dcsimg
Linux Today: Linux News On Internet Time.





More on LinuxToday


Advisories, April 21, 2005

Apr 22, 2005, 04:45 (0 Talkback[s])

Debian GNU/Linux


Debian Security Advisory DSA 701-2 security@debian.org
http://www.debian.org/security/ Martin Schulze
April 21st, 2005 http://www.debian.org/security/faq


Package : samba
Vulnerability : integer overflows
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-1154
CERT advisory : VU#226184
Debian Bug : 302378

It has been discovered that the last security update for Samba, a LanManager like file and printer server for GNU/Linux and Unix-like systems caused the daemon to crash upon reload. This has been fixed. For reference below is the original advisory text:

Greg MacManus discovered an integer overflow in the smb daemon from Samba, a LanManager like file and printer server for GNU/Linux and Unix-like systems. Requesting a very large number of access control descriptors from the server could exploit the integer overflow, which may result in a buffer overflow which could lead to the execution of arbitrary code with root privileges. Upstream developers have discovered more possible integer overflows that are fixed with this update as well.

For the stable distribution (woody) these problems have been fixed in version 2.2.3a-15.

The version in the unstable distribution (sid) is not affected by this new problem.

We recommend that you upgrade your samba packages.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody


Source archives:

http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-15.dsc
Size/MD5 checksum: 771 a830503053c010eaf927e278aa9bee46
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-15.diff.gz
Size/MD5 checksum: 128578 5019368376bf7e7021d6fac84b4ebb41
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a.orig.tar.gz
Size/MD5 checksum: 5460531 b6ec2f076af69331535a82b586f55254

Architecture independent components:

http://security.debian.org/pool/updates/main/s/samba/samba-doc_2.2.3a-15_all.deb
Size/MD5 checksum: 2447132 bddbd51cdb1ad5caa110da59fa1befd7

Alpha architecture:

http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-15_alpha.deb
Size/MD5 checksum: 416810 54cc78e20583f06965d972aa6e0b44d0
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-15_alpha.deb
Size/MD5 checksum: 490188 32c9b6bf5bff4bf3af118d1c1a808118
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-15_alpha.deb
Size/MD5 checksum: 602016 a2036d9ed3ad444a3e659b64e28f1cd7
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-15_alpha.deb
Size/MD5 checksum: 2963274 75fd393711aece6fec0cd8b7d684f515
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-15_alpha.deb
Size/MD5 checksum: 1132702 96f4c0d239636931d92c2ce2bbc08a9d
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-15_alpha.deb
Size/MD5 checksum: 1159220 de33034038ebc1ed2132ab2d382ede11
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-15_alpha.deb
Size/MD5 checksum: 952140 d064f7659969556065a5714672f73ed5
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-15_alpha.deb
Size/MD5 checksum: 624636 7e68a5ad923d3ef9b9bc59bbb430fd4d
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-15_alpha.deb
Size/MD5 checksum: 1108854 ca33ced414688e61616d8d7c446d7927

ARM architecture:

http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-15_arm.deb
Size/MD5 checksum: 397722 59a8c97c404bad26b39d31eaadc4e4d5
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-15_arm.deb
Size/MD5 checksum: 462276 3614ee47d7fa5c1c647528789f5d67b0
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-15_arm.deb
Size/MD5 checksum: 548498 259e4f9bec3d35c1fa9114d62519d3ac
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-15_arm.deb
Size/MD5 checksum: 2557616 d5c3bc06031f7e1a8f318f7044c4c065
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-15_arm.deb
Size/MD5 checksum: 1024430 707cdd665ed01bd65ab3992de8ec3022
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-15_arm.deb
Size/MD5 checksum: 1004790 0f101fceeb6ce6c9d0fbe04b36be629d
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-15_arm.deb
Size/MD5 checksum: 833456 89b7d54917cd90ec1960e091e1bff8c6
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-15_arm.deb
Size/MD5 checksum: 558620 c8a4da7264d07c97d12163e70c2340f9
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-15_arm.deb
Size/MD5 checksum: 976218 86a5de52d3f680adb949606fb0837cbb

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-15_i386.deb
Size/MD5 checksum: 389394 f4a558d33c67099e6ed20091b528d952
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-15_i386.deb
Size/MD5 checksum: 446602 74ae7a7159f19db07094502644fcab0d
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-15_i386.deb
Size/MD5 checksum: 500304 3613b9880b421a26c4ea8ba726f9c85a
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-15_i386.deb
Size/MD5 checksum: 2422058 a2d6e27f58b9255ce07640eef5b591df
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-15_i386.deb
Size/MD5 checksum: 993734 89419f6b2f17e8aed613c51a5ac8e9f2
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-15_i386.deb
Size/MD5 checksum: 955662 52c703be64db22e2b8892477639726f2
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-15_i386.deb
Size/MD5 checksum: 794894 68ec0cf3a9261b593488353ea3f18bf6
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-15_i386.deb
Size/MD5 checksum: 535942 82462f0c253bbecbc0c3b4c417b66d43
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-15_i386.deb
Size/MD5 checksum: 932174 8146d2161b0f204ce41147c315e82455

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-15_ia64.deb
Size/MD5 checksum: 462818 69f3f879edd97b08ac8a3e52fbb95090
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-15_ia64.deb
Size/MD5 checksum: 554832 730894829cff961725b2e9e1178a5e18
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-15_ia64.deb
Size/MD5 checksum: 626344 0faf0298ef66970cb393c49d5b3d508e
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-15_ia64.deb
Size/MD5 checksum: 3495368 c71d00d4a4fd108635c1a7010368a6dd
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-15_ia64.deb
Size/MD5 checksum: 1250736 800849fa4340dca4c5d559f61857d8b0
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-15_ia64.deb
Size/MD5 checksum: 1332712 1462f5a2b3afdc9a30a821ba2b3ed9f0
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-15_ia64.deb
Size/MD5 checksum: 1100548 7a51e38509ddb3c2094fc0b2f4e52f30
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-15_ia64.deb
Size/MD5 checksum: 696404 d2d4325e344ab644e157632b0b454345
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-15_ia64.deb
Size/MD5 checksum: 1284038 5062f707960e5397cdac4f68fec8c19b

HP Precision architecture:

http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-15_hppa.deb
Size/MD5 checksum: 420670 3ebfd5f13e140892d0eee6fe2134aed2
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-15_hppa.deb
Size/MD5 checksum: 491982 91a01975668c77fbf69b60ed482be911
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-15_hppa.deb
Size/MD5 checksum: 590680 2b860b9aad275d8ec5861df32c54df61
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-15_hppa.deb
Size/MD5 checksum: 2797958 eb8bcb58cc62d9ed95c540a32033c089
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-15_hppa.deb
Size/MD5 checksum: 1082496 8446865cbb609e233211bcf717fe43c0
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-15_hppa.deb
Size/MD5 checksum: 1087288 9a44929178cb8b8406690ab5220600c3
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-15_hppa.deb
Size/MD5 checksum: 903440 10995cadf8ea6671d93f3ab9bdee1b23
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-15_hppa.deb
Size/MD5 checksum: 590876 85832604872b8eb84f1d72e60ca69de0
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-15_hppa.deb
Size/MD5 checksum: 1062142 08523479c0cd91d5f137bea51f754dd1

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-15_m68k.deb
Size/MD5 checksum: 399818 6882d30a2f2ee2b99afbb32abff0020c
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-15_m68k.deb
Size/MD5 checksum: 461100 db0510c04055a133dc1d5a08e738bb39
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-15_m68k.deb
Size/MD5 checksum: 506028 cb718fb5103d31715445150d6272f270
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-15_m68k.deb
Size/MD5 checksum: 2367368 301b09319baa600ad2e9a8ed83255471
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-15_m68k.deb
Size/MD5 checksum: 983910 db09d234e5b469b859adc2f7432df9a7
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-15_m68k.deb
Size/MD5 checksum: 939778 7d19988ca24410a27c7a708a61b5fe5e
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-15_m68k.deb
Size/MD5 checksum: 791812 18d0a57c6ba5e717a6cc43e16af99c3e
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-15_m68k.deb
Size/MD5 checksum: 525824 061bbd514f5508e9251fad7e41c7a867
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-15_m68k.deb
Size/MD5 checksum: 933982 88265eacabf3d96b1aa118b7c8736db4

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-15_mips.deb
Size/MD5 checksum: 396830 b5fd5ba93dd8b7c5cbf8b4708ee7ab28
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-15_mips.deb
Size/MD5 checksum: 460228 1ec3f80b54e5d4aefc2e0113ebdd1711
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-15_mips.deb
Size/MD5 checksum: 570762 34e0b588c7ae9c1f0f90cad60cf3f43f
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-15_mips.deb
Size/MD5 checksum: 2808522 53157303f42e7b1f2de9b99912246b8b
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-15_mips.deb
Size/MD5 checksum: 1080134 43ea434c339d52f4eef4e32c83b3f41d
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-15_mips.deb
Size/MD5 checksum: 1090032 2a88b66106a14d31fb5887a450a1de9d
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-15_mips.deb
Size/MD5 checksum: 912250 6574d75406e22c416a76ce077c31832a
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-15_mips.deb
Size/MD5 checksum: 582084 67830ce3df32cfae30eb2efe7ad87a19
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-15_mips.deb
Size/MD5 checksum: 1030444 60bbff9a824aa36ddbd988ee01063069

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-15_mipsel.deb
Size/MD5 checksum: 392914 bc405a78273176b7efefd06170d23f46
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-15_mipsel.deb
Size/MD5 checksum: 454712 a8e3b095dfd4d2f6298a16f09a506ef0
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-15_mipsel.deb
Size/MD5 checksum: 563936 c555c075ec8440c9c78281f326d21e80
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-15_mipsel.deb
Size/MD5 checksum: 2771190 2bfca4bb39861f5595bbaf96d79cd993
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-15_mipsel.deb
Size/MD5 checksum: 1073628 b1fd732c6119078cdc0e8066657a9916
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-15_mipsel.deb
Size/MD5 checksum: 1078578 ca9622d56909bb4a5ecf28f29c90637f
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-15_mipsel.deb
Size/MD5 checksum: 899538 0f97803e96189613e32eb877e6ccc92f
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-15_mipsel.deb
Size/MD5 checksum: 577818 e187bfb77c374b568978fc225ab953b4
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-15_mipsel.deb
Size/MD5 checksum: 1017490 2f237a6102ce15885d208fa904aa1657

PowerPC architecture:

http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-15_powerpc.deb
Size/MD5 checksum: 409454 e726893d5ff7d9063fb6d2226c837bfe
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-15_powerpc.deb
Size/MD5 checksum: 476696 e00e166d95f682573f10c92412dc3d3a
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-15_powerpc.deb
Size/MD5 checksum: 547600 30e23d427b5b35c1f5592a92c5d77113
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-15_powerpc.deb
Size/MD5 checksum: 2611044 6915f515a4643eb35fefc9d9f5370927
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-15_powerpc.deb
Size/MD5 checksum: 1038358 26c7983705ed0865e3bf28fb672a8d82
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-15_powerpc.deb
Size/MD5 checksum: 1023690 24cd6ad298d918caa735b0200a71a6ba
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-15_powerpc.deb
Size/MD5 checksum: 853686 bb8301e5e74c4e4344ce5acb98dbd24d
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-15_powerpc.deb
Size/MD5 checksum: 561654 723b8207864e0b08c296b84eea855528
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-15_powerpc.deb
Size/MD5 checksum: 1003568 213b0f0b3d65b7a718eda96789b0393c

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-15_s390.deb
Size/MD5 checksum: 404176 39adf5289a4ac6812cbed5205fb5b2ae
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-15_s390.deb
Size/MD5 checksum: 471088 be9980bc9c633eb2c322e62034261e57
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-15_s390.deb
Size/MD5 checksum: 527906 5c13cdac05e43d8985bb1487ed1668f5
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-15_s390.deb
Size/MD5 checksum: 2501820 f69cee114720831c767bf134fbc28f80
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-15_s390.deb
Size/MD5 checksum: 1008810 71e18ad0686d9b3fe419392066678bac
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-15_s390.deb
Size/MD5 checksum: 985000 d3a2f39e1cfb19bc1370a72b7ebd4bfe
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-15_s390.deb
Size/MD5 checksum: 835452 22775fa123dec008ff0203164181a28f
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-15_s390.deb
Size/MD5 checksum: 538802 b5303f335182d5d84aa63bc06ee24f41
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-15_s390.deb
Size/MD5 checksum: 967516 24c28a95bcbcf95fc18d39bda1fb4bff

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-15_sparc.deb
Size/MD5 checksum: 401406 9dd6197a246b2465b2cb7efe99e41285
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-15_sparc.deb
Size/MD5 checksum: 462310 7a1ad3778872cba2f53f6c23257c09da
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-15_sparc.deb
Size/MD5 checksum: 525272 55b1545f1abe0f3e98d0794a8b44fb51
http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-15_sparc.deb
Size/MD5 checksum: 2517506 8f53c843aa7376885ddfa084a24014f4
http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-15_sparc.deb
Size/MD5 checksum: 1012950 244bac12471bf063b70cc6ed7dbcdf1e
http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-15_sparc.deb
Size/MD5 checksum: 987134 af61a6e73388d03702cf016e513b93a7
http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-15_sparc.deb
Size/MD5 checksum: 830998 17bbf913464d5a8499eb7983212cc23a
http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-15_sparc.deb
Size/MD5 checksum: 544798 7b58d5da25b735a084ee851223ec2357
http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-15_sparc.deb
Size/MD5 checksum: 967886 e12469a586cf25650a09abda6e0f3df5

These files will probably be moved into the stable distribution on its next update.


Debian Security Advisory DSA 713-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
April 21st, 2005 http://www.debian.org/security/faq


Package : junkbuster
Vulnerability : several
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2005-1108 CAN-2005-1109

Several bugs have been found in junkbuster, a HTTP proxy and filter. The Common Vulnerability and Exposures project identifies the following vulnerabilities:

CAN-2005-1108

James Ranson discovered that an attacker can modify the referrer setting with a carefully crafted URL by accidently overwriting a global variable.

CAN-2005-1109

Tavis Ormandy from the Gentoo Security Team discovered several heap corruptions due to inconsistent use of an internal function that can crash the daemon or possibly lead to the execution of arbitrary code.

For the stable distribution (woody) these problems have been fixed in version 2.0.2-0.2woody1.

The unstable distribution (sid) doesn't contain the junkbuster package anymore.

We recommend that you upgrade your junkbuster package.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody


Source archives:

http://security.debian.org/pool/updates/main/j/junkbuster/junkbuster_2.0.2-0.2woody1.dsc
Size/MD5 checksum: 580 1cdd2e8d2e09436cb8e2bc33b5154507
http://security.debian.org/pool/updates/main/j/junkbuster/junkbuster_2.0.2-0.2woody1.diff.gz
Size/MD5 checksum: 35888 40990dc45ceffb0753f3f67a1a777a9f
http://security.debian.org/pool/updates/main/j/junkbuster/junkbuster_2.0.2.orig.tar.gz
Size/MD5 checksum: 190501 87d96ac9fca6e9749f1b330fbc2e0e5c

Alpha architecture:

http://security.debian.org/pool/updates/main/j/junkbuster/junkbuster_2.0.2-0.2woody1_alpha.deb
Size/MD5 checksum: 108972 9d4516bf66d0e8825cfa7f6835fa21b1

ARM architecture:

http://security.debian.org/pool/updates/main/j/junkbuster/junkbuster_2.0.2-0.2woody1_arm.deb
Size/MD5 checksum: 104828 54d4c289fd14ff250a9146f7d816354b

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/j/junkbuster/junkbuster_2.0.2-0.2woody1_i386.deb
Size/MD5 checksum: 103932 6629b6cc4364ff52575e30164c61f79c

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/j/junkbuster/junkbuster_2.0.2-0.2woody1_ia64.deb
Size/MD5 checksum: 118322 087d9fac21f9cfbf663816a3b45a0588

HP Precision architecture:

http://security.debian.org/pool/updates/main/j/junkbuster/junkbuster_2.0.2-0.2woody1_hppa.deb
Size/MD5 checksum: 108420 b794d097c59728246128ac3da1c4f4bd

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/j/junkbuster/junkbuster_2.0.2-0.2woody1_m68k.deb
Size/MD5 checksum: 101920 0e03c20861d536936500311a79678119

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/j/junkbuster/junkbuster_2.0.2-0.2woody1_mips.deb
Size/MD5 checksum: 106996 e66b3dcce5d4797e9111b955b8ddbbb4

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/j/junkbuster/junkbuster_2.0.2-0.2woody1_mipsel.deb
Size/MD5 checksum: 107078 d0a5c23e80800dc33b4fefd80a866416

PowerPC architecture:

http://security.debian.org/pool/updates/main/j/junkbuster/junkbuster_2.0.2-0.2woody1_powerpc.deb
Size/MD5 checksum: 104740 98fbadd57996160f04581e88c8181cb1

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/j/junkbuster/junkbuster_2.0.2-0.2woody1_s390.deb
Size/MD5 checksum: 103856 c879b8597bdb25363fb934a2b31101cc

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/j/junkbuster/junkbuster_2.0.2-0.2woody1_sparc.deb
Size/MD5 checksum: 108180 39cf7dfaa41dc45c67e345e331116d85

These files will probably be moved into the stable distribution on its next update.


For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

Gentoo Linux


Gentoo Linux Security Advisory GLSA 200504-20

http://security.gentoo.org/


Severity: Normal
Title: openMosixview: Insecure temporary file creation
Date: April 21, 2005
Bugs: #86686
ID: 200504-20


Synopsis

openMosixview and the openMosixcollector daemon are vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files.

Background

The openMosixview package contains several tools used to manage openMosix clusters, including openMosixview (the main monitoring and administration application) and openMosixcollector (a daemon collecting cluster and node information).

Affected packages


     Package                    /  Vulnerable  /            Unaffected

  1  sys-cluster/openmosixview      < 1.5-r1                 >= 1.5-r1

Description

Gangstuck and Psirac from Rexotec discovered that openMosixview insecurely creates several temporary files with predictable filenames.

Impact

A local attacker could create symbolic links in the temporary files directory, pointing to a valid file somewhere on the filesystem. When openMosixView or the openMosixcollector daemon runs, this would result in the file being overwritten with the rights of the user running the utility, which could be the root user.

Workaround

There is no known workaround at this time.

Resolution

All openMosixview users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=sys-cluster/openmosixview-1.5-r1"

References

[ 1 ] CAN-2005-0894

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0894

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200504-20.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2005 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0

Mandriva Linux


Mandriva Linux Security Update Advisory


Package name: cvs
Advisory ID: MDKSA-2005:073
Date: April 20th, 2005
Affected versions: 10.0, 10.1, 10.2, Corporate 3.0, Corporate Server 2.1


Problem Description:

A buffer overflow and memory access problem in CVS have been discovered by the CVS maintainer. The updated packages have been patched to correct the problem.


References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0753


Updated Packages:

Mandrakelinux 10.0:
fcca52a87c10c21980b5bb82e4146cd7 10.0/RPMS/cvs-1.11.17-1.2.100mdk.i586.rpm
3a8336cdfb01ebac7238dd2a90557cd0 10.0/SRPMS/cvs-1.11.17-1.2.100mdk.src.rpm

Mandrakelinux 10.0/AMD64:
ebc0e0ca427a6a4af5e8cb3a02be6d10 amd64/10.0/RPMS/cvs-1.11.17-1.2.100mdk.amd64.rpm
3a8336cdfb01ebac7238dd2a90557cd0 amd64/10.0/SRPMS/cvs-1.11.17-1.2.100mdk.src.rpm

Mandrakelinux 10.1:
26f8c84536a69f008748013d58fa9731 10.1/RPMS/cvs-1.11.17-2.1.101mdk.i586.rpm
a78c97927dbf5531c72170c41a1b848c 10.1/SRPMS/cvs-1.11.17-2.1.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
fc4c1cf58191170ddc0e0c3d93c943b4 x86_64/10.1/RPMS/cvs-1.11.17-2.1.101mdk.x86_64.rpm
a78c97927dbf5531c72170c41a1b848c x86_64/10.1/SRPMS/cvs-1.11.17-2.1.101mdk.src.rpm

Mandrakelinux 10.2:
bde89da06e586ed4b1540c74758b16be 10.2/RPMS/cvs-1.11.19-1.1.102mdk.i586.rpm
3fbedcddb4d39abf1ea4197ab3ab8458 10.2/SRPMS/cvs-1.11.19-1.1.102mdk.src.rpm

Mandrakelinux 10.2/X86_64:
4363551cd317f849f3a456ab6175db1e x86_64/10.2/RPMS/cvs-1.11.19-1.1.102mdk.x86_64.rpm
3fbedcddb4d39abf1ea4197ab3ab8458 x86_64/10.2/SRPMS/cvs-1.11.19-1.1.102mdk.src.rpm

Corporate Server 2.1:
2f8c375ffdf2a5c842fa28f317c50a62 corporate/2.1/RPMS/cvs-1.11.17-1.2.C21mdk.i586.rpm
71bf64c5d64b7e7d8a051120f6fa3ea3 corporate/2.1/SRPMS/cvs-1.11.17-1.2.C21mdk.src.rpm

Corporate Server 2.1/X86_64:
0bbb0a61241de7ea552a22f1bcee49e2 x86_64/corporate/2.1/RPMS/cvs-1.11.17-1.2.C21mdk.x86_64.rpm
71bf64c5d64b7e7d8a051120f6fa3ea3 x86_64/corporate/2.1/SRPMS/cvs-1.11.17-1.2.C21mdk.src.rpm

Corporate 3.0:
64346680df70221e6c8340fecdd383a1 corporate/3.0/RPMS/cvs-1.11.17-1.2.C30mdk.i586.rpm
1c5fd32822539582ce9f513f827d7697 corporate/3.0/SRPMS/cvs-1.11.17-1.2.C30mdk.src.rpm

Corporate 3.0/X86_64:
66cd15abb301b08dc0c00c06829e6d2e x86_64/corporate/3.0/RPMS/cvs-1.11.17-1.2.C30mdk.x86_64.rpm
1c5fd32822539582ce9f513f827d7697 x86_64/corporate/3.0/SRPMS/cvs-1.11.17-1.2.C30mdk.src.rpm


To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com


Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com>


Mandriva Linux Security Update Advisory


Package name: gnome-vfs2
Advisory ID: MDKSA-2005:074
Date: April 20th, 2005
Affected versions: 10.1, 10.2, Corporate 3.0


Problem Description:

A buffer overflow bug was found by Joseph VanAndel in the way that grip handles data returned by CDDB servers. If a user connected to a malicious CDDB server, an attacker could execute arbitrary code on the user's machine. This same vulnerability is present in the gnome-vfs2 code.

The updated packages have been patched to correct these issues.


References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706


Updated Packages:

Mandrakelinux 10.1:
5239e6ab9f4a24c2989ff2317c743cb0 10.1/RPMS/gnome-vfs2-2.6.2-7.1.101mdk.i586.rpm
08d6d7dcebd62773620441ef1c35eb58 10.1/RPMS/libgnome-vfs2_0-2.6.2-7.1.101mdk.i586.rpm
2a7241618cf989091dcf75e60e2a1041 10.1/RPMS/libgnome-vfs2_0-devel-2.6.2-7.1.101mdk.i586.rpm
765d4f62ab8e314a96e419b5c51d540b 10.1/SRPMS/gnome-vfs2-2.6.2-7.1.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
4251d3ab183bbfbd0ef4a79b65740004 x86_64/10.1/RPMS/gnome-vfs2-2.6.2-7.1.101mdk.x86_64.rpm
c2b54afacf29f7148561a3e7f8bc3695 x86_64/10.1/RPMS/lib64gnome-vfs2_0-2.6.2-7.1.101mdk.x86_64.rpm
8c64c5379d83bf9e001617bae1935376 x86_64/10.1/RPMS/lib64gnome-vfs2_0-devel-2.6.2-7.1.101mdk.x86_64.rpm
765d4f62ab8e314a96e419b5c51d540b x86_64/10.1/SRPMS/gnome-vfs2-2.6.2-7.1.101mdk.src.rpm

Mandrakelinux 10.2:
f60b317e9d82a64311e8fa76db389fea 10.2/RPMS/gnome-vfs2-2.8.4-6.1.102mdk.i586.rpm
83aaa09f41d650de8c216fca5eb1b854 10.2/RPMS/libgnome-vfs2_0-2.8.4-6.1.102mdk.i586.rpm
a74279c606173fd42e83e6507a7c206b 10.2/RPMS/libgnome-vfs2_0-devel-2.8.4-6.1.102mdk.i586.rpm
ea5d978ff12a70686c29fd84c461558a 10.2/SRPMS/gnome-vfs2-2.8.4-6.1.102mdk.src.rpm

Mandrakelinux 10.2/X86_64:
aa889240e8867ec7289578036104c623 x86_64/10.2/RPMS/gnome-vfs2-2.8.4-6.1.102mdk.x86_64.rpm
e7224a715c8ea987c077adea71e29279 x86_64/10.2/RPMS/lib64gnome-vfs2_0-2.8.4-6.1.102mdk.x86_64.rpm
9e681bf74cb71e378e9eb1307159e2ce x86_64/10.2/RPMS/lib64gnome-vfs2_0-devel-2.8.4-6.1.102mdk.x86_64.rpm
ea5d978ff12a70686c29fd84c461558a x86_64/10.2/SRPMS/gnome-vfs2-2.8.4-6.1.102mdk.src.rpm

Corporate 3.0:
216b2f6d3459328b757d03336da09d38 corporate/3.0/RPMS/gnome-vfs2-2.4.2-5.1.C30mdk.i586.rpm
af59a9db5ce5ededd91d3b6dff4e7c39 corporate/3.0/RPMS/libgnome-vfs2_0-2.4.2-5.1.C30mdk.i586.rpm
2d1516b9c4ff998116c1dac5dabe95a5 corporate/3.0/RPMS/libgnome-vfs2_0-devel-2.4.2-5.1.C30mdk.i586.rpm
03ba3b26530b88ca8c18fb41f9681018 corporate/3.0/SRPMS/gnome-vfs2-2.4.2-5.1.C30mdk.src.rpm

Corporate 3.0/X86_64:
5645d370f2a7b81c17bff2c70a4a91c0 x86_64/corporate/3.0/RPMS/gnome-vfs2-2.4.2-5.1.C30mdk.x86_64.rpm
b78fb0708a038607dbb1f3d970a13bff x86_64/corporate/3.0/RPMS/lib64gnome-vfs2_0-2.4.2-5.1.C30mdk.x86_64.rpm
5afd9d1f2c4193d72a0b2780c011bbf7 x86_64/corporate/3.0/RPMS/lib64gnome-vfs2_0-devel-2.4.2-5.1.C30mdk.x86_64.rpm
03ba3b26530b88ca8c18fb41f9681018 x86_64/corporate/3.0/SRPMS/gnome-vfs2-2.4.2-5.1.C30mdk.src.rpm


To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com


Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com>


Mandriva Linux Security Update Advisory


Package name: libcdaudio1
Advisory ID: MDKSA-2005:075
Date: April 20th, 2005
Affected versions: 10.1, 10.2, Corporate 3.0


Problem Description:

A buffer overflow bug was found by Joseph VanAndel in the way that grip handles data returned by CDDB servers. If a user connected to a malicious CDDB server, an attacker could execute arbitrary code on the user's machine. This same vulnerability is present in the libcdaudio1 code.

The updated packages have been patched to correct these issues.


References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706


Updated Packages:

Mandrakelinux 10.1:
6b6b43013c8594c16da0cf2a9ec2f2fd 10.1/RPMS/libcdaudio1-0.99.10-1.1.101mdk.i586.rpm
229ee3bc3f3ebfb85a482380d32a63c7 10.1/RPMS/libcdaudio1-devel-0.99.10-1.1.101mdk.i586.rpm
b4986769b509c34bbf80a465cd628261 10.1/SRPMS/libcdaudio1-0.99.10-1.1.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
e7cb79b96945b05b6d65f7dc1f0823aa x86_64/10.1/RPMS/lib64cdaudio1-0.99.10-1.1.101mdk.x86_64.rpm
434e689a7ced3a5592f1c519e6f3e3ad x86_64/10.1/RPMS/lib64cdaudio1-devel-0.99.10-1.1.101mdk.x86_64.rpm
b4986769b509c34bbf80a465cd628261 x86_64/10.1/SRPMS/libcdaudio1-0.99.10-1.1.101mdk.src.rpm

Mandrakelinux 10.2:
ee21e09a1917573c3af0cd27dd5a4dbd 10.2/RPMS/libcdaudio1-0.99.10-2.1.102mdk.i586.rpm
f045fee3533042555b6f59a813f345de 10.2/RPMS/libcdaudio1-devel-0.99.10-2.1.102mdk.i586.rpm
b7d2b5021a3d5a86a65f46590107461c 10.2/SRPMS/libcdaudio1-0.99.10-2.1.102mdk.src.rpm

Mandrakelinux 10.2/X86_64:
febb2d2983baf1fd010c366ea6d9eba8 x86_64/10.2/RPMS/lib64cdaudio1-0.99.10-2.1.102mdk.x86_64.rpm
b6fa99c0e8ad0352200b8294215193ef x86_64/10.2/RPMS/lib64cdaudio1-devel-0.99.10-2.1.102mdk.x86_64.rpm
b7d2b5021a3d5a86a65f46590107461c x86_64/10.2/SRPMS/libcdaudio1-0.99.10-2.1.102mdk.src.rpm

Corporate 3.0:
49fa757ff390c91bbe7a4e0b7a680896 corporate/3.0/RPMS/libcdaudio1-0.99.9-1.1.C30mdk.i586.rpm
fd66c86e5c78d3f62972ade197ee853f corporate/3.0/RPMS/libcdaudio1-devel-0.99.9-1.1.C30mdk.i586.rpm
cbfab4f961b261dfed335d754e2d29d3 corporate/3.0/SRPMS/libcdaudio1-0.99.9-1.1.C30mdk.src.rpm

Corporate 3.0/X86_64:
f0898885e18312e1b7fb7db408543a76 x86_64/corporate/3.0/RPMS/libcdaudio1-0.99.9-1.1.C30mdk.x86_64.rpm
211e09953905bb39582e80f73f26863e x86_64/corporate/3.0/RPMS/libcdaudio1-devel-0.99.9-1.1.C30mdk.x86_64.rpm
cbfab4f961b261dfed335d754e2d29d3 x86_64/corporate/3.0/SRPMS/libcdaudio1-0.99.9-1.1.C30mdk.src.rpm


To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com


Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com>


Mandriva Linux Security Update Advisory


Package name: xli
Advisory ID: MDKSA-2005:076
Date: April 20th, 2005
Affected versions: 10.1, 10.2, Corporate 3.0, Corporate Server 2.1


Problem Description:

A number of vulnerabilities have been found in the xli image viewer. Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a flaw in the handling of compressed images where shell meta-characters are not properly escaped (CAN-2005-0638). It was also found that insufficient validation of image properties could potentially result in buffer management errors (CAN-2005-0639).

The updated packages have been patched to correct these problems.


References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0638
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0639


Updated Packages:

Mandrakelinux 10.1:
f5ad03e5bb1c8b93fc1ebca1d7e2e111 10.1/RPMS/xli-1.17.0-8.1.101mdk.i586.rpm
757220d489a0cbafd393140ea7d5e205 10.1/SRPMS/xli-1.17.0-8.1.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
e798f226cabe865cd3b0a8f3f9292b6d x86_64/10.1/RPMS/xli-1.17.0-8.1.101mdk.x86_64.rpm
757220d489a0cbafd393140ea7d5e205 x86_64/10.1/SRPMS/xli-1.17.0-8.1.101mdk.src.rpm

Mandrakelinux 10.2:
5e5bbac4a40ffc0f7156e671eb920ea0 10.2/RPMS/xli-1.17.0-8.1.102mdk.i586.rpm
d6ee5ee583d8415f0028b2854ed19b3b 10.2/SRPMS/xli-1.17.0-8.1.102mdk.src.rpm

Mandrakelinux 10.2/X86_64:
b49c19725cbc2850ead82731758fe8d8 x86_64/10.2/RPMS/xli-1.17.0-8.1.102mdk.x86_64.rpm
d6ee5ee583d8415f0028b2854ed19b3b x86_64/10.2/SRPMS/xli-1.17.0-8.1.102mdk.src.rpm

Corporate Server 2.1:
c89d695075c7117381d50301745bc82e corporate/2.1/RPMS/xli-1.17.0-4.1.C21mdk.i586.rpm
c219935cd3fb090af95d6467919faff1 corporate/2.1/SRPMS/xli-1.17.0-4.1.C21mdk.src.rpm

Corporate Server 2.1/X86_64:
8b4a39d741f4eb8fde469411359cad5b x86_64/corporate/2.1/RPMS/xli-1.17.0-4.1.C21mdk.x86_64.rpm
c219935cd3fb090af95d6467919faff1 x86_64/corporate/2.1/SRPMS/xli-1.17.0-4.1.C21mdk.src.rpm

Corporate 3.0:
fdbf0745aeb6733d6894afa089ac7dd2 corporate/3.0/RPMS/xli-1.17.0-8.2.C30mdk.i586.rpm
88043776962e4a8bed6b538ae8d28824 corporate/3.0/SRPMS/xli-1.17.0-8.2.C30mdk.src.rpm

Corporate 3.0/X86_64:
ac33b6d6d9475104bb25c2bde9dfe0c7 x86_64/corporate/3.0/RPMS/xli-1.17.0-8.2.C30mdk.x86_64.rpm
88043776962e4a8bed6b538ae8d28824 x86_64/corporate/3.0/SRPMS/xli-1.17.0-8.2.C30mdk.src.rpm


To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com


Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com>


Mandriva Linux Security Update Advisory


Package name: cdrecord
Advisory ID: MDKSA-2005:077
Date: April 20th, 2005
Affected versions: 10.0, 10.1, 10.2, Corporate 3.0, Corporate Server 2.1


Problem Description:

Javier Fernandez-Sanguino Pena discovered that cdrecord created temporary files in an insecure manner if DEBUG was enabled in /etc/cdrecord/rscsi. If the default value was used (which stored the debug output file in /tmp), a symbolic link attack could be used to create or overwrite arbitrary files with the privileges of the user invoking cdrecord. Please note that by default this configuration file does not exist in Mandriva Linux so unless you create it and enable DEBUG, this does not affect you.

The updated packages have been patched to correct these issues.


References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0866
http://bugs.debian.org/291376


Updated Packages:

Mandrakelinux 10.0:
b76b1f88a021c51f2ed0e01e1655cced 10.0/RPMS/cdrecord-2.01-0.a28.3.100mdk.i586.rpm
647980c29121e4cb656e0786007e6e5c 10.0/RPMS/cdrecord-cdda2wav-2.01-0.a28.3.100mdk.i586.rpm
31e3ed2e746db7f53914d063c4cb1ad0 10.0/RPMS/cdrecord-devel-2.01-0.a28.3.100mdk.i586.rpm
7715dc6d38cf9f89be7ec823ce3ae80a 10.0/RPMS/mkisofs-2.01-0.a28.3.100mdk.i586.rpm
ba546809bbddf8d3034e19a9eb7b302d 10.0/SRPMS/cdrecord-2.01-0.a28.3.100mdk.src.rpm

Mandrakelinux 10.0/AMD64:
1bc7d6c833f4457fd95f17f98d79015a amd64/10.0/RPMS/cdrecord-2.01-0.a28.3.100mdk.amd64.rpm
1ddb746abc3a1330b4807a024b3ca9ee amd64/10.0/RPMS/cdrecord-cdda2wav-2.01-0.a28.3.100mdk.amd64.rpm
ddf466f2357364d42486693b4532240f amd64/10.0/RPMS/cdrecord-devel-2.01-0.a28.3.100mdk.amd64.rpm
e899df2f7be3e50b0bd59aef795ffa52 amd64/10.0/RPMS/mkisofs-2.01-0.a28.3.100mdk.amd64.rpm
ba546809bbddf8d3034e19a9eb7b302d amd64/10.0/SRPMS/cdrecord-2.01-0.a28.3.100mdk.src.rpm

Mandrakelinux 10.1:
794bf04c820b0260d0e694f062c905f2 10.1/RPMS/cdrecord-2.01-1.1.101mdk.i586.rpm
42ec8777385b893d8251599570c36c73 10.1/RPMS/cdrecord-cdda2wav-2.01-1.1.101mdk.i586.rpm
3d058e44f07c83879278baaa495e8450 10.1/RPMS/cdrecord-devel-2.01-1.1.101mdk.i586.rpm
e6a9c9c198b54ea22adc0bd7911cffaf 10.1/RPMS/cdrecord-isotools-2.01-1.1.101mdk.i586.rpm
c1c45207be3fd2ca3aefb58a644bc82a 10.1/RPMS/cdrecord-vanilla-2.01-1.1.101mdk.i586.rpm
37ab3e2083acb6faa1e7b36afe2165a7 10.1/RPMS/mkisofs-2.01-1.1.101mdk.i586.rpm
768f4f60b9790fac5b557746c98e3505 10.1/SRPMS/cdrecord-2.01-1.1.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
e8480e54f0ceb69ad4b24ef8a708a9b9 x86_64/10.1/RPMS/cdrecord-2.01-1.1.101mdk.x86_64.rpm
6599dacd7cc7f2348afc4b163f958364 x86_64/10.1/RPMS/cdrecord-cdda2wav-2.01-1.1.101mdk.x86_64.rpm
1701e03afa8804c5c98322a90af10ba5 x86_64/10.1/RPMS/cdrecord-devel-2.01-1.1.101mdk.x86_64.rpm
2cfb1b7cd36e366f9f869934a580a996 x86_64/10.1/RPMS/cdrecord-isotools-2.01-1.1.101mdk.x86_64.rpm
77cbb47faa8da69d4757043a50163c97 x86_64/10.1/RPMS/cdrecord-vanilla-2.01-1.1.101mdk.x86_64.rpm
1ecb8362b876ba63d81bafc0079db541 x86_64/10.1/RPMS/mkisofs-2.01-1.1.101mdk.x86_64.rpm
768f4f60b9790fac5b557746c98e3505 x86_64/10.1/SRPMS/cdrecord-2.01-1.1.101mdk.src.rpm

Mandrakelinux 10.2:
e88cb26c11fa7db8cc0d635dc3f09746 10.2/RPMS/cdrecord-2.01.01-0.a01.6.1.102mdk.i586.rpm
d581a2787035515872382465d5a0b52d 10.2/RPMS/cdrecord-cdda2wav-2.01.01-0.a01.6.1.102mdk.i586.rpm
96f46be6665c42b4a24f03cdfecda60f 10.2/RPMS/cdrecord-devel-2.01.01-0.a01.6.1.102mdk.i586.rpm
a7abba59fdf0e767c2d6029ea681c457 10.2/RPMS/cdrecord-isotools-2.01.01-0.a01.6.1.102mdk.i586.rpm
51a00a1b64e8ec4ea09b399ebfce1da1 10.2/RPMS/cdrecord-vanilla-2.01.01-0.a01.6.1.102mdk.i586.rpm
33bab4de7eced57809cb3e88fd4da58c 10.2/RPMS/mkisofs-2.01.01-0.a01.6.1.102mdk.i586.rpm
f3fb0008491fe53605279f76b218cb8d 10.2/SRPMS/cdrecord-2.01.01-0.a01.6.1.102mdk.src.rpm

Mandrakelinux 10.2/X86_64:
15a112f392f250ea82a2bc54bb74f32f x86_64/10.2/RPMS/cdrecord-2.01.01-0.a01.6.1.102mdk.x86_64.rpm
7c872b9867899f5b7f4c30c37ca1c4e0 x86_64/10.2/RPMS/cdrecord-cdda2wav-2.01.01-0.a01.6.1.102mdk.x86_64.rpm
06ebe0c9e9f8c1366d19122d77841270 x86_64/10.2/RPMS/cdrecord-devel-2.01.01-0.a01.6.1.102mdk.x86_64.rpm
fe2c5214b8e5765326177a606afd8995 x86_64/10.2/RPMS/cdrecord-isotools-2.01.01-0.a01.6.1.102mdk.x86_64.rpm
3f16d1f23475953132c39e73d5a5eb36 x86_64/10.2/RPMS/cdrecord-vanilla-2.01.01-0.a01.6.1.102mdk.x86_64.rpm
d41ca3a964192961a8df1ebc51d74b14 x86_64/10.2/RPMS/mkisofs-2.01.01-0.a01.6.1.102mdk.x86_64.rpm
f3fb0008491fe53605279f76b218cb8d x86_64/10.2/SRPMS/cdrecord-2.01.01-0.a01.6.1.102mdk.src.rpm

Corporate Server 2.1:
41f690bdc4e9ed38a5e07b441dc68e2e corporate/2.1/RPMS/cdrecord-1.11-0.a32.1.2.C21mdk.i586.rpm
21fd0a4f61d96d8099bfc7e420078997 corporate/2.1/RPMS/cdrecord-cdda2wav-1.11-0.a32.1.2.C21mdk.i586.rpm
a88c902c395ab6922bd187bdb89f9f37 corporate/2.1/RPMS/cdrecord-devel-1.11-0.a32.1.2.C21mdk.i586.rpm
a256764d4fa4206aa252b6abb9826a07 corporate/2.1/RPMS/cdrecord-dvdhack-1.11-0.a32.1.2.C21mdk.i586.rpm
3afc5d3ae2642fc622ba33a70982f22b corporate/2.1/RPMS/mkisofs-1.15-0.a32.1.2.C21mdk.i586.rpm
9d0ad887fde0366818d4efd867a024c3 corporate/2.1/SRPMS/cdrecord-1.11-0.a32.1.2.C21mdk.src.rpm

Corporate Server 2.1/X86_64:
3a2e0f073569f