dcsimg
Linux Today: Linux News On Internet Time.




More on LinuxToday


Advisories, December 11, 2005

Dec 12, 2005, 04:45 (0 Talkback[s])

Debian GNU/Linux


Debian Security Advisory DSA 918-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
December 9th, 2005 http://www.debian.org/security/faq


Package : osh
Vulnerability : programming error
Problem type : local
Debian-specific: no
CVE ID : CVE-2005-3347 CVE-2005-3533
Debian Bug : 338312

Several security related problems have been discovered in osh, the operator's shell for executing defined programs in a privileged environment. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities:

CVE-2005-3347

Charles Stevenson discovered a bug in the substitution of variables that allows a local attacker to open a root shell.

CVE-2005-3533

Solar Eclipse discovered a buffer overflow caused by the current working directory plus a filename that could be used to execute arbitrary code and e.g. open a root shell.

For the old stable distribution (woody) these problems have been fixed in version 1.7-11woody2.

For the stable distribution (sarge) these problems have been fixed in version 1.7-13sarge1.

For the unstable distribution (sid) these problems have been fixed in version 1.7-15, however, the package has been removed entirely.

We recommend that you upgrade your osh package.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody


Source archives:

http://security.debian.org/pool/updates/main/o/osh/osh_1.7-11woody2.dsc
Size/MD5 checksum: 565 6341a0b49e77066cf3645e3abfe98653
http://security.debian.org/pool/updates/main/o/osh/osh_1.7-11woody2.diff.gz
Size/MD5 checksum: 12578 7276b78763b4033448f2903d0cf64e96
http://security.debian.org/pool/updates/main/o/osh/osh_1.7.orig.tar.gz
Size/MD5 checksum: 150241 0196364c5ea0afab1c1d3163c40cb1a8

Alpha architecture:

http://security.debian.org/pool/updates/main/o/osh/osh_1.7-11woody2_alpha.deb
Size/MD5 checksum: 32426 c41a8e928125f048778eeaecda51c58a

ARM architecture:

http://security.debian.org/pool/updates/main/o/osh/osh_1.7-11woody2_arm.deb
Size/MD5 checksum: 27402 fa9fdba7af436e4b7a1ac1d99657e9ce

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/o/osh/osh_1.7-11woody2_i386.deb
Size/MD5 checksum: 27084 47d99052863f6ac5ad44c794e399bc43

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/o/osh/osh_1.7-11woody2_ia64.deb
Size/MD5 checksum: 36942 b0b3631235a76fff6841ab7a7c1ce1d6

HP Precision architecture:

http://security.debian.org/pool/updates/main/o/osh/osh_1.7-11woody2_hppa.deb
Size/MD5 checksum: 29366 7684c38b177294c6f8c647e4ad5c7ce8

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/o/osh/osh_1.7-11woody2_m68k.deb
Size/MD5 checksum: 26338 cf9c3511eb73cfdf5861966130354246

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/o/osh/osh_1.7-11woody2_mips.deb
Size/MD5 checksum: 29510 d443160b8e72c36d30ce3f7fa5ae6178

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/o/osh/osh_1.7-11woody2_mipsel.deb
Size/MD5 checksum: 29468 745f79348790bda9accb5250a40520f1

PowerPC architecture:

http://security.debian.org/pool/updates/main/o/osh/osh_1.7-11woody2_powerpc.deb
Size/MD5 checksum: 28816 7f387b8bc51460e94c1e0ca562906e2f

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/o/osh/osh_1.7-11woody2_s390.deb
Size/MD5 checksum: 28294 60e0010eb4e3fe1007e1c4c3bf082c44

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/o/osh/osh_1.7-11woody2_sparc.deb
Size/MD5 checksum: 30894 60969c49d4be186b8000af6532393335

Debian GNU/Linux 3.1 alias sarge


Source archives:

http://security.debian.org/pool/updates/main/o/osh/osh_1.7-13sarge1.dsc
Size/MD5 checksum: 565 71ea00a2e13ea67b337d450a77cea49a
http://security.debian.org/pool/updates/main/o/osh/osh_1.7-13sarge1.diff.gz
Size/MD5 checksum: 12818 5df9ac8705fd85dc8ad07a74a470ba77
http://security.debian.org/pool/updates/main/o/osh/osh_1.7.orig.tar.gz
Size/MD5 checksum: 150241 0196364c5ea0afab1c1d3163c40cb1a8

Alpha architecture:

http://security.debian.org/pool/updates/main/o/osh/osh_1.7-13sarge1_alpha.deb
Size/MD5 checksum: 31468 767b6efad96e1e49f584d36eb502c5cc

AMD64 architecture:

http://security.debian.org/pool/updates/main/o/osh/osh_1.7-13sarge1_amd64.deb
Size/MD5 checksum: 29360 496db05c70e81a7314382389826bb2a1

ARM architecture:

http://security.debian.org/pool/updates/main/o/osh/osh_1.7-13sarge1_arm.deb
Size/MD5 checksum: 27712 578e45cadbb18d9ccc137494a3d1938d

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/o/osh/osh_1.7-13sarge1_i386.deb
Size/MD5 checksum: 27846 3be55b13083630d6fc4fbc4892f4be99

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/o/osh/osh_1.7-13sarge1_ia64.deb
Size/MD5 checksum: 35320 8849f5286f65d67ccfa2a25e4007f39f

HP Precision architecture:

http://security.debian.org/pool/updates/main/o/osh/osh_1.7-13sarge1_hppa.deb
Size/MD5 checksum: 29650 1fcfede379bc4ee5474602ed8decd4da

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/o/osh/osh_1.7-13sarge1_m68k.deb
Size/MD5 checksum: 27094 d8af0990d6017e61cb63b025f77930c6

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/o/osh/osh_1.7-13sarge1_mips.deb
Size/MD5 checksum: 29824 b80543697d548c0ef3cf729685db249b

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/o/osh/osh_1.7-13sarge1_mipsel.deb
Size/MD5 checksum: 29838 2c18ef4a3d1243fd92f0d196b7a9d8c9

PowerPC architecture:

http://security.debian.org/pool/updates/main/o/osh/osh_1.7-13sarge1_powerpc.deb
Size/MD5 checksum: 30432 71a1b2e26d896852efd7e29be68f1048

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/o/osh/osh_1.7-13sarge1_s390.deb
Size/MD5 checksum: 29526 c20605b6cef6b680ab4deade9651cf16

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/o/osh/osh_1.7-13sarge1_sparc.deb
Size/MD5 checksum: 28032 ad94a0fc87d2f681ef2fcbf536269f71

These files will probably be moved into the stable distribution on its next update.


For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/

Mandriva Linux


Mandriva Linux Security Advisory MDKSA-2005:206-1
http://www.mandriva.com/security/


Package : openvpn
Date : December 9, 2005
Affected: 2006.0


Problem Description:

Two Denial of Service vulnerabilities exist in OpenVPN. The first allows a malicious or compromised server to execute arbitrary code on the client (CVE-2005-3393). The second DoS can occur if when in TCP server mode, OpenVPN received an error on accept(2) and the resulting exception handler causes a segfault (CVE-2005-3409).

The updated packages have been patched to correct these problems.

Update:

Packages are now available for Mandriva Linux 2006.


References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3393
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3409


Updated Packages:

Mandriva Linux 2006.0:
7804df61685a36064119b813dca83172 2006.0/RPMS/openvpn-2.0.1-2.1.20060mdk.i586.rpm
2feb66835d37f31735746824027a2ef8 2006.0/SRPMS/openvpn-2.0.1-2.1.20060mdk.src.rpm

Mandriva Linux 2006.0/X86_64:
9d8cd19c6723507a275649c5d070970d x86_64/2006.0/RPMS/openvpn-2.0.1-2.1.20060mdk.x86_64.rpm
2feb66835d37f31735746824027a2ef8 x86_64/2006.0/SRPMS/openvpn-2.0.1-2.1.20060mdk.src.rpm


To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com


Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team


Mandriva Linux Security Advisory MDKSA-2005:224
http://www.mandriva.com/security/


Package : curl
Date : December 8, 2005
Affected: 10.1, 10.2, 2006.0


Problem Description:

Stefan Esser discovered that libcurl's URL parser function can have a malloced buffer overflows in two ways if given a too long URL. It cannot be triggered by a redirect, which makes remote exploitation unlikely, but can be passed directly to libcurl (allowing for local exploitation) and could also be used to break out of PHP's safe_mode/ open_basedir.

This vulnerability only exists in libcurl and curl 7.11.2 up to and including 7.15.0, which means that Corporate Server 2.1 and Corporate 3.0 are not vulnerable.

The updated packages have been patched to correct the problem. As well, updated php-curl packages are available that provide a new curl PHP module compiled against the fixed code.


References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4077
http://www.dyadsecurity.com/perl-0002.html
http://curl.haxx.se/docs/adv_20051207.html


Updated Packages:

Mandriva Linux 10.1:
e338c6fec40f0b5f7c47f01ecfc85fd8 10.1/RPMS/curl-7.12.1-1.3.101mdk.i586.rpm
2c6fc6d5cb9f62c0fd7d0890779167dd 10.1/RPMS/libcurl3-7.12.1-1.3.101mdk.i586.rpm
496b439769425c8a45a15195c9f1a339 10.1/RPMS/libcurl3-devel-7.12.1-1.3.101mdk.i586.rpm
59bc58c52d3c7034e31bf7a5d9e2f845 10.1/SRPMS/curl-7.12.1-1.3.101mdk.src.rpm

Mandriva Linux 10.1/X86_64:
ecd5b17dd584d8ba4c986437bde4f6fa x86_64/10.1/RPMS/curl-7.12.1-1.3.101mdk.x86_64.rpm
d3bb7a56841873696ffd6add01cf8da3 x86_64/10.1/RPMS/lib64curl3-7.12.1-1.3.101mdk.x86_64.rpm
f54e7f2fb8a4ad73787ce9af0e65ac41 x86_64/10.1/RPMS/lib64curl3-devel-7.12.1-1.3.101mdk.x86_64.rpm
59bc58c52d3c7034e31bf7a5d9e2f845 x86_64/10.1/SRPMS/curl-7.12.1-1.3.101mdk.src.rpm

Mandriva Linux 10.2:
287e79b91baa16afe1e57944bf8887a4 10.2/RPMS/curl-7.13.1-2.2.102mdk.i586.rpm
6012e004103928ffeb31f8017a08cce1 10.2/RPMS/libcurl3-7.13.1-2.2.102mdk.i586.rpm
60b5868305bda86a04ec63b349a1b45d 10.2/RPMS/libcurl3-devel-7.13.1-2.2.102mdk.i586.rpm
f12a43929acf2432a413937b00751f26 10.2/SRPMS/curl-7.13.1-2.2.102mdk.src.rpm

Mandriva Linux 10.2/X86_64:
6620e61f2dfc0f6b9f8ddb4bb17a9dc8 x86_64/10.2/RPMS/curl-7.13.1-2.2.102mdk.x86_64.rpm
bfe67e81d224684763cbbc673df15488 x86_64/10.2/RPMS/lib64curl3-7.13.1-2.2.102mdk.x86_64.rpm
4b601554dd99d63f94b3f35f0924034e x86_64/10.2/RPMS/lib64curl3-devel-7.13.1-2.2.102mdk.x86_64.rpm
f12a43929acf2432a413937b00751f26 x86_64/10.2/SRPMS/curl-7.13.1-2.2.102mdk.src.rpm

Mandriva Linux 2006.0:
78fe1cf7868e10c17a31adaa01718f1d 2006.0/RPMS/curl-7.14.0-2.2.20060mdk.i586.rpm
d6cf997f844557f77ca5b720973f717d 2006.0/RPMS/libcurl3-7.14.0-2.2.20060mdk.i586.rpm
6959638e76f3f2d7c7c8774e4d891b5a 2006.0/RPMS/libcurl3-devel-7.14.0-2.2.20060mdk.i586.rpm
7502a4eb9fe19554714247e4a9a5f176 2006.0/RPMS/php-curl-5.0.4-1.1.20060mdk.i586.rpm
c04932aea0dc51673585ed68119d518d 2006.0/SRPMS/curl-7.14.0-2.2.20060mdk.src.rpm
8a30951717cc93a371e07fb95264b007 2006.0/SRPMS/php-curl-5.0.4-1.1.20060mdk.src.rpm

Mandriva Linux 2006.0/X86_64:
7401463c8a258183c1f3798b02f3d029 x86_64/2006.0/RPMS/curl-7.14.0-2.2.20060mdk.x86_64.rpm
b5d47137d19d7e69a31a50cab4e520b7 x86_64/2006.0/RPMS/lib64curl3-7.14.0-2.2.20060mdk.x86_64.rpm
50ddb76a23cb766bcb99d0ad7ff18492 x86_64/2006.0/RPMS/lib64curl3-devel-7.14.0-2.2.20060mdk.x86_64.rpm
a94e9b275b0a661940c4a15fbf63efb9 x86_64/2006.0/RPMS/php-curl-5.0.4-1.1.20060mdk.x86_64.rpm
c04932aea0dc51673585ed68119d518d x86_64/2006.0/SRPMS/curl-7.14.0-2.2.20060mdk.src.rpm
8a30951717cc93a371e07fb95264b007 x86_64/2006.0/SRPMS/php-curl-5.0.4-1.1.20060mdk.src.rpm


To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com


Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team


Mandriva Linux Security Advisory MDKSA-2005:225
http://www.mandriva.com/security/


Package : perl
Date : December 8, 2005
Affected: 10.1, 10.2, 2006.0, Corporate 2.1, Corporate 3.0, Multi Network Firewall 2.0


Problem Description:

Jack Louis discovered a new way to exploit format string errors in the Perl programming language that could lead to the execution of arbitrary code.

The updated packages are patched to close the particular exploit vector in Perl itself, to mitigate the risk of format string programming errors, however it does not fix problems that may exist in particular pieces of software written in Perl.


References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3962
http://www.dyadsecurity.com/perl-0002.html


Updated Packages:

Mandriva Linux 10.1:
fd77af9b7802f41c22d4902b456fdb32 10.1/RPMS/perl-5.8.5-3.5.101mdk.i586.rpm
49c6b964236039da921a3a0a08105316 10.1/RPMS/perl-base-5.8.5-3.5.101mdk.i586.rpm
01ad564838030c9992ea70b8fa2261c5 10.1/RPMS/perl-devel-5.8.5-3.5.101mdk.i586.rpm
3ff0b066b2b67c9d6f0d6d5d757ed67e 10.1/RPMS/perl-doc-5.8.5-3.5.101mdk.i586.rpm
1e6de184d2c018701d5bc93c60610789 10.1/SRPMS/perl-5.8.5-3.5.101mdk.src.rpm

Mandriva Linux 10.1/X86_64:
4fef93b585d891e863588f99c0ddd18d x86_64/10.1/RPMS/perl-5.8.5-3.5.101mdk.x86_64.rpm
9b31454c7a74aa9cab7219ca627100e0 x86_64/10.1/RPMS/perl-base-5.8.5-3.5.101mdk.x86_64.rpm
1b7708eb96804787524bf34bded09edf x86_64/10.1/RPMS/perl-devel-5.8.5-3.5.101mdk.x86_64.rpm
cd197160854346c39854f060a9a18d5c x86_64/10.1/RPMS/perl-doc-5.8.5-3.5.101mdk.x86_64.rpm
1e6de184d2c018701d5bc93c60610789 x86_64/10.1/SRPMS/perl-5.8.5-3.5.101mdk.src.rpm

Mandriva Linux 10.2:
32b1b7a39b8e0781df41e57188fe5c97 10.2/RPMS/perl-5.8.6-6.2.102mdk.i586.rpm
05ae3f918377371783c491027b081e92 10.2/RPMS/perl-base-5.8.6-6.2.102mdk.i586.rpm
2c5b07488636b42b1b15f40b220fd1fd 10.2/RPMS/perl-devel-5.8.6-6.2.102mdk.i586.rpm
c116213d8e3e30407ba994b281d03f52 10.2/RPMS/perl-doc-5.8.6-6.2.102mdk.i586.rpm
54c3f67fd42027442a0f589f2ad9dcec 10.2/SRPMS/perl-5.8.6-6.2.102mdk.src.rpm

Mandriva Linux 10.2/X86_64:
e0890eb10b116c824c3f9a173097c60e x86_64/10.2/RPMS/perl-5.8.6-6.2.102mdk.x86_64.rpm
75aa18ee9d21d40a639baaee28b238f4 x86_64/10.2/RPMS/perl-base-5.8.6-6.2.102mdk.x86_64.rpm
1dc42978eb832156c82042ece5c616d9 x86_64/10.2/RPMS/perl-devel-5.8.6-6.2.102mdk.x86_64.rpm
c4b0b1c2f41d8ab442202136572ec553 x86_64/10.2/RPMS/perl-doc-5.8.6-6.2.102mdk.x86_64.rpm
54c3f67fd42027442a0f589f2ad9dcec x86_64/10.2/SRPMS/perl-5.8.6-6.2.102mdk.src.rpm

Mandriva Linux 2006.0:
6333d4baa23e9bc27340ab30d6f6f9fd 2006.0/RPMS/perl-5.8.7-3.2.20060mdk.i586.rpm
d91a62f81461a51dfffa6dd8e15b6ab4 2006.0/RPMS/perl-base-5.8.7-3.2.20060mdk.i586.rpm
7d8ec79ab483544765c236c3b7e1ba0f 2006.0/RPMS/perl-devel-5.8.7-3.2.20060mdk.i586.rpm
af9b52f68ce3eaf066a21694924a3f22 2006.0/RPMS/perl-doc-5.8.7-3.2.20060mdk.i586.rpm
ff8a844680f7df737431fb9c82c5f50d 2006.0/RPMS/perl-suid-5.8.7-3.2.20060mdk.i586.rpm
acde621a5890ff325a1ad8ffe83dc1ca 2006.0/SRPMS/perl-5.8.7-3.2.20060mdk.src.rpm

Mandriva Linux 2006.0/X86_64:
c1fc32b114cd8b2b0af431208da6beaf x86_64/2006.0/RPMS/perl-5.8.7-3.2.20060mdk.x86_64.rpm
ebf3e1e5460c9362e3a0fc77dcbddad5 x86_64/2006.0/RPMS/perl-base-5.8.7-3.2.20060mdk.x86_64.rpm
ced9d56a6b9ae7196397f9d7b8e1e41f x86_64/2006.0/RPMS/perl-devel-5.8.7-3.2.20060mdk.x86_64.rpm
896727d0819ed6161229f4c8722a67fc x86_64/2006.0/RPMS/perl-doc-5.8.7-3.2.20060mdk.x86_64.rpm
241e526b1892577f35663073adcc4a97 x86_64/2006.0/RPMS/perl-suid-5.8.7-3.2.20060mdk.x86_64.rpm
acde621a5890ff325a1ad8ffe83dc1ca x86_64/2006.0/SRPMS/perl-5.8.7-3.2.20060mdk.src.rpm

Corporate Server 2.1:
d20049231eead3d45b0b9281e1decb4c corporate/2.1/RPMS/perl-5.8.0-14.6.C21mdk.i586.rpm
5da0de8e1beeba847d3576a7a06a496e corporate/2.1/RPMS/perl-base-5.8.0-14.6.C21mdk.i586.rpm
09a1f64c8b71c473bc0779720defa812 corporate/2.1/RPMS/perl-devel-5.8.0-14.6.C21mdk.i586.rpm
512a995b03bc5e0c1d2dd22c7b326510 corporate/2.1/RPMS/perl-doc-5.8.0-14.6.C21mdk.i586.rpm
1b6f22e9b27bf9dc6e029b129c64f17d corporate/2.1/SRPMS/perl-5.8.0-14.6.C21mdk.src.rpm

Corporate Server 2.1/X86_64:
5d2d2f4908b9c6e8f51d6bb8d961eebe x86_64/corporate/2.1/RPMS/perl-5.8.0-14.6.C21mdk.x86_64.rpm
5b72479d3df3ae87fa4edf2a105e748d x86_64/corporate/2.1/RPMS/perl-base-5.8.0-14.6.C21mdk.x86_64.rpm
3559e60ed31815f3902b75df42afc3d7 x86_64/corporate/2.1/RPMS/perl-devel-5.8.0-14.6.C21mdk.x86_64.rpm
00a8c82a911814a113ae2eaf6915d47b x86_64/corporate/2.1/RPMS/perl-doc-5.8.0-14.6.C21mdk.x86_64.rpm
1b6f22e9b27bf9dc6e029b129c64f17d x86_64/corporate/2.1/SRPMS/perl-5.8.0-14.6.C21mdk.src.rpm

Corporate 3.0:
7b1917b673681d9de4e4737af0b121c8 corporate/3.0/RPMS/perl-5.8.3-5.5.C30mdk.i586.rpm
2ddb28f87a9ab94bfda90fc476da3805 corporate/3.0/RPMS/perl-base-5.8.3-5.5.C30mdk.i586.rpm
c939615d266f5fa4ed1755ce31915dde corporate/3.0/RPMS/perl-devel-5.8.3-5.5.C30mdk.i586.rpm
ca449fac6c286d5bbd0c3bd137316e98 corporate/3.0/RPMS/perl-doc-5.8.3-5.5.C30mdk.i586.rpm
d3a7de2cfc352459b85cdc261b57d1e6 corporate/3.0/SRPMS/perl-5.8.3-5.5.C30mdk.src.rpm

Corporate 3.0/X86_64:
4578c3ad7a7c4fd87086ac571478ae1b x86_64/corporate/3.0/RPMS/perl-5.8.3-5.5.C30mdk.x86_64.rpm
bbe873bc27e07d05c7d4846edd34acec x86_64/corporate/3.0/RPMS/perl-base-5.8.3-5.5.C30mdk.x86_64.rpm
833889de8df484c212c69a1e658f5ffe x86_64/corporate/3.0/RPMS/perl-devel-5.8.3-5.5.C30mdk.x86_64.rpm
c9dbf8d3ca9715e33bbc664efc2dca24 x86_64/corporate/3.0/RPMS/perl-doc-5.8.3-5.5.C30mdk.x86_64.rpm
d3a7de2cfc352459b85cdc261b57d1e6 x86_64/corporate/3.0/SRPMS/perl-5.8.3-5.5.C30mdk.src.rpm

Multi Network Firewall 2.0:
0f29d338645e61084cf87953c331c87e mnf/2.0/RPMS/perl-5.8.3-5.5.M20mdk.i586.rpm
fee6e3863a13cd043b29ae0fcd053221 mnf/2.0/RPMS/perl-base-5.8.3-5.5.M20mdk.i586.rpm
be47c56a9ae307c338031dcb5194e491 mnf/2.0/RPMS/perl-devel-5.8.3-5.5.M20mdk.i586.rpm
d0c6075c99103eb8b3bea0a38d1c9cdf mnf/2.0/RPMS/perl-doc-5.8.3-5.5.M20mdk.i586.rpm
8ce4eff23c4dd50c5bbaef75b69c5482 mnf/2.0/SRPMS/perl-5.8.3-5.5.M20mdk.src.rpm


To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com


Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team

Trustix Secure Linux


Trustix Secure Linux Security Advisory #2005-0070

Package names: kernel, perl
Summary: Multiple vulnerabilities
Date: 2005-12-09
Affected versions: Trustix Secure Linux 2.2 Trustix Secure Linux 3.0 Trustix Operating System - Enterprise Server 2


Package description:
kernel
The kernel package contains the Linux kernel (vmlinuz), the core of your Trustix Secure Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.

perl
Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common applications (and what it excels at) are probably system administration utilities and web programming. A large proportion of the CGI scripts on the web are written in Perl. You need the perl package installed on your system so that your system can handle Perl scripts.

Problem description:
kernel < TSL 3.0 >

  • New Upstream.
  • SECURITY Fix: Memory leak in the VFS file lease handling in locks.c allows local users to cause a denial of service via certain Samba activities that cause an fasync entry to be re-allocated by the fcntl_setlease function after the fasync queue has already been cleaned by the locks_delete_lock function.
  • The auto-reap of child processes in Linux kernel 2.6 includes processes with ptrace attached, which leads to a dangling ptrace reference and allows local users to cause a denial of service (crash).
  • The time_out_leases function in locks.c allows local users to cause a denial of service (kernel log message consumption) by causing a large number of broken leases, which is recorded to the log using the printk function.

    The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the names CVE-2005-3807, CVE-2005-3784 and CVE-2005-3857 to these issues.

    perl < TSL 3.0 > < TSL 2.2 > < TSEL 2 >

  • SECURITY Fix: Integer overflow in the format string functionality (Perl_sv_vcatpvfn) allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values.

The Common Vulnerabilities and Exposures project has assigned the name CVE-2005-3962 to this issue.

Action:
We recommend that all systems with this package installed be upgraded. Please note that if you do not need the functionality provided by this package, you may want to remove it from your system.

Location:
All Trustix Secure Linux updates are available from http://http.trustix.org/pub/trustix/updates/>
ftp://ftp.trustix.org/pub/trustix/updates/>

About Trustix Secure Linux:
Trustix Secure Linux is a small Linux distribution for servers. With focus on security and stability, the system is painlessly kept safe and up to date from day one using swup, the automated software updater.

Automatic updates:
Users of the SWUP tool can enjoy having updates automatically installed using 'swup --upgrade'.

Questions?
Check out our mailing lists:
http://www.trustix.org/support/>

Verification:
This advisory along with all Trustix packages are signed with the TSL sign key.
This key is available from:
http://www.trustix.org/TSL-SIGN-KEY>

The advisory itself is available from the errata pages at http://www.trustix.org/errata/trustix-2.2/> and
http://www.trustix.org/errata/trustix-3.0/>
or directly at
http://www.trustix.org/errata/2005/0070/>

MD5sums of the packages:


0a2350d4e0d9965f62cdf5888bcb0f59 2.2/rpms/perl-5.8.5-9tr.i586.rpm

f9fcbc28250c9e5814e42efcc9f43d8a 3.0/rpms/kernel-2.6.14.3-1tr.i586.rpm
358f51e0ff323ff75181c6c4e2bc6344 3.0/rpms/kernel-doc-2.6.14.3-1tr.i586.rpm
d947bd6c4c87baebb8c0de07e318eb5c 3.0/rpms/kernel-headers-2.6.14.3-1tr.i586.rpm
c310a3663bb59f7e239646ec666ca7e8 3.0/rpms/kernel-smp-2.6.14.3-1tr.i586.rpm
bb7bcc9f91b3d7ca8e4788130db0b6d4 3.0/rpms/kernel-smp-headers-2.6.14.3-1tr.i586.rpm
3ee05562361906884b990a716c16ed3f 3.0/rpms/kernel-source-2.6.14.3-1tr.i586.rpm
6701845da1900ff436de6430b30a20d5 3.0/rpms/kernel-utils-2.6.14.3-1tr.i586.rpm
cace6154ca9297d263abd04f1ac25358 3.0/rpms/perl-5.8.7-2tr.i586.rpm


Trustix Security Team

Ubuntu Linux


Ubuntu Security Notice USN-226-1 December 09, 2005
courier vulnerability
CVE-2005-3532

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)
Ubuntu 5.10 (Breezy Badger)

The following packages are affected:

courier-authdaemon

The problem can be corrected by upgrading the affected package to version 0.45.6-1ubuntu0.2 (for Ubuntu 4.10), 0.47-3ubuntu1.4 (for Ubuntu 5.04), or 0.47-3ubuntu7.1 (for Ubuntu 5.10). In general, a standard system upgrade is sufficient to effect the necessary changes.

Details follow:

Patrick Cheong Shu Yang discovered a flaw in the user account handling of courier-authdaemon. After successful authorization, the Courier mail server granted access to deactivated accounts.

Updated packages for Ubuntu 4.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier_0.45.6-1ubuntu0.2.diff.gz
Size/MD5: 92828 f643cc4d20a3e208a436985b890a3db4
http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier_0.45.6-1ubuntu0.2.dsc
Size/MD5: 1207 58d7fb5c25676cd26c89625aacd8a5c1
http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier_0.45.6.orig.tar.gz
Size/MD5: 6388279 7ae1f4236b4a28432af9e720a3718329

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-doc_0.45.6-1ubuntu0.2_all.deb
Size/MD5: 367974 7f50c52514504a4245d08ccc74adc8d3

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-authdaemon_0.45.6-1ubuntu0.2_amd64.deb
Size/MD5: 61134 79be3b6f79e77fb77094c84916887d58
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-authmysql_0.45.6-1ubuntu0.2_amd64.deb
Size/MD5: 55868 0bd5c31284665805eb85b3e2ff5a5263
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-authpostgresql_0.45.6-1ubuntu0.2_amd64.deb
Size/MD5: 56090 0ad7a71914eedee0432dcf51c678b9da
http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-base_0.45.6-1ubuntu0.2_amd64.deb
Size/MD5: 250542 af2634919c4f80a48fb99e08dcbbb7f4
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-faxmail_0.45.6-1ubuntu0.2_amd64.deb
Size/MD5: 27646 1acfe59e3c9cc8edc8f5099204cc6434
http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-imap-ssl_3.0.5-1ubuntu0.2_amd64.deb
Size/MD5: 19866 1cc526c3ed7a2480c6894f3d82baa5ec
http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-imap_3.0.5-1ubuntu0.2_amd64.deb
Size/MD5: 948990 a014bb527775b3ddc5915c5a38a9a232
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-ldap_0.45.6-1ubuntu0.2_amd64.deb
Size/MD5: 72760 bc13e6fd28030f037d794234ec7ca5ea
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-maildrop_0.45.6-1ubuntu0.2_amd64.deb
Size/MD5: 942678 5cb59ff8a910c210b0c5d50dbd82a234
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-mlm_0.45.6-1ubuntu0.2_amd64.deb
Size/MD5: 121314 431fddbca9b2e7ae2d4dc251ef5cb910
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-mta-ssl_0.45.6-1ubuntu0.2_amd64.deb
Size/MD5: 18170 4a2ea0bdca0e07eb7e8b12c2bae0c707
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-mta_0.45.6-1ubuntu0.2_amd64.deb
Size/MD5: 2142640 bc9206f0f5d47b5fb99c9f501aee6a26
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-pcp_0.45.6-1ubuntu0.2_amd64.deb
Size/MD5: 65476 7f415e9695095eeadd549adb74b07781
http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-pop-ssl_0.45.6-1ubuntu0.2_amd64.deb
Size/MD5: 19682 0902f8697b35f4da73a91cec09f8619c
http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-pop_0.45.6-1ubuntu0.2_amd64.deb
Size/MD5: 422086 01d66aeadb99010f118e7b0c73091dea
http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-ssl_0.45.6-1ubuntu0.2_amd64.deb
Size/MD5: 194292 a4bf873a5dc385be98ccb518d0d9dd20
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-webadmin_0.45.6-1ubuntu0.2_amd64.deb
Size/MD5: 33812 881b3f5e4a55535fecca586047b70cb5
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/sqwebmail_0.45.6-1ubuntu0.2_amd64.deb
Size/MD5: 796118 fabf0a4eb4f6293ce449a4457f899242

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-authdaemon_0.45.6-1ubuntu0.2_i386.deb
Size/MD5: 55310 4ad0265601aba10be362d624e66588f6
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-authmysql_0.45.6-1ubuntu0.2_i386.deb
Size/MD5: 51360 2f1a810e2dc589e23b2d5a61263fbf8a
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-authpostgresql_0.45.6-1ubuntu0.2_i386.deb
Size/MD5: 51426 a5d4f54df8291ea2306a8adb3d3c4efe
http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-base_0.45.6-1ubuntu0.2_i386.deb
Size/MD5: 228320 7bcd8eb065100e4a387bc429db84fbbd
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-faxmail_0.45.6-1ubuntu0.2_i386.deb
Size/MD5: 27642 015ebde2a02e1d90cf04972431ea5792
http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-imap-ssl_3.0.5-1ubuntu0.2_i386.deb
Size/MD5: 19866 d331671fe65e2b757866f52417fe213e
http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-imap_3.0.5-1ubuntu0.2_i386.deb
Size/MD5: 923192 84680aabebd667ab0c3b7b369d841b98
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-ldap_0.45.6-1ubuntu0.2_i386.deb
Size/MD5: 66624 ec1d837a69b9c6aed73039dd2d389349
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-maildrop_0.45.6-1ubuntu0.2_i386.deb
Size/MD5: 916630 fc0b5e4389d2cb82595032434c21999b
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-mlm_0.45.6-1ubuntu0.2_i386.deb
Size/MD5: 116408 e7ef5afd4d7a1fdabb99709955dc44fb
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-mta-ssl_0.45.6-1ubuntu0.2_i386.deb
Size/MD5: 18168 4cec944cdcc21da2fa029c04f9138338
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-mta_0.45.6-1ubuntu0.2_i386.deb
Size/MD5: 2045020 4f0bc3bfaa11291d2bf482b67c1f824a
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-pcp_0.45.6-1ubuntu0.2_i386.deb
Size/MD5: 58996 bd433fa70abd8456df52d0edd9f3c18d
http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-pop-ssl_0.45.6-1ubuntu0.2_i386.deb
Size/MD5: 19680 c4a0afa4383912581cbf251f4d91721c
http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-pop_0.45.6-1ubuntu0.2_i386.deb
Size/MD5: 413942 d1cb057b73c90b4076eede7a790f6a6d
http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-ssl_0.45.6-1ubuntu0.2_i386.deb
Size/MD5: 191078 00558241f6fbfc8fcaeabdeeca38bfe3
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-webadmin_0.45.6-1ubuntu0.2_i386.deb
Size/MD5: 33636 f31648c600edc44d4fc6ca21236b29a0
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/sqwebmail_0.45.6-1ubuntu0.2_i386.deb
Size/MD5: 762106 0f8f10b0c73fcd1268355cae32d719a8

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-authdaemon_0.45.6-1ubuntu0.2_powerpc.deb
Size/MD5: 61442 a74cb650cb4a4a1cc42d03d1dce57729
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-authmysql_0.45.6-1ubuntu0.2_powerpc.deb
Size/MD5: 56728 b3c40ae23693b5d381634620f0bf225b
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-authpostgresql_0.45.6-1ubuntu0.2_powerpc.deb
Size/MD5: 56930 82ac5eceb51cefbcdcc7cae0b5e9ff18
http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-base_0.45.6-1ubuntu0.2_powerpc.deb
Size/MD5: 249308 eea44561956e523380b0865d4b44f5be
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-faxmail_0.45.6-1ubuntu0.2_powerpc.deb
Size/MD5: 27654 9452c0e2b7910efbe61dbf215a956a00
http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-imap-ssl_3.0.5-1ubuntu0.2_powerpc.deb
Size/MD5: 19870 c221dadb5d76d8e80d4d9c18c6bc5e00
http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-imap_3.0.5-1ubuntu0.2_powerpc.deb
Size/MD5: 1063472 1b93cb8b1da4392554b9383316546454
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-ldap_0.45.6-1ubuntu0.2_powerpc.deb
Size/MD5: 73686 882ca51f3f168c14294723fecc8c454a
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-maildrop_0.45.6-1ubuntu0.2_powerpc.deb
Size/MD5: 1058784 138ec1917ab30dc6db7bbf2077cb2008
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-mlm_0.45.6-1ubuntu0.2_powerpc.deb
Size/MD5: 127542 56acfb77b8e5876c8edd50f0ce7c48a9
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-mta-ssl_0.45.6-1ubuntu0.2_powerpc.deb
Size/MD5: 18172 2499020cb9b13f3b300c091523d97e7e
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-mta_0.45.6-1ubuntu0.2_powerpc.deb
Size/MD5: 2365852 dfdb5aa6963a15cf7d30dcb832420298
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-pcp_0.45.6-1ubuntu0.2_powerpc.deb
Size/MD5: 65624 b823365c10941a7d9d831edb4794b6ab
http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-pop-ssl_0.45.6-1ubuntu0.2_powerpc.deb
Size/MD5: 19686 fe2c34b05ddc4097f398535793d21f83
http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-pop_0.45.6-1ubuntu0.2_powerpc.deb
Size/MD5: 478142 4281580bbda09daec7a241fcb362d9b8
http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-ssl_0.45.6-1ubuntu0.2_powerpc.deb
Size/MD5: 195292 78560346f853348ea27e75f00fb75b11
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-webadmin_0.45.6-1ubuntu0.2_powerpc.deb
Size/MD5: 33980 611b9a41d8e66a93fb936781b936ebff
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/sqwebmail_0.45.6-1ubuntu0.2_powerpc.deb
Size/MD5: 857912 ea2e59d5b1aa6671a91917018f32a45e

Updated packages for Ubuntu 5.04:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier_0.47-3ubuntu1.4.diff.gz
Size/MD5: 108427 463a7d9043ce5f316268fe304357ff6c
http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier_0.47-3ubuntu1.4.dsc
Size/MD5: 1204 6ba3575f3fc3ea367b7bc2824c9e5f87
http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier_0.47.orig.tar.gz
Size/MD5: 6350808 361a84e497148ce557c150d3576ec24b

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-doc_0.47-3ubuntu1.4_all.deb
Size/MD5: 370532 89c78e172532b0d617b289157347483b

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-authdaemon_0.47-3ubuntu1.4_amd64.deb
Size/MD5: 62384 601c5aea9adfe39d6b4bdaa06a69592d
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-authmysql_0.47-3ubuntu1.4_amd64.deb
Size/MD5: 57006 358bdb5d36a2ea10df132daa70238d18
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-authpostgresql_0.47-3ubuntu1.4_amd64.deb
Size/MD5: 57190 ab85ef96b251fdced2d2854832e38e96
http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-base_0.47-3ubuntu1.4_amd64.deb
Size/MD5: 257168 b67743c752efe408c3d77090ac24804a
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-faxmail_0.47-3ubuntu1.4_amd64.deb
Size/MD5: 28720 96fad4cf46718f7bfdf1d63536a92a59
http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-imap-ssl_3.0.8-3ubuntu1.4_amd64.deb
Size/MD5: 21282 85fcb879d725788fd45279be52f75e2c
http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-imap_3.0.8-3ubuntu1.4_amd64.deb
Size/MD5: 950510 b7669a090eff9870bf7b5de015644481
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-ldap_0.47-3ubuntu1.4_amd64.deb
Size/MD5: 74106 1e9cb371ca35f372274d19d96127cc3a
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-maildrop_0.47-3ubuntu1.4_amd64.deb
Size/MD5: 942846 e00881fea462419705c40f3ae70411af
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-mlm_0.47-3ubuntu1.4_amd64.deb
Size/MD5: 122706 632b4bc3f249d298fb78e723ac524fd0
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-mta-ssl_0.47-3ubuntu1.4_amd64.deb
Size/MD5: 19334 aac3ca017ac5ac1c8d1f4fa8b345a9b0
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-mta_0.47-3ubuntu1.4_amd64.deb
Size/MD5: 2157378 4eb5da1c44534d03aa2d98d3d92d4f68
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-pcp_0.47-3ubuntu1.4_amd64.deb
Size/MD5: 66512 b9a62356541090e07708dd25817c0efc
http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-pop-ssl_0.47-3ubuntu1.4_amd64.deb
Size/MD5: 21070 42321acf84a5a7fee632a49e472e6815
http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-pop_0.47-3ubuntu1.4_amd64.deb
Size/MD5: 423140 72e3b01251c51b0b5acff3018e025f7e
http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-ssl_0.47-3ubuntu1.4_amd64.deb
Size/MD5: 195642 8acbcbf16861d6364f4011d831199200
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-webadmin_0.47-3ubuntu1.4_amd64.deb
Size/MD5: 34408 569573001d9172cc993b397fc162ada9
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/sqwebmail_0.47-3ubuntu1.4_amd64.deb
Size/MD5: 798116 6253d990d4e35323319d8ef795685360

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-authdaemon_0.47-3ubuntu1.4_i386.deb
Size/MD5: 56164 d5ea14d215460d3982c3e2e0182ffbfa
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-authmysql_0.47-3ubuntu1.4_i386.deb
Size/MD5: 52064 aa30f6db6dbd0a1ed58b9fd0e5c40915
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-authpostgresql_0.47-3ubuntu1.4_i386.deb
Size/MD5: 52146 5cb184a6ef943a0b3d58bf97a19d7f62
http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-base_0.47-3ubuntu1.4_i386.deb
Size/MD5: 233414 3c844ab202cd5473b8036e14e18d643a
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-faxmail_0.47-3ubuntu1.4_i386.deb
Size/MD5: 28738 6dc93d1f5da1ea11361cc154407f4333
http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-imap-ssl_3.0.8-3ubuntu1.4_i386.deb
Size/MD5: 21282 2a4783204fc1d75482e0471030a8a835
http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-imap_3.0.8-3ubuntu1.4_i386.deb
Size/MD5: 925248 fe7a1df132e4fb1d23a4482e80517ee0
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-ldap_0.47-3ubuntu1.4_i386.deb
Size/MD5: 67584 683d2a8d27be9f0959e8d0074863727a
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-maildrop_0.47-3ubuntu1.4_i386.deb
Size/MD5: 916594 de691731f0b8820dddda17c510f3b1c4
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-mlm_0.47-3ubuntu1.4_i386.deb
Size/MD5: 117314 237a1a89c3b95eb7bfc02d4c6fefb41a
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-mta-ssl_0.47-3ubuntu1.4_i386.deb
Size/MD5: 19336 eeb7c9711b45064af42ad4ff96cbcb59
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-mta_0.47-3ubuntu1.4_i386.deb
Size/MD5: 2052174 b3dc799b852013341c32a1f554774fff
http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-pcp_0.47-3ubuntu1.4_i386.deb
Size/MD5: 59806 ff3dacf3777a2c2e54ccb8562cd6ad71
http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-pop-ssl_0.47-3ubuntu1.4_i386.deb
Size/MD5: 21078 b55458a82063418b3345a2158a42e524