1cdd4453e12d5983d5
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.28-18-generic_2.6.28-18.59_i386.deb
Size/MD5: 24662186 cfa5f52488fb3767debfefaf8940f6b5
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.28-18-server_2.6.28-18.59_i386.deb
Size/MD5: 24777004 b524e2b45df5e9d30ebc81717b5c62d7
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.28-18-virtual_2.6.28-18.59_i386.deb
Size/MD5: 10250016 09b9af49da34304c1dd280896ce9c0cd
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.28-18.59_i386.deb
Size/MD5: 766288 4858bc3941dc0e545195c0b911142a4c
http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb
Size/MD5: 218106 f4f03360ad8e2ee23a58b534e8a2c045
http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb
Size/MD5: 174922 fbc6643612c01e91066a87b6ec9c7125
http://security.ubuntu.com/ubuntu/pool/main/l/linux/mouse-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb
Size/MD5: 30064 c8e4db00aa9c0c3b75c47c103d87b4c5
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb
Size/MD5: 262814 794c683379e359de14db8806fe984f78
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb
Size/MD5: 2110070 da3e69dab278584e1abea5ee15d9b47d
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb
Size/MD5: 150230 7fc91b8ad535bfb705ba2cb2fc9ff57d
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb
Size/MD5: 184326 e505e555ac3bd0c33d00a47f7530f78c
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb
Size/MD5: 143584 209207f7e7887594a9d55d17bf1dca76
http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb
Size/MD5: 34576 cafc0f5f2db11f69d10e75815d3e9018
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb
Size/MD5: 5504 21cfbb5c1aa4c8d82bf3e1412646263f
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb
Size/MD5: 86018 0dc7720bee90887f4ebf5c71cf93d611
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb
Size/MD5: 47636 fbebe71b83526192c08fd6d797ee8cb1
http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb
Size/MD5: 8714 14ed52e8c0a75151dd45acf3cb1ffc34
http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb
Size/MD5: 44692 27502a17d5ca35cc31a9fd79ae7d2f1d
http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb
Size/MD5: 14780 2c9ea91e8d8da2bff76c38a6cdce748d
http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb
Size/MD5: 1445966 33fa2ee03c566924552fc5b413e2ccf1
http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb
Size/MD5: 44098 f740dcb377a692e2ff25a65424431e5b
http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb
Size/MD5: 69290 a7e3130530005bf8fe4edabe8b003888
http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb
Size/MD5: 119528 a12c1a5bf9a112402d80e8f77ee87a1c
http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.28-18-generic-di_2.6.28-18.59_i386.udeb
Size/MD5: 12678 6646096dee2575f3bb33510e70bdd52b
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb
Size/MD5: 215260 9a096eefa7f5e423c60fea41c314b9a5
http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb
Size/MD5: 46664 ba3b534d98d6717395ec66b402b3c701
http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb
Size/MD5: 40958 5950f34ca1fbd16f82a42020bc934ec6
http://ports.ubuntu.com/pool/main/l/linux/fb-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb
Size/MD5: 47312 0d7d48294720bbd387710d560756ce6a
http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb
Size/MD5: 86530 9e5c38cd42496250d5fcf951c6b5d4bd
http://ports.ubuntu.com/pool/main/l/linux/floppy-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb
Size/MD5: 33272 a8890faa31cf92122bcce2991374fe7e
http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb
Size/MD5: 523810 7b2a58ca4d024926c0f8101ab49242d6
http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb
Size/MD5: 125252 f48299cd45e2ef1a74017d1c7653976e
http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb
Size/MD5: 63568 135fe854fe31d2d8bd9cd09f40a266e5
http://ports.ubuntu.com/pool/main/l/linux/irda-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb
Size/MD5: 300756 77668125ff976eaed45f3d2676a46c5f
http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb
Size/MD5: 3035296 186cc64995c4fd4404241de5399eb0fb
http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.28-18-lpia_2.6.28-18.59_lpia.deb
Size/MD5: 641460 1a4d29b73378acb8bcf88658f88dd08e
http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.28-18-lpia_2.6.28-18.59_lpia.deb
Size/MD5: 21796372 d7455e818bf972ef7eb0fe54b7bd96dc
http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.28-18.59_lpia.deb
Size/MD5: 766260 b67d9c1432185123449ed6826ed9588d
http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb
Size/MD5: 303982 80fe6dcf6d68a46047ef6ddc2c098614
http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb
Size/MD5: 157406 2cc8f76d83482452bb6073656a80b2ee
http://ports.ubuntu.com/pool/main/l/linux/mouse-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb
Size/MD5: 24442 28180da41edae2700e4c8a0e4f1c656f
http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb
Size/MD5: 260414 49a0b6bd418a0ff1d274ce8f602e2733
http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb
Size/MD5: 2027576 241ee9a564502f3d8837806d5e6480d0
http://ports.ubuntu.com/pool/main/l/linux/nic-pcmcia-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb
Size/MD5: 149398 b14f79b842c979418dec65e273836cd0
http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb
Size/MD5: 184736 a159624d12831598d35c3b00ba563182
http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb
Size/MD5: 143238 2720ae4f8cdad85066fc888e7fc3c796
http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb
Size/MD5: 34462 582363a3843fdbded2476793775ace76
http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb
Size/MD5: 5496 67c7245d730a7b241eb9947afeef7669
http://ports.ubuntu.com/pool/main/l/linux/pcmcia-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb
Size/MD5: 85646 6a31ffe0054c27df1506ae34162ab79e
http://ports.ubuntu.com/pool/main/l/linux/pcmcia-storage-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb
Size/MD5: 47402 ff41a000c4a3abbed18330e905a01b7b
http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb
Size/MD5: 8718 15aa2d8fafced6b6e3b5a24c698b4089
http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb
Size/MD5: 63106 7a967940a04c1ee6a9626258e608b54c
http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb
Size/MD5: 14720 dc899d8630769d6270526c49f99a2af8
http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb
Size/MD5: 1447832 400eeba1e83569d777954b21b6df593c
http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb
Size/MD5: 43898 16b0a1310e3f70dccfc8d0d5f971b064
http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb
Size/MD5: 155186 b22b41e37f88fe49531f5580e0f7f712
http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb
Size/MD5: 172666 df244ff125096be469b1c56a30f1e05f
http://ports.ubuntu.com/pool/main/l/linux/virtio-modules-2.6.28-18-lpia-di_2.6.28-18.59_lpia.udeb
Size/MD5: 8154 f2d765541e008431b4d3eae00f435b61
Updated packages for Ubuntu 9.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-ec2_2.6.31-304.10.dsc
Size/MD5: 2450 610bb83247876f8a8b47a0fd0d46fae8
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-ec2_2.6.31-304.10.tar.gz
Size/MD5: 87052080 62b9dcb9ad24e659db1aa085f9e5a456
http://security.ubuntu.com/ubuntu/pool/main/l/linux-fsl-imx51/linux-fsl-imx51_2.6.31-108.21.dsc
Size/MD5: 1906 a39c7ff46fb3ff74480d0e98366a486d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-fsl-imx51/linux-fsl-imx51_2.6.31-108.21.tar.gz
Size/MD5: 81902928 c9e88b4f386710c3f22979986a7e3a34
http://security.ubuntu.com/ubuntu/pool/main/l/linux-mvl-dove/linux-mvl-dove_2.6.31-211.22.dsc
Size/MD5: 1943 25176b20de251c2e58bb95e2dd9c1c7b
http://security.ubuntu.com/ubuntu/pool/main/l/linux-mvl-dove/linux-mvl-dove_2.6.31-211.22.tar.gz
Size/MD5: 82470873 4d5238d3d11105852133d3eb802a95cc
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.31-19.56.diff.gz
Size/MD5: 2811600 b2b44f12a786758d470e6a29c09d0388
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.31-19.56.dsc
Size/MD5: 3782 ae6bf5844769d00004b919a6f61d588c
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.31.orig.tar.gz
Size/MD5: 78278595 16c0355d3612806ef87addf7c9f8c9f9
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-ec2-doc_2.6.31-304.10_all.deb
Size/MD5: 3790328 e35ab5c36ee1bac625d2a57bd19e0c5c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-ec2-source-2.6.31_2.6.31-304.10_all.deb
Size/MD5: 64258256 70b947cc9e9012c9472f2c317f11ffae
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-headers-2.6.31-304_2.6.31-304.10_all.deb
Size/MD5: 9662096 ac58cebef695901ea01bc7413b79109f
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-doc_2.6.31-19.56_all.deb
Size/MD5: 3791668 3836f273873fedf9d2293ee0d11df6ce
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.31-19_2.6.31-19.56_all.deb
Size/MD5: 9531414 34d882276f33b0e37135c379a6e1c451
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-source-2.6.31_2.6.31-19.56_all.deb
Size/MD5: 62161518 9d3f3f79b9f14db8bd3dc68594eb8c8c
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-headers-2.6.31-304-ec2_2.6.31-304.10_amd64.deb
Size/MD5: 603212 951db7e930eefc5fff9017c56badfb6e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-image-2.6.31-304-ec2_2.6.31-304.10_amd64.deb
Size/MD5: 18660056 e39dda7f87b093e927c34a928b842c7a
http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb
Size/MD5: 221398 682a7dab5b571a7b2fd31f19daf724c1
http://security.ubuntu.com/ubuntu/pool/main/l/linux/char-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb
Size/MD5: 15536 55206db30b20aea4d7da38b342fc095d
http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb
Size/MD5: 52128 1cde23d38ba6908e1123951ef4bc3c69
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb
Size/MD5: 44828 94402e34a45cf232ae86f3cc08bf7f4f
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb
Size/MD5: 50072 65e128949b6f525d9028187fe1e7cc37
http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb
Size/MD5: 92518 338960088cec6b9b25ef2a96e96f3ebc
http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb
Size/MD5: 37776 452d9c073d191ec2be1cad3aceb34490
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb
Size/MD5: 537676 6bb8167794701151c613afe28a5c62c5
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb
Size/MD5: 130666 ff5cf8923b89d0fa4b5c3c4a61ef93f7
http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb
Size/MD5: 53846 ffdc544c68e862a0a3038c99ac2d73a3
http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb
Size/MD5: 310118 c2092f9a83a4f59145005f2c451d304b
http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb
Size/MD5: 4353666 3a04bb875ae70561075d05d5bb208977
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.31-19-generic_2.6.31-19.56_amd64.deb
Size/MD5: 694766 85017cb531a49ea743cb7b30341b5ffa
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.31-19-server_2.6.31-19.56_amd64.deb
Size/MD5: 694938 550a64d6d54ee5f34f1fb9eefbd4cc3e
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.31-19-generic_2.6.31-19.56_amd64.deb
Size/MD5: 28924984 3001e6d36f6bf76621997bdbeb864234
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.31-19-server_2.6.31-19.56_amd64.deb
Size/MD5: 28885946 ff6296f4c684dd9facb011fc51b0b6f0
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.31-19-virtual_2.6.31-19.56_amd64.deb
Size/MD5: 11740736 287948976d92a7cae832a34ce33a99b1
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.31-19.56_amd64.deb
Size/MD5: 743052 35cb9d5d80b77a2586d08ffb65d3212a
http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb
Size/MD5: 168272 fc4758b6b91802971538d3a3c519056d
http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb
Size/MD5: 202768 73cfe4be43d350582d171ff0e178b6b5
http://security.ubuntu.com/ubuntu/pool/main/l/linux/mouse-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb
Size/MD5: 27268 ae850a5e0ba4381a290b8f21ff88737f
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb
Size/MD5: 311688 3dab8c023e4aad0df74c5193aeaca49b
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb
Size/MD5: 2282064 f09b0e8828effab3770bfc1da159a8f2
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb
Size/MD5: 158666 6765112bf6fed248c08465e47b4dab00
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb
Size/MD5: 203112 fed91a4bc3d356a5a9bb1c6110337413
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb
Size/MD5: 161072 faec6563ccef41e925482b36619fca7c
http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb
Size/MD5: 38056 505cbeb1fdbf55eea7664a19dcedc11f
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb
Size/MD5: 5762 a3ba57f83594477b27886cb3f4bd1b0d
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb
Size/MD5: 73750 53978367ed22b3daba246878064b72c2
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb
Size/MD5: 22240 8a1036af3dacffb432813cc8422f6ae8
http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb
Size/MD5: 9548 f1e71c2129cc33f1ff139401b7b81547
http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb
Size/MD5: 39844 48e4aa79753fdb3ce1877ca1817b9fc6
http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb
Size/MD5: 23484 f1be46cb2947ebe6b6d2e5b571d71a35
http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb
Size/MD5: 1389556 2ba51ea53e5454f75c8b39f21481e45d
http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb
Size/MD5: 47382 89f1dff9282f3c667cf1b8c2bc41353c
http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb
Size/MD5: 51636 41311bd8c8459ba04789539733e6ff5c
http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb
Size/MD5: 128972 9697c034ed2bb74b5d18c5ae31fe1af0
http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64.udeb
Size/MD5: 15814 8f46e8ddd6cac16dbdbc7c89cc94bee0
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-headers-2.6.31-304-ec2_2.6.31-304.10_i386.deb
Size/MD5: 573528 fa913abed6caeb5c33eb2167f730956f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-image-2.6.31-304-ec2_2.6.31-304.10_i386.deb
Size/MD5: 17943372 803487f6122441604ec3062e7bb98228
http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb
Size/MD5: 198832 3282a330510666a582f6b8c0269d2f53
http://security.ubuntu.com/ubuntu/pool/main/l/linux/char-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb
Size/MD5: 32458 03e2d90ce28677b7956fa2a72726d02e
http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb
Size/MD5: 49938 c0d1953d9212f1569f04e8c8ba0db7ca
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb
Size/MD5: 42118 db5bcc80727cd1013bc8393df2a88e4c
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb
Size/MD5: 45954 2d497ad958e7e7fc1b57ce51ff6b3570
http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb
Size/MD5: 87386 8e3ab58cf14ac0e97a334a65ae3e42ba
http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb
Size/MD5: 33754 bdbf52c3d681cca0ecdced183d2d37c4
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb
Size/MD5: 534176 5f166aa72d31a95df7cdb60abe4a0fc2
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb
Size/MD5: 128172 821c97524ce74e0685b135140c5261d7
http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb
Size/MD5: 49748 9423b0562b984b85856d219d7b67fa27
http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb
Size/MD5: 295726 0736ef03d01a5e5e4fdf284ad2be5409
http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb
Size/MD5: 4185460 831a6068ef18d08ff697df14dead1668
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.31-19-386_2.6.31-19.56_i386.deb
Size/MD5: 674832 6c28f2a428900b7c3ecd857dd2363150
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.31-19-generic-pae_2.6.31-19.56_i386.deb
Size/MD5: 674164 daade678beff67e96da61f42286bb8d4
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.31-19-generic_2.6.31-19.56_i386.deb
Size/MD5: 674252 0786c96b6d902a71c6f1a2e5aa202345
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.31-19-386_2.6.31-19.56_i386.deb
Size/MD5: 28775482 99e9b99d437aa88ec42e838367ca0c3b
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.31-19-generic-pae_2.6.31-19.56_i386.deb
Size/MD5: 28938194 19d1d147a9e9dfb49fcd30b9d065d289
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.31-19-generic_2.6.31-19.56_i386.deb
Size/MD5: 28836780 00047de0d649be8b91c813fe7ee482b7
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.31-19-virtual_2.6.31-19.56_i386.deb
Size/MD5: 11193984 1848c77671f6d9129f990e1a0a9940d0
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.31-19.56_i386.deb
Size/MD5: 743050 af6030dae8f05d7ef583ee7d6f31be8b
http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb
Size/MD5: 172774 c11dd36baffeccf283ce48e122d7c791
http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb
Size/MD5: 186104 072e07c277b4f37611b21aad4390ccb0
http://security.ubuntu.com/ubuntu/pool/main/l/linux/mouse-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb
Size/MD5: 28372 82c8b14ef6982a48d3a8459d56ede43c
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb
Size/MD5: 292792 6c99c3b65ff7b159af94edf70358cb4a
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb
Size/MD5: 2400232 94729dcb0c5adb15ded7b3302c4005eb
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb
Size/MD5: 142004 9e43481b4e46409d8e711a628ce5e40a
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb
Size/MD5: 189566 83afe6de56cab613b4f890723a82a6b4
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb
Size/MD5: 148522 b96767af921427e880579659ba7b757a
http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb
Size/MD5: 35306 a6a1cbe7a75490632f24cad479916315
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb
Size/MD5: 6842 86b286685eabaf8b6d28d3f922249503
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb
Size/MD5: 86058 c014cfa81ab99a01793d25b995c7d75f
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb
Size/MD5: 46424 d525bcf1a39f6a21f09d52d24e6a0eb3
http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb
Size/MD5: 8916 f9efb7f192c3cc22c14df58803a64dfc
http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb
Size/MD5: 36282 1d843fa9ef5beed8582f2924d0b53bcc
http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb
Size/MD5: 21660 3ad0b4572c12885957a3b753fc3b9fe3
http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb
Size/MD5: 1495010 630f37fe420a74a22b4ca2eba4960999
http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb
Size/MD5: 44088 fddf56b0285ec3d0e6fc61e0fe8b86e2
http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb
Size/MD5: 48484 2614a20d6d57892a8789091eeeaa67b3
http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb
Size/MD5: 117810 ff004889bca11286287a59c36fa24c0e
http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.31-19-generic-di_2.6.31-19.56_i386.udeb
Size/MD5: 14526 4c9cb3d5598c843bf5b90ddf0292d3c1
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb
Size/MD5: 198810 76156647956f29c9e519aeac038c63bb
http://ports.ubuntu.com/pool/main/l/linux/char-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb
Size/MD5: 32452 9a5dd5fe15dda0be28f7afd966e89af9
http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb
Size/MD5: 49936 31c4008b50016b2a6c3a90703f2becbb
http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb
Size/MD5: 42148 931518b24b123d3749719c35b2b23759
http://ports.ubuntu.com/pool/main/l/linux/fb-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb
Size/MD5: 45950 297c686f52a35049b3b2c87a96aebf68
http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb
Size/MD5: 87366 ec3f16cc0aeeef91b8c887ff347b6b0a
http://ports.ubuntu.com/pool/main/l/linux/floppy-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb
Size/MD5: 33750 a29ddd339c071c5b948c96e30f36f650
http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb
Size/MD5: 534366 b15b19f3e6c581d22514700dbd6502d8
http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb
Size/MD5: 128202 3d0f559a80187074bb210e3dae3bbfa0
http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb
Size/MD5: 49732 41abb7e30f0bdac62c5cd064c4b0ac3e
http://ports.ubuntu.com/pool/main/l/linux/irda-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb
Size/MD5: 295732 12e912ce1f15d580960e7956de0c4ae0
http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb
Size/MD5: 4186814 7c18e86a3f5a5a985488ad67718887f9
http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.31-19-lpia_2.6.31-19.56_lpia.deb
Size/MD5: 674880 5dd2779cd5be613c330b7dc35410f271
http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.31-19-lpia_2.6.31-19.56_lpia.deb
Size/MD5: 28831528 8eaab1870eda62e8ee231e429c361455
http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.31-19.56_lpia.deb
Size/MD5: 742994 99d2d0609d9032e2810e19c92fc92834
http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb
Size/MD5: 172836 8b15eb5579853f45dc49055351df4225
http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb
Size/MD5: 186092 0eb0ceb5c23748d829f3e1d7977a35be
http://ports.ubuntu.com/pool/main/l/linux/mouse-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb
Size/MD5: 28366 0301ac544cf27b3dce660787d7575804
http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb
Size/MD5: 292736 16e84844c99e73b4e00419c38d78db3d
http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb
Size/MD5: 2400366 43dda8f1a10775e382e7a328381265db
http://ports.ubuntu.com/pool/main/l/linux/nic-pcmcia-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb
Size/MD5: 141998 930123e6b57798468d7085ae9f549150
http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb
Size/MD5: 189564 8d6e18aedb4b970a3643207b96589863
http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb
Size/MD5: 148506 78efdbf1323c68be564ad06205842cb6
http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb
Size/MD5: 35300 054cf95e7af87d6f744b69eb8166f275
http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb
Size/MD5: 6828 5dbf32d40e88f471614e5cf286670e8f
http://ports.ubuntu.com/pool/main/l/linux/pcmcia-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb
Size/MD5: 86054 f24e7eaa3608985960e54a9048a24fb6
http://ports.ubuntu.com/pool/main/l/linux/pcmcia-storage-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb
Size/MD5: 46410 80945eba79f53965effd546d23a8560b
http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb
Size/MD5: 8906 e1c6021a615a4363dde2cf4a893fa53b
http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb
Size/MD5: 36270 eb2848e19ec2351b9102bc640e546991
http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb
Size/MD5: 21660 cfb271e26dfd127871f5d27547e0a7ba
http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb
Size/MD5: 1494736 44113d529e3f4d3828f8719facd86370
http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb
Size/MD5: 44068 98817942a8188bd9281def20a1d327bb
http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb
Size/MD5: 48474 ebc9e58b5f98182006d6e3bb9c5ce179
http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb
Size/MD5: 117786 9b864dfc32d19a8cf2d61a68894835e9
http://ports.ubuntu.com/pool/main/l/linux/virtio-modules-2.6.31-19-lpia-di_2.6.31-19.56_lpia.udeb
Size/MD5: 14524 9ad51e3871197eb84b193bd9a3b29ec2
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 321488 509ad8549565d0d87fe246df5b26c7af
http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 263628 b7028cc16ec749cc2fdd86e985c7bc6a
http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 58850 3e2f18df29a75debc326e5919c9c13da
http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 67040 8fdde64943d01e5c6a372424d3d24a03
http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 45914 6a21bb6fc6dce2767be6f974ffdab524
http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 51296 4c928d4f04bf96f5cdc5ccf7d3a60c81
http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 90684 eac2ea55da023924723593afffbb5d2c
http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 105146 c407a156a5e56f284fa682d87d2ed50e
http://ports.ubuntu.com/pool/main/l/linux/floppy-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 39492 38f377d5a0bdbbbb642545aa6d7f641c
http://ports.ubuntu.com/pool/main/l/linux/floppy-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 39270 47f890e2a1418595d92858350aa16475
http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 580998 825045ff82a442eaf1a21a5448b0cefb
http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 626388 b56b5416b642ba57471e6e125b99a32f
http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 149292 930001a305b0f78060f3472fe46cde00
http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 147332 ef6994c30f19462a7fc0cb7cd8f4dacc
http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 79750 75c6da2308e05334f89f62917aee5b3d
http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 84136 caf2a7e924b03340e579e9bdc0a7ba50
http://ports.ubuntu.com/pool/main/l/linux/irda-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 402954 9fc3d4860f5c32aff3ac252379938fef
http://ports.ubuntu.com/pool/main/l/linux/irda-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 342516 5737df8ea2adfc45ecae9d322931187a
http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 3813204 3ac91a51b3525bfbb0f6166fc140d7db
http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 5193132 54dce7348221bcc93bbc01512d553a16
http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.31-19-powerpc-smp_2.6.31-19.56_powerpc.deb
Size/MD5: 784762 523b94315bff20137df79c5308abd5b7
http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.31-19-powerpc64-smp_2.6.31-19.56_powerpc.deb
Size/MD5: 801042 2a8e55b23ad4dc09ee3cbb2fdc23cc28
http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.31-19-powerpc_2.6.31-19.56_powerpc.deb
Size/MD5: 783708 185ba99656f4fa37874e0241e9f25dbb
http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.31-19-powerpc-smp_2.6.31-19.56_powerpc.deb
Size/MD5: 24820746 adc5365726ba88565ad89953707bd012
http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.31-19-powerpc64-smp_2.6.31-19.56_powerpc.deb
Size/MD5: 25829918 fc82da730c6d730c5a4ac87d30594749
http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.31-19-powerpc_2.6.31-19.56_powerpc.deb
Size/MD5: 24656226 7791f88107e97c5419f0e2d2f850c38e
http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.31-19.56_powerpc.deb
Size/MD5: 728146 1dabe36864839475aab9293825cfc3e4
http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 271924 8fb200d91f158f9b0eb209df5a5ffcd4
http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 294610 317f7d34e3cd0ac823fcc5d48bcc9a7f
http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 210546 041508a9555e18e2b8b4cab41b26f397
http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 216984 845e2e452ef869aa3b39ea47bfa0280b
http://ports.ubuntu.com/pool/main/l/linux/mouse-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 25798 19a7cae7e4f693c269f54dc0f2762f33
http://ports.ubuntu.com/pool/main/l/linux/mouse-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 28984 419926b33e2b573f8d3ccaa5ade657f1
http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 314922 83dcb63807ffb50682219b20333c23bc
http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 357524 a32753bfca44b1afb9b11f72b25ebb9e
http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 2027754 9b45ff8446ec0bad5befec2dc3ecdb72
http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 2247744 35d212f7569bb03564a7f0294879557f
http://ports.ubuntu.com/pool/main/l/linux/nic-pcmcia-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 213544 3fb9afb7247290ffb3508744ab6cbb9f
http://ports.ubuntu.com/pool/main/l/linux/nic-pcmcia-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 209776 e42b20eb402cb2a55fea2a80f5cef162
http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 210242 78939115c860efacb83481c0687f1a7a
http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 244856 8fcff5fb05c0921681ec2bb44637c624
http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 111834 a6b65e618a3240d51f36f37911d1d7cc
http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 131610 dc5625deacbac446e71517f5902376b1
http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 49028 ac60e4bf193e7725de6d8999c6231915
http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 44082 531b2cbe15ec2f62fe61bd7002b1df02
http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 5852 f049a9332d469b247e451868b4f22cce
http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 6504 32fb4de3cd714598281c2d4d5d2ee6d6
http://ports.ubuntu.com/pool/main/l/linux/pcmcia-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 79118 e98cffbfe6f6cbffcfa6dce199dc6c46
http://ports.ubuntu.com/pool/main/l/linux/pcmcia-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 85190 e648dc2d3e124d68c47d4ec18836097f
http://ports.ubuntu.com/pool/main/l/linux/pcmcia-storage-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 74318 19b737ad1f43e7be1c6cc7e211085424
http://ports.ubuntu.com/pool/main/l/linux/pcmcia-storage-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 27228 0b5b4529d140289e616bded832055cbc
http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 8538 9010c080bd63660bf529930565d49f62
http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 9818 e909c37d26354ddbdceddc72628d71b3
http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 58830 ae6573a0664b5486360156dd6711776c
http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 70140 83085dfd5f4bb24ab67dd967e6b609cc
http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 23714 86a598e1b13e4d6963475732e7a1097a
http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 30804 b382bc0bfffd61156d0f8b3dc90bd307
http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 1556894 ea2800c85a0115ad2e524a8b4ab4cb91
http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 1509110 e42499f8bdbad020301a11617f6b65a8
http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 81698 095ff78875bae0b90edd07ac3b51993d
http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 88530 1a36ce88a0c6f7b495c869da15bf9d69
http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 64400 8ff9a2aef998409440c1139f3db8c7ee
http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 76990 392faa17f8c688e3856d91fb657eba09
http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.31-19-powerpc-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 141540 636e6d1827591a3aa46b82d7dc0b8ab6
http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.31-19-powerpc64-smp-di_2.6.31-19.56_powerpc.udeb
Size/MD5: 151356 0f39f4d13770ceab049be6fb9c83fc16
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb
Size/MD5: 139430 14f825a3334b18614059312527002767
http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb
Size/MD5: 70106 6dde178febff58a546142209374e1616
http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb
Size/MD5: 46510 64b0be995ce3d697a84cd3b0665ffe68
http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb
Size/MD5: 93974 28048300aba15f2a3937723bc0afc5cd
http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb
Size/MD5: 588788 c17e7feb3442296b7ed93c92cb988625
http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb
Size/MD5: 148426 6f429deb9df760daf28c04ad93ea6758
http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb
Size/MD5: 75862 6f382de52d9e1b52611c70a703895e5d
http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb
Size/MD5: 2892370 ec9440bb8ee05a7ac071992c5711139f
http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.31-19-sparc64-smp_2.6.31-19.56_sparc.deb
Size/MD5: 601506 1b56c59b3df953a640760b876d752465
http://ports.ubuntu.com/pool/main/l/linux/linux-headers-2.6.31-19-sparc64_2.6.31-19.56_sparc.deb
Size/MD5: 600680 166e5056f971d5fa031230c1af67d028
http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.31-19-sparc64-smp_2.6.31-19.56_sparc.deb
Size/MD5: 20496992 6ebab55c96d6be71ffb8c3a493d31a74
http://ports.ubuntu.com/pool/main/l/linux/linux-image-2.6.31-19-sparc64_2.6.31-19.56_sparc.deb
Size/MD5: 20193918 98b3c6e44f8e302cca36530b434e9525
http://ports.ubuntu.com/pool/main/l/linux/linux-libc-dev_2.6.31-19.56_sparc.deb
Size/MD5: 740254 b1a453339b4d68717a445f07b87b53a4
http://ports.ubuntu.com/pool/main/l/linux/md-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb
Size/MD5: 266068 1b8caecb838a9dd9b9c765f6603197a3
http://ports.ubuntu.com/pool/main/l/linux/message-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb
Size/MD5: 209168 e0e78f6a435e0ca46d5680e08d6e8db0
http://ports.ubuntu.com/pool/main/l/linux/mouse-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb
Size/MD5: 26268 f730be03c2b96e53e779a5d3df4cde93
http://ports.ubuntu.com/pool/main/l/linux/nfs-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb
Size/MD5: 314080 b673ee07d0c907d6ba00a561b915868d
http://ports.ubuntu.com/pool/main/l/linux/nic-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb
Size/MD5: 1675490 8642bd711b6643bd26ddc80674cef9e4
http://ports.ubuntu.com/pool/main/l/linux/nic-shared-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb
Size/MD5: 222882 136f6b9e24a16823f7309438fd0bd60a
http://ports.ubuntu.com/pool/main/l/linux/nic-usb-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb
Size/MD5: 121954 75090ea655204cc898db4634fc8aa021
http://ports.ubuntu.com/pool/main/l/linux/parport-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb
Size/MD5: 38798 a11bcf765626194255c1d5a7d0106c2a
http://ports.ubuntu.com/pool/main/l/linux/pata-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb
Size/MD5: 100798 af5903bc65fd381528f733fb1ba4100f
http://ports.ubuntu.com/pool/main/l/linux/plip-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb
Size/MD5: 8932 ebcb23a73a538276e41fcff9b7bb1d15
http://ports.ubuntu.com/pool/main/l/linux/ppp-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb
Size/MD5: 62926 7eba529ee44c2e107b693605dcbf1247
http://ports.ubuntu.com/pool/main/l/linux/sata-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb
Size/MD5: 120960 8f63ad112de0797974650631dee53d13
http://ports.ubuntu.com/pool/main/l/linux/scsi-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb
Size/MD5: 1217912 87a2a4f21ee86e0f36bc5298a226513b
http://ports.ubuntu.com/pool/main/l/linux/serial-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb
Size/MD5: 101576 057a15ca3fa891e47216adcf5ae071f7
http://ports.ubuntu.com/pool/main/l/linux/storage-core-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb
Size/MD5: 200148 f90834ae24c0f516ef83fa5aa66bafbb
http://ports.ubuntu.com/pool/main/l/linux/usb-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb
Size/MD5: 184674 d704744a26941df63b9195288306fa7b
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------
VMware Security Advisory
Advisory ID: VMSA-2010-0009
Synopsis: ESXi ntp and ESX Service Console third party updates
Issue date: 2010-05-27
Updated on: 2010-05-27 (initial release of advisory)
CVE numbers: CVE-2009-2695 CVE-2009-2908 CVE-2009-3228
CVE-2009-3286 CVE-2009-3547 CVE-2009-3613
CVE-2009-3612 CVE-2009-3620 CVE-2009-3621
CVE-2009-3726 CVE-2007-4567 CVE-2009-4536
CVE-2009-4537 CVE-2009-4538 CVE-2006-6304
CVE-2009-2910 CVE-2009-3080 CVE-2009-3556
CVE-2009-3889 CVE-2009-3939 CVE-2009-4020
CVE-2009-4021 CVE-2009-4138 CVE-2009-4141
CVE-2009-4272 CVE-2009-3563 CVE-2009-4355
CVE-2009-2409 CVE-2009-0590 CVE-2009-1377
CVE-2009-1378 CVE-2009-1379 CVE-2009-1386
CVE-2009-1387 CVE-2009-4212 CVE-2009-1384
CVE-2010-0097 CVE-2010-0290 CVE-2009-3736
CVE-2010-0001 CVE-2010-0426 CVE-2010-0427
CVE-2010-0382
- ------------------------------------------------------------------------
1. Summary
ESXi update for ntp and ESX Console OS (COS) updates for COS
kernel, openssl, krb5, gcc, bind, gzip, sudo.
2. Relevant releases
VMware ESX 4.0.0 without patches ESX400-201005401-SG,
ESX400-201005406-SG, ESX400-201005408-SG, ESX400-201005407-SG,
ESX400-201005405-SG, ESX400-201005409-SG
3. Problem Description
a. Service Console update for COS kernel
Updated COS package "kernel" addresses the security issues that are
fixed through versions 2.6.18-164.11.1.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2009-2695, CVE-2009-2908, CVE-2009-3228,
CVE-2009-3286, CVE-2009-3547, CVE-2009-3613 to the security issues
fixed in kernel 2.6.18-164.6.1
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2009-3612, CVE-2009-3620, CVE-2009-3621,
CVE-2009-3726 to the security issues fixed in kernel 2.6.18-164.9.1.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2007-4567, CVE-2009-4536, CVE-2009-4537,
CVE-2009-4538 to the security issues fixed in kernel 2.6.18-164.10.1
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2006-6304, CVE-2009-2910, CVE-2009-3080,
CVE-2009-3556, CVE-2009-3889, CVE-2009-3939, CVE-2009-4020,
CVE-2009-4021, CVE-2009-4138, CVE-2009-4141, and CVE-2009-4272 to
the security issues fixed in kernel 2.6.18-164.11.1.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.0 ESX ESX400-201005401-SG
ESX 3.5 ESX not applicable
ESX 3.0.3 ESX not applicable
ESX 2.5.5 ESX not applicable
vMA 4.0 RHEL5 affected, patch pending
* hosted products are VMware Workstation, Player, ACE, Server, Fusion.
b. ESXi userworld update for ntp
The Network Time Protocol (NTP) is used to synchronize the time of
a computer client or server to another server or reference time
source.
A vulnerability in ntpd could allow a remote attacker to cause a
denial of service (CPU and bandwidth consumption) by using
MODE_PRIVATE to send a spoofed (1) request or (2) response packet
that triggers a continuous exchange of MODE_PRIVATE error responses
between two NTP daemons.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-3563 to this issue.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
hosted * any any not affected
ESXi 4.0 ESXi ESXi400-201005401-SG
ESXi 3.5 ESXi affected, patch pending
ESX any ESX not applicable
vMA any RHEL5 not applicable
* hosted products are VMware Workstation, Player, ACE, Server, Fusion.
c. Service Console package openssl updated to 0.9.8e-12.el5_4.1
OpenSSL is a toolkit implementing SSL v2/v3 and TLS protocols with
full-strength cryptography world-wide.
A memory leak in the zlib could allow a remote attacker to cause a
denial of service (memory consumption) via vectors that trigger
incorrect calls to the CRYPTO_cleanup_all_ex_data function.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-4355 to this issue.
A vulnerability was discovered which may allow remote attackers to
spoof certificates by using MD2 design flaws to generate a hash
collision in less than brute-force time. NOTE: the scope of this
issue is currently limited because the amount of computation
required is still large.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-2409 to this issue.
This update also includes security fixes that were first addressed
in version openssl-0.9.8e-12.el5.i386.rpm.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the names CVE-2009-0590, CVE-2009-1377, CVE-2009-1378,
CVE-2009-1379, CVE-2009-1386 and CVE-2009-1387 to these issues.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.0 ESX ESX400-201005401-SG
ESX 3.5 ESX not applicable
ESX 3.0.3 ESX not applicable
ESX 2.5.5 ESX not applicable
vMA 4.0 RHEL5 affected, patch pending**
* hosted products are VMware Workstation, Player, ACE, Server, Fusion.
** see VMSA-2010-0004
d. Service Console update for krb5 to 1.6.1-36.el5_4.1 and pam_krb5 to
2.2.14-15.
Kerberos is a network authentication protocol. It is designed to
provide strong authentication for client/server applications by
using secret-key cryptography.
Multiple integer underflows in the AES and RC4 functionality in the
crypto library could allow remote attackers to cause a denial of
service (daemon crash) or possibly execute arbitrary code by
providing ciphertext with a length that is too short to be valid.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-4212 to this issue.
The service console package for pam_krb5 is updated to version
pam_krb5-2.2.14-15. This update fixes a flaw found in pam_krb5. In
some non-default configurations (specifically, where pam_krb5 would
be the first module to prompt for a password), a remote attacker
could use this flaw to recognize valid usernames, which would aid a
dictionary-based password guess attack.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-1384 to this issue.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.0 ESX ESX400-201005406-SG
ESX 3.5 ESX affected, patch pending
ESX 3.0.3 ESX affected, patch pending
ESX 2.5.5 ESX affected, patch pending
vMA 4.0 RHEL5 affected, patch pending
* hosted products are VMware Workstation, Player, ACE, Server, Fusion.
e. Service Console package bind updated to 9.3.6-4.P1.el5_4.2
BIND (Berkeley Internet Name Daemon) is by far the most widely used
Domain Name System (DNS) software on the Internet.
A vulnerability was discovered which could allow remote attacker to
add the Authenticated Data (AD) flag to a forged NXDOMAIN response
for an existing domain.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-0097 to this issue.
A vulnerability was discovered which could allow remote attackers
to conduct DNS cache poisoning attacks by receiving a recursive
client query and sending a response that contains CNAME or DNAME
records, which do not have the intended validation before caching.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-0290 to this issue.
A vulnerability was found in the way that bind handles out-of-
bailiwick data accompanying a secure response without re-fetching
from the original source, which could allow remote attackers to
have an unspecified impact via a crafted response.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-0382 to this issue.
NOTE: ESX does not use the BIND name service daemon by default.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.0 ESX ESX400-201005408-SG
ESX 3.5 ESX not applicable
ESX 3.0.3 ESX not applicable
ESX 2.5.5 ESX not applicable
vMA 4.0 RHEL5 affected, patch pending
* hosted products are VMware Workstation, Player, ACE, Server, Fusion.
f. Service Console package gcc updated to 3.2.3-60
The GNU Compiler Collection includes front ends for C, C++,
Objective-C, Fortran, Java, and Ada, as well as libraries for these
languages
GNU Libtool's ltdl.c attempts to open .la library files in the
current working directory. This could allow a local user to gain
privileges via a Trojan horse file. The GNU C Compiler collection
(gcc) provided in ESX contains a statically linked version of the
vulnerable code, and is being replaced.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-3736 to this issue.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not applicable
ESX 4.0 ESX ESX400-201005407-SG
ESX 3.5 ESX affected, patch pending
ESX 3.0.3 ESX affected, patch pending
ESX 2.5.5 ESX affected, patch pending
vMA 4.0 RHEL5 affected, patch pending
* hosted products are VMware Workstation, Player, ACE, Server, Fusion.
g. Service Console package gzip update to 1.3.3-15.rhel3
gzip is a software application used for file compression
An integer underflow in gzip's unlzw function on 64-bit platforms
may allow a remote attacker to trigger an array index error
leading to a denial of service (application crash) or possibly
execute arbitrary code via a crafted LZW compressed file.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-0001 to this issue.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.0 ESX ESX400-201005405-SG
ESX 3.5 ESX affected, patch pending
ESX 3.0.3 ESX affected, patch pending
ESX 2.5.5 ESX affected, patch pending
vMA 4.0 RHEL5 affected, patch pending
* hosted products are VMware Workstation, Player, ACE, Server, Fusion.
h. Service Console package sudo updated to 1.6.9p17-6.el5_4
Sudo (su "do") allows a system administrator to delegate authority
to give certain users (or groups of users) the ability to run some
(or all) commands as root or another user while providing an audit
trail of the commands and their arguments.
When a pseudo-command is enabled, sudo permits a match between the
name of the pseudo-command and the name of an executable file in an
arbitrary directory, which allows local users to gain privileges
via a crafted executable file.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-0426 to this issue.
When the runas_default option is used, sudo does not properly set
group memberships, which allows local users to gain privileges via
a sudo command.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-0427 to this issue.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.0 ESX ESX400-201005409-SG
ESX 3.5 ESX not applicable
ESX 3.0.3 ESX not applicable
ESX 2.5.5 ESX not applicable
vMA 4.0 RHEL5 affected, patch pending
* hosted products are VMware Workstation, Player, ACE, Server, Fusion.
4. Solution
Please review the patch/release notes for your product and version
and verify the md5sum of your downloaded file.
ESX 4.0
-------
http://bit.ly/aqTCqn
md5sum: ace37cd8d7c6388edcea2798ba8be939
sha1sum: 8fe7312fe74a435e824d879d4f1ff33df25cee78
http://kb.vmware.com/kb/1013127
Note ESX400-201005001 contains the following security bulletins
ESX400-201005404-SG (ntp), ESX400-201005405-SG (gzip),
ESX400-201005408-SG (bind), ESX400-201005401-SG (kernel, openssl),
ESX400-201005406-SG (krb5, pam_krb5), ESX400-201005402-SG (JRE),
ESX400-201005403-SG (expat), ESX400-201005409-SG (sudo),
ESX400-201005407-SG (gcc).
5. References
CVE numbers
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2695
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2908
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3228
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3286
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3547
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3613
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3612
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3620
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3621
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3726
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4567
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4536
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4537
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4538
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6304
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2910
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3080
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3556
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3889
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3939
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4020
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4021
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4138
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4141
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4272
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4355
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2409
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1377
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1379
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1386
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1387
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4212
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1384
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0290
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0001
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0426
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0427
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0382
- ------------------------------------------------------------------------
6. Change log
2010-05-27 VMSA-2010-0009
Initial security advisory after release of patch 06 bulletins for ESX
4.0 on 2010-05-27
- -----------------------------------------------------------------------
7. Contact
E-mail list for product security notifications and announcements:
http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
* security-announce at lists.vmware.com
* bugtraq at securityfocus.com
* full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com
PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center
http://www.vmware.com/security
VMware security response policy
http://www.vmware.com/support/policies/security_response.html
General support life cycle policy
http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy
http://www.vmware.com/support/policies/eos_vi.html
Copyright 2010 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
iEYEARECAAYFAkv/V8IACgkQS2KysvBH1xnqNgCcCwwelsQK6DQjcTc2wnIPp0EW
E70An2gfkiCQ5FNqvf3y+kNredxyVZwI
=JW3s
-----END PGP SIGNATURE-----
. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability
intelligence source on the market.
Implement it through Secunia.
For more information visit:
http://secunia.com/advisories/business_solutions/
Alternatively request a call from a Secunia representative today to
discuss how we can help you with our capabilities contact us at:
sales@secunia.com
----------------------------------------------------------------------
TITLE:
Linux Kernel e1000 Driver Denial of Service Vulnerability
SECUNIA ADVISORY ID:
SA35265
VERIFY ADVISORY:
http://secunia.com/advisories/35265/
DESCRIPTION:
A vulnerability has been reported in the Linux Kernel, which can be
exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error in the
"e1000_clean_rx_irq()" function in drivers/net/e1000/e1000_main.c.
This can be exploited to cause a kernel panic via specially crafted
network packets sent to an affected system.
SOLUTION:
Fixed in the GIT repository.
http://git.kernel.org/linus/ea30e11970a96cfe5e32c03a29332554573b4a10
PROVIDED AND/OR DISCOVERED BY:
Neil Horman
ORIGINAL ADVISORY:
http://git.kernel.org/linus/ea30e11970a96cfe5e32c03a29332554573b4a10
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
.
However, given the high frequency at which low-severity security
issues are discovered in the kernel and the resource requirements of
doing an update, updates for lower priority issues will normally not
be released for all kernels at the same time. Rather, they will be
released in a staggered or "leap-frog" fashion.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
|
|
var-201511-0294
|
The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c. Linux Kernel is prone to a denial-of-service vulnerability.
An attacker with a guest account can exploit this issue to cause an infinite loop in the host, denying service to legitimate users. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update
Advisory ID: RHSA-2015:2645-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-2645.html
Issue date: 2015-12-15
CVE Names: CVE-2015-5307 CVE-2015-8104
=====================================================================
1. Summary:
Updated kernel packages that fix two security issues and two bugs are now
available for Red Hat Enterprise Linux 6.5 Advanced Update Support.
Red Hat Product Security has rated this update as having Important security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Server AUS (v. 6.5) - i386, noarch, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional AUS (v. 6.5) - i386, ppc64, s390x, x86_64
3.
* It was found that the x86 ISA (Instruction Set Architecture) is prone to
a denial of service attack inside a virtualized environment in the form of
an infinite loop in the microcode due to the way (sequential) delivering of
benign exceptions such as #AC (alignment check exception) and #DB (debug
exception) is handled. A privileged user inside a guest could use these
flaws to create denial of service conditions on the host kernel.
(CVE-2015-5307, CVE-2015-8104, Important)
Red Hat would like to thank Ben Serebrin of Google Inc. for reporting the
CVE-2015-5307 issue.
This update also fixes the following bugs:
* With an IPv6 address on a bond and a slave failover, Unsolicited Neighbor
Advertisement (UNA) was previously sent using the link global IPv6 address
as source address. The underlying source code has been patched, and, after
the failover in bonding, UNA is sent using both the corresponding link IPv6
address and global IPv6 address of bond0 and bond0.vlan. (BZ#1258479)
* Previously, Human Interface Device (HID) would run a report on an
unaligned buffer, which could cause a page fault interrupt and an oops when
the end of the report was read. This update fixes this bug by padding the
end of the report with extra bytes, so the reading of the report never
crosses a page boundary. As a result, a page fault and subsequent oops no
longer occur. (BZ#1268201)
All kernel users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. The system must be
rebooted for this update to take effect.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1277172 - CVE-2015-5307 virt: guest to host DoS by triggering an infinite loop in microcode via #AC exception
1278496 - CVE-2015-8104 virt: guest to host DoS by triggering an infinite loop in microcode via #DB exception
6. Package List:
Red Hat Enterprise Linux Server AUS (v. 6.5):
Source:
kernel-2.6.32-431.68.1.el6.src.rpm
i386:
kernel-2.6.32-431.68.1.el6.i686.rpm
kernel-debug-2.6.32-431.68.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-431.68.1.el6.i686.rpm
kernel-debug-devel-2.6.32-431.68.1.el6.i686.rpm
kernel-debuginfo-2.6.32-431.68.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-431.68.1.el6.i686.rpm
kernel-devel-2.6.32-431.68.1.el6.i686.rpm
kernel-headers-2.6.32-431.68.1.el6.i686.rpm
perf-2.6.32-431.68.1.el6.i686.rpm
perf-debuginfo-2.6.32-431.68.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-431.68.1.el6.i686.rpm
noarch:
kernel-abi-whitelists-2.6.32-431.68.1.el6.noarch.rpm
kernel-doc-2.6.32-431.68.1.el6.noarch.rpm
kernel-firmware-2.6.32-431.68.1.el6.noarch.rpm
ppc64:
kernel-2.6.32-431.68.1.el6.ppc64.rpm
kernel-bootwrapper-2.6.32-431.68.1.el6.ppc64.rpm
kernel-debug-2.6.32-431.68.1.el6.ppc64.rpm
kernel-debug-debuginfo-2.6.32-431.68.1.el6.ppc64.rpm
kernel-debug-devel-2.6.32-431.68.1.el6.ppc64.rpm
kernel-debuginfo-2.6.32-431.68.1.el6.ppc64.rpm
kernel-debuginfo-common-ppc64-2.6.32-431.68.1.el6.ppc64.rpm
kernel-devel-2.6.32-431.68.1.el6.ppc64.rpm
kernel-headers-2.6.32-431.68.1.el6.ppc64.rpm
perf-2.6.32-431.68.1.el6.ppc64.rpm
perf-debuginfo-2.6.32-431.68.1.el6.ppc64.rpm
python-perf-debuginfo-2.6.32-431.68.1.el6.ppc64.rpm
s390x:
kernel-2.6.32-431.68.1.el6.s390x.rpm
kernel-debug-2.6.32-431.68.1.el6.s390x.rpm
kernel-debug-debuginfo-2.6.32-431.68.1.el6.s390x.rpm
kernel-debug-devel-2.6.32-431.68.1.el6.s390x.rpm
kernel-debuginfo-2.6.32-431.68.1.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-431.68.1.el6.s390x.rpm
kernel-devel-2.6.32-431.68.1.el6.s390x.rpm
kernel-headers-2.6.32-431.68.1.el6.s390x.rpm
kernel-kdump-2.6.32-431.68.1.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-431.68.1.el6.s390x.rpm
kernel-kdump-devel-2.6.32-431.68.1.el6.s390x.rpm
perf-2.6.32-431.68.1.el6.s390x.rpm
perf-debuginfo-2.6.32-431.68.1.el6.s390x.rpm
python-perf-debuginfo-2.6.32-431.68.1.el6.s390x.rpm
x86_64:
kernel-2.6.32-431.68.1.el6.x86_64.rpm
kernel-debug-2.6.32-431.68.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-431.68.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-431.68.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-431.68.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-431.68.1.el6.x86_64.rpm
kernel-devel-2.6.32-431.68.1.el6.x86_64.rpm
kernel-headers-2.6.32-431.68.1.el6.x86_64.rpm
perf-2.6.32-431.68.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-431.68.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-431.68.1.el6.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 6.5):
Source:
kernel-2.6.32-431.68.1.el6.src.rpm
i386:
kernel-debug-debuginfo-2.6.32-431.68.1.el6.i686.rpm
kernel-debuginfo-2.6.32-431.68.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-431.68.1.el6.i686.rpm
perf-debuginfo-2.6.32-431.68.1.el6.i686.rpm
python-perf-2.6.32-431.68.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-431.68.1.el6.i686.rpm
ppc64:
kernel-debug-debuginfo-2.6.32-431.68.1.el6.ppc64.rpm
kernel-debuginfo-2.6.32-431.68.1.el6.ppc64.rpm
kernel-debuginfo-common-ppc64-2.6.32-431.68.1.el6.ppc64.rpm
perf-debuginfo-2.6.32-431.68.1.el6.ppc64.rpm
python-perf-2.6.32-431.68.1.el6.ppc64.rpm
python-perf-debuginfo-2.6.32-431.68.1.el6.ppc64.rpm
s390x:
kernel-debug-debuginfo-2.6.32-431.68.1.el6.s390x.rpm
kernel-debuginfo-2.6.32-431.68.1.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-431.68.1.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-431.68.1.el6.s390x.rpm
perf-debuginfo-2.6.32-431.68.1.el6.s390x.rpm
python-perf-2.6.32-431.68.1.el6.s390x.rpm
python-perf-debuginfo-2.6.32-431.68.1.el6.s390x.rpm
x86_64:
kernel-debug-debuginfo-2.6.32-431.68.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-431.68.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-431.68.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-431.68.1.el6.x86_64.rpm
python-perf-2.6.32-431.68.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-431.68.1.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2015-5307
https://access.redhat.com/security/cve/CVE-2015-8104
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFWcCyJXlSAg2UNWIIRAmIdAJ9quuPognODrZJec1XUfcL51k2iNACfSymc
j9R25iIkd57WRGmU8zdVM1o=
=9bG9
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. 6.2) - x86_64
3. Content-Disposition: inline
==========================================================================Ubuntu Security Notice USN-2804-1
November 10, 2015
linux-lts-trusty vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
Summary:
The system could be made to crash under certain conditions.
Software Description:
- linux-lts-trusty: Linux hardware enablement kernel from Trusty
Details:
Ben Serebrin discovered that the KVM hypervisor implementation in the Linux
kernel did not properly catch Alignment Check exceptions.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 LTS:
linux-image-3.13.0-68-generic 3.13.0-68.111~precise1
linux-image-3.13.0-68-generic-lpae 3.13.0-68.111~precise1
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well |
|
var-201808-0958
|
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis. These attacks are known as L1 Terminal Fault: SGX, L1 Terminal Fault: OS/SMM, and L1 Terminal Fault: VMM. Intel Core i3 processor, etc. are all CPU (central processing unit) products of Intel Corporation of the United States. Security vulnerabilities exist in several Intel products that use speculative execution and address translation. The following products are affected: Intel Core i3 processor; Intel Core i5 processor; Intel Core i7 processor; Intel Core M processor family; 2nd generation Intel Core processors; 3rd generation Intel Core processors; 4th generation Intel Core processors; 5th generation Intel Core processors, etc. (CVE-2018-5390)
Juha-Matti Tilli discovered that the IP implementation in the Linux kernel
performed algorithmically expensive operations in some situations when
handling incoming packet fragments. (CVE-2018-5391)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS:
linux-image-3.13.0-155-generic 3.13.0-155.205
linux-image-3.13.0-155-generic-lpae 3.13.0-155.205
linux-image-3.13.0-155-lowlatency 3.13.0-155.205
linux-image-3.13.0-155-powerpc-e500 3.13.0-155.205
linux-image-3.13.0-155-powerpc-e500mc 3.13.0-155.205
linux-image-3.13.0-155-powerpc-smp 3.13.0-155.205
linux-image-3.13.0-155-powerpc64-emb 3.13.0-155.205
linux-image-3.13.0-155-powerpc64-smp 3.13.0-155.205
linux-image-generic 3.13.0.155.165
linux-image-generic-lpae 3.13.0.155.165
linux-image-lowlatency 3.13.0.155.165
linux-image-powerpc-e500 3.13.0.155.165
linux-image-powerpc-e500mc 3.13.0.155.165
linux-image-powerpc-smp 3.13.0.155.165
linux-image-powerpc64-emb 3.13.0.155.165
linux-image-powerpc64-smp 3.13.0.155.165
Please note that the recommended mitigation for CVE-2018-3646 involves
updating processor microcode in addition to updating the kernel;
however, the kernel includes a fallback for processors that have not
received microcode updates.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well. The microcode updates
mentioned there are not yet available in a form distributable by Debian.
For the stable distribution (stretch), these problems have been fixed in
version 4.8.4+xsa273+shim4.10.1+xsa273-1+deb9u10.
We recommend that you upgrade your xen packages.
For the detailed security status of xen please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/xen
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlt14mwACgkQEMKTtsN8
Tjb2LhAAokwmlGxyJPC3EGG9aOLKNv23G9OzLLNRm+cy150WAMgBio+bR2CAgkfX
qu/ftFPLeKfIRbo9nLBFHQLMKlmDdFzLeicXe7GtnKcAMkt0Wp+rYIj66TMkjrMg
2kJI68ECc5Rqj3fMZ+dgkxSHzhylUGG70mEIBf2D22Y72kkIfc3EzBuu2wxaaOTP
t7Q7JkYDv9WV/6gw8Ok2vIrQcq95jtZgDSL1ZHHg6VTukHnXP2SU1rMfRCguTCtc
5JYAgWJ1GWFWt3d6FQnk7SWwJf3pHEVNg0lGpRJdu4qperQ3EhQNeJlGq8adm/Zf
QQUT9T6vsU5cefgelIRSLxFZ9bDobxXXNaox3FqB4tslkJLhTRluCvilJpWuNpH5
7S6xti5neGuHORfIkcS1PmOEx2gDkKWTgotiBx04yU3q+/zr0Ob+K2jxZXe4z2uU
sqEq8pdjCnkE03cljPbfPeutyucS3xDFpFVoXlRqgRNMdZ7jzVSP6qayt3iQIa/E
djVQ2ptHxux5Zapg5Ngr2ASBdyIw+2GLVUKQCeqM+EjMXjRBaJv8DPxWwO4nkC4d
eliy9RxErtQpgHIZKHVmTjoRlh/OH4KAdHZT2Y+Gfv1DVA6TL5cPiQ9e0ZunNNaK
vtXyOzjNPVPZa+2MEq9FTFIkDsR8Ncl/JCzp0bx5uVaV/ovX0A8=reP+
-----END PGP SIGNATURE-----
. ==========================================================================
Kernel Live Patch Security Notice 0044-1
October 05, 2018
linux vulnerability
==========================================================================
A security issue affects these releases of Ubuntu:
| Series | Base kernel | Arch | flavors |
|------------------+--------------+----------+------------------|
| Ubuntu 14.04 LTS | 4.4.0 | amd64 | generic |
| Ubuntu 14.04 LTS | 4.4.0 | amd64 | lowlatency |
| Ubuntu 16.04 LTS | 4.15.0 | amd64 | generic |
| Ubuntu 16.04 LTS | 4.15.0 | amd64 | lowlatency |
| Ubuntu 18.04 LTS | 4.15.0 | amd64 | generic |
| Ubuntu 18.04 LTS | 4.15.0 | amd64 | lowlatency |
Summary:
Several security issues were fixed in the kernel.
Note that due to a client issue, this livepatch may report that it failed to
load. You can verify that the patch has successfully loaded by looking in
/sys/kernel/livepatch for a directory starting with the name "lkp_Ubuntu,"
followed by your kernel version, and ending with the version number, "44."
The next client update should correct this problem. (CVE-2018-3620)
It was discovered that the paravirtualization implementation in the Linux
kernel did not properly handle some indirect calls, reducing the
effectiveness of Spectre v2 mitigations for paravirtual guests. A local
attacker could use this to expose sensitive information. (CVE-2018-15594)
It was discovered that memory present in the L1 data cache of an Intel CPU
core may be exposed to a malicious process that is executing on the CPU
core. A local
attacker in a guest virtual machine could use this to expose sensitive
information (memory from other guests or the host OS). A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2018-6555)
It was discovered that a stack-based buffer overflow existed in the iSCSI
target implementation of the Linux kernel. A remote attacker could use this
to cause a denial of service (system crash). (CVE-2018-14633)
It was discovered that microprocessors utilizing speculative execution and
prediction of return addresses via Return Stack Buffer (RSB) may allow
unauthorized memory reads via sidechannel attacks. An attacker could use
this to expose sensitive information. (CVE-2018-15572)
Jann Horn discovered that the vmacache subsystem did not properly handle
sequence number overflows, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or execute arbitrary code. (CVE-2018-17182)
Update instructions:
The problem can be corrected by updating your livepatches to the following
versions:
| Kernel | Version | flavors |
|--------------------------+----------+--------------------------|
| 4.4.0-133.159 | 44.1 | generic, lowlatency |
| 4.4.0-133.159~14.04.1 | 44.1 | lowlatency, generic |
| 4.4.0-134.160 | 44.1 | generic, lowlatency |
| 4.4.0-134.160~14.04.1 | 44.1 | lowlatency, generic |
| 4.4.0-135.161~14.04.1 | 44.1 | lowlatency, generic |
| 4.15.0-32.35 | 44.1 | lowlatency, generic |
| 4.15.0-32.35~16.04.1 | 44.1 | generic, lowlatency |
| 4.15.0-33.36 | 44.1 | lowlatency, generic |
| 4.15.0-33.36~16.04.1 | 44.1 | lowlatency, generic |
| 4.15.0-34.37 | 44.1 | generic, lowlatency |
| 4.15.0-34.37~16.04.1 | 44.2 | lowlatency, generic |
References:
CVE-2018-3620, CVE-2018-15594, CVE-2018-3646, CVE-2018-6555,
CVE-2018-14633, CVE-2018-15572, CVE-2018-17182
--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update
Advisory ID: RHSA-2018:2387-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2018:2387
Issue date: 2018-08-14
CVE Names: CVE-2018-3620 CVE-2018-3639 CVE-2018-3646
====================================================================
1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 7.4
Extended Update Support.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux ComputeNode EUS (v. 7.4) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.4) - x86_64
Red Hat Enterprise Linux Server EUS (v. 7.4) - noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional EUS (v. 7.4) - ppc64, ppc64le, x86_64
3. Description:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
Security Fix(es):
* Modern operating systems implement virtualization of physical memory to
efficiently use available system resources and provide inter-domain
protection through access control and isolation. The L1TF issue was found
in the way the x86 microprocessor designs have implemented speculative
execution of instructions (a commonly used performance optimisation) in
combination with handling of page-faults caused by terminated virtual to
physical address resolving process. As a result, an unprivileged attacker
could use this flaw to read privileged memory of the kernel or other
processes and/or cross guest/host boundaries to read host memory by
conducting targeted cache side-channel attacks. (CVE-2018-3620,
CVE-2018-3646)
* An industry-wide issue was found in the way many modern microprocessor
designs have implemented speculative execution of Load & Store instructions
(a commonly used performance optimization). It relies on the presence of a
precisely-defined instruction sequence in the privileged code as well as
the fact that memory read from address to which a recent memory write has
occurred may see an older value and subsequently cause an update into the
microprocessor's data cache even for speculatively executed instructions
that never actually commit (retire). As a result, an unprivileged attacker
could use this flaw to read privileged memory by conducting targeted cache
side-channel attacks. (CVE-2018-3639)
Red Hat would like to thank Intel OSSIRT (Intel.com) for reporting
CVE-2018-3620 and CVE-2018-3646 and Ken Johnson (Microsoft Security
Response Center) and Jann Horn (Google Project Zero) for reporting
CVE-2018-3639.
