Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


More on LinuxToday


Advisories, May 8, 2006

May 09, 2006, 04:45 (0 Talkback[s])

Debian GNU/Linux


Debian Security Advisory DSA 1052-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
May 8th, 2006 http://www.debian.org/security/faq


Package : cgiirc
Vulnerability : buffer overflows
Problem type : remote
Debian-specific: no
CVE ID : CVE-2006-2148
Debian Bug : 365680

Several buffer overflows have been discovered in cgiirc, a web-based IRC client, which could be exploited to execute arbitrary code.

The old stable distribution (woody) does not contain cgiirc packages.

For the stable distribution (sarge) these problems have been fixed in version 0.5.4-6sarge1.

For the unstable distribution (sid) these problems have been fixed in version 0.5.4-6sarge1.

We recommend that you upgrade your cgiirc package.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge


Source archives:

    http://security.debian.org/pool/updates/main/c/cgiirc/cgiirc_0.5.4-6sarge1.dsc
      Size/MD5 checksum: 590 daed94ad35a0ac4935086bfd1379c20f
    http://security.debian.org/pool/updates/main/c/cgiirc/cgiirc_0.5.4-6sarge1.diff.gz
      Size/MD5 checksum: 13507 a885a3704d8313920548f156d764dec6
    http://security.debian.org/pool/updates/main/c/cgiirc/cgiirc_0.5.4.orig.tar.gz
      Size/MD5 checksum: 127545 c32ce6514626729ef8cf30cf7bd1a51e

Alpha architecture:

    http://security.debian.org/pool/updates/main/c/cgiirc/cgiirc_0.5.4-6sarge1_alpha.deb
      Size/MD5 checksum: 122974 55a573eb356b35cb32b651ca570d76f6

AMD64 architecture:

    http://security.debian.org/pool/updates/main/c/cgiirc/cgiirc_0.5.4-6sarge1_amd64.deb
      Size/MD5 checksum: 122526 25977ad46ac501c8c81de1347dac8cc9

ARM architecture:

    http://security.debian.org/pool/updates/main/c/cgiirc/cgiirc_0.5.4-6sarge1_arm.deb
      Size/MD5 checksum: 122004 594434fc3222bd093b4b202e2e9df1ec

Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/c/cgiirc/cgiirc_0.5.4-6sarge1_i386.deb
      Size/MD5 checksum: 122082 e5d18578977303524a6d9c92a314b0cf

Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/c/cgiirc/cgiirc_0.5.4-6sarge1_ia64.deb
      Size/MD5 checksum: 123546 b91e34892993e4d176d3fa8ff970f123

HP Precision architecture:

    http://security.debian.org/pool/updates/main/c/cgiirc/cgiirc_0.5.4-6sarge1_hppa.deb
      Size/MD5 checksum: 122868 96f3c61fa95509d03277209d5549a037

Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/c/cgiirc/cgiirc_0.5.4-6sarge1_m68k.deb
      Size/MD5 checksum: 121960 e6a1341cee535289a78ef0e2ca33badd

Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/c/cgiirc/cgiirc_0.5.4-6sarge1_mips.deb
      Size/MD5 checksum: 123686 ebebe98b959b9985581338ffa5f60857

Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/c/cgiirc/cgiirc_0.5.4-6sarge1_mipsel.deb
      Size/MD5 checksum: 123688 0004985ff0018cad8ff54630b4b96e7d

PowerPC architecture:

    http://security.debian.org/pool/updates/main/c/cgiirc/cgiirc_0.5.4-6sarge1_powerpc.deb
      Size/MD5 checksum: 122502 d2b6b1cbd8d05baebdbd7febd16edc39

IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/c/cgiirc/cgiirc_0.5.4-6sarge1_s390.deb
      Size/MD5 checksum: 122504 833f9eb5d35ec6baac52ceec8193422d

Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/c/cgiirc/cgiirc_0.5.4-6sarge1_sparc.deb
      Size/MD5 checksum: 122060 e611d3c02896f065d3989a3182cd4fd7

These files will probably be moved into the stable distribution on its next update.


For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

Gentoo Linux


Gentoo Linux Security Advisory GLSA 200605-07

http://security.gentoo.org/


Severity: High
Title: Nagios: Buffer overflow
Date: May 07, 2006
Bugs: #132159
ID: 200605-07


Synopsis

Nagios is vulnerable to a buffer overflow which may lead to remote execution of arbitrary code.

Background

Nagios is an open source host, service and network monitoring program.

Affected packages


     Package                   /  Vulnerable  /             Unaffected

  1  net-analyzer/nagios-core        < 1.4                      >= 1.4

Description

Sebastian Krahmer of the SuSE security team discovered a buffer overflow vulnerability in the handling of a negative HTTP Content-Length header.

Impact

A buffer overflow in Nagios CGI scripts under certain web servers allows remote attackers to execute arbitrary code via a negative content length HTTP header.

Workaround

There is no known workaround at this time.

Resolution

All Nagios users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=net-analyzer/nagios-core-1.4"

References

[ 1 ] CVE-2006-2162

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2162

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200605-07.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0


Gentoo Linux Security Advisory GLSA 200605-08

http://security.gentoo.org/


Severity: High
Title: PHP: Multiple vulnerabilities
Date: May 08, 2006
Bugs: #127939, #128883, #131135
ID: 200605-08


Synopsis

PHP is affected by multiple issues, including a buffer overflow in wordwrap() which may lead to execution of arbitrary code.

Background

PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML.

Affected packages


     Package       /  Vulnerable  /                         Unaffected


1 dev-lang/php < 5.1.4 >= 5.1.4 *>= 4.4.2-r2

Description

Several vulnerabilities were discovered on PHP4 and PHP5 by Infigo, Tonu Samuel and Maksymilian Arciemowicz. These included a buffer overflow in the wordwrap() function, restriction bypasses in the copy() and tempname() functions, a cross-site scripting issue in the phpinfo() function, a potential crash in the substr_compare() function and a memory leak in the non-binary-safe html_entity_decode() function.

Impact

Remote attackers might be able to exploit these issues in PHP applications making use of the affected functions, potentially resulting in the execution of arbitrary code, Denial of Service, execution of scripted contents in the context of the affected site, security bypass or information leak.

Workaround

There is no known workaround at this point.

Resolution

All PHP users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=dev-lang/php-5.1.4"

PHP4 users that wish to keep that version line should upgrade to the latest 4.x version:

    # emerge --sync
    # emerge --ask --oneshot --verbose =dev-lang/php-4.4.2-r2

References

[ 1 ] CVE-2006-0996

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0996

[ 2 ] CVE-2006-1490

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1490

[ 3 ] CVE-2006-1990

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1990

[ 4 ] CVE-2006-1991

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1991

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200605-08.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5


Gentoo Linux Security Advisory GLSA 200605-09

http://security.gentoo.org/


Severity: Normal
Title: Mozilla Thunderbird: Multiple vulnerabilities
Date: May 08, 2006
Bugs: #130888
ID: 200605-09


Synopsis

Several vulnerabilities in Mozilla Thunderbird allow attacks ranging from script execution with elevated privileges to information leaks.

Background

Mozilla Thunderbird is the next-generation mail client from the Mozilla project.

Affected packages


     Package                  /  Vulnerable  /              Unaffected


1 mozilla-thunderbird < 1.0.8 >= 1.0.8 2 mozilla-thunderbird-bin < 1.0.8 >= 1.0.8 ------------------------------------------------------------------- 2 affected packages on all of their supported architectures.

Description

Several vulnerabilities were found and fixed in Mozilla Thunderbird.

Impact

A remote attacker could craft malicious emails that would leverage these issues to inject and execute arbitrary script code with elevated privileges, steal local files or other information from emails, and spoof content. Some of these vulnerabilities might even be exploited to execute arbitrary code with the rights of the user running Thunderbird.

Workaround

There are no known workarounds for all the issues at this time.

Resolution

All Mozilla Thunderbird users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=mail-client/mozilla-thunderbird-1.0.8"

All Mozilla Thunderbird binary users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=mail-client/mozilla-thunderbird-bin-1.0.8"

Note: There is no stable fixed version for the ALPHA architecture yet. Users of Mozilla Thunderbird on ALPHA should consider unmerging it until such a version is available.

References

[ 1 ] CVE-2006-0292

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0292

[ 2 ] CVE-2006-0296

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0296

[ 3 ] CVE-2006-0748

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0748

[ 4 ] CVE-2006-0749

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0749

[ 5 ] CVE-2006-0884

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0884

[ 6 ] CVE-2006-1045

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1045

[ 7 ] CVE-2006-1727

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1727

[ 8 ] CVE-2006-1728

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1728

[ 9 ] CVE-2006-1730

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1730

[ 10 ] CVE-2006-1731

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1731

[ 11 ] CVE-2006-1732

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1732

[ 12 ] CVE-2006-1733

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1733

[ 13 ] CVE-2006-1734

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1734

[ 14 ] CVE-2006-1735

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1735

[ 15 ] CVE-2006-1737

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1737

[ 16 ] CVE-2006-1738

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1738

[ 17 ] CVE-2006-1739

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1739

[ 18 ] CVE-2006-1741

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1741

[ 19 ] CVE-2006-1742

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1742

[ 20 ] CVE-2006-1790

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1790

[ 21 ] Mozilla Foundation Security Advisories

http://www.mozilla.org/projects/security/known-vulnerabilities.html#Thunderbird

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200605-09.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

Ubuntu Linux


Ubuntu Security Notice USN-282-1 May 08, 2006
nagios vulnerability
CVE-2006-2162

A security issue affects the following Ubuntu releases:

Ubuntu 5.04 (Hoary Hedgehog)
Ubuntu 5.10 (Breezy Badger)

The following packages are affected:

nagios-common

The problem can be corrected by upgrading the affected package to version 2:1.3-0+pre6ubuntu0.1 (for Ubuntu 5.04), or 2:1.3-cvs.20050402-4ubuntu3.1 (for Ubuntu 5.10). In general, a standard system upgrade is sufficient to effect the necessary changes.

Details follow:

The nagios CGI scripts did not sufficiently check the validity of the HTTP Content-Length attribute. By sending a specially crafted HTTP request with a negative Content-Length value to the Nagios server, a remote attacker could exploit this to execute arbitrary code with web server privileges.

Please note that the Apache 2 web server already checks for valid Content-Length values, so installations using Apache 2 (the only web server officially supported in Ubuntu) are not vulnerable to this flaw.

Updated packages for Ubuntu 5.04:

Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios_1.3-0+pre6ubuntu0.1.diff.gz
      Size/MD5: 80281 7d71114ea6d8e11edb79133235e94951
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios_1.3-0+pre6ubuntu0.1.dsc
      Size/MD5: 1010 611221f65f55763d607bd18754f5b46e
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios_1.3.orig.tar.gz
      Size/MD5: 1625322 414d70e5269d5b8d7c21bf3ee129309f

Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-common_1.3-0+pre6ubuntu0.1_all.deb
      Size/MD5: 1213184 aef209a60989887c5e4828f8c6e5ed22

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-mysql_1.3-0+pre6ubuntu0.1_amd64.deb
      Size/MD5: 994148 caee3765a8cb8826cbfb83b6a80a93aa
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-pgsql_1.3-0+pre6ubuntu0.1_amd64.deb
      Size/MD5: 1006218 331626a1400801648faa72261f72bc0f
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-text_1.3-0+pre6ubuntu0.1_amd64.deb
      Size/MD5: 975952 83b6c5a302ed299866fa717020c30d68

i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-mysql_1.3-0+pre6ubuntu0.1_i386.deb
      Size/MD5: 872306 fcb37a47f0eff94a77d1a1e30205aeec
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-pgsql_1.3-0+pre6ubuntu0.1_i386.deb
      Size/MD5: 882042 08b7590825e1d97807445e11859fb487
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-text_1.3-0+pre6ubuntu0.1_i386.deb
      Size/MD5: 857596 0feedae7fd082a9b566bdc52c2a69794

powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-mysql_1.3-0+pre6ubuntu0.1_powerpc.deb
      Size/MD5: 1002618 f7267c0a908b37119bd1cc75a82f691a
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-pgsql_1.3-0+pre6ubuntu0.1_powerpc.deb
      Size/MD5: 1010332 cd4882a8adaf882be52ca06c03a9f009
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-text_1.3-0+pre6ubuntu0.1_powerpc.deb
      Size/MD5: 969694 61692fa210eac3be4acc0ec31db859df

Updated packages for Ubuntu 5.10:

Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios_1.3-cvs.20050402-4ubuntu3.1.diff.gz
      Size/MD5: 72940 45eb9bb3f5d319ee26e54911766c3329
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios_1.3-cvs.20050402-4ubuntu3.1.dsc
      Size/MD5: 1039 38ccfb2a73283d3407b9fe60533f98ff
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios_1.3-cvs.20050402.orig.tar.gz
      Size/MD5: 1621251 0f92b7b8e705411b7881d3650cbb5d56

Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-common_1.3-cvs.20050402-4ubuntu3.1_all.deb
      Size/MD5: 1221180 8d5b4df9c227530749020ffb466ff2f2

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-mysql_1.3-cvs.20050402-4ubuntu3.1_amd64.deb
      Size/MD5: 1029868 c8d76916a6910a2cbfe3ff1ba6ac5719
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-pgsql_1.3-cvs.20050402-4ubuntu3.1_amd64.deb
      Size/MD5: 1041510 623c9b4b2e3ab693c9993ede121488a7
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-text_1.3-cvs.20050402-4ubuntu3.1_amd64.deb
      Size/MD5: 1025400 d37f7806f75fecda7f4b3d63491e0939

i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-mysql_1.3-cvs.20050402-4ubuntu3.1_i386.deb
      Size/MD5: 878928 9ee514d4b91119f3ba6bfc6c1f62fbea
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-pgsql_1.3-cvs.20050402-4ubuntu3.1_i386.deb
      Size/MD5: 887908 f8365be3ee3dd6aa19fbe61e80a51120
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-text_1.3-cvs.20050402-4ubuntu3.1_i386.deb
      Size/MD5: 873662 1c9aa6c22a19b705f7a3702b09fe6986

powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-mysql_1.3-cvs.20050402-4ubuntu3.1_powerpc.deb
      Size/MD5: 1015848 74ebefb823c39c2b1cd54d3c8bcf80f3
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-pgsql_1.3-cvs.20050402-4ubuntu3.1_powerpc.deb
      Size/MD5: 1024990 7e1a404b27a63d58644e2faa92f20217
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-text_1.3-cvs.20050402-4ubuntu3.1_powerpc.deb
      Size/MD5: 993116 ba19fcb9ba815eb4f47d8c75cebb8ee0


Ubuntu Security Notice USN-283-1 May 08, 2006
mysql-dfsg-4.1, mysql-dfsg vulnerabilities
CVE-2006-1516, CVE-2006-1517

A security issue affects the following Ubuntu releases:

Ubuntu 5.04 (Hoary Hedgehog)
Ubuntu 5.10 (Breezy Badger)

The following packages are affected:

mysql-server
mysql-server-4.1

The problem can be corrected by upgrading the affected package to version 4.0.23-3ubuntu2.3 (for Ubuntu 5.04), 4.0.24-10ubuntu2.2 (mysql-server for Ubuntu 5.10), or 4.1.12-1ubuntu3.3 (mysql-server-4.1 for Ubuntu 5.10). In general, a standard system upgrade is sufficient to effect the necessary changes.

Details follow:

Stefano Di Paola discovered an information leak in the login packet parser. By sending a specially crafted malformed login packet, a remote attacker could exploit this to read a random piece of memory, which could potentially reveal sensitive data. (CVE-2006-1516)

Stefano Di Paola also found a similar information leak in the parser for the COM_TABLE_DUMP request. (CVE-2006-1517)

Updated packages for Ubuntu 5.04:

Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-dfsg_4.0.23-3ubuntu2.3.diff.gz
      Size/MD5: 345474 a03d04b6232f33905f239248035f3c38
    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-dfsg_4.0.23-3ubuntu2.3.dsc
      Size/MD5: 891 f45ff763a72c15171cad1162886f35de
    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-dfsg_4.0.23.orig.tar.gz
      Size/MD5: 9814467 5eec8f66ed48c6ff92e73161651a492b

Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-common_4.0.23-3ubuntu2.3_all.deb
      Size/MD5: 32208 366666fa86a1832df41a6371ab247a13

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.23-3ubuntu2.3_amd64.deb
      Size/MD5: 2866464 bd0a5bcdee56e03cbecb27753e0f9f96
    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclient12_4.0.23-3ubuntu2.3_amd64.deb
      Size/MD5: 307028 3de11414c948eb5ba7cdd0a83eeb96f7
    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-client_4.0.23-3ubuntu2.3_amd64.deb
      Size/MD5: 431620 d90f664ce975be92b926fd5b9d2429ab
    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-server_4.0.23-3ubuntu2.3_amd64.deb
      Size/MD5: 3628942 9596aa1a65337b9b9dbf642c0bd9794d

i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.23-3ubuntu2.3_i386.deb
      Size/MD5: 2826196 0762c6d6057e91dae14ade788b45afba
    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclient12_4.0.23-3ubuntu2.3_i386.deb
      Size/MD5: 289722 1a4a652c075dcab324c7e4f3f6384d1f
    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-client_4.0.23-3ubuntu2.3_i386.deb
      Size/MD5: 404788 e6dcfc067fbae77ce3421a8d8dfdf8cc
    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-server_4.0.23-3ubuntu2.3_i386.deb
      Size/MD5: 3537800 ca606ecc15afb3cce2c295aa1f9ab344

powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.23-3ubuntu2.3_powerpc.deb
      Size/MD5: 3179856 dce3423162923cfc56b1ac6b79e07e07
    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclient12_4.0.23-3ubuntu2.3_powerpc.deb
      Size/MD5: 312632 8cfae324093e3ea018d539d1183133d2
    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-client_4.0.23-3ubuntu2.3_powerpc.deb
      Size/MD5: 462406 96c5db41bc684ebc7754145b52beea3e
    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-server_4.0.23-3ubuntu2.3_powerpc.deb
      Size/MD5: 3839416 0268c71659e4c1cbaa07a88051a4db56

Updated packages for Ubuntu 5.10:

Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.12-1ubuntu3.3.diff.gz
      Size/MD5: 162244 fddf1e4d87d56438a65315e3df406b49
    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.12-1ubuntu3.3.dsc
      Size/MD5: 1024 adf2851ddc2685c8071330f3d6587ddf
    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.12.orig.tar.gz
      Size/MD5: 15921909 c7b83a19bd8a4f42d5d64c239d05121f
    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-dfsg_4.0.24-10ubuntu2.2.diff.gz
      Size/MD5: 98632 35543de80b68e132078805f930c22cc3
    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-dfsg_4.0.24-10ubuntu2.2.dsc
      Size/MD5: 964 a3306800e3fb87b1ba6425e1675a1c70
    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-dfsg_4.0.24.orig.tar.gz
      Size/MD5: 9923794 aed8f335795a359f32492159e3edfaa3

Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-4.1/mysql-common-4.1_4.1.12-1ubuntu3.3_all.deb
      Size/MD5: 36412 1ff53ed798ff3e764776232c5b9ed8a2
    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-common_4.0.24-10ubuntu2.2_all.deb
      Size/MD5: 34874 2237d7dee140b8a1c25fd0495b71c590

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10ubuntu2.2_amd64.deb
      Size/MD5: 3231484 744f672b3638271f538859fead4086e3
    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10ubuntu2.2_amd64.deb
      Size/MD5: 307940 4dfd1900c36aecbc840e69d246e55ffc
    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.12-1ubuntu3.3_amd64.deb
      Size/MD5: 5830998 ad3e828060133fb423f98ace529022d3
    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.12-1ubuntu3.3_amd64.deb
      Size/MD5: 1539694 9b8cd250044091a4a659ac8d3edd914a
    http://security.ubuntu.com/ubuntu/pool/universe/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.12-1ubuntu3.3_amd64.deb
      Size/MD5: 897782 09e8a26e30ced2274986b76483952d18
    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-client_4.0.24-10ubuntu2.2_amd64.deb
      Size/MD5: 439708 8d3c1f429dd4df1fca98dbfc7826641b
    http://security.ubuntu.com/ubuntu/pool/universe/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.12-1ubuntu3.3_amd64.deb
      Size/MD5: 18429678 c2584ea7c9ab83720f9dcdc9b425f080
    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-server_4.0.24-10ubuntu2.2_amd64.deb
      Size/MD5: 3922172 8e6e94953f530e0e95f0e4cd7c64e5d9

i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10ubuntu2.2_i386.deb
      Size/MD5: 2868602 bfb0d0580d0a1434e5d6168a9964afe1
    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10ubuntu2.2_i386.deb
      Size/MD5: 291768 c1d98662f9ee65b7e03a42ba37b71ed8
    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.12-1ubuntu3.3_i386.deb
      Size/MD5: 5347206 e3d8e9e5f4fd1f5a8966d9535233d01c
    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.12-1ubuntu3.3_i386.deb
      Size/MD5: 1474730 25ee2f76ad4a8ee8a71c93c21be8e75c
    http://security.ubuntu.com/ubuntu/pool/universe/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.12-1ubuntu3.3_i386.deb
      Size/MD5: 865934 82a45bd5ea12d4b2b80341ac8a99e5a7
    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-client_4.0.24-10ubuntu2.2_i386.deb
      Size/MD5: 413660 44384cf27d24c0b402182d61dbf954ca
    http://security.ubuntu.com/ubuntu/pool/universe/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.12-1ubuntu3.3_i386.deb
      Size/MD5: 17335996 0f182836baf752da5614df0e07b59fdf
    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-server_4.0.24-10ubuntu2.2_i386.deb
      Size/MD5: 3555698 8ba9724a80d6dba7a9a9ba88567a597f

powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10ubuntu2.2_powerpc.deb
      Size/MD5: 3090218 f9affc50377eb158f6ebb17e8461b293
    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10ubuntu2.2_powerpc.deb
      Size/MD5: 305738 5d2b428dc00828d93bda45278b953c69
    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.12-1ubuntu3.3_powerpc.deb
      Size/MD5: 6067794 3a9b7587c906545ba6f27f275c6ab1c4
    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.12-1ubuntu3.3_powerpc.deb
      Size/MD5: 1547882 bc20a7b7659aba5ce22dc6a2cf0a6a6f
    http://security.ubuntu.com/ubuntu/pool/universe/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.12-1ubuntu3.3_powerpc.deb
      Size/MD5: 937142 b3aae00524eb4fbdbfda3d16cfdb647c
    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-client_4.0.24-10ubuntu2.2_powerpc.deb
      Size/MD5: 453620 043b3b5ed7e7cee2f620aa1a3160ba5f
    http://security.ubuntu.com/ubuntu/pool/universe/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.12-1ubuntu3.3_powerpc.deb
      Size/MD5: 18521840 59456b5875845e245d6698ce4020012f
    http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-server_4.0.24-10ubuntu2.2_powerpc.deb
      Size/MD5: 3664314 e3405e9c5f9202255e7e7d2c1b340815