---

Advisories, January 8, 2007

Debian GNU/Linux


Debian Security Advisory DSA 1246-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
January 8th, 2007 http://www.debian.org/security/faq


Package : openoffice.org
Vulnerability : buffer overflow
Problem type : local (remote)
Debian-specific: no
CVE ID : CVE-2006-5870
Debian Bug : 405679 405986

John Heasman from Next Generation Security Software discovered a
heap overflow in the handling of Windows Metafiles in
OpenOffice.org, the free office suite, which could lead to a denial
of service and potentially execution of arbitrary code.

For the stable distribution (sarge) this problem has been fixed
in version 1.1.3-9sarge4.

For the unstable distribution (sid) this problem has been fixed
in version 2.0.4-1.

We recommend that you upgrade your openofffice.org package.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge


Source archives:

    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org_1.1.3-9sarge4.dsc

      Size/MD5 checksum: 2878
3adfe8b09c20248767fe9d995b3f184c
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org_1.1.3-9sarge4.diff.gz

      Size/MD5 checksum: 4623655
108120f3b365317fa9c47b25a5445fce
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org_1.1.3.orig.tar.gz

      Size/MD5 checksum: 166568714
5250574bad9906b38ce032d04b765772

Architecture independent components:

    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-af_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 2647376
8704f95d7e844e302abcae4d403f7818
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-ar_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 2694806
89cc4671d9d38ff05e5a361a06e02098
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-ca_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 2690164
45db102838292106429d06f2c9d4a77f
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-cs_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 3586142
03e0e6ba4d7abc4954fb7ffe4e04ced6
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-cy_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 2662654
ff77cf34ec2cfc0d8deaa49edf5ed00f
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-da_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 3581922
7f69ac15b11613a649a2a08ff1501fd8
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-de_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 3453208
fcd76abbb9df7cd707e36903e9db1f17
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-el_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 2741468
ab08c03a0f0d78c3db9c99bd80fe12f1
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-en_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 3525792
12c71a26f9512295ab442fb63e8711a3
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-es_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 3560792
9965231fb1b0c3956ddb09255b91c86b
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-et_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 2645014
baa0a0c809a740273d8dfd87b946d81b
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-eu_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 2667748
740c781dd55cad46fdc52c1926d5854e
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-fi_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 2673164
f8b2c8d335490dcaaf3f1bcb63eb72ec
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-fr_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 3494058
674365c474453cf6590a82c2b2d3d631
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-gl_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 2657584
7ce93bcb8f34a3f05f7560b5631a5ed8
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-he_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 2659220
0eb0857819464be35dd9d7c81beaa0b5
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-hi_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 2695686
3ca8a13e1d82d3036a92606bdce79b16
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-hu_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 2771502
836d91201b70e5747a8099f5a5517deb
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-it_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 3555644
3f3f0518c84cc9a7e191c6e025c67dcd
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-ja_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 3564244
80fc0de1fc7d84360091e53bdca22853
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-kn_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 2685084
7c5fb3784626924e0c0ce5149191c5f7
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-ko_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 3540114
4c9bed5f7bcea97d3ab3b117640c626d
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-lt_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 2672762
3778280d7eca49a1fbcd401750530fcc
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-nb_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 2663808
d69aa15d7e5ecece8ee1fef8efde0341
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-nl_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 3559972
5f2d3ecab6bb697e66ee82b4e31d7bc0
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-nn_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 2663552
2c1645edd72ca4ee2b6721848b3b360e
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-ns_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 2664676
5d3d924327b847377da15e74dbf70877
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-pl_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 3238860
fcbda1d9de3fc009fa663319b91e2a3a
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-pt-br_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 3526050
966acfd1ae82a776bdb4f23108600225
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-pt_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 3161406
d4d4fd2f3e77c5586e30f2f875dc33c3
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-ru_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 3332148
55aca35c906a10915e053988b7aa3c09
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-sk_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 3603192
2788a27445e52e81917364aba2a85c0a
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-sl_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 3599238
29ba9e01fb897c1287af13a4c478aeda
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-sv_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 3542822
665126a7f85234beb95d648e20534027
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-th_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 2689084
ac5b2a0123d8631a182a7de77e63ccf9
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-tn_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 2650990
be8c4d81ccad1cc9951395fdf7ff078b
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-tr_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 2893818
488f3310417ade7cff1b013f7e0d5e82
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-zh-cn_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 3553030
9cd6554701566bc264cc479452b0dcd4
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-zh-tw_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 3548654
e7992921765ffc14f8d212799addb02f
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-zu_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 2672242
635031d8e6cc4b7c16f3eefad4edb05f
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-mimelnk_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 67184
e44a08734ab212bdbc017f9675dff986
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-thesaurus-en-us_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 3130960
d659b041a6f58679cf05a67de068b6f3
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 6852620
9b1363c6d3e7395595687112f6632a36
    http://security.debian.org/pool/updates/main/o/openoffice.org/ttf-opensymbol_1.1.3-9sarge4_all.deb