Bug Fix(es):
* Previously, configurations with the little-endian variant of IBM Power
Systems CPU architectures and Hard Disk Drives (HDD) designed according to
Nonvolatile Memory Express (NVMe) open standards, experienced crashes
during shutdown or reboot due to race conditions of CPUs. As a consequence,
the sysfs pseudo file system threw a stack trace report about an attempt to
create a duplicate entry in sysfs. This update modifies the source code so
that the irq_dispose_mapping() function is called first and the
msi_bitmap_free_hwirqs() function is called afterwards. As a result, the
race condition no longer appears in the described scenario. (BZ#1570510)
* When switching from the indirect branch speculation (IBRS) feature to the
retpolines feature, the IBRS state of some CPUs was sometimes not handled
correctly. Consequently, some CPUs were left with the IBRS Model-Specific
Register (MSR) bit set to 1, which could lead to performance issues. With
this update, the underlying source code has been fixed to clear the IBRS
MSR bits correctly, thus fixing the bug. (BZ#1586147)
* During a balloon reset, page pointers were not correctly initialized
after unmapping the memory. Consequently, on the VMware ESXi hypervisor
with "Fault Tolerance" and "ballooning" enabled, the following messages
repeatedly occurred in the kernel log:
[3014611.640148] WARNING: at mm/vmalloc.c:1491 __vunmap+0xd3/0x100()
[3014611.640269] Trying to vfree() nonexistent vm area (ffffc90000697000)
With this update, the underlying source code has been fixed to initialize
page pointers properly. As a result, the mm/vmalloc.c warnings no longer
occur under the described circumstances. (BZ#1595600)
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1566890 - CVE-2018-3639 hw: cpu: speculative store bypass
1585005 - CVE-2018-3646 Kernel: hw: cpu: L1 terminal fault (L1TF)
6. Package List:
Red Hat Enterprise Linux ComputeNode EUS (v. 7.4):
Source:
kernel-3.10.0-693.37.4.el7.src.rpm
noarch:
kernel-abi-whitelists-3.10.0-693.37.4.el7.noarch.rpm
kernel-doc-3.10.0-693.37.4.el7.noarch.rpm
x86_64:
kernel-3.10.0-693.37.4.el7.x86_64.rpm
kernel-debug-3.10.0-693.37.4.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm
kernel-debug-devel-3.10.0-693.37.4.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.37.4.el7.x86_64.rpm
kernel-devel-3.10.0-693.37.4.el7.x86_64.rpm
kernel-headers-3.10.0-693.37.4.el7.x86_64.rpm
kernel-tools-3.10.0-693.37.4.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm
kernel-tools-libs-3.10.0-693.37.4.el7.x86_64.rpm
perf-3.10.0-693.37.4.el7.x86_64.rpm
perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm
python-perf-3.10.0-693.37.4.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.4):
x86_64:
kernel-debug-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.37.4.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-693.37.4.el7.x86_64.rpm
perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm
Red Hat Enterprise Linux Server EUS (v. 7.4):
Source:
kernel-3.10.0-693.37.4.el7.src.rpm
noarch:
kernel-abi-whitelists-3.10.0-693.37.4.el7.noarch.rpm
kernel-doc-3.10.0-693.37.4.el7.noarch.rpm
ppc64:
kernel-3.10.0-693.37.4.el7.ppc64.rpm
kernel-bootwrapper-3.10.0-693.37.4.el7.ppc64.rpm
kernel-debug-3.10.0-693.37.4.el7.ppc64.rpm
kernel-debug-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm
kernel-debug-devel-3.10.0-693.37.4.el7.ppc64.rpm
kernel-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm
kernel-debuginfo-common-ppc64-3.10.0-693.37.4.el7.ppc64.rpm
kernel-devel-3.10.0-693.37.4.el7.ppc64.rpm
kernel-headers-3.10.0-693.37.4.el7.ppc64.rpm
kernel-tools-3.10.0-693.37.4.el7.ppc64.rpm
kernel-tools-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm
kernel-tools-libs-3.10.0-693.37.4.el7.ppc64.rpm
perf-3.10.0-693.37.4.el7.ppc64.rpm
perf-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm
python-perf-3.10.0-693.37.4.el7.ppc64.rpm
python-perf-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm
ppc64le:
kernel-3.10.0-693.37.4.el7.ppc64le.rpm
kernel-bootwrapper-3.10.0-693.37.4.el7.ppc64le.rpm
kernel-debug-3.10.0-693.37.4.el7.ppc64le.rpm
kernel-debug-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-693.37.4.el7.ppc64le.rpm
kernel-devel-3.10.0-693.37.4.el7.ppc64le.rpm
kernel-headers-3.10.0-693.37.4.el7.ppc64le.rpm
kernel-tools-3.10.0-693.37.4.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm
kernel-tools-libs-3.10.0-693.37.4.el7.ppc64le.rpm
perf-3.10.0-693.37.4.el7.ppc64le.rpm
perf-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm
python-perf-3.10.0-693.37.4.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm
s390x:
kernel-3.10.0-693.37.4.el7.s390x.rpm
kernel-debug-3.10.0-693.37.4.el7.s390x.rpm
kernel-debug-debuginfo-3.10.0-693.37.4.el7.s390x.rpm
kernel-debug-devel-3.10.0-693.37.4.el7.s390x.rpm
kernel-debuginfo-3.10.0-693.37.4.el7.s390x.rpm
kernel-debuginfo-common-s390x-3.10.0-693.37.4.el7.s390x.rpm
kernel-devel-3.10.0-693.37.4.el7.s390x.rpm
kernel-headers-3.10.0-693.37.4.el7.s390x.rpm
kernel-kdump-3.10.0-693.37.4.el7.s390x.rpm
kernel-kdump-debuginfo-3.10.0-693.37.4.el7.s390x.rpm
kernel-kdump-devel-3.10.0-693.37.4.el7.s390x.rpm
perf-3.10.0-693.37.4.el7.s390x.rpm
perf-debuginfo-3.10.0-693.37.4.el7.s390x.rpm
python-perf-3.10.0-693.37.4.el7.s390x.rpm
python-perf-debuginfo-3.10.0-693.37.4.el7.s390x.rpm
x86_64:
kernel-3.10.0-693.37.4.el7.x86_64.rpm
kernel-debug-3.10.0-693.37.4.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm
kernel-debug-devel-3.10.0-693.37.4.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.37.4.el7.x86_64.rpm
kernel-devel-3.10.0-693.37.4.el7.x86_64.rpm
kernel-headers-3.10.0-693.37.4.el7.x86_64.rpm
kernel-tools-3.10.0-693.37.4.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm
kernel-tools-libs-3.10.0-693.37.4.el7.x86_64.rpm
perf-3.10.0-693.37.4.el7.x86_64.rpm
perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm
python-perf-3.10.0-693.37.4.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional EUS (v. 7.4):
ppc64:
kernel-debug-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm
kernel-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm
kernel-debuginfo-common-ppc64-3.10.0-693.37.4.el7.ppc64.rpm
kernel-tools-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm
kernel-tools-libs-devel-3.10.0-693.37.4.el7.ppc64.rpm
perf-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm
python-perf-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm
ppc64le:
kernel-debug-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm
kernel-debug-devel-3.10.0-693.37.4.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-693.37.4.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm
kernel-tools-libs-devel-3.10.0-693.37.4.el7.ppc64le.rpm
perf-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm
x86_64:
kernel-debug-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.37.4.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-693.37.4.el7.x86_64.rpm
perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2018-3620
https://access.redhat.com/security/cve/CVE-2018-3639
https://access.redhat.com/security/cve/CVE-2018-3646
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/L1TF
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2018 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBW3M4idzjgjWX9erEAQigJg//W8NS9ZAq71IYQ/6q5hTZBUeg3RsIJL4U
OOCTlpLe3pH45ueU4Pm1HPopyyBHLGo988ZXPkH4z/jKW6txO3RDzf/blyWIwxwi
dr76FUaMMLUk0ASeGcisZppOt/6zwrp2tfn+TyiC3pK0K5nTp+WVO5xYy5iecXVX
96M3wIhCIlshYPc1/F8zdYuBFzpYgBnotag//FjyCQlhmOFcKtTRgyQrSuf1ZxnL
VNQ7UuVGjPWeF0w0OJrb6U7+pVrlwAvtwYkUjm/eFh/AszTe7uZ6C6mG8XAobDrl
SpxhyqMTcplrKxvl0S01xuezVbVo8RdoAtrW9+xseozknta4cu7RHe0ZSsonY/xN
RiAingIwsVde+g9KOv8jeleACBZu8mmJptkYbVb1IHPcp+1FzXXAkUc1i/oc7XBU
lIfe49O3L2GyhI+0hUwhbPuc51L8yHmpr39KM1irKIRWsY692n32LVns3L6Kr0tW
iWlhz4F2e5SNb2zlu3sMRQ4M0kf6JPX8VdRL1qMpfNoa9Ci4wYt+zP29//F6swji
uwu3+SVH5VTW9VzymSCaQl/gD0loWPKVLFrTF5M9Y9+cl0uXn7CoW2LUNB86PhRz
mMG+g2ZW9WbKcW/ERHofeii5WZGtsyA4FnUaWhzetfQIItEpmoobE9QVl0ar5GJ2
dsE8Ald7hA4=scjp
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. 5 ELS) - i386, noarch, s390x, x86_64
3. 6.4) - x86_64
3. (CVE-2018-3639)
* kernel: kvm: vmx: host GDT limit corruption (CVE-2018-10901)
For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in
the References section. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201810-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Xen: Multiple vulnerabilities
Date: October 30, 2018
Bugs: #643350, #655188, #655544, #659442
ID: 201810-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in Xen, the worst of which
could cause a Denial of Service condition.
Background
==========
Xen is a bare-metal hypervisor.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-emulation/xen < 4.10.1-r2 >= 4.10.1-r2
2 app-emulation/xen-tools < 4.10.1-r2 >= 4.10.1-r2
-------------------------------------------------------------------
2 affected packages
Description
===========
Multiple vulnerabilities have been discovered in Xen. Please review the
referenced CVE identifiers for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Xen users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-emulation/xen-4.10.1-r2"
All Xen tools users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=app-emulation/xen-tools-4.10.1-r2"
References
==========
[ 1 ] CVE-2017-5715
https://nvd.nist.gov/vuln/detail/CVE-2017-5715
[ 2 ] CVE-2017-5753
https://nvd.nist.gov/vuln/detail/CVE-2017-5753
[ 3 ] CVE-2017-5754
https://nvd.nist.gov/vuln/detail/CVE-2017-5754
[ 4 ] CVE-2018-10471
https://nvd.nist.gov/vuln/detail/CVE-2018-10471
[ 5 ] CVE-2018-10472
https://nvd.nist.gov/vuln/detail/CVE-2018-10472
[ 6 ] CVE-2018-10981
https://nvd.nist.gov/vuln/detail/CVE-2018-10981
[ 7 ] CVE-2018-10982
https://nvd.nist.gov/vuln/detail/CVE-2018-10982
[ 8 ] CVE-2018-12891
https://nvd.nist.gov/vuln/detail/CVE-2018-12891
[ 9 ] CVE-2018-12892
https://nvd.nist.gov/vuln/detail/CVE-2018-12892
[ 10 ] CVE-2018-12893
https://nvd.nist.gov/vuln/detail/CVE-2018-12893
[ 11 ] CVE-2018-15468
https://nvd.nist.gov/vuln/detail/CVE-2018-15468
[ 12 ] CVE-2018-15469
https://nvd.nist.gov/vuln/detail/CVE-2018-15469
[ 13 ] CVE-2018-15470
https://nvd.nist.gov/vuln/detail/CVE-2018-15470
[ 14 ] CVE-2018-3620
https://nvd.nist.gov/vuln/detail/CVE-2018-3620
[ 15 ] CVE-2018-3646
https://nvd.nist.gov/vuln/detail/CVE-2018-3646
[ 16 ] CVE-2018-5244
https://nvd.nist.gov/vuln/detail/CVE-2018-5244
[ 17 ] CVE-2018-7540
https://nvd.nist.gov/vuln/detail/CVE-2018-7540
[ 18 ] CVE-2018-7541
https://nvd.nist.gov/vuln/detail/CVE-2018-7541
[ 19 ] CVE-2018-7542
https://nvd.nist.gov/vuln/detail/CVE-2018-7542
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201810-06
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2018 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
|
|
var-201908-1840
|
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash. PHP EXIF Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. PHP (PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor) is an open source general-purpose computer scripting language jointly maintained by PHPGroup and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. A buffer error vulnerability exists in PHP 7.1.x prior to 7.1.31, 7.2.x prior to 7.2.21, and 7.3.x prior to 7.3.8. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. PHP is prone to a heap-based buffer-overflow vulnerability. Failed exploits will result in denial-of-service conditions.
PHP versions before 7.3.8 are vulnerable. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-10-29-10 Additional information
for APPLE-SA-2019-10-07-1 macOS Catalina 10.15
macOS Catalina 10.15 addresses the following:
AMD
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8748: Lilang Wu and Moony Li of TrendMicro Mobile Security
Research Team
apache_mod_php
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Multiple issues in PHP
Description: Multiple issues were addressed by updating to PHP
version 7.3.8.
CVE-2019-11041
CVE-2019-11042
Audio
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8706: Yu Zhou of Ant-financial Light-Year Security Lab
Entry added October 29, 2019
Books
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Parsing a maliciously crafted iBooks file may lead to a
persistent denial-of-service
Description: A resource exhaustion issue was addressed with improved
input validation.
CVE-2019-8774: Gertjan Franken imec-DistriNet of KU Leuven
Entry added October 29, 2019
CFNetwork
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Processing maliciously crafted web content may lead to a
cross site scripting attack
Description: This issue was addressed with improved checks.
CVE-2019-8753: Łukasz Pilorz of Standard Chartered GBS Poland
Entry added October 29, 2019
CoreAudio
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Processing a maliciously crafted movie may result in the
disclosure of process memory
Description: A memory corruption issue was addressed with improved
validation.
CVE-2019-8705: riusksk of VulWar Corp working with Trend Micro's Zero
Day Initiative
CoreCrypto
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Processing a large input may lead to a denial of service
Description: A denial of service issue was addressed with improved
input validation.
CVE-2019-8741: Nicky Mouha of NIST
Entry added October 29, 2019
CoreMedia
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8825: Found by GWP-ASan in Google Chrome
Entry added October 29, 2019
Crash Reporter
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: The "Share Mac Analytics" setting may not be disabled when a
user deselects the switch to share analytics
Description: A race condition existed when reading and writing user
preferences. This was addressed with improved state handling.
CVE-2019-8757: William Cerniuk of Core Development, LLC
CUPS
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: An attacker in a privileged network position may be able to
leak sensitive user information
Description: An input validation issue was addressed with improved
input validation.
CVE-2019-8736: Pawel Gocyla of ING Tech Poland (ingtechpoland.com)
Entry added October 29, 2019
CUPS
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Processing a maliciously crafted string may lead to heap
corruption
Description: A memory consumption issue was addressed with improved
memory handling.
CVE-2019-8767: Stephen Zeisberg
Entry added October 29, 2019
CUPS
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A denial of service issue was addressed with improved
validation.
CVE-2019-8737: Pawel Gocyla of ING Tech Poland (ingtechpoland.com)
Entry added October 29, 2019
File Quarantine
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: A malicious application may be able to elevate privileges
Description: This issue was addressed by removing the vulnerable
code.
CVE-2019-8509: CodeColorist of Ant-Financial LightYear Labs
Entry added October 29, 2019
Foundation
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8746: Natalie Silvanovich and Samuel Groß of Google Project
Zero
Entry added October 29, 2019
Graphics
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Processing a malicious shader may result in unexpected
application termination or arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2018-12152: Piotr Bania of Cisco Talos
CVE-2018-12153: Piotr Bania of Cisco Talos
CVE-2018-12154: Piotr Bania of Cisco Talos
Entry added October 29, 2019
Intel Graphics Driver
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8758: Lilang Wu and Moony Li of Trend Micro
IOGraphics
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: A malicious application may be able to determine kernel
memory layout
Description: A logic issue was addressed with improved restrictions.
CVE-2019-8755: Lilang Wu and Moony Li of Trend Micro
IOGraphics
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: A local user may be able to cause unexpected system
termination or read kernel memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2019-8759: another of 360 Nirvan Team
Entry added October 29, 2019
Kernel
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: A local app may be able to read a persistent account
identifier
Description: A validation issue was addressed with improved logic.
CVE-2019-8809: Apple
Entry added October 29, 2019
Kernel
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8709: derrek (@derrekr6)
[confirmed]derrek (@derrekr6)
CVE-2019-8781: Linus Henze (pinauten.de)
Entry added October 29, 2019
Kernel
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8717: Jann Horn of Google Project Zero
Kernel
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: A malicious application may be able to determine kernel
memory layout
Description: A memory corruption issue existed in the handling of
IPv6 packets. This issue was addressed with improved memory
management.
CVE-2019-8744: Zhuo Liang of Qihoo 360 Vulcan Team
Entry added October 29, 2019
libxml2
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Multiple issues in libxml2
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2019-8749: found by OSS-Fuzz
CVE-2019-8756: found by OSS-Fuzz
Entry added October 29, 2019
libxslt
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Multiple issues in libxslt
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2019-8750: found by OSS-Fuzz
Entry added October 29, 2019
mDNSResponder
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: An attacker in physical proximity may be able to passively
observe device names in AWDL communications
Description: This issue was resolved by replacing device names with a
random identifier.
CVE-2019-8799: David Kreitschmann and Milan Stute of Secure Mobile
Networking Lab at Technische Universität Darmstadt
Entry added October 29, 2019
Menus
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8826: Found by GWP-ASan in Google Chrome
Entry added October 29, 2019
Notes
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: A local user may be able to view a user's locked notes
Description: The contents of locked notes sometimes appeared in
search results. This issue was addressed with improved data cleanup.
CVE-2019-8730: Jamie Blumberg (@jamie_blumberg) of Virginia
Polytechnic Institute and State University
PDFKit
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: An attacker may be able to exfiltrate the contents of an
encrypted PDF
Description: An issue existed in the handling of links in encrypted
PDFs. This issue was addressed by adding a confirmation prompt.
CVE-2019-8772: Jens Müller of Ruhr University Bochum, Fabian Ising
of FH Münster University of Applied Sciences, Vladislav Mladenov
of Ruhr University Bochum, Christian Mainka of Ruhr University
Bochum, Sebastian Schinzel of FH Münster University of Applied
Sciences, and Jörg Schwenk of Ruhr University Bochum
PluginKit
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: A local user may be able to check for the existence of
arbitrary files
Description: A logic issue was addressed with improved restrictions.
CVE-2019-8708: an anonymous researcher
Entry added October 29, 2019
PluginKit
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8715: an anonymous researcher
Entry added October 29, 2019
SharedFileList
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: A malicious application may be able to access recent
documents
Description: The issue was addressed with improved permissions logic.
CVE-2019-8770: Stanislav Zinukhov of Parallels International GmbH
sips
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8701: Simon Huang(@HuangShaomang), Rong Fan(@fanrong1992)
and pjf of IceSword Lab of Qihoo 360
UIFoundation
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Parsing a maliciously crafted text file may lead to
disclosure of user information
Description: This issue was addressed with improved checks.
CVE-2019-8761: Renee Trisberg of SpectX
Entry added October 29, 2019
UIFoundation
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Processing a maliciously crafted text file may lead to
arbitrary code execution
Description: A buffer overflow was addressed with improved bounds
checking.
CVE-2019-8745: riusksk of VulWar Corp working with Trend Micro's Zero
Day Initiative
WebKit
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: A user may be unable to delete browsing history items
Description: "Clear History and Website Data" did not clear the
history. The issue was addressed with improved data deletion.
CVE-2019-8768: Hugo S. Diaz (coldpointblue)
WebKit
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Visiting a maliciously crafted website may reveal browsing
history
Description: An issue existed in the drawing of web page elements.
The issue was addressed with improved logic.
CVE-2019-8769: Piérre Reimertz (@reimertz)
Additional recognition
AppleRTC
We would like to acknowledge Vitaly Cheptsov for their assistance.
Audio
We would like to acknowledge riusksk of VulWar Corp working with
Trend Micro's Zero Day Initiative for their assistance.
boringssl
We would like to acknowledge Nimrod Aviram of Tel Aviv University,
Robert Merget of Ruhr University Bochum, Juraj Somorovsky of Ruhr
University Bochum and Thijs Alkemade (@xnyhps) of Computest for their
assistance.
Finder
We would like to acknowledge Csaba Fitzl (@theevilbit) for their
assistance.
Gatekeeper
We would like to acknowledge Csaba Fitzl (@theevilbit) for their
assistance.
Identity Service
We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for
their assistance.
Kernel
We would like to acknowledge Brandon Azad of Google Project Zero for
their assistance.
mDNSResponder
We would like to acknowledge Gregor Lang of e.solutions GmbH for
their assistance.
python
We would like to acknowledge an anonymous researcher for their
assistance.
Safari Data Importing
We would like to acknowledge Kent Zoya for their assistance.
Simple certificate enrollment protocol (SCEP)
We would like to acknowledge an anonymous researcher for their
assistance.
Telephony
We would like to acknowledge Phil Stokes from SentinelOne for their
assistance.
VPN
We would like to acknowledge Royce Gawron of Second Son Consulting,
Inc. for their assistance.
Installation note:
macOS Catalina 10.15 may be obtained from the Mac App Store or
Apple's Software Downloads web site:
https://support.apple.com/downloads/
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl24s4QACgkQBz4uGe3y
0M0s3w//QZG0JsE1BjWJ3mwKoSn/I1V0SLryV9UxJeibPfhyF6VJEYk63jZxZ5ki
48vM7iKE3nAHamNFOMtUvyzEdO6VGNZ1uiuSu9nkyziEERapHJSLcEh83p2JhWV/
SEsBB3bsT4l3V9ZYxk/9DX6ynCTzKLZTynw6Yo2PMYiMpavD5sfZ6v8U53qdZ+LX
SNuw+vRTsvu3YlFkUStTdQ64sT72yGII0c8iFpSb2AWv7IgbypB5lW4/MRQjrzoc
9yMhvMgXcgAlzoH5GpGE2EflbekcQxudxDh1t0o7f8OASRPTljNjL4oiKXBMhiAM
iUgDn7duE9LqupfSWK5WOUkF+XRV0qTaLCTDWaCzVa5YsApvSVPhbmoFqKXSQG8T
U6SxQviqzJ06sD1jqm2sZ/LnD5xMEXhQvNx89oJrTRsCU/o0fy4tRhHp52aJoF7E
Wvr1kTlo6SGm6NjkmZVoKj6962/0XUYSOt8gR+L/sF7N6URUG+1Ko2jx8zhYHMEO
ju+Hw0TFHd+8mP29oOEIsIpuRpCp9jjgEJDdu7mGqJ1Py2Gs0uGeHEZd6DJhKggA
IvdJu4Q9usjWaxQ9H3m2I/xEqw78sMEEFgCYfLTC0gf2ChaiGZuhKipcF04c81kM
bOGmjuyJrajD/2rY9EHrqtCm5b2079YAIxUAmTOkT0uP2WmlZoM=
=bhin
-----END PGP SIGNATURE-----
. 8) - aarch64, noarch, ppc64le, s390x, x86_64
3. =========================================================================
Ubuntu Security Notice USN-4097-2
August 13, 2019
php5 vulnerabilities
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 ESM
- Ubuntu 12.04 ESM
Summary:
PHP could be made to crash or execute arbitrary code if it
received specially crafted image. This update provides
the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.
Original advisory details:
It was discovered that PHP incorrectly handled certain images.
An attacker could possibly use this issue to cause a denial of service
or execute arbitrary code. (CVE-2019-11041, CVE-2019-11042)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 ESM:
libapache2-mod-php5 5.5.9+dfsg-1ubuntu4.29+esm5
php5-cgi 5.5.9+dfsg-1ubuntu4.29+esm5
php5-cli 5.5.9+dfsg-1ubuntu4.29+esm5
php5-fpm 5.5.9+dfsg-1ubuntu4.29+esm5
php5-xmlrpc 5.5.9+dfsg-1ubuntu4.29+esm5
Ubuntu 12.04 ESM:
libapache2-mod-php5 5.3.10-1ubuntu3.39
php5-cgi 5.3.10-1ubuntu3.39
php5-cli 5.3.10-1ubuntu3.39
php5-fpm 5.3.10-1ubuntu3.39
php5-xmlrpc 5.3.10-1ubuntu3.39
In general, a standard system update will make all the necessary changes.
For the stable distribution (buster), these problems have been fixed in
version 7.3.9-1~deb10u1.
We recommend that you upgrade your php7.3 packages. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: rh-php72-php security update
Advisory ID: RHSA-2019:3299-01
Product: Red Hat Software Collections
Advisory URL: https://access.redhat.com/errata/RHSA-2019:3299
Issue date: 2019-11-01
CVE Names: CVE-2016-10166 CVE-2018-20783 CVE-2019-6977
CVE-2019-9020 CVE-2019-9021 CVE-2019-9022
CVE-2019-9023 CVE-2019-9024 CVE-2019-9637
CVE-2019-9638 CVE-2019-9639 CVE-2019-9640
CVE-2019-11034 CVE-2019-11035 CVE-2019-11036
CVE-2019-11038 CVE-2019-11039 CVE-2019-11040
CVE-2019-11041 CVE-2019-11042 CVE-2019-11043
=====================================================================
1. Summary:
An update for rh-php72-php is now available for Red Hat Software
Collections.
Red Hat Product Security has rated this update as having a security impact
of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64le, s390x, x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5) - ppc64le, s390x, x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - ppc64le, s390x, x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - ppc64le, s390x, x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64
3. Description:
PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP Server.
The following packages have been upgraded to a later upstream version:
rh-php72-php (7.2.24). (BZ#1766603)
Security Fix(es):
* php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)
* gd: Unsigned integer underflow _gdContributionsAlloc() (CVE-2016-10166)
* gd: Heap based buffer overflow in gdImageColorMatch() in gd_color_match.c
(CVE-2019-6977)
* php: Invalid memory access in function xmlrpc_decode() (CVE-2019-9020)
* php: File rename across filesystems may allow unwanted access during
processing (CVE-2019-9637)
* php: Uninitialized read in exif_process_IFD_in_MAKERNOTE (CVE-2019-9638)
* php: Uninitialized read in exif_process_IFD_in_MAKERNOTE (CVE-2019-9639)
* php: Invalid read in exif_process_SOFn() (CVE-2019-9640)
* php: Out-of-bounds read due to integer overflow in
iconv_mime_decode_headers() (CVE-2019-11039)
* php: Buffer over-read in exif_read_data() (CVE-2019-11040)
* php: Buffer over-read in PHAR reading functions (CVE-2018-20783)
* php: Heap-based buffer over-read in PHAR reading functions
(CVE-2019-9021)
* php: memcpy with negative length via crafted DNS response (CVE-2019-9022)
* php: Heap-based buffer over-read in mbstring regular expression functions
(CVE-2019-9023)
* php: Out-of-bounds read in base64_decode_xmlrpc in
ext/xmlrpc/libxmlrpc/base64.c (CVE-2019-9024)
* php: Heap buffer overflow in function exif_process_IFD_TAG()
(CVE-2019-11034)
* php: Heap buffer overflow in function exif_iif_add_value()
(CVE-2019-11035)
* php: Buffer over-read in exif_process_IFD_TAG() leading to information
disclosure (CVE-2019-11036)
* gd: Information disclosure in gdImageCreateFromXbm() (CVE-2019-11038)
* php: heap buffer over-read in exif_scan_thumbnail() (CVE-2019-11041)
* php: heap buffer over-read in exif_process_user_comment()
(CVE-2019-11042)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the updated packages, the httpd daemon must be restarted
for the update to take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1418983 - CVE-2016-10166 gd: Unsigned integer underflow _gdContributionsAlloc()
1672207 - CVE-2019-6977 gd: Heap based buffer overflow in gdImageColorMatch() in gd_color_match.c
1680545 - CVE-2018-20783 php: Buffer over-read in PHAR reading functions
1685123 - CVE-2019-9020 php: Invalid memory access in function xmlrpc_decode()
1685132 - CVE-2019-9021 php: Heap-based buffer over-read in PHAR reading functions
1685398 - CVE-2019-9023 php: Heap-based buffer over-read in mbstring regular expression functions
1685404 - CVE-2019-9024 php: Out-of-bounds read in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c
1685412 - CVE-2019-9022 php: memcpy with negative length via crafted DNS response
1688897 - CVE-2019-9637 php: File rename across filesystems may allow unwanted access during processing
1688922 - CVE-2019-9638 php: Uninitialized read in exif_process_IFD_in_MAKERNOTE
1688934 - CVE-2019-9639 php: Uninitialized read in exif_process_IFD_in_MAKERNOTE
1688939 - CVE-2019-9640 php: Invalid read in exif_process_SOFn()
1702246 - CVE-2019-11035 php: Heap buffer overflow in function exif_iif_add_value()
1702256 - CVE-2019-11034 php: Heap buffer overflow in function exif_process_IFD_TAG()
1707299 - CVE-2019-11036 php: Buffer over-read in exif_process_IFD_TAG() leading to information disclosure
1724149 - CVE-2019-11038 gd: Information disclosure in gdImageCreateFromXbm()
1724152 - CVE-2019-11039 php: Out-of-bounds read due to integer overflow in iconv_mime_decode_headers()
1724154 - CVE-2019-11040 php: Buffer over-read in exif_read_data()
1739459 - CVE-2019-11041 php: heap buffer over-read in exif_scan_thumbnail()
1739465 - CVE-2019-11042 php: heap buffer over-read in exif_process_user_comment()
1766378 - CVE-2019-11043 php: underflow in env_path_info in fpm_main.c
6. Package List:
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):
Source:
rh-php72-php-7.2.24-1.el7.src.rpm
aarch64:
rh-php72-php-7.2.24-1.el7.aarch64.rpm
rh-php72-php-bcmath-7.2.24-1.el7.aarch64.rpm
rh-php72-php-cli-7.2.24-1.el7.aarch64.rpm
rh-php72-php-common-7.2.24-1.el7.aarch64.rpm
rh-php72-php-dba-7.2.24-1.el7.aarch64.rpm
rh-php72-php-dbg-7.2.24-1.el7.aarch64.rpm
rh-php72-php-debuginfo-7.2.24-1.el7.aarch64.rpm
rh-php72-php-devel-7.2.24-1.el7.aarch64.rpm
rh-php72-php-embedded-7.2.24-1.el7.aarch64.rpm
rh-php72-php-enchant-7.2.24-1.el7.aarch64.rpm
rh-php72-php-fpm-7.2.24-1.el7.aarch64.rpm
rh-php72-php-gd-7.2.24-1.el7.aarch64.rpm
rh-php72-php-gmp-7.2.24-1.el7.aarch64.rpm
rh-php72-php-intl-7.2.24-1.el7.aarch64.rpm
rh-php72-php-json-7.2.24-1.el7.aarch64.rpm
rh-php72-php-ldap-7.2.24-1.el7.aarch64.rpm
rh-php72-php-mbstring-7.2.24-1.el7.aarch64.rpm
rh-php72-php-mysqlnd-7.2.24-1.el7.aarch64.rpm
rh-php72-php-odbc-7.2.24-1.el7.aarch64.rpm
rh-php72-php-opcache-7.2.24-1.el7.aarch64.rpm
rh-php72-php-pdo-7.2.24-1.el7.aarch64.rpm
rh-php72-php-pgsql-7.2.24-1.el7.aarch64.rpm
rh-php72-php-process-7.2.24-1.el7.aarch64.rpm
rh-php72-php-pspell-7.2.24-1.el7.aarch64.rpm
rh-php72-php-recode-7.2.24-1.el7.aarch64.rpm
rh-php72-php-snmp-7.2.24-1.el7.aarch64.rpm
rh-php72-php-soap-7.2.24-1.el7.aarch64.rpm
rh-php72-php-xml-7.2.24-1.el7.aarch64.rpm
rh-php72-php-xmlrpc-7.2.24-1.el7.aarch64.rpm
rh-php72-php-zip-7.2.24-1.el7.aarch64.rpm
ppc64le:
rh-php72-php-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-common-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-json-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-process-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm
s390x:
rh-php72-php-7.2.24-1.el7.s390x.rpm
rh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm
rh-php72-php-cli-7.2.24-1.el7.s390x.rpm
rh-php72-php-common-7.2.24-1.el7.s390x.rpm
rh-php72-php-dba-7.2.24-1.el7.s390x.rpm
rh-php72-php-dbg-7.2.24-1.el7.s390x.rpm
rh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm
rh-php72-php-devel-7.2.24-1.el7.s390x.rpm
rh-php72-php-embedded-7.2.24-1.el7.s390x.rpm
rh-php72-php-enchant-7.2.24-1.el7.s390x.rpm
rh-php72-php-fpm-7.2.24-1.el7.s390x.rpm
rh-php72-php-gd-7.2.24-1.el7.s390x.rpm
rh-php72-php-gmp-7.2.24-1.el7.s390x.rpm
rh-php72-php-intl-7.2.24-1.el7.s390x.rpm
rh-php72-php-json-7.2.24-1.el7.s390x.rpm
rh-php72-php-ldap-7.2.24-1.el7.s390x.rpm
rh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm
rh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm
rh-php72-php-odbc-7.2.24-1.el7.s390x.rpm
rh-php72-php-opcache-7.2.24-1.el7.s390x.rpm
rh-php72-php-pdo-7.2.24-1.el7.s390x.rpm
rh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm
rh-php72-php-process-7.2.24-1.el7.s390x.rpm
rh-php72-php-pspell-7.2.24-1.el7.s390x.rpm
rh-php72-php-recode-7.2.24-1.el7.s390x.rpm
rh-php72-php-snmp-7.2.24-1.el7.s390x.rpm
rh-php72-php-soap-7.2.24-1.el7.s390x.rpm
rh-php72-php-xml-7.2.24-1.el7.s390x.rpm
rh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm
rh-php72-php-zip-7.2.24-1.el7.s390x.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):
Source:
rh-php72-php-7.2.24-1.el7.src.rpm
aarch64:
rh-php72-php-7.2.24-1.el7.aarch64.rpm
rh-php72-php-bcmath-7.2.24-1.el7.aarch64.rpm
rh-php72-php-cli-7.2.24-1.el7.aarch64.rpm
rh-php72-php-common-7.2.24-1.el7.aarch64.rpm
rh-php72-php-dba-7.2.24-1.el7.aarch64.rpm
rh-php72-php-dbg-7.2.24-1.el7.aarch64.rpm
rh-php72-php-debuginfo-7.2.24-1.el7.aarch64.rpm
rh-php72-php-devel-7.2.24-1.el7.aarch64.rpm
rh-php72-php-embedded-7.2.24-1.el7.aarch64.rpm
rh-php72-php-enchant-7.2.24-1.el7.aarch64.rpm
rh-php72-php-fpm-7.2.24-1.el7.aarch64.rpm
rh-php72-php-gd-7.2.24-1.el7.aarch64.rpm
rh-php72-php-gmp-7.2.24-1.el7.aarch64.rpm
rh-php72-php-intl-7.2.24-1.el7.aarch64.rpm
rh-php72-php-json-7.2.24-1.el7.aarch64.rpm
rh-php72-php-ldap-7.2.24-1.el7.aarch64.rpm
rh-php72-php-mbstring-7.2.24-1.el7.aarch64.rpm
rh-php72-php-mysqlnd-7.2.24-1.el7.aarch64.rpm
rh-php72-php-odbc-7.2.24-1.el7.aarch64.rpm
rh-php72-php-opcache-7.2.24-1.el7.aarch64.rpm
rh-php72-php-pdo-7.2.24-1.el7.aarch64.rpm
rh-php72-php-pgsql-7.2.24-1.el7.aarch64.rpm
rh-php72-php-process-7.2.24-1.el7.aarch64.rpm
rh-php72-php-pspell-7.2.24-1.el7.aarch64.rpm
rh-php72-php-recode-7.2.24-1.el7.aarch64.rpm
rh-php72-php-snmp-7.2.24-1.el7.aarch64.rpm
rh-php72-php-soap-7.2.24-1.el7.aarch64.rpm
rh-php72-php-xml-7.2.24-1.el7.aarch64.rpm
rh-php72-php-xmlrpc-7.2.24-1.el7.aarch64.rpm
rh-php72-php-zip-7.2.24-1.el7.aarch64.rpm
ppc64le:
rh-php72-php-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-common-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-json-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-process-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm
s390x:
rh-php72-php-7.2.24-1.el7.s390x.rpm
rh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm
rh-php72-php-cli-7.2.24-1.el7.s390x.rpm
rh-php72-php-common-7.2.24-1.el7.s390x.rpm
rh-php72-php-dba-7.2.24-1.el7.s390x.rpm
rh-php72-php-dbg-7.2.24-1.el7.s390x.rpm
rh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm
rh-php72-php-devel-7.2.24-1.el7.s390x.rpm
rh-php72-php-embedded-7.2.24-1.el7.s390x.rpm
rh-php72-php-enchant-7.2.24-1.el7.s390x.rpm
rh-php72-php-fpm-7.2.24-1.el7.s390x.rpm
rh-php72-php-gd-7.2.24-1.el7.s390x.rpm
rh-php72-php-gmp-7.2.24-1.el7.s390x.rpm
rh-php72-php-intl-7.2.24-1.el7.s390x.rpm
rh-php72-php-json-7.2.24-1.el7.s390x.rpm
rh-php72-php-ldap-7.2.24-1.el7.s390x.rpm
rh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm
rh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm
rh-php72-php-odbc-7.2.24-1.el7.s390x.rpm
rh-php72-php-opcache-7.2.24-1.el7.s390x.rpm
rh-php72-php-pdo-7.2.24-1.el7.s390x.rpm
rh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm
rh-php72-php-process-7.2.24-1.el7.s390x.rpm
rh-php72-php-pspell-7.2.24-1.el7.s390x.rpm
rh-php72-php-recode-7.2.24-1.el7.s390x.rpm
rh-php72-php-snmp-7.2.24-1.el7.s390x.rpm
rh-php72-php-soap-7.2.24-1.el7.s390x.rpm
rh-php72-php-xml-7.2.24-1.el7.s390x.rpm
rh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm
rh-php72-php-zip-7.2.24-1.el7.s390x.rpm
x86_64:
rh-php72-php-7.2.24-1.el7.x86_64.rpm
rh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm
rh-php72-php-cli-7.2.24-1.el7.x86_64.rpm
rh-php72-php-common-7.2.24-1.el7.x86_64.rpm
rh-php72-php-dba-7.2.24-1.el7.x86_64.rpm
rh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm
rh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm
rh-php72-php-devel-7.2.24-1.el7.x86_64.rpm
rh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm
rh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm
rh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm
rh-php72-php-gd-7.2.24-1.el7.x86_64.rpm
rh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm
rh-php72-php-intl-7.2.24-1.el7.x86_64.rpm
rh-php72-php-json-7.2.24-1.el7.x86_64.rpm
rh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm
rh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm
rh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm
rh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm
rh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm
rh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm
rh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm
rh-php72-php-process-7.2.24-1.el7.x86_64.rpm
rh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm
rh-php72-php-recode-7.2.24-1.el7.x86_64.rpm
rh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm
rh-php72-php-soap-7.2.24-1.el7.x86_64.rpm
rh-php72-php-xml-7.2.24-1.el7.x86_64.rpm
rh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm
rh-php72-php-zip-7.2.24-1.el7.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5):
Source:
rh-php72-php-7.2.24-1.el7.src.rpm
ppc64le:
rh-php72-php-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-common-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-json-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-process-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm
s390x:
rh-php72-php-7.2.24-1.el7.s390x.rpm
rh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm
rh-php72-php-cli-7.2.24-1.el7.s390x.rpm
rh-php72-php-common-7.2.24-1.el7.s390x.rpm
rh-php72-php-dba-7.2.24-1.el7.s390x.rpm
rh-php72-php-dbg-7.2.24-1.el7.s390x.rpm
rh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm
rh-php72-php-devel-7.2.24-1.el7.s390x.rpm
rh-php72-php-embedded-7.2.24-1.el7.s390x.rpm
rh-php72-php-enchant-7.2.24-1.el7.s390x.rpm
rh-php72-php-fpm-7.2.24-1.el7.s390x.rpm
rh-php72-php-gd-7.2.24-1.el7.s390x.rpm
rh-php72-php-gmp-7.2.24-1.el7.s390x.rpm
rh-php72-php-intl-7.2.24-1.el7.s390x.rpm
rh-php72-php-json-7.2.24-1.el7.s390x.rpm
rh-php72-php-ldap-7.2.24-1.el7.s390x.rpm
rh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm
rh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm
rh-php72-php-odbc-7.2.24-1.el7.s390x.rpm
rh-php72-php-opcache-7.2.24-1.el7.s390x.rpm
rh-php72-php-pdo-7.2.24-1.el7.s390x.rpm
rh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm
rh-php72-php-process-7.2.24-1.el7.s390x.rpm
rh-php72-php-pspell-7.2.24-1.el7.s390x.rpm
rh-php72-php-recode-7.2.24-1.el7.s390x.rpm
rh-php72-php-snmp-7.2.24-1.el7.s390x.rpm
rh-php72-php-soap-7.2.24-1.el7.s390x.rpm
rh-php72-php-xml-7.2.24-1.el7.s390x.rpm
rh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm
rh-php72-php-zip-7.2.24-1.el7.s390x.rpm
x86_64:
rh-php72-php-7.2.24-1.el7.x86_64.rpm
rh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm
rh-php72-php-cli-7.2.24-1.el7.x86_64.rpm
rh-php72-php-common-7.2.24-1.el7.x86_64.rpm
rh-php72-php-dba-7.2.24-1.el7.x86_64.rpm
rh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm
rh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm
rh-php72-php-devel-7.2.24-1.el7.x86_64.rpm
rh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm
rh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm
rh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm
rh-php72-php-gd-7.2.24-1.el7.x86_64.rpm
rh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm
rh-php72-php-intl-7.2.24-1.el7.x86_64.rpm
rh-php72-php-json-7.2.24-1.el7.x86_64.rpm
rh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm
rh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm
rh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm
rh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm
rh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm
rh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm
rh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm
rh-php72-php-process-7.2.24-1.el7.x86_64.rpm
rh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm
rh-php72-php-recode-7.2.24-1.el7.x86_64.rpm
rh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm
rh-php72-php-soap-7.2.24-1.el7.x86_64.rpm
rh-php72-php-xml-7.2.24-1.el7.x86_64.rpm
rh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm
rh-php72-php-zip-7.2.24-1.el7.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6):
Source:
rh-php72-php-7.2.24-1.el7.src.rpm
ppc64le:
rh-php72-php-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-common-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-json-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-process-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm
s390x:
rh-php72-php-7.2.24-1.el7.s390x.rpm
rh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm
rh-php72-php-cli-7.2.24-1.el7.s390x.rpm
rh-php72-php-common-7.2.24-1.el7.s390x.rpm
rh-php72-php-dba-7.2.24-1.el7.s390x.rpm
rh-php72-php-dbg-7.2.24-1.el7.s390x.rpm
rh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm
rh-php72-php-devel-7.2.24-1.el7.s390x.rpm
rh-php72-php-embedded-7.2.24-1.el7.s390x.rpm
rh-php72-php-enchant-7.2.24-1.el7.s390x.rpm
rh-php72-php-fpm-7.2.24-1.el7.s390x.rpm
rh-php72-php-gd-7.2.24-1.el7.s390x.rpm
rh-php72-php-gmp-7.2.24-1.el7.s390x.rpm
rh-php72-php-intl-7.2.24-1.el7.s390x.rpm
rh-php72-php-json-7.2.24-1.el7.s390x.rpm
rh-php72-php-ldap-7.2.24-1.el7.s390x.rpm
rh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm
rh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm
rh-php72-php-odbc-7.2.24-1.el7.s390x.rpm
rh-php72-php-opcache-7.2.24-1.el7.s390x.rpm
rh-php72-php-pdo-7.2.24-1.el7.s390x.rpm
rh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm
rh-php72-php-process-7.2.24-1.el7.s390x.rpm
rh-php72-php-pspell-7.2.24-1.el7.s390x.rpm
rh-php72-php-recode-7.2.24-1.el7.s390x.rpm
rh-php72-php-snmp-7.2.24-1.el7.s390x.rpm
rh-php72-php-soap-7.2.24-1.el7.s390x.rpm
rh-php72-php-xml-7.2.24-1.el7.s390x.rpm
rh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm
rh-php72-php-zip-7.2.24-1.el7.s390x.rpm
x86_64:
rh-php72-php-7.2.24-1.el7.x86_64.rpm
rh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm
rh-php72-php-cli-7.2.24-1.el7.x86_64.rpm
rh-php72-php-common-7.2.24-1.el7.x86_64.rpm
rh-php72-php-dba-7.2.24-1.el7.x86_64.rpm
rh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm
rh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm
rh-php72-php-devel-7.2.24-1.el7.x86_64.rpm
rh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm
rh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm
rh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm
rh-php72-php-gd-7.2.24-1.el7.x86_64.rpm
rh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm
rh-php72-php-intl-7.2.24-1.el7.x86_64.rpm
rh-php72-php-json-7.2.24-1.el7.x86_64.rpm
rh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm
rh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm
rh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm
rh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm
rh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm
rh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm
rh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm
rh-php72-php-process-7.2.24-1.el7.x86_64.rpm
rh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm
rh-php72-php-recode-7.2.24-1.el7.x86_64.rpm
rh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm
rh-php72-php-soap-7.2.24-1.el7.x86_64.rpm
rh-php72-php-xml-7.2.24-1.el7.x86_64.rpm
rh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm
rh-php72-php-zip-7.2.24-1.el7.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7):
Source:
rh-php72-php-7.2.24-1.el7.src.rpm
ppc64le:
rh-php72-php-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-common-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-json-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-process-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm
rh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm
s390x:
rh-php72-php-7.2.24-1.el7.s390x.rpm
rh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm
rh-php72-php-cli-7.2.24-1.el7.s390x.rpm
rh-php72-php-common-7.2.24-1.el7.s390x.rpm
rh-php72-php-dba-7.2.24-1.el7.s390x.rpm
rh-php72-php-dbg-7.2.24-1.el7.s390x.rpm
rh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm
rh-php72-php-devel-7.2.24-1.el7.s390x.rpm
rh-php72-php-embedded-7.2.24-1.el7.s390x.rpm
rh-php72-php-enchant-7.2.24-1.el7.s390x.rpm
rh-php72-php-fpm-7.2.24-1.el7.s390x.rpm
rh-php72-php-gd-7.2.24-1.el7.s390x.rpm
rh-php72-php-gmp-7.2.24-1.el7.s390x.rpm
rh-php72-php-intl-7.2.24-1.el7.s390x.rpm
rh-php72-php-json-7.2.24-1.el7.s390x.rpm
rh-php72-php-ldap-7.2.24-1.el7.s390x.rpm
rh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm
rh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm
rh-php72-php-odbc-7.2.24-1.el7.s390x.rpm
rh-php72-php-opcache-7.2.24-1.el7.s390x.rpm
rh-php72-php-pdo-7.2.24-1.el7.s390x.rpm
rh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm
rh-php72-php-process-7.2.24-1.el7.s390x.rpm
rh-php72-php-pspell-7.2.24-1.el7.s390x.rpm
rh-php72-php-recode-7.2.24-1.el7.s390x.rpm
rh-php72-php-snmp-7.2.24-1.el7.s390x.rpm
rh-php72-php-soap-7.2.24-1.el7.s390x.rpm
rh-php72-php-xml-7.2.24-1.el7.s390x.rpm
rh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm
rh-php72-php-zip-7.2.24-1.el7.s390x.rpm
x86_64:
rh-php72-php-7.2.24-1.el7.x86_64.rpm
rh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm
rh-php72-php-cli-7.2.24-1.el7.x86_64.rpm
rh-php72-php-common-7.2.24-1.el7.x86_64.rpm
rh-php72-php-dba-7.2.24-1.el7.x86_64.rpm
rh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm
rh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm
rh-php72-php-devel-7.2.24-1.el7.x86_64.rpm
rh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm
rh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm
rh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm
rh-php72-php-gd-7.2.24-1.el7.x86_64.rpm
rh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm
rh-php72-php-intl-7.2.24-1.el7.x86_64.rpm
rh-php72-php-json-7.2.24-1.el7.x86_64.rpm
rh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm
rh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm
rh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm
rh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm
rh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm
rh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm
rh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm
rh-php72-php-process-7.2.24-1.el7.x86_64.rpm
rh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm
rh-php72-php-recode-7.2.24-1.el7.x86_64.rpm
rh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm
rh-php72-php-soap-7.2.24-1.el7.x86_64.rpm
rh-php72-php-xml-7.2.24-1.el7.x86_64.rpm
rh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm
rh-php72-php-zip-7.2.24-1.el7.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7):
Source:
rh-php72-php-7.2.24-1.el7.src.rpm
x86_64:
rh-php72-php-7.2.24-1.el7.x86_64.rpm
rh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm
rh-php72-php-cli-7.2.24-1.el7.x86_64.rpm
rh-php72-php-common-7.2.24-1.el7.x86_64.rpm
rh-php72-php-dba-7.2.24-1.el7.x86_64.rpm
rh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm
rh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm
rh-php72-php-devel-7.2.24-1.el7.x86_64.rpm
rh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm
rh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm
rh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm
rh-php72-php-gd-7.2.24-1.el7.x86_64.rpm
rh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm
rh-php72-php-intl-7.2.24-1.el7.x86_64.rpm
rh-php72-php-json-7.2.24-1.el7.x86_64.rpm
rh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm
rh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm
rh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm
rh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm
rh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm
rh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm
rh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm
rh-php72-php-process-7.2.24-1.el7.x86_64.rpm
rh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm
rh-php72-php-recode-7.2.24-1.el7.x86_64.rpm
rh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm
rh-php72-php-soap-7.2.24-1.el7.x86_64.rpm
rh-php72-php-xml-7.2.24-1.el7.x86_64.rpm
rh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm
rh-php72-php-zip-7.2.24-1.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2016-10166
https://access.redhat.com/security/cve/CVE-2018-20783
https://access.redhat.com/security/cve/CVE-2019-6977
https://access.redhat.com/security/cve/CVE-2019-9020
https://access.redhat.com/security/cve/CVE-2019-9021
https://access.redhat.com/security/cve/CVE-2019-9022
https://access.redhat.com/security/cve/CVE-2019-9023
https://access.redhat.com/security/cve/CVE-2019-9024
https://access.redhat.com/security/cve/CVE-2019-9637
https://access.redhat.com/security/cve/CVE-2019-9638
https://access.redhat.com/security/cve/CVE-2019-9639
https://access.redhat.com/security/cve/CVE-2019-9640
https://access.redhat.com/security/cve/CVE-2019-11034
https://access.redhat.com/security/cve/CVE-2019-11035
https://access.redhat.com/security/cve/CVE-2019-11036
https://access.redhat.com/security/cve/CVE-2019-11038
https://access.redhat.com/security/cve/CVE-2019-11039
https://access.redhat.com/security/cve/CVE-2019-11040
https://access.redhat.com/security/cve/CVE-2019-11041
https://access.redhat.com/security/cve/CVE-2019-11042
https://access.redhat.com/security/cve/CVE-2019-11043
https://access.redhat.com/security/updates/classification/#critical
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBXbwslNzjgjWX9erEAQgZrA//YpBwARJTytrbpWQquZ4hnjbScNEZK1d4
sOOT+oiQSrzvghsNKNCKwEO1CLbNA9XOT7bCchtpD/HguTc4XeGNk7dAf/qA6UVB
tJCxmqNBVBKqoe9UafmxLUFcVSkv/PHRVD2h+/TvmqdB8Uf2Z8hIIaBt7UsW34sb
yBMLJVhyG98c/7VzwqFXW6Vm+Ly6+/ViYtloe5/Ex4D8FvB72Cc9uRvCTWdLLOXu
PlwQKdaEt5CtUrTmLFEX+9t6tybwhNBf/dZ96nazCaSRtQVnhZI9s+wjoE6vEOOB
+bOldvJ9tu7LclzMIz7SbSqjhPBSLtEMGZKcO1havVGDwcfPAEc12TW9DtVFDlqA
Xq+dFW5vviRCoMlSmNBmSqQZSWMF64LdzjvWfW2G/nBnNLOdhu/Wufs1sJUOc+cp
V9PgQH0iWut0N89DaOzTH+4PQvvvTw12HuKHk+P+/O8bBBdcI9gpd5klce/5jquc
QXqhy49koz6BturNpVnXfSWjdLPwQ1pwhGJOkv7vLsdx6HVeuY6BsSE+C28cHFl+
z/AOZL4eCa9xKlePdGKCbqzTjMmCiJQbeShoBOKt1DtSgVVgtE0Kc5EZQcqop0aw
RG304k1HSbrgsSRFxx6s1RophOQaC3ASvWkw5OY/8ylNrO9AAMxLRjZNCve6V7Rq
86WRMpuQxpE=
=winR
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
|
|
var-200711-0540
|
Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression. Perl is prone to a buffer-overflow vulnerability because it fails to sufficiently bounds-check user-supplied input. This facilitates the remote compromise of affected computers.
Perl 5.8 is vulnerable to this issue; other versions may also be affected. An error in the way Perl's regular expression engine calculates the space required to process regular expressions could allow a local attacker to elevate privileges.
For the stable distribution (etch), this problem has been fixed in
version 5.8.8-7etch1.
For the old stable distribution (sarge), this problem has been fixed in
version 5.8.4-8sarge6.
For the unstable distribution (sid), this problem will be fixed soon.
Some architectures are missing from this DSA; these updates will be
released once they are available.
We recommend that you upgrade your perl package.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6.dsc
Size/MD5 checksum: 1031 653d1eaa085e027d325a520653e9785c
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6.diff.gz
Size/MD5 checksum: 103931 b8c617d86f3baa2cd35bde936c0a76d5
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4.orig.tar.gz
Size/MD5 checksum: 12094233 912050a9cb6b0f415b76ba56052fb4cf
Architecture independent components:
http://security.debian.org/pool/updates/main/p/perl/libcgi-fast-perl_5.8.4-8sarge6_all.deb
Size/MD5 checksum: 38810 ff950bde09387a4023efff595fcb7b80
http://security.debian.org/pool/updates/main/p/perl/perl-doc_5.8.4-8sarge6_all.deb
Size/MD5 checksum: 7049010 803d0a25ddd6d3a75769b39fd44c1b21
http://security.debian.org/pool/updates/main/p/perl/perl-modules_5.8.4-8sarge6_all.deb
Size/MD5 checksum: 2178698 8f6bbe7db6414444fd5dbfb7786e6b76
Alpha architecture:
http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_alpha.deb
Size/MD5 checksum: 804866 47b0bbfc0d2544132ac23e7bbd6fd81f
http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_alpha.deb
Size/MD5 checksum: 1008 dddcaa51b3b5b67c881b49a996e83944
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_alpha.deb
Size/MD5 checksum: 3902134 e2170d1b691a118df3a3277e6f4b0af9
http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_alpha.deb
Size/MD5 checksum: 874688 bdb3fc1c1e0bed8bc37292f12ec9e803
http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_alpha.deb
Size/MD5 checksum: 4132780 e2539f2b62fd1a394f5424a534e9a51d
http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_alpha.deb
Size/MD5 checksum: 37086 dd82f2321b96bc531e16857848bece42
AMD64 architecture:
http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_amd64.deb
Size/MD5 checksum: 605148 b613969a68e576543f18f56b1956e78e
http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_amd64.deb
Size/MD5 checksum: 1000 613477a3ba3f93013fa7a7776022d8e9
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_amd64.deb
Size/MD5 checksum: 3834172 7f354043d2e7bbee72c710982e4f9074
http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_amd64.deb
Size/MD5 checksum: 791816 3541cf654fc59dd564c7af6642fae4df
http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_amd64.deb
Size/MD5 checksum: 3935362 38fb00c40a25985bf22cfe9805543349
http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_amd64.deb
Size/MD5 checksum: 32846 2f8cd32f087f60c61457f73f75fe3781
ARM architecture:
http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge3_arm.deb
Size/MD5 checksum: 613158 30cd5528198d49208274e50e60611b0a
http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge3_arm.deb
Size/MD5 checksum: 1026 fc64aa8b67f46fcccb6d85db7cb242ad
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge3_arm.deb
Size/MD5 checksum: 3132808 226a69d4fa30d1e0a40f4d761826c230
http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge3_arm.deb
Size/MD5 checksum: 737524 b4aaf84bd60fef147d1131c5ffbc6a0a
http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge3_arm.deb
Size/MD5 checksum: 3719460 8e8d12058f9f7fb9e153d4c3ff79d0f4
http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge3_arm.deb
Size/MD5 checksum: 29880 faa9dc0401eb667e202e12f2d2cf9643
HP Precision architecture:
http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_hppa.deb
Size/MD5 checksum: 654704 4efe04a8f2a81c81860148da029a88a8
http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_hppa.deb
Size/MD5 checksum: 1006 5081a0e11c583460919427c5b0c99a0d
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_hppa.deb
Size/MD5 checksum: 3922234 a2b4f6549b23dd3a6c11ff97b6377d3d
http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_hppa.deb
Size/MD5 checksum: 867856 0955f80a504eb620dbab22129fe96dd3
http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_hppa.deb
Size/MD5 checksum: 3910388 59e8e003f4d65c3e42785226c90d5466
http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_hppa.deb
Size/MD5 checksum: 34496 46aee518b3411566edf62ea822e0edfd
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_i386.deb
Size/MD5 checksum: 567034 2edc13b9a19f6291bb300bcc28b815bd
http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_i386.deb
Size/MD5 checksum: 508698 9f275f4137b40e5cd465e3073527ad34
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_i386.deb
Size/MD5 checksum: 3239308 bd4934402fadbd7c6c6c00260a4ecb88
http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_i386.deb
Size/MD5 checksum: 753218 4f70cd1586e664189be02a84247efe5d
http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_i386.deb
Size/MD5 checksum: 3736626 8710f57842322a711abf6161f57e9bc1
http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_i386.deb
Size/MD5 checksum: 31706 d4e08f75b79d3bb75b4bdea55d668b6f
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_ia64.deb
Size/MD5 checksum: 866526 1f01d28dbc0d3fac81fbf120d048896a
http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_ia64.deb
Size/MD5 checksum: 1000 07c5c9823c9ff29b96ce76c63e4dfd16
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_ia64.deb
Size/MD5 checksum: 4027978 0919c0c823170c46578a52df90f69cfc
http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_ia64.deb
Size/MD5 checksum: 1046706 7f724a26677aa52c39182a5109bd3bf9
http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_ia64.deb
Size/MD5 checksum: 4534722 9a16fed74de4e2e0c43b1135c15df9d3
http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_ia64.deb
Size/MD5 checksum: 50106 e73b65a4b267ca99ba48ef64de4dfdc1
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge3_m68k.deb
Size/MD5 checksum: 457778 f25f1ebbbb4a5ce7b7a4a79c6256987e
http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge3_m68k.deb
Size/MD5 checksum: 1040 9882ea5db94e569a35209a66c74bb390
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge3_m68k.deb
Size/MD5 checksum: 3815032 321dd2b80abad424b678f260d18f323a
http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge3_m68k.deb
Size/MD5 checksum: 692196 733bfa10857d842bd907f408b03a8b3d
http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge3_m68k.deb
Size/MD5 checksum: 3008672 81a0d0613ebe7b9affcd56174e1f955c
http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge3_m68k.deb
Size/MD5 checksum: 27934 68de12bace4cf3de7a339b25119b1611
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge3_mips.deb
Size/MD5 checksum: 657066 7e2c9980c630b3aa1e60348a4998665a
http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge3_mips.deb
Size/MD5 checksum: 1032 3da5c1e82b6194beac8fe7020a38d7a3
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge3_mips.deb
Size/MD5 checksum: 3384320 edfa53822abb7626b2bfd6ac4d5923df
http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge3_mips.deb
Size/MD5 checksum: 781078 f4a7b2e1bbd95c9381503b382d35ba58
http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge3_mips.deb
Size/MD5 checksum: 4017490 ddca3a084b7c9f1b841bd3f93e39a1d0
http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge3_mips.deb
Size/MD5 checksum: 32314 51f707f1c1d3df1c3ad05dc545512c10
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_mipsel.deb
Size/MD5 checksum: 653134 bbb4600b3f9f2512fe9a9233bd06370e
http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_mipsel.deb
Size/MD5 checksum: 1008 42770abda5e92de95a180097e8588304
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_mipsel.deb
Size/MD5 checksum: 3125468 db2214e0762dab59ebe7237fbe8d80b2
http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_mipsel.deb
Size/MD5 checksum: 781866 c3b6aa7d16d60fc0a083601801d57cdd
http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_mipsel.deb
Size/MD5 checksum: 3967958 2d941edd8a70f1461f4bc7ec9b97a396
http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_mipsel.deb
Size/MD5 checksum: 32426 c16e24f77488ab690b9c73d33e9fd7be
PowerPC architecture:
http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_powerpc.deb
Size/MD5 checksum: 624852 fc0e31770a095b3180e8d29daac7ccc7
http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_powerpc.deb
Size/MD5 checksum: 988 5668a4e4abcab40b924c2855c4c34f62
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_powerpc.deb
Size/MD5 checksum: 3509282 9e72e0a6a0d0108d701e9071e0ed4c3b
http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_powerpc.deb
Size/MD5 checksum: 790186 fa6005f52c5a101e053dc24e5247f025
http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_powerpc.deb
Size/MD5 checksum: 3700840 fe73cfba8f036b63839141d4a0564d49
http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_powerpc.deb
Size/MD5 checksum: 33564 e6d5ea2116ea4f5332c1ce887aa9b727
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_s390.deb
Size/MD5 checksum: 604302 92d8311292f70764bafc0b015818d39d
http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_s390.deb
Size/MD5 checksum: 996 8870e77ca4719c8cc1c67f6ac15ee36c
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_s390.deb
Size/MD5 checksum: 3819836 84eed51f2f162825d3bda29af8ddb203
http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_s390.deb
Size/MD5 checksum: 800590 ee302b41b1d011e089cb43db508415ef
http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_s390.deb
Size/MD5 checksum: 4235554 367b0ca68cd88842507c781cbb0e1f84
http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_s390.deb
Size/MD5 checksum: 33240 54ef9ae270587bb4c88f0e2b25d73347
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_sparc.deb
Size/MD5 checksum: 582166 027797bd12344393503ebae3344dfd43
http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_sparc.deb
Size/MD5 checksum: 1006 4183b345e38cd2dcbca8c24cf3d02918
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_sparc.deb
Size/MD5 checksum: 3547444 716f93769b9aa9c442044f9fe96c77c7
http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_sparc.deb
Size/MD5 checksum: 775850 6ef7c40ecdd6e08dbb37d0c02f8c89a2
http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_sparc.deb
Size/MD5 checksum: 3840628 e665c9ff077083f5719b7574e24fae05
http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_sparc.deb
Size/MD5 checksum: 31038 64fcafc906130c016eb45f2394c5b4a8
Debian GNU/Linux 4.0 alias etch
- -------------------------------
Source archives:
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1.dsc
Size/MD5 checksum: 1033 92799d6842afb4c5a9cbf483591b2c36
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1.diff.gz
Size/MD5 checksum: 93005 caec226784d13b4108af359206f4dfe9
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8.orig.tar.gz
Size/MD5 checksum: 12829188 b8c118d4360846829beb30b02a6b91a7
Architecture independent components:
http://security.debian.org/pool/updates/main/p/perl/libcgi-fast-perl_5.8.8-7etch1_all.deb
Size/MD5 checksum: 40906 ac1a3065102a3bb7920a976833f1d3cc
http://security.debian.org/pool/updates/main/p/perl/perl-doc_5.8.8-7etch1_all.deb
Size/MD5 checksum: 7348690 c36b83c80b2c35515f3e6dec6451fda1
http://security.debian.org/pool/updates/main/p/perl/perl-modules_5.8.8-7etch1_all.deb
Size/MD5 checksum: 2313532 915e64aecc9e15678125def5267ea809
Alpha architecture:
http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_alpha.deb
Size/MD5 checksum: 821314 682e53e9c6736c48e31ea26e8697c870
http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_alpha.deb
Size/MD5 checksum: 1016 252a644a15275db90c1a9273e6f3b854
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_alpha.deb
Size/MD5 checksum: 4135606 4925efac08f96859a7c8b47b886e0533
http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_alpha.deb
Size/MD5 checksum: 877900 03dce75ac1f4c9765a24f6f25ba01251
http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_alpha.deb
Size/MD5 checksum: 2928420 1a9ab7809416b7cfc068180646414576
http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_alpha.deb
Size/MD5 checksum: 36248 927d991a17103561f701fb56d512279d
AMD64 architecture:
http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_amd64.deb
Size/MD5 checksum: 630480 cdfbd258b8ee105250f389c3adfdc16e
http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_amd64.deb
Size/MD5 checksum: 1010 101f7c5357740b63a670ae874a3a498a
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_amd64.deb
Size/MD5 checksum: 4238220 a2a9c0db784cc91e249f23e5564207bd
http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_amd64.deb
Size/MD5 checksum: 808804 469c3fd8e358d917225dd49f987bbf8d
http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_amd64.deb
Size/MD5 checksum: 2734912 d34da61c02d263e230b55f911d2dc748
http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_amd64.deb
Size/MD5 checksum: 32798 afac9013d139c7ab1276f50cc35f4512
ARM architecture:
http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_arm.deb
Size/MD5 checksum: 561934 9739f475931e29fb26e23873df727e04
http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_arm.deb
Size/MD5 checksum: 1018 77926e3d601fe1ed9bd75ef5a854d4e4
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_arm.deb
Size/MD5 checksum: 3412144 73c5f41073926ea641d06032b0c5d228
http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_arm.deb
Size/MD5 checksum: 760246 574a68af0f13bc1a80d97c0eaa9ca4fc
http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_arm.deb
Size/MD5 checksum: 2545942 7fb21c951bfd70b24e9b63a4025059f4
http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_arm.deb
Size/MD5 checksum: 30358 ed5a223824e775a2e37b8e492e25abcb
HP Precision architecture:
http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_hppa.deb
Size/MD5 checksum: 693944 441ce7894fc9d46c3a285b8681097a24
http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_hppa.deb
Size/MD5 checksum: 1014 068b7030ce2e74328a567f560690e208
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_hppa.deb
Size/MD5 checksum: 4192184 916514f48c2d5ab511aac0c9d878d133
http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_hppa.deb
Size/MD5 checksum: 868288 7eb4c3e38c25285bc6a0ab6dc5a1d770
http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_hppa.deb
Size/MD5 checksum: 2735540 ff004f914a26621775d0247834e78cae
http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_hppa.deb
Size/MD5 checksum: 33210 c035eeb23dc4a1e04444065ae75f7b24
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_i386.deb
Size/MD5 checksum: 585382 a27a344126f78b50c6874887ba8a7dec
http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_i386.deb
Size/MD5 checksum: 526956 2ae05903f4a08189e5319c4ca869828a
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_i386.deb
Size/MD5 checksum: 3578468 e6a886c21a58d96083d0385ef602df75
http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_i386.deb
Size/MD5 checksum: 762180 e7d2c75b547db6c71e77395461c62e82
http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_i386.deb
Size/MD5 checksum: 2491880 f01678cc32a118929a22ee765ccd4768
http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_i386.deb
Size/MD5 checksum: 32094 56c5c6dded2172596d6bbea68d94068e
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_ia64.deb
Size/MD5 checksum: 977484 94fd1bb72f48559786abedc8b0ea6107
http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_ia64.deb
Size/MD5 checksum: 1006 9272b8f38e0b68c7143401bbe0dd10b3
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_ia64.deb
Size/MD5 checksum: 4335608 4caae66d357b7c8f6a9d3b6ec1b98ac1
http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_ia64.deb
Size/MD5 checksum: 1153272 e61d597589339745c714ada2fa54d397
http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_ia64.deb
Size/MD5 checksum: 3364174 d31a368b96392b89af59fbb529c81d20
http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_ia64.deb
Size/MD5 checksum: 51270 84b6fde3b7ed1898b59267b994efb4ff
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_mipsel.deb
Size/MD5 checksum: 687114 8973b906567dd752c73039a89dcb14ee
http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_mipsel.deb
Size/MD5 checksum: 1012 47029166d1e495ad05a251d4946fbdc2
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_mipsel.deb
Size/MD5 checksum: 3413386 5ff0e279c6934b01d4bf163a5b171584
http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_mipsel.deb
Size/MD5 checksum: 784352 dece00126cd1cf8c07ec673bd8043e6d
http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_mipsel.deb
Size/MD5 checksum: 2729528 194373b4343008cc33b345744b7935fa
http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_mipsel.deb
Size/MD5 checksum: 32336 98092e70a5ea30153ec32f1d87cde1e4
PowerPC architecture:
http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_powerpc.deb
Size/MD5 checksum: 653158 7b39e1fb1a940e19ebe4e9df9f6c1abb
http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_powerpc.deb
Size/MD5 checksum: 1010 4f68cd00058bfe50e5353cc2f1027e30
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_powerpc.deb
Size/MD5 checksum: 3824518 514b283d68bdb8ab5f8211b86fba6dd7
http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_powerpc.deb
Size/MD5 checksum: 810514 54511356fc749a7518d6339d4832ab3e
http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_powerpc.deb
Size/MD5 checksum: 2709230 f62606ee2641c529eed8d6f2aff8489e
http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_powerpc.deb
Size/MD5 checksum: 32902 de438d275e8c95f5dba5096386f3bdbd
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_sparc.deb
Size/MD5 checksum: 594254 32f78d47a9fdb90ac99363642330cea5
http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_sparc.deb
Size/MD5 checksum: 1012 b4cdde1e439f59c484701a503271f3ba
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_sparc.deb
Size/MD5 checksum: 3796708 d85383c57b38d1da74f5d4fed6e33c02
http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_sparc.deb
Size/MD5 checksum: 783042 675e8693a697b670936108a3baeded7f
http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_sparc.deb
Size/MD5 checksum: 2565704 7419d49d4b7ac54b849d432177a3ff36
http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_sparc.deb
Size/MD5 checksum: 31072 40d9e6abb0fd11019912c4877c8bf3ac
These files will probably be moved into the stable distribution on
its next update. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201412-11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: AMD64 x86 emulation base libraries: Multiple vulnerabilities
Date: December 12, 2014
Bugs: #196865, #335508, #483632, #508322
ID: 201412-11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in AMD64 x86 emulation base
libraries, the worst of which may allow remote execution of arbitrary
code.
Background
==========
AMD64 x86 emulation base libraries provides pre-compiled 32-bit
libraries.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-emulation/emul-linux-x86-baselibs
< 20140406-r1 >= 20140406-r1
Description
===========
Multiple vulnerabilities have been discovered in AMD64 x86 emulation
base libraries. Please review the CVE identifiers referenced below for
details.
Impact
======
A context-dependent attacker may be able to execute arbitrary code,
cause a Denial of Service condition, or obtain sensitive information.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All users of the AMD64 x86 emulation base libraries should upgrade to
the latest version:
# emerge --sync
# emerge -1av ">=app-emulation/emul-linux-x86-baselibs-20140406-r1"
NOTE: One or more of the issues described in this advisory have been
fixed in previous updates. They are included in this advisory for the
sake of completeness. It is likely that your system is already no
longer affected by them.
References
==========
[ 1 ] CVE-2007-0720
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0720
[ 2 ] CVE-2007-1536
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1536
[ 3 ] CVE-2007-2026
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2026
[ 4 ] CVE-2007-2445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2445
[ 5 ] CVE-2007-2741
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2741
[ 6 ] CVE-2007-3108
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3108
[ 7 ] CVE-2007-4995
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4995
[ 8 ] CVE-2007-5116
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5116
[ 9 ] CVE-2007-5135
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5135
[ 10 ] CVE-2007-5266
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5266
[ 11 ] CVE-2007-5268
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5268
[ 12 ] CVE-2007-5269
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5269
[ 13 ] CVE-2007-5849
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5849
[ 14 ] CVE-2010-1205
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1205
[ 15 ] CVE-2013-0338
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0338
[ 16 ] CVE-2013-0339
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0339
[ 17 ] CVE-2013-1664
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1664
[ 18 ] CVE-2013-1969
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1969
[ 19 ] CVE-2013-2877
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2877
[ 20 ] CVE-2014-0160
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0160
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201412-11.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2014 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
- -------------------------------------------------------------------
VMware Security Advisory
Advisory ID: VMSA-2008-0001
Synopsis: Moderate OpenPegasus PAM Authentication Buffer
Overflow and updated service console packages
Issue date: 2008-01-07
Updated on: 2008-01-07
CVE numbers: CVE-2007-5360 CVE-2007-5398 CVE-2007-4572
CVE-2007-5191 CVE-2007-5116 CVE-2007-3108
CVE-2007-5135
- -------------------------------------------------------------------
1. Summary:
Updated service console patches
2. Relevant releases:
ESX Server 3.0.2 without patches ESX-1002969, ESX-1002970, ESX-1002971,
ESX-1002975, ESX-1002976
ESX Server 3.0.1 without patches ESX-1002962, ESX-1002963, ESX-1002964,
ESX-1002968, ESX-1002972, ESX-1003176
3. Problem description:
I OpenPegasus PAM Authentication Buffer Overflow
Alexander Sotirov from VMware Security Research discovered a
buffer overflow vulnerability in the OpenPegasus Management server.
This flaw could be exploited by a malicious remote user on the
service console network to gain root access to the service console.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2007-5360 to this issue.
RPM Updated: pegasus-2.5-552927
VM Shutdown: No
Host Reboot: No
Note: ESX Server 3.5 and ESX Server 3i are not affected by this
issue.
ESX Server 3.0.2
http://download3.vmware.com/software/vi/ESX-1002970.tgz
md5sum: d19115e965d486e72100ce489efea707
http://kb.vmware.com/kb/1002970
ESX Server 3.0.1
http://download3.vmware.com/software/vi/ESX-1003176.tgz
md5sum: 5674ca0dcfac90726014cc316444996e
http://kb.vmware.com/kb/1003176
ESX Server 2.5.x
Users should remove the OpenPegasus CIM Management rpm. This
component is disabled by default, and VMware recommends that you
do not use this component of ESX Server 2.x. If you want to
use the CIM functionality, upgrade to ESX Server 3.0.1 or a later
release.
Note: This vulnerability can be exploited remotely only if the
attacker has access to the service console network.
Security best practices provided by VMware recommend that the
service console be isolated from the VM network. Please see
http://www.vmware.com/resources/techresources/726 for more
information on VMware security best practices.
II Service Console package security updates
a. Updated Samba package
An issue where attackers on the service console management
network can cause a stack-based buffer overflow in the
reply_netbios_packet function of nmbd in Samba. On systems
where Samba is being used as a WINS server, exploiting this
vulnerability can allow remote attackers to execute arbitrary
code via crafted WINS Name Registration requests followed by a
WINS Name Query request.
An issue where attackers on the service console management
network can exploit a vulnerability that occurs when Samba is
configured as a Primary or Backup Domain controller. The
vulnerability allows remote attackers to have an unknown impact
via crafted GETDC mailslot requests, related to handling of
GETDC logon server requests.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2007-5398 and CVE-2007-4572 to these
issues.
Note: By default Samba is not configured as a WINS server or a domain
controller and ESX is not vulnerable unless the administrator
has changed the default configuration.
This vulnerability can be exploited remotely only if the
attacker has access to the service console network.
Security best practices provided by VMware recommend that the
service console be isolated from the VM network. Please see
http://www.vmware.com/resources/techresources/726 for more
information on VMware security best practices.
RPM Updated:
samba-3.0.9-1.3E.14.1vmw
samba-client-3.0.9-1.3E.14.1vmw
samba-common-3.0.9-1.3E.14.1vmw
VM Shutdown: Yes
Host Reboot: Yes
ESX Server 3.5.0 is not affected by this issue
ESX Server 3.0.2
http://download3.vmware.com/software/vi/ESX-1002975.tgz
md5sum: 797a7494c2c4eb49629d3f94818df5dd
http://kb.vmware.com/kb/1002975
ESX Server 3.0.1
http://download3.vmware.com/software/vi/ESX-1002968.tgz
md5sum: 5106d90afaf77c3a0d8433487f937d06
http://kb.vmware.com/kb/1002968
ESX Server 2.5.5 download Upgrade Patch 3
ESX Server 2.5.4 download Upgrade Patch 14
b. Updated util-linux package
The patch addresses an issue where the mount and umount
utilities in util-linux call the setuid and setgid functions in
the wrong order and do not check the return values, which could
allow attackers to gain elevated privileges via helper
application such as mount.nfs.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2007-5191 to this issue.
RPM Updated:
util-linux-2.11y-31.24vmw
losetup-2.11y-31.24vmw
mount -2.11y-31.24vmw
VM Shutdown: Yes
Host Reboot: Yes
ESX Server 3.0.2
http://download3.vmware.com/software/vi/ESX-1002976.tgz
md5sum: 0fe833c50c0ecb0ff9340d6674be2e43
http://kb.vmware.com/kb/1002976
ESX Server 3.0.1
http://download3.vmware.com/software/vi/ESX-1002972.tgz
md5sum: 59ca4a43f330c5f0b7a55693aa952cdc
http://kb.vmware.com/kb/1002972
c.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2007-5116 to this issue.
RPM Updated:
perl-5.8.0-97.EL3
VM Shutdown: Yes
Host Reboot: Yes
ESX Server 3.0.2
http://download3.vmware.com/software/vi/ESX-1002971.tgz
md5sum: 337b09d9ae4b1694a045e216b69765e1
http://kb.vmware.com/kb/1002971
ESX Server 3.0.1
http://download3.vmware.com/software/vi/ESX-1002964.tgz
md5sum: d47e26104bfd5e4018ae645638c94487
http://kb.vmware.com/kb/1002964
d. Updated OpenSSL package
A flaw in the SSL_get_shared_ciphers() function can allow an
attacker to cause a buffer overflow problem by sending ciphers
to applications that use the function.
A possible vulnerability that would allow a local attacker to
obtain private RSA keys being used on a system using the OpenSSL
package.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2007-3108, and CVE-2007-5135 to these
issues.
RPM Updated:
openssl-0.9.7a-33.24
VM Shutdown: Yes
Host Reboot: Yes
ESX Server 3.0.2
http://download3.vmware.com/software/vi/ESX-1002969.tgz
md5sum: 72fd28a9f9380158db149259fbdcaa3b
http://kb.vmware.com/kb/1002969
ESX Server 3.0.1
http://download3.vmware.com/software/vi/ESX-1002962.tgz
md5sum: a0727bdc2e1a6f00d5fe77430a6ee9d6
http://kb.vmware.com/kb/1002962
ESX Server 2.5.5 download Upgrade Patch 3
ESX Server 2.5.4 download Upgrade Patch 14
4. Solution:
Please review the Patch notes for your product and version and verify
the md5sum of your downloaded file.
ESX Server 3.x Patches:
http://www.vmware.com/download/vi/vi3_patches.html
ESX Server 2.x Patches:
http://www.vmware.com/download/esx/esx2_patches.html
ESX Server 2.5.5 Upgrade Patch 3
http://download3.vmware.com/software/esx/esx-2.5.5-65742-upgrade.tar.gz
md5sum: 9068250fdd604e8787ef40995a4638f9
http://www.vmware.com/support/esx25/doc/esx-255-200712-patch.html
ESX Server 2.5.4 Upgrade Patch 14
http://download3.vmware.com/software/esx/esx-2.5.4-65752-upgrade.tar.gz
md5sum: 24990b9207f882ccc91545b6fc90273d
http://www.vmware.com/support/esx25/doc/esx-254-200712-patch.html
5. References:
CVE numbers
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5360
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5191
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5116
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3108
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5135
- -------------------------------------------------------------------
6. Contact:
E-mail list for product security notifications and announcements:
http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
* security-announce@lists.vmware.com
* bugtraq@securityfocus.com
* full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com
Security web site
http://www.vmware.com/security
VMware security response policy
http://www.vmware.com/support/policies/security_response.html
General support life cycle policy
http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy
http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFHgtXJS2KysvBH1xkRCPnYAJoDMpdOmgs4e+JQ610SCjnKF99wpgCfcVO3
UCcAvs574f1LCZv+8lPQvrk=
=Hzno
-----END PGP SIGNATURE-----
.
Updated packages have been patched to prevent these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5116
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2007.0:
7dee97092269465ccb5de0f35321ab13 2007.0/i586/perl-5.8.8-7.1mdv2007.0.i586.rpm
efd626e1f1efd248e6c6570e88a599c3 2007.0/i586/perl-base-5.8.8-7.1mdv2007.0.i586.rpm
62b10d28a5abc05d3b8cd35c7f68e8aa 2007.0/i586/perl-devel-5.8.8-7.1mdv2007.0.i586.rpm
3a9dc19143ab6a27713fdeb6665d8d76 2007.0/i586/perl-doc-5.8.8-7.1mdv2007.0.i586.rpm
60b511580ae4f514434dd111efa42872 2007.0/i586/perl-suid-5.8.8-7.1mdv2007.0.i586.rpm
08e44392992b4ab983bf85debb8be462 2007.0/SRPMS/perl-5.8.8-7.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64:
be33f079454aec3b88f21716dfacf8d6 2007.0/x86_64/perl-5.8.8-7.1mdv2007.0.x86_64.rpm
5a82850218434119c3f55047b3068213 2007.0/x86_64/perl-base-5.8.8-7.1mdv2007.0.x86_64.rpm
4f995ed4fa46f2bf79a427d9341e895b 2007.0/x86_64/perl-devel-5.8.8-7.1mdv2007.0.x86_64.rpm
e949a7e20661c6c5f4c4511f25196ff6 2007.0/x86_64/perl-doc-5.8.8-7.1mdv2007.0.x86_64.rpm
a3df44cc0b957b02bfcab3eed98542dd 2007.0/x86_64/perl-suid-5.8.8-7.1mdv2007.0.x86_64.rpm
08e44392992b4ab983bf85debb8be462 2007.0/SRPMS/perl-5.8.8-7.1mdv2007.0.src.rpm
Mandriva Linux 2007.1:
efb800025ab3001b90af0e16e5a49886 2007.1/i586/perl-5.8.8-10.1mdv2007.1.i586.rpm
515beec177dd5a0418090016ae357274 2007.1/i586/perl-base-5.8.8-10.1mdv2007.1.i586.rpm
ae79195a6f27e44fd4ff7899497cf948 2007.1/i586/perl-devel-5.8.8-10.1mdv2007.1.i586.rpm
f721306e820d4c66db3466917cde67f9 2007.1/i586/perl-doc-5.8.8-10.1mdv2007.1.i586.rpm
85a219e5b2c3788841024be8d81b2cac 2007.1/i586/perl-suid-5.8.8-10.1mdv2007.1.i586.rpm
9b22a92ec4a3dc898a12bbb80ada4de2 2007.1/SRPMS/perl-5.8.8-10.1mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64:
1a17302f843293a5dc0063fe3e4549c0 2007.1/x86_64/perl-5.8.8-10.1mdv2007.1.x86_64.rpm
c85ba481d517ec81c54eea5bc7064405 2007.1/x86_64/perl-base-5.8.8-10.1mdv2007.1.x86_64.rpm
5d3b84a1444339a83058bc3493506d22 2007.1/x86_64/perl-devel-5.8.8-10.1mdv2007.1.x86_64.rpm
005d395a8717bd5af248820eb01cc1d8 2007.1/x86_64/perl-doc-5.8.8-10.1mdv2007.1.x86_64.rpm
f6c966ea032f921f033934d1f894b96b 2007.1/x86_64/perl-suid-5.8.8-10.1mdv2007.1.x86_64.rpm
9b22a92ec4a3dc898a12bbb80ada4de2 2007.1/SRPMS/perl-5.8.8-10.1mdv2007.1.src.rpm
Mandriva Linux 2008.0:
6e84010549818c839e91034391b79f4f 2008.0/i586/perl-5.8.8-12.1mdv2008.0.i586.rpm
f09541f2caf348aee64161cecdf7276e 2008.0/i586/perl-base-5.8.8-12.1mdv2008.0.i586.rpm
dce7ae7aba1d356fd366075b67478493 2008.0/i586/perl-devel-5.8.8-12.1mdv2008.0.i586.rpm
b3169afea74fd707021d03410172b6c0 2008.0/i586/perl-doc-5.8.8-12.1mdv2008.0.i586.rpm
78585fde0ad5b02f3e7c0f01d31a1ccf 2008.0/i586/perl-suid-5.8.8-12.1mdv2008.0.i586.rpm
584ad050342c7136e161fc48d29398bf 2008.0/SRPMS/perl-5.8.8-12.1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64:
6ee9071cb1b0a6f38e731b1cd9a421e7 2008.0/x86_64/perl-5.8.8-12.1mdv2008.0.x86_64.rpm
d7bd85fb101d94bf1dc84bcf817533d7 2008.0/x86_64/perl-base-5.8.8-12.1mdv2008.0.x86_64.rpm
031487e27d7f2a12003efe8ab714a096 2008.0/x86_64/perl-devel-5.8.8-12.1mdv2008.0.x86_64.rpm
3c1846b134cbd1461ffd291a95f6e2d2 2008.0/x86_64/perl-doc-5.8.8-12.1mdv2008.0.x86_64.rpm
99f545fefe35f45b5d90d2f98fe14da5 2008.0/x86_64/perl-suid-5.8.8-12.1mdv2008.0.x86_64.rpm
584ad050342c7136e161fc48d29398bf 2008.0/SRPMS/perl-5.8.8-12.1mdv2008.0.src.rpm
Corporate 3.0:
9388a0766403e1accc6afc3d963960ba corporate/3.0/i586/perl-5.8.3-5.6.C30mdk.i586.rpm
a67623fb7d2e4e18ca8976c64e43a4ca corporate/3.0/i586/perl-base-5.8.3-5.6.C30mdk.i586.rpm
9068ad50c3e10c29940bb071651a8d4d corporate/3.0/i586/perl-devel-5.8.3-5.6.C30mdk.i586.rpm
a8a2e1b1963c212e4644c320f27c71d3 corporate/3.0/i586/perl-doc-5.8.3-5.6.C30mdk.i586.rpm
15b73b73ea6dd0de1100e1445690c034 corporate/3.0/SRPMS/perl-5.8.3-5.6.C30mdk.src.rpm
Corporate 3.0/X86_64:
f2f7445b49d5d7afa7b3766d71bdf65f corporate/3.0/x86_64/perl-5.8.3-5.6.C30mdk.x86_64.rpm
ef5dabb99fdbe28068089eba1fd8bcc4 corporate/3.0/x86_64/perl-base-5.8.3-5.6.C30mdk.x86_64.rpm
4a5a04a330db20f460229aa69ded5e95 corporate/3.0/x86_64/perl-devel-5.8.3-5.6.C30mdk.x86_64.rpm
2bc06d931706f57fa946822f9396ffd6 corporate/3.0/x86_64/perl-doc-5.8.3-5.6.C30mdk.x86_64.rpm
15b73b73ea6dd0de1100e1445690c034 corporate/3.0/SRPMS/perl-5.8.3-5.6.C30mdk.src.rpm
Corporate 4.0:
e158109794ad5e71bc02f41adec150e1 corporate/4.0/i586/perl-5.8.7-3.3.20060mlcs4.i586.rpm
03c680726cf01c3d8f25cb7d61d7bb10 corporate/4.0/i586/perl-base-5.8.7-3.3.20060mlcs4.i586.rpm
51f55a3998dbcf2e9abcf821ffb3026f corporate/4.0/i586/perl-devel-5.8.7-3.3.20060mlcs4.i586.rpm
f936e8720be0d37223b8a97dc2ed2704 corporate/4.0/i586/perl-doc-5.8.7-3.3.20060mlcs4.i586.rpm
b4068ddb2d92f4845c29a6b3ca8feef5 corporate/4.0/i586/perl-suid-5.8.7-3.3.20060mlcs4.i586.rpm
3b23f4612d0a011d50c5eb6960ffa5c4 corporate/4.0/SRPMS/perl-5.8.7-3.3.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
c42250a8c42a0e349102ff977c6659cc corporate/4.0/x86_64/perl-5.8.7-3.3.20060mlcs4.x86_64.rpm
82d2bcbda0229415464c10471f881517 corporate/4.0/x86_64/perl-base-5.8.7-3.3.20060mlcs4.x86_64.rpm
7f07eddd92d4c49b3ee5c32c69d52996 corporate/4.0/x86_64/perl-devel-5.8.7-3.3.20060mlcs4.x86_64.rpm
140b57c79fc305a52e13ce5550e7d05c corporate/4.0/x86_64/perl-doc-5.8.7-3.3.20060mlcs4.x86_64.rpm
ec3007ca202716e0c3872c37141fc2cc corporate/4.0/x86_64/perl-suid-5.8.7-3.3.20060mlcs4.x86_64.rpm
3b23f4612d0a011d50c5eb6960ffa5c4 corporate/4.0/SRPMS/perl-5.8.7-3.3.20060mlcs4.src.rpm
Multi Network Firewall 2.0:
8ea5d389e9ddd9ca2e1b78869ad14ca7 mnf/2.0/i586/perl-5.8.3-5.6.M20mdk.i586.rpm
f53bd974980010568e5153578d628323 mnf/2.0/i586/perl-base-5.8.3-5.6.M20mdk.i586.rpm
1335c295512b38ea524e201c66551132 mnf/2.0/i586/perl-devel-5.8.3-5.6.M20mdk.i586.rpm
8e306b59ecbb8583d5c1e4e74ef62e34 mnf/2.0/i586/perl-doc-5.8.3-5.6.M20mdk.i586.rpm
7576ea8ec817978b4602f5bf4c3436c5 mnf/2.0/SRPMS/perl-5.8.3-5.6.M20mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFHL9FBmqjQ0CJFipgRAhxaAJ44oWRrf/Q1Zj9q+HP4Y3pj9Y8XugCg398H
Rl9c0TwvCe/HjAyI42+NhlU=
=o1R+
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
.
Background
==========
Perl is a stable, cross-platform programming language created by Larry
Wall.
b. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01362465
Version: 1
HPSBTU02311 SSRT080001 rev.1 - HP Tru64 UNIX running Perl, Remote Execution of Arbitrary Code
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-02-19
Last Updated: 2008-02-19
Potential Security Impact: Execution of Arbitrary Code
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
A potential security vulnerability has been identified in Perl 5.8.7 and earlier running on HP Tru64 UNIX.
References: CVE-2007-5116
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP Tru64 UNIX v 5.1B-4
HP Tru64 UNIX v 5.1B-3
Internet Express (IX) for HP Tru64 UNIX v 6.7
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score
CVE-2007-5116 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
RESOLUTION
HP is releasing the following Early Release Patch (ERP) kits publicly for use by any customer until updates are available in mainstream release patch kits.
The resolutions contained in the ERP kits are targeted for availability in the following mainstream kits:
The Associated Products CD (APCD) associated with HP Tru64 UNIX v 5.1B-5
Internet Express (IX) for HP Tru64 UNIX v 6.8
The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERPs. Contact your service provider for assistance if the installation of the ERPs is blocked by any of your installed CSPs.
The ERP kits distribute the following items:
Patched version of Perl v 5.8.8 including source code
HP Tru64 UNIX Version v5.1B-4
PREREQUISITE: HP Tru64 UNIX v5.1B-4 PK6 (BL27)
Name: perl_V51BB27-ES-20080207
Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=perl_V51BB27-ES-20080207
HP Tru64 UNIX Version v5.1B-3
PREREQUISITE: HP Tru64 UNIX v5.1B-3 PK5 (BL26)
Name: perl_V51BB26-ES-20080204
Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001399-V51BB26-ES-20071207
Internet Express (IX) for HP Tru64 UNIX v 6.7
PREREQUISITE: HP Tru64 UNIX v5.1B-3 PK5 (BL26) or HP Tru64 UNIX v5.1B-3 PK5 (BL26)
NOTE: Use the Perl patch kit appropriate to the operating system version
MD5 checksums are available from the ITRC patch database main page. From the patch database main page, click Tru64 UNIX, then click verifying MD5 checksums under useful links.
PRODUCT SPECIFIC INFORMATION
HISTORY
Version:1 (rev.1) - 19 February 2008 Initial release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information.
To get the security-alert PGP key, please send an e-mail message as follows:
To: security-alert@hp.com
Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email:
http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC
On the web page: ITRC security bulletins and patch sign-up
Under Step1: your ITRC security bulletins and patches
- check ALL categories for which alerts are required and continue.
Under Step2: your ITRC operating systems
- verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php
Log in on the web page: Subscriber's choice for Business: sign-in.
On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW
MA = HP Management Agents
MI = Misc. 3rd Party SW
MP = HP MPE/iX
NS = HP NonStop Servers
OV = HP OpenVMS
PI = HP Printing & Imaging
ST = HP Storage SW
TL = HP Trusted Linux
TU = HP Tru64 UNIX
UX = HP-UX
VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2008 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners |
|
var-201806-1462
|
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site that triggers an @generatorState use-after-free. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. WebKit is one of the web browser engine components. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201808-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebkitGTK+: Multiple vulnerabilities
Date: August 22, 2018
Bugs: #652820, #658168, #662974
ID: 201808-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in WebKitGTK+, the worst of
which may lead to arbitrary code execution.
Background
==========
WebKitGTK+ is a full-featured port of the WebKit rendering engine,
suitable for projects requiring any kind of web integration, from
hybrid HTML/CSS applications to full-fledged web browsers.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.20.4 >= 2.20.4
Description
===========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the referenced CVE identifiers for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All WebkitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.20.4"
References
==========
[ 1 ] CVE-2018-11646
https://nvd.nist.gov/vuln/detail/CVE-2018-11646
[ 2 ] CVE-2018-11712
https://nvd.nist.gov/vuln/detail/CVE-2018-11712
[ 3 ] CVE-2018-11713
https://nvd.nist.gov/vuln/detail/CVE-2018-11713
[ 4 ] CVE-2018-12293
https://nvd.nist.gov/vuln/detail/CVE-2018-12293
[ 5 ] CVE-2018-12294
https://nvd.nist.gov/vuln/detail/CVE-2018-12294
[ 6 ] CVE-2018-4101
https://nvd.nist.gov/vuln/detail/CVE-2018-4101
[ 7 ] CVE-2018-4113
https://nvd.nist.gov/vuln/detail/CVE-2018-4113
[ 8 ] CVE-2018-4114
https://nvd.nist.gov/vuln/detail/CVE-2018-4114
[ 9 ] CVE-2018-4117
https://nvd.nist.gov/vuln/detail/CVE-2018-4117
[ 10 ] CVE-2018-4118
https://nvd.nist.gov/vuln/detail/CVE-2018-4118
[ 11 ] CVE-2018-4119
https://nvd.nist.gov/vuln/detail/CVE-2018-4119
[ 12 ] CVE-2018-4120
https://nvd.nist.gov/vuln/detail/CVE-2018-4120
[ 13 ] CVE-2018-4121
https://nvd.nist.gov/vuln/detail/CVE-2018-4121
[ 14 ] CVE-2018-4122
https://nvd.nist.gov/vuln/detail/CVE-2018-4122
[ 15 ] CVE-2018-4125
https://nvd.nist.gov/vuln/detail/CVE-2018-4125
[ 16 ] CVE-2018-4127
https://nvd.nist.gov/vuln/detail/CVE-2018-4127
[ 17 ] CVE-2018-4128
https://nvd.nist.gov/vuln/detail/CVE-2018-4128
[ 18 ] CVE-2018-4129
https://nvd.nist.gov/vuln/detail/CVE-2018-4129
[ 19 ] CVE-2018-4133
https://nvd.nist.gov/vuln/detail/CVE-2018-4133
[ 20 ] CVE-2018-4146
https://nvd.nist.gov/vuln/detail/CVE-2018-4146
[ 21 ] CVE-2018-4162
https://nvd.nist.gov/vuln/detail/CVE-2018-4162
[ 22 ] CVE-2018-4163
https://nvd.nist.gov/vuln/detail/CVE-2018-4163
[ 23 ] CVE-2018-4165
https://nvd.nist.gov/vuln/detail/CVE-2018-4165
[ 24 ] CVE-2018-4190
https://nvd.nist.gov/vuln/detail/CVE-2018-4190
[ 25 ] CVE-2018-4192
https://nvd.nist.gov/vuln/detail/CVE-2018-4192
[ 26 ] CVE-2018-4199
https://nvd.nist.gov/vuln/detail/CVE-2018-4199
[ 27 ] CVE-2018-4200
https://nvd.nist.gov/vuln/detail/CVE-2018-4200
[ 28 ] CVE-2018-4201
https://nvd.nist.gov/vuln/detail/CVE-2018-4201
[ 29 ] CVE-2018-4204
https://nvd.nist.gov/vuln/detail/CVE-2018-4204
[ 30 ] CVE-2018-4214
https://nvd.nist.gov/vuln/detail/CVE-2018-4214
[ 31 ] CVE-2018-4218
https://nvd.nist.gov/vuln/detail/CVE-2018-4218
[ 32 ] CVE-2018-4222
https://nvd.nist.gov/vuln/detail/CVE-2018-4222
[ 33 ] CVE-2018-4232
https://nvd.nist.gov/vuln/detail/CVE-2018-4232
[ 34 ] CVE-2018-4233
https://nvd.nist.gov/vuln/detail/CVE-2018-4233
[ 35 ] CVE-2018-4261
https://nvd.nist.gov/vuln/detail/CVE-2018-4261
[ 36 ] CVE-2018-4262
https://nvd.nist.gov/vuln/detail/CVE-2018-4262
[ 37 ] CVE-2018-4263
https://nvd.nist.gov/vuln/detail/CVE-2018-4263
[ 38 ] CVE-2018-4264
https://nvd.nist.gov/vuln/detail/CVE-2018-4264
[ 39 ] CVE-2018-4265
https://nvd.nist.gov/vuln/detail/CVE-2018-4265
[ 40 ] CVE-2018-4266
https://nvd.nist.gov/vuln/detail/CVE-2018-4266
[ 41 ] CVE-2018-4267
https://nvd.nist.gov/vuln/detail/CVE-2018-4267
[ 42 ] CVE-2018-4270
https://nvd.nist.gov/vuln/detail/CVE-2018-4270
[ 43 ] CVE-2018-4272
https://nvd.nist.gov/vuln/detail/CVE-2018-4272
[ 44 ] CVE-2018-4273
https://nvd.nist.gov/vuln/detail/CVE-2018-4273
[ 45 ] CVE-2018-4278
https://nvd.nist.gov/vuln/detail/CVE-2018-4278
[ 46 ] CVE-2018-4284
https://nvd.nist.gov/vuln/detail/CVE-2018-4284
[ 47 ] WebKitGTK+ Security Advisory WSA-2018-0003
https://webkitgtk.org/security/WSA-2018-0003.html
[ 48 ] WebKitGTK+ Security Advisory WSA-2018-0004
https://webkitgtk.org/security/WSA-2018-0004.html
[ 49 ] WebKitGTK+ Security Advisory WSA-2018-0005
https://webkitgtk.org/security/WSA-2018-0005.html
[ 50 ] WebKitGTK+ Security Advisory WSA-2018-0006
https://webkitgtk.org/security/WSA-2018-0006.html
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201808-04
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2018 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. ------------------------------------------------------------------------
WebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0005
------------------------------------------------------------------------
Date reported : June 13, 2018
Advisory ID : WSA-2018-0005
WebKitGTK+ Advisory URL :
https://webkitgtk.org/security/WSA-2018-0005.html
WPE WebKit Advisory URL :
https://wpewebkit.org/security/WSA-2018-0005.html
CVE identifiers : CVE-2018-4190, CVE-2018-4192, CVE-2018-4199,
CVE-2018-4201, CVE-2018-4214, CVE-2018-4218,
CVE-2018-4222, CVE-2018-4232, CVE-2018-4233,
CVE-2018-11646, CVE-2018-11712,
CVE-2018-11713, CVE-2018-12293,
CVE-2018-12294.
Several vulnerabilities were discovered in WebKitGTK+ and WPE WebKit.
Credit to Jun Kokatsu (@shhnjk).
Impact: Visiting a maliciously crafted website may leak sensitive
data. Description: Credentials were unexpectedly sent when fetching
CSS mask images. This was addressed by using a CORS-enabled fetch
method.
Credit to Markus Gaasedelen, Nick Burnett, and Patrick Biernat of
Ret2 Systems, Inc working with Trend Micro's Zero Day Initiative.
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Description: A race condition was
addressed with improved locking.
Credit to Alex Plaskett, Georgi Geshev, Fabi Beterke, and Nils of
MWR Labs working with Trend Micro's Zero Day Initiative.
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Description: A buffer overflow issue was
addressed with improved memory handling.
Credit to an anonymous researcher.
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to OSS-Fuzz.
Impact: Processing maliciously crafted web content may lead to an
unexpected application crash. Description: A memory corruption issue
was addressed with improved input validation.
Credit to Natalie Silvanovich of Google Project Zero.
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Natalie Silvanovich of Google Project Zero.
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Description: An out-of-bounds read was
addressed with improved input validation.
Credit to Aymeric Chaib.
Impact: Visiting a maliciously crafted website may lead to cookies
being overwritten. Description: A permissions issue existed in the
handling of web browser cookies. This issue was addressed with
improved restrictions.
Credit to Samuel Gross (@5aelo) working with Trend Micro's Zero Day
Initiative.
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Mishra Dhiraj.
Credit to Metrological Group B.V.
The libsoup network backend of WebKit failed to perform TLS
certificate verification for WebSocket connections.
Credit to Dirkjan Ochtman.
The libsoup network backend of WebKit unexpectedly failed to use
system proxy settings for WebSocket connections. As a result, users
could be deanonymized by crafted web sites via a WebSocket
connection.
Credit to ADlab of Venustech.
Maliciously crafted web content could achieve a heap buffer overflow
in ImageBufferCairo by exploiting multiple integer overflow issues.
Credit to ADlab of Venustech.
Maliciously crafted web content could trigger a use-after-free of a
TextureMapperLayer object.
We recommend updating to the latest stable versions of WebKitGTK+ and
WPE WebKit. It is the best way to ensure that you are running a safe
version of WebKit. Please check our websites for information about the
latest stable releases.
Further information about WebKitGTK+ and WPE WebKit security advisories
can be found at https://webkitgtk.org/security.html or
https://wpewebkit.org/security/.
The WebKitGTK+ and WPE WebKit team,
June 13, 2018
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2018-06-01-4 iOS 11.4
iOS 11.4 addresses the following:
Bluetooth
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious application may be able to elevate privileges
Description: A buffer overflow was addressed with improved size
validation.
CVE-2018-4215: Abraham Masri (@cheesecakeufo)
Contacts
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted vcf file may lead to a
denial of service
Description: A validation issue existed in the handling of phone
numbers.
CVE-2018-4100: Abraham Masri (@cheesecakeufo)
FontParser
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
validation.
CVE-2018-4211: Proteas of Qihoo 360 Nirvan Team
iBooks
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker in a privileged network position may be able to
spoof password prompts in iBooks
Description: An input validation issue was addressed with improved
input validation.
CVE-2018-4202: Jerry Decime
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A denial of service issue was addressed with improved
validation.
CVE-2018-4249: Kevin Backhouse of Semmle Ltd.
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A buffer overflow was addressed with improved bounds
checking.
CVE-2018-4241: Ian Beer of Google Project Zero
CVE-2018-4243: Ian Beer of Google Project Zero
libxpc
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: A logic issue was addressed with improved validation.
CVE-2018-4237: Samuel GroA (@5aelo) working with Trend Micro's Zero
Day Initiative
Magnifier
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A person with physical access to an iOS device may be able to
view the last image used in Magnifier from the lockscreen
Description: A permissions issue existed in Magnifier. This was
addressed with additional permission checks.
CVE-2018-4239: an anonymous researcher
Mail
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker may be able to exfiltrate the contents of
S/MIME-encrypted e-mail
Description: An issue existed in the handling of encrypted Mail.
CVE-2018-4227: Damian Poddebniak of MA1/4nster University of Applied
Sciences, Christian Dresen of MA1/4nster University of Applied Sciences,
Jens MA1/4ller of Ruhr University Bochum, Fabian Ising of MA1/4nster
University of Applied Sciences, Sebastian Schinzel of MA1/4nster
University of Applied Sciences, Simon Friedberger of KU Leuven, Juraj
Somorovsky of Ruhr University Bochum, JAPrg Schwenk of Ruhr University
Bochum
Messages
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local user may be able to conduct impersonation attacks
Description: An injection issue was addressed with improved input
validation.
CVE-2018-4235: Anurodh Pokharel of Salesforce.com
Messages
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted message may lead to a denial
of service
Description: This issue was addressed with improved message
validation.
CVE-2018-4240: Sriram (@Sri_Hxor) of PrimeFort Pvt. Ltd
CVE-2018-4250: Metehan YA+-lmaz of Sesim Sarpkaya
Safari
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious website may be able to cause a denial of service
Description: A denial of service issue was addressed with improved
validation.
CVE-2018-4247: FranASSois Renaud, Jesse Viviano of Verizon Enterprise
Solutions
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local user may be able to read a persistent account
identifier
Description: An authorization issue was addressed with improved state
management.
CVE-2018-4223: Abraham Masri (@cheesecakeufo)
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Users may be tracked by malicious websites using client
certificates
Description: An issue existed in the handling of S-MIME
certificaties.
CVE-2018-4221: Damian Poddebniak of MA1/4nster University of Applied
Sciences, Christian Dresen of MA1/4nster University of Applied Sciences,
Jens MA1/4ller of Ruhr University Bochum, Fabian Ising of MA1/4nster
University of Applied Sciences, Sebastian Schinzel of MA1/4nster
University of Applied Sciences, Simon Friedberger of KU Leuven, Juraj
Somorovsky of Ruhr University Bochum, JAPrg Schwenk of Ruhr University
Bochum
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local user may be able to read a persistent device
identifier
Description: An authorization issue was addressed with improved state
management.
CVE-2018-4224: Abraham Masri (@cheesecakeufo)
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local user may be able to modify the state of the Keychain
Description: An authorization issue was addressed with improved state
management.
CVE-2018-4225: Abraham Masri (@cheesecakeufo)
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local user may be able to view sensitive user information
Description: An authorization issue was addressed with improved state
management.
CVE-2018-4226: Abraham Masri (@cheesecakeufo)
Siri
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A person with physical access to an iOS device may be able to
enable Siri from the lock screen
Description: An issue existed with Siri permissions.
CVE-2018-4238: Baljinder Singh, Muhammad khizer javed, Onur Can
BIKMAZ (@CanBkmaz) of Mustafa Kemal University
Siri
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A person with physical access to an iOS device may be able to
use Siri to read notifications of content that is set not to be
displayed at the lock screen
Description: An issue existed with Siri permissions.
CVE-2018-4252: Hunter Byrnes, Martin Winkelmann (@Winkelmannnn)
Siri Contacts
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker with physical access to a device may be able to
see private contact information
Description: An issue existed with Siri permissions.
CVE-2018-4244: an anonymous researcher
UIKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted text file may lead to a
denial of service
Description: A validation issue existed in the handling of text.
CVE-2018-4198: Hunter Byrnes
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a malicious website may lead to address bar spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2018-4188: YoKo Kho (@YoKoAcc) of Mitra Integrasi Informatika, PT
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4201: an anonymous researcher
CVE-2018-4218: Natalie Silvanovich of Google Project Zero
CVE-2018-4233: Samuel GroA (@5aelo) working with Trend Micro's Zero
Day Initiative
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A buffer overflow issue was addressed with improved
memory handling.
CVE-2018-4199: Alex Plaskett, Georgi Geshev, Fabi Beterke, and Nils
of MWR Labs working with Trend Micro's Zero Day Initiative
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a maliciously crafted website may lead to cookies
being overwritten
Description: A permissions issue existed in the handling of web
browser cookies.
CVE-2018-4192: Markus Gaasedelen, Nick Burnett, and Patrick Biernat
of Ret2 Systems, Inc working with Trend Micro's Zero Day Initiative
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to an
unexpected Safari crash
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4204: found by OSS-Fuzz, Richard Zhu (fluorescence) working
with Trend Micro's Zero Day Initiative
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed with improved
memory handling.
CVE-2018-4246: found by OSS-Fuzz
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a maliciously crafted website may leak sensitive
data
Description: Credentials were unexpectedly sent when fetching CSS
mask images.
CVE-2018-4222: Natalie Silvanovich of Google Project Zero
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 11.4".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEWpnGpHhyhjM9LuGIyxcaHpDFUHMFAlsRa1ApHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQyxcaHpDFUHObHBAA
jBRwdrK3Eks7V798k16MQFOvlqkofZWO3D+Qxb5OSzxixGy0r/vml78tnerJ546C
p9UrL/1IxH1PERiWevubg6nbWFstBrOhY0FWLiope9oLAMB92iMM/7a+O/6EHjOc
9p6Y/Bud0OwFHEoJmN4HLGMUubm1uTAdalXSmfanxuFvjpxAeczYvW/+wAblOnHr
KfclXy68dfUlW0NMP0kbQwnk1lVrb8QKEeayYli19c8zSVC38eYyKYZwhRC37yWT
ViBRSz9zVvgJQKX4JgjV6cRO3uIFZX+sksr6VdMM0nHjsTUT6Mc+IAe9Is3YlJCO
x0H8+WeloeKrwNDs60Grz7tRNVpevIlInLEQJkuoOD3niWqzt0Q40IzCNlgd8FBv
ZB5iencgWy/ObRJSgoOq29EIlt+KEb9nSJx3h6kByo0ZxYhSVrDm44cHzCF0+/zN
vY4XR3hJpc1S3ySiSkWHIhqjPAEP7cb/D7Az/5SGgle8cklem5haOdzAkeOHnzim
laKEg+F3vue6W+n9iv0x0byVBhC5Xr1iNuRh7+uor5TIVPR2s4moWOWvyTruG2Kk
RLlL700y2OZl/04nTgxxShCwLygXiKd07nuFIh4fKiMcGw31HKx1Choof6sPHqzo
Grg2dx9YQXTCTIsdDNG581MIwzVvJPLSM5OeNsHQEd0=
=7ZCv
-----END PGP SIGNATURE-----
.
Alternatively, on your watch, select "My Watch > General > About". ==========================================================================
Ubuntu Security Notice USN-3687-1
June 18, 2018
webkit2gtk vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 17.10
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in WebKitGTK+.
Software Description:
- webkit2gtk: Web content engine library for GTK+
Details:
A large number of security issues were discovered in the WebKitGTK+ Web and
JavaScript engines.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
libjavascriptcoregtk-4.0-18 2.20.3-0ubuntu0.18.04.1
libwebkit2gtk-4.0-37 2.20.3-0ubuntu0.18.04.1
Ubuntu 17.10:
libjavascriptcoregtk-4.0-18 2.20.3-0ubuntu0.17.10.1
libwebkit2gtk-4.0-37 2.20.3-0ubuntu0.17.10.1
Ubuntu 16.04 LTS:
libjavascriptcoregtk-4.0-18 2.20.3-0ubuntu0.16.04.1
libwebkit2gtk-4.0-37 2.20.3-0ubuntu0.16.04.1
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK+, such as Epiphany, to make all the necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3687-1
CVE-2018-12293, CVE-2018-4190, CVE-2018-4199, CVE-2018-4218,
CVE-2018-4222, CVE-2018-4232, CVE-2018-4233
Package Information:
https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.3-0ubuntu0.18.04.1
https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.3-0ubuntu0.17.10.1
https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.3-0ubuntu0.16.04.1
|
|
var-200107-0019
|
Cisco routers and switches running IOS 12.0 through 12.2.1 allows a remote attacker to cause a denial of service via a flood of UDP packets. The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial of service. Due to a problem parsing carriage return/line feeds in RFC822 format mail messages, The Bat! mail client may permaturely detect the end of a mail message, causing an error to occur. This error may prevent the mail user from retrieving other mail messages until the message with the error is removed. If numerous requests are made for MS DOS device names, ncgihttp.exe inappropriately handles them, resulting in the exhaustion of system resources. A potential denial of service condition may exist in Cisco's IOS firmware.
