Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


Top White Papers

More on LinuxToday


Advisories, September 14, 2006

Sep 15, 2006, 03:45 (0 Talkback[s])

Gentoo Linux


Gentoo Linux Security Advisory GLSA 200609-10

http://security.gentoo.org/


Severity: High
Title: DokuWiki: Arbitrary command execution
Date: September 14, 2006
Bugs: #146800
ID: 200609-10


Synopsis

Vulnerabilities in some accessory scripts of DokuWiki allow remote code execution.

Background

DokuWiki is a wiki targeted at developer teams, workgroups and small companies. It does not use a database backend.

Affected packages


     Package            /   Vulnerable   /                  Unaffected

  1  www-apps/dokuwiki      < 20060309d                   >= 20060309d

Description

"rgod" discovered that DokuWiki doesn't sanitize the X-FORWARDED-FOR HTTP header, allowing the injection of arbitrary contents - such as PHP commands - into a file. Additionally, the accessory scripts installed in the "bin" DokuWiki directory are vulnerable to directory traversal attacks, allowing to copy and execute the previously injected code.

Impact

A remote attacker may execute arbitrary PHP (and thus probably system) commands with the permissions of the user running the process serving DokuWiki pages.

Workaround

Disable remote access to the "bin" subdirectory of the DokuWiki installation. Remove the directory if you don't use the scripts in there.

Resolution

All DokuWiki users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/dokuwiki-20060309d"

References

[ 1 ] CVE-2006-4674

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4674 [ 2 ] CVE-2006-4675

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4675 [ 3 ] CVE-2006-4679

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4679

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200609-10.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

Mandriva Linux


Mandriva Linux Security Advisory MDKSA-2006:164
http://www.mandriva.com/security/


Package : xorg-x11
Date : September 14, 2006
Affected: 2006.0, Corporate 3.0


Problem Description:

Local exploitation of an integer overflow vulnerability in the 'CIDAFM()' function in the X.Org and XFree86 X server could allow an attacker to execute arbitrary code with privileges of the X server, typically root (CVE-2006-3739).

Local exploitation of an integer overflow vulnerability in the 'scan_cidfont()' function in the X.Org and XFree86 X server could allow an attacker to execute arbitrary code with privileges of the X server, typically root (CVE-2006-3740).

Updated packages are patched to address this issue.


References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3739
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3740


Updated Packages:

Mandriva Linux 2006.0:
870f66da912af0a4fad28efb9b88c90e 2006.0/RPMS/libxorg-x11-6.9.0-5.10.20060mdk.i586.rpm
0a8ff15caa27d78680f54486c67737e6 2006.0/RPMS/libxorg-x11-devel-6.9.0-5.10.20060mdk.i586.rpm
e66de8e6c72f5b47ea0b56e32d75e46e 2006.0/RPMS/libxorg-x11-static-devel-6.9.0-5.10.20060mdk.i586.rpm
4520ffe2166ef729c9b717571a0f858e 2006.0/RPMS/X11R6-contrib-6.9.0-5.10.20060mdk.i586.rpm
2288439bb004dfc1cbb9b1e1463a8e8a 2006.0/RPMS/xorg-x11-100dpi-fonts-6.9.0-5.10.20060mdk.i586.rpm
278c8e53603e73b09877d6939d29d281 2006.0/RPMS/xorg-x11-6.9.0-5.10.20060mdk.i586.rpm
6dd626b751c738c91f5a60fbabe1f3ca 2006.0/RPMS/xorg-x11-75dpi-fonts-6.9.0-5.10.20060mdk.i586.rpm
a166e90cc89070fb053aec43c96bd9de 2006.0/RPMS/xorg-x11-cyrillic-fonts-6.9.0-5.10.20060mdk.i586.rpm
46941ea873fd4a47b43e32517671ba8d 2006.0/RPMS/xorg-x11-doc-6.9.0-5.10.20060mdk.i586.rpm
45f99f735dcac5987c0bcf0bcdf86456 2006.0/RPMS/xorg-x11-glide-module-6.9.0-5.10.20060mdk.i586.rpm
dd6d86b93bdd5742674cfb3c49260542 2006.0/RPMS/xorg-x11-server-6.9.0-5.10.20060mdk.i586.rpm
f97eb010ee04a03365607e952d0cb3be 2006.0/RPMS/xorg-x11-xauth-6.9.0-5.10.20060mdk.i586.rpm
103b774cb9a79c0adaf4c5949b9269ca 2006.0/RPMS/xorg-x11-Xdmx-6.9.0-5.10.20060mdk.i586.rpm
ee5ba6d107047df4552cc06e0e0d9932 2006.0/RPMS/xorg-x11-xfs-6.9.0-5.10.20060mdk.i586.rpm
4734479179fc2b8df8a9383123cbe43d 2006.0/RPMS/xorg-x11-Xnest-6.9.0-5.10.20060mdk.i586.rpm
5aa7daf002ee73a61d719c318cc7fb0f 2006.0/RPMS/xorg-x11-Xprt-6.9.0-5.10.20060mdk.i586.rpm
399f003f1545c4a6f003f26f197264f6 2006.0/RPMS/xorg-x11-Xvfb-6.9.0-5.10.20060mdk.i586.rpm
d76d29e580eaea46f06e9031c4678a16 2006.0/SRPMS/xorg-x11-6.9.0-5.10.20060mdk.src.rpm

Mandriva Linux 2006.0/X86_64:
44500ad48fab3741a6cd201e3e0c8e44 x86_64/2006.0/RPMS/lib64xorg-x11-6.9.0-5.10.20060mdk.x86_64.rpm
873c4f00872045e369d68b6c6bf0e9f4 x86_64/2006.0/RPMS/lib64xorg-x11-devel-6.9.0-5.10.20060mdk.x86_64.rpm
cf34abe58bce0f1cb39d279c1825f28d x86_64/2006.0/RPMS/lib64xorg-x11-static-devel-6.9.0-5.10.20060mdk.x86_64.rpm
870f66da912af0a4fad28efb9b88c90e x86_64/2006.0/RPMS/libxorg-x11-6.9.0-5.10.20060mdk.i586.rpm
0a8ff15caa27d78680f54486c67737e6 x86_64/2006.0/RPMS/libxorg-x11-devel-6.9.0-5.10.20060mdk.i586.rpm
e66de8e6c72f5b47ea0b56e32d75e46e x86_64/2006.0/RPMS/libxorg-x11-static-devel-6.9.0-5.10.20060mdk.i586.rpm
ea646502e846d806b676425d73489bc6 x86_64/2006.0/RPMS/X11R6-contrib-6.9.0-5.10.20060mdk.x86_64.rpm
bb96282af5687aec3e671c5c6b715162 x86_64/2006.0/RPMS/xorg-x11-100dpi-fonts-6.9.0-5.10.20060mdk.x86_64.rpm
9554339037de4d0ca8decaf3030b94c1 x86_64/2006.0/RPMS/xorg-x11-6.9.0-5.10.20060mdk.x86_64.rpm
e03bf5aaffd4ff3d918226069404c88c x86_64/2006.0/RPMS/xorg-x11-75dpi-fonts-6.9.0-5.10.20060mdk.x86_64.rpm
9cb232babce28cf0a9c9dbc3542c632a x86_64/2006.0/RPMS/xorg-x11-cyrillic-fonts-6.9.0-5.10.20060mdk.x86_64.rpm
56ec5996265c951aee954105c3227809 x86_64/2006.0/RPMS/xorg-x11-doc-6.9.0-5.10.20060mdk.x86_64.rpm
900e0f2251e6c81afcc37a2c585720d7 x86_64/2006.0/RPMS/xorg-x11-glide-module-6.9.0-5.10.20060mdk.x86_64.rpm
e0f617bd52b0d50aa78a8b70316922cf x86_64/2006.0/RPMS/xorg-x11-server-6.9.0-5.10.20060mdk.x86_64.rpm
e6610f07a1424051b95059afe5beb385 x86_64/2006.0/RPMS/xorg-x11-xauth-6.9.0-5.10.20060mdk.x86_64.rpm
05bfc5d4703ca7f181cf7b57c4569e4a x86_64/2006.0/RPMS/xorg-x11-Xdmx-6.9.0-5.10.20060mdk.x86_64.rpm
169612fa75a90697f98372aa87185cb7 x86_64/2006.0/RPMS/xorg-x11-xfs-6.9.0-5.10.20060mdk.x86_64.rpm
51cda78610735e801d8b5d53043b831f x86_64/2006.0/RPMS/xorg-x11-Xnest-6.9.0-5.10.20060mdk.x86_64.rpm
1b8416070f1ef2d307e5d00a3af8773b x86_64/2006.0/RPMS/xorg-x11-Xprt-6.9.0-5.10.20060mdk.x86_64.rpm
6c9314505699669efb32190a5f7c76f0 x86_64/2006.0/RPMS/xorg-x11-Xvfb-6.9.0-5.10.20060mdk.x86_64.rpm
d76d29e580eaea46f06e9031c4678a16 x86_64/2006.0/SRPMS/xorg-x11-6.9.0-5.10.20060mdk.src.rpm

Corporate 3.0:
aca392ef1cba20ee479740f6b0f89b0e corporate/3.0/RPMS/libxfree86-4.3-32.8.C30mdk.i586.rpm
c329ed9ddb46c518de8cbf5106856e9d corporate/3.0/RPMS/libxfree86-devel-4.3-32.8.C30mdk.i586.rpm
afdd3d25a20100d4017836024a779a80 corporate/3.0/RPMS/libxfree86-static-devel-4.3-32.8.C30mdk.i586.rpm
2932393ed9723b87a36d0ead89a40f93 corporate/3.0/RPMS/X11R6-contrib-4.3-32.8.C30mdk.i586.rpm
b414fa6a159e692e4b8e2e971b15f637 corporate/3.0/RPMS/XFree86-100dpi-fonts-4.3-32.8.C30mdk.i586.rpm
ac3e76f867137470151c1d5ec2c10eb4 corporate/3.0/RPMS/XFree86-4.3-32.8.C30mdk.i586.rpm
361e8fb0f2ac0df06b445c8628058059 corporate/3.0/RPMS/XFree86-75dpi-fonts-4.3-32.8.C30mdk.i586.rpm
17850cde32471176216776f98a5bb64d corporate/3.0/RPMS/XFree86-cyrillic-fonts-4.3-32.8.C30mdk.i586.rpm
87044502c0610247d325a1fd5045a167 corporate/3.0/RPMS/XFree86-doc-4.3-32.8.C30mdk.i586.rpm
7f783680a13c9df80bb002fa464ee4bf corporate/3.0/RPMS/XFree86-glide-module-4.3-32.8.C30mdk.i586.rpm
d4c6ad726d8c8da11c20eb87e426d3ee corporate/3.0/RPMS/XFree86-server-4.3-32.8.C30mdk.i586.rpm
97a8e6f430cd09eb421b236063043118 corporate/3.0/RPMS/XFree86-xfs-4.3-32.8.C30mdk.i586.rpm
d79bcae17843c8f5a2338111f3e877b7 corporate/3.0/RPMS/XFree86-Xnest-4.3-32.8.C30mdk.i586.rpm
a196843c331826c4ac34fba5608decdb corporate/3.0/RPMS/XFree86-Xvfb-4.3-32.8.C30mdk.i586.rpm
68d29cd668b3781e1bbd5c4bc11f7ed1 corporate/3.0/SRPMS/XFree86-4.3-32.8.C30mdk.src.rpm

Corporate 3.0/X86_64:
089b47176efe8d4464e238dd132930c4 x86_64/corporate/3.0/RPMS/lib64xfree86-4.3-32.8.C30mdk.x86_64.rpm
6798c3411909923b51f5004fa6560662 x86_64/corporate/3.0/RPMS/lib64xfree86-devel-4.3-32.8.C30mdk.x86_64.rpm
645cbe061d51046a3bd60cdf36e9b960 x86_64/corporate/3.0/RPMS/lib64xfree86-static-devel-4.3-32.8.C30mdk.x86_64.rpm
aca392ef1cba20ee479740f6b0f89b0e x86_64/corporate/3.0/RPMS/libxfree86-4.3-32.8.C30mdk.i586.rpm
6c028e2f95e7009268e1eaf8bf927d18 x86_64/corporate/3.0/RPMS/X11R6-contrib-4.3-32.8.C30mdk.x86_64.rpm
18af4e6eb23e8639110590a0c6515a8f x86_64/corporate/3.0/RPMS/XFree86-100dpi-fonts-4.3-32.8.C30mdk.x86_64.rpm
3c429b80b2ccd9d7bffa87523f24413f x86_64/corporate/3.0/RPMS/XFree86-4.3-32.8.C30mdk.x86_64.rpm
561109df5169fa01e8b7f9577f0f35d3 x86_64/corporate/3.0/RPMS/XFree86-75dpi-fonts-4.3-32.8.C30mdk.x86_64.rpm
dd3f5aa1245db2d2e2ff95922c7fbf61 x86_64/corporate/3.0/RPMS/XFree86-cyrillic-fonts-4.3-32.8.C30mdk.x86_64.rpm
f782bfb68f950892795a513128b3f4d5 x86_64/corporate/3.0/RPMS/XFree86-doc-4.3-32.8.C30mdk.x86_64.rpm
9e44ebf57f4cb3a7daddf1ea5b811210 x86_64/corporate/3.0/RPMS/XFree86-server-4.3-32.8.C30mdk.x86_64.rpm
cfd13b82f1e179ff55750984f1a2df44 x86_64/corporate/3.0/RPMS/XFree86-xfs-4.3-32.8.C30mdk.x86_64.rpm
b0720a8b494fc145096783bcdf1a5e54 x86_64/corporate/3.0/RPMS/XFree86-Xnest-4.3-32.8.C30mdk.x86_64.rpm
b3f4c24c5cc395962a0bfa7a6c9dba3c x86_64/corporate/3.0/RPMS/XFree86-Xvfb-4.3-32.8.C30mdk.x86_64.rpm
68d29cd668b3781e1bbd5c4bc11f7ed1 x86_64/corporate/3.0/SRPMS/XFree86-4.3-32.8.C30mdk.src.rpm


To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com


Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com>

Red Hat Linux


Red Hat Security Advisory

Synopsis: Important: gnutls security update
Advisory ID: RHSA-2006:0680-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0680.html
Issue date: 2006-09-14
Updated on: 2006-09-14
Product: Red Hat Enterprise Linux
CVE Names: CVE-2006-4790


1. Summary:

Updated gnutls packages that fix a security issue are now available for Red Hat Enterprise Linux 4.

This update has been rated as having important security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

The GnuTLS Library provides support for cryptographic algorithms and protocols such as TLS. GnuTLS includes libtasn1, a library developed for ASN.1 structures management that includes DER encoding and decoding.

Daniel Bleichenbacher recently described an attack on PKCS #1 v1.5 signatures. Where an RSA key with exponent 3 is used it may be possible for an attacker to forge a PKCS #1 v1.5 signature that would be incorrectly verified by implementations that do not check for excess data in the RSA exponentiation result of the signature.

The core GnuTLS team discovered that GnuTLS is vulnerable to a variant of the Bleichenbacker attack. This issue affects applications that use GnuTLS to verify X.509 certificates as well as other uses of PKCS #1 v1.5. (CVE-2006-4790)

In Red Hat Enterprise Linux 4, the GnuTLS library is only used by the Evolution client when connecting to an Exchange server or when publishing calendar information to a WebDAV server.

Users are advised to upgrade to these updated packages, which contain a backported patch from the GnuTLS maintainers to correct this issue.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

206411 - CVE-2006-4790 RSA forgery affects gnutls

6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/gnutls-1.0.20-3.2.3.src.rpm
60106ff0a4fcc6bdfab8d262c1157469 gnutls-1.0.20-3.2.3.src.rpm

i386:
f749e542a24f251e6dc2603c9cce1402 gnutls-1.0.20-3.2.3.i386.rpm
91a8b01e402bc0a8c6a298b504f1f89d
gnutls-debuginfo-1.0.20-3.2.3.i386.rpm
60cb9b56ffab6fc8ec9df1f53c82da51 gnutls-devel-1.0.20-3.2.3.i386.rpm

ia64:
f749e542a24f251e6dc2603c9cce1402 gnutls-1.0.20-3.2.3.i386.rpm
84cec28ca548482b2409eba04bc5cc2a
gnutls-1.0.20-3.2.3.ia64.rpm
91a8b01e402bc0a8c6a298b504f1f89d gnutls-debuginfo-1.0.20-3.2.3.i386.rpm
a49fa92fae38882c930ec62c98f41b88
gnutls-debuginfo-1.0.20-3.2.3.ia64.rpm
fd378955aa68beb8b695f54a5b96e32a gnutls-devel-1.0.20-3.2.3.ia64.rpm

ppc:
5fe6d74ce6a3cba718f73727c15da477 gnutls-1.0.20-3.2.3.ppc.rpm
d80d9c580e4f9fb2618d507ebcd04cd4
gnutls-1.0.20-3.2.3.ppc64.rpm
333733276d385a239998945576296d79 gnutls-debuginfo-1.0.20-3.2.3.ppc.rpm
3c38dd8f661acfd9aaff889437958905
gnutls-debuginfo-1.0.20-3.2.3.ppc64.rpm
38d15bbdbc6bfa0a42c59af2c4721800 gnutls-devel-1.0.20-3.2.3.ppc.rpm

s390:
0d492813efdd04c1857a070c3365b603 gnutls-1.0.20-3.2.3.s390.rpm
9d202406a60b67b6f737f41a77b766c3
gnutls-debuginfo-1.0.20-3.2.3.s390.rpm
48ee2a6d838bdb54a8965af9e2a4a2d5 gnutls-devel-1.0.20-3.2.3.s390.rpm

s390x:
0d492813efdd04c1857a070c3365b603 gnutls-1.0.20-3.2.3.s390.rpm
b2c8606d60365818d5e80d32ea654679
gnutls-1.0.20-3.2.3.s390x.rpm
9d202406a60b67b6f737f41a77b766c3 gnutls-debuginfo-1.0.20-3.2.3.s390.rpm
8037461d552b896fcffd895a447e46d1
gnutls-debuginfo-1.0.20-3.2.3.s390x.rpm
c9ea3c076c05e4c54ce9b85bfceb916d gnutls-devel-1.0.20-3.2.3.s390x.rpm

x86_64:
f749e542a24f251e6dc2603c9cce1402 gnutls-1.0.20-3.2.3.i386.rpm
9f3f2b568ba75803f9d7b75385310877
gnutls-1.0.20-3.2.3.x86_64.rpm
91a8b01e402bc0a8c6a298b504f1f89d gnutls-debuginfo-1.0.20-3.2.3.i386.rpm
79ee23a3f032fb2f04b6fa63d243849b
gnutls-debuginfo-1.0.20-3.2.3.x86_64.rpm
6917afed0d2c314879b52ce4138b47fc gnutls-devel-1.0.20-3.2.3.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/gnutls-1.0.20-3.2.3.src.rpm
60106ff0a4fcc6bdfab8d262c1157469 gnutls-1.0.20-3.2.3.src.rpm

i386:
f749e542a24f251e6dc2603c9cce1402 gnutls-1.0.20-3.2.3.i386.rpm
91a8b01e402bc0a8c6a298b504f1f89d
gnutls-debuginfo-1.0.20-3.2.3.i386.rpm
60cb9b56ffab6fc8ec9df1f53c82da51 gnutls-devel-1.0.20-3.2.3.i386.rpm

x86_64:
f749e542a24f251e6dc2603c9cce1402 gnutls-1.0.20-3.2.3.i386.rpm
9f3f2b568ba75803f9d7b75385310877
gnutls-1.0.20-3.2.3.x86_64.rpm
91a8b01e402bc0a8c6a298b504f1f89d gnutls-debuginfo-1.0.20-3.2.3.i386.rpm
79ee23a3f032fb2f04b6fa63d243849b
gnutls-debuginfo-1.0.20-3.2.3.x86_64.rpm
6917afed0d2c314879b52ce4138b47fc gnutls-devel-1.0.20-3.2.3.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/gnutls-1.0.20-3.2.3.src.rpm
60106ff0a4fcc6bdfab8d262c1157469 gnutls-1.0.20-3.2.3.src.rpm

i386:
f749e542a24f251e6dc2603c9cce1402 gnutls-1.0.20-3.2.3.i386.rpm
91a8b01e402bc0a8c6a298b504f1f89d
gnutls-debuginfo-1.0.20-3.2.3.i386.rpm
60cb9b56ffab6fc8ec9df1f53c82da51 gnutls-devel-1.0.20-3.2.3.i386.rpm

ia64:
f749e542a24f251e6dc2603c9cce1402 gnutls-1.0.20-3.2.3.i386.rpm
84cec28ca548482b2409eba04bc5cc2a
gnutls-1.0.20-3.2.3.ia64.rpm
91a8b01e402bc0a8c6a298b504f1f89d gnutls-debuginfo-1.0.20-3.2.3.i386.rpm
a49fa92fae38882c930ec62c98f41b88
gnutls-debuginfo-1.0.20-3.2.3.ia64.rpm
fd378955aa68beb8b695f54a5b96e32a gnutls-devel-1.0.20-3.2.3.ia64.rpm

x86_64:
f749e542a24f251e6dc2603c9cce1402 gnutls-1.0.20-3.2.3.i386.rpm
9f3f2b568ba75803f9d7b75385310877
gnutls-1.0.20-3.2.3.x86_64.rpm
91a8b01e402bc0a8c6a298b504f1f89d gnutls-debuginfo-1.0.20-3.2.3.i386.rpm
79ee23a3f032fb2f04b6fa63d243849b
gnutls-debuginfo-1.0.20-3.2.3.x86_64.rpm
6917afed0d2c314879b52ce4138b47fc gnutls-devel-1.0.20-3.2.3.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/gnutls-1.0.20-3.2.3.src.rpm
60106ff0a4fcc6bdfab8d262c1157469 gnutls-1.0.20-3.2.3.src.rpm

i386:
f749e542a24f251e6dc2603c9cce1402 gnutls-1.0.20-3.2.3.i386.rpm
91a8b01e402bc0a8c6a298b504f1f89d
gnutls-debuginfo-1.0.20-3.2.3.i386.rpm
60cb9b56ffab6fc8ec9df1f53c82da51 gnutls-devel-1.0.20-3.2.3.i386.rpm

ia64:
f749e542a24f251e6dc2603c9cce1402 gnutls-1.0.20-3.2.3.i386.rpm
84cec28ca548482b2409eba04bc5cc2a
gnutls-1.0.20-3.2.3.ia64.rpm
91a8b01e402bc0a8c6a298b504f1f89d gnutls-debuginfo-1.0.20-3.2.3.i386.rpm
a49fa92fae38882c930ec62c98f41b88
gnutls-debuginfo-1.0.20-3.2.3.ia64.rpm
fd378955aa68beb8b695f54a5b96e32a gnutls-devel-1.0.20-3.2.3.ia64.rpm

x86_64:
f749e542a24f251e6dc2603c9cce1402 gnutls-1.0.20-3.2.3.i386.rpm
9f3f2b568ba75803f9d7b75385310877
gnutls-1.0.20-3.2.3.x86_64.rpm
91a8b01e402bc0a8c6a298b504f1f89d gnutls-debuginfo-1.0.20-3.2.3.i386.rpm
79ee23a3f032fb2f04b6fa63d243849b
gnutls-debuginfo-1.0.20-3.2.3.x86_64.rpm
6917afed0d2c314879b52ce4138b47fc gnutls-devel-1.0.20-3.2.3.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4790
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/

Copyright 2006 Red Hat, Inc.

Slackware Linux

[slackware-security] bind DoS (SSA:2006-257-01)

New bind packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a Denial of Service issue.

More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4095
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4096

As well as here:
http://www.isc.org/sw/bind/bind-security.php

There are no known active exploits at this time.

Here are the details from the Slackware 10.2 ChangeLog:
+--------------------------+
patches/packages/bind-9.3.2_P1-i486-1_slack10.2.tgz:
Upgraded to bind-9.3.2_P1.
This update addresses a denial of service vulnerability.
BIND's CHANGES file says this:
2066. [security] Handle SIG queries gracefully. [RT #16300]
v The best discussion I've found is in FreeBSD's advisory, so here's a link:
    http://security.FreeBSD.org/advisories/FreeBSD-SA-06:20.bind.asc
Also, fixed some missing man pages. (noticed by Xavier Thomassin -- thanks)
(* Security fix *)
+--------------------------+

Where to find the new packages:

HINT: Getting slow download speeds from ftp ftp.slackware.com? Give slackware.osuosl.org/ a try. This is another primary FTP site for Slackware that can be considerably faster than downloading from ftp.slackware.com/.

Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating additional FTP and rsync hosting to the Slackware project! :-)

Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.

Updated package for Slackware 9.0:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/bind-9.2.6_P1-i386-1_slack9.0.tgz

Updated package for Slackware 9.1:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/bind-9.2.6_P1-i486-2_slack9.1.tgz

Updated package for Slackware 10.0:
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/bind-9.2.6_P1-i486-1_slack10.0.tgz

Updated package for Slackware 10.1:
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/bind-9.3.2_P1-i486-1_slack10.1.tgz

Updated package for Slackware 10.2:
ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/bind-9.3.2_P1-i486-1_slack10.2.tgz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.3.2_P1-i486-1.tgz

MD5 signatures:

Slackware 9.0 package:
641cce9a50667d49df3d67add0ff76ff bind-9.2.6_P1-i386-1_slack9.0.tgz

Slackware 9.1 package:
29f41cfd25b2b1fdf333f88c4e652ec3 bind-9.2.6_P1-i486-2_slack9.1.tgz

Slackware 10.0 package:
6fc49bad0cd810133d1f54e42dd17b29 bind-9.2.6_P1-i486-1_slack10.0.tgz

Slackware 10.1 package:
9d298ea5cfab7f088d238386a288c640 bind-9.3.2_P1-i486-1_slack10.1.tgz

Slackware 10.2 package:
f01ac09880f628674e8520738e1b45cf bind-9.3.2_P1-i486-1_slack10.2.tgz

Slackware -current package:
0aac4c9eed155d6fe2e85bfdd13572ee bind-9.3.2_P1-i486-1.tgz

Installation instructions:

Upgrade the packages as root:
# upgradepkg bind-9.3.2_P1-i486-1_slack10.2.tgz

Restart named:

sh /etc/rc.d/rc.bind restart

+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

[slackware-security] openssl (SSA:2006-257-02)

New openssl packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a signature forgery security issue.

More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-4339

As well as here:
http://www.openssl.org/news/secadv_20060905.txt

Here are the details from the Slackware 10.2 ChangeLog:
+--------------------------+
patches/packages/openssl-0.9.7g-i486-3_slack10.2.tgz: Patched an issue where it is possible to forge certain kinds of RSA signatures.
For more information, see:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339
patches/packages/openssl-solibs-0.9.7g-i486-3_slack10.2.tgz: Patched an issue where it is possible to forge certain kinds of RSA signatures.
For more information, see:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339
(* Security fix *)
+--------------------------+

Where to find the new packages:

HINT: Getting slow download speeds from ftp ftp.slackware.com? Give slackware.osuosl.org/ a try. This is another primary FTP site for Slackware that can be considerably faster than downloading from ftp.slackware.com/.

Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating additional FTP and rsync hosting to the Slackware project! :-)

Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.

Updated packages for Slackware 8.1:
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/openssl-0.9.6m-i386-3_slack8.1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/openssl-solibs-0.9.6m-i386-3_slack8.1.tgz

Updated packages for Slackware 9.0:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/openssl-0.9.7d-i386-3_slack9.0.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/openssl-solibs-0.9.7d-i386-3_slack9.0.tgz

Updated packages for Slackware 9.1:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/openssl-0.9.7d-i486-3_slack9.1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/openssl-solibs-0.9.7d-i486-3_slack9.1.tgz

Updated packages for Slackware 10.0:
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/openssl-0.9.7d-i486-3_slack10.0.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/openssl-solibs-0.9.7d-i486-3_slack10.0.tgz

Updated packages for Slackware 10.1:
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/openssl-0.9.7e-i486-5_slack10.1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/openssl-solibs-0.9.7e-i486-5_slack10.1.tgz

Updated packages for Slackware 10.2:
ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/openssl-0.9.7g-i486-3_slack10.2.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/openssl-solibs-0.9.7g-i486-3_slack10.2.tgz

Updated packages for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-0.9.8b-i486-2.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-0.9.8b-i486-2.tgz

MD5 signatures:

Slackware 8.1 package:
8eb460bcf30a2b8649b43ce085a2d629 openssl-0.9.6m-i386-3_slack8.1.tgz
43578bf56567cec38b361a47af7d23d0 openssl-solibs-0.9.6m-i386-3_slack8.1.tgz

Slackware 9.0 package:
51dee49448ec798ebd0b317a72c7e81f openssl-0.9.7d-i386-3_slack9.0.tgz
27f40cc16422feed2e068d8066c9452c openssl-solibs-0.9.7d-i386-3_slack9.0.tgz

Slackware 9.1 package:
fec2941e31e0a50de2c5eb6059ccbcc2 openssl-0.9.7d-i486-3_slack9.1.tgz
840095da5157bf39858c3f0107db7869 openssl-solibs-0.9.7d-i486-3_slack9.1.tgz

Slackware 10.0 package:
2d338b944b751cfb45e0223525209252 openssl-0.9.7d-i486-3_slack10.0.tgz
55e97324e33cfabd94193236409a3150 openssl-solibs-0.9.7d-i486-3_slack10.0.tgz

Slackware 10.1 package:
ac64c572b69525577d9b76140e40a6c4 openssl-0.9.7e-i486-5_slack10.1.tgz
ed748fda21abe6a712528c0e4925b0d5 openssl-solibs-0.9.7e-i486-5_slack10.1.tgz

Slackware 10.2 package:
2cf5cc14e372810841d9b9d5baf7463f openssl-0.9.7g-i486-3_slack10.2.tgz
462d464d137df3a86a40e8cf0855b4a0 openssl-solibs-0.9.7g-i486-3_slack10.2.tgz

Slackware -current package:
bea03b7a361267a61c7f97ef8065e178 openssl-0.9.8b-i486-2.tgz
d7adfc4403f42015eeb94e8d93feba74 openssl-solibs-0.9.8b-i486-2.tgz

Installation instructions:

Upgrade the packages as root:
# upgradepkg openssl-solibs-0.9.7g-i486-3_slack10.2.tgz openssl-0.9.7g-i486-3_slack10.2.tgz

+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

Ubuntu


Ubuntu Security Notice USN-346-2 September 14, 2006
linux-restricted-modules-2.6.15 regression fix

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS

This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the following package versions:

Ubuntu 6.06 LTS:

avm-fritz-firmware-2.6.15-26 2.6.15.11-4
avm-fritz-kernel-source 2.6.15.11-4
fglrx-control 2.6.15.11-4
fglrx-kernel-source 2.6.15.11-4
linux-restricted-modules-2.6.15-26-386 2.6.15.11-4
linux-restricted-modules-2.6.15-26-686 2.6.15.11-4
linux-restricted-modules-2.6.15-26-amd64-generic 2.6.15.11-4
linux-restricted-modules-2.6.15-26-amd64-k8 2.6.15.11-4
linux-restricted-modules-2.6.15-26-amd64-xeon 2.6.15.11-4
nic-restricted-firmware-2.6.15-26-386-di 2.6.15.11-4
nic-restricted-firmware-2.6.15-26-amd64-generic-di 2.6.15.11-4
nic-restricted-modules-2.6.15-26-386-di 2.6.15.11-4
nic-restricted-modules-2.6.15-26-amd64-generic-di 2.6.15.11-4
nvidia-glx 2.6.15.11-4
nvidia-glx-dev 2.6.15.11-4
nvidia-glx-legacy 2.6.15.11-4
nvidia-glx-legacy-dev 2.6.15.11-4
nvidia-kernel-source 2.6.15.11-4
nvidia-legacy-kernel-source 2.6.15.11-4
xorg-driver-fglrx 2.6.15.11-4
xorg-driver-fglrx-dev 2.6.15.11-4

After a standard system upgrade you need to reboot your computer to effect the necessary changes.

Details follow:

USN-346-1 provided an updated Linux kernel to fix several security vulnerabilities. Unfortunately the update broke the binary 'nvidia' driver from linux-restricted-modules. This update corrects this problem. We apologize for the inconvenience.

Updated packages for Ubuntu 6.06 LTS:

Source archives:

    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15_2.6.15.11-4.diff.gz
      Size/MD5: 87151 643e82286c057ba22dc6e206eb35bb29
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15_2.6.15.11-4.dsc
      Size/MD5: 3185 994d3417c1d9ec7eab79ea993cb37304
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15_2.6.15.11.orig.tar.gz
      Size/MD5: 97566445 8bb235f9119aed52797b057827756b8c

Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-common_2.6.15.11-4_all.deb
      Size/MD5: 17844 f05d3a7a38b1c45959d6d19972e9dd68

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/avm-fritz-firmware-2.6.15-26_3.11+2.6.15.11-4_amd64.deb
      Size/MD5: 474964 3caecd039a65b40abbb7e0992dfacaef
    http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.15/avm-fritz-kernel-source_3.11+2.6.15.11-4_amd64.deb
      Size/MD5: 2404974 cb8229fe0f818d8a595c29d5d1d365be
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/fglrx-control_8.25.18+2.6.15.11-4_amd64.deb
      Size/MD5: 76148 dbbac55447617a2c29a5456bfb3ac956
    http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.15/fglrx-kernel-source_8.25.18+2.6.15.11-4_amd64.deb
      Size/MD5: 510394 79c3e8fd94f52f8803bc40587f07e2ac
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15-26-amd64-generic_2.6.15.11-4_amd64.deb
      Size/MD5: 6861180 6c3497ef198fe4f983a8fb7d644345eb
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15-26-amd64-k8_2.6.15.11-4_amd64.deb
      Size/MD5: 6860656 014f045a30ed2ebffe4a95958bddf933
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15-26-amd64-xeon_2.6.15.11-4_amd64.deb
      Size/MD5: 6837510 a12bc36da1ba8df6f3b441c050c41f5c
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nic-restricted-firmware-2.6.15-26-amd64-generic-di_2.6.15.11-4_amd64.udeb
      Size/MD5: 799514 38bdf455f45161a6bc1bca5012f7b0d4
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nic-restricted-modules-2.6.15-26-amd64-generic-di_2.6.15.11-4_amd64.udeb
      Size/MD5: 497782 3d8877d1d042d2cc8e36ea9e61af24c2
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nvidia-glx-dev_1.0.8762+2.6.15.11-4_amd64.deb
      Size/MD5: 166118 56e89f9896b208e24cb716835e9498fa
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nvidia-glx-legacy-dev_1.0.7174+2.6.15.11-4_amd64.deb
      Size/MD5: 161702 4232e7de834f919651d79c9306c643c4
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nvidia-glx-legacy_1.0.7174+2.6.15.11-4_amd64.deb
      Size/MD5: 6070528 cb309054c7cfbb54a66df62f63ae93b9
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nvidia-glx_1.0.8762+2.6.15.11-4_amd64.deb
      Size/MD5: 7320274 094915d52a54a240472d6dea24b671c8
    http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.15/nvidia-kernel-source_1.0.8762+2.6.15.11-4_amd64.deb
      Size/MD5: 1758806 2a93a403fb704c79b249147cd00abf7c
    http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.15/nvidia-legacy-kernel-source_1.0.7174+2.6.15.11-4_amd64.deb
      Size/MD5: 1405450 425d8c405d8bd3c3630e41e9a60a92fb
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/xorg-driver-fglrx-dev_7.0.0-8.25.18+2.6.15.11-4_amd64.deb
      Size/MD5: 125236 ffb7eb7471336f2fde9127923ce9ef07
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/xorg-driver-fglrx_7.0.0-8.25.18+2.6.15.11-4_amd64.deb
      Size/MD5: 17296442 75f9a7bab8b41e4cd5ad6f9a205d6f48

i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/avm-fritz-firmware-2.6.15-26_3.11+2.6.15.11-4_i386.deb
      Size/MD5: 1204512 44a6759adc93e3fff035bed23c7fe44e
    http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.15/avm-fritz-kernel-source_3.11+2.6.15.11-4_i386.deb
      Size/MD5: 3692196 67d7e964ce6f8a1d181ca384a83c6e47
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/fglrx-control_8.25.18+2.6.15.11-4_i386.deb
      Size/MD5: 73032 9db2c8b8355ac7aea0a4138df028343d
    http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.15/fglrx-kernel-source_8.25.18+2.6.15.11-4_i386.deb
      Size/MD5: 660424 d4178190555fadf59069b0e97b9caa88
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15-26-386_2.6.15.11-4_i386.deb
      Size/MD5: 8137630 db3620b3089df4c3db8e00b19e663d3a
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15-26-686_2.6.15.11-4_i386.deb
      Size/MD5: 7939300 6f38892ead571b90ea30e98bf36bf27c
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15-26-k7_2.6.15.11-4_i386.deb
      Size/MD5: 7938132 47d11aaa9d59969f49cb58f745b027f8
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nic-restricted-firmware-2.6.15-26-386-di_2.6.15.11-4_i386.udeb
      Size/MD5: 799338 098fe6d3fdd412ab0b94957d42466307
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nic-restricted-modules-2.6.15-26-386-di_2.6.15.11-4_i386.udeb
      Size/MD5: 475504 926d8f9a4ebb21d6768c3d8dc201b3bc
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nvidia-glx-dev_1.0.8762+2.6.15.11-4_i386.deb
      Size/MD5: 146858 96525b932c1366ae3adf43bb28e1caa8
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nvidia-glx-legacy-dev_1.0.7174+2.6.15.11-4_i386.deb
      Size/MD5: 139810 6a92d3f6b67442333980f8e4ccf587bc
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nvidia-glx-legacy_1.0.7174+2.6.15.11-4_i386.deb
      Size/MD5: 3060114 5e779427deeca956bfe11308976f4847
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nvidia-glx_1.0.8762+2.6.15.11-4_i386.deb
      Size/MD5: 4059028 97eb8ac3cb4d48f6912435de34cff73c
    http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.15/nvidia-kernel-source_1.0.8762+2.6.15.11-4_i386.deb
      Size/MD5: 1693226 b7040b79ddaf65b1f9f3227550e56e63
    http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.15/nvidia-legacy-kernel-source_1.0.7174+2.6.15.11-4_i386.deb
      Size/MD5: 1401238 1d4fbedbdff07d0e184a367f9257834d
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/xorg-driver-fglrx-dev_7.0.0-8.25.18+2.6.15.11-4_i386.deb
      Size/MD5: 110704 dc9751aa2ec3817b24ace5b690818339
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/xorg-driver-fglrx_7.0.0-8.25.18+2.6.15.11-4_i386.deb
      Size/MD5: 10556902 a1d631b11690adeea1f3026248acd144

powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15-26-powerpc-smp_2.6.15.11-4_powerpc.deb
      Size/MD5: 1339442 e61cc86c121be7127fb8c9ffe11e7617
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15-26-powerpc_2.6.15.11-4_powerpc.deb
      Size/MD5: 1335486 3f3bb8d7273c17ada6cd7e244d4c17a4
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nic-restricted-firmware-2.6.15-26-powerpc-di_2.6.15.11-4_powerpc.udeb
      Size/MD5: 799410 eeaa35a950b92c7ba9bdfb20191f6fa9
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/nic-restricted-modules-2.6.15-26-powerpc-di_2.6.15.11-4_powerpc.udeb
      Size/MD5: 508184 66bf1f2491d7e03562025c1512bae2a5

sparc architecture (Sun SPARC/UltraSPARC)

    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15-26-sparc64-smp_2.6.15.11-4_sparc.deb
      Size/MD5: 828102 62a4bcb8554e8e3b42ca1ee9ea44f12d
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.15/linux-restricted-modules-2.6.15-26-sparc64_2.6.15.11-4_sparc.deb
      Size/MD5: 828032 c2efd04b7b02d4f9aa04e0ca919f4cb3