      Size/MD5 checksum: 137130
89898024ed9949ede2af7df7a907857b

Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-bin_1.1.3-9sarge4_i386.deb

      Size/MD5 checksum: 41473164
201d3654e0f25c09cad426a834a6a732
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-dev_1.1.3-9sarge4_i386.deb

      Size/MD5 checksum: 1858664
17e895e4db8a124105597bd091fe77db
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-evolution_1.1.3-9sarge4_i386.deb

      Size/MD5 checksum: 164568
dd1b783a99d9d7e08fa7d0f3707cdf16
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-gtk-gnome_1.1.3-9sarge4_i386.deb

      Size/MD5 checksum: 160158
12e000d7418c4c79540cb0dabdf73c31
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-kde_1.1.3-9sarge4_i386.deb

      Size/MD5 checksum: 144160
efafeabb9e208f32dcd4d930f022453e

PowerPC architecture:

    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-bin_1.1.3-9sarge4_powerpc.deb

      Size/MD5 checksum: 39929314
f47ffa291dc5e5423ad286da20780fa0
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-dev_1.1.3-9sarge4_powerpc.deb

      Size/MD5 checksum: 1865702
af0983cce9e7f71bfa36445eb525c8be
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-evolution_1.1.3-9sarge4_powerpc.deb

      Size/MD5 checksum: 161596
ddba4d76fed158c9c4c0441e0de71647
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-gtk-gnome_1.1.3-9sarge4_powerpc.deb

      Size/MD5 checksum: 158824
e50a700f00a8fb92ddaf554fe3cc6fdd
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-kde_1.1.3-9sarge4_powerpc.deb

      Size/MD5 checksum: 142330
8746389ad88f5176a6db6b75c0c503cb

IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-bin_1.1.3-9sarge4_s390.deb

      Size/MD5 checksum: 42751682
c5b8173b85bf0f0931c98c2f204a5c05
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-dev_1.1.3-9sarge4_s390.deb

      Size/MD5 checksum: 1852730
18d41fcb730e667b6eaeb600dd36a1b5
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-evolution_1.1.3-9sarge4_s390.deb

      Size/MD5 checksum: 166852
0122761ef0c613aa3f64f7e6685a7311
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-gtk-gnome_1.1.3-9sarge4_s390.deb

      Size/MD5 checksum: 166716
c70e54ac2a1ab5c4b23fb017128db5ec
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-kde_1.1.3-9sarge4_s390.deb

      Size/MD5 checksum: 145354
fec4c419919354ae32c114563c8b6390

Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-bin_1.1.3-9sarge4_sparc.deb

      Size/MD5 checksum: 40804144
3f6d727294d3992769146240bb532e69
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-dev_1.1.3-9sarge4_sparc.deb

      Size/MD5 checksum: 1847714
7d50650e99e42aa2f0da81493b862274
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-evolution_1.1.3-9sarge4_sparc.deb

      Size/MD5 checksum: 168000
b703ad63b11459d7062517a7cbb1b776
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-gtk-gnome_1.1.3-9sarge4_sparc.deb

      Size/MD5 checksum: 158394
e2ec76119983f45320a3d2aa5b9112f4
    http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-kde_1.1.3-9sarge4_sparc.deb

      Size/MD5 checksum: 139900
e7b6f94dabdbe6ac98b9e22d8425c27c

These files will probably be moved into the stable distribution
on its next update.



Debian Security Advisory DSA-1247-1 security@debian.org
http://www.debian.org/security/
Noah Meyerhans
January 08, 2007


Package : libapache-mod-auth-kerb
Vulnerability : heap overflow
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2006-5989
BugTraq ID : 21214
Debian Bug : 400589

An off-by-one error leading to a heap-based buffer overflow has
been identified in libapache-mod-auth-kerb, an Apache module for
Kerberos authentication. The error could allow an attacker to
trigger an application crash or potentially execute arbitrary code
by sending a specially crafted kerberos message.

For the stable distribution (sarge), this problem has been fixed
in version 4.996-5.0-rc6-1sarge1.

For the unstable version (sid) and the forthcoming stable
version (etch), this problem has been fixed in version 5.3-1.

We recommend that you upgrade your libapache-mod-auth-kerb
package.