The problem reportedly occurs when a large number of UDP packets are sent to device running IOS. This causes the system to use all available CPU resources and thus become unresponsive. The device may have to be reset manually if the attack is successful. -----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary
May 10, 2001
Volume 6 Number 6
X-Force Vulnerability and Threat Database: http://xforce.iss.net/ To
receive these Alert Summaries as well as other Alerts and Advisories,
subscribe to the Internet Security Systems Alert mailing list at:
http://xforce.iss.net/maillists/index.php
This summary can be found at:
http://xforce.iss.net/alerts/vol-6_num-6.php
_____
Contents:
* 120 Reported Vulnerabilities
* Risk Factor Key
_____
Date Reported: 04/02/2001
Brief Description: The Bat! masked file type in email attachment
could allow execution of code
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: The Bat! 1.49 and earlier
Vulnerability: thebat-masked-file-type
X-Force URL: http://xforce.iss.net/static/6324.php
Date Reported: 04/02/2001
Brief Description: PHP-Nuke could allow attackers to redirect ad
banner URL links
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: PHP-Nuke 4.4 and earlier
Vulnerability: php-nuke-url-redirect
X-Force URL: http://xforce.iss.net/static/6342.php
Date Reported: 04/03/2001
Brief Description: Orinoco RG-1000 Residential Gateway default SSID
reveals WEP encryption key
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: Orinoco Residential Gateway RG-1000
Vulnerability: orinoco-rg1000-wep-key
X-Force URL: http://xforce.iss.net/static/6328.php
Date Reported: 04/03/2001
Brief Description: Navision Financials server denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Navision Financials 2.5 and 2.6
Vulnerability: navision-server-dos
X-Force URL: http://xforce.iss.net/static/6318.php
Date Reported: 04/03/2001
Brief Description: uStorekeeper online shopping system allows
remote file retrieval
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: uStorekeeper 1.61
Vulnerability: ustorekeeper-retrieve-files
X-Force URL: http://xforce.iss.net/static/6319.php
Date Reported: 04/03/2001
Brief Description: Resin server allows remote attackers to view
Javabean files
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Resin 1.2.x, Resin 1.3b1
Vulnerability: resin-view-javabean
X-Force URL: http://xforce.iss.net/static/6320.php
Date Reported: 04/03/2001
Brief Description: BPFTP could allow attackers to obtain login
credentials
Risk Factor: High
Attack Type: Network Based
Platforms Affected: BPFTP 2.0
Vulnerability: bpftp-obtain-credentials
X-Force URL: http://xforce.iss.net/static/6330.php
Date Reported: 04/04/2001
Brief Description: Ntpd server readvar control message buffer
overflow
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6, AIX 5.1,
Slackware Linux 7.1, Engarde Secure Linux 1.0.1,
Progeny Linux, SuSE Linux 7.1, ntpd 4.0.99k and
earlier, FreeBSD 4.2-Stable, Mandrake Linux
Corporate Server 1.0.1, Mandrake Linux 7.2,
Trustix Secure Linux, Immunix Linux 7.0,
NetBSD 1.5, SuSE Linux 7.0, Caldera OpenLinux
eServer 2.3.1
Vulnerability: ntpd-remote-bo
X-Force URL: http://xforce.iss.net/static/6321.php
Date Reported: 04/04/2001
Brief Description: Cisco CSS debug mode allows users to gain
administrative access
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: Cisco Content Services Switch 11050, Cisco
Content Services Switch 11150, Cisco Content
Services Switch 11800
Vulnerability: cisco-css-elevate-privileges
X-Force URL: http://xforce.iss.net/static/6322.php
Date Reported: 04/04/2001
Brief Description: BEA Tuxedo may allow access to remote services
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: BEA Tuxedo 7.1
Vulnerability: bea-tuxedo-remote-access
X-Force URL: http://xforce.iss.net/static/6326.php
Date Reported: 04/05/2001
Brief Description: Ultimate Bulletin Board could allow attackers to
bypass authentication
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Ultimate Bulletin Board 5.43, Ultimate Bulletin
Board 5.4.7e
Vulnerability: ultimatebb-bypass-authentication
X-Force URL: http://xforce.iss.net/static/6339.php
Date Reported: 04/05/2001
Brief Description: BinTec X4000 NMAP denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: BinTec X4000 5.1.6P10 and prior, BinTec X1000,
BinTec X1200
Vulnerability: bintec-x4000-nmap-dos
X-Force URL: http://xforce.iss.net/static/6323.php
Date Reported: 04/05/2001
Brief Description: WatchGuard Firebox II kernel denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: WatchGuard Firebox II prior to 4.6
Vulnerability: firebox-kernel-dos
X-Force URL: http://xforce.iss.net/static/6327.php
Date Reported: 04/06/2001
Brief Description: Cisco PIX denial of service due to multiple
TACACS+ requests
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Cisco PIX Firewall 5.1.4
Vulnerability: cisco-pix-tacacs-dos
X-Force URL: http://xforce.iss.net/static/6353.php
Date Reported: 04/06/2001
Brief Description: Darren Reed's IP Filter allows attackers to
access UDP and TCP ports
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: IP Filter 3.4.16
Vulnerability: ipfilter-access-ports
X-Force URL: http://xforce.iss.net/static/6331.php
Date Reported: 04/06/2001
Brief Description: Veritas NetBackup nc (netcat) command denial of
service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: NetBackup 3.2
Vulnerability: veritas-netbackup-nc-dos
X-Force URL: http://xforce.iss.net/static/6329.php
Date Reported: 04/08/2001
Brief Description: PGP may allow malicious users to access
authenticated split keys
Risk Factor: Medium
Attack Type: Host Based
Platforms Affected: PGP 7.0
Vulnerability: nai-pgp-split-keys
X-Force URL: http://xforce.iss.net/static/6341.php
Date Reported: 04/09/2001
Brief Description: Solaris kcms_configure command line buffer
overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: Solaris 7, Solaris 8
Vulnerability: solaris-kcms-command-bo
X-Force URL: http://xforce.iss.net/static/6359.php
Date Reported: 04/09/2001
Brief Description: TalkBack CGI script could allow remote attackers
to read files on the Web server
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: TalkBack prior to 1.2
Vulnerability: talkback-cgi-read-files
X-Force URL: http://xforce.iss.net/static/6340.php
Date Reported: 04/09/2001
Brief Description: Multiple FTP glob(3) implementation
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: FreeBSD 4.2, Solaris 8, IRIX 6.5.x, OpenBSD 2.8,
HP-UX 11.00, NetBSD
Vulnerability: ftp-glob-implementation
X-Force URL: http://xforce.iss.net/static/6333.php
Date Reported: 04/09/2001
Brief Description: Pine mail client temp file symbolic link
Risk Factor: Medium
Attack Type: Host Based
Platforms Affected: Pine prior to 4.33, Red Hat Linux 5.2, Red Hat
Linux 6.2, Red Hat Linux 7.0
Vulnerability: pine-tmp-file-symlink
X-Force URL: http://xforce.iss.net/static/6367.php
Date Reported: 04/09/2001
Brief Description: Multiple FTP glob(3) expansion
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: HP-UX 11.00, NetBSD, Solaris 8, IRIX 6.5.x,
OpenBSD 2.8, FreeBSD 4.2, MIT Kerberos 5
Vulnerability: ftp-glob-expansion
X-Force URL: http://xforce.iss.net/static/6332.php
Date Reported: 04/09/2001
Brief Description: Netscape embedded JavaScript in GIF file
comments can be used to access remote data
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms Affected: Netscape Communicator 4.76, Red Hat Linux 6.2,
Debian Linux 2.2, Conectiva Linux, Red Hat Linux
7.0, Immunix Linux 6.2, Immunix Linux 7.0 Beta,
Red Hat Linux 7.1
Vulnerability: netscape-javascript-access-data
X-Force URL: http://xforce.iss.net/static/6344.php
Date Reported: 04/09/2001
Brief Description: STRIP generates weak passwords
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: STRIP 0.5 and earlier
Vulnerability: strip-weak-passwords
X-Force URL: http://xforce.iss.net/static/6362.php
Date Reported: 04/10/2001
Brief Description: Solaris Xsun HOME environment variable buffer
overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: Solaris 7
Vulnerability: solaris-xsun-home-bo
X-Force URL: http://xforce.iss.net/static/6343.php
Date Reported: 04/10/2001
Brief Description: Compaq Presario Active X denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: Compaq Presario, Windows 98, Windows ME
Vulnerability: compaq-activex-dos
X-Force URL: http://xforce.iss.net/static/6355.php
Date Reported: 04/10/2001
Brief Description: Alcatel ADSL modems 'EXPERT' account
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: Alcatel ADSL Network Termination Device 1000,
Alcatel Speed Touch ADSL modem Home
Vulnerability: alcatel-expert-account
X-Force URL: http://xforce.iss.net/static/6354.php
Date Reported: 04/10/2001
Brief Description: Alcatel ADSL modems allow attacker on LAN to
gain access using TFTP
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: Alcatel ADSL Network Termination Device 1000,
Alcatel Speed Touch ADSL modem Home
Vulnerability: alcatel-tftp-lan-access
X-Force URL: http://xforce.iss.net/static/6336.php
Date Reported: 04/10/2001
Brief Description: Alcatel ADSL modems allow attacker on WAN to
gain access using TFTP
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: Alcatel ADSL Network Termination Device 1000,
Alcatel Speed Touch ADSL modem Home
Vulnerability: alcatel-tftp-wan-access
X-Force URL: http://xforce.iss.net/static/6337.php
Date Reported: 04/10/2001
Brief Description: Oracle Application Server shared library
(ndwfn4.so) buffer overflow
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: iPlanet Web Server 4.x, Oracle Application
Server 4.0.8.2
Vulnerability: oracle-appserver-ndwfn4-bo
X-Force URL: http://xforce.iss.net/static/6334.php
Date Reported: 04/10/2001
Brief Description: Alcatel ADSL modems use blank password by
default
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: Alcatel ADSL Network Termination Device 1000,
Alcatel Speed Touch ADSL modem Home
Vulnerability: alcatel-blank-password
X-Force URL: http://xforce.iss.net/static/6335.php
Date Reported: 04/11/2001
Brief Description: Solaris dtsession buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: Solaris 7
Vulnerability: solaris-dtsession-bo
X-Force URL: http://xforce.iss.net/static/6366.php
Date Reported: 04/11/2001
Brief Description: Solaris kcsSUNWIOsolf.so buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: Solaris 7, Solaris 8
Vulnerability: solaris-kcssunwiosolf-bo
X-Force URL: http://xforce.iss.net/static/6365.php
Date Reported: 04/11/2001
Brief Description: Lightwave ConsoleServer brute force password
attack
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Lightwave ConsoleServer 3200
Vulnerability: lightwave-consoleserver-brute-force
X-Force URL: http://xforce.iss.net/static/6345.php
Date Reported: 04/11/2001
Brief Description: nph-maillist allows user to execute code
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: Email List Generator 3.5 and earlier
Vulnerability: nph-maillist-execute-code
X-Force URL: http://xforce.iss.net/static/6363.php
Date Reported: 04/11/2001
Brief Description: Symantec Ghost Configuration Server denial of
service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Ghost 6.5
Vulnerability: ghost-configuration-server-dos
X-Force URL: http://xforce.iss.net/static/6357.php
Date Reported: 04/11/2001
Brief Description: Lotus Domino Web Server DOS device denial of
service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Lotus Domino R5 prior to 5.0.7
Vulnerability: lotus-domino-device-dos
X-Force URL: http://xforce.iss.net/static/6348.php
Date Reported: 04/11/2001
Brief Description: Lotus Domino Web Server HTTP header denial of
service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Lotus Domino R5 prior to 5.0.7
Vulnerability: lotus-domino-header-dos
X-Force URL: http://xforce.iss.net/static/6347.php
Date Reported: 04/11/2001
Brief Description: Lotus Domino Web Server URL parsing denial of
service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Lotus Domino R5 prior to 5.0.7
Vulnerability: lotus-domino-url-dos
X-Force URL: http://xforce.iss.net/static/6351.php
Date Reported: 04/11/2001
Brief Description: Lotus Domino Web Server CORBA denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Lotus Domino R5 prior to 5.0.7
Vulnerability: lotus-domino-corba-dos
X-Force URL: http://xforce.iss.net/static/6350.php
Date Reported: 04/11/2001
Brief Description: Symantec Ghost database engine denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Ghost 6.5, Sybase Adaptive Server Database
Engine 6.0.3.2747
Vulnerability: ghost-database-engine-dos
X-Force URL: http://xforce.iss.net/static/6356.php
Date Reported: 04/11/2001
Brief Description: cfingerd daemon remote format string
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: Debian Linux 2.1, Debian Linux 2.2, cfingerd
1.4.3 and earlier
Vulnerability: cfingerd-remote-format-string
X-Force URL: http://xforce.iss.net/static/6364.php
Date Reported: 04/11/2001
Brief Description: Lotus Domino Web Server Unicode denial of
service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Lotus Domino R5 prior to 5.0.7
Vulnerability: lotus-domino-unicode-dos
X-Force URL: http://xforce.iss.net/static/6349.php
Date Reported: 04/11/2001
Brief Description: Linux mkpasswd generates weak passwords
Risk Factor: High
Attack Type: Host Based
Platforms Affected: Red Hat Linux 6.2, Red Hat Linux 7.0, mkpasswd
Vulnerability: mkpasswd-weak-passwords
X-Force URL: http://xforce.iss.net/static/6382.php
Date Reported: 04/12/2001
Brief Description: Solaris ipcs utility buffer overflow
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms Affected: Solaris 7
Vulnerability: solaris-ipcs-bo
X-Force URL: http://xforce.iss.net/static/6369.php
Date Reported: 04/12/2001
Brief Description: InterScan VirusWall ISADMIN service buffer
overflow
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: Linux kernel , InterScan VirusWall 3.0.1
Vulnerability: interscan-viruswall-isadmin-bo
X-Force URL: http://xforce.iss.net/static/6368.php
Date Reported: 04/12/2001
Brief Description: HylaFAX hfaxd format string
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: HylaFAX 4.1B3 and prior, SuSE Linux 6.x, SuSE
Linux 7.0, Mandrake Linux 7.1, FreeBSD 3.5.1,
Mandrake Linux 7.2, Mandrake Linux Corporate
Server 1.0.1, FreeBSD 4.2, SuSE Linux 7.1
Vulnerability: hylafax-hfaxd-format-string
X-Force URL: http://xforce.iss.net/static/6377.php
Date Reported: 04/12/2001
Brief Description: Cisco VPN 3000 Concentrators invalid IP Option
denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Cisco VPN 3000 Concentrators prior to 2.5.2 F
Vulnerability: cisco-vpn-ip-dos
X-Force URL: http://xforce.iss.net/static/6360.php
Date Reported: 04/13/2001
Brief Description: Net.Commerce package in IBM WebSphere reveals
installation path
Risk Factor: High
Attack Type: Network Based
Platforms Affected: IBM Websphere, Solaris 2.6, AIX 4.3.x, Solaris
7, Windows NT 4.0
Vulnerability: ibm-websphere-reveals-path
X-Force URL: http://xforce.iss.net/static/6371.php
Date Reported: 04/13/2001
Brief Description: QPC ftpd buffer overflow
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms Affected: QVT/Term 5.0, QVT/Net 5.0
Vulnerability: qpc-ftpd-bo
X-Force URL: http://xforce.iss.net/static/6376.php
Date Reported: 04/13/2001
Brief Description: QPC ftpd directory traversal
Risk Factor: High
Attack Type: Network Based
Platforms Affected: QVT/Net 5.0, QVT/Term 5.0
Vulnerability: qpc-ftpd-directory-traversal
X-Force URL: http://xforce.iss.net/static/6375.php
Date Reported: 04/13/2001
Brief Description: QPC popd buffer overflow
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms Affected: QVT/Net 5.0
Vulnerability: qpc-popd-bo
X-Force URL: http://xforce.iss.net/static/6374.php
Date Reported: 04/13/2001
Brief Description: NCM Content Management System access database
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: NCM Content Management System
Vulnerability: ncm-content-database-access
X-Force URL: http://xforce.iss.net/static/6386.php
Date Reported: 04/13/2001
Brief Description: Netscape SmartDownload 'sdph20.dll' buffer overflow
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: Netscape SmartDownload 1.3, Windows NT, Windows
95, Windows 98
Vulnerability: netscape-smartdownload-sdph20-bo
X-Force URL: http://xforce.iss.net/static/6403.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer accept buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-accept-bo
X-Force URL: http://xforce.iss.net/static/6404.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer cancel buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-cancel-bo
X-Force URL: http://xforce.iss.net/static/6406.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer disable buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-disable-bo
X-Force URL: http://xforce.iss.net/static/6407.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer enable buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-enable-bo
X-Force URL: http://xforce.iss.net/static/6409.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer lp buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-lp-bo
X-Force URL: http://xforce.iss.net/static/6410.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer lpfilter buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-lpfilter-bo
X-Force URL: http://xforce.iss.net/static/6411.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer lpstat buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-lpstat-bo
X-Force URL: http://xforce.iss.net/static/6413.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer reject buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-reject-bo
X-Force URL: http://xforce.iss.net/static/6414.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer rmail buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-rmail-bo
X-Force URL: http://xforce.iss.net/static/6415.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer tput buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-tput-bo
X-Force URL: http://xforce.iss.net/static/6416.php
Date Reported: 04/13/2001
Brief Description: IBM WebSphere CGI macro denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: IBM Websphere, Windows NT 4.0, Solaris 2.6, AIX
4.3.x, Solaris 7
Vulnerability: ibm-websphere-macro-dos
X-Force URL: http://xforce.iss.net/static/6372.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer lpmove buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-lpmove-bo
X-Force URL: http://xforce.iss.net/static/6412.php
Date Reported: 04/14/2001
Brief Description: Siemens Reliant Unix ppd -T symlink
Risk Factor: Medium
Attack Type: Host Based
Platforms Affected: Reliant Unix 5.45, Reliant Unix 5.43, Reliant
Unix 5.44
Vulnerability: reliant-unix-ppd-symlink
X-Force URL: http://xforce.iss.net/static/6408.php
Date Reported: 04/15/2001
Brief Description: Linux Exuberant Ctags package symbolic link
Risk Factor: Medium
Attack Type: Host Based
Platforms Affected: Debian Linux 2.2, exuberant-ctags
Vulnerability: exuberant-ctags-symlink
X-Force URL: http://xforce.iss.net/static/6388.php
Date Reported: 04/15/2001
Brief Description: processit.pl CGI could allow attackers to view
sensitive information about the Web server
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: processit.pl
Vulnerability: processit-cgi-view-info
X-Force URL: http://xforce.iss.net/static/6385.php
Date Reported: 04/16/2001
Brief Description: Microsoft ISA Server Web Proxy denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Microsoft ISA Server 2000
Vulnerability: isa-web-proxy-dos
X-Force URL: http://xforce.iss.net/static/6383.php
Date Reported: 04/16/2001
Brief Description: Microsoft Internet Explorer altering CLSID
action allows malicious file execution
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: Windows 2000, Internet Explorer 5.5, Windows 98
Vulnerability: ie-clsid-execute-files
X-Force URL: http://xforce.iss.net/static/6426.php
Date Reported: 04/16/2001
Brief Description: Cisco Catalyst 5000 series switch 802.1x denial
of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Cisco Catalyst 5000 Series
Vulnerability: cisco-catalyst-8021x-dos
X-Force URL: http://xforce.iss.net/static/6379.php
Date Reported: 04/16/2001
Brief Description: BubbleMon allows users to gain elevated
privileges
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: BubbleMon prior to 1.32, FreeBSD
Vulnerability: bubblemon-elevate-privileges
X-Force URL: http://xforce.iss.net/static/6378.php
Date Reported: 04/16/2001
Brief Description: DCForum CGI az= field directory traversal
Risk Factor: High
Attack Type: Network Based
Platforms Affected: DCForum 2000 1.0
Vulnerability: dcforum-az-directory-traversal
X-Force URL: http://xforce.iss.net/static/6391.php
Date Reported: 04/16/2001
Brief Description: DCForum CGI az= field allows attacker to upload
files
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: DCForum 2000 1.0
Vulnerability: dcforum-az-file-upload
X-Force URL: http://xforce.iss.net/static/6393.php
Date Reported: 04/16/2001
Brief Description: DCForum CGI az= field EXPR allows attacker to
execute commands
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: DCForum 2000 1.0
Vulnerability: dcforum-az-expr
X-Force URL: http://xforce.iss.net/static/6392.php
Date Reported: 04/16/2001
Brief Description: Linux NetFilter IPTables
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: Linux kernel 2.4, Red Hat Linux 7.1
Vulnerability: linux-netfilter-iptables
X-Force URL: http://xforce.iss.net/static/6390.php
Date Reported: 04/17/2001
Brief Description: Xitami Web server denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Xitami Web server 2.4d7, Xitami Web server 2.5b4
Vulnerability: xitami-server-dos
X-Force URL: http://xforce.iss.net/static/6389.php
Date Reported: 04/17/2001
Brief Description: Samba tmpfile symlink attack could allow
elevated privileges
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: Trustix Secure Linux 1.2, Mandrake Linux 8.0,
Progeny Linux, Caldera OpenLinux eBuilder,
Trustix Secure Linux 1.01, Mandrake Linux
Corporate Server 1.0.1, FreeBSD 4.2, Immunix
Linux 7.0, Immunix Linux 6.2, Immunix Linux 7.0
Beta, Caldera OpenLinux eServer 2.3.1, Caldera
OpenLinux eDesktop 2.4, FreeBSD 3.5.1
Vulnerability: samba-tmpfile-symlink
X-Force URL: http://xforce.iss.net/static/6396.php
Date Reported: 04/17/2001
Brief Description: GoAhead WebServer "aux" denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: GoAhead Web Server 2.1, Windows 98, Windows ME
Vulnerability: goahead-aux-dos
X-Force URL: http://xforce.iss.net/static/6400.php
Date Reported: 04/17/2001
Brief Description: AnalogX SimpleServer:WWW "aux" denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: SimpleServer:WWW 1.03 to 1.08
Vulnerability: analogx-simpleserver-aux-dos
X-Force URL: http://xforce.iss.net/static/6395.php
Date Reported: 04/17/2001
Brief Description: Viking Server hexadecimal URL encoded format
directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Viking Server prior to 1.07-381
Vulnerability: viking-hex-directory-traversal
X-Force URL: http://xforce.iss.net/static/6394.php
Date Reported: 04/17/2001
Brief Description: Solaris FTP server allows attacker to recover
shadow file
Risk Factor: Medium
Attack Type: Host Based
Platforms Affected: Solaris 2.6
Vulnerability: solaris-ftp-shadow-recovery
X-Force URL: http://xforce.iss.net/static/6422.php
Date Reported: 04/18/2001
Brief Description: The Bat! pop3 denial of service
Risk Factor: High
Attack Type: Network Based
Platforms Affected: The Bat! 1.51, Windows
Vulnerability: thebat-pop3-dos
X-Force URL: http://xforce.iss.net/static/6423.php
Date Reported: 04/18/2001
Brief Description: Eudora allows attacker to obtain files using
plain text attachments
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Eudora 5.0.2
Vulnerability: eudora-plain-text-attachment
X-Force URL: http://xforce.iss.net/static/6431.php
Date Reported: 04/18/2001
Brief Description: VMware vmware-mount.pl symlink
Risk Factor: Medium
Attack Type: Host Based
Platforms Affected: VMware
Vulnerability: vmware-mount-symlink
X-Force URL: http://xforce.iss.net/static/6420.php
Date Reported: 04/18/2001
Brief Description: KFM tmpfile symbolic link could allow local
attackers to overwrite files
Risk Factor: Medium
Attack Type: Host Based
Platforms Affected: SuSE Linux 7.0, K File Manager (KFM)
Vulnerability: kfm-tmpfile-symlink
X-Force URL: http://xforce.iss.net/static/6428.php
Date Reported: 04/18/2001
Brief Description: CyberScheduler timezone remote buffer overflow
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: CyberScheduler, Mandrake Linux, Windows 2000,
IIS 5.0, Solaris 8, SuSE Linux, Solaris 7,
Slackware Linux, Red Hat Linux, IIS 4.0, Debian
Linux, Solaris 2.5, Solaris 2.6, Caldera
OpenLinux, Windows NT
Vulnerability: cyberscheduler-timezone-bo
X-Force URL: http://xforce.iss.net/static/6401.php
Date Reported: 04/18/2001
Brief Description: Microsoft Data Access Component Internet
Publishing Provider allows WebDAV access
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Microsoft Data Access Component 8.103.2519.0,
Windows 95, Windows NT 4.0, Windows 98, Windows
98 Second Edition, Windows 2000, Windows ME
Vulnerability: ms-dacipp-webdav-access
X-Force URL: http://xforce.iss.net/static/6405.php
Date Reported: 04/18/2001
Brief Description: Oracle tnslsnr80.exe denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Oracle 8.x, Windows NT 4.0 SP6, Solaris 8
Vulnerability: oracle-tnslsnr80-dos
X-Force URL: http://xforce.iss.net/static/6427.php
Date Reported: 04/18/2001
Brief Description: innfeed -c flag buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: Red Hat Linux, Slackware Linux, Mandrake Linux,
INN prior to 2.3.1
Vulnerability: innfeed-c-bo
X-Force URL: http://xforce.iss.net/static/6398.php
Date Reported: 04/18/2001
Brief Description: iPlanet Calendar Server stores username and
password in plaintext
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: iPlanet Calendar Server 5.0p2
Vulnerability: iplanet-calendar-plaintext-password
X-Force URL: http://xforce.iss.net/static/6402.php
Date Reported: 04/18/2001
Brief Description: Linux NEdit symlink when printing
Risk Factor: High
Attack Type: Host Based
Platforms Affected: SuSE Linux 6.3, SuSE Linux 6.4, Debian Linux
2.2, Mandrake Linux 7.1, Mandrake Linux 7.2,
SuSE Linux 7.0, Mandrake Linux Corporate Server
1.0.1, SuSE Linux 7.1, Mandrake Linux 8.0
Vulnerability: nedit-print-symlink
X-Force URL: http://xforce.iss.net/static/6424.php
Date Reported: 04/19/2001
Brief Description: CheckBO TCP buffer overflow
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: CheckBO 1.56 and earlier
Vulnerability: checkbo-tcp-bo
X-Force URL: http://xforce.iss.net/static/6436.php
Date Reported: 04/19/2001
Brief Description: HP-UX pcltotiff uses insecure permissions
Risk Factor: Medium
Attack Type: Host Based
Platforms Affected: HP-UX 10.01, HP-UX 10.10, HP-UX 10.20,
HP-UX 10.26
Vulnerability: hp-pcltotiff-insecure-permissions
X-Force URL: http://xforce.iss.net/static/6447.php
Date Reported: 04/19/2001
Brief Description: Netopia Timbuktu allows unauthorized system
access
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: Timbuktu Pro, Macintosh OS X
Vulnerability: netopia-timbuktu-gain-access
X-Force URL: http://xforce.iss.net/static/6452.php
Date Reported: 04/20/2001
Brief Description: Cisco CBOS could allow attackers to gain
privileged information
Risk Factor: High
Attack Type: Host Based / Network Based
Platforms Affected: Cisco CBOS 2.4.1, Cisco CBOS 2.3.053
Vulnerability: cisco-cbos-gain-information
X-Force URL: http://xforce.iss.net/static/6453.php
Date Reported: 04/20/2001
Brief Description: Internet Explorer 5.x allows active scripts
using XML stylesheets
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: Internet Explorer 5.x, Outlook Express 5.x
Vulnerability: ie-xml-stylesheets-scripting
X-Force URL: http://xforce.iss.net/static/6448.php
Date Reported: 04/20/2001
Brief Description: Linux gftp format string
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: gftp prior to 2.0.8, Mandrake Linux 8.0,
Mandrake Linux Corporate Server 1.0.1, Immunix
Linux 7.0, Red Hat Linux 7.1, Mandrake Linux
7.2, Immunix Linux 6.2, Immunix 7.0 beta,
Red Hat Linux 6.2, Mandrake Linux 7.1, Red Hat
Linux 7.0
Vulnerability: gftp-format-string
X-Force URL: http://xforce.iss.net/static/6478.php
Date Reported: 04/20/2001
Brief Description: Novell BorderManager VPN client SYN requests
denial of service
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms Affected: Novell BorderManager 3.5
Vulnerability: bordermanager-vpn-syn-dos
X-Force URL: http://xforce.iss.net/static/6429.php
Date Reported: 04/20/2001
Brief Description: SAFT sendfiled could allow the execution of
arbitrary code
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: Debian Linux 2.2, Progeny Linux, sendfile
Vulnerability: saft-sendfiled-execute-code
X-Force URL: http://xforce.iss.net/static/6430.php
Date Reported: 04/21/2001
Brief Description: Mercury MTA for Novell Netware buffer overflow
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Mercury MTA 1.47 and earlier, Novell NetWare
Vulnerability: mercury-mta-bo
X-Force URL: http://xforce.iss.net/static/6444.php
Date Reported: 04/21/2001
Brief Description: QNX allows attacker to read files on FAT
partition
Risk Factor: High
Attack Type: Host Based / Network Based
Platforms Affected: QNX 2.4
Vulnerability: qnx-fat-file-read
X-Force URL: http://xforce.iss.net/static/6437.php
Date Reported: 04/23/2001
Brief Description: Viking Server "dot dot" (\...\) directory
traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Viking Server 1.0.7
Vulnerability: viking-dot-directory-traversal
X-Force URL: http://xforce.iss.net/static/6450.php
Date Reported: 04/24/2001
Brief Description: NetCruiser Web Server could reveal directory
path
Risk Factor: High
Attack Type: Network Based
Platforms Affected: NetCruiser Web Server 0.1.2.8
Vulnerability: netcruiser-server-path-disclosure
X-Force URL: http://xforce.iss.net/static/6468.php
Date Reported: 04/24/2001
Brief Description: Perl Web Server directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Perl Web Server 0.3 and prior
Vulnerability: perl-webserver-directory-traversal
X-Force URL: http://xforce.iss.net/static/6451.php
Date Reported: 04/24/2001
Brief Description: Small HTTP Server /aux denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Small HTTP Server 2.03
Vulnerability: small-http-aux-dos
X-Force URL: http://xforce.iss.net/static/6446.php
Date Reported: 04/24/2001
Brief Description: IPSwitch IMail SMTP daemon mailing list handler
buffer overflow
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: IPSwitch Imail 6.06 and earlier
Vulnerability: ipswitch-imail-smtp-bo
X-Force URL: http://xforce.iss.net/static/6445.php
Date Reported: 04/25/2001
Brief Description: MIT Kerberos 5 could allow attacker to gain root
access by injecting base64-encoded data
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: MIT Kerberos 5
Vulnerability: kerberos-inject-base64-encode
X-Force URL: http://xforce.iss.net/static/6454.php
Date Reported: 04/26/2001
Brief Description: IRIX netprint -n allows attacker to access
shared library
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: IRIX 6.x
Vulnerability: irix-netprint-shared-library
X-Force URL: http://xforce.iss.net/static/6473.php
Date Reported: 04/26/2001
Brief Description: WebXQ "dot dot" directory traversal
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Windows, WebXQ 2.1.204
Vulnerability: webxq-dot-directory-traversal
X-Force URL: http://xforce.iss.net/static/6466.php
Date Reported: 04/26/2001
Brief Description: RaidenFTPD "dot dot" directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Windows NT 4.0, Windows 2000, RaidenFTPD 2.1
Vulnerability: raidenftpd-dot-directory-traversal
X-Force URL: http://xforce.iss.net/static/6455.php
Date Reported: 04/27/2001
Brief Description: PerlCal CGI cal_make.pl script directory
traversal
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Unix, PerlCal 2.95 and prior
Vulnerability: perlcal-calmake-directory-traversal
X-Force URL: http://xforce.iss.net/static/6480.php
Date Reported: 04/28/2001
Brief Description: ICQ Web Front plugin denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: ICQ Web Front, ICQ 2000b 3278 and earlier
Vulnerability: icq-webfront-dos
X-Force URL: http://xforce.iss.net/static/6474.php
Date Reported: 04/28/2001
Brief Description: Alex FTP Server "dot dot" directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Alex's FTP Server 0.7
Vulnerability: alex-ftp-directory-traversal
X-Force URL: http://xforce.iss.net/static/6475.php
Date Reported: 04/28/2001
Brief Description: BRS WebWeaver FTP path disclosure
Risk Factor: High
Attack Type: Network Based
Platforms Affected: BRS WebWeaver 0.63
Vulnerability: webweaver-ftp-path-disclosure
X-Force URL: http://xforce.iss.net/static/6477.php
Date Reported: 04/28/2001
Brief Description: BRS WebWeaver Web server "dot dot" directory
traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: BRS WebWeaver 0.63
Vulnerability: webweaver-web-directory-traversal
X-Force URL: http://xforce.iss.net/static/6476.php
Date Reported: 04/29/2001
Brief Description: Winamp AIP buffer overflow
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: Winamp 2.6x and 2.7x
Vulnerability: winamp-aip-bo
X-Force URL: http://xforce.iss.net/static/6479.php
Date Reported: 04/29/2001
Brief Description: BearShare "dot dot" allows remote attacker to traverse
directories and download any file
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: BearShare 2.2.2 and prior, Windows 95, Windows
98, Windows ME
Vulnerability: bearshare-dot-download-files
X-Force URL: http://xforce.iss.net/static/6481.php
Date Reported: 05/01/2001
Brief Description: IIS 5.0 ISAPI extension buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms Affected: IIS 5.0, Windows 2000 Server, Windows 2000
Advanced Server, Windows 2000 Datacenter Server
Vulnerability: iis-isapi-bo
X-Force URL: http://xforce.iss.net/static/6485.php
_____
Risk Factor Key:
High Any vulnerability that provides an attacker with immediate
access into a machine, gains superuser access, or bypasses
a firewall. Example: A vulnerable Sendmail 8.6.5 version
that allows an intruder to execute commands on mail
server.
Medium Any vulnerability that provides information that has a
high potential of giving system access to an intruder.
Example: A misconfigured TFTP or vulnerable NIS server
that allows an intruder to get the password file that
could contain an account with a guessable password.
Low Any vulnerability that provides information that
potentially could lead to a compromise. Example: A
finger that allows an intruder to find out who is online
and potential accounts to attempt to crack passwords
via brute force methods.
________
About Internet Security Systems (ISS)
Internet Security Systems is a leading global provider of security
management solutions for the Internet, protecting digital assets and
ensuring safe and uninterrupted e-business. With its industry-leading
intrusion detection and vulnerability assessment software, remote managed
security services, and strategic consulting and education offerings, ISS
is a trusted security provider to more than 8,000 customers worldwide
including 21 of the 25 largest U.S. commercial banks and the top 10 U.S.
telecommunications companies. Founded in 1994, ISS is headquartered in
Atlanta, GA, with additional offices throughout North America and
international operations in Asia, Australia, Europe, Latin America and the
Middle East. For more information, visit the Internet Security Systems
web site at www.iss.net or call 888-901-7477.
Copyright (c) 2001 by Internet Security Systems, Inc.
Permission is hereby granted for the redistribution of this Alert
electronically. It is not to be edited in any way without express consent
of the X-Force. If you wish to reprint the whole or any part of this Alert
in any other medium excluding electronic medium, please e-mail
xforce@iss.net for permission.
Disclaimer
The information within this paper may change without notice. Use of this
information constitutes acceptance for use in an AS IS condition. There
are NO warranties with regard to this information. In no event shall the
author be liable for any damages whatsoever arising out of or in
connection with the use or spread of this information. Any use of this
information is at the user's own risk.
X-Force PGP Key available at: http://xforce.iss.net/sensitive.php as
well as on MIT's PGP key server and PGP.com's key server.
Please send suggestions, updates, and comments to: X-Force xforce@iss.net
of Internet Security Systems, Inc.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: noconv
iQCVAwUBOvrtmTRfJiV99eG9AQFRFwP+NhRj20kY5edBZBvSMBZKAOKEQGpJPPnD
J/YCCB9TkzoWt65a7HR6c2MbimbnCo8YrhkjgFcvPmArCOFMS/68lhcStKd769PO
rbojCoys8l1woaFDwzPnQeWVoNMen83sVvsiy7Bwk5Sm0cjM3gZC+X0vqG8EI59Y
OAtrNiOkj7o=
=kYl+
-----END PGP SIGNATURE-----
|
|
var-201804-1178
|
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. WebKit is one of the web browser engine components. A security vulnerability exists in the WebKit component of several Apple products. The following products and versions are affected: Apple iOS prior to 11.3; Safari prior to 11.1; Windows-based iCloud prior to 7.4; Windows-based iTunes prior to 12.7.4; tvOS prior to 11.3. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201808-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebkitGTK+: Multiple vulnerabilities
Date: August 22, 2018
Bugs: #652820, #658168, #662974
ID: 201808-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in WebKitGTK+, the worst of
which may lead to arbitrary code execution.
Background
==========
WebKitGTK+ is a full-featured port of the WebKit rendering engine,
suitable for projects requiring any kind of web integration, from
hybrid HTML/CSS applications to full-fledged web browsers.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.20.4 >= 2.20.4
Description
===========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the referenced CVE identifiers for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All WebkitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.20.4"
References
==========
[ 1 ] CVE-2018-11646
https://nvd.nist.gov/vuln/detail/CVE-2018-11646
[ 2 ] CVE-2018-11712
https://nvd.nist.gov/vuln/detail/CVE-2018-11712
[ 3 ] CVE-2018-11713
https://nvd.nist.gov/vuln/detail/CVE-2018-11713
[ 4 ] CVE-2018-12293
https://nvd.nist.gov/vuln/detail/CVE-2018-12293
[ 5 ] CVE-2018-12294
https://nvd.nist.gov/vuln/detail/CVE-2018-12294
[ 6 ] CVE-2018-4101
https://nvd.nist.gov/vuln/detail/CVE-2018-4101
[ 7 ] CVE-2018-4113
https://nvd.nist.gov/vuln/detail/CVE-2018-4113
[ 8 ] CVE-2018-4114
https://nvd.nist.gov/vuln/detail/CVE-2018-4114
[ 9 ] CVE-2018-4117
https://nvd.nist.gov/vuln/detail/CVE-2018-4117
[ 10 ] CVE-2018-4118
https://nvd.nist.gov/vuln/detail/CVE-2018-4118
[ 11 ] CVE-2018-4119
https://nvd.nist.gov/vuln/detail/CVE-2018-4119
[ 12 ] CVE-2018-4120
https://nvd.nist.gov/vuln/detail/CVE-2018-4120
[ 13 ] CVE-2018-4121
https://nvd.nist.gov/vuln/detail/CVE-2018-4121
[ 14 ] CVE-2018-4122
https://nvd.nist.gov/vuln/detail/CVE-2018-4122
[ 15 ] CVE-2018-4125
https://nvd.nist.gov/vuln/detail/CVE-2018-4125
[ 16 ] CVE-2018-4127
https://nvd.nist.gov/vuln/detail/CVE-2018-4127
[ 17 ] CVE-2018-4128
https://nvd.nist.gov/vuln/detail/CVE-2018-4128
[ 18 ] CVE-2018-4129
https://nvd.nist.gov/vuln/detail/CVE-2018-4129
[ 19 ] CVE-2018-4133
https://nvd.nist.gov/vuln/detail/CVE-2018-4133
[ 20 ] CVE-2018-4146
https://nvd.nist.gov/vuln/detail/CVE-2018-4146
[ 21 ] CVE-2018-4162
https://nvd.nist.gov/vuln/detail/CVE-2018-4162
[ 22 ] CVE-2018-4163
https://nvd.nist.gov/vuln/detail/CVE-2018-4163
[ 23 ] CVE-2018-4165
https://nvd.nist.gov/vuln/detail/CVE-2018-4165
[ 24 ] CVE-2018-4190
https://nvd.nist.gov/vuln/detail/CVE-2018-4190
[ 25 ] CVE-2018-4192
https://nvd.nist.gov/vuln/detail/CVE-2018-4192
[ 26 ] CVE-2018-4199
https://nvd.nist.gov/vuln/detail/CVE-2018-4199
[ 27 ] CVE-2018-4200
https://nvd.nist.gov/vuln/detail/CVE-2018-4200
[ 28 ] CVE-2018-4201
https://nvd.nist.gov/vuln/detail/CVE-2018-4201
[ 29 ] CVE-2018-4204
https://nvd.nist.gov/vuln/detail/CVE-2018-4204
[ 30 ] CVE-2018-4214
https://nvd.nist.gov/vuln/detail/CVE-2018-4214
[ 31 ] CVE-2018-4218
https://nvd.nist.gov/vuln/detail/CVE-2018-4218
[ 32 ] CVE-2018-4222
https://nvd.nist.gov/vuln/detail/CVE-2018-4222
[ 33 ] CVE-2018-4232
https://nvd.nist.gov/vuln/detail/CVE-2018-4232
[ 34 ] CVE-2018-4233
https://nvd.nist.gov/vuln/detail/CVE-2018-4233
[ 35 ] CVE-2018-4261
https://nvd.nist.gov/vuln/detail/CVE-2018-4261
[ 36 ] CVE-2018-4262
https://nvd.nist.gov/vuln/detail/CVE-2018-4262
[ 37 ] CVE-2018-4263
https://nvd.nist.gov/vuln/detail/CVE-2018-4263
[ 38 ] CVE-2018-4264
https://nvd.nist.gov/vuln/detail/CVE-2018-4264
[ 39 ] CVE-2018-4265
https://nvd.nist.gov/vuln/detail/CVE-2018-4265
[ 40 ] CVE-2018-4266
https://nvd.nist.gov/vuln/detail/CVE-2018-4266
[ 41 ] CVE-2018-4267
https://nvd.nist.gov/vuln/detail/CVE-2018-4267
[ 42 ] CVE-2018-4270
https://nvd.nist.gov/vuln/detail/CVE-2018-4270
[ 43 ] CVE-2018-4272
https://nvd.nist.gov/vuln/detail/CVE-2018-4272
[ 44 ] CVE-2018-4273
https://nvd.nist.gov/vuln/detail/CVE-2018-4273
[ 45 ] CVE-2018-4278
https://nvd.nist.gov/vuln/detail/CVE-2018-4278
[ 46 ] CVE-2018-4284
https://nvd.nist.gov/vuln/detail/CVE-2018-4284
[ 47 ] WebKitGTK+ Security Advisory WSA-2018-0003
https://webkitgtk.org/security/WSA-2018-0003.html
[ 48 ] WebKitGTK+ Security Advisory WSA-2018-0004
https://webkitgtk.org/security/WSA-2018-0004.html
[ 49 ] WebKitGTK+ Security Advisory WSA-2018-0005
https://webkitgtk.org/security/WSA-2018-0005.html
[ 50 ] WebKitGTK+ Security Advisory WSA-2018-0006
https://webkitgtk.org/security/WSA-2018-0006.html
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201808-04
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2018 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. ------------------------------------------------------------------------
WebKitGTK+ Security Advisory WSA-2018-0003
------------------------------------------------------------------------
Date reported : April 04, 2018
Advisory ID : WSA-2018-0003
Advisory URL : https://webkitgtk.org/security/WSA-2018-0003.html
CVE identifiers : CVE-2018-4101, CVE-2018-4113, CVE-2018-4114,
CVE-2018-4117, CVE-2018-4118, CVE-2018-4119,
CVE-2018-4120, CVE-2018-4122, CVE-2018-4125,
CVE-2018-4127, CVE-2018-4128, CVE-2018-4129,
CVE-2018-4133, CVE-2018-4146, CVE-2018-4161,
CVE-2018-4162, CVE-2018-4163, CVE-2018-4165.
Several vulnerabilities were discovered in WebKitGTK+.
Credit to Yuan Deng of Ant-financial Light-Year Security Lab. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to OSS-Fuzz.
Impact: Unexpected interaction with indexing types causing an ASSERT
failure. Description: An array indexing issue existed in the
handling of a function in JavaScriptCore. This issue was addressed
through improved checks.
Credit to OSS-Fuzz. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to an anonymous researcher.
Impact: A malicious website may exfiltrate data cross-origin.
Description: A cross-origin issue existed with the fetch API. This
was addressed through improved input validation.
Credit to Jun Kokatsu (@shhnjk). Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to an anonymous researcher working with Trend Microys Zero
Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to an anonymous researcher working with Trend Microys Zero
Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Zach Markley. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to likemeng of Baidu Security Lab working with Trend Micro's
Zero Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Anton Lopanitsyn of Wallarm, Linus Sarud of Detectify
(detectify.com), Yuji Tounai of NTT Communications Corporation.
Impact: Visiting a maliciously crafted website may lead to a cross-
site scripting attack. This issue was addressed with improved URL
validation.
Credit to OSS-Fuzz.
Impact: Processing maliciously crafted web content may lead to a
denial of service. Description: A memory corruption issue was
addressed through improved input validation.
Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team. Description: Multiple memory corruption
issues were addressed with improved memory handling.
We recommend updating to the last stable version of WebKitGTK+. It is
the best way of ensuring that you are running a safe version of
WebKitGTK+. Please check our website for information about the last
stable releases.
Further information about WebKitGTK+ Security Advisories can be found
at: https://webkitgtk.org/security.html
The WebKitGTK+ team,
April 04, 2018
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2018-3-29-1 iOS 11.3
iOS 11.3 is now available and addresses the following:
Clock
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A person with physical access to an iOS device may be able to
see the email address used for iTunes
Description: An information disclosure issue existed in the handling
of alarms and timers.
CVE-2018-4123: Zaheen Hafzar M M (@zaheenhafzer)
CoreFoundation
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4155: Samuel GroA (@5aelo)
CVE-2018-4158: Samuel GroA (@5aelo)
CoreText
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted string may lead to a denial
of service
Description: A denial of service issue was addressed through improved
memory handling.
CVE-2018-4142: Robin Leroy of Google Switzerland GmbH
File System Events
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4167: Samuel GroA (@5aelo)
Files Widget
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: File Widget may display contents on a locked device
Description: The File Widget was displaying cached data when in the
locked state.
CVE-2018-4168: Brandon Moore
Find My iPhone
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A person with physical access to the device may be able to
disable Find My iPhone without entering an iCloud password
Description: A state management issue existed when restoring from a
back up.
CVE-2018-4172: Viljami VastamA$?ki
iCloud Drive
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4151: Samuel GroA (@5aelo)
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4150: an anonymous researcher
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2018-4104: The UK's National Cyber Security Centre (NCSC)
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4143: derrek (@derrekr6)
Mail
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker in a privileged network position may be able to
intercept the contents of S/MIME-encrypted e-mail
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2018-4174: an anonymous researcher, an anonymous researcher
NSURLSession
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4166: Samuel GroA (@5aelo)
PluginKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4156: Samuel GroA (@5aelo)
Quick Look
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4157: Samuel GroA (@5aelo)
Safari
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a malicious website by clicking a link may lead to
user interface spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2018-4134: xisigr of Tencent's Xuanwu Lab (tencent.com), Zhiyang
Zeng (@Wester) of Tencent Security Platform Department
Safari Login AutoFill
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious website may be able to exfiltrate autofilled data
in Safari without explicit user interaction.
Description: Safari autofill did not require explicit user
interaction before taking place.
CVE-2018-4137:
SafariViewController
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a malicious website may lead to user interface
spoofing
Description: A state management issue was addressed by disabling text
input until the destination page loads.
CVE-2018-4149: Abhinash Jain (@abhinashjain)
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious application may be able to elevate privileges
Description: A buffer overflow was addressed with improved size
validation.
CVE-2018-4144: Abraham Masri (@cheesecakeufo)
Storage
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4154: Samuel GroA (@5aelo)
System Preferences
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A configuration profile may incorrectly remain in effect
after removal
Description: An issue existed in CFPreferences.
CVE-2018-4115: Johann Thalakada, Vladimir Zubkov, and Matt Vlasach of
Wandera
Telephony
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker can cause a device to unexpectedly restart
Description: A null pointer dereference issue existed when handling
Class 0 SMS messages.
CVE-2018-4140: @mjonsson, Arjan van der Oest of Voiceworks BV
Web App
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Cookies may unexpectedly persist in web app
Description: A cookie management issue was addressed through improved
state management.
CVE-2018-4110: Ben Compton and Jason Colley of Cerner Corporation
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4146: found by OSS-Fuzz
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious website may exfiltrate data cross-origin
Description: A cross-origin issue existed with the fetch API.
CVE-2018-4117: an anonymous researcher, an anonymous researcher
WindowServer
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An unprivileged application may be able to log keystrokes
entered into other applications even when secure input mode is
enabled
Description: By scanning key states, an unprivileged application
could log keystrokes entered into other applications even when secure
input mode was enabled.
CVE-2018-4131: Andreas Hegenberg of folivora.AI GmbH
Additional recognition
WebKit
We would like to acknowledge Johnny Nipper of Tinder Security Team
for their assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About.
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlq9GlopHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEbhLRAA
to9k0U/CI3PfYp2o2lluS7LgE3jvA7+pXvdjbvoh14BFHf9Wv+yhdtyLQEDSne+0
TM8BkiMgEmo+uKKcVFCDeV9GrkWqO7ocBfT65hj4A/vxPAS6xlBTV9mjZXiqvSWs
+Cbb4Nd53o6m2QRORkjNVZ2h0ow53J5RirnyzjWt4LMdCpc4jMG87OCuQheKzjxq
g6gOlwblVrRxH6aMX5if/SetGGxzZeY5sKwe1Xhz6yIYsm1Gw45REt3FJs4KEh5Z
oL+yWVvaGLOPDzC+DBX0dXJmsqLx9wzDJsqQ2J6Mb/nh1Tgh6NDdHkDCAZ7P6CeU
0IpXK7aaPkRy5GUbkAdzdPEFql9e0/jGlqMf/rZlNTItbgtn0+9e2zsJ0UPPRcWi
+7IQygkXnXmYUZ0wrh/Wdye/jAJZpLdsUuWr1RalTdmDASU/tzgpoglf3EyTQoRy
IqFGRSe6+no8Pw1qCLUvZz8C6dTKvE+Jv5oe9XbCEjsvpRmQZK64FiQ0HIaAMHKo
Rl9OY6+evzyqdAtivE4AFCRT7Z15pktFYAVefWkdVFbVU2mCYF+peXIq6tGg4o+g
70E29XaDZBakcVho9bW4e2rDA+m606ILuZ4AyjEEvfRYH+d+WTvDqdIywq0V7grj
qlU787sRw/tVx646jcHVqbYZEgZVmeAvcT8C2c0Zhvo=
=RJi8
-----END PGP SIGNATURE-----
. ==========================================================================
Ubuntu Security Notice USN-3635-1
April 30, 2018
webkit2gtk vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.10
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in WebKitGTK+.
Software Description:
- webkit2gtk: Web content engine library for GTK+
Details:
A large number of security issues were discovered in the WebKitGTK+ Web and
JavaScript engines.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 17.10:
libjavascriptcoregtk-4.0-18 2.20.1-0ubuntu0.17.10.1
libwebkit2gtk-4.0-37 2.20.1-0ubuntu0.17.10.1
Ubuntu 16.04 LTS:
libjavascriptcoregtk-4.0-18 2.20.1-0ubuntu0.16.04.1
libwebkit2gtk-4.0-37 2.20.1-0ubuntu0.16.04.1
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK+, such as Epiphany, to make all the necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3635-1
CVE-2018-4101, CVE-2018-4113, CVE-2018-4114, CVE-2018-4117,
CVE-2018-4118, CVE-2018-4119, CVE-2018-4120, CVE-2018-4122,
CVE-2018-4125, CVE-2018-4127, CVE-2018-4128, CVE-2018-4129,
CVE-2018-4133, CVE-2018-4146, CVE-2018-4161, CVE-2018-4162,
CVE-2018-4163, CVE-2018-4165
Package Information:
https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.1-0ubuntu0.17.10.1
https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.1-0ubuntu0.16.04.1
.
Installation note:
Safari 11.1 may be obtained from the Mac App Store |
|
var-201904-1323
|
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. WebKit is prone to a memory-corruption vulnerability.
A remote attacker can leverage this issue to execute arbitrary code in the context of the user running the application. Failed exploit attempts may result in a denial-of-service condition. Apple Safari, etc. are all products of Apple (Apple). Apple Safari is a web browser that is the default browser included with the Mac OS X and iOS operating systems. Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. WebKit is one of the web browser engine components. A buffer error vulnerability exists in the WebKit component of several Apple products. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. WebKit: JSC: A bug in JSArray::shiftCountWithArrayStorage
CVE-2018-4441
bool JSArray::shiftCountWithArrayStorage(VM& vm, unsigned startIndex, unsigned count, ArrayStorage* storage)
{
unsigned oldLength = storage->length();
RELEASE_ASSERT(count <= oldLength);
// If the array contains holes or is otherwise in an abnormal state,
// use the generic algorithm in ArrayPrototype.
if ((storage->hasHoles() && this->structure(vm)->holesMustForwardToPrototype(vm, this))
|| hasSparseMap()
|| shouldUseSlowPut(indexingType())) {
return false;
}
if (!oldLength)
return true;
unsigned length = oldLength - count;
storage->m_numValuesInVector -= count;
storage->setLength(length);
Considering the comment, I think the method is supposed to prevent an array with holes from going through to the code "storage->m_numValuesInVector -= count". But that kind of arrays actually can get there by only having the holesMustForwardToPrototype method return false. Unless the array has any indexed accessors on it or Proxy objects in the prototype chain, the method will just return false. So "storage->m_numValuesInVector" can be controlled by the user.
In the PoC, it changes m_numValuesInVector to 0xfffffff0 that equals to the new length, making the hasHoles method return true, leading to OOB reads/writes in the JSArray::unshiftCountWithArrayStorage method.
PoC:
function main() {
let arr = [1];
arr.length = 0x100000;
arr.splice(0, 0x11);
arr.length = 0xfffffff0;
arr.splice(0xfffffff0, 0, 1);
}
main();
This bug is subject to a 90 day disclosure deadline. After 90 days elapse
or a patch has been made broadly available (whichever is earlier), the bug
report will become visible to the public.
Found by: lokihardt
.
CVE-2018-4438: lokihardt of Google Project Zero
Additional recognition
Profiles
We would like to acknowledge Luke Deshotels, Jordan Beichler, and
William Enck of North Carolina State University; Costin CarabaE and
RAzvan Deaconescu of University POLITEHNICA of Bucharest for their
assistance.
CVE-2018-4439: xisigr of Tencent's Xuanwu Lab (tencent.com)
Safari
Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and
macOS Mojave 10.14.1
Impact: A user may be unable to fully delete browsing history
Description: "Clear History and Website Data" did not clear the
history.
CVE-2018-4438: lokihardt of Google Project Zero
Installation note:
Safari 12.0.2 may be obtained from the Mac App Store. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2018-12-06-1 watchOS 5.1.2
watchOS 5.1.2 is now available and addresses the following:
Airport
Available for: Apple Watch Series 1 and later
Impact: A malicious application may be able to elevate privileges
Description: A type confusion issue was addressed with improved
memory handling.
CVE-2018-4303: Mohamed Ghannam (@_simo36)
Disk Images
Available for: Apple Watch Series 1 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4465: Pangu Team
Kernel
Available for: Apple Watch Series 1 and later
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A denial of service issue was addressed by removing the
vulnerable code.
CVE-2018-4460: Kevin Backhouse of Semmle Security
Research Team
Kernel
Available for: Apple Watch Series 1 and later
Impact: A local user may be able to read kernel memory
Description: A memory initialization issue was addressed with
improved memory handling.
CVE-2018-4431: An independent security researcher has reported this
vulnerability to
Beyond Security's SecuriTeam Secure Disclosure program
Kernel
Available for: Apple Watch Series 1 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
state management.
CVE-2018-4447: Juwei Lin(@panicaII) and Zhengyu Dong of TrendMicro
Mobile Security Team
Kernel
Available for: Apple Watch Series 1 and later
Impact: A malicious application may be able to elevate privileges
Description: A logic issue was addressed with improved restrictions.
CVE-2018-4435: Jann Horn of Google Project Zero, Juwei Lin(@panicaII)
and Junzhi Lu of TrendMicro Mobile Security Team
Kernel
Available for: Apple Watch Series 1 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4461: Ian Beer of Google Project Zero
LinkPresentation
Available for: Apple Watch Series 1 and later
Impact: Processing a maliciously crafted email may lead to user
interface spoofing
Description: A spoofing issue existed in the handling of URLs.
CVE-2018-4429: Victor Le Pochat of imec-DistriNet, KU Leuven
Profiles
Available for: Apple Watch Series 1 and later
Impact: An untrusted configuration profile may be incorrectly
displayed as verified
Description: A certificate validation issue existed in configuration
profiles. This was addressed with additional checks.
CVE-2018-4436: James Seeley @Code4iOS, Joseph S.
CVE-2018-4441: lokihardt of Google Project Zero
CVE-2018-4442: lokihardt of Google Project Zero
CVE-2018-4443: lokihardt of Google Project Zero
WebKit
Available for: Apple Watch Series 1 and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A logic issue existed resulting in memory corruption.
CVE-2018-4438: lokihardt of Google Project Zero
Installation note:
Instructions on how to update your Apple Watch software are
available at https://support.apple.com/kb/HT204641
To check the version on your Apple Watch, open the Apple Watch app
on your iPhone and select "My Watch > General > About".
Alternatively, on your watch, select "My Watch > General > About".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlwJWL0pHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3GN+xAA
u1S9PoDcWtzSI14X0wKpmUQdHukulRjPCufglaaLQbo6pTPesnb1IFZ+jvj+NpS9
WQabjt/9e1ad9Oc3uMmzhGU5uuRCg1TPg/+MHyxnILwDFr/AHYmVrWrOk3tQ6rw9
egbglSNbytNVQbdR5GH3yXhVy0TBI6GnzUt8MgVUfYRUOoNuL0GypqI3S9X7PvI1
SfqoL/O+NqapPhnClPx+SFMrQltrvEGayBAEpLUV193suFDiHf3/YSB7+z1NMvZg
hhfrc6aE2mwkKlBdV4/XtcKJKSe8wNgZJR10+6R1UIWQX503CoBgDC5joVnPulZR
Boa3X/nGb5iu2DY2ZnR9UJn2MHVL/Xi7gesyhvc7dUgSttxXnupJGJFF0Fy4eAqB
/WWzbJO/2kfKR+PJnowWZd+09sSHLq2bD9LCNvMyNrbDjJzqVPSCSM3ao2O9VCta
5aUVPt1Xa7nK4N31etXXBNxA37r5GIA2M1UNk4zKxpuhij4OOiDxWwvtzBEuBw1p
ktDBQ0bvSwzJiqhDwS/EQLfw8TuXBf/th3P/Szx7zLZQCu3o9uUfI7500wDPZW/R
VUhOrEbKRpvKyKFC1Kia+yef4oK9rjwb9wtYsXk86X3pCxinhJe27u862PSVS3IJ
cTa2Cwy8jUiLaA2EomRwzk9Hp0HFf+eF6sSwYz5VolQ=kQmr
-----END PGP SIGNATURE-----
. ------------------------------------------------------------------------
WebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0009
------------------------------------------------------------------------
Date reported : December 13, 2018
Advisory ID : WSA-2018-0009
WebKitGTK+ Advisory URL :
https://webkitgtk.org/security/WSA-2018-0009.html
WPE WebKit Advisory URL :
https://wpewebkit.org/security/WSA-2018-0009.html
CVE identifiers : CVE-2018-4437, CVE-2018-4438, CVE-2018-4441,
CVE-2018-4442, CVE-2018-4443, CVE-2018-4464.
Credit to HyungSeok Han, DongHyeon Oh, and Sang Kil Cha of KAIST
Softsec Lab, Korea.
Processing maliciously crafted web content may lead to arbitrary
code execution.
Credit to lokihardt of Google Project Zero.
Processing maliciously crafted web content may lead to arbitrary
code execution.
Credit to lokihardt of Google Project Zero.
Processing maliciously crafted web content may lead to arbitrary
code execution.
Credit to lokihardt of Google Project Zero.
Processing maliciously crafted web content may lead to arbitrary
code execution.
Credit to lokihardt of Google Project Zero.
Processing maliciously crafted web content may lead to arbitrary
code execution.
Credit to HyungSeok Han, DongHyeon Oh, and Sang Kil Cha of KAIST
Softsec Lab, Korea.
Processing maliciously crafted web content may lead to arbitrary
code execution.
We recommend updating to the latest stable versions of WebKitGTK+ and
WPE WebKit. It is the best way to ensure that you are running safe
versions of WebKit. Please check our websites for information about the
latest stable releases.
Further information about WebKitGTK+ and WPE WebKit security advisories
can be found at: https://webkitgtk.org/security.html or
https://wpewebkit.org/security/.
The WebKitGTK+ and WPE WebKit team,
December 13, 2018
|
|
var-200608-0037
|
The Download Validation in LaunchServices for Apple Mac OS X 10.4.7 can identify certain HTML as "safe", which could allow attackers to execute Javascript code in local context when the "Open 'safe' files after downloading" option is enabled in Safari.
These issue affect Mac OS X and various applications including AFP Server, Bluetooth, Bom, DHCP, Image RAW, ImageIO, Launch Services, OpenSSH, and WebKit. A remote attacker may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, and disclose potentially sensitive information |
|
var-202202-0114
|
xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. There is a security vulnerability before Expat2.4.5, which can be exploited by an attacker to insert a namespace separator into a namespace URI. Bugs fixed (https://bugzilla.redhat.com/):
2062751 - CVE-2022-24730 argocd: path traversal and improper access control allows leaking out-of-bound files
2062755 - CVE-2022-24731 argocd: path traversal allows leaking out-of-bound files
2064682 - CVE-2022-1025 Openshift-Gitops: Improper access control allows admin privilege escalation
5.
These packages include redhat-release-virtualization-host.
RHVH features a Cockpit user interface for monitoring the host's resources
and performing administrative tasks.
Bug Fix(es):
* RHV-H has been rebased on RHEL-7.9.z #13 (BZ#2048409)
4. Description:
Red Hat Advanced Cluster Management for Kubernetes 2.3.8 images
Red Hat Advanced Cluster Management for Kubernetes provides the
capabilities to address common challenges that administrators and site
reliability engineers face as they work across a range of public and
private cloud environments. Clusters and applications are all visible and
managed from a single console—with security policy built in. See the following
Release Notes documentation, which will be updated shortly for this
release, for additional details about this release:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/
Security updates:
* nanoid: Information disclosure via valueOf() function (CVE-2021-23566)
* nodejs-shelljs: improper privilege management (CVE-2022-0144)
* follow-redirects: Exposure of Private Personal Information to an
Unauthorized Actor (CVE-2022-0155)
* node-fetch: exposure of sensitive information to an unauthorized actor
(CVE-2022-0235)
* follow-redirects: Exposure of Sensitive Information via Authorization
Header leak (CVE-2022-0536)
Bug fix:
* RHACM 2.3.8 images (Bugzilla #2062316)
3. Bugs fixed (https://bugzilla.redhat.com/):
2043535 - CVE-2022-0144 nodejs-shelljs: improper privilege management
2044556 - CVE-2022-0155 follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor
2044591 - CVE-2022-0235 node-fetch: exposure of sensitive information to an unauthorized actor
2050853 - CVE-2021-23566 nanoid: Information disclosure via valueOf() function
2053259 - CVE-2022-0536 follow-redirects: Exposure of Sensitive Information via Authorization Header leak
2062316 - RHACM 2.3.8 images
5. 8) - aarch64, ppc64le, s390x, x86_64
3. Description:
Mozilla Thunderbird is a standalone mail and newsgroup client.
This update upgrades Thunderbird to version 91.7.0. Description:
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
All OpenShift Container Platform 4.6 users are advised to upgrade to these
updated packages and images when they are available in the appropriate
release channel. To check for available updates, use the OpenShift Console
or the CLI oc command. Instructions for upgrading a cluster are available
at
https://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html
3. Solution:
For OpenShift Container Platform 4.6 see the following documentation, which
will be updated shortly for this release, for important instructions on how
to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html
Details on how to access this content are available at
https://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html
4. Bugs fixed (https://bugzilla.redhat.com/):
2059996 - read_lines_limit needs to be adjusted according to the setting of buffer_chunk_size
2066837 - CVE-2022-24769 moby: Default inheritable capabilities for linux container should be empty
5. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202209-24
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: Expat: Multiple Vulnerabilities
Date: September 29, 2022
Bugs: #791703, #830422, #831918, #833431, #870097
ID: 202209-24
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
=======
Multiple vulnerabilities have been discovered in Expat, the worst of
which could result in arbitrary code execution.
Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/expat < 2.4.9 >= 2.4.9
Description
==========
Multiple vulnerabilities have been discovered in Expat. Please review
the CVE identifiers referenced below for details.
Impact
=====
Please review the referenced CVE identifiers for details.
Workaround
=========
There is no known workaround at this time.
Resolution
=========
All Expat users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">\xdev-libs/expat-2.4.9"
References
=========
[ 1 ] CVE-2021-45960
https://nvd.nist.gov/vuln/detail/CVE-2021-45960
[ 2 ] CVE-2021-46143
https://nvd.nist.gov/vuln/detail/CVE-2021-46143
[ 3 ] CVE-2022-22822
https://nvd.nist.gov/vuln/detail/CVE-2022-22822
[ 4 ] CVE-2022-22823
https://nvd.nist.gov/vuln/detail/CVE-2022-22823
[ 5 ] CVE-2022-22824
https://nvd.nist.gov/vuln/detail/CVE-2022-22824
[ 6 ] CVE-2022-22825
https://nvd.nist.gov/vuln/detail/CVE-2022-22825
[ 7 ] CVE-2022-22826
https://nvd.nist.gov/vuln/detail/CVE-2022-22826
[ 8 ] CVE-2022-22827
https://nvd.nist.gov/vuln/detail/CVE-2022-22827
[ 9 ] CVE-2022-23852
https://nvd.nist.gov/vuln/detail/CVE-2022-23852
[ 10 ] CVE-2022-23990
https://nvd.nist.gov/vuln/detail/CVE-2022-23990
[ 11 ] CVE-2022-25235
https://nvd.nist.gov/vuln/detail/CVE-2022-25235
[ 12 ] CVE-2022-25236
https://nvd.nist.gov/vuln/detail/CVE-2022-25236
[ 13 ] CVE-2022-25313
https://nvd.nist.gov/vuln/detail/CVE-2022-25313
[ 14 ] CVE-2022-25314
https://nvd.nist.gov/vuln/detail/CVE-2022-25314
[ 15 ] CVE-2022-25315
https://nvd.nist.gov/vuln/detail/CVE-2022-25315
[ 16 ] CVE-2022-40674
https://nvd.nist.gov/vuln/detail/CVE-2022-40674
Availability
===========
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202209-24
Concerns?
========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
======
Copyright 2022 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: mingw-expat security update
Advisory ID: RHSA-2022:7811-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2022:7811
Issue date: 2022-11-08
CVE Names: CVE-2022-23990 CVE-2022-25235 CVE-2022-25236
CVE-2022-25313 CVE-2022-25314 CVE-2022-25315
====================================================================
1. Summary:
An update for mingw-expat is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat CodeReady Linux Builder (v. 8) - noarch
3. Description:
Expat is a C library for parsing XML documents. The mingw-expat packages
provide a port of the Expat library for MinGW.
The following packages have been upgraded to a later upstream version:
mingw-expat (2.4.8). (BZ#2057023, BZ#2057037, BZ#2057127)
Security Fix(es):
* expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code
execution (CVE-2022-25235)
* expat: Namespace-separator characters in "xmlns[:prefix]" attribute
values can lead to arbitrary code execution (CVE-2022-25236)
* expat: Integer overflow in storeRawNames() (CVE-2022-25315)
* expat: Stack exhaustion in doctype parsing (CVE-2022-25313)
* expat: Integer overflow in copyString() (CVE-2022-25314)
* expat: Integer overflow in the doProlog function (CVE-2022-23990)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.7 Release Notes linked from the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
2048356 - CVE-2022-23990 expat: integer overflow in the doProlog function
2056350 - CVE-2022-25313 expat: Stack exhaustion in doctype parsing
2056354 - CVE-2022-25314 expat: Integer overflow in copyString()
2056363 - CVE-2022-25315 expat: Integer overflow in storeRawNames()
2056366 - CVE-2022-25235 expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution
2056370 - CVE-2022-25236 expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution
6. Package List:
Red Hat CodeReady Linux Builder (v. 8):
Source:
mingw-expat-2.4.8-1.el8.src.rpm
noarch:
mingw32-expat-2.4.8-1.el8.noarch.rpm
mingw32-expat-debuginfo-2.4.8-1.el8.noarch.rpm
mingw64-expat-2.4.8-1.el8.noarch.rpm
mingw64-expat-debuginfo-2.4.8-1.el8.noarch.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2022-23990
https://access.redhat.com/security/cve/CVE-2022-25235
https://access.redhat.com/security/cve/CVE-2022-25236
https://access.redhat.com/security/cve/CVE-2022-25313
https://access.redhat.com/security/cve/CVE-2022-25314
https://access.redhat.com/security/cve/CVE-2022-25315
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBY2pSN9zjgjWX9erEAQiUug//S0FwujIXoFODWtJgEPijbfoA28JgVjcz
lRdWl0wmXyMSlFkkBVIrOeGgxM4oLUpAwOdOPWIzb/M29xEfo4h3e8lHlwAwqklO
lQcv663dY57lHRfbKgunlYWKTZ4+3kZbziZB/Zv58rw6bPDQ/wE96urY3/O0m1ct
Dkk3j4zKiAnIFKWEvUHCwui7tOeUHXNAasCXifYoePimf9+lgta+pnYf86parIBg
D3afd0S6meUnLqW6EtD0WTJPh6eztjDFEJ/9LKpXo2SL8FAYTrI9yfGQJNsHkGc4
9NaAd3QeBKoGqcg/qBdb9FfwQqHZJGot4BtTui8/E5xnUg3F+/1PuMGxtQ4jI6X9
ey6sWsUKCXMdlhv3TxAs/LFTR1cnkT7heEag/f58eo/W8VBow09k7cs3iktrNd+M
4REv3cfyJ+kFAfA6N6plHb27lFP0aTMveH7FYiWpFGqPH15u3NFcPdsk8qijv4WZ
sREJ6LgDknk80Rmla2td+l3Vo4iTCWEL7gvoY9uhzWCbuMvj1SSk5rOqVXtOEvuF
8MpPM+xShIgGbYrFPxeMjYF16p+FxYVDcapSGrIORksAKOunAWDOHmZf+jR7iCMX
ts3y9wxwNBObMK+Jr+ApYRohz9obamvxjlwBwXSWJ6xlsFyu5Y3e6IzSm/EJpK1i
f25ydDFruA4=jL/2
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce
|
|
var-200801-0578
|
The chrp_show_cpuinfo function (chrp/setup.c) in Linux kernel 2.4.21 through 2.6.18-53, when running on PowerPC, might allow local users to cause a denial of service (crash) via unknown vectors that cause the of_get_property function to fail, which triggers a NULL pointer dereference. The Linux kernel is prone to a local denial-of-service vulnerability.
Attackers can exploit this issue to crash the affected kernel, denying service to legitimate users.
This issue affects Linux kernel 2.4.21 through 2.6.18-53 running on the PowerPC architecture. The NFSv4 implementation is one of the distributed file system protocols. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ----------------------------------------------------------------------
Debian Security Advisory DSA-1565-1 security@debian.org
http://www.debian.org/security/ dann frazier
May 1, 2008 http://www.debian.org/security/faq
- ----------------------------------------------------------------------
Package : linux-2.6
Vulnerability : several vulnerabilities
Problem type : local
Debian-specific: no
CVE Id(s) : CVE-2007-6694 CVE-2008-0007 CVE-2008-1294 CVE-2008-1375
Several local vulnerabilities have been discovered in the Linux kernel
that may lead to a denial of service or the execution of arbitrary
code. The Common Vulnerabilities and Exposures project identifies the
following problems:
CVE-2007-6694
Cyrill Gorcunov reported a NULL pointer dereference in code specific
to the CHRP PowerPC platforms.
CVE-2008-1294
David Peer discovered that users could escape administrator imposed cpu
time limitations (RLIMIT_CPU) by setting a limit of 0.
CVE-2008-1375
Alexander Viro discovered a race condition in the directory notification
subsystem that allows local users to cause a Denial of Service (oops)
and possibly result in an escalation of priveleges.
For the stable distribution (etch), this problem has been fixed in version
2.6.18.dfsg.1-18etch3.
The unstable (sid) and testing distributions will be fixed soon.
We recommend that you upgrade your linux-2.6, fai-kernels, and
user-mode-linux packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
The following matrix lists additional source packages that were rebuilt for
compatability with or to take advantage of this update:
Debian 4.0 (etch)
fai-kernels 1.17+etch.18etch3
user-mode-linux 2.6.18-1um-2etch.18etch3
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- -------------------------------
Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch3.dsc
Size/MD5 checksum: 740 950fed7ed7c289cfea9c1b39f0f41bc0
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch2.dsc
Size/MD5 checksum: 740 6f6faa132a53e808bcc61823d140290a
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-18etch3.diff.gz
Size/MD5 checksum: 5395308 ae08d42b58cd3cf93a23fe31615ac2fd
http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um.orig.tar.gz
Size/MD5 checksum: 14435 4d10c30313e11a24621f7218c31f3582
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1.orig.tar.gz
Size/MD5 checksum: 52225460 6a1ab0948d6b5b453ea0fce0fcc29060
http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.18etch3.dsc
Size/MD5 checksum: 892 ca5cdee7568704bc9f6c58f786d0daae
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch3.tar.gz
Size/MD5 checksum: 55267 981e9a0a1d79b1605164588eef7da492
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-18etch3.dsc
Size/MD5 checksum: 5672 4e4714f542968b30b2c3f94e203e1e04
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch2.tar.gz
Size/MD5 checksum: 55185 0a46d75b3ced870a96ea41b900f1ecaa
http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.18etch2.diff.gz
Size/MD5 checksum: 16873 868c1f27ad2c8db782bbd2bdc3618d70
http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.18etch2.dsc
Size/MD5 checksum: 892 52c602d55bdc301a0622ed8a63745f29
http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.18etch3.diff.gz
Size/MD5 checksum: 16968 ff99991657e11545a0f557b623962c52
Architecture independent packages:
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.18_2.6.18.dfsg.1-18etch3_all.deb
Size/MD5 checksum: 3589210 d2033347599e8db12e2446fd75c0ce37
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.18_2.6.18.dfsg.1-18etch3_all.deb
Size/MD5 checksum: 54558 3362cfa5f1de0c80b1aa96f22d846c7e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.18_2.6.18.dfsg.1-18etch3_all.deb
Size/MD5 checksum: 1586214 a496f633c826ce730ce6150dff49209f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.18_2.6.18.dfsg.1-18etch3_all.deb
Size/MD5 checksum: 41463452 67e56915cd61f4b0058aa668e284ca8c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.18_2.6.18.dfsg.1-18etch3_all.deb
Size/MD5 checksum: 1085670 9c6513bc6e29a63d0aedc8da8958fc3f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.18-6_2.6.18.dfsg.1-18etch3_all.deb
Size/MD5 checksum: 3752262 e2f225858212089b10aa319236d300f3
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch3_alpha.deb
Size/MD5 checksum: 3027694 ef8b352212a8184702407e69cb7046bd
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-legacy_2.6.18.dfsg.1-18etch3_alpha.deb
Size/MD5 checksum: 268330 7b7d0ab15fe537a59c68b35531750739
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch3_alpha.deb
Size/MD5 checksum: 54038 f42aafb19b9fae6445d0581277b60e92
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-alpha_2.6.18.dfsg.1-18etch3_alpha.deb
Size/MD5 checksum: 23531650 8633558cda9f10fbadbc9299dde77575
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-alpha_2.6.18.dfsg.1-18etch3_alpha.deb
Size/MD5 checksum: 54074 f4b61f5f330a7a2248d91432fa307f41
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-generic_2.6.18.dfsg.1-18etch3_alpha.deb
Size/MD5 checksum: 268076 09bdbafb6d32a4d9f8ceab5f1a6c666e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-generic_2.6.18.dfsg.1-18etch3_alpha.deb
Size/MD5 checksum: 23484202 d14e2e1d8537aa0cb2f2367f6ddd6762
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-smp_2.6.18.dfsg.1-18etch3_alpha.deb
Size/MD5 checksum: 23844262 0cb427290707d8a59a3afdf68f523e6b
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch3_alpha.deb
Size/MD5 checksum: 3052524 4323a32807ee9a2a7f13bc605ef0a9c7
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-alpha_2.6.18.dfsg.1-18etch3_alpha.deb
Size/MD5 checksum: 268772 bcec817953f14a50253dbe83e16d6c70
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-legacy_2.6.18.dfsg.1-18etch3_alpha.deb
Size/MD5 checksum: 23462618 f6873f376755c4f29b24d0d11c9d70ae
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-smp_2.6.18.dfsg.1-18etch3_alpha.deb
Size/MD5 checksum: 267446 376df6aed1989d65f8144f8790862e17
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-amd64_2.6.18.dfsg.1-18etch3_amd64.deb
Size/MD5 checksum: 15260738 6c000df81a113d2d69a9473a3d764f08
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-amd64_2.6.18.dfsg.1-18etch3_amd64.deb
Size/MD5 checksum: 16859134 9480377d14efcd65c7bde090d2c18023
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver_2.6.18.dfsg.1-18etch3_amd64.deb
Size/MD5 checksum: 3357018 fcb1a842f85110b4a37d246621027ad3
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-amd64_2.6.18.dfsg.1-18etch3_amd64.deb
Size/MD5 checksum: 271914 9a7953d1adbcfbbea07a1357450f34a0
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-18etch3_amd64.deb
Size/MD5 checksum: 15272470 2581dfa79e27ead359eb27642748b3df
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-amd64_2.6.18.dfsg.1-18etch3_amd64.deb
Size/MD5 checksum: 54066 ce821a602278441fb157d2e8dffa7840
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-amd64_2.6.18.dfsg.1-18etch3_amd64.deb
Size/MD5 checksum: 16820486 a1540f416895111ff4a4f6dc8d5ae2ad
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch3_amd64.deb
Size/MD5 checksum: 3191118 dae286014c3a55824e3cb3040948caa4
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-amd64_2.6.18.dfsg.1-18etch3_amd64.deb
Size/MD5 checksum: 271584 5246a3f1ccb78bde203aab0338e90cd3
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch3_amd64.deb
Size/MD5 checksum: 54038 20567a8f59997151900492fbbdb5a5bf
http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-amd64_2.6.18.dfsg.1-18etch3_amd64.deb
Size/MD5 checksum: 54012 fcd8a752e777bf97667914fe658ca440
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch3_amd64.deb
Size/MD5 checksum: 3167674 8fed61ce7278a060d600e54481851c2b
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen_2.6.18.dfsg.1-18etch3_amd64.deb
Size/MD5 checksum: 3334306 bd7dd1d9b1518e0e52f3d513ad9f7cea
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-amd64_2.6.18.dfsg.1-18etch3_amd64.deb
Size/MD5 checksum: 1650934 92ab0f73f6d2a1699f975ebede812c99
http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-18etch3_amd64.deb
Size/MD5 checksum: 54034 224990e92d1255bac74a4a540ef8ee15
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-amd64_2.6.18.dfsg.1-18etch3_amd64.deb
Size/MD5 checksum: 271184 4d2dfd603bf61408db599c9a972d6824
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-18etch3_amd64.deb
Size/MD5 checksum: 1682946 a2ccb197f0b4bc35e889a61c095add5e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-18etch3_amd64.deb
Size/MD5 checksum: 272850 4cab43a5199e6764b4857a91aaa52e09
arm architecture (ARM)
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-iop32x_2.6.18.dfsg.1-18etch3_arm.deb
Size/MD5 checksum: 7924514 6f93e2c2e0f3e5ddeddb95bd50d560ef
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-footbridge_2.6.18.dfsg.1-18etch3_arm.deb
Size/MD5 checksum: 233088 acb0dd092348b024f08e0fc2467c31f3
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-arm_2.6.18.dfsg.1-18etch3_arm.deb
Size/MD5 checksum: 54104 1437f25c10919b2f944295b8d7f168d8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch3_arm.deb
Size/MD5 checksum: 54064 1afdbacaa80466a4705a9b7ef50a4a9d
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-ixp4xx_2.6.18.dfsg.1-18etch3_arm.deb
Size/MD5 checksum: 239810 542097b2625db36fa56dfd7a29b66f37
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-iop32x_2.6.18.dfsg.1-18etch3_arm.deb
Size/MD5 checksum: 233830 e9a09a7d2a3927486adc68e1f1f7f0f8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch3_arm.deb
Size/MD5 checksum: 3410416 dfc64565c01ac1f01784d72a8befa378
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-footbridge_2.6.18.dfsg.1-18etch3_arm.deb
Size/MD5 checksum: 7566074 822c9f74d2a88f4ac8e94210ecb06752
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-s3c2410_2.6.18.dfsg.1-18etch3_arm.deb
Size/MD5 checksum: 204874 1b773fb8b26f20629b8c868db90c5521
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s3c2410_2.6.18.dfsg.1-18etch3_arm.deb
Size/MD5 checksum: 5009022 ef23e40a692019b29f03f1ef7c864e12
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-rpc_2.6.18.dfsg.1-18etch3_arm.deb
Size/MD5 checksum: 4586924 66c55044ecf936cf08b69e3f78f8318e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-ixp4xx_2.6.18.dfsg.1-18etch3_arm.deb
Size/MD5 checksum: 8870890 a5a52727b1e019791b260c65d4793911
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-rpc_2.6.18.dfsg.1-18etch3_arm.deb
Size/MD5 checksum: 198750 09c8bda5566b05dd0f969dedfc316d4c
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc_2.6.18.dfsg.1-18etch3_hppa.deb
Size/MD5 checksum: 10552252 247e3774a6493211af6575531966a8a4
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch3_hppa.deb
Size/MD5 checksum: 3020374 69fbbe6591cdab73257c9f68bacb63c0
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch3_hppa.deb
Size/MD5 checksum: 54044 77f6c66523dba6bb546b28b6b40b51e9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc64_2.6.18.dfsg.1-18etch3_hppa.deb
Size/MD5 checksum: 196344 3ed099784ab8fe2f625462b1689ea7cd
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc-smp_2.6.18.dfsg.1-18etch3_hppa.deb
Size/MD5 checksum: 196818 f0d8bbb055a380b4c2b6064bbd9de0ac
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-hppa_2.6.18.dfsg.1-18etch3_hppa.deb
Size/MD5 checksum: 54068 f91b5aa270a091f57a246e4cf1f6924a
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc_2.6.18.dfsg.1-18etch3_hppa.deb
Size/MD5 checksum: 195368 29352673ddd4364e7dab3f5a1eb6e2d1
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc64-smp_2.6.18.dfsg.1-18etch3_hppa.deb
Size/MD5 checksum: 197570 bde8500410397921905e78f71cd68a10
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc64_2.6.18.dfsg.1-18etch3_hppa.deb
Size/MD5 checksum: 11398348 8201e0a1b33c60d737fb2821dadb8d18
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc-smp_2.6.18.dfsg.1-18etch3_hppa.deb
Size/MD5 checksum: 10999924 6a0b08925946b094d1638ca20095df15
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc64-smp_2.6.18.dfsg.1-18etch3_hppa.deb
Size/MD5 checksum: 11806360 7e63ef04531d59c2e3d0c93893d09bf0
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-686_2.6.18.dfsg.1-18etch3_i386.deb
Size/MD5 checksum: 16376092 f7e958b27f039bb044d46f94cc0c9231
http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-686_2.6.18.dfsg.1-18etch3_i386.deb
Size/MD5 checksum: 54014 593ee26c9bed3b3c853511c6bbbd13ea
http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.18etch2_i386.deb
Size/MD5 checksum: 25583354 6cc7cc34a241783bb8f3b2c9da7595a2
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-k7_2.6.18.dfsg.1-18etch3_i386.deb
Size/MD5 checksum: 278502 0f7f0e13f78438eeb1a939a637b8070c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-k7_2.6.18.dfsg.1-18etch3_i386.deb
Size/MD5 checksum: 16466936 99c66acfa3cd0c109f0d3e2eaedf8877
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-k7_2.6.18.dfsg.1-18etch3_i386.deb
Size/MD5 checksum: 279716 62626201a89882bab17d10ce706b2df5
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-18etch3_i386.deb
Size/MD5 checksum: 14289932 049b2b4696e9cbeec20ec8c2056c7185
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-686_2.6.18.dfsg.1-18etch3_i386.deb
Size/MD5 checksum: 277596 042152b79d08eea568fd7481b4849386
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-k7_2.6.18.dfsg.1-18etch3_i386.deb
Size/MD5 checksum: 16507076 a1a5845401d351c6fa1f380565bcb5d6
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-486_2.6.18.dfsg.1-18etch3_i386.deb
Size/MD5 checksum: 16190600 6c50e29e1616140b367e626c93db2ae4
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-686_2.6.18.dfsg.1-18etch3_i386.deb
Size/MD5 checksum: 271900 8d74262b41e039125ce896f8e8d2f8bd
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-18etch3_i386.deb
Size/MD5 checksum: 272690 94db026fc7d498b48c5ac0b504f63390
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-686_2.6.18.dfsg.1-18etch3_i386.deb
Size/MD5 checksum: 1299670 879785b1ee5f4ef0bec7423e5c7599e9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-686_2.6.18.dfsg.1-18etch3_i386.deb
Size/MD5 checksum: 14279230 3101d59c0d8ad8bf617f4d0eefbbb7de
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-i386_2.6.18.dfsg.1-18etch3_i386.deb
Size/MD5 checksum: 54088 e23a1d89d0f998caed5b594c5762dc19
http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-18etch3_i386.deb
Size/MD5 checksum: 54032 d7b04d8d6f7a0d43579a499e4e0b681b
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch2_i386.deb
Size/MD5 checksum: 5518204 0ce72fa3c9dfd208b1afa6912ffbcc3d
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-686_2.6.18.dfsg.1-18etch3_i386.deb
Size/MD5 checksum: 16336828 0780d6d13e90466249f83e6d72ce1780
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch3_i386.deb
Size/MD5 checksum: 5518218 b86648769c5d3db2eb79b1bf6d490c50
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen_2.6.18.dfsg.1-18etch3_i386.deb
Size/MD5 checksum: 3148608 633afcaaeb9d655b8bde34977bfd0bd5
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-amd64_2.6.18.dfsg.1-18etch3_i386.deb
Size/MD5 checksum: 272236 a611f8a0301e945ce72af3610bc05350
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch3_i386.deb
Size/MD5 checksum: 3054330 6cfae664f54be8c9ed3958c003f404c9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch3_i386.deb
Size/MD5 checksum: 3167916 756a4eed5e44d0530c5f20a7bc80d3d2
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-686-bigmem_2.6.18.dfsg.1-18etch3_i386.deb
Size/MD5 checksum: 279366 357140fdeff990683639e8f290593b0c
http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.18etch3_i386.deb
Size/MD5 checksum: 25583596 f0c6d87c849d5384be99dba70d34fb0d
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-486_2.6.18.dfsg.1-18etch3_i386.deb
Size/MD5 checksum: 282728 a6b21a6fc38381b3884b2d2cd052d306
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-amd64_2.6.18.dfsg.1-18etch3_i386.deb
Size/MD5 checksum: 16836766 be9c22427d5666a80bf96e4c6501ebf7
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch3_i386.deb
Size/MD5 checksum: 54030 125894b7dd2b90ba5f48de2e7f04518b
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-18etch3_i386.deb
Size/MD5 checksum: 1326708 add492f75bb0337e6e69a4afb73114c6
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-686-bigmem_2.6.18.dfsg.1-18etch3_i386.deb
Size/MD5 checksum: 16404432 9411c28cfbb27329417aa28b32de764c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver_2.6.18.dfsg.1-18etch3_i386.deb
Size/MD5 checksum: 3170704 6b86d80969e7f62ceaae5ee5af7f1a5c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-686_2.6.18.dfsg.1-18etch3_i386.deb
Size/MD5 checksum: 279198 92c75044e071977263a20c444ee655d0
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-itanium_2.6.18.dfsg.1-18etch3_ia64.deb
Size/MD5 checksum: 255464 ad4b1e9a12ca70ebb46a4c0f77bb62bf
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-itanium_2.6.18.dfsg.1-18etch3_ia64.deb
Size/MD5 checksum: 28013676 bacb3a11176542aa961867eaac8539d3
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-mckinley_2.6.18.dfsg.1-18etch3_ia64.deb
Size/MD5 checksum: 28181506 d0c75846976e8ebcd8baf1ee64a46414
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch3_ia64.deb
Size/MD5 checksum: 54036 746e70c193f28c412acec61cf63e4572
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-ia64_2.6.18.dfsg.1-18etch3_ia64.deb
Size/MD5 checksum: 54050 fa3dc6c7671185e9ce4f7a00783990dc
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch3_ia64.deb
Size/MD5 checksum: 3081858 970b72442606e4878d77a274d4fa4306
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-mckinley_2.6.18.dfsg.1-18etch3_ia64.deb
Size/MD5 checksum: 255414 885054343ab6670ce1d90f7bdda61ef2
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r5k-ip32_2.6.18.dfsg.1-18etch3_mips.deb
Size/MD5 checksum: 167030 7bce3329b9fc5d10faafecfac21bc70a
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-18etch3_mips.deb
Size/MD5 checksum: 186870 37e9b246abeb84886cd9a6215187f229
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r4k-ip22_2.6.18.dfsg.1-18etch3_mips.deb
Size/MD5 checksum: 8309262 893346de1a07ed015320fe333fc41037
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-18etch3_mips.deb
Size/MD5 checksum: 15653182 1938128d29990cc16bc3f829d3fa1cbf
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-qemu_2.6.18.dfsg.1-18etch3_mips.deb
Size/MD5 checksum: 6125514 e6842c7aedc7b70d5a4a5d8e624e9627
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r4k-ip22_2.6.18.dfsg.1-18etch3_mips.deb
Size/MD5 checksum: 162870 5ebcff098fd97c89bc0f3057f68c3e31
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-mips_2.6.18.dfsg.1-18etch3_mips.deb
Size/MD5 checksum: 54110 9408231d8eb91431b2ca495f1e94f3cb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch3_mips.deb
Size/MD5 checksum: 54054 ed109dbb8bf134256164d6d07bd061f6
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch3_mips.deb
Size/MD5 checksum: 3413590 6013078ea705dbf5367d284f6ae401a4
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-qemu_2.6.18.dfsg.1-18etch3_mips.deb
Size/MD5 checksum: 154266 e5775b643e07055ec7121815d9316e62
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-18etch3_mips.deb
Size/MD5 checksum: 186682 9027d5504f2739d64d1bb4111ec5e136
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-18etch3_mips.deb
Size/MD5 checksum: 15677870 4b5a1f2e56c587a0d470ea17fab07647
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r5k-ip32_2.6.18.dfsg.1-18etch3_mips.deb
Size/MD5 checksum: 9075438 02f535440d5018de7b6233b232aa04de
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r5k-cobalt_2.6.18.dfsg.1-18etch3_mipsel.deb
Size/MD5 checksum: 9863510 a6c8def78ca64e8e8b6ef10533186d30
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-qemu_2.6.18.dfsg.1-18etch3_mipsel.deb
Size/MD5 checksum: 149960 2e09d53e58663189a043b7d7493cec8e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r4k-kn04_2.6.18.dfsg.1-18etch3_mipsel.deb
Size/MD5 checksum: 5926528 cb0dfe477608a2da181596f9b78ceddc
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r3k-kn02_2.6.18.dfsg.1-18etch3_mipsel.deb
Size/MD5 checksum: 155716 76a619c24cc74cfe22ab42f9f2964096
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch3_mipsel.deb
Size/MD5 checksum: 54040 affef50872a733868e2e3d58d566993a
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r4k-kn04_2.6.18.dfsg.1-18etch3_mipsel.deb
Size/MD5 checksum: 155772 dd2d75f96ee5dd4c7a7ff8250f631649
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-18etch3_mipsel.deb
Size/MD5 checksum: 182490 f6be30e57bbff0ecace79826d4474bb3
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r3k-kn02_2.6.18.dfsg.1-18etch3_mipsel.deb
Size/MD5 checksum: 5941862 45689ea22cb4ebdfb71936f79e00eebe
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r5k-cobalt_2.6.18.dfsg.1-18etch3_mipsel.deb
Size/MD5 checksum: 178194 4baf9d4d2fed0b5e3f12add06fae014b
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch3_mipsel.deb
Size/MD5 checksum: 3350066 4938243e89da8ace26c47d00bc60acf1
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-18etch3_mipsel.deb
Size/MD5 checksum: 182706 84024a93ebcd9d394f179c8ee254ef1b
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-18etch3_mipsel.deb
Size/MD5 checksum: 15053292 024f0d5e1fbaf5c7d5664aca87ac8741
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-mipsel_2.6.18.dfsg.1-18etch3_mipsel.deb
Size/MD5 checksum: 54102 d25d6e1de865a3da93959dd8f8034d7f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-qemu_2.6.18.dfsg.1-18etch3_mipsel.deb
Size/MD5 checksum: 6027404 26b3c01fd8f1c798189c1ee5ec44d11c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-18etch3_mipsel.deb
Size/MD5 checksum: 15030096 69c0f1d1c25f49c3201a0b3edc1873b0
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-prep_2.6.18.dfsg.1-18etch3_powerpc.deb
Size/MD5 checksum: 16402406 7f918a1714d84f8ccb6aaf1a13fc518e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-powerpc_2.6.18.dfsg.1-18etch3_powerpc.deb
Size/MD5 checksum: 17016786 c06998d5b9b3c192bde5ecc4119830a1
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-powerpc_2.6.18.dfsg.1-18etch3_powerpc.deb
Size/MD5 checksum: 54088 3683bf42ff1af3009202bf4c6a0e30cd
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc_2.6.18.dfsg.1-18etch3_powerpc.deb
Size/MD5 checksum: 16626352 37c3c60edcd7f7b22ededfcda073b5a8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc_2.6.18.dfsg.1-18etch3_powerpc.deb
Size/MD5 checksum: 251358 20ade66e354f4473ff045bb0e4e2f7c5
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc-miboot_2.6.18.dfsg.1-18etch3_powerpc.deb
Size/MD5 checksum: 229986 a6996ddd8cd1f5439aecfc4693ab83f9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch3_powerpc.deb
Size/MD5 checksum: 54036 d451146b15c05d5d630f72a3399a3464
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc64_2.6.18.dfsg.1-18etch3_powerpc.deb
Size/MD5 checksum: 253356 69fd6bca694ce1aea2788658eb530d3e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-powerpc64_2.6.18.dfsg.1-18etch3_powerpc.deb
Size/MD5 checksum: 18348404 6899ee7990a534276f4c98970a05a843
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch3_powerpc.deb
Size/MD5 checksum: 3414514 54cad7ae1cd248f0125aa12c9823f0c7
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc64_2.6.18.dfsg.1-18etch3_powerpc.deb
Size/MD5 checksum: 18293832 2025add962d50482de362ee202f8bb79
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-powerpc_2.6.18.dfsg.1-18etch3_powerpc.deb
Size/MD5 checksum: 252806 ed8f3ba9ab6384096d25204af0594ed1
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch3_powerpc.deb
Size/MD5 checksum: 3392288 02cba07fa4ab35192737f7a40907cf53
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc-smp_2.6.18.dfsg.1-18etch3_powerpc.deb
Size/MD5 checksum: 16969082 d986973f5c4d0e577b169c96ffa0cec4
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc-miboot_2.6.18.dfsg.1-18etch3_powerpc.deb
Size/MD5 checksum: 15157518 c3ae440ddcd66b9aaa80260824f91967
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-powerpc64_2.6.18.dfsg.1-18etch3_powerpc.deb
Size/MD5 checksum: 253230 4d2e3ce370d0c3caf798cfee0dfc44d2
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-prep_2.6.18.dfsg.1-18etch3_powerpc.deb
Size/MD5 checksum: 246254 fa91c1654d4f46128856838066eb11bf
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc-smp_2.6.18.dfsg.1-18etch3_powerpc.deb
Size/MD5 checksum: 252272 5eda39b6177f4e66f082c06a159f5719
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-s390_2.6.18.dfsg.1-18etch3_s390.deb
Size/MD5 checksum: 54058 9e8a26d5500ffcd7a6a29dfac6d570b8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch3_s390.deb
Size/MD5 checksum: 54032 350d6fe5dcfdefcc6f92e364f0ffba3f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390_2.6.18.dfsg.1-18etch3_s390.deb
Size/MD5 checksum: 5401990 4af4cf18cb011bb00bb882f7a03c9a21
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-s390_2.6.18.dfsg.1-18etch3_s390.deb
Size/MD5 checksum: 143264 76db142c20b22a4d0847f6309e0a10da
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch3_s390.deb
Size/MD5 checksum: 2966014 81cfb914839c4709399e25ffe9eb2cb5
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-s390x_2.6.18.dfsg.1-18etch3_s390.deb
Size/MD5 checksum: 143688 4291bc7d9865c2842a181b22a7992188
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-s390x_2.6.18.dfsg.1-18etch3_s390.deb
Size/MD5 checksum: 5661534 8f7661bfe58017b2e3aa2eb9ca3ffadd
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390-tape_2.6.18.dfsg.1-18etch3_s390.deb
Size/MD5 checksum: 1438796 18d9f041343153cf48f441eeed112885
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390x_2.6.18.dfsg.1-18etch3_s390.deb
Size/MD5 checksum: 5619704 7213d869d6e23933ae5e55c87fade8f6
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-s390x_2.6.18.dfsg.1-18etch3_s390.deb
Size/MD5 checksum: 144632 5df45b01064fc7de2106e8b532946cb5
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch3_s390.deb
Size/MD5 checksum: 2942938 7dcac05e6588849c7491ef1004759f39
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch3_sparc.deb
Size/MD5 checksum: 3168126 ef5277a44be4e2fb95d7f7feca1cc568
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sparc32_2.6.18.dfsg.1-18etch3_sparc.deb
Size/MD5 checksum: 165126 8d82f98016c375c250105791051e3021
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sparc32_2.6.18.dfsg.1-18etch3_sparc.deb
Size/MD5 checksum: 6411270 7106725061d98e4036d0ebabd01ca7fa
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sparc64-smp_2.6.18.dfsg.1-18etch3_sparc.deb
Size/MD5 checksum: 195102 73419b6d64a68410924a0471f0d3bf62
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sparc64_2.6.18.dfsg.1-18etch3_sparc.deb
Size/MD5 checksum: 10391364 f35ec6950afc88b69fa814d005b68550
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch3_sparc.deb
Size/MD5 checksum: 54046 dbd49273f393e72c21f056d50f94cf02
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch3_sparc.deb
Size/MD5 checksum: 3190444 40bc9af5142779024dea09675f833778
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sparc64_2.6.18.dfsg.1-18etch3_sparc.deb
Size/MD5 checksum: 194260 80fdc90e470899b21ae831aaa06702b9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-sparc64_2.6.18.dfsg.1-18etch3_sparc.deb
Size/MD5 checksum: 195828 2036f355f29c418602074540bde81c65
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-sparc64_2.6.18.dfsg.1-18etch3_sparc.deb
Size/MD5 checksum: 10693152 7bef279c0e967019fa5e8a07c1eb4019
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sparc64-smp_2.6.18.dfsg.1-18etch3_sparc.deb
Size/MD5 checksum: 10647534 197798f662b6e4fc55d0f64dcea6eeff
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-sparc_2.6.18.dfsg.1-18etch3_sparc.deb
Size/MD5 checksum: 54076 8a2d9ac2067a4c8a7b090da06faf4025
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFIGgmwhuANDBmkLRkRAoRpAKCCo/Ja0CkmHW8VQijCHN7Y5l113ACeKR48
1gWjfQ6MRn5jOphirPT8DZg=
=22DK
-----END PGP SIGNATURE-----
. ===========================================================
Ubuntu Security Notice USN-618-1 June 19, 2008
linux-source-2.6.15/20/22 vulnerabilities
CVE-2007-4571, CVE-2007-5904, CVE-2007-6694, CVE-2008-0007,
CVE-2008-1294, CVE-2008-1375, CVE-2008-1669
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 7.04
Ubuntu 7.10
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
linux-image-2.6.15-52-386 2.6.15-52.67
linux-image-2.6.15-52-686 2.6.15-52.67
linux-image-2.6.15-52-amd64-generic 2.6.15-52.67
linux-image-2.6.15-52-amd64-k8 2.6.15-52.67
linux-image-2.6.15-52-amd64-server 2.6.15-52.67
linux-image-2.6.15-52-amd64-xeon 2.6.15-52.67
linux-image-2.6.15-52-hppa32 2.6.15-52.67
linux-image-2.6.15-52-hppa32-smp 2.6.15-52.67
linux-image-2.6.15-52-hppa64 2.6.15-52.67
linux-image-2.6.15-52-hppa64-smp 2.6.15-52.67
linux-image-2.6.15-52-itanium 2.6.15-52.67
linux-image-2.6.15-52-itanium-smp 2.6.15-52.67
linux-image-2.6.15-52-k7 2.6.15-52.67
linux-image-2.6.15-52-mckinley 2.6.15-52.67
linux-image-2.6.15-52-mckinley-smp 2.6.15-52.67
linux-image-2.6.15-52-powerpc 2.6.15-52.67
linux-image-2.6.15-52-powerpc-smp 2.6.15-52.67
linux-image-2.6.15-52-powerpc64-smp 2.6.15-52.67
linux-image-2.6.15-52-server 2.6.15-52.67
linux-image-2.6.15-52-server-bigiron 2.6.15-52.67
linux-image-2.6.15-52-sparc64 2.6.15-52.67
linux-image-2.6.15-52-sparc64-smp 2.6.15-52.67
Ubuntu 7.04:
linux-image-2.6.20-17-386 2.6.20-17.36
linux-image-2.6.20-17-generic 2.6.20-17.36
linux-image-2.6.20-17-hppa32 2.6.20-17.36
linux-image-2.6.20-17-hppa64 2.6.20-17.36
linux-image-2.6.20-17-itanium 2.6.20-17.36
linux-image-2.6.20-17-lowlatency 2.6.20-17.36
linux-image-2.6.20-17-mckinley 2.6.20-17.36
linux-image-2.6.20-17-powerpc 2.6.20-17.36
linux-image-2.6.20-17-powerpc-smp 2.6.20-17.36
linux-image-2.6.20-17-powerpc64-smp 2.6.20-17.36
linux-image-2.6.20-17-server 2.6.20-17.36
linux-image-2.6.20-17-server-bigiron 2.6.20-17.36
linux-image-2.6.20-17-sparc64 2.6.20-17.36
linux-image-2.6.20-17-sparc64-smp 2.6.20-17.36
Ubuntu 7.10:
linux-image-2.6.22-15-386 2.6.22-15.54
linux-image-2.6.22-15-cell 2.6.22-15.54
linux-image-2.6.22-15-generic 2.6.22-15.54
linux-image-2.6.22-15-hppa32 2.6.22-15.54
linux-image-2.6.22-15-hppa64 2.6.22-15.54
linux-image-2.6.22-15-itanium 2.6.22-15.54
linux-image-2.6.22-15-lpia 2.6.22-15.54
linux-image-2.6.22-15-lpiacompat 2.6.22-15.54
linux-image-2.6.22-15-mckinley 2.6.22-15.54
linux-image-2.6.22-15-powerpc 2.6.22-15.54
linux-image-2.6.22-15-powerpc-smp 2.6.22-15.54
linux-image-2.6.22-15-powerpc64-smp 2.6.22-15.54
linux-image-2.6.22-15-rt 2.6.22-15.54
linux-image-2.6.22-15-server 2.6.22-15.54
linux-image-2.6.22-15-sparc64 2.6.22-15.54
linux-image-2.6.22-15-sparc64-smp 2.6.22-15.54
linux-image-2.6.22-15-ume 2.6.22-15.54
linux-image-2.6.22-15-virtual 2.6.22-15.54
linux-image-2.6.22-15-xen 2.6.22-15.54
After a standard system upgrade you need to reboot your computer to
effect the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-386,
linux-powerpc, linux-amd64-generic), a standard system upgrade will
automatically perform this as well.
Details follow:
It was discovered that the ALSA /proc interface did not write the
correct number of bytes when reporting memory allocations. A local
attacker might be able to access sensitive kernel memory, leading to
a loss of privacy. (CVE-2007-4571)
Multiple buffer overflows were discovered in the handling of CIFS
filesystems. A malicious CIFS server could cause a client system crash
or possibly execute arbitrary code with kernel privileges. (CVE-2007-5904)
It was discovered that PowerPC kernels did not correctly handle reporting
certain system details. By requesting a specific set of information,
a local attacker could cause a system crash resulting in a denial
of service. (CVE-2007-6694)
It was discovered that some device driver fault handlers did not
correctly verify memory ranges. A local attacker could exploit this
to access sensitive kernel memory, possibly leading to a loss of privacy.
(CVE-2008-0007)
It was discovered that CPU resource limits could be bypassed.
A malicious local user could exploit this to avoid administratively
imposed resource limits. (CVE-2008-1294)
A race condition was discovered between dnotify fcntl() and close() in
the kernel. If a local attacker performed malicious dnotify requests,
they could cause memory consumption leading to a denial of service,
or possibly send arbitrary signals to any process. (CVE-2008-1375)
On SMP systems, a race condition existed in fcntl(). Local attackers
could perform malicious locks, causing system crashes and leading to
a denial of service. (CVE-2008-1669)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/linux-backports-modules-2.6.15_2.6.15-52.10.dsc
Size/MD5: 2611 f3dd319890b9704ecc00045636534db7
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/linux-backports-modules-2.6.15_2.6.15-52.10.tar.gz
Size/MD5: 446767 c94e2a00ecf18fce9dd031ac6e9cd052
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15-52.67.diff.gz
Size/MD5: 2873504 d7723bb11612357b4608e8f60e4b8418
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15-52.67.dsc
Size/MD5: 2374 45557a3d6035adbdd6ed5305b0833105
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15.orig.tar.gz
Size/MD5: 57403387 88ab0747cb8c2ceed662e0fd1b27d81d
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15_2.6.15.12-52.3.diff.gz
Size/MD5: 95993 a73703b2df5faf419f59a512078613a2
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15_2.6.15.12-52.3.dsc
Size/MD5: 3194 c10a6c6c95b0be5c93d4681f2a5759b8
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15_2.6.15.12.orig.tar.gz
Size/MD5: 97745908 fb5765cfa2b0fdb06deb54fd6e537772
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-doc-2.6.15_2.6.15-52.67_all.deb
Size/MD5: 5162896 72f6b6c423959afebb74c6a804c0f388
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-kernel-devel_2.6.15-52.67_all.deb
Size/MD5: 92962 51e59e2666145a31fb4ac47c3d4ab61e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15-52.67_all.deb
Size/MD5: 44740314 06fa6b3c9496839b240aa285a9f85e26
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-common_2.6.15.12-52.3_all.deb
Size/MD5: 18452 37a5059b2b5efaa59c7e688a6003c732
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/linux-backports-modules-2.6.15-52-amd64-generic_2.6.15-52.10_amd64.deb
Size/MD5: 165150 0a73a8b05abfc08043f9e308459a3a9e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/linux-backports-modules-2.6.15-52-amd64-k8_2.6.15-52.10_amd64.deb
Size/MD5: 165240 50c208a7c25cdf1b13c4edc5703e23b1
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/linux-backports-modules-2.6.15-52-amd64-server_2.6.15-52.10_amd64.deb
Size/MD5: 165290 61dc26e3f218600402384d3dd495d6b7
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/linux-backports-modules-2.6.15-52-amd64-xeon_2.6.15-52.10_amd64.deb
Size/MD5: 156050 7a9506a56279a9e2f053c931a91cf5d3
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/nic-updates-modules-2.6.15-52-amd64-generic-di_2.6.15-52.10_amd64.udeb
Size/MD5: 84706 763f0c324d411c838e179af730f45d67
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/scsi-updates-modules-2.6.15-52-amd64-generic-di_2.6.15-52.10_amd64.udeb
Size/MD5: 97394 0117222de0bf93e1a89af25d628d6c16
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/acpi-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 22342 72e3223d194781df52d35571f6325760
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 44764 43dcd9724184cf62e5f9cab54afe1e13
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 2304 4e9ebca859508d6c5464ff9f06e57ade
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 36244 5aaf7d1dbe903fbeeddf3ecfc8901128
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 102284 5065464eff55e17f28a35f5e57a842bc
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 38874 e26b198e7cc4a18f5797df9f44dd91dd
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fb-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 49134 4a80334564469d8118821235792f9bef
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/firewire-core-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 176690 9aacdae559d3bc97a2640ce4d58da0f6
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/floppy-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 36768 8cffcbc067254877445e6105396a5f16
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 142248 4c44b18a12bf86917275670a71cd3720
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 51040 79823112f8894465b411b91357582252
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 140606 d94e572bb96c18f35c3b536042d34a24
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/irda-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 286872 653ea1a2020706629e7a4ec2abe489d7
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/jfs-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 97788 6c0387e7d1b0f25d0335a4471931e0be
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 1650922 76ec5ee75959713b6a6b1cb18c14d646
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52-amd64-generic_2.6.15-52.67_amd64.deb
Size/MD5: 865032 d6c05bd69946a41ff5973f94ff122aa8
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52-amd64-k8_2.6.15-52.67_amd64.deb
Size/MD5: 869106 ac69148ec23b3387116044527ae22eaf
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52-amd64-server_2.6.15-52.67_amd64.deb
Size/MD5: 870098 07f513158e47bc6a167d5e535dc0162a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52-amd64-xeon_2.6.15-52.67_amd64.deb
Size/MD5: 869108 ff2a239414471590ab6be64c50de8bf2
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52_2.6.15-52.67_amd64.deb
Size/MD5: 6921780 5fd6888d0cee59933c68eb44aa2c7a73
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-52-amd64-generic_2.6.15-52.67_amd64.deb
Size/MD5: 20809038 6d59f0d3dfa5f99df35be979b1405a89
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-52-amd64-k8_2.6.15-52.67_amd64.deb
Size/MD5: 20780064 160dc131a43e31bc0ac8901ca74985b3
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-52-amd64-server_2.6.15-52.67_amd64.deb
Size/MD5: 21629596 4069011a19bc0bbf68365146ae33c0aa
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-52-amd64-xeon_2.6.15-52.67_amd64.deb
Size/MD5: 19896776 39907bab9abcf29f0bf969d3d402ed0c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 15622 6978c2690730ec2f561763ef5122bcb1
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 240352 2ddb4ac8cf58569791230da89a30a9b4
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 202552 147e6b2684c8db670776a7e168ba0512
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 1048600 5da9db1b27e8954ee79eb80c41eec163
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 1543100 7ae3da3261b08b812d68021e9797f8af
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-pcmcia-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 161644 8a3bcf8f7850a714858ed668ef5b3976
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 9828 860022b69a682ef0bfa92249055e6e8d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-usb-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 80852 1b447c6d6339da87350b44bf223c7d93
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ntfs-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 49164 2d90f509d7d5ade4b623bc82ac3bea22
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/parport-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 35158 077981a17ebfe2bbefa3660f208f43b1
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 70856 4c4c628331820d9ded9e2f8e00ff0ec2
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-storage-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 6216 2652727a590c6e7248d3be4b2e0f838c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/plip-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 9058 92df3c6ba60457acd1f602696df3aac6
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 57874 71fc227183b138479093e72d2dd964c1
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 123330 19a834fb4cff1ac35b96eb6eec3fa5a6
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/sata-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 101000 e595f2e9f9997f83b7658f0bd7138272
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 79230 59fb1d8c41d9ecaa1c483981dff8c31c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 1594716 2df0dbbe97e5c709125495de80a31c3c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/serial-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 72278 aeda6dfe658cec5ad60f9580f1c02141
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/socket-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 12646 612cd82d3c221c2494a95b10a75f03b9
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ufs-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 33730 5991265208e2a44916d540822bd1ac9c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 138546 ef8d40670f8aa326b3de679d3843e42e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 38926 5cdd7a00236247e10834b2ca00aa938d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-52-amd64-generic-di_2.6.15-52.67_amd64.udeb
Size/MD5: 278736 3d615d96e1648ed1f8a72b9b770fa847
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.15/avm-fritz-kernel-source_3.11+2.6.15.12-52.3_amd64.deb
Size/MD5: 2405512 0b06044aefe8becb1d0467f5bfdc247d
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.15/fglrx-kernel-source_8.25.18+2.6.15.12-52.3_amd64.deb
Size/MD5: 511050 e10b89624f7e210d063a0197902e19eb
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.15/nvidia-kernel-source_1.0.8776+2.6.15.12-52.3_amd64.deb
Size/MD5: 1754564 c5c2d9b0533602e9c3e3de858184a655
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.15/nvidia-legacy-kernel-source_1.0.7174+2.6.15.12-52.3_amd64.deb
Size/MD5: 1406452 0ea039bbeca0570589afa2e51744c3c1
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/avm-fritz-firmware-2.6.15-52_3.11+2.6.15.12-52.3_amd64.deb
Size/MD5: 475572 4432740400b495606aa776d96ba4ba18
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/fglrx-control_8.25.18+2.6.15.12-52.3_amd64.deb
Size/MD5: 76748 cc23398150beebe4a1d561bf9ff81706
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15-52-amd64-generic_2.6.15.12-52.3_amd64.deb
Size/MD5: 6861864 0654701d92f5de082562a776d201c110
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15-52-amd64-k8_2.6.15.12-52.3_amd64.deb
Size/MD5: 6861248 3ea71d011938ba44253b417acb105e80
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15-52-amd64-xeon_2.6.15.12-52.3_amd64.deb
Size/MD5: 6837846 6642dc1eff1db10dedd772a63641124a
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nic-restricted-firmware-2.6.15-52-amd64-generic-di_2.6.15.12-52.3_amd64.udeb
Size/MD5: 798882 0dfab4528cb8a35acaefe9927000f685
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nic-restricted-modules-2.6.15-52-amd64-generic-di_2.6.15.12-52.3_amd64.udeb
Size/MD5: 497228 5922e6e6038e6144f2e9643bf8de2287
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nvidia-glx-dev_1.0.8776+2.6.15.12-52.3_amd64.deb
Size/MD5: 167244 eb84a383434ff2a22cc68fb0ca060215
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nvidia-glx-legacy-dev_1.0.7174+2.6.15.12-52.3_amd64.deb
Size/MD5: 162302 fa7b1343f60ffbc8298da3bb0f7ac206
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nvidia-glx-legacy_1.0.7174+2.6.15.12-52.3_amd64.deb
Size/MD5: 6071704 db1d1a77b262ccd2e7d4bf4212919e1b
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nvidia-glx_1.0.8776+2.6.15.12-52.3_amd64.deb
Size/MD5: 7328604 305ee65ddbd1e715d5c8fc0d2e411db7
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/xorg-driver-fglrx-dev_7.0.0-8.25.18+2.6.15.12-52.3_amd64.deb
Size/MD5: 125880 fe13a90e72b74c93432a97c4c2ecf88f
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/xorg-driver-fglrx_7.0.0-8.25.18+2.6.15.12-52.3_amd64.deb
Size/MD5: 17297042 88992a1f7adea96330b4b1909a5a0605
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/linux-backports-modules-2.6.15-52-386_2.6.15-52.10_i386.deb
Size/MD5: 169386 de66f59240599c189971ff2617a32471
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/linux-backports-modules-2.6.15-52-686_2.6.15-52.10_i386.deb
Size/MD5: 177254 c645c75cefa72df027ecf9992a0321d3
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/linux-backports-modules-2.6.15-52-k7_2.6.15-52.10_i386.deb
Size/MD5: 175374 a78aeb6390f3b9056e0ba884aa7dea73
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/linux-backports-modules-2.6.15-52-server-bigiron_2.6.15-52.10_i386.deb
Size/MD5: 178040 ab1e27ab921d3c062af1d83a2711fd26
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/linux-backports-modules-2.6.15-52-server_2.6.15-52.10_i386.deb
Size/MD5: 178004 36432e0be482eff2ad7d7b11e3393685
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/nic-updates-modules-2.6.15-52-386-di_2.6.15-52.10_i386.udeb
Size/MD5: 90234 532960ad957a474af1d36f22c6f09d45
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/scsi-updates-modules-2.6.15-52-386-di_2.6.15-52.10_i386.udeb
Size/MD5: 90404 47bdb4c98e5bec0e9987190d0abc4ff6
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/acpi-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 18968 d4428c28842acd44ebbc900062265429
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 43448 09b66d5cc8ce769329e5cb1f5c5ff88a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 105204 7a968c3b6170d141b0cd6ae69d9ccb57
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 2280 724ecd00ebbddee0cedc950d13e39c7e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 34572 257f312f78de2f814a6909fb11a51be3
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 96958 b7e56256c4e585f3d2b6ad110370aebc
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 37092 be752e4622e517275a340cff56052a0f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fb-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 44060 f2dc9462c8b4fb93e16f0cbbc39b5efb
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/firewire-core-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 167734 762f6dd3391cb3477c7eae7c5cf0ba8d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/floppy-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 33928 6685b0652c78ded543a1cf9e49da7c50
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 137840 7698662c1142eb2c2f94b79145ec08ae
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 46872 f91472c2465256ba325975329f7ab850
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 132966 0fe968b8f8abfcb323e2834e60c100f5
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/irda-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 273450 f16f2f5c2cf9b35f5411785d1c57fc31
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/jfs-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 102252 10b945d089d0b473f999afedd1b922aa
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 1595606 0a4698dbff475bb5b82e70606f207a37
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52-386_2.6.15-52.67_i386.deb
Size/MD5: 859020 2b9ebda6ae3855a7732bd3d3641bd568
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52-686_2.6.15-52.67_i386.deb
Size/MD5: 858486 2e8859c47eb2536c12b47f57d1ebae95
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52-k7_2.6.15-52.67_i386.deb
Size/MD5: 859998 bd6e70b3830d5219e66a5414a1665dc7
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52-server-bigiron_2.6.15-52.67_i386.deb
Size/MD5: 864228 d74d9ae20edecf320bb41b2e48c48e79
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52-server_2.6.15-52.67_i386.deb
Size/MD5: 858828 b27f151fa2fbf48ed5b3f5f9899f3adc
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52_2.6.15-52.67_i386.deb
Size/MD5: 6913986 281a26735bed07a88bcb08df8cbd717e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-52-386_2.6.15-52.67_i386.deb
Size/MD5: 21709730 fae2c52a1f4def5d9335feafd8d598cd
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-52-686_2.6.15-52.67_i386.deb
Size/MD5: 22506028 869a8657c02443b272666d8fb1a20a1c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-52-k7_2.6.15-52.67_i386.deb
Size/MD5: 22248206 b7c51bd51c0e66825a5bb4b098588756
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-52-server-bigiron_2.6.15-52.67_i386.deb
Size/MD5: 23606178 bd2a7c7353793db1baf04eb545a1241d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-52-server_2.6.15-52.67_i386.deb
Size/MD5: 23170614 47e400c98cb6f4f1073a7f36842a5753
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 15502 f5a50985b9f50e270313efd51c2893b7
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 238534 4c6212ceee7d24bcbc795d95bc69e828
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 196974 a9b29abd1bd7f5d1785f3544541eedca
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 1048372 82c9bfc637ebd618304f722095df5c40
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 1740976 0400bbac3c7bbe293e2430299799128a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-pcmcia-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 160808 110bfbc0ed35dedcd74bf81dfce3c965
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 9160 326fcb48a6d761e7d6fdc3395b6a05d3
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-usb-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 76472 2152f88992c83e99b7c6873a2d4e5429
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ntfs-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 53252 0a9985175e890c75d41898fe2a305ff7
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/parport-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 33048 bcc3df2f0b1013c1929e25ee78123640
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 85618 90b6e1f3e431ac12634cfa076eac5bd2
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-storage-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 6018 7954bb0452b484484c6eb1705c23f40d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/plip-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 8758 e823e4ef623bb5340a0c10d820b0890d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 53588 0c5cedfaa84510004be3540b21780568
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 130770 7e007a7496f3bcaa2b48eb7cac38f5be
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/sata-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 98436 1bbfcdc956a8e8ef4081f8a66d553744
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 77176 58b8471224582c0f06064e11630f65b4
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 1768402 b16dff64c8931b07180dff1957b6327c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/serial-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 69552 2ecd40960f5beca9dad68467f7df8179
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/socket-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 11760 cfc0671977f053bf36c857f98bfe2f1d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ufs-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 36000 960e928198df9cc14f2b72ac6f87ac25
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 132582 a386519ba722acccea97790bc9b4032d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 38546 4324a6661a6f1969929a1fb36a428125
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-52-386-di_2.6.15-52.67_i386.udeb
Size/MD5: 299114 41b70c88021a4251235b931f264f004c
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.15/avm-fritz-kernel-source_3.11+2.6.15.12-52.3_i386.deb
Size/MD5: 3692834 595b8d31f672e6d2b5e94648da587ff7
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.15/fglrx-kernel-source_8.25.18+2.6.15.12-52.3_i386.deb
Size/MD5: 661002 63b1640dc6f25d8bbf442eaeb5e2173e
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.15/nvidia-kernel-source_1.0.8776+2.6.15.12-52.3_i386.deb
Size/MD5: 1694452 ec63480260bd4686acf628b8f2d0a4d5
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.15/nvidia-legacy-kernel-source_1.0.7174+2.6.15.12-52.3_i386.deb
Size/MD5: 1401938 90d1be1d02ca2570e1ff9a53108a1062
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/avm-fritz-firmware-2.6.15-52_3.11+2.6.15.12-52.3_i386.deb
Size/MD5: 1205122 63e3ce320bcceeb4b493534fd06878c8
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/fglrx-control_8.25.18+2.6.15.12-52.3_i386.deb
Size/MD5: 73654 c5b237fa6f40a5e0c7c936398d10f4c2
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15-52-386_2.6.15.12-52.3_i386.deb
Size/MD5: 8139028 ab19aa5d26256f4a49b2567c575a6f81
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15-52-686_2.6.15.12-52.3_i386.deb
Size/MD5: 7940228 6bc6899225c548f30bb282c6fefbcd29
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15-52-k7_2.6.15.12-52.3_i386.deb
Size/MD5: 7939054 c910ba191cbe2ff1d2d98053fe4cb956
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nic-restricted-firmware-2.6.15-52-386-di_2.6.15.12-52.3_i386.udeb
Size/MD5: 798676 7645cf5367888c041a55cbf5b77b2889
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nic-restricted-modules-2.6.15-52-386-di_2.6.15.12-52.3_i386.udeb
Size/MD5: 476148 871e3b1a338b99efc146cc9366eb887a
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nvidia-glx-dev_1.0.8776+2.6.15.12-52.3_i386.deb
Size/MD5: 148028 25e50651fb1151932866f1acc8e8bfe9
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nvidia-glx-legacy-dev_1.0.7174+2.6.15.12-52.3_i386.deb
Size/MD5: 140470 cbe30a4e6fa074a07309cff5132626f2
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nvidia-glx-legacy_1.0.7174+2.6.15.12-52.3_i386.deb
Size/MD5: 3060728 3a15df06c905db7f71f027207c5e88e2
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nvidia-glx_1.0.8776+2.6.15.12-52.3_i386.deb
Size/MD5: 4063682 fe3a1277228b560e712727679f593062
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/xorg-driver-fglrx-dev_7.0.0-8.25.18+2.6.15.12-52.3_i386.deb
Size/MD5: 111310 3fd2866dfad94c7765e6abb204fcb612
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/xorg-driver-fglrx_7.0.0-8.25.18+2.6.15.12-52.3_i386.deb
Size/MD5: 10557498 51bf0387f432ed54accfa5c826c506fe
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/linux-backports-modules-2.6.15-52-powerpc-smp_2.6.15-52.10_powerpc.deb
Size/MD5: 185626 edd40cd6bcfb7d3b3e7e0c2fad187dc4
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/linux-backports-modules-2.6.15-52-powerpc64-smp_2.6.15-52.10_powerpc.deb
Size/MD5: 203454 6f359968188452ef0a9f7a47f2bc906b
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/linux-backports-modules-2.6.15-52-powerpc_2.6.15-52.10_powerpc.deb
Size/MD5: 183962 8899aea634394a432632795a0dab6848
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/nic-updates-modules-2.6.15-52-powerpc-di_2.6.15-52.10_powerpc.udeb
Size/MD5: 98104 2f7a355c7da2fe10c4e09e7b9ff57627
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/nic-updates-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.10_powerpc.udeb
Size/MD5: 121798 b21635edd66e1723b2613f336da66c8d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/scsi-updates-modules-2.6.15-52-powerpc-di_2.6.15-52.10_powerpc.udeb
Size/MD5: 103292 290aefd555053af550427729d243bd34
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/scsi-updates-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.10_powerpc.udeb
Size/MD5: 112204 ee138e7f1bcf34a4521a3e0df2da6aec
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/affs-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 23730 bafae4f6b819e29a91cd933f137dbee6
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/affs-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 25944 e19db8be47babd9bf1499a78d9ff15e6
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 49308 e146b2a92e8f0e07164a7c9cff823ace
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 51516 9925e90269a01bd21dd3c54ff6642e45
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 2302 c500d101fcce3284f388ba0021517811
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 2478 4fd66e5160f5aae620afe96a8272390f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 40186 da2f5a32687c2f750206d2061dc63f80
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 43754 ed7b4e37cce3baf959c15cdbc2b98bfb
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 112598 4a2ff713c81aa3682d62f41d3b6243a1
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 120652 6271a631ab6ceae1fafb4285f39d5d61
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 40848 88aecdbe93d317449c0ec94131afc1d6
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 45942 3eee30e2488a40f350925e08f2ce92a8
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fb-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 29022 a283d73e23a684b192ae938631669212
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fb-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 29894 1a360f1958fcd42894a77c8784eb84f5
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/firewire-core-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 211398 becd75f98073840525214ae1c4fafa06
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/firewire-core-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 225200 058c9c8645b2068508a97f2740f6234c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/floppy-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 45054 2626be12e63debc289a31b51a9034dc8
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/floppy-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 40210 3eb61d86887039d2958fcff75b64dec1
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fs-common-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 1934 1454a948886eea5d833fec5846bd0e6a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fs-common-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 2196 c49c45ecafeb391ee281333f4afef63b
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/hfs-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 80608 64e955478edb55a6b9c16d3e6ceae72c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/hfs-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 85960 d7b342ae619eecffa1175394541247be
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 111632 e550b1816f61b16b4c5144f7a0b35dd3
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 125776 844c66cbc66605eb82f75e23f339a29f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 53404 faa41b9e613f37a472d120528df77530
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 58476 57cc72611a1491286e1c1dbb2c59683f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 147760 cc53b9050ec43a8be5c2fd324930109c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 161706 dd3b423f109d3a038d69e59428339c36
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/irda-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 317482 a4585a426ce71864308dfbbb654003c6
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/irda-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 287578 bad62b03eaa33f90e5781ce66418321f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/jfs-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 115852 af781795a328154d7d18723622483c27
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/jfs-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 116516 fba37884eb62c2bb4e3d80be97364328
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 1923634 2ad21fe5b3130be19104739d8c21af45
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 2436304 fe1b77572b869ff3581ce308a08328e8
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52-powerpc-smp_2.6.15-52.67_powerpc.deb
Size/MD5: 871692 b53dc4f8bfb05db45bc2b7159bcec9e2
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52-powerpc64-smp_2.6.15-52.67_powerpc.deb
Size/MD5: 871228 fd1ff1169304220802a98cabdc359372
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52-powerpc_2.6.15-52.67_powerpc.deb
Size/MD5: 866352 dfb1f043c87f244459bc0af06126ffa5
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52_2.6.15-52.67_powerpc.deb
Size/MD5: 6943480 1258b9362939477454f7261a4c13d890
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-52-powerpc-smp_2.6.15-52.67_powerpc.deb
Size/MD5: 22774270 3bfefe03a694939bae93a233b64d1f6b
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-52-powerpc64-smp_2.6.15-52.67_powerpc.deb
Size/MD5: 23664326 5b31b6d396b849636292e7043a4611a6
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-52-powerpc_2.6.15-52.67_powerpc.deb
Size/MD5: 22348144 5213ef717d34a6d8bb4f506f0fec3b26
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 17780 b0e265505fb1bd0453d03edb2cb5426f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 17372 cdd2956b96258f82dbb8f668b464e37c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 261264 1975724b533e96481dd6906fc384a0ff
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 282496 f62273e6089393c90ea51b6f95218280
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 227454 dbc3fe1f8d75dd2973446141b925ce2a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 248664 64c26003076ca1201d79313688cc7039
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 1048458 ffc37e2c7ed2f294a02c250e689b54a2
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 1048580 22a6b57fc17ec95380e8f2f4d72b0af6
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 1737720 462902297ae37f6e081d6b48e45de15a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 1877414 5c369eb9af92233f54092b7cf2825507
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-pcmcia-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 250930 faac4c4f3b46c3ec3b6bc8e04d800748
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-pcmcia-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 233674 594d3e744920b4e6cd776b7f20515d49
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 13032 c01ba80cd1249d8af8819276f46d1c5e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 13522 7693bec428e9a07f30070db7df241e89
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-usb-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 84832 4b8ed4a1b5096797af1c01f42cf1312a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-usb-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 52186 c9f8e4dbc56681db68d0b1b182c00fbc
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 73924 03a0e9b0752b8b8580b9952cd2fba4f4
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 85838 34bc729811018bd09664fcfeb9d03db6
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-storage-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 6614 9fd2a1d6903afe55930f6669a04cd114
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-storage-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 7062 e56de4812f4da9b9e1c4741fb5066fdf
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 60358 df0a203e8212f473557900df240a9d50
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 70346 c242bb51750263d67282f2bfcab2ac3a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 128538 117433fce2532d394c1b474367c71e6a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 157788 d7e5c445c7af7f110588c2bc9f0fb29b
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/sata-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 108036 2815ba8053c87b229ac39933295e2f11
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/sata-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 126056 7e632cf1ae8fe20130ec287c454dcabf
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 87298 60c6c5d3144579569de99ff84450790f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 93304 1951df808f7bc6ae0c36c17bf9fe4b10
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 2013954 7d06ed44aa7beb09a1eb08efb541025f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 1988040 32ec754026d6f8f6ab81dcfaef222b82
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/serial-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 104106 9af2db11a4ff42e09bab375304b42bbc
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/serial-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 115698 8849c21b901df3bd1a8c920ea7a1324e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/socket-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 12734 41664c2c832d96647ee317ff21cb782f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/socket-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 14432 896df8d28f56e236b1a520140829d353
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ufs-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 39948 108a2f64b5b0b0d4faa9c40c76281a1e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ufs-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 41464 5f919e671b76f55b57c9d5e0ef79f18e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 149316 ffbd1581cbd0e311836a81dd758ee03a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 168082 74195d6b16d3f930bb8a6a4c10340463
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 42262 925d969199a9002cd81156d4cc3b899f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 44862 1582101a87737c696a538ed0d92fe264
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-52-powerpc-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 320286 ca366a6cd2422bba2ce24e6a8935b4da
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-52-powerpc64-smp-di_2.6.15-52.67_powerpc.udeb
Size/MD5: 324716 ee0f3870540ef254de0d9378c66397e3
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15-52-powerpc-smp_2.6.15.12-52.3_powerpc.deb
Size/MD5: 1340274 d3c1ea04d4a5f99b3de867f55e0159b1
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15-52-powerpc_2.6.15.12-52.3_powerpc.deb
Size/MD5: 1335414 6f90faf30c0f0f8dabacd51929cfd0cf
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nic-restricted-firmware-2.6.15-52-powerpc-di_2.6.15.12-52.3_powerpc.udeb
Size/MD5: 798764 4071886c6215c22e4496ab9b8cdfd0e2
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nic-restricted-modules-2.6.15-52-powerpc-di_2.6.15.12-52.3_powerpc.udeb
Size/MD5: 508404 77282618d7de69192b3454dc6a755413
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/linux-backports-modules-2.6.15-52-sparc64-smp_2.6.15-52.10_sparc.deb
Size/MD5: 186944 deac3ddc394261c31894b2b350b491d9
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/linux-backports-modules-2.6.15-52-sparc64_2.6.15-52.10_sparc.deb
Size/MD5: 185516 b815ad36987028ff6dcf8e0889e48ae3
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/nic-updates-modules-2.6.15-52-sparc64-di_2.6.15-52.10_sparc.udeb
Size/MD5: 100670 eb4ab70462b50bcf7e614b4b03b88760
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.15/scsi-updates-modules-2.6.15-52-sparc64-di_2.6.15-52.10_sparc.udeb
Size/MD5: 105832 23739442c690623b0070062ee0ab255a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb
Size/MD5: 50464 2b4cbadad1f1a9b25d98994fd2ef9ad3
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb
Size/MD5: 2352 177ea4a5a957fc0af1009f43f5675c47
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb
Size/MD5: 40322 ff3a3117839dd36e8b625ef60863e52a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb
Size/MD5: 110518 e1aa12134ab3fa21bda1a1b87af00703
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb
Size/MD5: 41170 5176277d9c10e5a6714353953d08db38
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb
Size/MD5: 104232 5db5dfeaa4b8550bd7eececbd765e104
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb
Size/MD5: 7432 f7d3b9cb1c8b1a80e8570a8f6a24ef29
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb
Size/MD5: 149016 4099cb20f575606ad7bcad3ec54e5916
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb
Size/MD5: 1707920 68bbd4cda5113476731a2b74cb51dce9
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52-sparc64-smp_2.6.15-52.67_sparc.deb
Size/MD5: 768974 08ae76621d41766c99741d3c2fe36109
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52-sparc64_2.6.15-52.67_sparc.deb
Size/MD5: 764708 14b683cf3884a8117ad68198ea996861
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-52_2.6.15-52.67_sparc.deb
Size/MD5: 6958650 b471540d77edfdf4d81a6168ed3d1910
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-52-sparc64-smp_2.6.15-52.67_sparc.deb
Size/MD5: 15003738 10899c77cec105edf1f8a9fbe29b9244
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-52-sparc64_2.6.15-52.67_sparc.deb
Size/MD5: 14821832 a451316e0b171f1cacad49e94638e03d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb
Size/MD5: 7420 77f554ffc62be87d34ca5b82dc2ac6f4
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb
Size/MD5: 248676 31f51fe66bf5f1eea3555ceae5be642c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb
Size/MD5: 212258 bdbd80ea31dd1eda1b2dcf3f4b321706
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb
Size/MD5: 1048456 c9fb8123dfe5103239b40e775e21ee57
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb
Size/MD5: 1481828 e82ed81cf6cd3bf54fea8055e5c28043
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb
Size/MD5: 10118 67cd4cc9006195c5d51a36b931daafd5
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/parport-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb
Size/MD5: 40178 562aa33225baf0ec83caafdfe73423e6
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/plip-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb
Size/MD5: 9360 aa8331b3eaa227b21172bef6a2cc6d99
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb
Size/MD5: 61434 ca7a64fe2897c1fd0222d296b2f80ac8
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb
Size/MD5: 163010 85b771d6fdc6b1169d5ab763ae942e0f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb
Size/MD5: 63986 4f889a61f86c3d809e47bce1b48b4aee
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb
Size/MD5: 1235084 542ba4933f965846516690eea419dec8
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb
Size/MD5: 59350 8342814c277e3041b900a770bb45b59f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb
Size/MD5: 37396 844833e2c84f080810e27fa65e7caba0
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-52-sparc64-di_2.6.15-52.67_sparc.udeb
Size/MD5: 280070 bc70d76611118d743bd7a3e4895e373b
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15-52-sparc64-smp_2.6.15.12-52.3_sparc.deb
Size/MD5: 828134 ff32a8aa76a07003aae33dc835fae59f
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15-52-sparc64_2.6.15.12-52.3_sparc.deb
Size/MD5: 828052 81fa3eb580ecc71da7da9e6e9a34775a
Updated packages for Ubuntu 7.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/linux-backports-modules-2.6.20_2.6.20-17.12.dsc
Size/MD5: 1830 ee053f39bcc59b701002b82a2f1142b7
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/linux-backports-modules-2.6.20_2.6.20-17.12.tar.gz
Size/MD5: 214716 a4ba6d17d1ca9fc3919d6a93c3b93006
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-source-2.6.20_2.6.20-17.36.diff.gz
Size/MD5: 1605830 f97c70596b4a1c07a42a1f7459c5470b
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-source-2.6.20_2.6.20-17.36.dsc
Size/MD5: 2472 6f8fb4f7127a66e87321c19a4853f91b
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-source-2.6.20_2.6.20.orig.tar.gz
Size/MD5: 62174876 f19203b2488d943a640abe8f3cd20f57
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/linux-restricted-modules-2.6.20_2.6.20.6-17.31.diff.gz
Size/MD5: 107789 78e768b26348b89c3990418e43ac1a82
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/linux-restricted-modules-2.6.20_2.6.20.6-17.31.dsc
Size/MD5: 2683 db1ca1e3fe165edb5686d5c72e5cecab
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/linux-restricted-modules-2.6.20_2.6.20.6.orig.tar.gz
Size/MD5: 139814900 ab2c852e27c86d11d0156920ca5f8d56
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-doc-2.6.20_2.6.20-17.36_all.deb
Size/MD5: 4878228 eb8bdcbfc83b2bb63fd8b89fdbddcc1e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-kernel-devel_2.6.20-17.36_all.deb
Size/MD5: 86074 51908b87928f5c45caa9e653cd23621e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-source-2.6.20_2.6.20-17.36_all.deb
Size/MD5: 47829976 380a8bbde35a67a38600479e12ced4f5
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/linux-restricted-modules-common_2.6.20.6-17.31_all.deb
Size/MD5: 21782 cb5f5829ce6104fbb47192ee619c3865
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/linux-backports-modules-2.6.20-17-generic_2.6.20-17.12_amd64.deb
Size/MD5: 84016 046b408466c3ad9cb2963634c15fcaf7
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/linux-backports-modules-2.6.20-17-server_2.6.20-17.12_amd64.deb
Size/MD5: 83900 c077d33308773f0d98c7270f631148ec
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/updates-modules-2.6.20-17-generic-di_2.6.20-17.12_amd64.udeb
Size/MD5: 84310 e0063a1e0ac8cd869577ff79e34f0498
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/acpi-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 24498 83d220d8424f7f5dd858a804198d9505
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/block-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 202082 4c0872eb2c550fe8de39973db0d98e8e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fat-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 39354 2591f7379f4e296433ed8bfead9e2b95
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fb-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 50908 928fd03a9ccc2edeb8504d4dd9e47633
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/firewire-core-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 187506 f6bf3e342f0263535c9ca41f410a8fa9
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/floppy-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 34910 dcc7af80943547b0f75299ee5dee5d37
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fs-core-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 644402 d695410618b99ae784fbee8fe1c72345
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fs-secondary-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 174670 177a305dfc124bb636fd2d5acc663af9
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ide-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 76422 080143b9afe7d15f3e59095535394ce7
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/input-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 57888 fc2d61caa7ed5d30e101a102989bc51e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ipv6-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 140010 c608eb9689d31f285c8fc2e2b92d4858
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/irda-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 277468 35d83db663c60bf2171279255ca65145
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/kernel-image-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 1904118 1c3f6df9f72926afe461cca5b6926aaf
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17-generic_2.6.20-17.36_amd64.deb
Size/MD5: 857786 3a3284f60874c75d4641b22cc1034fbe
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17-lowlatency_2.6.20-17.36_amd64.deb
Size/MD5: 857068 8f055119b227038a319b0d1bc6298001
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17-server_2.6.20-17.36_amd64.deb
Size/MD5: 856470 cded6b39e168be3a267c377744242113
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17_2.6.20-17.36_amd64.deb
Size/MD5: 8130814 e225cd619d90a28cd2a06448e94fbac1
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-2.6.20-17-generic_2.6.20-17.36_amd64.deb
Size/MD5: 23065906 0bb094b3e3e33dd870d11a24264bebec
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-2.6.20-17-server_2.6.20-17.36_amd64.deb
Size/MD5: 23388296 6e4364f4c3e0c83b9227333a63273efb
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-debug-2.6.20-17-generic_2.6.20-17.36_amd64.deb
Size/MD5: 18428992 bfb0e2d482378ce4fd82314938976d14
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-debug-2.6.20-17-server_2.6.20-17.36_amd64.deb
Size/MD5: 18702670 84607703fab1742f0cc794012047413e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-libc-dev_2.6.20-17.36_amd64.deb
Size/MD5: 669118 d9c3d7bfb62b823d98b17c0b5808747e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/md-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 246430 e1adefaf889dd8b6f7d893cf9ba6e72a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/message-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 144482 79e0151386812271e8842e22e1e53e85
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nfs-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 225134 4fd97d2c39caa88726f4c8f3e69c3af0
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-firmware-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 1110528 4a3d2217a7cc1f0ab1d5c871d380e0fd
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 1754794 dd8aa6f7e4887a33835894b72b830f57
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-pcmcia-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 140910 716411a33647dacbb9d6f36987616414
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-shared-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 163384 a9453d5d98d01dacb394f08b974bc5e9
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-usb-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 265716 e9d69ef9af3e1b382ed7a93447d54246
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/parport-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 34300 387b7ce88b201bf30fd85094dacce3cb
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/pata-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 38444 30ad6ce1a65789a06c44db484ec2fc40
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/pcmcia-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 67682 89f6dd1781e6fbb20cabe9d6e3f00f73
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/pcmcia-storage-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 20962 5599c63ef7510aac1462b411a176c961
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/plip-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 8328 e32be0998506e928aa8bde678536f738
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ppp-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 54578 6eae6d7521ff4f0cb7dc415a12a7eb2c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/sata-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 86018 6915f222ab03d798c242b6483499b8d1
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/scsi-firmware-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 322570 a9b6d4c17f077f143b34c43afec20f82
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/scsi-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 1046832 e05164c749d0bf41ac30e373305af62d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/serial-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 43974 920cce83c5fe4a05913f7da88ccd31ac
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/socket-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 12018 0506e4f214ab149362b54e5bb4cf69ae
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/speakup-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 61918 b61a0a87f6fcb62c514dadad3b7ab4e6
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/storage-core-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 377838 7a7bc188d85a8963cd573484c411ea81
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/usb-modules-2.6.20-17-generic-di_2.6.20-17.36_amd64.udeb
Size/MD5: 66658 83ced3e583998815ea676b567d634e1b
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.20/avm-fritz-kernel-source_3.11+2.6.20.6-17.31_amd64.deb
Size/MD5: 2131262 4223aeb6ce81e492aefe65f54224c44a
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.20/fglrx-kernel-source_8.34.8+2.6.20.6-17.31_amd64.deb
Size/MD5: 217878 3cae80df9595d6b7f74b006ad973763c
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.20/linux-restricted-modules-2.6.20-17-lowlatency_2.6.20.6-17.31_amd64.deb
Size/MD5: 13550948 0a272201cfa95745ba7901330809f1fb
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.20/nvidia-glx-legacy-dev_1.0.7184+2.6.20.6-17.31_amd64.deb
Size/MD5: 163996 5c317968914b891bee9324f06196bac0
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.20/nvidia-glx-legacy_1.0.7184+2.6.20.6-17.31_amd64.deb
Size/MD5: 6069522 51ab4ccd9b011259d5d1e38652e7b825
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.20/nvidia-kernel-source_1.0.9631+2.6.20.6-17.31_amd64.deb
Size/MD5: 1860088 159dc95ed774f2500e38614f09bf9df3
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.20/nvidia-legacy-kernel-source_1.0.7184+2.6.20.6-17.31_amd64.deb
Size/MD5: 1384748 40c8107290253b0eaa833e03c269dc26
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/avm-fritz-firmware-2.6.20-17_3.11+2.6.20.6-17.31_amd64.deb
Size/MD5: 478354 adef863c988defae88838f04655fdfc1
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/fglrx-control_8.34.8+2.6.20.6-17.31_amd64.deb
Size/MD5: 80422 6fc9d1603c409c335b2c2ba44f709ac0
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/linux-restricted-modules-2.6.20-17-generic_2.6.20.6-17.31_amd64.deb
Size/MD5: 13537128 459552ec904aa5d19def26cc27f2f268
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nic-restricted-firmware-2.6.20-17-generic-di_2.6.20.6-17.31_amd64.udeb
Size/MD5: 966300 fdb989c1ea5c525f5d19d428670270bb
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nic-restricted-modules-2.6.20-17-generic-di_2.6.20.6-17.31_amd64.udeb
Size/MD5: 1942518 37a0f6de40f21cceed0ed442ec0defe4
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nvidia-glx-dev_1.0.9631+2.6.20.6-17.31_amd64.deb
Size/MD5: 176226 342d5577d90cfaa204c7d6bbe4bde381
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nvidia-glx-new-dev_1.0.9755+2.6.20.6-17.31_amd64.deb
Size/MD5: 176654 b33320a686ca2b8bf2726902decaa904
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nvidia-glx-new_1.0.9755+2.6.20.6-17.31_amd64.deb
Size/MD5: 8682258 f78d47759f71aab0cc0cd34688c5be1f
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nvidia-glx_1.0.9631+2.6.20.6-17.31_amd64.deb
Size/MD5: 7995534 20d837b318cf3fc366508de6def3f67d
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nvidia-new-kernel-source_1.0.9755+2.6.20.6-17.31_amd64.deb
Size/MD5: 2525496 9a28bf56d5d594a60036aad4076a8fb1
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/vmware-player-kernel-modules-2.6.20-17_2.6.20.6-17.31_amd64.deb
Size/MD5: 1068838 daa14f0e96bc830293c8d33f8ce281d7
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/vmware-server-kernel-modules-2.6.20-17_2.6.20.6-17.31_amd64.deb
Size/MD5: 1630294 50e4ec261ba923c8141c1be34188b81e
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/vmware-tools-kernel-modules-2.6.20-17_2.6.20.6-17.31_amd64.deb
Size/MD5: 357824 db0e5a5d2b3168a63ac78661f0f26050
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/xorg-driver-fglrx-dev_7.1.0-8.34.8+2.6.20.6-17.31_amd64.deb
Size/MD5: 147092 cee36d8e57c8c4308764ccc0eb7f67fb
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/xorg-driver-fglrx_7.1.0-8.34.8+2.6.20.6-17.31_amd64.deb
Size/MD5: 9822876 d6f3a88b6185f9af8c4fc2c11383516c
http://security.ubuntu.com/ubuntu/pool/universe/l/linux-source-2.6.20/linux-image-2.6.20-17-lowlatency_2.6.20-17.36_amd64.deb
Size/MD5: 23127496 7512c6818a2cfb363e6de96c7a0fd933
http://security.ubuntu.com/ubuntu/pool/universe/l/linux-source-2.6.20/linux-image-debug-2.6.20-17-lowlatency_2.6.20-17.36_amd64.deb
Size/MD5: 18482084 77c7bb1c7b37a9f180a67a3d4c4c615d
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/linux-backports-modules-2.6.20-17-386_2.6.20-17.12_i386.deb
Size/MD5: 86842 188cca44b7e7428066a02673f719eddb
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/linux-backports-modules-2.6.20-17-generic_2.6.20-17.12_i386.deb
Size/MD5: 87360 e232efb909fa8c310f2c0d7b14ce15d1
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/linux-backports-modules-2.6.20-17-server-bigiron_2.6.20-17.12_i386.deb
Size/MD5: 87868 f40955e4ca733e6666184c3ca70055e1
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/linux-backports-modules-2.6.20-17-server_2.6.20-17.12_i386.deb
Size/MD5: 87818 2ca82b0ef30a59b7c44e7859e6391031
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/updates-modules-2.6.20-17-386-di_2.6.20-17.12_i386.udeb
Size/MD5: 84182 5e576f3aea901f6140d308474a09c6a0
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/updates-modules-2.6.20-17-generic-di_2.6.20-17.12_i386.udeb
Size/MD5: 84886 38236107ff8f5fe920efc4c8279d1964
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/acpi-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 20326 9164e0834ec52ff52488e431cd540f3a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/acpi-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 22892 cb6a438e822597816ca22eba4d027117
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/block-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 210082 1114f0c2617cf8a7e7b12307cb7fdcda
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/block-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 212234 b4389be66b9a2de24aa47f1fca764075
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/cdrom-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 88686 2b33f5bf88e9cbccdca938a41d024cf0
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/cdrom-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 35624 af9e722096a6e8bb396d9f5bdf2644c8
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fat-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 37736 0a3798e29dc9017614910743ff71fe86
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fat-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 38408 019a0be0f53df06a8510084404e413cd
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fb-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 45640 764c449147614d444f5bd809cfe741c2
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fb-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 45798 8451b700451bc4c3fb1fd436e8aff28e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/firewire-core-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 179460 3ee7930d30e01f2d7ac05fe0ad56d675
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/firewire-core-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 179826 6bbdde505787788aacad92568ca06b14
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/floppy-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 32100 3958d982992556c2eea54ac8b0aedf75
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/floppy-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 32432 369e2795e856b352702be2c90db9460d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fs-core-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 648592 fef7358c65f78d2f8796780cbec46730
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fs-core-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 667482 c36df77a008193efc98e7dcfe83cbb46
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fs-secondary-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 178208 5eb5a994fb3dc3d429e8e59dfc5ef870
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fs-secondary-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 181296 6deb4719a42de6f54f76b83bcec75f80
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ide-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 72396 bc422bb9a10152ab919a8d5232cd3646
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ide-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 74040 91fecfc61f8b9208abbc4b9542ac5751
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/input-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 53576 2f7e777ae61ffd13d738579fc2732d25
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/input-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 54782 f9cb368f9476cb00e5ea50e90fea9cf5
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ipv6-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 129208 2561a2e204d0f0cf1be3fe933c583cd3
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ipv6-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 134862 38d76d10a700c21dac765cccb137416d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/irda-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 275954 b6e9b4df7533754ccc73f4b74b629b34
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/irda-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 274956 94996c553bf55ea5457c588cb5a8d490
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/kernel-image-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 1816146 cb9e49c3cf63514cf0e2c8566d34f355
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/kernel-image-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 1886462 cdaa4d27814274989b6a5083e99d1468
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17-386_2.6.20-17.36_i386.deb
Size/MD5: 848474 cf3ef71c1ab7b2d98e4165c9c1f50b95
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17-generic_2.6.20-17.36_i386.deb
Size/MD5: 841798 11cc8e6ca8752a4b5aa003256653f673
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17-lowlatency_2.6.20-17.36_i386.deb
Size/MD5: 848690 3849d43f5d59f12f9858efa36c2e63a7
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17-server-bigiron_2.6.20-17.36_i386.deb
Size/MD5: 844936 b934d25879e62864a5472939edf41804
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17-server_2.6.20-17.36_i386.deb
Size/MD5: 842824 a20ea95041deebdf0f3f78677962c120
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17_2.6.20-17.36_i386.deb
Size/MD5: 8120852 9cf19d50af64fa5402f5ee0b28f2d8b9
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-2.6.20-17-386_2.6.20-17.36_i386.deb
Size/MD5: 23747822 05e00a5b92c8095dab78c1869f8c5b92
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-2.6.20-17-generic_2.6.20-17.36_i386.deb
Size/MD5: 23815004 077ca83a6f88ed749e6f27614c1392a9
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-2.6.20-17-server-bigiron_2.6.20-17.36_i386.deb
Size/MD5: 24376484 2b4e84bee148e87c0eb01e032552d4eb
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-2.6.20-17-server_2.6.20-17.36_i386.deb
Size/MD5: 23866964 2e4c61c3b57ed209bd4e2e6a81a5ae97
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-debug-2.6.20-17-386_2.6.20-17.36_i386.deb
Size/MD5: 23590486 b90067007b1c07dd79d7284497755547
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-debug-2.6.20-17-generic_2.6.20-17.36_i386.deb
Size/MD5: 24169290 94ce3aa4d7e7f240e9396b3833d797ed
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-debug-2.6.20-17-server-bigiron_2.6.20-17.36_i386.deb
Size/MD5: 25665260 c8e1bd368b1da472152f9fdb024fffbf
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-debug-2.6.20-17-server_2.6.20-17.36_i386.deb
Size/MD5: 24395356 1291ec15c480d18c926af098dc86d78a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-libc-dev_2.6.20-17.36_i386.deb
Size/MD5: 669136 984e8b38450985659cdde7c8078f62e5
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/md-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 244612 c9fe618b2c386c8a0e3b93c700f846d5
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/md-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 250160 d77ad34335e0332b8ae62f472d04319d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/message-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 132546 04cb386d3b29d3f85d97b08fff95c12b
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/message-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 133070 753d1a7b4118661907b670cc93866118
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nfs-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 213366 aabe85be12c68a079e03b8781567e506
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nfs-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 220780 2e08b3d087dc753bae16ad4b9129f871
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-firmware-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 1110422 393e5139ecad7796bc8b72ca03a29731
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-firmware-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 1110530 c36dcc035ef324964739d43ed3730e94
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 1951210 ceb7460c3af74d76337bd3eceafd18f7
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 1974680 62564aa09706a756d9061fc141b0379e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-pcmcia-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 149848 85c4f4be8856a6e29743e1a738d2f933
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-pcmcia-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 142494 1b4a54e2cd488b1533536e85c0b22d8a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-shared-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 160754 761a44199326e79f428f93b9bf1de34b
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-shared-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 161952 df5dfac32aac66a50b8015b8bbef1d61
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-usb-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 252928 9278357037422699cc8d417d831d9719
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-usb-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 255510 188e6909c6f36c5e92ee0f780bde1367
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/parport-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 32760 a02f028dd76e530920de4164aa1ef686
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/parport-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 33328 511c6543e5aa044297a67b62c1c88fa3
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/pata-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 38018 82accd7c72f15c613cddfb318cddadcb
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/pata-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 38314 954c2e9d314276f13d499bff665bfde7
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/pcmcia-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 81850 29805b33afc8664363d142368568df5d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/pcmcia-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 82108 96aee6a89a0b04ba3e3760db4ddac78e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/pcmcia-storage-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 47686 6ba37e2bf10918c95db76ac2d417663e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/pcmcia-storage-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 47708 2ccca5eb028aef1ac3f07078b654e967
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/plip-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 8258 28b6853ce133922673a62d68359209d8
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/plip-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 8496 05daa9534a6d99cd44b17b62109eb39f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ppp-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 49948 d5382680a57228bd677edfaece400b3e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ppp-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 51870 09303feef1283d5b2cc31040af2e5270
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/sata-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 78846 438aaabd87a1ea789fc3be3e33ab8646
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/sata-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 79490 b0a0f74d52305a342d3bcfb9504181ab
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/scsi-firmware-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 322546 26c7b5500cea5aa9f4e70f3da2f6fef0
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/scsi-firmware-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 322570 0501a223e9a70712006f13d13431659a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/scsi-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 1362474 f67e3a7dfaa82f5412792bfff3316500
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/scsi-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 1348042 fb9f6d6ccc587b2113876624bcfef226
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/serial-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 42458 84eb68966a8c2dd68c2b4722efb34bde
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/serial-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 42232 2c57cdc8bd71b4dce9f1cb1a7308bb52
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/socket-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 10762 cead5edaa9fd8608035ea7c71cc7cc7c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/socket-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 11400 93ec5d7e1628428ce1d4fabe4ebd49ee
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/speakup-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 55992 4e5e603c5574b3b614b92a640d305c77
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/speakup-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 56890 fca150d57bce6f91574676ce771865ef
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/storage-core-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 360300 bd62f504c6b28fab113f63a96a8fa2ba
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/storage-core-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 363212 524d7cfe4ae30d28eb3c2320dd64359c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/usb-modules-2.6.20-17-386-di_2.6.20-17.36_i386.udeb
Size/MD5: 63168 450d97c982ac79e92a1bb2f4560be1ea
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/usb-modules-2.6.20-17-generic-di_2.6.20-17.36_i386.udeb
Size/MD5: 63836 13f5e0b9090bd7b2866a46f978360142
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.20/avm-fritz-kernel-source_3.11+2.6.20.6-17.31_i386.deb
Size/MD5: 3427088 a0644c93a95cbadc3e05a936d07866bf
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.20/fglrx-kernel-source_8.34.8+2.6.20.6-17.31_i386.deb
Size/MD5: 217868 bb15afa23bee098b2c73ccabf16aeed0
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.20/linux-restricted-modules-2.6.20-17-lowlatency_2.6.20.6-17.31_i386.deb
Size/MD5: 16103192 933fbffa39a9db8812c197356906e8ba
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.20/nvidia-glx-legacy-dev_1.0.7184+2.6.20.6-17.31_i386.deb
Size/MD5: 143102 9323142a37e668ee9f1201250f392f98
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.20/nvidia-glx-legacy_1.0.7184+2.6.20.6-17.31_i386.deb
Size/MD5: 3064282 0566dcf2de8751dee79339a5b7d86d90
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.20/nvidia-kernel-source_1.0.9631+2.6.20.6-17.31_i386.deb
Size/MD5: 1763250 0f0cb7cb6f68759e3052cdad1f1ca473
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.20/nvidia-legacy-kernel-source_1.0.7184+2.6.20.6-17.31_i386.deb
Size/MD5: 1376080 39281eee5e0b5d6ea831675349ee365f
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/avm-fritz-firmware-2.6.20-17_3.11+2.6.20.6-17.31_i386.deb
Size/MD5: 1207908 b07a58f361554e355338ca08d44e8554
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/fglrx-control_8.34.8+2.6.20.6-17.31_i386.deb
Size/MD5: 77680 b30bcb45b4d6f7421ef5fb757554d830
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/linux-restricted-modules-2.6.20-17-386_2.6.20.6-17.31_i386.deb
Size/MD5: 16340226 0e7dd6aacb36a5601e80ba98555edc11
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/linux-restricted-modules-2.6.20-17-generic_2.6.20.6-17.31_i386.deb
Size/MD5: 16096356 77590a41029409066d5093fcdf1127e9
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nic-restricted-firmware-2.6.20-17-386-di_2.6.20.6-17.31_i386.udeb
Size/MD5: 966226 3a154fc15eecb9458f89939015ce51de
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nic-restricted-firmware-2.6.20-17-generic-di_2.6.20.6-17.31_i386.udeb
Size/MD5: 966294 cb62f0ea1152f4c9c890b80e4427521e
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nic-restricted-modules-2.6.20-17-386-di_2.6.20.6-17.31_i386.udeb
Size/MD5: 2120570 11bc64fd197a751a742a6956ae0fd9a6
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nic-restricted-modules-2.6.20-17-generic-di_2.6.20.6-17.31_i386.udeb
Size/MD5: 2160580 6d566ca1acbd7fc9b5f795daeeaedd88
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nvidia-glx-dev_1.0.9631+2.6.20.6-17.31_i386.deb
Size/MD5: 156130 bd651a0a3892fdc3d5ff187cc0a45488
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nvidia-glx-new-dev_1.0.9755+2.6.20.6-17.31_i386.deb
Size/MD5: 156600 5a124f9290921dac4d77a349b3ac070e
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nvidia-glx-new_1.0.9755+2.6.20.6-17.31_i386.deb
Size/MD5: 4833270 1e6deb4cfbd5cbf29d8f79b0e597c454
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nvidia-glx_1.0.9631+2.6.20.6-17.31_i386.deb
Size/MD5: 4492558 c56ab1045d05d8560a41a7b87e2a1c39
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nvidia-new-kernel-source_1.0.9755+2.6.20.6-17.31_i386.deb
Size/MD5: 2454162 55179cc72ce26c101aedb84841e1eb08
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/vmware-player-kernel-modules-2.6.20-17_2.6.20.6-17.31_i386.deb
Size/MD5: 1666848 ebb6fbab6e18332d046fa0d79abc9c0f
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/vmware-server-kernel-modules-2.6.20-17_2.6.20.6-17.31_i386.deb
Size/MD5: 2860690 ae88be47f7596e2c8316f4e3a22377ec
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/vmware-tools-kernel-modules-2.6.20-17_2.6.20.6-17.31_i386.deb
Size/MD5: 760492 a392956778451398b8da03b1c79bc051
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/xorg-driver-fglrx-dev_7.1.0-8.34.8+2.6.20.6-17.31_i386.deb
Size/MD5: 130326 755509fec142e17ce0dd45b9e929064c
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/xorg-driver-fglrx_7.1.0-8.34.8+2.6.20.6-17.31_i386.deb
Size/MD5: 6143092 6d6f3014f01f78b0dd8783366bc5563f
http://security.ubuntu.com/ubuntu/pool/universe/l/linux-source-2.6.20/linux-image-2.6.20-17-lowlatency_2.6.20-17.36_i386.deb
Size/MD5: 23844798 a165f36a05f57654361b4646218e9e9e
http://security.ubuntu.com/ubuntu/pool/universe/l/linux-source-2.6.20/linux-image-debug-2.6.20-17-lowlatency_2.6.20-17.36_i386.deb
Size/MD5: 24183826 a75c933ed52aa1c39a22bec126889627
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/linux-backports-modules-2.6.20-17-powerpc-smp_2.6.20-17.12_powerpc.deb
Size/MD5: 93372 810566bb7bb90b911ee2dc796e8c6cfd
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/linux-backports-modules-2.6.20-17-powerpc64-smp_2.6.20-17.12_powerpc.deb
Size/MD5: 118178 08fecf5875b7515466304a5e556d9c82
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/linux-backports-modules-2.6.20-17-powerpc_2.6.20-17.12_powerpc.deb
Size/MD5: 92842 4d4192118b9b0f015678bfcd21e6445c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/updates-modules-2.6.20-17-powerpc-di_2.6.20-17.12_powerpc.udeb
Size/MD5: 95164 2c39459a0a423d23a74a52229d48d9cd
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/updates-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.12_powerpc.udeb
Size/MD5: 130572 82ae1b3368e8e7779670bd70196cde66
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/block-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 328832 592f394abdc8a41de6f89a16aa8dceed
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/block-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 325582 d502b2644f843efde702815b028c1618
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fat-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 41184 31ce69aa1a6c5a51fb21dd2546ddb7d5
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fat-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 47450 6fbc8b234f4b98e3f66d8ff4f187c74c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/firewire-core-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 219678 9516e67812981692229cc9aba7e9b155
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/firewire-core-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 239166 7f7662bb24b02f1a44f738354686ae93
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/floppy-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 43654 b44df31b967a80e31758c41e05ef2c09
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/floppy-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 39792 5cfed09a0fa48ce3838b2ba21ba4dad1
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fs-core-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 717818 5375198b75e2a9a5d9f410af42d95524
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fs-core-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 776424 83319a673c7c9b10461de0aefd6e988b
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fs-secondary-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 205086 aa0011d2dedf01aa32c1837777c7c2f5
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fs-secondary-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 209728 caee4552ea2b0b3d9e43b9610ca91adf
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ide-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 59226 bd1604cf99df7ca4b0522ba0c1441452
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ide-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 66860 a47c0ac4b101a2b40bb2f311424d0515
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/input-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 64206 08027501addf0c66a9ea6cfb41227300
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/input-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 65330 5e617fdfc44c7335fc985e642d6c4130
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ipv6-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 144094 6ee22538b68ddda69ad8469d03cefec6
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ipv6-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 162836 4258bd871f4baf4f81a1d5cc940058e4
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/irda-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 383348 0d6dd42f3a57d99915c48252c47c7c6d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/irda-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 251812 b7f4e7cd8e7661da5f3c57d67d395420
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/kernel-image-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 2157764 98a7bbb74cc5e35b7bddc4d8fc12dd35
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/kernel-image-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 3083674 83e44937cfeecffdef687e70f13b1093
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17-powerpc-smp_2.6.20-17.36_powerpc.deb
Size/MD5: 864430 7bf3208e87d976b60431d01aa84703d2
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17-powerpc64-smp_2.6.20-17.36_powerpc.deb
Size/MD5: 868770 0212168af66d47b1953bf59beb405822
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17-powerpc_2.6.20-17.36_powerpc.deb
Size/MD5: 862718 0edc424b8e413441e74362954ba58b09
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17_2.6.20-17.36_powerpc.deb
Size/MD5: 8151920 cc6e385dce05073af3df268acce45ebd
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-2.6.20-17-powerpc-smp_2.6.20-17.36_powerpc.deb
Size/MD5: 24517498 cf103d3e1ed625118d0998b12bab86bb
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-2.6.20-17-powerpc64-smp_2.6.20-17.36_powerpc.deb
Size/MD5: 26861638 cbde33235ec6a7a6046ee860176b1593
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-2.6.20-17-powerpc_2.6.20-17.36_powerpc.deb
Size/MD5: 24220490 e556a72ab4e97dfb786e72d740fa2f24
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-debug-2.6.20-17-powerpc-smp_2.6.20-17.36_powerpc.deb
Size/MD5: 2128680 cfe9700869769c505d5b8d1d1c196e4b
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-debug-2.6.20-17-powerpc64-smp_2.6.20-17.36_powerpc.deb
Size/MD5: 2855084 b3cc89ef46e5e4d06b2653172fe3b283
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-debug-2.6.20-17-powerpc_2.6.20-17.36_powerpc.deb
Size/MD5: 2050182 3bc2e7f25ebe8bea2839aebde16ffcd3
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-libc-dev_2.6.20-17.36_powerpc.deb
Size/MD5: 645210 3c8a7642f76a3bab805c4deb34a7cac0
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/md-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 253008 447d9c9761dfe18be30d647e1b96ba74
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/md-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 295072 a08094ed9b4cdb0b20b4ef07fe6a5496
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/message-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 155558 8c9bcba70f826b2c4fb871ebf3a12730
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/message-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 168430 19b9a0c1a718af5acaa1a97d28f23450
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nfs-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 248328 7a33c002d5adebd73837fb91df317c41
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nfs-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 280138 8d505bd1e195b9b165529180732ca1af
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-firmware-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 1110500 8f0022f1c5e95795aaaa1a07e814957c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-firmware-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 1110660 881fe6e0eaa3db15879e0e893684509d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 1951192 7e74e7050d2af4763c728f9e6f52b8d4
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 2253422 13f6832a0289630d2e088812dbe1f8d6
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-pcmcia-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 233498 0e5efa4dc2c1d60f2d63f736dcd3f720
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-pcmcia-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 223070 da1c37cf1a9665c274cdedb7d7d13dce
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-shared-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 172914 879737cfde3f122ef489bd0a34e8d1f5
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-shared-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 205506 5b476284715dabe07a18acd0365b3f23
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-usb-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 280976 1c05e11f0c7f33fa2ed6ed13650b396e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-usb-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 316584 b4c7b3b1ec87ba54dddcc5d7ed85f148
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/parport-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 44652 92750df6fd5855b3b84539e7ee40bad7
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/parport-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 43410 7de7ea097bbd5b0097c8a8dc21c362b1
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/pata-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 41212 85c1a08a0dcc9cdc4999243b4607f277
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/pata-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 53694 3a9e0e870d09ff29d98ea397eb9ca38f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/pcmcia-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 72814 f069b8db376da6ba6523c1f1a1744a05
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/pcmcia-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 85272 6dc2d289a49942a9beba89f338f11bca
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/pcmcia-storage-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 74542 64495f2bd744e1285c20f04aa7dc3a98
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/pcmcia-storage-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 29722 26ac6df4a55fd8a7168ded5d445aa891
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/plip-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 8396 a7dee9e87ee7e13108a2abf55958ee31
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/plip-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 9878 1c5f8521e8c11ec701f492a2b14d220f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ppp-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 56170 927213142db35ecd6e22cb7b6c64314e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ppp-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 67412 3eef4694fda05e830ac9b0d649879387
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/sata-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 86632 244854a18a5ed03c371bb05b9f2142c4
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/sata-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 129200 a76825598a96c16432ed54bbd9288f5f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/scsi-firmware-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 322566 7f7779fa071fce5f29f59ce076e21853
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/scsi-firmware-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 322588 0cafc2b9ef45c349253c52e3de0c5c36
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/scsi-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 1415810 bf842d6db566d7be83f36be0e045cdec
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/scsi-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 1345396 0463bf1a542fbf4ecf4ce2e4420a933c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/serial-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 74242 2b6a9627312c1586aabdcdf4f7c8892b
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/serial-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 83244 6bac15c4400ddefb121c19b440bd30a4
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/socket-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 12020 430e6dd156acd4313105e5e8d808c0ee
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/socket-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 13940 2080831826d60e6e87672ddf66f0c6c5
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/speakup-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 78350 0b82c56c00c548e9a96c2ca73cec6f2b
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/speakup-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 85460 4361070d89cfb39069ea8989da654076
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/storage-core-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 398184 3a97b6bc7374983dfd5d99ba425886d8
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/storage-core-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 445198 85fe66984eccab5882988b168735b544
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/usb-modules-2.6.20-17-powerpc-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 76712 6da01c2a1af08c51050eb89082bc244c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/usb-modules-2.6.20-17-powerpc64-smp-di_2.6.20-17.36_powerpc.udeb
Size/MD5: 100188 ba1822b9e7dacd482afa36a1a853db3e
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/linux-restricted-modules-2.6.20-17-powerpc-smp_2.6.20.6-17.31_powerpc.deb
Size/MD5: 1295164 bfd9c631a8c1eaf0d77f960052c83dd4
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/linux-restricted-modules-2.6.20-17-powerpc64-smp_2.6.20.6-17.31_powerpc.deb
Size/MD5: 998682 a82f0cb709d699144fecad690e04f602
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/linux-restricted-modules-2.6.20-17-powerpc_2.6.20.6-17.31_powerpc.deb
Size/MD5: 1292544 1bd7e025d89460f69ad71fcbd8731781
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nic-restricted-firmware-2.6.20-17-powerpc-di_2.6.20.6-17.31_powerpc.udeb
Size/MD5: 966288 8b862192df81aba11c1f6cfe2bd4eee1
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/nic-restricted-modules-2.6.20-17-powerpc-di_2.6.20.6-17.31_powerpc.udeb
Size/MD5: 295204 df056e69d9aa45f76533009d499c6585
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/linux-backports-modules-2.6.20-17-sparc64-smp_2.6.20-17.12_sparc.deb
Size/MD5: 95642 6d7c17541cee91e8eb06912a9f20a396
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/linux-backports-modules-2.6.20-17-sparc64_2.6.20-17.12_sparc.deb
Size/MD5: 95344 8db377d069385f539a621e562b2df10b
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.20/updates-modules-2.6.20-17-sparc64-di_2.6.20-17.12_sparc.udeb
Size/MD5: 99130 2f245b90b8b087f61da2caf49f524fbe
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/block-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb
Size/MD5: 53734 0680b9f0398d7e48c53e7295c77cab8f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fat-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb
Size/MD5: 42158 3da50612014614dac0ab87c946c65e6f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/firewire-core-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb
Size/MD5: 211716 77368597943d10a9a5586f8a1ecc06db
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fs-core-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb
Size/MD5: 607912 8da7a2b5371fb5f1a302a6e57e4ae95e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/fs-secondary-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb
Size/MD5: 142716 73f99532873b9c75317de0adb7471740
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ide-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb
Size/MD5: 51444 f42e7104565f89629799aa413dca2b7b
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/input-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb
Size/MD5: 37414 12f0474f7342185f4d1b0b587c55f2f3
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ipv6-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb
Size/MD5: 151172 086fc37a2e1e76e3022f2254574affc8
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/kernel-image-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb
Size/MD5: 1933034 e1905a3433fad1d9462bea90cdc91535
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17-sparc64-smp_2.6.20-17.36_sparc.deb
Size/MD5: 780696 0ec6f4b5e642f0193e6c02ea4465008a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17-sparc64_2.6.20-17.36_sparc.deb
Size/MD5: 776890 0e303a6399f5d569ee7984a2b010c500
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-headers-2.6.20-17_2.6.20-17.36_sparc.deb
Size/MD5: 8122866 d8d4552de1aa0078c02c0e428b6dd48a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-2.6.20-17-sparc64-smp_2.6.20-17.36_sparc.deb
Size/MD5: 16953716 0b6bcacad41c64b40fa2d3b97557acf3
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-2.6.20-17-sparc64_2.6.20-17.36_sparc.deb
Size/MD5: 16601038 9033c13349be02c8001f47d79888e214
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-debug-2.6.20-17-sparc64-smp_2.6.20-17.36_sparc.deb
Size/MD5: 2264344 ab3e7e36ec1257d862dd600eff70ccaf
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-image-debug-2.6.20-17-sparc64_2.6.20-17.36_sparc.deb
Size/MD5: 2178562 67786fc133bf741d728c88ba444d3537
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/linux-libc-dev_2.6.20-17.36_sparc.deb
Size/MD5: 700414 8b12ede19495f6b05c30288cfe31f866
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/md-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb
Size/MD5: 264342 9906bcc6b5467bf2c1245eca6054eae5
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/message-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb
Size/MD5: 156570 4191f2a0d742efeccb67443b3945ff44
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nfs-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb
Size/MD5: 241232 e8523b32012e66d586f5df1cd381ea73
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-firmware-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb
Size/MD5: 1110488 174c4c5a9e61867ad11e78dd808f9d42
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb
Size/MD5: 1571838 e2e6a5ffe044c14520e27bcb5f5f47d5
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-shared-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb
Size/MD5: 180424 9ba8a77f742b1b835bb1c772ca962e21
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/nic-usb-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb
Size/MD5: 310072 427ac0b7e51cb2ad23fe0ec83962cc5f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/parport-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb
Size/MD5: 39666 f866b608114c567f28f9289a0d85c393
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/pata-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb
Size/MD5: 37984 aa56f559318f20f2e417026970a6bb56
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/plip-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb
Size/MD5: 8646 b4b5071fe7b4ab2e438d7901370dc94f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/ppp-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb
Size/MD5: 59422 9d072776affde02fc4c1a90906ed2353
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/sata-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb
Size/MD5: 90818 1be13bc72f1ccc91803bba932730c25d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/scsi-firmware-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb
Size/MD5: 322570 a483b9ea45cad7ab5c8029e96ea80d4d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/scsi-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb
Size/MD5: 882448 7bb2910febf841cb05000dfd1de8a39f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/serial-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb
Size/MD5: 9822 b5066195c7efedec27f28e166ee4967f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/storage-core-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb
Size/MD5: 290142 732ddc7d6de7127a9b3163a76531473f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.20/usb-modules-2.6.20-17-sparc64-di_2.6.20-17.36_sparc.udeb
Size/MD5: 54806 a249da34b1433114facbfda16afb0584
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/linux-restricted-modules-2.6.20-17-sparc64-smp_2.6.20.6-17.31_sparc.deb
Size/MD5: 998636 e5e1018d1febb0a25443a1608d84d3d8
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.20/linux-restricted-modules-2.6.20-17-sparc64_2.6.20.6-17.31_sparc.deb
Size/MD5: 998568 5dc6e3bd57278f3876e0ac6d1e5ac06a
Updated packages for Ubuntu 7.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22_2.6.22-15.16.dsc
Size/MD5: 2124 215e3f71f504f09cb9d67ba3bce891c9
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22_2.6.22-15.16.tar.gz
Size/MD5: 3074102 dcede517498030950f00193fd7636cba
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-source-2.6.22_2.6.22-15.54.diff.gz
Size/MD5: 3546714 bc3375a85185bb7c896f5373d04f927e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-source-2.6.22_2.6.22-15.54.dsc
Size/MD5: 2262 6d8aecb432a702d53ad5e15f9fce41d1
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-source-2.6.22_2.6.22.orig.tar.gz
Size/MD5: 56913972 c98e1329975a8a7931ae63bafe39b63a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22_2.6.22-15.39.dsc
Size/MD5: 2224 3fb717a6f4c6ca172730606024026677
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22_2.6.22-15.39.tar.gz
Size/MD5: 6963922 51c929273ac6d58421cec603e65fdbc5
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22_2.6.22.4-15.11.diff.gz
Size/MD5: 552663 40de07a2a55ec6e25250ef591fa1a70b
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22_2.6.22.4-15.11.dsc
Size/MD5: 2735 6b99b949b4bdcac45c5ba49caf55d763
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22_2.6.22.4.orig.tar.gz
Size/MD5: 143875748 ccbf90c68bf682e9df2371cd85c83c86
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-doc-2.6.22_2.6.22-15.54_all.deb
Size/MD5: 4615002 41f0e4a86eb60e4f347677842fc1a7b8
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15_2.6.22-15.54_all.deb
Size/MD5: 7777268 5cce85c4b4a889d0cbc9a1b5abb3c9a3
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-kernel-devel_2.6.22-15.54_all.deb
Size/MD5: 48284 20aff25c6f59f891366b96484814bf10
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-source-2.6.22_2.6.22-15.54_all.deb
Size/MD5: 45358212 f4fbc3ed3178453493924895e400b616
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/linux-restricted-modules-common_2.6.22.4-15.11_all.deb
Size/MD5: 23372 1e08b20ca5d505d55d734e1e1aa7c212
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-generic_2.6.22-15.16_amd64.deb
Size/MD5: 1181490 06a8c108ea3eb048aa7f7ade85b1ead6
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-server_2.6.22-15.16_amd64.deb
Size/MD5: 3758 62f7ea6c0cbb542ed06904426dfc097a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/updates-modules-2.6.22-15-generic-di_2.6.22-15.16_amd64.udeb
Size/MD5: 646 5aed5ef44cf626f067fb5225ef8fccf1
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/acpi-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 24800 531185f6ecc73aa2e5be4b792cc4498e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/block-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 216562 347e3fa6b1550d55c77537eeb557f89d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/crypto-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 49168 107ddc3f1c939471379d549fa2b0febf
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fat-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 40034 d7b9a5d8878064b9aa69bcaad29267ae
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fb-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 51758 fd8ed4458bef221560be980e99dd9578
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/firewire-core-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 87876 75cd9e963aa71a3765bb3316f72757b2
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/floppy-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 35848 1328b905ca910427bdb7473f268bce86
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fs-core-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 652046 8edc4095a4e1af4691431bb8c46169dd
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fs-secondary-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 205958 069e62303753e4b075d6143d019e1314
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ide-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 55596 409a1ea9cd365c2e54f3bd7dcad681c5
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/input-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 60512 d8cc2ae93537ec154afd9655aeba4cfd
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ipv6-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 146252 b33b05e3b2f87bbf0fce5e0a969db483
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/irda-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 285930 b020b5eec97f02b2b5a7f8cad963a878
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/kernel-image-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 1947322 62487759486e99cac46c84eb141dcf48
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-generic_2.6.22-15.54_amd64.deb
Size/MD5: 593756 0cfa2f7530954f717b9bca97595e7ea2
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-rt_2.6.22-15.54_amd64.deb
Size/MD5: 1165316 0816ef9517f5e049c22437f89add88fd
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-server_2.6.22-15.54_amd64.deb
Size/MD5: 593956 b508af1ec08db9b68fe53097acb42809
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-xen_2.6.22-15.54_amd64.deb
Size/MD5: 949302 3c49468b650469542a3fc85c9a85d309
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-2.6.22-15-generic_2.6.22-15.54_amd64.deb
Size/MD5: 17543644 7c467ec6abac34b98b6fc72a5b0a08e2
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-2.6.22-15-server_2.6.22-15.54_amd64.deb
Size/MD5: 17586456 947e9312ac817b9aaf36a0bae43af3a1
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-debug-2.6.22-15-generic_2.6.22-15.54_amd64.deb
Size/MD5: 18740292 d8f5abc64c06e0d951f00295db516f7d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-debug-2.6.22-15-server_2.6.22-15.54_amd64.deb
Size/MD5: 19045588 2c29290b72f5dcf8cde1de91b6c8b061
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-libc-dev_2.6.22-15.54_amd64.deb
Size/MD5: 653630 06c7f1cab32983620ce58fab3ed12288
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/md-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 252194 6490c4cf504d462e965ad16f9326a7e6
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/message-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 150734 52651e2b2ec7a9348bef67b3c8add406
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nfs-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 236406 d03ab1e8dab84b9818448c6579286a25
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 1449288 149bbcbfb2f4801fd74e251c6dd68ebf
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-pcmcia-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 142738 dbf111770227c3ed685c2a79d028e233
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-shared-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 148666 f6b788f8348f92f08c5a81a66e7a02cc
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-usb-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 86010 52eca61e95705ecc9e1db45c37ef0d5e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/parport-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 35446 8942a8ccbe1be9e71f07d109875771c0
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pata-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 38396 f506ccb2cb0d35c0f36f676cec4ca394
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pcmcia-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 70052 773f942a98207464ca5d62c6f955bc98
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pcmcia-storage-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 21462 acbac49df228ab72c5ea07d12865bea7
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/plip-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 8658 da2dac3d46f3ea80526ed9a29c83f56c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ppp-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 56404 0d818ef611df79adaf83e383bcb93b3d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/sata-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 88010 0de65f917fd1f6dc28018a910fe29fcc
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/scsi-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 1101072 474a9588c6c099d13bdd5404860d3c47
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/serial-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 45206 069e3168b034cd9756e1726e52f401d1
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/socket-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 12676 e66b970e6acd7e648a6dd8fa91711913
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/storage-core-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 462914 b54bda2ce3b03da51c7b0a48b9a2635f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/usb-modules-2.6.22-15-generic-di_2.6.22-15.54_amd64.udeb
Size/MD5: 71790 ac4a611b906456588036bcc639c354cc
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-generic_2.6.22-15.39_amd64.deb
Size/MD5: 3013948 86e7a6e87eddd16d2e9ce82e9ec269a1
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-server_2.6.22-15.39_amd64.deb
Size/MD5: 3012046 41d80f29a78860b4f323a669a1fb71b4
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/nic-firmware-2.6.22-15-generic-di_2.6.22-15.39_amd64.udeb
Size/MD5: 1048448 a5be33841544473a7cc80eb6cba14766
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/scsi-firmware-2.6.22-15-generic-di_2.6.22-15.39_amd64.udeb
Size/MD5: 322530 6ec01c4069caf838edc3830ea5b92c85
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/ubuntu-modules-2.6.22-15-generic-di_2.6.22-15.39_amd64.udeb
Size/MD5: 477916 813f8a19f99dcefbe272b17561d22f50
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.22/avm-fritz-kernel-source_3.11+2.6.22.4-15.11_amd64.deb
Size/MD5: 2134688 59b6823d1adf0dc7ff2dc0155ea21607
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.22/fglrx-kernel-source_8.37.6+2.6.22.4-15.11_amd64.deb
Size/MD5: 191952 3b03fae1017d369824d7955ba655445c
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22-15-rt_2.6.22.4-15.11_amd64.deb
Size/MD5: 13660818 b3e3951e1a061dff40d3a05d997c30f1
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22-15-xen_2.6.22.4-15.11_amd64.deb
Size/MD5: 9854790 9938d8c957c31d19435a3f8158863f02
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.22/nvidia-glx-legacy-dev_1.0.7185+2.6.22.4-15.11_amd64.deb
Size/MD5: 169332 c6f2bf946b8030afe43d6cd74228151f
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.22/nvidia-glx-legacy_1.0.7185+2.6.22.4-15.11_amd64.deb
Size/MD5: 6070814 e857a22069a35ed93d2c5efeef1fa10e
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.22/nvidia-kernel-source_1.0.9639+2.6.22.4-15.11_amd64.deb
Size/MD5: 1862772 96fbbf557068a82ed152100ef0262672
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.22/nvidia-legacy-kernel-source_1.0.7185+2.6.22.4-15.11_amd64.deb
Size/MD5: 1390454 60065b0b590d25df1d6f9a0c0bc1377d
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/avm-fritz-firmware-2.6.22-15_3.11+2.6.22.4-15.11_amd64.deb
Size/MD5: 479942 325f03b109f752ca8789d0c9e186e68c
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/fglrx-control_8.37.6+2.6.22.4-15.11_amd64.deb
Size/MD5: 82088 41d91b8db807afe1807fbd68d7d31556
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22-15-generic_2.6.22.4-15.11_amd64.deb
Size/MD5: 13457086 a7c759a22c8004230c597d2337c56a71
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nic-restricted-firmware-2.6.22-15-generic-di_2.6.22.4-15.11_amd64.udeb
Size/MD5: 766 ddf18ca1250601123959bdedc2d2c79b
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nic-restricted-modules-2.6.22-15-generic-di_2.6.22.4-15.11_amd64.udeb
Size/MD5: 734 753130cf45e4d916ce3792326662ed90
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nvidia-glx-dev_1.0.9639+2.6.22.4-15.11_amd64.deb
Size/MD5: 178324 763f49138f65bcd25344b3165caf624d
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nvidia-glx-new-dev_100.14.19+2.6.22.4-15.11_amd64.deb
Size/MD5: 158248 da89d68c5bf9bd4a953699b0a7a677c5
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nvidia-glx-new_100.14.19+2.6.22.4-15.11_amd64.deb
Size/MD5: 8890896 044fcbd4369090fb6ddfef265c68eda0
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nvidia-glx_1.0.9639+2.6.22.4-15.11_amd64.deb
Size/MD5: 7996392 f71195542bcffbd3c5617cd04976dcff
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nvidia-new-kernel-source_100.14.19+2.6.22.4-15.11_amd64.deb
Size/MD5: 2279348 cbea5190dcb7ebae1c6cae41f812d43c
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/xorg-driver-fglrx-dev_7.1.0-8.37.6+2.6.22.4-15.11_amd64.deb
Size/MD5: 67596 6c459900b9d5f076f8db357dd024b33d
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/xorg-driver-fglrx_7.1.0-8.37.6+2.6.22.4-15.11_amd64.deb
Size/MD5: 12254418 cfd39f34d91e4a48573ded79c6215427
http://security.ubuntu.com/ubuntu/pool/universe/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-rt_2.6.22-15.16_amd64.deb
Size/MD5: 3754 81ca2ccde6e44e42d0acb8b6f4f8d766
http://security.ubuntu.com/ubuntu/pool/universe/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-xen_2.6.22-15.16_amd64.deb
Size/MD5: 3782 76929d77a0fbbb99e401a179efe3d40c
http://security.ubuntu.com/ubuntu/pool/universe/l/linux-source-2.6.22/linux-image-2.6.22-15-rt_2.6.22-15.54_amd64.deb
Size/MD5: 17592292 0cdb657d868402a744dd67acbd9c7b46
http://security.ubuntu.com/ubuntu/pool/universe/l/linux-source-2.6.22/linux-image-2.6.22-15-xen_2.6.22-15.54_amd64.deb
Size/MD5: 17355358 5cf6d90812d22fe685c4930f6ab5b99a
http://security.ubuntu.com/ubuntu/pool/universe/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-rt_2.6.22-15.39_amd64.deb
Size/MD5: 3017126 58a8de462a320964eb37d4713ef063e9
http://security.ubuntu.com/ubuntu/pool/universe/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-xen_2.6.22-15.39_amd64.deb
Size/MD5: 3013834 3b2735bb3fe07a149a0c6d7216c3e08d
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-386_2.6.22-15.16_i386.deb
Size/MD5: 3756 38e40f57e2213ec44de12fd1586c9a28
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-generic_2.6.22-15.16_i386.deb
Size/MD5: 1379014 512338d9fa1b651ecbc39b1db0285688
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-server_2.6.22-15.16_i386.deb
Size/MD5: 3768 4c0ab45a0ba5dc56a9006e0797ac8a7f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/updates-modules-2.6.22-15-386-di_2.6.22-15.16_i386.udeb
Size/MD5: 644 5f31cf301f6b8971e7e8733e85c212db
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/updates-modules-2.6.22-15-generic-di_2.6.22-15.16_i386.udeb
Size/MD5: 644 df4807c07fdd185f50ef8dc3743bc4bb
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/acpi-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 20418 0f9de8a6295d16cae1fe7b9d25f4c822
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/acpi-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 23228 5e895d82dd9023b629fef23526464f91
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/block-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 211438 5e635a70e6b1d97021164f5a6bd11d51
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/block-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 213080 df89aaa52d9017a795bf22dec05ec035
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/cdrom-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 89010 2e70caf2aa5cefb7070ec8668212188c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/cdrom-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 35754 d7642234f8bd7dea30b36dea8816b934
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/crypto-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 50008 21d399d289ffc1c0a787d6d1814ac7fe
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/crypto-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 50140 127fa8d9247590932c3bec3d2fba5029
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fat-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 37956 3d389edb98991e385f671f0d44178d53
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fat-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 38610 f07c2e59ed2764026399ebc28685a107
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fb-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 44950 3e9f0f01a37259c48855afbfc5043f26
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fb-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 45204 60ed4bebdd8f793b28687067956b6460
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/firewire-core-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 85328 a1340f905e08fabee46c8c643fdaa5f6
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/firewire-core-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 85656 ca69911c4bdab605ba471592f9b22d24
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/floppy-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 32344 0f9de7030cccebbb73316b74ee81d04d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/floppy-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 32646 201910ec059ef8901a70fc6748648b90
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fs-core-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 640694 5c2e673d57c1a9aecea86edc15a08664
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fs-core-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 659482 c805fd12258be8e0f94c43b9dc5017b0
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fs-secondary-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 206054 6b84aacb3a21d7c5ecca022fec9b7758
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fs-secondary-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 209784 ba33674cfcea7eabc5d3365a4725472c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ide-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 52652 b81d9b2a4d891f5176ff23e03c931ac4
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ide-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 53866 089d7bcd4eecff3ae3cdfa3dae74988e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/input-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 55524 cbddfa0961691f5af1e5078f1fbc6341
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/input-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 56914 4975e2e7e8a9cf550c7b763390de6353
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ipv6-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 130910 a56c5b5ef04d03fc9d7abe4dd9ad1dd8
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ipv6-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 137790 2d9998c3221d20bab47ef3c3c885ca36
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/irda-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 277866 52a5a0032d93c63d390bde041de9e987
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/irda-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 276378 364eef19bd824a34498065e9bc011a98
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/kernel-image-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 1834666 4d1004a88c1f30305467a1151b05caff
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/kernel-image-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 1905930 521d19edf828d41bda242061f580f39c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-386_2.6.22-15.54_i386.deb
Size/MD5: 579506 e31e25124b45afdea454fa2e5df96981
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-generic_2.6.22-15.54_i386.deb
Size/MD5: 581308 5978bd43dba625bcc0d90d78ea7976f6
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-rt_2.6.22-15.54_i386.deb
Size/MD5: 1154954 331ef788b8936ca09297278c54fe0a73
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-server_2.6.22-15.54_i386.deb
Size/MD5: 581292 d13dfb1538bbeb0406869f9988e63966
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-ume_2.6.22-15.54_i386.deb
Size/MD5: 527716 38db2de69c705b3848b362d6285a78cd
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-virtual_2.6.22-15.54_i386.deb
Size/MD5: 466996 581eb343942f0753c7021374cf203dd7
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-xen_2.6.22-15.54_i386.deb
Size/MD5: 923522 de45312cd1e8ef642be2a1e321719a73
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-2.6.22-15-386_2.6.22-15.54_i386.deb
Size/MD5: 18568374 73fa4b00dea5d4ed59a1bf81b9e7f70c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-2.6.22-15-generic_2.6.22-15.54_i386.deb
Size/MD5: 18542298 6ed41de04e6b219e5b45a7de205cfe96
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-2.6.22-15-server_2.6.22-15.54_i386.deb
Size/MD5: 18630526 c0b10915988e225c3978d51a7f94ee71
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-2.6.22-15-virtual_2.6.22-15.54_i386.deb
Size/MD5: 6704572 fddd05f27808e8e114d958ec6cbe7928
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-debug-2.6.22-15-386_2.6.22-15.54_i386.deb
Size/MD5: 23478456 6271a25d209b9092e6e266e0d2760c4a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-debug-2.6.22-15-generic_2.6.22-15.54_i386.deb
Size/MD5: 24123012 c4ae07814e5cb34954bcf9af2d065b8f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-debug-2.6.22-15-server_2.6.22-15.54_i386.deb
Size/MD5: 24388984 8ec3bfe06020cde3427e0a223b5229c6
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-debug-2.6.22-15-virtual_2.6.22-15.54_i386.deb
Size/MD5: 22814866 a6717fed353a6c8db978f2bdaa87dab3
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-libc-dev_2.6.22-15.54_i386.deb
Size/MD5: 653638 28d2e17c8dd12239709f7d26dfe847d6
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/md-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 247896 d1913a5288822f9a4c5d8252de2380b3
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/md-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 254864 05670a61ba685422884b35b4b36a849d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/message-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 137044 653ab55a5d2fac7514dcfa427a729de4
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/message-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 137394 5ef931689ae1d45255c7be7042291088
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nfs-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 221114 e363197d0c5452adfbe718d129b56eb1
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nfs-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 228418 689a74ed0f50826efc882955901d8661
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 1627050 4fc2c87e20fc465fe8819c5835a9bb4b
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 1647312 adf8ab86dfd814c0753ca926609a0f28
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-pcmcia-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 150434 e24b4ec46d62dc664d08bdffa2184239
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-pcmcia-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 142510 c41820cbdb83d7661351e2d6ab6759c3
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-shared-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 141124 f2890109982c84417b97e4f9b0ec47e6
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-shared-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 142488 b307586a011a4b90aacb9d7c0ea7832f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-usb-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 79274 95f09af1d5d8d44641d95b99f664d743
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-usb-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 80914 7b3af901119a8f441ce29a39390a0585
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/parport-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 33340 7f3b5c8fa51fa3511dfbd49d50d86b8d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/parport-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 33872 441b2e45c5ecec67c362122134e19040
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pata-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 37978 31e7de73aa0a902ed47777522cee9688
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pata-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 38250 653c0b1df6df39d123596f3cdfccff1a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pcmcia-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 83258 6dfb13d2cd4481fb354d29b43f1a34d2
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pcmcia-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 83440 b945199f9b0e767a04e752f7e9a4289e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pcmcia-storage-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 48210 7826c79ecf33f121e5f2df228ba901bb
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pcmcia-storage-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 48188 f4694ad1e5f586f83dd577e4c13ee041
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/plip-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 8188 2e0ad32b18f1bac73aef856de27399dc
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/plip-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 8410 46d5527c5e1c951dd7cf20cfebd00285
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ppp-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 50454 a2dda1b9a98c02c0f4dfcf14f7352f64
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ppp-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 52362 17070ff42e9fd0daa887ad2bee2584fe
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/sata-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 79486 39c05ac72f00b488c2e4657922fd845a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/sata-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 79792 f9d1fd2ee477806b6f5f8c6eac8fc433
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/scsi-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 1388110 3d00dfd9e297f0f5c13cb6c216257fbd
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/scsi-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 1367550 c167a877b6a66d820c462e1a42c464df
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/serial-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 43022 ee80c18e4c855f38b300b3298bcac9cb
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/serial-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 42490 6e38df6c8dd793414db655b4df862b89
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/socket-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 11274 457f9450561026c51e7dce62b99492a2
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/socket-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 11860 a005b1cdbcaf9916c60144b96a068a3b
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/storage-core-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 435680 c410f7c8d57506611fb299d6219b193a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/storage-core-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 438856 8442dc0500a51949003790c676c9e6e1
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/usb-modules-2.6.22-15-386-di_2.6.22-15.54_i386.udeb
Size/MD5: 65898 3518afe7357301623e77d92f29ef7cd1
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/usb-modules-2.6.22-15-generic-di_2.6.22-15.54_i386.udeb
Size/MD5: 66818 b3eee8a3a0e5de1b73abad161b92977a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-386_2.6.22-15.39_i386.deb
Size/MD5: 3043288 ccb4308e0bc160c24707f5854eb2e412
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-generic_2.6.22-15.39_i386.deb
Size/MD5: 3054328 2d56c435cd060b2745a0ca6206366bb9
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-server_2.6.22-15.39_i386.deb
Size/MD5: 3056128 04a9e15849ffb6ae029d63ebb323a1c0
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-virtual_2.6.22-15.39_i386.deb
Size/MD5: 1551418 650f8adbb27269b364282c89c0b24c23
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/nic-firmware-2.6.22-15-386-di_2.6.22-15.39_i386.udeb
Size/MD5: 1048342 919b46aecdba9098a5ae27b479cc1f4f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/nic-firmware-2.6.22-15-generic-di_2.6.22-15.39_i386.udeb
Size/MD5: 1048442 931c9093fdc92d6f6634202320559901
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/scsi-firmware-2.6.22-15-386-di_2.6.22-15.39_i386.udeb
Size/MD5: 322512 e639c5c2c3439f93a2ae0c37ea28c7b8
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/scsi-firmware-2.6.22-15-generic-di_2.6.22-15.39_i386.udeb
Size/MD5: 322534 934ae69176bb17670c6f081a1b1a4979
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/ubuntu-modules-2.6.22-15-386-di_2.6.22-15.39_i386.udeb
Size/MD5: 453408 77a229a8e4d2f83fd56740ac24e655c6
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/ubuntu-modules-2.6.22-15-generic-di_2.6.22-15.39_i386.udeb
Size/MD5: 453002 ab5b8dae55c15f59956c339c2017f3dc
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.22/avm-fritz-kernel-source_3.11+2.6.22.4-15.11_i386.deb
Size/MD5: 4084628 5c38b21f36b5d04056d0ee3d683630d2
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.22/fglrx-kernel-source_8.37.6+2.6.22.4-15.11_i386.deb
Size/MD5: 191960 162aecb99815f6b9a339b1299e2973c7
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22-15-rt_2.6.22.4-15.11_i386.deb
Size/MD5: 16791012 ad32c528dee8398448700bc5c132576f
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22-15-xen_2.6.22.4-15.11_i386.deb
Size/MD5: 12658912 4ed7f2b8ecfb4ce974648c7bc8b2c7aa
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.22/nvidia-glx-legacy-dev_1.0.7185+2.6.22.4-15.11_i386.deb
Size/MD5: 148548 b712289da5c1c90c3504c49c066ab579
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.22/nvidia-glx-legacy_1.0.7185+2.6.22.4-15.11_i386.deb
Size/MD5: 3065766 ec9626779a8a817c329bb84bfcfa5a9c
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.22/nvidia-kernel-source_1.0.9639+2.6.22.4-15.11_i386.deb
Size/MD5: 1764500 9aa631e66d1c4cf18369b10ff8361539
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.22/nvidia-legacy-kernel-source_1.0.7185+2.6.22.4-15.11_i386.deb
Size/MD5: 1378112 b2cad4be9641a5ffd6cdf959b9971898
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/avm-fritz-firmware-2.6.22-15_3.11+2.6.22.4-15.11_i386.deb
Size/MD5: 1209490 042181978d41e4e68fd55c90564822ec
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/fglrx-control_8.37.6+2.6.22.4-15.11_i386.deb
Size/MD5: 79368 fe206f7ee03e52a803275d72446ecd1d
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22-15-386_2.6.22.4-15.11_i386.deb
Size/MD5: 16742196 585c649b0be6bfe04c1b07a5a65b86b8
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22-15-generic_2.6.22.4-15.11_i386.deb
Size/MD5: 16533700 efb709c3e9b7d468eb8eb19cd4bd24c1
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nic-restricted-firmware-2.6.22-15-386-di_2.6.22.4-15.11_i386.udeb
Size/MD5: 764 812cbf6f07ef3f8e82a9740b9d8f4833
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nic-restricted-firmware-2.6.22-15-generic-di_2.6.22.4-15.11_i386.udeb
Size/MD5: 766 df205d71cd5d3b82fe07e703042aa7f4
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nic-restricted-modules-2.6.22-15-386-di_2.6.22.4-15.11_i386.udeb
Size/MD5: 732 4283d253d3cedde341a7a75d530af147
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nic-restricted-modules-2.6.22-15-generic-di_2.6.22.4-15.11_i386.udeb
Size/MD5: 734 856c774ebdbe8ec4acc0e1a6a9130669
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nvidia-glx-dev_1.0.9639+2.6.22.4-15.11_i386.deb
Size/MD5: 158286 c3037f07e6753221e09ffe4afa5cb17a
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nvidia-glx-new-dev_100.14.19+2.6.22.4-15.11_i386.deb
Size/MD5: 146010 ad9c127bef125b66085db9c7bb0bb547
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nvidia-glx-new_100.14.19+2.6.22.4-15.11_i386.deb
Size/MD5: 5013914 7a529396a64deb58e8e5beea3941b5b9
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nvidia-glx_1.0.9639+2.6.22.4-15.11_i386.deb
Size/MD5: 4493322 db303977d7fc8fd18a6e2d4eb6c75881
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nvidia-new-kernel-source_100.14.19+2.6.22.4-15.11_i386.deb
Size/MD5: 2253080 b9d0c5159b5973755f853087980c37a4
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/xorg-driver-fglrx-dev_7.1.0-8.37.6+2.6.22.4-15.11_i386.deb
Size/MD5: 67078 c38c30bc72618a411b2b40a07575c3e4
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/xorg-driver-fglrx_7.1.0-8.37.6+2.6.22.4-15.11_i386.deb
Size/MD5: 8558012 826ec61e79243432e14df3c4fe01c482
http://security.ubuntu.com/ubuntu/pool/universe/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-rt_2.6.22-15.16_i386.deb
Size/MD5: 1379430 890e80ab2cb552da35613c66accdff3d
http://security.ubuntu.com/ubuntu/pool/universe/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-ume_2.6.22-15.16_i386.deb
Size/MD5: 3734 395b2624c54f03633eb87f0cbc97a4ae
http://security.ubuntu.com/ubuntu/pool/universe/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-xen_2.6.22-15.16_i386.deb
Size/MD5: 3770 56a1c5dfbd6840d5bb6dc589e50e59fe
http://security.ubuntu.com/ubuntu/pool/universe/l/linux-source-2.6.22/linux-image-2.6.22-15-rt_2.6.22-15.54_i386.deb
Size/MD5: 18593802 a23697c081e4de446386196207ba172d
http://security.ubuntu.com/ubuntu/pool/universe/l/linux-source-2.6.22/linux-image-2.6.22-15-ume_2.6.22-15.54_i386.deb
Size/MD5: 8651184 5485ade0608249b603b2d29f52796a60
http://security.ubuntu.com/ubuntu/pool/universe/l/linux-source-2.6.22/linux-image-2.6.22-15-xen_2.6.22-15.54_i386.deb
Size/MD5: 17337476 f7c0dc20dd33587cb7170cf9b0547399
http://security.ubuntu.com/ubuntu/pool/universe/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-rt_2.6.22-15.39_i386.deb
Size/MD5: 3067524 cd3cb7109cbbd0276ee4193b47bb925f
http://security.ubuntu.com/ubuntu/pool/universe/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-ume_2.6.22-15.39_i386.deb
Size/MD5: 3049602 578b1c56c65249fd8f2a45c1f35193ff
http://security.ubuntu.com/ubuntu/pool/universe/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-xen_2.6.22-15.39_i386.deb
Size/MD5: 3058274 c933d038855ffac90f36a2f4c4db42fb
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/acpi-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb
Size/MD5: 31564 6ee7cad81861752974ccab8913be4923
http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/block-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb
Size/MD5: 174622 a7075817c8becfc18ecc3c3909a9bb80
http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/crypto-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb
Size/MD5: 47544 b88af59e21f122d1eff2dcd287727ba6
http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/fat-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb
Size/MD5: 34816 850e9452d08f4cbb8b64a51d6ce8dc1a
http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/fb-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb
Size/MD5: 25670 18b1cfc1c9c9b017da1cb5742fc62fdf
http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/firewire-core-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb
Size/MD5: 78152 7f6682322618840f38766edc66b861ef
http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/floppy-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb
Size/MD5: 29642 b48d5450abf39b2768d684c240b38b85
http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/fs-core-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb
Size/MD5: 123420 4def6fc4ff8e55b307db81e27fb762f5
http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/fs-secondary-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb
Size/MD5: 68574 e17c91ebd8e489f5a4ca4426925a0aee
http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/ide-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb
Size/MD5: 1394 d2263d8cc68c8150124ca32cbb6ceaa0
http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/input-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb
Size/MD5: 50900 f37be62f538f6c92ba9179f36435ef16
http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/ipv6-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb
Size/MD5: 123346 a1622a607060d17717762687be2f1585
http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/irda-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb
Size/MD5: 246236 f729caa2c10a68e4ca7b2c2c4282c99d
http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/kernel-image-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb
Size/MD5: 1534938 f3736b30f419b2cb39c586f58e80404f
http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-lpia_2.6.22-15.54_lpia.deb
Size/MD5: 581738 74e64d51193e30694c2a80acdb4a9126
http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-lpiacompat_2.6.22-15.54_lpia.deb
Size/MD5: 595466 b51b81f74f87ea19594b4bafe7cc1c9e
http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/linux-image-2.6.22-15-lpia_2.6.22-15.54_lpia.deb
Size/MD5: 8328860 dd4ef30b143963c15af5cddef259e122
http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/linux-libc-dev_2.6.22-15.54_lpia.deb
Size/MD5: 625872 496035aabc97f4a9baddf755c4f30eff
http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/message-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb
Size/MD5: 46924 a532ca40697d5ca69025f1f681987e0b
http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/nfs-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb
Size/MD5: 206940 8c33ba7be35ad9051ca16c96895f412c
http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/nic-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb
Size/MD5: 234188 fe8de6cd05a99936cd729308599a3d53
http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/nic-shared-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb
Size/MD5: 124156 6fe418390d62c87d4bd031f3b27e4f8b
http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/nic-usb-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb
Size/MD5: 40326 c182a285e55e30dd4fd9f504a0be6550
http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/parport-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb
Size/MD5: 30656 80a9a3217417ce60c11568d75a9be23a
http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/pata-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb
Size/MD5: 3666 11c3107c1f5a702d27fe2d29e5395deb
http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/ppp-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb
Size/MD5: 47230 9894aa9fbc062ca1ced5d3b0949ee1cf
http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/sata-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb
Size/MD5: 15768 c1ac8d8e1979307c2d1e0ef9da348072
http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/scsi-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb
Size/MD5: 96662 c44a69eba22367197430d54acaa99580
http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/socket-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb
Size/MD5: 10878 f831fc959d85f492e23caf138fba832f
http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/storage-core-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb
Size/MD5: 377552 a90580eb48e723f72335402d6e85d7ed
http://ports.ubuntu.com/pool/main/l/linux-source-2.6.22/usb-modules-2.6.22-15-lpia-di_2.6.22-15.54_lpia.udeb
Size/MD5: 52864 e6f4c21bece42c5ffff4204b818f39cf
http://ports.ubuntu.com/pool/restricted/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22-15-lpia_2.6.22.4-15.11_lpia.deb
Size/MD5: 2898792 c9bd2701af313e7910619956ff90964b
http://ports.ubuntu.com/pool/restricted/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22-15-lpiacompat_2.6.22.4-15.11_lpia.deb
Size/MD5: 3120354 faad74cdcdd2472127ab808a1c052d10
http://ports.ubuntu.com/pool/universe/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-lpia_2.6.22-15.16_lpia.deb
Size/MD5: 3746 6a5675f03ca203a51233307ec24ee001
http://ports.ubuntu.com/pool/universe/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-lpiacompat_2.6.22-15.16_lpia.deb
Size/MD5: 3772 c6ca093178a288087d42ccac5685182a
http://ports.ubuntu.com/pool/universe/l/linux-backports-modules-2.6.22/updates-modules-2.6.22-15-lpia-di_2.6.22-15.16_lpia.udeb
Size/MD5: 644 1496fbb995b406bd9cdc2c86c80ea312
http://ports.ubuntu.com/pool/universe/l/linux-source-2.6.22/linux-image-2.6.22-15-lpiacompat_2.6.22-15.54_lpia.deb
Size/MD5: 18529856 30bada6dc184ab15505d0e4574716595
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-powerpc-smp_2.6.22-15.16_powerpc.deb
Size/MD5: 3776 a865c756c85227c4b4c99bcdd3527da4
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-powerpc64-smp_2.6.22-15.16_powerpc.deb
Size/MD5: 3802 aa1096bc346f2f035c958d334b62a6ae
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-powerpc_2.6.22-15.16_powerpc.deb
Size/MD5: 3774 8588158f9ddfb583ab42815497394f5d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/updates-modules-2.6.22-15-powerpc-di_2.6.22-15.16_powerpc.udeb
Size/MD5: 646 19c2d7fee87ceacc358002a4e1a67367
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/updates-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.16_powerpc.udeb
Size/MD5: 648 7ef35ae416bf2f80db27596032363462
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/block-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 315160 76de8fb0030716726ac881afdf912262
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/block-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 331806 945326f8e67dbe67dffca506fe70b68a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/block-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 310634 7d32348468e25b6e8161eb1e794dbbc3
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/crypto-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 69108 9c0cc6d763c9a26965d95b1016f23366
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/crypto-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 59600 e8ad3dc8e454774b4b48e4d86903b3c1
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/crypto-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 69124 a9694608ebda5380e1f31c6c6d48a71f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fat-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 47626 d4a71e109ab995054184e3880c5f85de
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fat-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 41296 3dc951a9e00d2992573df883125c9673
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fat-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 47628 ac297004e60d6daac2c5077b4f597af8
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/firewire-core-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 107324 0af8c2548273b734d8d423b27943f1d6
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/firewire-core-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 91162 b7cf64c5781cf1680f0b43984dbb8e8d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/firewire-core-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 107284 da3d9f2d058a9dd6d41a56fed7e5a166
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/floppy-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 40968 498b97586b06155aab845e21b15c6ffc
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/floppy-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 44734 93c489df9c18963cfef25f8d848fd702
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/floppy-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 40978 93a3f89c4bae49dbab525f2244ed90f6
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fs-core-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 773510 5e3337dc062ce47a23744bab9630dd97
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fs-core-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 709242 e9365b33f36e855d6cfd841d97214e52
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fs-core-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 773420 6faf03e36789cc6bc1aa3296a7d4e07c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fs-secondary-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 243332 f842b8f9ba469616ea848991916f030a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fs-secondary-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 236400 b02a1eeca0b26e053f752da0d4541996
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fs-secondary-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 243298 ddf59a7f8b7e1abb0c16d50e5f7f3c5b
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ide-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 53772 8d4cdc627ad212f655fa4771909a2631
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ide-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 47384 fca7ed43dba57b56d77c0afb5bc36fed
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ide-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 53740 8aacab34266a00ac6b864e380f498d23
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/input-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 69044 199cb6c932b1c57896e1765bbe4da986
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/input-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 62400 a01800fc7c294dd53eaf87f43fbe2330
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/input-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 68996 d07d16dc42d5daec47b8f364389d7433
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ipv6-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 166820 95db10ab499ab76aa49ca336ce6c17ef
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ipv6-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 147482 5d5b81ecf9970e96b48be6eefc8122fa
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ipv6-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 166684 ca4a1e06d95a88309fdb93d948b05ae8
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/irda-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 347892 f845d2b1036cf7d96aa1ccc277a7b2ad
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/irda-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 385002 bcfa8c06cca8efca21d1661c91890e07
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/irda-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 347782 d2acb9f168d9403a7f1d6beb3edf80d0
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/kernel-image-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 3204126 e0449de12be613e0ef6f71b33948a26f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/kernel-image-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 2182774 6b34a7331f66cc6360ee518134b31a9e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/kernel-image-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 3121074 94b278820db5d9364f3a11332c4bf6f7
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-cell_2.6.22-15.54_powerpc.deb
Size/MD5: 658542 224b256989d50b0babe3e046a8a5acd1
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-powerpc-smp_2.6.22-15.54_powerpc.deb
Size/MD5: 568724 14f0c68ecb1ea96fd589bdf0050c22f4
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-powerpc64-smp_2.6.22-15.54_powerpc.deb
Size/MD5: 572426 1f588c7a9f543e235d4c985a13732fe3
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-powerpc_2.6.22-15.54_powerpc.deb
Size/MD5: 568282 ed5c8079a439162c175eca4913cb2dd0
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-2.6.22-15-cell_2.6.22-15.54_powerpc.deb
Size/MD5: 19766842 f303b6b54e23c220d5cfbeac66d4faaf
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-2.6.22-15-powerpc-smp_2.6.22-15.54_powerpc.deb
Size/MD5: 18708820 3bdb75aaaa8961d3f3730976403cb8e9
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-2.6.22-15-powerpc64-smp_2.6.22-15.54_powerpc.deb
Size/MD5: 19744780 b9a76ee8362bc970adc9868bcb9b4309
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-2.6.22-15-powerpc_2.6.22-15.54_powerpc.deb
Size/MD5: 18485548 1b1fd19601cb719bf42fc78ceefcb444
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-libc-dev_2.6.22-15.54_powerpc.deb
Size/MD5: 629682 790e46628648d1b59b4796a607920d47
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/md-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 298656 ae2aae1d23ee9459c3a2c238f62b0c3f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/md-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 256442 6b9c9cf85cbf6caf9a904172ab8353bf
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/md-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 298538 e2e158aa1390c6650dc31f8bc6b666da
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/message-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 173322 46bc77ff2c7dfe168a99431aed9543fd
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/message-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 159610 e2562a075799cfd2d38ce8cc4f5b10bc
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/message-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 173266 95e55b6c7f32762abb49f3503aca44ec
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nfs-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 288574 86783294fef9eaecaf0fea407e01378b
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nfs-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 256444 28dcf9ad4907afc1db0cd6ea2da52ce5
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nfs-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 288540 1502f113e0c9f40f3d8a8629467f921a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 1931854 18199bd1925f2e7f7188ee3826dad7d3
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 1654766 5813c15c304f8e11e7202867d43192b4
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 1909850 62c123566de18c9a33a1e06ede984735
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-pcmcia-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 216076 0b3682996152ba06ac5fd6373aa6d735
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-pcmcia-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 234448 3531ee385f9be4c3616294f69a7bb210
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-pcmcia-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 224102 f59d04573e8556fd788db3da5fb78a15
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-shared-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 181652 31e05543b341fa1fd3a2afc1d83fd1cf
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-shared-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 153868 7f32b2cb52a3ce4ae228efd44597d130
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-shared-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 181584 c6b132d7e6f8b4dd0bbeccdc03447a6b
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-usb-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 103632 6645c56a57d8b9b5772c8d375b8e6bcd
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-usb-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 86736 3b0b2786ca7aae2e78027ab51eac2be6
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-usb-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 103494 c569c090e64b3ca81508d060826925c8
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/parport-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 46978 7e539f3deae48b9bb62b10f8cfba97ad
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/parport-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 45402 628c4a5fe3245fcb4cb5c4dfe12a2bdc
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/parport-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 46996 da7e8a7ffdec8578333b4945278bad90
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pata-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 54468 9e847dace1f6bb96dd4b2a4a68f0a7bd
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pata-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 41570 6a7226a7fb2a98add60fcabfc5dd65ed
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pata-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 47806 2ef913db23ed334fe01c3000f1d3823c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pcmcia-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 87004 431473bc1306e9abadea45405d748f8f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pcmcia-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 74054 83b8bc0d89a70f616e47bebd2d4ae188
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pcmcia-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 86976 ebe28671e620e988936babd9dcaac03a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pcmcia-storage-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 30306 444a504fbe3a928fcf975c1c4de6911f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pcmcia-storage-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 76260 bcd35555297c4707bfe4998c78cf1aa9
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pcmcia-storage-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 30332 0ba859f43a4526a51a02dc97e15845c6
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/plip-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 9952 8f8a952c62200febb47630546ea2f7b7
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/plip-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 8458 44b8f28b718470b9a0f6544edf6e7d78
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/plip-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 9948 9be31362b48f63df01f9eb3bae241200
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ppp-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 68476 5dfcb2d47d20f04ab2fd730cd00d0e92
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ppp-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 56868 43a9199173d14b60514cce4e26c04e0d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ppp-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 68450 4d37835af2ccd7767f65bf5b862182f5
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/sata-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 131418 2bbffb08183ef9737b1c7ee7d91c860f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/sata-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 87806 d1f7fb7a127c3bb5ea17a71f1d47d26b
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/sata-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 131240 f3472f484e00531c8d606deb7dedfe65
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/scsi-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 1432182 11115ebffcd3b842dbbc68f5a3f62b3c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/scsi-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 1441334 73962d3133f94fb2b761326db53c2167
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/scsi-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 1432046 5f35cce2c671c79e10b8cd43bea84d4b
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/serial-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 70948 2d8686184d04697c8be62752cae815ab
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/serial-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 75508 d9105ae8e009613e616147e76f780b0a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/serial-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 84768 fd7f0edf50e458f429f1e87f3055f3ff
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/socket-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 14532 9a3539e3c59fb397abfc9508f5c9578a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/socket-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 12536 9c5146c46602c9ead4d328871d3f17af
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/socket-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 14528 73f06b41f5764ed81468e4d89e97dc0c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/storage-core-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 558348 5b80e2fb36c8ff6a55f896a5fb7e2e3d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/storage-core-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 492732 29b5a718362fe422c612f72c4da114a0
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/storage-core-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 549300 4dec89e60b7d7b5060c0cc8455c2c9ac
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/usb-modules-2.6.22-15-cell-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 105380 ccfd8dc7b67ffe3abde899289adfc200
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/usb-modules-2.6.22-15-powerpc-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 79662 1b4022ffa935534a726498fce40b4eda
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/usb-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.54_powerpc.udeb
Size/MD5: 104304 02c6251885f3f373d18446b958c2855f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-cell_2.6.22-15.39_powerpc.deb
Size/MD5: 2619590 af8281593571ced37b2129ed2342fccd
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-powerpc-smp_2.6.22-15.39_powerpc.deb
Size/MD5: 2567378 20bf3027940d1142ad8803732870f36e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-powerpc64-smp_2.6.22-15.39_powerpc.deb
Size/MD5: 2620222 8073e56c511e70257e61599e18b5bd5e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-powerpc_2.6.22-15.39_powerpc.deb
Size/MD5: 2554464 27d7b5e667ec571d53285d4cbac8f203
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/nic-firmware-2.6.22-15-cell-di_2.6.22-15.39_powerpc.udeb
Size/MD5: 1048390 d4b1ca0b0ab22138ba04d681dc20f0c3
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/nic-firmware-2.6.22-15-powerpc-di_2.6.22-15.39_powerpc.udeb
Size/MD5: 1048432 e45f37ec5193154aa04c35fed50fdaee
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/nic-firmware-2.6.22-15-powerpc64-smp-di_2.6.22-15.39_powerpc.udeb
Size/MD5: 1048558 0c6648aa9377a3ccc64477bf5dd08f38
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/scsi-firmware-2.6.22-15-cell-di_2.6.22-15.39_powerpc.udeb
Size/MD5: 322524 0fdea901bdf7b9173d89d49f10648d0f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/scsi-firmware-2.6.22-15-powerpc-di_2.6.22-15.39_powerpc.udeb
Size/MD5: 322536 5a36968fa11e67940cf88dfec8f5b90a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/scsi-firmware-2.6.22-15-powerpc64-smp-di_2.6.22-15.39_powerpc.udeb
Size/MD5: 322560 63ec46beb37b44f7e901d4a17d4d5002
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/ubuntu-modules-2.6.22-15-cell-di_2.6.22-15.39_powerpc.udeb
Size/MD5: 267156 690a55e73215d9bc450caa6b99fc4476
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/ubuntu-modules-2.6.22-15-powerpc-di_2.6.22-15.39_powerpc.udeb
Size/MD5: 220186 7710f01beebe09e0c9bf2cb812991139
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/ubuntu-modules-2.6.22-15-powerpc64-smp-di_2.6.22-15.39_powerpc.udeb
Size/MD5: 267210 651e58dc6fce70139c603386c92ff3bb
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22-15-powerpc-smp_2.6.22.4-15.11_powerpc.deb
Size/MD5: 1300508 45e687319d4e0d2dac393138e6f2d6c6
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22-15-powerpc64-smp_2.6.22.4-15.11_powerpc.deb
Size/MD5: 1002304 9f77a9427eeaea48276c6b68547d824f
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22-15-powerpc_2.6.22.4-15.11_powerpc.deb
Size/MD5: 1298454 fc0dcab1f9958209c7f4266bc08de844
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nic-restricted-firmware-2.6.22-15-powerpc-di_2.6.22.4-15.11_powerpc.udeb
Size/MD5: 764 d6233f778dcf936a4a0478aa80409d52
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/nic-restricted-modules-2.6.22-15-powerpc-di_2.6.22.4-15.11_powerpc.udeb
Size/MD5: 734 8505f5c770efe7e12619fc324996c31a
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-sparc64-smp_2.6.22-15.16_sparc.deb
Size/MD5: 3802 e09e7173876354b9a1bb6846e9437b67
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/linux-backports-modules-2.6.22-15-sparc64_2.6.22-15.16_sparc.deb
Size/MD5: 3772 586b2c371ca1f45ea3513cfa459fa08a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.22/updates-modules-2.6.22-15-sparc64-di_2.6.22-15.16_sparc.udeb
Size/MD5: 646 049e8815ed4659bbd756521f44d1b957
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/block-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb
Size/MD5: 59312 4c07f24b58ed97db0fb543db5a8d4856
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/crypto-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb
Size/MD5: 68268 a62b0e675c367386a3208a198f127949
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fat-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb
Size/MD5: 42130 4b939c9f08fee124425bd784f7bf7d3a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/firewire-core-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb
Size/MD5: 95330 eb40ad8d594615e788ecf89c529c1561
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fs-core-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb
Size/MD5: 594048 cd592a5479c6d7119a2eabe234aba28c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/fs-secondary-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb
Size/MD5: 169390 703d55b772601b01ef874202350a9549
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ide-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb
Size/MD5: 38254 691b333634c543721644e9126fb6f22e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/input-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb
Size/MD5: 38648 3c0eca639d2d669846051bc7b3acc3db
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ipv6-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb
Size/MD5: 154606 57fb00f92f0dcc365e0c41540b5efc41
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/kernel-image-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb
Size/MD5: 1993026 46125df549b3d01d4d8cc9b4356e9fb1
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-sparc64-smp_2.6.22-15.54_sparc.deb
Size/MD5: 475654 c92a5bb9e70c8af93c8ba14d222d2b54
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-headers-2.6.22-15-sparc64_2.6.22-15.54_sparc.deb
Size/MD5: 474486 2c0f22707763247036f715195ea32cb2
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-2.6.22-15-sparc64-smp_2.6.22-15.54_sparc.deb
Size/MD5: 12415598 f88ba6815bda87f9f6bab3b1f08f2c02
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-image-2.6.22-15-sparc64_2.6.22-15.54_sparc.deb
Size/MD5: 12179794 406b603b04315995ed3b535149d11ae2
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/linux-libc-dev_2.6.22-15.54_sparc.deb
Size/MD5: 684538 d20de9a13d35cd857709d8e97110d89a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/md-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb
Size/MD5: 265810 e454ac8cfbb55798d897f6b8f915aaec
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/message-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb
Size/MD5: 159904 f25815be23aae799ff31fb30b0f660ee
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nfs-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb
Size/MD5: 247460 576ba769410c3856461f98143f89064a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb
Size/MD5: 1254066 0ae70dfca4fac5dc7187d025654c811c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-shared-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb
Size/MD5: 159996 f945e232f58c9a3c54ee4dc317c24005
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/nic-usb-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb
Size/MD5: 91978 762357557c147272e8227fb1394886f9
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/parport-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb
Size/MD5: 40636 bc40eb4e9aaa6c4a798f93a58e4ea196
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/pata-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb
Size/MD5: 38574 da8bb028537d9379b91be3524de7cfdc
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/plip-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb
Size/MD5: 8646 ecd7b4d5a5cd5ab219902b3cf2f87227
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/ppp-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb
Size/MD5: 60070 4adf7e7028b4fe0cef8a3f463b8c6ba4
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/sata-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb
Size/MD5: 90990 a46723f940c9b17edd69478fba14a9ce
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/scsi-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb
Size/MD5: 875908 833753a21da42ec786aaf013767c85e5
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/serial-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb
Size/MD5: 9762 fa7c339472c4bdfda8b82021c0c45dbf
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/storage-core-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb
Size/MD5: 369314 55df073f08fb5e80aa5f7211d3585417
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.22/usb-modules-2.6.22-15-sparc64-di_2.6.22-15.54_sparc.udeb
Size/MD5: 56888 eb89eaebdec3149988ab5fd1652a116c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-sparc64-smp_2.6.22-15.39_sparc.deb
Size/MD5: 2578980 89f82b147630b1a42234d7a7f428905f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/linux-ubuntu-modules-2.6.22-15-sparc64_2.6.22-15.39_sparc.deb
Size/MD5: 2568738 a4a1af735ea7160b6f47ef0c749689a1
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/nic-firmware-2.6.22-15-sparc64-di_2.6.22-15.39_sparc.udeb
Size/MD5: 1048456 ee8f6d236b1ab8877f7fe255c748c082
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/scsi-firmware-2.6.22-15-sparc64-di_2.6.22-15.39_sparc.udeb
Size/MD5: 322536 7891ae3bb1a75ad4a68f895e3d8632d0
http://security.ubuntu.com/ubuntu/pool/main/l/linux-ubuntu-modules-2.6.22/ubuntu-modules-2.6.22-15-sparc64-di_2.6.22-15.39_sparc.udeb
Size/MD5: 227024 7a30e435d568400043ce19e83390e38b
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22-15-sparc64-smp_2.6.22.4-15.11_sparc.deb
Size/MD5: 1002242 96e1f749c39577efa970f85dffb277a7
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.22/linux-restricted-modules-2.6.22-15-sparc64_2.6.22.4-15.11_sparc.deb
Size/MD5: 1002138 657b9f2f3b28d2585178c447c7e7745c
|
|
var-200701-0320
|
The InternalUnpackBits function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PICT file that triggers memory corruption in the _GetSrcBits32ARGB function. NOTE: this issue might overlap CVE-2007-0462. Apple QuickDraw contains a heap buffer overflow vulnerability. This vulnerability may allow an attacker to execute arbitrary code or create a denial-of-service condition. Quicktime Used in etc. Mac OS X QuickDraw is prone to a remote memory-corruption vulnerability because the software fails to properly handle malformed PICT image files.
Successfully exploiting this issue allows remote attackers to corrupt memory and to crash the affected software.
Mac OS X 10.4.8 is vulnerable to this issue; other versions are also likely affected, since the vulnerable component has been included in Apple operating systems since System 6.0.4. QuickDraw is a graphics processing tool bundled in the Apple operating system. A memory corruption vulnerability exists in QuickDraw when parsing PICT graphics with malformed ARGB records. Remote attackers may exploit this vulnerability to perform denial of service attacks on user machines. If the user is tricked into opening a malicious graphics file, this vulnerability will be triggered, destroying the pointer sent to the _GetSrcBits32ARGB function, resulting in a denial of service.
----------------------------------------------------------------------
To improve our services to our customers, we have made a number of
additions to the Secunia Advisories and have started translating the
advisories to German.
The improvements will help our customers to get a better
understanding of how we reached our conclusions, how it was rated,
our thoughts on exploitation, attack vectors, and scenarios.
This includes:
* Reason for rating
* Extended description
* Extended solution
* Exploit code or links to exploit code
* Deep links
Read the full description:
http://corporate.secunia.com/products/48/?r=l
Contact Secunia Sales for more information:
http://corporate.secunia.com/how_to_buy/15/?r=l
----------------------------------------------------------------------
TITLE:
Mac OS X Mach-O Universal Binary Memory Corruption
SECUNIA ADVISORY ID:
SA23088
VERIFY ADVISORY:
http://secunia.com/advisories/23088/
CRITICAL:
Less critical
IMPACT:
DoS, System access
WHERE:
Local system
OPERATING SYSTEM:
Apple Macintosh OS X
http://secunia.com/product/96/
DESCRIPTION:
LMH has reported a vulnerability in Mac OS X, which can be exploited
by malicious, local users to cause a DoS (Denial of Service) or
potentially gain escalated privileges.
The vulnerability is caused due to an error in the fatfile_getarch2()
function. This can be exploited to cause an integer overflow and may
potentially allow execution of arbitrary code with kernel privileges
via a specially crafted Mach-O Universal binary.
The vulnerability is reported in a fully patched Mac OS X
(2006-11-26). Other versions may also be affected.
SOLUTION:
Grant only trusted users access to affected systems.
PROVIDED AND/OR DISCOVERED BY:
LMH
ORIGINAL ADVISORY:
http://projects.info-pull.com/mokb/MOKB-26-11-2006.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
|
|
var-201107-0023
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. When freeing the container holding the Frame element, the reference will still be available. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within how the application manages a reference to an anonymous block located near a particular element within the document. When cloning this element, the application will duplicate a reference to the block and then later re-attach this element to the rendering tree. During this process the library will free the original rendering element. Subsequent access to the same element will then cause the library to use the freed object. This can be utilized to achieve code execution under the context of the application. WebKit is prone to a memory corruption vulnerability.
Attackers can exploit this issue by enticing an unsuspecting user into visiting a malicious webpage.
Successful attacks may result in information disclosure, remote code execution, denial of service, or other consequences. Failed exploit attempts will result in a denial-of-service condition.
NOTE: This issue was previously discussed in 48808 (Apple Safari Prior to 5.1 and 5.0.6 Multiple Security Vulnerabilities) but has been given its own record to better document it. This may
lead to a cross-site scripting attack on sites that allow untrusted
users to post text files.
To mitigate this issue, Safari has been updated to utilize protection
mechanisms recently added to Windows. This issue does not affect Mac
OS X systems. This issue does not affect
Mac OS X systems. For Mac OS X v10.5 systems, this issue
is addressed in Security Update 2011-004. For Mac OS X v10.6 systems, this issue
is addressed in Mac OS X v10.6.8. For Mac OS X v10.6 systems, this issue is addressed in Mac
OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in
Security Update 2011-004. For
Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For
Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8.
For Mac OS X v10.5 systems, this issue is addressed in Security
Update 2011-004. This
issue does not affect Mac OS X systems. For
Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8.
For Mac OS X v10.5 systems, this issue is addressed in Security
Update 2011-004. This issue is addressed by generating an ID based on the
difference between the addresses of two heap buffers. For Mac OS X
v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac
OS X v10.5 systems, this issue is addressed in Security Update
2011-004. This issue is addressed
by displaying all fields that will be filled, and requiring the
user's consent before AutoFill information is available to the form.
CVE-ID
CVE-2011-0217 : Florian Rienhardt of BSI, Alex Lambert, [Jeremiah
Grossman]
Safari
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,
Windows 7, Vista, XP SP2 or later
Impact: With a certain Java configuration, visiting a malicious
website may lead to unexpected text being displayed on other sites
Description: A cross origin issue existed in the handling of Java
Applets. This applies when Java is enabled in Safari, and Java is
configured to run within the browser process. Fonts loaded by a Java
applet could affect the display of text content from other sites. A maliciously crafted website may have been able to
cause a different URL to be shown in the address bar.
CVE-ID
CVE-2011-0244 : Jason Hullinger
WebKit
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,
Windows 7, Vista, XP SP2 or later
Impact: Applications that use WebKit, such as mail clients, may
connect to an arbitrary DNS server upon processing HTML content
Description: DNS prefetching was enabled by default in WebKit.
Applications that use WebKit, such a s mail clients, may connect to
an arbitrary DNS server upon processing HTML content. This update
addresses the issue by requiring applications to opt in to DNS
prefetching.
CVE-ID
CVE-2010-3829 : Mike Cardwell of Cardwell IT Ltd.
Note: Safari 5.1 is included with OS X Lion.
Safari 5.1 and Safari 5.0.6 address the same set of security
issues. Safari 5.1 is provided for Mac OS X v10.6,
and Windows systems. Safari 5.0.6 is provided for
Mac OS X v10.5 systems. ----------------------------------------------------------------------
The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way.
Read more and request a free trial:
http://secunia.com/products/corporate/vim/
----------------------------------------------------------------------
TITLE:
Apple Safari Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA45325
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/45325/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=45325
RELEASE DATE:
2011-07-22
DISCUSS ADVISORY:
http://secunia.com/advisories/45325/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/45325/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=45325
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
A weakness and multiple vulnerabilities have been reported in Apple
Safari, which can be exploited by malicious people to disclose
sensitive information, manipulate certain data, conduct cross-site
scripting and spoofing attacks, bypass certain security restrictions,
and compromise a user's system.
1) An error within CFNetwork when handling the "text/plain" content
type can be exploited to execute arbitrary HTML and script code in a
user's browser session in context of an affected site.
3) An error exists within CFNetwork when handling SSL certificates,
which does not properly verify disabled root certificates.
4) An integer overflow error exists within the ColorSync component.
For more information see vulnerability #5 in:
SA45054
5) An off-by-one error exists within the CoreFoundation framework.
For more information see vulnerability #6 in:
SA45054
6) An integer overflow error exists in CoreGraphics.
For more information see vulnerability #7 in:
SA45054
7) An error exists within ICU (International Components for
Unicode).
For more information see vulnerability #11 in:
SA45054
8) An error exists in ImageIO within the handling of TIFF files when
handling certain uppercase strings.
For more information see vulnerability #9 in:
SA45054
9) An error in ImageIO within the handling of CCITT Group 4 encoded
TIFF image files can be exploited to cause a heap-based buffer
overflow.
10) A use-after-free error within WebKit when handling TIFF images
can result in an invalid pointer being dereferenced when a user views
a specially crafted web page.
11) An error within libxslt can be exploited to disclose certain
addresses from the heap.
For more information see vulnerability #2 in:
SA43832
12) An off-by-one error within libxml when handling certain XML data
can be exploited to cause a heap-based buffer overflow.
13) An error in the "AutoFill web forms" feature can be exploited to
disclose certain information from the user's Address Book by tricking
a user into visiting a specially crafted web page.
15) Multiple unspecified errors in the WebKit component can be
exploited to corrupt memory.
16) An error within WebKit when handling libxslt configurations can
be exploited to create arbitrary files.
18) A cross-origin error when handling certain URLs containing a
username can be exploited to execute arbitrary HTML and script code
in a user's browser session in the context of an affected site.
19) A cross-origin error when handling DOM nodes can be exploited to
execute arbitrary HTML and script code in a user's browser session in
the context of an affected site.
20) An error within the handling of DOM history objects can be
exploited to display arbitrary content while showing the URL of a
trusted web site in the address bar.
22) A weakness in WebKit can lead to remote DNS prefetching
For more information see vulnerability #6 in:
SA42312
23) A use-after-free error within WebKit when processing MathML
markup tags can result in an invalid pointer being dereferenced when
a user views a specially crafted web page.
24) An error within WebKit when parsing a frameset element can be
exploited to cause a heap-based buffer overflow.
25) A use-after-free error within WebKit when handling XHTML tags can
result in an invalid tag pointer being dereferenced when a user views
a specially crafted web page.
26) A use-after-free error within WebKit when handling SVG tags can
result in an invalid pointer being dereferenced when a user views a
specially crafted web page.
PROVIDED AND/OR DISCOVERED BY:
10) Juan Pablo Lopez Yacubian via iDefense
4) binaryproof via ZDI
8) Dominic Chell, NGS Secure
23, 25, 26) wushi, team509 via iDefense
24) Jose A.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor. iDefense Security Advisory 07.20.11
http://labs.idefense.com/intelligence/vulnerabilities/
Jul 20, 2011
I. BACKGROUND
Safari is Apple's web browser, and is based on the open source WebKit
browser engine. MobileSafari is Safari for Apple's mobile devices
including the iPad and iPhone. For more information, see the vendor's
site found at the following link.
http://www.apple.com/safari/
II.
Safari is Apple's Web browser and is based on the open source WebKit
browser engine.
This vulnerability occurs when Safari incorrectly handles an error state
when encountering a broken XHTML tag. Specifically, the tag enclosing
the tag being processed is freed and is then referenced after it has
already been freed.
III. An attacker typically accomplishes this via
social engineering or injecting content into compromised, trusted sites.
IV. DETECTION
Safari versions prior to 5.1 and 5.0.6 are vulnerable.
V. WORKAROUND
Disabling JavaScript is an effective workaround for this vulnerability.
VI. VENDOR RESPONSE
Apple Inc. For more
information, consult their advisory at the following URL:
http://support.apple.com/kb/HT4808
VII. CVE INFORMATION
The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2011-0234 to this issue. This is a candidate for inclusion in
the CVE list (http://cve.mitre.org/), which standardizes names for
security problems.
VIII. DISCLOSURE TIMELINE
06/01/2011 Initial Vendor Notification
06/01/2011 Initial Vendor Reply
07/20/2011 Coordinated Public Disclosure
IX. CREDIT
This vulnerability was reported to iDefense by wushi of team509.
Get paid for vulnerability research
http://labs.idefense.com/methodology/vulnerability/vcp.php
Free tools, research and upcoming events
http://labs.idefense.com/
X. LEGAL NOTICES
Copyright © 2011 Verisign
Permission is granted for the redistribution of this alert
electronically. It may not be edited in any way without the express
written consent of iDefense. If you wish to reprint the whole or any
part of this alert in any other medium other than electronically, please
e-mail customerservice@idefense.com for permission.
Disclaimer: The information in the advisory is believed to be accurate
at the time of publishing based on currently available information. Use
of the information constitutes acceptance for use in an AS IS condition.
There are no warranties with regard to this information. Neither the
author nor the publisher accepts any liability for any direct, indirect,
or consequential loss or damage arising from use of, or reliance on,
this information. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2011-10-12-1 iOS 5 Software Update
iOS 5 Software Update is now available and addresses the following:
CalDAV
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: An attacker with a privileged network position may intercept
user credentials or other sensitive information from a CalDAV
calendar server
Description: CalDAV did not check that the SSL certificate presented
by the server was trusted.
CVE-ID
CVE-2011-3253 : Leszek Tasiemski of nSense
Calendar
Available for: iOS 4.2.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 4.2.0 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 4.2.0 through 4.3.5 for iPad
Impact: Viewing a maliciously crafted calendar invitation may inject
script in the local domain
Description: A script injection issue existed in Calendar's handling
of invitation notes. This issue is addressed through improved
escaping of special characters in invitation notes. This issues does
not affect devices prior to iOS 4.2.0.
CVE-ID
CVE-2011-3254 : Rick Deacon
CFNetwork
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: User's AppleID password may be logged to a local file
Description: A user's AppleID password and username were logged to a
file that was readable by applications on the system. This is
resolved by no longer logging these credentials.
CVE-ID
CVE-2011-3255 : Peter Quade of qdevelop
CFNetwork
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Visiting a maliciously crafted website may lead to the
disclosure of sensitive information
Description: An issue existed in CFNetwork's handling of HTTP
cookies. When accessing a maliciously crafted HTTP or HTTPS URL,
CFNetwork could incorrectly send the cookies for a domain to a server
outside that domain.
CVE-ID
CVE-2011-3246 : Erling Ellingsen of Facebook
CoreFoundation
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Viewing a maliciously crafted website or e-mail message may
lead to an unexpected application termination or arbitrary code
execution
Description: A memory corruption issue existed in CoreFoundation's
handling of string tokenization.
CVE-ID
CVE-2011-0259 : Apple
CoreGraphics
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Viewing a document containing a maliciously crafted font may
lead to arbitrary code execution
Description: Multiple memory corruption existed in freetype, the
most serious of which may lead to arbitrary code execution when
processing a maliciously crafted font.
CVE-ID
CVE-2011-3256 : Apple
CoreMedia
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Visiting a maliciously crafted website may lead to the
disclosure of video data from another site
Description: A cross-origin issue existed in CoreMedia's handling of
cross-site redirects. This issue is addressed through improved origin
tracking.
CVE-ID
CVE-2011-0187 : Nirankush Panchbhai and Microsoft Vulnerability
Research (MSVR)
Data Access
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: An exchange mail cookie management issue could incorrectly
cause data synchronization across different accounts
Description: When multiple mail exchange accounts are configured
which connect to the same server, a session could potentially receive
a valid cookie corresponding to a different account. This issue is
addressed by ensuring that cookies are separated across different
accounts.
CVE-ID
CVE-2011-3257 : Bob Sielken of IBM
Data Security
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: An attacker with a privileged network position may intercept
user credentials or other sensitive information
Description: Fraudulent certificates were issued by multiple
certificate authorities operated by DigiNotar. This issue is
addressed by removing DigiNotar from the list of trusted root
certificates, from the list of Extended Validation (EV) certificate
authorities, and by configuring default system trust settings so that
DigiNotar's certificates, including those issued by other
authorities, are not trusted.
Data Security
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Support for X.509 certificates with MD5 hashes may expose
users to spoofing and information disclosure as attacks improve
Description: Certificates signed using the MD5 hash algorithm were
accepted by iOS. This algorithm has known cryptographic weaknesses.
Further research or a misconfigured certificate authority could have
allowed the creation of X.509 certificates with attacker controlled
values that would have been trusted by the system. This would have
exposed X.509 based protocols to spoofing, man in the middle attacks,
and information disclosure. This update disables support for an X.509
certificate with an MD5 hash for any use other than as a trusted root
certificate.
CVE-ID
CVE-2011-3427
Data Security
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: An attacker could decrypt part of a SSL connection
Description: Only the SSLv3 and TLS 1.0 versions of SSL were
supported. These versions are subject to a protocol weakness when
using block ciphers. A man-in-the-middle attacker could have injected
invalid data, causing the connection to close but revealing some
information about the previous data. If the same connection was
attempted repeatedly the attacker may eventually have been able to
decrypt the data being sent, such as a password. This issue is
addressed by adding support for TLS 1.2.
CVE-ID
CVE-2011-3389
Home screen
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Switching between applications may lead to the disclosure of
sensitive application information
Description: When switching between applications with the four-
finger app switching gesture, the display could have revealed the
previous application state. This issue is addressed by ensuring that
the system properly calls the applicationWillResignActive: method
when transitioning between applications.
CVE-ID
CVE-2011-3431 : Abe White of Hedonic Software Inc.
ImageIO
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Viewing a maliciously crafted TIFF image may result in an
unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in libTIFF's handling of
CCITT Group 4 encoded TIFF images.
CVE-ID
CVE-2011-0192 : Apple
ImageIO
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Viewing a maliciously crafted TIFF image may lead to an
unexpected application termination or arbitrary code execution
Description: A heap buffer overflow existed in ImageIO's handling of
CCITT Group 4 encoded TIFF images.
CVE-ID
CVE-2011-0241 : Cyril CATTIAUX of Tessi Technologies
International Components for Unicode
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Applications that use ICU may be vulnerable to an unexpected
application termination or arbitrary code execution
Description: A buffer overflow issue existed in ICU's generation of
collation keys for long strings of mostly uppercase letters.
CVE-ID
CVE-2011-0206 : David Bienvenu of Mozilla
Kernel
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: A remote attacker may cause a device reset
Description: The kernel failed to promptly reclaim memory from
incomplete TCP connections. An attacker with the ability to connect
to a listening service on an iOS device could exhaust system
resources.
CVE-ID
CVE-2011-3259 : Wouter van der Veer of Topicus I&I, and Josh Enders
Kernel
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: A local user may be able to cause a system reset
Description: A null dereference issue existed in the handling of
IPV6 socket options.
CVE-ID
CVE-2011-1132 : Thomas Clement of Intego
Keyboards
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: A user may be able to determine information about the last
character of a password
Description: The keyboard used to type the last character of a
password was briefly displayed the next time the keyboard was used.
CVE-ID
CVE-2011-3245 : Paul Mousdicas
libxml
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description: A one-byte heap buffer overflow existed in libxml's
handling of XML data.
CVE-ID
CVE-2011-0216 : Billy Rios of the Google Security Team
OfficeImport
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Viewing a maliciously crafted Word file may lead to an
unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in OfficeImport's handling of
Microsoft Word documents.
CVE-ID
CVE-2011-3260 : Tobias Klein working with Verisign iDefense Labs
OfficeImport
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Viewing a maliciously crafted Excel file may lead to an
unexpected application termination or arbitrary code execution
Description: A double free issue existed in OfficeImport's handling
of Excel files.
CVE-ID
CVE-2011-3261 : Tobias Klein of www.trapkit.de
OfficeImport
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Downloading a maliciously crafted Microsoft Office file may
lead to an unexpected application termination or arbitrary code
execution
Description: A memory corruption issue existed in OfficeImport's
handling of Microsoft Office files.
CVE-ID
CVE-2011-0208 : Tobias Klein working with iDefense VCP
OfficeImport
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Downloading a maliciously crafted Excel file may lead to an
unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in OfficeImport's
handling of Excel files.
CVE-ID
CVE-2011-0184 : Tobias Klein working with iDefense VCP
Safari
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Opening maliciously crafted files on certain websites may
lead to a cross-site scripting attack
Description: iOS did not support the 'attachment' value for the HTTP
Content-Disposition header. This header is used by many websites to
serve files that were uploaded to the site by a third-party, such as
attachments in web-based e-mail applications. Any script in files
served with this header value would run as if the file had been
served inline, with full access to other resources on the origin
server. This issue is addressed by loading attachments in an isolated
security origin with no access to resources on other sites.
CVE-ID
CVE-2011-3426 : Christian Matthies working with iDefense VCP,
Yoshinori Oota from Business Architects Inc working with JP/CERT
Settings
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: An attacker with physical access to a device may be able to
recover the restrictions passcode
Description: The parental restrictions functionality enforces UI
restrictions. Configuring parental restrictions is protected by a
passcode, which was previously stored in plaintext on disk. This
issue is addressed by securely storing the parental restrictions
passcode in the system keychain.
CVE-ID
CVE-2011-3429 : an anonymous reporter
Settings
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Misleading UI
Description: Configurations and settings applied via configuration
profiles did not appear to function properly under any non-English
language. Settings could be improperly displayed as a result. This
issue is addressed by fixing a localization error.
CVE-ID
CVE-2011-3430 : Florian Kreitmaier of Siemens CERT
UIKit Alerts
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Visiting a malicious website may cause an unexpected device
hang
Description: An excessive maximum text layout length permitted
malicious websites to cause iOS to hang when drawing acceptance
dialogs for very long tel: URIs. This issue is addressed by using a
more reasonable maximum URI size.
CVE-ID
CVE-2011-3432 : Simon Young of Anglia Ruskin University
WebKit
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues existed in WebKit.
CVE-ID
CVE-2011-0218 : SkyLined of Google Chrome Security Team
CVE-2011-0221 : Abhishek Arya (Inferno) of Google Chrome Security
Team
CVE-2011-0222 : Nikita Tarakanov and Alex Bazhanyuk of the CISS
Research Team, and Abhishek Arya (Inferno) of Google Chrome Security
Team
CVE-2011-0225 : Abhishek Arya (Inferno) of Google Chrome Security
Team
CVE-2011-0232 : J23 working with TippingPoint's Zero Day Initiative
CVE-2011-0233 : wushi of team509 working with TippingPoint's Zero Day
Initiative
CVE-2011-0234 : Rob King working with TippingPoint's Zero Day
Initiative, wushi of team509 working with TippingPoint's Zero Day
Initiative
CVE-2011-0235 : Abhishek Arya (Inferno) of Google Chrome Security
Team
CVE-2011-0238 : Adam Barth of Google Chrome Security Team
CVE-2011-0254 : An anonymous researcher working with TippingPoint's
Zero Day Initiative
CVE-2011-0255 : An anonymous reporter working with TippingPoint's
Zero Day Initiative
CVE-2011-0981 : Rik Cabanier of Adobe Systems, Inc
CVE-2011-0983 : Martin Barbella
CVE-2011-1109 : Sergey Glazunov
CVE-2011-1114 : Martin Barbella
CVE-2011-1115 : Martin Barbella
CVE-2011-1117 : wushi of team509
CVE-2011-1121 : miaubiz
CVE-2011-1188 : Martin Barbella
CVE-2011-1203 : Sergey Glazunov
CVE-2011-1204 : Sergey Glazunov
CVE-2011-1288 : Andreas Kling of Nokia
CVE-2011-1293 : Sergey Glazunov
CVE-2011-1296 : Sergey Glazunov
CVE-2011-1449 : Marek Majkowski
CVE-2011-1451 : Sergey Glazunov
CVE-2011-1453 : wushi of team509 working with TippingPoint's Zero Day
Initiative
CVE-2011-1457 : John Knottenbelt of Google
CVE-2011-1462 : wushi of team509
CVE-2011-1797 : wushi of team509
CVE-2011-2338 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-2339 : Cris Neckar of the Google Chrome Security Team
CVE-2011-2341 : Apple
CVE-2011-2351 : miaubiz
CVE-2011-2352 : Apple
CVE-2011-2354 : Apple
CVE-2011-2356 : Adam Barth and Abhishek Arya of Google Chrome
Security Team using AddressSanitizer
CVE-2011-2359 : miaubiz
CVE-2011-2788 : Mikolaj Malecki of Samsung
CVE-2011-2790 : miaubiz
CVE-2011-2792 : miaubiz
CVE-2011-2797 : miaubiz
CVE-2011-2799 : miaubiz
CVE-2011-2809 : Abhishek Arya (Inferno) of Google Chrome Security
Team
CVE-2011-2813 : Cris Neckar of Google Chrome Security Team using
AddressSanitizer
CVE-2011-2814 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-2816 : Apple
CVE-2011-2817 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-2818 : Martin Barbella
CVE-2011-2820 : Raman Tenneti and Philip Rogers of Google
CVE-2011-2823 : SkyLined of Google Chrome Security Team
CVE-2011-2827 : miaubiz
CVE-2011-2831 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-3232 : Aki Helin of OUSPG
CVE-2011-3234 : miaubiz
CVE-2011-3235 : Dimitri Glazkov, Kent Tamura, Dominic Cooney of the
Chromium development community, and Abhishek Arya (Inferno) of Google
Chrome Security Team
CVE-2011-3236 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-3237 : Dimitri Glazkov, Kent Tamura, Dominic Cooney of the
Chromium development community, and Abhishek Arya (Inferno) of Google
Chrome Security Team
CVE-2011-3244 : vkouchna
WebKit
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Visiting a maliciously crafted website may lead to a cross-
site scripting attack
Description: A cross-origin issue existed in the handling of URLs
with an embedded username. This issue is addressed through improved
handling of URLs with an embedded username.
CVE-ID
CVE-2011-0242 : Jobert Abma of Online24
WebKit
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Visiting a maliciously crafted website may lead to a cross-
site scripting attack
Description: A cross-origin issue existed in the handling of DOM
nodes.
CVE-ID
CVE-2011-1295 : Sergey Glazunov
WebKit
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: A maliciously crafted website may be able to cause a
different URL to be shown in the address bar
Description: A URL spoofing issue existed in the handling of the DOM
history object.
CVE-ID
CVE-2011-1107 : Jordi Chancel
WebKit
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Visiting a maliciously crafted website may lead to arbitrary
code execution
Description: A configuration issue existed in WebKit's use of
libxslt. Visiting a maliciously crafted website may lead to arbitrary
files being created with the privileges of the user, which may lead
to arbitrary code execution. This issue is addressed through improved
libxslt security settings.
CVE-ID
CVE-2011-1774 : Nicolas Gregoire of Agarri
WebKit
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Visiting a malicious website and dragging content in the
page may lead to an information disclosure
Description: A cross-origin issue existed in WebKit's handling of
HTML5 drag and drop. This issue is addressed by disallowing drag and
drop across different origins.
CVE-ID
CVE-2011-0166 : Michal Zalewski of Google Inc.
WebKit
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Visiting a maliciously crafted website may lead to an
information disclosure
Description: A cross-origin issue existed in the handling of Web
Workers.
CVE-ID
CVE-2011-1190 : Daniel Divricean of divricean.ro
WebKit
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Visiting a maliciously crafted website may lead to a cross-
site scripting attack
Description: A cross-origin issue existed in the handling of the
window.open method.
CVE-ID
CVE-2011-2805 : Sergey Glazunov
WebKit
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Visiting a maliciously crafted website may lead to a cross-
site scripting attack
Description: A cross-origin issue existed in the handling of
inactive DOM windows.
CVE-ID
CVE-2011-3243 : Sergey Glazunov
WebKit
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: Visiting a maliciously crafted website may lead to a cross-
site scripting attack
Description: A cross-origin issue existed in the handling of the
document.documentURI property.
CVE-ID
CVE-2011-2819 : Sergey Glazunov
WebKit
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: A maliciously crafted website may be able to track the URLs
that a user visits within a frame
Description: A cross-origin issue existed in the handling of the
beforeload event.
CVE-ID
CVE-2011-2800 : Juho Nurminen
WiFi
Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,
iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,
iOS 3.2 through 4.3.5 for iPad
Impact: WiFi credentials may be logged to a local file
Description: WiFi credentials including the passphrase and
encryption keys were logged to a file that was readable by
applications on the system. This is resolved by no longer logging
these credentials.
CVE-ID
CVE-2011-3434 : Laurent OUDOT of TEHTRI Security
Installation note:
This update is only available through iTunes, and will not appear
in your computer's Software Update application, or in the Apple
Downloads site. Make sure you have an Internet connection and have
installed the latest version of iTunes from www.apple.com/itunes/
iTunes will automatically check Apple's update server on its weekly
schedule. When an update is detected, it will download it. When
the iPhone, iPod touch or iPad is docked, iTunes will present the
user with the option to install the update. We recommend applying
the update immediately if possible. Selecting Don't Install will
present the option the next time you connect your iPhone, iPod touch,
or iPad.
The automatic update process may take up to a week depending on the
day that iTunes checks for updates. You may manually obtain the
update via the Check for Updates button within iTunes. After doing
this, the update can be applied when your iPhone, iPod touch, or iPad
is docked to your computer.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update will be
"5 (9A334)".
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
iQEcBAEBAgAGBQJOldmtAAoJEGnF2JsdZQee/qMIAIPxmIiOqj+FMLFHZtPeC/Dp
3s4JliKOOgNnjXkxErfaNvYGmeVbDaUER5jdVrWccTauzlYmy8G4uK0An2GD2YiP
gB5AiCQXpONdBCi38QNdRqrYoYjc8Sa0nUp4r5uWPoiHoj5KfxvBpgygEL+zjHXS
fmnrONOCWhOYp0w4q6mdTg5BH2uJCbXscD/JjbmgHQI0Vs/iUZKSRyqFo2b0Mvze
NiSyzcj/4l62Cxx7xM9VbdrYL7Al2yyHfNYJQsZmoeDUlJQcdgEgEMXvOuhY3sFK
maxYr2oCp6Mtf53fplAeJIV4ijLynEWAKxTuTznAyW1k7oiGrDTfORSFKPEB9MQ=
=LCQZ
-----END PGP SIGNATURE-----
|
|
var-201006-1183
|
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly perform ordered list insertions, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document, related to the insertion of an unspecified element into an editable container and the access of an uninitialized element. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's Webkit. User interaction is required in that a user must be coerced into visiting a malicious website.The specific flaw exists within the way Webkit inserts an element into an editable container. Immediately before the actual insertion the library will manipulate the contents of the field in order to insert the new node. Upon traversal of the tree by the library, the application will attempt to access an uninitialized element that was created prior to the insertion. Successful exploitation can lead to code execution under the context of the application. An attacker can exploit this issue by enticing an unsuspecting victim into viewing a malicious webpage. Failed exploit attempts will result in a denial-of-service condition.
NOTE: This issue was previously covered in BID 40620 (Apple Safari Prior to 5.0 and 4.1 Multiple Security Vulnerabilities) but has been given its own record to better document it. Apple Apple Safari is a web browser developed by Apple (Apple), and is the default browser included with Mac OS X and iOS operating systems. ZDI-10-097: Apple Webkit ContentEditable moveParagraphs Uninitialized Element Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-097
June 8, 2010
-- CVE ID:
CVE-2010-1398
-- Affected Vendors:
Apple
-- Affected Products:
Apple WebKit
-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 9850.
-- Vendor Response:
Apple has issued an update to correct this vulnerability. More
details can be found at:
http://support.apple.com/kb/HT4196
-- Disclosure Timeline:
2010-02-18 - Vulnerability reported to vendor
2010-06-08 - Coordinated public release of advisory
-- Credit:
This vulnerability was discovered by:
* wushi of team509
-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research
through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is
used. TippingPoint does not re-sell the vulnerability details or any
exploit code. Instead, upon notifying the affected product vendor,
TippingPoint provides its customers with zero day protection through
its intrusion prevention technology. Explicit details regarding the
specifics of the vulnerability are not exposed to any parties until
an official vendor patch is publicly available. Furthermore, with the
altruistic aim of helping to secure a broader user base, TippingPoint
provides this vulnerability information confidentially to security
vendors (including competitors) who have a vulnerability protection or
mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2011:039
http://www.mandriva.com/security/
_______________________________________________________________________
Package : webkit
Date : March 2, 2011
Affected: 2010.1
_______________________________________________________________________
Problem Description:
Multiple cross-site scripting, denial of service and arbitrary code
execution security flaws were discovered in webkit.
Please consult the CVE web links for further information.
The updated packages have been upgraded to the latest version (1.2.7)
to correct these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2797
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2841
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0046
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0047
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0048
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0049
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0050
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0051
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0052
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0053
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0054
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0314
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0647
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0650
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0651
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0656
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1386
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1387
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1389
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1390
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1391
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1392
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1393
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1394
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1395
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1396
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1397
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1398
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1400
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1401
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1402
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1403
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1404
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1405
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1406
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1407
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1408
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1409
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1410
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1412
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1414
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1415
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1416
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1417
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1418
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1419
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1421
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1422
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1501
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1664
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1665
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1758
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1759
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1760
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1761
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1762
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1764
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1766
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1767
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1770
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1771
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1772
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1773
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1774
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1780
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1781
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1782
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1783
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1784
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1785
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1786
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1787
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1788
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1790
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1791
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1792
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1793
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1807
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1812
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1814
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1815
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2264
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2647
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2648
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3113
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3114
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3115
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3116
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3119
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3248
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3255
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3257
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3259
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3812
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3813
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4040
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4197
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4198
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4204
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4206
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2010.1:
141f3cd181b875d1bb40b67a507b6db1 2010.1/i586/libwebkitgtk1.0_2-1.2.7-0.1mdv2010.2.i586.rpm
054886a3c645b3ce710b9b9daec1d5f9 2010.1/i586/libwebkitgtk1.0-devel-1.2.7-0.1mdv2010.2.i586.rpm
bef556ca3f281f6ef4086292c3b658d2 2010.1/i586/webkit1.0-1.2.7-0.1mdv2010.2.i586.rpm
a1ff7ac638646aeb64e3bbdca9bc945d 2010.1/i586/webkit1.0-webinspector-1.2.7-0.1mdv2010.2.i586.rpm
3f40e3ebc62bad67097a9e102e0e79c2 2010.1/i586/webkit-1.2.7-0.1mdv2010.2.i586.rpm
50875cf1bc8718cedce1a45dc509b44b 2010.1/i586/webkit-gtklauncher-1.2.7-0.1mdv2010.2.i586.rpm
625d27780d1cc9edb935d4ac3521ae16 2010.1/i586/webkit-jsc-1.2.7-0.1mdv2010.2.i586.rpm
8d02c28d8f21a022130be4c49f9d27be 2010.1/SRPMS/webkit-1.2.7-0.1mdv2010.2.src.rpm
Mandriva Linux 2010.1/X86_64:
5ce57cd6ab823f8084030033c7c230d7 2010.1/x86_64/lib64webkitgtk1.0_2-1.2.7-0.1mdv2010.2.x86_64.rpm
690d8718a97af93f58de3bb2357fbe9b 2010.1/x86_64/lib64webkitgtk1.0-devel-1.2.7-0.1mdv2010.2.x86_64.rpm
7cc1d4aa77e1901ccc92f27faf85c9ea 2010.1/x86_64/webkit1.0-1.2.7-0.1mdv2010.2.x86_64.rpm
2b77a77159529c55f64343aba98c15d9 2010.1/x86_64/webkit1.0-webinspector-1.2.7-0.1mdv2010.2.x86_64.rpm
475cf83c5ddd8f6809c2c73a1f5a71d1 2010.1/x86_64/webkit-1.2.7-0.1mdv2010.2.x86_64.rpm
b0f1c76107c3d54241daa7e61bfb29a9 2010.1/x86_64/webkit-gtklauncher-1.2.7-0.1mdv2010.2.x86_64.rpm
97deff5e94a625a79842b4c240b0b00d 2010.1/x86_64/webkit-jsc-1.2.7-0.1mdv2010.2.x86_64.rpm
8d02c28d8f21a022130be4c49f9d27be 2010.1/SRPMS/webkit-1.2.7-0.1mdv2010.2.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFNbgbemqjQ0CJFipgRAs9YAJ92z2WSC2ijj34b/wr42OIYLtv65gCg7XgL
Yv/ButpYAcXsmnJWUG4ayxQ=
=GRM6
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
|
|
var-201912-0551
|
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. apple's iCloud Products from multiple vendors, such as the following, contain out-of-bounds write vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Apple Safari is a web browser that is the default browser included with the Mac OS X and iOS operating systems. Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. A security vulnerability exists in the WebKit component of several Apple products. The following products and versions are affected: Apple iOS prior to 12.2; tvOS prior to 12.2; Safari prior to 12.1; Windows-based iTunes prior to 12.9.4; Windows-based iCloud prior to 7.11. WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization. This issue was corrected by changing the way livestreams are downloaded. (CVE-2019-6237)
WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge. (CVE-2019-8601)
An out-of-bounds read was addressed with improved input validation. (CVE-2019-8644)
A logic issue existed in the handling of synchronous page loads. (CVE-2019-8689)
A logic issue existed in the handling of document loads. (CVE-2019-8719)
This fixes a remote code execution in webkitgtk4. No further details are available in NIST. This issue is fixed in watchOS 6.1. This issue is fixed in watchOS 6.1. This issue is fixed in watchOS 6.1. (CVE-2019-8766)
"Clear History and Website Data" did not clear the history. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history items. (CVE-2019-8768)
An issue existed in the drawing of web page elements. Visiting a maliciously crafted website may reveal browsing history. (CVE-2019-8846)
WebKitGTK up to and including 2.26.4 and WPE WebKit up to and including 2.26.4 (which are the versions right prior to 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. (CVE-2020-10018)
A use-after-free flaw exists in WebKitGTK. This flaw allows remote malicious users to execute arbitrary code or cause a denial of service. A malicious website may be able to cause a denial of service. A DOM object context may not have had a unique security origin. A file URL may be incorrectly processed. (CVE-2020-3885)
A race condition was addressed with additional validation. An application may be able to read restricted memory. (CVE-2020-3902). - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201909-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebkitGTK+: Multiple vulnerabilities
Date: September 06, 2019
Bugs: #683234, #686216, #693122
ID: 201909-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in WebkitGTK+, the worst of
which could result in the arbitrary execution of code.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.24.4 >= 2.24.4
Description
===========
Multiple vulnerabilities have been discovered in WebkitGTK+. Please
review the CVE identifiers referenced below for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All WebkitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.24.4"
References
==========
[ 1 ] CVE-2019-11070
https://nvd.nist.gov/vuln/detail/CVE-2019-11070
[ 2 ] CVE-2019-6201
https://nvd.nist.gov/vuln/detail/CVE-2019-6201
[ 3 ] CVE-2019-6251
https://nvd.nist.gov/vuln/detail/CVE-2019-6251
[ 4 ] CVE-2019-7285
https://nvd.nist.gov/vuln/detail/CVE-2019-7285
[ 5 ] CVE-2019-7292
https://nvd.nist.gov/vuln/detail/CVE-2019-7292
[ 6 ] CVE-2019-8503
https://nvd.nist.gov/vuln/detail/CVE-2019-8503
[ 7 ] CVE-2019-8506
https://nvd.nist.gov/vuln/detail/CVE-2019-8506
[ 8 ] CVE-2019-8515
https://nvd.nist.gov/vuln/detail/CVE-2019-8515
[ 9 ] CVE-2019-8518
https://nvd.nist.gov/vuln/detail/CVE-2019-8518
[ 10 ] CVE-2019-8523
https://nvd.nist.gov/vuln/detail/CVE-2019-8523
[ 11 ] CVE-2019-8524
https://nvd.nist.gov/vuln/detail/CVE-2019-8524
[ 12 ] CVE-2019-8535
https://nvd.nist.gov/vuln/detail/CVE-2019-8535
[ 13 ] CVE-2019-8536
https://nvd.nist.gov/vuln/detail/CVE-2019-8536
[ 14 ] CVE-2019-8544
https://nvd.nist.gov/vuln/detail/CVE-2019-8544
[ 15 ] CVE-2019-8551
https://nvd.nist.gov/vuln/detail/CVE-2019-8551
[ 16 ] CVE-2019-8558
https://nvd.nist.gov/vuln/detail/CVE-2019-8558
[ 17 ] CVE-2019-8559
https://nvd.nist.gov/vuln/detail/CVE-2019-8559
[ 18 ] CVE-2019-8563
https://nvd.nist.gov/vuln/detail/CVE-2019-8563
[ 19 ] CVE-2019-8595
https://nvd.nist.gov/vuln/detail/CVE-2019-8595
[ 20 ] CVE-2019-8607
https://nvd.nist.gov/vuln/detail/CVE-2019-8607
[ 21 ] CVE-2019-8615
https://nvd.nist.gov/vuln/detail/CVE-2019-8615
[ 22 ] CVE-2019-8644
https://nvd.nist.gov/vuln/detail/CVE-2019-8644
[ 23 ] CVE-2019-8644
https://nvd.nist.gov/vuln/detail/CVE-2019-8644
[ 24 ] CVE-2019-8649
https://nvd.nist.gov/vuln/detail/CVE-2019-8649
[ 25 ] CVE-2019-8649
https://nvd.nist.gov/vuln/detail/CVE-2019-8649
[ 26 ] CVE-2019-8658
https://nvd.nist.gov/vuln/detail/CVE-2019-8658
[ 27 ] CVE-2019-8658
https://nvd.nist.gov/vuln/detail/CVE-2019-8658
[ 28 ] CVE-2019-8666
https://nvd.nist.gov/vuln/detail/CVE-2019-8666
[ 29 ] CVE-2019-8666
https://nvd.nist.gov/vuln/detail/CVE-2019-8666
[ 30 ] CVE-2019-8669
https://nvd.nist.gov/vuln/detail/CVE-2019-8669
[ 31 ] CVE-2019-8669
https://nvd.nist.gov/vuln/detail/CVE-2019-8669
[ 32 ] CVE-2019-8671
https://nvd.nist.gov/vuln/detail/CVE-2019-8671
[ 33 ] CVE-2019-8671
https://nvd.nist.gov/vuln/detail/CVE-2019-8671
[ 34 ] CVE-2019-8672
https://nvd.nist.gov/vuln/detail/CVE-2019-8672
[ 35 ] CVE-2019-8672
https://nvd.nist.gov/vuln/detail/CVE-2019-8672
[ 36 ] CVE-2019-8673
https://nvd.nist.gov/vuln/detail/CVE-2019-8673
[ 37 ] CVE-2019-8673
https://nvd.nist.gov/vuln/detail/CVE-2019-8673
[ 38 ] CVE-2019-8676
https://nvd.nist.gov/vuln/detail/CVE-2019-8676
[ 39 ] CVE-2019-8676
https://nvd.nist.gov/vuln/detail/CVE-2019-8676
[ 40 ] CVE-2019-8677
https://nvd.nist.gov/vuln/detail/CVE-2019-8677
[ 41 ] CVE-2019-8677
https://nvd.nist.gov/vuln/detail/CVE-2019-8677
[ 42 ] CVE-2019-8678
https://nvd.nist.gov/vuln/detail/CVE-2019-8678
[ 43 ] CVE-2019-8678
https://nvd.nist.gov/vuln/detail/CVE-2019-8678
[ 44 ] CVE-2019-8679
https://nvd.nist.gov/vuln/detail/CVE-2019-8679
[ 45 ] CVE-2019-8679
https://nvd.nist.gov/vuln/detail/CVE-2019-8679
[ 46 ] CVE-2019-8680
https://nvd.nist.gov/vuln/detail/CVE-2019-8680
[ 47 ] CVE-2019-8680
https://nvd.nist.gov/vuln/detail/CVE-2019-8680
[ 48 ] CVE-2019-8681
https://nvd.nist.gov/vuln/detail/CVE-2019-8681
[ 49 ] CVE-2019-8681
https://nvd.nist.gov/vuln/detail/CVE-2019-8681
[ 50 ] CVE-2019-8683
https://nvd.nist.gov/vuln/detail/CVE-2019-8683
[ 51 ] CVE-2019-8683
https://nvd.nist.gov/vuln/detail/CVE-2019-8683
[ 52 ] CVE-2019-8684
https://nvd.nist.gov/vuln/detail/CVE-2019-8684
[ 53 ] CVE-2019-8684
https://nvd.nist.gov/vuln/detail/CVE-2019-8684
[ 54 ] CVE-2019-8686
https://nvd.nist.gov/vuln/detail/CVE-2019-8686
[ 55 ] CVE-2019-8686
https://nvd.nist.gov/vuln/detail/CVE-2019-8686
[ 56 ] CVE-2019-8687
https://nvd.nist.gov/vuln/detail/CVE-2019-8687
[ 57 ] CVE-2019-8687
https://nvd.nist.gov/vuln/detail/CVE-2019-8687
[ 58 ] CVE-2019-8688
https://nvd.nist.gov/vuln/detail/CVE-2019-8688
[ 59 ] CVE-2019-8688
https://nvd.nist.gov/vuln/detail/CVE-2019-8688
[ 60 ] CVE-2019-8689
https://nvd.nist.gov/vuln/detail/CVE-2019-8689
[ 61 ] CVE-2019-8689
https://nvd.nist.gov/vuln/detail/CVE-2019-8689
[ 62 ] CVE-2019-8690
https://nvd.nist.gov/vuln/detail/CVE-2019-8690
[ 63 ] CVE-2019-8690
https://nvd.nist.gov/vuln/detail/CVE-2019-8690
[ 64 ] WSA-2019-0002
https://webkitgtk.org/security/WSA-2019-0002.html
[ 65 ] WSA-2019-0004
https://webkitgtk.org/security/WSA-2019-0004.html
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201909-05
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2019 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
.
CVE-2019-8542: an anonymous researcher
iTunes
Available for: Windows 7 and later
Impact: Running the iTunes installer in an untrusted directory may
result in arbitrary code execution
Description: A race condition existed during the installation of
iTunes for Windows.
CVE-2019-8551: Ryan Pickren (ryanpickren.com)
Windows Installer
Available for: Windows 7 and later
Impact: Running the iCloud installer in an untrusted directory may
result in arbitrary code execution
Description: A race condition existed during the installation of
iCloud for Windows. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: webkitgtk4 security, bug fix, and enhancement update
Advisory ID: RHSA-2020:4035-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:4035
Issue date: 2020-09-29
CVE Names: CVE-2019-6237 CVE-2019-6251 CVE-2019-8506
CVE-2019-8524 CVE-2019-8535 CVE-2019-8536
CVE-2019-8544 CVE-2019-8551 CVE-2019-8558
CVE-2019-8559 CVE-2019-8563 CVE-2019-8571
CVE-2019-8583 CVE-2019-8584 CVE-2019-8586
CVE-2019-8587 CVE-2019-8594 CVE-2019-8595
CVE-2019-8596 CVE-2019-8597 CVE-2019-8601
CVE-2019-8607 CVE-2019-8608 CVE-2019-8609
CVE-2019-8610 CVE-2019-8611 CVE-2019-8615
CVE-2019-8619 CVE-2019-8622 CVE-2019-8623
CVE-2019-8625 CVE-2019-8644 CVE-2019-8649
CVE-2019-8658 CVE-2019-8666 CVE-2019-8669
CVE-2019-8671 CVE-2019-8672 CVE-2019-8673
CVE-2019-8674 CVE-2019-8676 CVE-2019-8677
CVE-2019-8678 CVE-2019-8679 CVE-2019-8680
CVE-2019-8681 CVE-2019-8683 CVE-2019-8684
CVE-2019-8686 CVE-2019-8687 CVE-2019-8688
CVE-2019-8689 CVE-2019-8690 CVE-2019-8707
CVE-2019-8710 CVE-2019-8719 CVE-2019-8720
CVE-2019-8726 CVE-2019-8733 CVE-2019-8735
CVE-2019-8743 CVE-2019-8763 CVE-2019-8764
CVE-2019-8765 CVE-2019-8766 CVE-2019-8768
CVE-2019-8769 CVE-2019-8771 CVE-2019-8782
CVE-2019-8783 CVE-2019-8808 CVE-2019-8811
CVE-2019-8812 CVE-2019-8813 CVE-2019-8814
CVE-2019-8815 CVE-2019-8816 CVE-2019-8819
CVE-2019-8820 CVE-2019-8821 CVE-2019-8822
CVE-2019-8823 CVE-2019-8835 CVE-2019-8844
CVE-2019-8846 CVE-2019-11070 CVE-2020-3862
CVE-2020-3864 CVE-2020-3865 CVE-2020-3867
CVE-2020-3868 CVE-2020-3885 CVE-2020-3894
CVE-2020-3895 CVE-2020-3897 CVE-2020-3899
CVE-2020-3900 CVE-2020-3901 CVE-2020-3902
CVE-2020-10018 CVE-2020-11793
====================================================================
1. Summary:
An update for webkitgtk4 is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, s390x
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch
3. Description:
WebKitGTK+ is port of the WebKit portable web rendering engine to the GTK+
platform. These packages provide WebKitGTK+ for GTK+ 3.
The following packages have been upgraded to a later upstream version:
webkitgtk4 (2.28.2). (BZ#1817144)
Security Fix(es):
* webkitgtk: Multiple security issues (CVE-2019-6237, CVE-2019-6251,
CVE-2019-8506, CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544,
CVE-2019-8551, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563, CVE-2019-8571,
CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594,
CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8607,
CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615,
CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8625, CVE-2019-8644,
CVE-2019-8649, CVE-2019-8658, CVE-2019-8666, CVE-2019-8669, CVE-2019-8671,
CVE-2019-8672, CVE-2019-8673, CVE-2019-8674, CVE-2019-8676, CVE-2019-8677,
CVE-2019-8678, CVE-2019-8679, CVE-2019-8680, CVE-2019-8681, CVE-2019-8683,
CVE-2019-8684, CVE-2019-8686, CVE-2019-8687, CVE-2019-8688, CVE-2019-8689,
CVE-2019-8690, CVE-2019-8707, CVE-2019-8710, CVE-2019-8719, CVE-2019-8720,
CVE-2019-8726, CVE-2019-8733, CVE-2019-8735, CVE-2019-8743, CVE-2019-8763,
CVE-2019-8764, CVE-2019-8765, CVE-2019-8766, CVE-2019-8768, CVE-2019-8769,
CVE-2019-8771, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811,
CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816,
CVE-2019-8819, CVE-2019-8820, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823,
CVE-2019-8835, CVE-2019-8844, CVE-2019-8846, CVE-2019-11070, CVE-2020-3862,
CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868, CVE-2020-3885,
CVE-2020-3894, CVE-2020-3895, CVE-2020-3897, CVE-2020-3899, CVE-2020-3900,
CVE-2020-3901, CVE-2020-3902, CVE-2020-10018, CVE-2020-11793)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.9 Release Notes linked from the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Package List:
Red Hat Enterprise Linux Client (v. 7):
Source:
webkitgtk4-2.28.2-2.el7.src.rpm
x86_64:
webkitgtk4-2.28.2-2.el7.i686.rpm
webkitgtk4-2.28.2-2.el7.x86_64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
noarch:
webkitgtk4-doc-2.28.2-2.el7.noarch.rpm
x86_64:
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source:
webkitgtk4-2.28.2-2.el7.src.rpm
x86_64:
webkitgtk4-2.28.2-2.el7.i686.rpm
webkitgtk4-2.28.2-2.el7.x86_64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
noarch:
webkitgtk4-doc-2.28.2-2.el7.noarch.rpm
x86_64:
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source:
webkitgtk4-2.28.2-2.el7.src.rpm
ppc64:
webkitgtk4-2.28.2-2.el7.ppc.rpm
webkitgtk4-2.28.2-2.el7.ppc64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.ppc.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.ppc64.rpm
webkitgtk4-jsc-2.28.2-2.el7.ppc.rpm
webkitgtk4-jsc-2.28.2-2.el7.ppc64.rpm
ppc64le:
webkitgtk4-2.28.2-2.el7.ppc64le.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.ppc64le.rpm
webkitgtk4-devel-2.28.2-2.el7.ppc64le.rpm
webkitgtk4-jsc-2.28.2-2.el7.ppc64le.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.ppc64le.rpm
s390x:
webkitgtk4-2.28.2-2.el7.s390.rpm
webkitgtk4-2.28.2-2.el7.s390x.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.s390.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.s390x.rpm
webkitgtk4-jsc-2.28.2-2.el7.s390.rpm
webkitgtk4-jsc-2.28.2-2.el7.s390x.rpm
x86_64:
webkitgtk4-2.28.2-2.el7.i686.rpm
webkitgtk4-2.28.2-2.el7.x86_64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
noarch:
webkitgtk4-doc-2.28.2-2.el7.noarch.rpm
ppc64:
webkitgtk4-debuginfo-2.28.2-2.el7.ppc.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.ppc64.rpm
webkitgtk4-devel-2.28.2-2.el7.ppc.rpm
webkitgtk4-devel-2.28.2-2.el7.ppc64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.ppc.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.ppc64.rpm
s390x:
webkitgtk4-debuginfo-2.28.2-2.el7.s390.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.s390x.rpm
webkitgtk4-devel-2.28.2-2.el7.s390.rpm
webkitgtk4-devel-2.28.2-2.el7.s390x.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.s390.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.s390x.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
webkitgtk4-2.28.2-2.el7.src.rpm
x86_64:
webkitgtk4-2.28.2-2.el7.i686.rpm
webkitgtk4-2.28.2-2.el7.x86_64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
noarch:
webkitgtk4-doc-2.28.2-2.el7.noarch.rpm
These packages are GPG signed by Red Hat for security. References:
https://access.redhat.com/security/cve/CVE-2019-6237
https://access.redhat.com/security/cve/CVE-2019-6251
https://access.redhat.com/security/cve/CVE-2019-8506
https://access.redhat.com/security/cve/CVE-2019-8524
https://access.redhat.com/security/cve/CVE-2019-8535
https://access.redhat.com/security/cve/CVE-2019-8536
https://access.redhat.com/security/cve/CVE-2019-8544
https://access.redhat.com/security/cve/CVE-2019-8551
https://access.redhat.com/security/cve/CVE-2019-8558
https://access.redhat.com/security/cve/CVE-2019-8559
https://access.redhat.com/security/cve/CVE-2019-8563
https://access.redhat.com/security/cve/CVE-2019-8571
https://access.redhat.com/security/cve/CVE-2019-8583
https://access.redhat.com/security/cve/CVE-2019-8584
https://access.redhat.com/security/cve/CVE-2019-8586
https://access.redhat.com/security/cve/CVE-2019-8587
https://access.redhat.com/security/cve/CVE-2019-8594
https://access.redhat.com/security/cve/CVE-2019-8595
https://access.redhat.com/security/cve/CVE-2019-8596
https://access.redhat.com/security/cve/CVE-2019-8597
https://access.redhat.com/security/cve/CVE-2019-8601
https://access.redhat.com/security/cve/CVE-2019-8607
https://access.redhat.com/security/cve/CVE-2019-8608
https://access.redhat.com/security/cve/CVE-2019-8609
https://access.redhat.com/security/cve/CVE-2019-8610
https://access.redhat.com/security/cve/CVE-2019-8611
https://access.redhat.com/security/cve/CVE-2019-8615
https://access.redhat.com/security/cve/CVE-2019-8619
https://access.redhat.com/security/cve/CVE-2019-8622
https://access.redhat.com/security/cve/CVE-2019-8623
https://access.redhat.com/security/cve/CVE-2019-8625
https://access.redhat.com/security/cve/CVE-2019-8644
https://access.redhat.com/security/cve/CVE-2019-8649
https://access.redhat.com/security/cve/CVE-2019-8658
https://access.redhat.com/security/cve/CVE-2019-8666
https://access.redhat.com/security/cve/CVE-2019-8669
https://access.redhat.com/security/cve/CVE-2019-8671
https://access.redhat.com/security/cve/CVE-2019-8672
https://access.redhat.com/security/cve/CVE-2019-8673
https://access.redhat.com/security/cve/CVE-2019-8674
https://access.redhat.com/security/cve/CVE-2019-8676
https://access.redhat.com/security/cve/CVE-2019-8677
https://access.redhat.com/security/cve/CVE-2019-8678
https://access.redhat.com/security/cve/CVE-2019-8679
https://access.redhat.com/security/cve/CVE-2019-8680
https://access.redhat.com/security/cve/CVE-2019-8681
https://access.redhat.com/security/cve/CVE-2019-8683
https://access.redhat.com/security/cve/CVE-2019-8684
https://access.redhat.com/security/cve/CVE-2019-8686
https://access.redhat.com/security/cve/CVE-2019-8687
https://access.redhat.com/security/cve/CVE-2019-8688
https://access.redhat.com/security/cve/CVE-2019-8689
https://access.redhat.com/security/cve/CVE-2019-8690
https://access.redhat.com/security/cve/CVE-2019-8707
https://access.redhat.com/security/cve/CVE-2019-8710
https://access.redhat.com/security/cve/CVE-2019-8719
https://access.redhat.com/security/cve/CVE-2019-8720
https://access.redhat.com/security/cve/CVE-2019-8726
https://access.redhat.com/security/cve/CVE-2019-8733
https://access.redhat.com/security/cve/CVE-2019-8735
https://access.redhat.com/security/cve/CVE-2019-8743
https://access.redhat.com/security/cve/CVE-2019-8763
https://access.redhat.com/security/cve/CVE-2019-8764
https://access.redhat.com/security/cve/CVE-2019-8765
https://access.redhat.com/security/cve/CVE-2019-8766
https://access.redhat.com/security/cve/CVE-2019-8768
https://access.redhat.com/security/cve/CVE-2019-8769
https://access.redhat.com/security/cve/CVE-2019-8771
https://access.redhat.com/security/cve/CVE-2019-8782
https://access.redhat.com/security/cve/CVE-2019-8783
https://access.redhat.com/security/cve/CVE-2019-8808
https://access.redhat.com/security/cve/CVE-2019-8811
https://access.redhat.com/security/cve/CVE-2019-8812
https://access.redhat.com/security/cve/CVE-2019-8813
https://access.redhat.com/security/cve/CVE-2019-8814
https://access.redhat.com/security/cve/CVE-2019-8815
https://access.redhat.com/security/cve/CVE-2019-8816
https://access.redhat.com/security/cve/CVE-2019-8819
https://access.redhat.com/security/cve/CVE-2019-8820
https://access.redhat.com/security/cve/CVE-2019-8821
https://access.redhat.com/security/cve/CVE-2019-8822
https://access.redhat.com/security/cve/CVE-2019-8823
https://access.redhat.com/security/cve/CVE-2019-8835
https://access.redhat.com/security/cve/CVE-2019-8844
https://access.redhat.com/security/cve/CVE-2019-8846
https://access.redhat.com/security/cve/CVE-2019-11070
https://access.redhat.com/security/cve/CVE-2020-3862
https://access.redhat.com/security/cve/CVE-2020-3864
https://access.redhat.com/security/cve/CVE-2020-3865
https://access.redhat.com/security/cve/CVE-2020-3867
https://access.redhat.com/security/cve/CVE-2020-3868
https://access.redhat.com/security/cve/CVE-2020-3885
https://access.redhat.com/security/cve/CVE-2020-3894
https://access.redhat.com/security/cve/CVE-2020-3895
https://access.redhat.com/security/cve/CVE-2020-3897
https://access.redhat.com/security/cve/CVE-2020-3899
https://access.redhat.com/security/cve/CVE-2020-3900
https://access.redhat.com/security/cve/CVE-2020-3901
https://access.redhat.com/security/cve/CVE-2020-3902
https://access.redhat.com/security/cve/CVE-2020-10018
https://access.redhat.com/security/cve/CVE-2020-11793
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBX3OjINzjgjWX9erEAQjqsg/9FnSEJ3umFx0gtnsZIVRP9YxMIVZhVQ8z
rNnK/LGQWq1nPlNC5OF60WRcWA7cC74lh1jl/+xU6p+9JXTq9y9hQTd7Fcf+6T01
RYj2zJe6kGBY/53rhZJKCdb9zNXz1CkqsuvTPqVGIabUWTTlsBFnd6l4GK6QL4kM
XVQZyWtmSfmLII4Ocdav9WocJzH6o1TbEo+O9Fm6WjdVOK+/+VzPki0/dW50CQAK
R8u5tTXZR5m52RLmvhs/LTv3yUnmhEkhvrR0TtuR8KRfcP1/ytNwn3VidFefuAO1
PWrgpjIPWy/kbtZaZWK4fBblYj6bKCVD1SiBKQcOfCq0f16aqRP2niFoDXdAy467
eGu0JHkRsIRCLG2rY+JfOau5KtLRhRr0iRe5AhOVpAtUelzjAvEQEcVv4GmZXcwX
rXfeagSjWzdo8Mf55d7pjORXAKhGdO3FQSeiCvzq9miZq3NBX4Jm4raobeskw/rJ
1ONqg4fE7Gv7rks8QOy5xErwI8Ut1TGJAgYOD8rmRptr05hBWQFJCfmoc4KpxsMe
PJoRag0AZfYxYoMe5avMcGCYHosU63z3wS7gao9flj37NkEi6M134vGmCpPNmpGr
w5HQly9SO3mD0a92xOUn42rrXq841ZkVu89fR6j9wBn8NAKLWH6eUjZkVMNmLRzh
PKg+HFNkMjk=dS3G
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. Description:
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
Security Fix(es):
* golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows
for panic (CVE-2020-9283)
* SSL/TLS: CBC padding timing attack (lucky-13) (CVE-2013-0169)
* grafana: XSS vulnerability via a column style on the "Dashboard > Table
Panel" screen (CVE-2018-18624)
* js-jquery: prototype pollution in object's prototype leading to denial of
service or remote code execution or property injection (CVE-2019-11358)
* npm-serialize-javascript: XSS via unsafe characters in serialized regular
expressions (CVE-2019-16769)
* kibana: Prototype pollution in TSVB could result in arbitrary code
execution (ESA-2020-06) (CVE-2020-7013)
* nodejs-minimist: prototype pollution allows adding or modifying
properties of Object.prototype using a constructor or __proto__ payload
(CVE-2020-7598)
* npmjs-websocket-extensions: ReDoS vulnerability in
Sec-WebSocket-Extensions parser (CVE-2020-7662)
* nodejs-lodash: prototype pollution in zipObjectDeep function
(CVE-2020-8203)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter
method (CVE-2020-11022)
* jQuery: passing HTML containing <option> elements to manipulation methods
could result in untrusted code execution (CVE-2020-11023)
* grafana: stored XSS (CVE-2020-11110)
* grafana: XSS annotation popup vulnerability (CVE-2020-12052)
* grafana: XSS via column.title or cellLinkTooltip (CVE-2020-12245)
* nodejs-elliptic: improper encoding checks allows a certain degree of
signature malleability in ECDSA signatures (CVE-2020-13822)
* golang.org/x/text: possibility to trigger an infinite loop in
encoding/unicode could lead to crash (CVE-2020-14040)
* nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate
function (CVE-2020-15366)
* openshift/console: text injection on error page via crafted url
(CVE-2020-10715)
* kibana: X-Frame-Option not set by default might lead to clickjacking
(CVE-2020-10743)
* openshift: restricted SCC allows pods to craft custom network packets
(CVE-2020-14336)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section. Solution:
For OpenShift Container Platform 4.6 see the following documentation, which
will be updated shortly for this release, for important instructions on how
to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel
ease-notes.html
Details on how to access this content are available at
https://docs.openshift.com/container-platform/4.6/updating/updating-cluster
- -cli.html. Bugs fixed (https://bugzilla.redhat.com/):
907589 - CVE-2013-0169 SSL/TLS: CBC padding timing attack (lucky-13)
1701972 - CVE-2019-11358 jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection
1767665 - CVE-2020-10715 openshift/console: text injection on error page via crafted url
1804533 - CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic
1813344 - CVE-2020-7598 nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload
1828406 - CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method
1834550 - CVE-2020-10743 kibana: X-Frame-Option not set by default might lead to clickjacking
1845982 - CVE-2020-7662 npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser
1848089 - CVE-2020-12052 grafana: XSS annotation popup vulnerability
1848092 - CVE-2019-16769 npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions
1848643 - CVE-2020-12245 grafana: XSS via column.title or cellLinkTooltip
1848647 - CVE-2020-13822 nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures
1849044 - CVE-2020-7013 kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06)
1850004 - CVE-2020-11023 jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution
1850572 - CVE-2018-18624 grafana: XSS vulnerability via a column style on the "Dashboard > Table Panel" screen
1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash
1857412 - CVE-2020-8203 nodejs-lodash: prototype pollution in zipObjectDeep function
1857977 - CVE-2020-15366 nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function
1858981 - CVE-2020-14336 openshift: restricted SCC allows pods to craft custom network packets
1861044 - CVE-2020-11110 grafana: stored XSS
1874671 - CVE-2020-14336 ose-machine-config-operator-container: openshift: restricted SCC allows pods to craft custom network packets [openshift-4]
5. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-3-25-3 tvOS 12.2
tvOS 12.2 is now available and addresses the following:
CFString
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Processing a maliciously crafted string may lead to a denial
of service
Description: A validation issue was addressed with improved logic.
CVE-2019-8516: SWIPS Team of Frifee Inc.
configd
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may be able to elevate privileges
Description: A memory initialization issue was addressed with
improved memory handling.
CVE-2019-8552: Mohamed Ghannam (@_simo36)
CoreCrypto
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may be able to elevate privileges
Description: A buffer overflow was addressed with improved bounds
checking.
CVE-2019-8542: an anonymous researcher
file
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Processing a maliciously crafted file might disclose user
information
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2019-6237: an anonymous researcher
Foundation
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: An application may be able to gain elevated privileges
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2019-7286: an anonymous researcher, Clement Lecigne of Google
Threat Analysis Group, Ian Beer of Google Project Zero, and Samuel
Groß of Google Project Zero
GeoServices
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Clicking a malicious SMS link may lead to arbitrary code
execution
Description: A memory corruption issue was addressed with improved
validation.
CVE-2019-8553: an anonymous researcher
iAP
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may be able to elevate privileges
Description: A buffer overflow was addressed with improved bounds
checking.
CVE-2019-8542: an anonymous researcher
IOHIDFamily
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A local user may be able to cause unexpected system
termination or read kernel memory
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8545: Adam Donenfeld (@doadam) of the Zimperium zLabs Team
Kernel
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A remote attacker may be able to cause unexpected system
termination or corrupt kernel memory
Description: A buffer overflow was addressed with improved size
validation.
CVE-2019-8527: Ned Williamson of Google and derrek (@derrekr6)
Kernel
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may be able to determine kernel
memory layout
Description: A memory initialization issue was addressed with
improved memory handling.
CVE-2019-8540: Weibo Wang (@ma1fan) of Qihoo 360 Nirvan Team
Kernel
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: An application may be able to gain elevated privileges
Description: A logic issue was addressed with improved state
management.
CVE-2019-8514: Samuel Groß of Google Project Zero
Kernel
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A local user may be able to read kernel memory
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-7293: Ned Williamson of Google
Kernel
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may be able to determine kernel
memory layout
Description: An out-of-bounds read issue existed that led to the
disclosure of kernel memory.
CVE-2019-6207: Weibo Wang of Qihoo 360 Nirvan Team (@ma1fan)
CVE-2019-8510: Stefan Esser of Antid0te UG
Power Management
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may be able to execute arbitrary code
with system privileges
Description: Multiple input validation issues existed in MIG
generated code.
CVE-2019-8549: Mohamed Ghannam (@_simo36) of SSD Secure Disclosure
(ssd-disclosure.com)
Siri
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may be able to initiate a Dictation
request without user authorization
Description: An API issue existed in the handling of dictation
requests.
CVE-2019-8502: Luke Deshotels of North Carolina State University,
Jordan Beichler of North Carolina State University, William Enck of
North Carolina State University, Costin Carabaș of University
POLITEHNICA of Bucharest, and Răzvan Deaconescu of University
POLITEHNICA of Bucharest
TrueTypeScaler
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Processing a maliciously crafted font may result in the
disclosure of process memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2019-8517: riusksk of VulWar Corp working with Trend Micro Zero
Day Initiative
WebKit
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved validation.
CVE-2019-8535: Zhiyang Zeng (@Wester) of Tencent Blade Team
WebKit
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling. Geshev working with Trend Micro Zero Day Initiative
CVE-2019-8558: Samuel Groß of Google Project Zero
CVE-2019-8559: Apple
CVE-2019-8563: Apple
WebKit
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A sandboxed process may be able to circumvent sandbox
restrictions
Description: A memory corruption issue was addressed with improved
validation.
CVE-2019-8562: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of
Chaitin Security Research Lab
WebKit
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8515: James Lee (@Windowsrcer)
WebKit
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed with improved
memory management.
CVE-2019-8506: Samuel Groß of Google Project Zero
WebKit
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious website may be able to execute scripts in the
context of another website
Description: A logic issue was addressed with improved validation.
CVE-2019-7292: Zhunki and Zhiyi Zhang of 360 ESG Codesafe Team
XPC
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may be able to overwrite arbitrary
files
Description: This issue was addressed with improved checks.
CVE-2019-8530: CodeColorist of Ant-Financial LightYear Labs
Additional recognition
Kernel
We would like to acknowledge Brandon Azad of Google Project Zero for
their assistance.
Safari
We would like to acknowledge Nikhil Mittal (@c0d3G33k) of Payatu Labs
(payatu.com) for their assistance.
WebKit
We would like to acknowledge Andrey Kovalev of Yandex Security Team
for their assistance.
Installation note:
Apple TV will periodically check for software updates. Alternatively,
you may manually check for software updates by selecting
"Settings -> System -> Software Update -> Update Software."
To check the current version of software, select
"Settings -> General -> About."
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlyZM7gpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3EWyBAA
nFUeN7oBBPCdezabzgIAh29Mk1K+tgNeH0BIkyyPuoqeYd5UQK9cwZJ7Ww9J7uqB
nAH30awuCq8r8h3oLLOn8X9A/ORNxFKUZRF+8AbH00G0taATIFjseSwGwGz5/rG7
aPoi/Mh4ilWh8luQJVvPO7KTHTeJLSsiBOuvqUmDaJVxu1y10inVW3j1s8RtrOVt
BR+PZq7/BQ9wsSPxRS2bTQp3BX3m3aleadnZ9HkeXVB/9O8c5TrG6HIgfBNYMJFY
mGpQoCM1nCh8jaWmoO1gjP7B0W2DKPhE6jFmCtuRsmnOG3ROhGbXi6T6AOOI9EX3
233FgygUVZgs7t4dhz0UZ1EczQiQ4dL0YYL7J/LYMjaM31qul2cdJWTPb9ZFARFt
PHeyU1uHcJ2j67kGt1qepETUfWNa4W/RD3wUmKJdKBED65xOuwv9ijnEcAhzwh4F
q6UefOTf1PwszuzWpAi7rCyOWq3TqDF+r6som9j5q15fMPx+TakBA6/TKViWLRw1
ydoi3g2OkKpvgapzBdVAm9Rtcvr4B0uXtLUXL7heB6TP12UheSum817QQiLs4aqV
9syBL5XpFOJUdQPD0SMIzuhvaN2dugH2wc1BDeiv5H8nYvMx6oiebJN8CgJ3uo8Y
iJBethq6bdDVq8EfYN6vHCjH7bTFtcaCVgXWq5KJYp8=
=8uDf
-----END PGP SIGNATURE-----=
. ------------------------------------------------------------------------
WebKitGTK and WPE WebKit Security Advisory WSA-2019-0002
------------------------------------------------------------------------
Date reported : April 10, 2019
Advisory ID : WSA-2019-0002
WebKitGTK Advisory URL :
https://webkitgtk.org/security/WSA-2019-0002.html
WPE WebKit Advisory URL :
https://wpewebkit.org/security/WSA-2019-0002.html
CVE identifiers : CVE-2019-6201, CVE-2019-6251, CVE-2019-7285,
CVE-2019-7292, CVE-2019-8503, CVE-2019-8506,
CVE-2019-8515, CVE-2019-8518, CVE-2019-8523,
CVE-2019-8524, CVE-2019-8535, CVE-2019-8536,
CVE-2019-8544, CVE-2019-8551, CVE-2019-8558,
CVE-2019-8559, CVE-2019-8563, CVE-2019-11070.
Several vulnerabilities were discovered in WebKitGTK and WPE WebKit.
CVE-2019-6201
Versions affected: WebKitGTK before 2.22.6 and WPE WebKit before
2.22.4.
Credit to dwfault working with ADLab of Venustech.
CVE-2019-6251
Versions affected: WebKitGTK and WPE WebKit before 2.24.1.
Credit to Dhiraj.
CVE-2019-7285
Versions affected: WebKitGTK before 2.22.6 and WPE WebKit before
2.22.4.
Credit to dwfault working at ADLab of Venustech.
CVE-2019-7292
Versions affected: WebKitGTK before 2.22.6 and WPE WebKit before
2.22.4.
Credit to Zhunki and Zhiyi Zhang of 360 ESG Codesafe Team.
CVE-2019-8503
Versions affected: WebKitGTK before 2.22.6 and WPE WebKit before
2.22.4.
Credit to Linus S\xe4rud of Detectify.
CVE-2019-8506
Versions affected: WebKitGTK and WPE WebKit before 2.24.0.
Credit to Samuel Gro\xdf of Google Project Zero.
CVE-2019-8515
Versions affected: WebKitGTK before 2.22.6 and WPE WebKit before
2.22.4.
Credit to James Lee, @Windowsrcer. A cross-origin issue existed with the fetch API.
CVE-2019-8518
Versions affected: WebKitGTK before 2.22.7 and WPE WebKit before
2.22.5.
Credit to Samuel Gro\xdf of Google Project Zero.
CVE-2019-8523
Versions affected: WebKitGTK before 2.22.7 and WPE WebKit before
2.22.5.
Credit to Apple.
CVE-2019-8524
Versions affected: WebKitGTK and WPE WebKit before 2.24.0.
Credit to G. Geshev working with Trend Micro Zero Day Initiative.
CVE-2019-8535
Versions affected: WebKitGTK and WPE WebKit before 2.24.0.
Credit to Zhiyang Zeng, @Wester, of Tencent Blade Team.
CVE-2019-8536
Versions affected: WebKitGTK and WPE WebKit before 2.24.0.
Credit to Apple.
CVE-2019-8544
Versions affected: WebKitGTK and WPE WebKit before 2.24.0.
Credit to an anonymous researcher.
CVE-2019-8551
Versions affected: WebKitGTK and WPE WebKit before 2.24.0.
Credit to Ryan Pickren, ryanpickren.com.
CVE-2019-8558
Versions affected: WebKitGTK and WPE WebKit before 2.24.0.
Credit to Samuel Gro\xdf of Google Project Zero.
CVE-2019-8559
Versions affected: WebKitGTK and WPE WebKit before 2.24.0.
Credit to Apple.
CVE-2019-8563
Versions affected: WebKitGTK and WPE WebKit before 2.24.0.
Credit to Apple.
CVE-2019-11070
Versions affected: WebKitGTK and WPE WebKit before 2.24.1.
Credit to Igalia.
We recommend updating to the latest stable versions of WebKitGTK and WPE
WebKit. It is the best way to ensure that you are running safe versions
of WebKit. Please check our websites for information about the latest
stable releases.
Further information about WebKitGTK and WPE WebKit security advisories
can be found at: https://webkitgtk.org/security.html or
https://wpewebkit.org/security/.
The WebKitGTK and WPE WebKit team,
April 10, 2019
|