Upgrade instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian 3.1 (stable)


Stable updates are available for alpha, amd64, arm, hppa, i386,
ia64, m68k, mips, mipsel, powerpc, s390 and sparc.

Source archives:

    http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1.dsc

      Size/MD5 checksum: 744
5e045be08755cab316754a7f214eeaae
    http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1.diff.gz

      Size/MD5 checksum: 49849
3ebbb5101629ddd8917159c1cbdf20ab
    http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache-mod-auth-kerb_4.996-5.0-rc6.orig.tar.gz

      Size/MD5 checksum: 68787
b6a6c80b25b362eb7394f69cdc91f76d

amd64 architecture (AMD x86_64 (AMD64))

    http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_amd64.deb

      Size/MD5 checksum: 28574
65078aa7e78f2728499849047eaf2fbb
    http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_amd64.deb

      Size/MD5 checksum: 27148
60ce4d39ac022335bd98ea7ed412f24d

arm architecture (ARM)

    http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_arm.deb

      Size/MD5 checksum: 24078
053e0b54c348251be97c7708d43b5542
    http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_arm.deb

      Size/MD5 checksum: 25498
e1882b8b0e408cb2339ef4d43c800bd7

hppa architecture (HP PA RISC)

    http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_hppa.deb

      Size/MD5 checksum: 28796
e29c79c55af53fc66cc1ea9084c63403
    http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_hppa.deb

      Size/MD5 checksum: 27246
4d2394e0fc2a429c03ad6063c9ea2cce

i386 architecture (Intel ia32)

    http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_i386.deb

      Size/MD5 checksum: 25014
20666ea4edbce196ba0b4ea120425af5
    http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_i386.deb

      Size/MD5 checksum: 27176
6e7e40781f4beadec9226a918c8d4591

ia64 architecture (Intel ia64)

    http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_ia64.deb

      Size/MD5 checksum: 31886
8146de1df6e65b32e213bfdc9b1320d2
    http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_ia64.deb

      Size/MD5 checksum: 33946
a2f93809df0703311c64ab28bc71a435

m68k architecture (Motorola Mc680x0)

    http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_m68k.deb

      Size/MD5 checksum: 24592
111a715b11307ad90a8c3c72d144067d
    http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_m68k.deb

      Size/MD5 checksum: 24904
058b9470f905b33b7db5c1b7c82b704c

mips architecture (MIPS (Big Endian))

    http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_mips.deb

      Size/MD5 checksum: 26282
32ea8b07b5884759d0be1ae80aff2cbe
    http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_mips.deb

      Size/MD5 checksum: 24916
3086189cc29784d14c3c262bf5db79c6

mipsel architecture (MIPS (Little Endian))

    http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_mipsel.deb

      Size/MD5 checksum: 24750
4e60ed40a92ebd95eac8b1b1a047eeb1
    http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_mipsel.deb

      Size/MD5 checksum: 26078
3debbde1ea8f7bfdded64641019ee035

powerpc architecture (PowerPC)

    http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_powerpc.deb

      Size/MD5 checksum: 27564
224b00ca30cfbc147af1359bb97d5bf2
    http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_powerpc.deb

      Size/MD5 checksum: 26050
26618825bca0ebce62a17f372c945dc5

s390 architecture (IBM S/390)

    http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_s390.deb

      Size/MD5 checksum: 28890
4a105cf32ef83ab8b2f3ea41a3303d69
    http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_s390.deb

      Size/MD5 checksum: 27520
9582e86ab07a5fe726c88c35b4463a74

sparc architecture (Sun SPARC/UltraSPARC)

    http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_sparc.deb

      Size/MD5 checksum: 24014
d7e4b7d6fe57acd4cf5bb100e35a964f
    http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_sparc.deb

      Size/MD5 checksum: 25022
78f3c5282673219f044955496aaed10b

These files will probably be moved into the stable distribution
on its next update.


For apt-get: deb http://security.debian.org/
stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security
dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org

Package info: `apt-cache show <pkg>’ and http://packages.debian.org/<pkg>

rPath Linux

rPath Security Advisory: 2007-0001-1
Published: 2007-01-08
Products: rPath Linux 1
Rating: Major
Exposure Level Classification: Indirect User Deterministic
Unauthorized Access
Updated Versions:
openoffice.org=/conary.rpath.com@rpl:devel//1/2.0.3-1.7-1

References:

    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5870

    https://issues.rpath.com/browse/RPL-905

Description:

Previous versions of the openoffice.org package are vulnerable
to an arbitrary code execution attack. When OpenOffice.org opens an
intentionally-malformed .wmf or .emf file, it executes arbitrary
code provided by the attacker.

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis