Debian Security Advisory DSA 700-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
March 30th, 2005 http://www.debian.org/security/faq
Package : mailreader
Vulnerability : missing input sanitising
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2005-0386
Ulf Hürnhammar from the Debian Security Audit Project
discovered a cross-site scripting problem in mailreader, a simple,
but powerful WWW mail reader system, when displaying messages of
the MIME types text/enriched or text/richtext.
For the stable distribution (woody) this problem has been fixed
in version 2.3.29-5woody2.
For the unstable distribution (sid) this problem has been fixed
in version 2.3.29-11.
We recommend that you upgrade your mailreader package.
Upgrade Instructions
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
Source archives:
http://security.debian.org/pool/updates/main/m/mailreader/mailreader_2.3.29-5woody2.dsc
Size/MD5 checksum: 623 42f2edc38e5e563013f08deb401daed2
http://security.debian.org/pool/updates/main/m/mailreader/mailreader_2.3.29-5woody2.diff.gz
Size/MD5 checksum: 40004 7c68b982f9c7e45504411805d622d4e1
http://security.debian.org/pool/updates/main/m/mailreader/mailreader_2.3.29.orig.tar.gz
Size/MD5 checksum: 307934 8e2687227ac737f244994e19ca3ba575
Architecture independent components:
http://security.debian.org/pool/updates/main/m/mailreader/mailreader_2.3.29-5woody2_all.deb
Size/MD5 checksum: 352696 32dfa7f100f7716b0b47b85b60c5c3d8
These files will probably be moved into the stable distribution
on its next update.
For apt-get: deb http://security.debian.org/
stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security
dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>’ and http://packages.debian.org/<pkg>
Fedora Update Notification
FEDORA-2005-234
2005-03-30
Product : Fedora Core 2
Name : ImageMagick
Version : 6.2.0.7
Release : 2.fc2
Summary : An X application for displaying and manipulating
images.
Description :
ImageMagick(TM) is an image display and manipulation tool for the X
Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF,
and Photo CD image formats. It can resize, rotate, sharpen, color
reduce, or add special effects to an image, and when finished you
can either save the completed work in the original format or a
different one. ImageMagick also includes command line programs for
creating animated or transparent .gifs, creating composite images,
creating thumbnail images, and more.
ImageMagick is one of your choices if you need a program to
manipulate and dis play images. If you want to develop your own
applications which use ImageMagick code or APIs, you need to
install ImageMagick-devel as well.
Update Information:
Andrei Nigmatulin discovered a heap based buffer overflow flaw
in the ImageMagick image handler. An attacker could create a
carefully crafted Photoshop Document (PSD) image in such a way that
it would cause ImageMagick to execute arbitrary code when
processing the image. The Common Vulnerabilities and Exposures
project (cve.mitre.org/) has
assigned the name CAN-2005-0005 to this issue.
A format string bug was found in the way ImageMagick handles
filenames. An attacker could execute arbitrary code in a victims
machine if they are able to trick the victim into opening a file
with a specially crafted name. The Common Vulnerabilities and
Exposures project (cve.mitre.org/) has assigned the name
CAN-2005-0397 to this issue.
A bug was found in the way ImageMagick handles TIFF tags. It is
possible that a TIFF image file with an invalid tag could cause
ImageMagick to crash.
A bug was found in ImageMagick’s TIFF decoder. It is possible
that a specially crafted TIFF image file could cause ImageMagick to
crash.
A bug was found in the way ImageMagick parses PSD files. It is
possilbe that a specially crafted PSD file could cause ImageMagick
to crash.
A heap overflow bug was found in ImageMagick’s SGI parser. It is
possible
that an attacker could execute arbitrary code by tricking a user
into opening a specially crafted SGI image file.
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
52fbf39e38a7ae5cc0914b6517fedcba
SRPMS/ImageMagick-6.2.0.7-2.fc2.src.rpm
f6a42bb0239a56780d7fac79bf4cb0cd
x86_64/ImageMagick-6.2.0.7-2.fc2.x86_64.rpm
ac4add6449a8f20658f865161656b492 x86_64/ImageMagickdevel
-6.2.0.7-2.fc2.x86_64.rpm
414e95f0ed5189e246a5f03f27a9ba8a x86_64/ImageMagickperl
-6.2.0.7-2.fc2.x86_64.rpm
1f416050e2410950b7d31cb6a20fcf3c x86_64/ImageMagick-c+
+-6.2.0.7-2.fc2.x86_64.rpm
dca65373bdde8fc72ad43f5fbb66d082 x86_64/ImageMagick-c++-
devel-6.2.0.7-2.fc2.x86_64.rpm
39e6fd4dd15ff0830a8a4629f9544ad1 x86_64/debug/ImageMagickdebuginfo
-6.2.0.7-2.fc2.x86_64.rpm
9cf6d6efbb10b85c7aac59ccdc8404c1
i386/ImageMagick-6.2.0.7-2.fc2.i386.rpm
bd5af835d5c692efeb91f8e72bd3ad68 i386/ImageMagickdevel
-6.2.0.7-2.fc2.i386.rpm
3bcd96b4f37d0d00496322172c3ab985 i386/ImageMagickperl
-6.2.0.7-2.fc2.i386.rpm
3cc2862b41fa967e89743dca2794068a i386/ImageMagick-c+
+-6.2.0.7-2.fc2.i386.rpm
40e7147cf90e2fcd9f9589bdd201ab48 i386/ImageMagick-c++-
devel-6.2.0.7-2.fc2.i386.rpm
ed7985c73aa5b5806ad66e0b97636f9c i386/debug/ImageMagickdebuginfo
-6.2.0.7-2.fc2.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the ‘up2date’ command.
Fedora Update Notification
FEDORA-2005-235
2005-03-30
Product : Fedora Core 3
Name : ImageMagick
Version : 6.2.0.7
Release : 2.fc3
Summary : An X application for displaying and manipulating
images.
Description :
ImageMagick(TM) is an image display and manipulation tool for the X
Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF,
and Photo CD image formats. It can resize, rotate, sharpen, color
reduce, or add special effects to an image, and when finished you
can either save the completed work in the original format or a
different one. ImageMagick also includes command line programs for
creating animated or transparent .gifs, creating composite images,
creating thumbnail images, and more.
ImageMagick is one of your choices if you need a program to
manipulate and dis play images. If you want to develop your own
applications which use ImageMagick code or APIs, you need to
install ImageMagick-devel as well.
Update Information:
Andrei Nigmatulin discovered a heap based buffer overflow flaw
in the ImageMagick image handler. An attacker could create a
carefully crafted Photoshop Document (PSD) image in such a way that
it would cause ImageMagick to execute arbitrary code when
processing the image. The Common Vulnerabilities and Exposures
project (cve.mitre.org/) has
assigned the name CAN-2005-0005 to this issue.
A format string bug was found in the way ImageMagick handles
filenames. An attacker could execute arbitrary code in a victims
machine if they are able to trick the victim into opening a file
with a specially crafted name. The Common Vulnerabilities and
Exposures project (cve.mitre.org/) has assigned the name
CAN-2005-0397 to this issue.
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
dbbd0c32799bc32658214273037f1942
SRPMS/ImageMagick-6.2.0.7-2.fc3.src.rpm
39ecc49bcdfda64dd2cfaac13b332f42
x86_64/ImageMagick-6.2.0.7-2.fc3.x86_64.rpm
908f8c2f25568cf2340db0a6ae7c5b57 x86_64/ImageMagickdevel
-6.2.0.7-2.fc3.x86_64.rpm
7f5112e7f05c9d4a448f5edeb42b153c x86_64/ImageMagickperl
-6.2.0.7-2.fc3.x86_64.rpm
039af81133349c933d0de1e1f61f3ba1 x86_64/ImageMagick-c+
+-6.2.0.7-2.fc3.x86_64.rpm
455c2286d9f1ed1e778a5c5e905053cb x86_64/ImageMagick-c++-
devel-6.2.0.7-2.fc3.x86_64.rpm
fe8a3812e6c3fbc8f5016e6eb1d2271a x86_64/debug/ImageMagickdebuginfo
-6.2.0.7-2.fc3.x86_64.rpm
1f8387ff55eee8116b53309fc93e28db
x86_64/ImageMagick-6.2.0.7-2.fc3.i386.rpm
214aee8a27780dee6e5c4a5b8b58ec0e x86_64/ImageMagick-c+
+-6.2.0.7-2.fc3.i386.rpm
1f8387ff55eee8116b53309fc93e28db
i386/ImageMagick-6.2.0.7-2.fc3.i386.rpm
a97fb99dfbcddc4391a351a51d544f14 i386/ImageMagickdevel
-6.2.0.7-2.fc3.i386.rpm
12ceecfa8d7fd51e9e7a0eaf92c2abcf i386/ImageMagickperl
-6.2.0.7-2.fc3.i386.rpm
214aee8a27780dee6e5c4a5b8b58ec0e i386/ImageMagick-c+
+-6.2.0.7-2.fc3.i386.rpm
1ed8f7ca926e4fd31500f7ee8f767e72 i386/ImageMagick-c++-
devel-6.2.0.7-2.fc3.i386.rpm
1f8756e8c6b5405dad07396eb34bf064 i386/debug/ImageMagickdebuginfo
-6.2.0.7-2.fc3.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the ‘up2date’ command.
Fedora Update Notification
FEDORA-2005-265
2005-03-30
Product : Fedora Core 2
Name : gdk-pixbuf
Version : 0.22.0
Release : 12.fc2
Summary : An image loading library used with GNOME.
Description :
The gdk-pixbuf package contains an image loading library used with
the GNOME GUI desktop environment. The GdkPixBuf library provides
image loading facilities, the rendering of a GdkPixBuf into various
formats (drawables or GdkRGB buffers), and a cache interface.
Update Information:
David Costanzo found a bug in the way gdk-pixbuf processes BMP
images. It is possible that a specially crafted BMP image could
cause a denial of service attack in applications linked against
gdk-pixbuf. The Common Vulnerabilities and Exposures project
(cve.mitre.org/) has assigned
the name CAN-2005-0891 to this issue.
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
a0ba48a2695141af2d4a0f7ff3218062
SRPMS/gdk-pixbuf-0.22.0-12.fc2.src.rpm
c1dc4fe31433159afb6bcfdd98dd84a2 x86_64/gdkpixbuf
-0.22.0-12.fc2.x86_64.rpm
c561473d5921958c2aa7aed692671933 x86_64/gdk-pixbufdevel
-0.22.0-12.fc2.x86_64.rpm
eb0fae059933dd9613048b4dfaa73d6f x86_64/gdk-pixbufgnome
-0.22.0-12.fc2.x86_64.rpm
886d8069570a4202bfbcb6304203fd5a x86_64/debug/gdk-pixbufdebuginfo
-0.22.0-12.fc2.x86_64.rpm
f56442e8a45c71b7004373b94acf5a9f
i386/gdk-pixbuf-0.22.0-12.fc2.i386.rpm
0b16b3e1d3223b91728211fa311e8d72 i386/gdk-pixbufdevel
-0.22.0-12.fc2.i386.rpm
19ea2d840949337df59ccbe8e3303648 i386/gdk-pixbufgnome
-0.22.0-12.fc2.i386.rpm
a64d219947db70a88a5a29f1fba24227 i386/debug/gdk-pixbufdebuginfo
-0.22.0-12.fc2.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the ‘up2date’ command.
Fedora Update Notification
FEDORA-2005-266
2005-03-30
Product : Fedora Core 3
Name : gdk-pixbuf
Version : 0.22.0
Release : 16.fc3
Summary : An image loading library used with GNOME.
Description :
The gdk-pixbuf package contains an image loading library used with
the GNOME GUI desktop environment. The GdkPixBuf library provides
image loading facilities, the rendering of a GdkPixBuf into various
formats (drawables or GdkRGB buffers), and a cache interface.
Update Information:
David Costanzo found a bug in the way gdk-pixbuf processes BMP
images. It is possible that a specially crafted BMP image could
cause a denial of service attack in applications linked against
gdk-pixbuf. The Common Vulnerabilities and Exposures project
(cve.mitre.org/) has assigned
the name CAN-2005-0891 to this issue.
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
140402ef3823af459027e7eec1fb4a31
SRPMS/gdk-pixbuf-0.22.0-16.fc3.src.rpm
46732d3473a71aa4ab90dd456f0e957f x86_64/gdkpixbuf
-0.22.0-16.fc3.x86_64.rpm
14639a9be1a8470ef3ebf5f8ca6951fa x86_64/gdk-pixbufdevel
-0.22.0-16.fc3.x86_64.rpm
d35d6f6ff840efced466d44e2556b556 x86_64/gdk-pixbufgnome
-0.22.0-16.fc3.x86_64.rpm
91cb66921118ac3187e2a5234d33672a x86_64/debug/gdk-pixbufdebuginfo
-0.22.0-16.fc3.x86_64.rpm
c226b3c99d9f139883015b249621294f x86_64/gdkpixbuf
-0.22.0-16.fc3.i386.rpm
c226b3c99d9f139883015b249621294f
i386/gdk-pixbuf-0.22.0-16.fc3.i386.rpm
7a7790402d9d477f7f0f47a74259bfa4 i386/gdk-pixbufdevel
-0.22.0-16.fc3.i386.rpm
4e8f98e1e520d1f9e2b7b1fa98c06119 i386/gdk-pixbufgnome
-0.22.0-16.fc3.i386.rpm
a3b06be3f9bd8ec74588dc6b95b637a9 i386/debug/gdk-pixbufdebuginfo
-0.22.0-16.fc3.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the ‘up2date’ command.
Fedora Update Notification
FEDORA-2005-267
2005-03-30
Product : Fedora Core 2
Name : gtk2
Version : 2.4.14
Release : 2.fc2
Summary : The GIMP ToolKit (GTK+), a library for creating GUIs
for
X.
Description :
GTK+ is a multi-platform toolkit for creating graphical user
interfaces. Offering a complete set of widgets, GTK+ is suitable
for projects ranging from small one-off tools to complete
application suites.
Update Information:
David Costanzo found a bug in the way GTK+ processes BMP images. It
is possible that a specially crafted BMP image could cause a denial
of service attack in applications linked against GTK+. The Common
Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name
CAN-2005-0891 to this issue.
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
e554a876457e37b8a432191af098b455
SRPMS/gtk2-2.4.14-2.fc2.src.rpm
e0ab627f18c00ea25257d7c0e82baa30
x86_64/gtk2-2.4.14-2.fc2.x86_64.rpm
bffbdf4fb9ad6c0803c61994b4f3f125 x86_64/gtk2-
devel-2.4.14-2.fc2.x86_64.rpm
64febbae57060204343e0f212279a3b8 x86_64/debug/gtk2-
debuginfo-2.4.14-2.fc2.x86_64.rpm
40137c8115b35e5f92cc4ac764b7c04e
x86_64/gtk2-2.4.14-2.fc2.i386.rpm
40137c8115b35e5f92cc4ac764b7c04e
i386/gtk2-2.4.14-2.fc2.i386.rpm
1fd50f68800ac67282143c0d02e5be09
i386/gtk2-devel-2.4.14-2.fc2.i386.rpm
749b4834dfe87cdcf3133a9d859e5b91 i386/debug/gtk2-
debuginfo-2.4.14-2.fc2.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the ‘up2date’ command.
Fedora Update Notification
FEDORA-2005-268
2005-03-30
Product : Fedora Core 3
Name : gtk2
Version : 2.4.14
Release : 3.fc3
Summary : The GIMP ToolKit (GTK+), a library for creating GUIs
for
X.
Description :
GTK+ is a multi-platform toolkit for creating graphical user
interfaces. Offering a complete set of widgets, GTK+ is suitable
for projects ranging from small one-off tools to complete
application suites.
Update Information:
David Costanzo found a bug in the way GTK+ processes BMP images.
It is possible that a specially crafted BMP image could cause a
denial of service attack in applications linked against GTK+. The
Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name
CAN-2005-0891 to this issue.
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
8c9c1a539e15629f204038597c57e75a
SRPMS/gtk2-2.4.14-3.fc3.src.rpm
6491f2ebf95a79a0fafdd90256033189
x86_64/gtk2-2.4.14-3.fc3.x86_64.rpm
7facd80dc1c9ffc2e1745cb1505096c0 x86_64/gtk2-
devel-2.4.14-3.fc3.x86_64.rpm
922ad9d8b24a4a580bca1f3461c1fcde x86_64/debug/gtk2-
debuginfo-2.4.14-3.fc3.x86_64.rpm
9351093394765c34bc5a6b28e8db301b
x86_64/gtk2-2.4.14-3.fc3.i386.rpm
9351093394765c34bc5a6b28e8db301b
i386/gtk2-2.4.14-3.fc3.i386.rpm
abb369e8b7dbcbe785a23d9cf52ca2a0
i386/gtk2-devel-2.4.14-3.fc3.i386.rpm
816116449734868587e069851dc57a62 i386/debug/gtk2-
debuginfo-2.4.14-3.fc3.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the ‘up2date’ command.
Fedora Update Notification
FEDORA-2005-272
2005-03-29
Product : Fedora Core 2
Name : xorg-x11
Version : 6.7.0
Release : 14
Summary : The basic fonts, programs and docs for an X
workstation.
Description :
X.org X11 is an open source implementation of the X Window System.
It provides the basic low level functionality which full fledged
graphical user interfaces (GUIs) such as GNOME and KDE are designed
upon.
Update Information:
An integer overflow flaw was found in libXpm, which is used by
some applications for loading of XPM images. An attacker could
create a malicious XPM file that would execute arbitrary code if
opened by a victim using an application linked to the vulnerable
library. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name
CAN-2005-0605 to this issue.
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
600a0cfb0c9a9772da75c5652929518b
SRPMS/xorg-x11-6.7.0-14.src.rpm
825a43a427fe4f42ed37b17f18f45558
x86_64/xorg-x11-6.7.0-14.x86_64.rpm
b27a8d713eec80fce36e2f244eef0a2f
x86_64/xorg-x11-devel-6.7.0-14.x86_64.rpm
6275bf8618179e6eeea10feeef759bbb
x86_64/xorg-x11-font-utils-6.7.0-14.x86_64.rpm
89c8653ccb04e75510e74bc85508d7fd
x86_64/xorg-x11-xfs-6.7.0-14.x86_64.rpm
cf31406344a93fe433d23bfdcb0da81b
x86_64/xorg-x11-twm-6.7.0-14.x86_64.rpm
1cf2b9c77a87758430315feb848c48b9
x86_64/xorg-x11-xdm-6.7.0-14.x86_64.rpm
fadf7f5d595d9fcb611ec285435b961c
x86_64/xorg-x11-libs-6.7.0-14.x86_64.rpm
a070eccd4d418e14098030dffff0c859
x86_64/xorg-x11-libs-data-6.7.0-14.x86_64.rpm
e3a8a1f75a97820627be65bf3976a08f
x86_64/xorg-x11-base-fonts-6.7.0-14.x86_64.rpm
b9939cd88b4cc7aca4bfaf27b95e3674
x86_64/xorg-x11-truetype-fonts-6.7.0-14.x86_64.rpm
f6f33802011c13cb39d1e0b395870a47
x86_64/xorg-x11-syriac-fonts-6.7.0-14.x86_64.rpm
9b9b8064b4a18c0c8f4b70f09168bb29
x86_64/xorg-x11-75dpi-fonts-6.7.0-14.x86_64.rpm
7f3363d21561fb6cd6ca19bcc5f258a0
x86_64/xorg-x11-100dpi-fonts-6.7.0-14.x86_64.rpm
be4cf2103796bcdb13ba614498496f10
x86_64/xorg-x11-ISO8859-2-75dpi-fonts-6.7.0-14.x86_64.rpm
58f5345f28c3f95b5e966a894d75566b
x86_64/xorg-x11-ISO8859-2-100dpi-fonts-6.7.0-14.x86_64.rpm
61903949f372c4fdb24f067a7009fe53
x86_64/xorg-x11-ISO8859-9-75dpi-fonts-6.7.0-14.x86_64.rpm
08f9c2b87c56f9b8e4ace980dfddd3df
x86_64/xorg-x11-ISO8859-9-100dpi-fonts-6.7.0-14.x86_64.rpm
3bb47bb6bf4d3f0e445c5709c82320fd
x86_64/xorg-x11-ISO8859-14-75dpi-fonts-6.7.0-14.x86_64.rpm
f830609d16d830b5cc03b359e33cad80
x86_64/xorg-x11-ISO8859-14-100dpi-fonts-6.7.0-14.x86_64.rpm
17dfac76eb62313d2d6cb88f56982825
x86_64/xorg-x11-ISO8859-15-75dpi-fonts-6.7.0-14.x86_64.rpm
51297d1016839a60c058b3773a49fe89
x86_64/xorg-x11-ISO8859-15-100dpi-fonts-6.7.0-14.x86_64.rpm
c6525692b3052fa0f0000056b9985ed0
x86_64/xorg-x11-cyrillic-fonts-6.7.0-14.x86_64.rpm
2b16a602848c8145d78fc41dbb27e30c
x86_64/xorg-x11-doc-6.7.0-14.x86_64.rpm
6df6be39cadf75d56f05e08823ff5569
x86_64/xorg-x11-Xnest-6.7.0-14.x86_64.rpm
40298ae776b44605648aae8fc765d7a8
x86_64/xorg-x11-tools-6.7.0-14.x86_64.rpm
5a2e53f1ae2296ff3317bcb2899ac021
x86_64/xorg-x11-xauth-6.7.0-14.x86_64.rpm
dc536d4f899405eeebf55aefd0b69250
x86_64/xorg-x11-Mesa-libGL-6.7.0-14.x86_64.rpm
d6f0bfe66f978ec510320aa136e845f8
x86_64/xorg-x11-Mesa-libGLU-6.7.0-14.x86_64.rpm
a7090fa49b90b64d17b68fb8b34b0574
x86_64/xorg-x11-Xvfb-6.7.0-14.x86_64.rpm
f3f7f737769df12c9ecb3611d843493c
x86_64/xorg-x11-sdk-6.7.0-14.x86_64.rpm
09f987c885e0ab18c641b31ab0778eb0
x86_64/xorg-x11-libs-6.7.0-14.i386.rpm
4d8905737e62497664683b053e58f87e
x86_64/xorg-x11-libs-data-6.7.0-14.i386.rpm
54074a661b6889f91a29fb91c62a189e
x86_64/xorg-x11-Mesa-libGL-6.7.0-14.i386.rpm
30949ab6f8bf9427e32e841c37bac6e2
x86_64/xorg-x11-Mesa-libGLU-6.7.0-14.i386.rpm
4576076e43b32eb7d34fb9ff112c2ab6
i386/xorg-x11-6.7.0-14.i386.rpm
aa42939c5f62b2eb863c3b433eda091e
i386/xorg-x11-devel-6.7.0-14.i386.rpm
12758faeb79e52858b8cb963e829f7d1
i386/xorg-x11-font-utils-6.7.0-14.i386.rpm
e5e37ec4b840fd3c8e11bdffcd5a799f
i386/xorg-x11-xfs-6.7.0-14.i386.rpm
ae4a343bdeb63c559859d633fedc3720
i386/xorg-x11-twm-6.7.0-14.i386.rpm
9281ffb09a3c6c6387dd62fde5e6939f
i386/xorg-x11-xdm-6.7.0-14.i386.rpm
09f987c885e0ab18c641b31ab0778eb0
i386/xorg-x11-libs-6.7.0-14.i386.rpm
4d8905737e62497664683b053e58f87e
i386/xorg-x11-libs-data-6.7.0-14.i386.rpm
8f11ccc3a45ee547c408d29fb61c8d21
i386/xorg-x11-base-fonts-6.7.0-14.i386.rpm
6b1426acb8c1c89f7c02c10e1ef8a6f9
i386/xorg-x11-truetype-fonts-6.7.0-14.i386.rpm
287625bb4fa84f794ab0e6f2525598bb
i386/xorg-x11-syriac-fonts-6.7.0-14.i386.rpm
bb6740fa5b20fb389940b19fdd9d5cf6
i386/xorg-x11-75dpi-fonts-6.7.0-14.i386.rpm
f5014cfda408afc422be35be41c854bb
i386/xorg-x11-100dpi-fonts-6.7.0-14.i386.rpm
ac9eb026a651b64f15257870bc855b77
i386/xorg-x11-ISO8859-2-75dpi-fonts-6.7.0-14.i386.rpm
b8c3f6d33a83254c2c3dbe1746140254
i386/xorg-x11-ISO8859-2-100dpi-fonts-6.7.0-14.i386.rpm
401876c22190ad302fcbd2406b2195a6
i386/xorg-x11-ISO8859-9-75dpi-fonts-6.7.0-14.i386.rpm
0fe35cdc12d5efc451b83c6bee9badef
i386/xorg-x11-ISO8859-9-100dpi-fonts-6.7.0-14.i386.rpm
c1a35a47c2105d205aab91a6eb494ec1
i386/xorg-x11-ISO8859-14-75dpi-fonts-6.7.0-14.i386.rpm
24e129935a31acb375c52b2c67fa56ca
i386/xorg-x11-ISO8859-14-100dpi-fonts-6.7.0-14.i386.rpm
3c7922f8a8b2280bb29ffeeb3b83254d
i386/xorg-x11-ISO8859-15-75dpi-fonts-6.7.0-14.i386.rpm
eade863f16a383b6817fa211bafa0a63
i386/xorg-x11-ISO8859-15-100dpi-fonts-6.7.0-14.i386.rpm
508e852b7f0b06750769c6170d4aa7b1
i386/xorg-x11-cyrillic-fonts-6.7.0-14.i386.rpm
6a848de0e9d6c23cc13200e5b1e6c367
i386/xorg-x11-doc-6.7.0-14.i386.rpm
9799f497d482f759bcdca575c719784c
i386/xorg-x11-Xnest-6.7.0-14.i386.rpm
2ee2a3660f4d37cfeab7f0ef8b1dbeeb
i386/xorg-x11-tools-6.7.0-14.i386.rpm
8e9d284aa1fee22df6aad4675538a2ea
i386/xorg-x11-xauth-6.7.0-14.i386.rpm
54074a661b6889f91a29fb91c62a189e
i386/xorg-x11-Mesa-libGL-6.7.0-14.i386.rpm
30949ab6f8bf9427e32e841c37bac6e2
i386/xorg-x11-Mesa-libGLU-6.7.0-14.i386.rpm
8be650d47e7f34cc6b63b8e2321cf2eb
i386/xorg-x11-Xvfb-6.7.0-14.i386.rpm
41adbaea8de3dee2f6a2698a73d875ff
i386/xorg-x11-sdk-6.7.0-14.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the ‘up2date’ command.
Fedora Update Notification
FEDORA-2005-273
2005-03-29
Product : Fedora Core 3
Name : xorg-x11
Version : 6.8.2
Release : 1.FC3.13
Summary : The basic fonts, programs and docs for an X
workstation.
Description :
X.org X11 is an open source implementation of the X Window System.
It provides the basic low level functionality which full fledged
graphical user interfaces (GUIs) such as GNOME and KDE are designed
upon.
Update Information:
An integer overflow flaw was found in libXpm, which is used by
some applications for loading of XPM images. An attacker could
create a malicious XPM file that would execute arbitrary code if
opened by a victim using an application linked to the vulnerable
library. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name
CAN-2005-0605 to this issue.
Futhermore, this updates the Fedora Core 3 X.org packages to the
6.8.2 maintenance release, which includes a large number of bug
fixes:
http://xorg.freedesktop.org/wiki/X11R682Release
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
94366578adb65612201728ef9ab1bd55
SRPMS/xorg-x11-6.8.2-1.FC3.13.src.rpm
f5206f5e0ef0ba672f25455af5f0d57a
x86_64/xorg-x11-6.8.2-1.FC3.13.x86_64.rpm
7ca91351cde46271ced109127e32445c
x86_64/xorg-x11-devel-6.8.2-1.FC3.13.x86_64.rpm
3c1a1ff519f0ada181791769f5fa317e
x86_64/xorg-x11-deprecated-libs-devel-6.8.2-1.FC3.13.x86_64.rpm
92e89e566fc6618245318b7fa4034ee6
x86_64/xorg-x11-font-utils-6.8.2-1.FC3.13.x86_64.rpm
13ff89b32d789d7a3dd3e87d9d4f7991
x86_64/xorg-x11-xfs-6.8.2-1.FC3.13.x86_64.rpm
9e75b9b0e32b1b58e6b235ee33809c41
x86_64/xorg-x11-twm-6.8.2-1.FC3.13.x86_64.rpm
cc264ec7b1c14271e346f72b21fd5a87
x86_64/xorg-x11-xdm-6.8.2-1.FC3.13.x86_64.rpm
d9eec089b430a0cbcd8be6aff2a5de85
x86_64/xorg-x11-libs-6.8.2-1.FC3.13.x86_64.rpm
3af6857ae01305df21c29c2f4fb44d2e
x86_64/xorg-x11-deprecated-libs-6.8.2-1.FC3.13.x86_64.rpm
a67e229ca44e3919a36cbe6fce01775c
x86_64/xorg-x11-doc-6.8.2-1.FC3.13.x86_64.rpm
f357a1344a59fea10207b7b49dd6003b
x86_64/xorg-x11-Xdmx-6.8.2-1.FC3.13.x86_64.rpm
53e42bac132fb395ebea33994d70e53d
x86_64/xorg-x11-Xnest-6.8.2-1.FC3.13.x86_64.rpm
72e0cbfba322f1e240685b361cf2537c
x86_64/xorg-x11-tools-6.8.2-1.FC3.13.x86_64.rpm
2ce584c855b0f1cc1ac4db8780b25ae3
x86_64/xorg-x11-xauth-6.8.2-1.FC3.13.x86_64.rpm
546248e8a4c711e534b2c6fe5f5736ad
x86_64/xorg-x11-Mesa-libGL-6.8.2-1.FC3.13.x86_64.rpm
07149a3e65259666f7364aa5e6ca36c2
x86_64/xorg-x11-Mesa-libGLU-6.8.2-1.FC3.13.x86_64.rpm
e119760d056fd141c22efb422c33bfd3
x86_64/xorg-x11-Xvfb-6.8.2-1.FC3.13.x86_64.rpm
5aa92c62145317639586854a7529e408
x86_64/xorg-x11-sdk-6.8.2-1.FC3.13.x86_64.rpm
d42f17f76c9ff4171b7003ef2844ff46
x86_64/xorg-x11-devel-6.8.2-1.FC3.13.i386.rpm
a1106b41ab938b60ae31a6030ce2ae69
x86_64/xorg-x11-libs-6.8.2-1.FC3.13.i386.rpm
1befcda39823dc6ff70be791f9ebe8fb
x86_64/xorg-x11-deprecated-libs-6.8.2-1.FC3.13.i386.rpm
85a86b438f512a8f608a03a7d26c7ccb
x86_64/xorg-x11-Mesa-libGL-6.8.2-1.FC3.13.i386.rpm
ca913c4a6d5d06d5c3474a3da83b726c
x86_64/xorg-x11-Mesa-libGLU-6.8.2-1.FC3.13.i386.rpm
a9589a414fd18a04c436549d622eb064
i386/xorg-x11-6.8.2-1.FC3.13.i386.rpm
d42f17f76c9ff4171b7003ef2844ff46
i386/xorg-x11-devel-6.8.2-1.FC3.13.i386.rpm
9002eb404a7018c70306af2ac821aa30
i386/xorg-x11-deprecated-libs-devel-6.8.2-1.FC3.13.i386.rpm
f99acd9ceb6cbfd2d57e2c7b31ce89ef
i386/xorg-x11-font-utils-6.8.2-1.FC3.13.i386.rpm
ed74e8cd8d2a360baf8daba04d14d409
i386/xorg-x11-xfs-6.8.2-1.FC3.13.i386.rpm
7f4fbd7f2eea4ebbe1e6e7c42215714c
i386/xorg-x11-twm-6.8.2-1.FC3.13.i386.rpm
4582c9a5650832884660187eac3bb136
i386/xorg-x11-xdm-6.8.2-1.FC3.13.i386.rpm
a1106b41ab938b60ae31a6030ce2ae69
i386/xorg-x11-libs-6.8.2-1.FC3.13.i386.rpm
1befcda39823dc6ff70be791f9ebe8fb
i386/xorg-x11-deprecated-libs-6.8.2-1.FC3.13.i386.rpm
5169a66fe5a367a60b2635c4be98ab9b
i386/xorg-x11-doc-6.8.2-1.FC3.13.i386.rpm
1af9bb7976c506df46967105053e9ef7
i386/xorg-x11-Xdmx-6.8.2-1.FC3.13.i386.rpm
80dca4903e83c67f2666fd8f56aef393
i386/xorg-x11-Xnest-6.8.2-1.FC3.13.i386.rpm
37f9361bd2b9b085375c4b9689b499e2
i386/xorg-x11-tools-6.8.2-1.FC3.13.i386.rpm
831a10dfe3e76c21b48e0a578a0542f4
i386/xorg-x11-xauth-6.8.2-1.FC3.13.i386.rpm
85a86b438f512a8f608a03a7d26c7ccb
i386/xorg-x11-Mesa-libGL-6.8.2-1.FC3.13.i386.rpm
ca913c4a6d5d06d5c3474a3da83b726c
i386/xorg-x11-Mesa-libGLU-6.8.2-1.FC3.13.i386.rpm
28c10ea5794c39d0d299ad317d0a6749
i386/xorg-x11-Xvfb-6.8.2-1.FC3.13.i386.rpm
e91fd9c112fe3859abf46b336d2dc623
i386/xorg-x11-sdk-6.8.2-1.FC3.13.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the ‘up2date’ command.
Fedora Update Notification
FEDORA-2005-274
2005-03-30
Product : Fedora Core 3
Name : telnet
Version : 0.17
Release : 32.FC3.2
Summary : The client program for the telnet remote login
protocol.
Description :
Telnet is a popular protocol for logging into remote systems over
the Internet. The telnet package provides a command line telnet
client.
Update Information:
Two buffer overflow flaws were discovered in the way the telnet
client handles messages from a server. An attacker may be able to
execute arbitrary code on a victim’s machine if the victim can be
tricked into connecting to a malicious telnet server. The Common
Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the names
CAN-2005-0468 and CAN-2005-0469 to these issues.
Red Hat would like to thank iDEFENSE for their responsible
disclosure of this issue.
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
89834e05dfaaf87030241f12a8d43622
SRPMS/telnet-0.17-32.FC3.2.src.rpm
9ffe815c3d82132847f6f243662d8689
x86_64/telnet-0.17-32.FC3.2.x86_64.rpm
70c70de3253e43c621e1bd753ad85ac8
x86_64/telnet-server-0.17-32.FC3.2.x86_64.rpm
299a0a1ddc2f575b14509757a8e352fa
x86_64/debug/telnet-debuginfo-0.17-32.FC3.2.x86_64.rpm
317a655b172288cfc0615b1a06fd2e07
i386/telnet-0.17-32.FC3.2.i386.rpm
a51075465fe35429b26f83df4e1888b5
i386/telnet-server-0.17-32.FC3.2.i386.rpm
0f90b3b223e4a5286882f29d2ddc39dc
i386/debug/telnet-debuginfo-0.17-32.FC3.2.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the ‘up2date’ command.
Fedora Update Notification
FEDORA-2005-275
2005-03-30
Product : Fedora Core 2
Name : squid
Version : 2.5.STABLE9
Release : 1.FC2.2
Summary : The Squid proxy caching server.
Description :
Squid is a high-performance proxy caching server for Web clients,
supporting FTP, gopher, and HTTP data objects. Unlike traditional
caching software, Squid handles all requests in a single,
non-blocking, I/O-driven process. Squid keeps meta data and
especially hot objects cached in RAM, caches DNS lookups, supports
non-blocking DNS lookups, and implements negative caching of failed
requests.
Squid consists of a main server program squid, a Domain Name
System lookup program (dnsserver), a program for retrieving FTP
data (ftpget), and some management and client tools.
Note that squid-2.5.STABLE7 and later do not use
/etc/squid/errors for error messages. If you do not want to use the
default English error messages, you must set the error_directory in
your /etc/squid/squid.conf to the appropriate subdirectory of
/usr/share/squid/errors
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
4f87823cc8d2e7dbbd1c6f0bc390c7a5
SRPMS/squid-2.5.STABLE9-1.FC2.2.src.rpm
e60b6b22ae7af50eca46e621155cfd90
x86_64/squid-2.5.STABLE9-1.FC2.2.x86_64.rpm
899e5cf5ee75a51ea8c2256bf4c2e205
x86_64/debug/squid-debuginfo-2.5.STABLE9-1.FC2.2.x86_64.rpm
f4bf9886e9c100e0ac9bf17b2e40f7d4
i386/squid-2.5.STABLE9-1.FC2.2.i386.rpm
9c06c585c6d113a154e99f8573c530dd
i386/debug/squid-debuginfo-2.5.STABLE9-1.FC2.2.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the ‘up2date’ command.
Fedora Update Notification
FEDORA-2005-276
2005-03-30
Product : Fedora Core 3
Name : squid
Version : 2.5.STABLE9
Release : 1.FC3.4
Summary : The Squid proxy caching server.
Description :
Squid is a high-performance proxy caching server for Web clients,
supporting FTP, gopher, and HTTP data objects. Unlike traditional
caching software, Squid handles all requests in a single,
non-blocking, I/O-driven process. Squid keeps meta data and
especially hot objects cached in RAM, caches DNS lookups, supports
non-blocking DNS lookups, and implements negative caching of failed
requests.
Squid consists of a main server program squid, a Domain Name
System lookup program (dnsserver), a program for retrieving FTP
data (ftpget), and some management and client tools.
Note that squid-2.5.STABLE7 and later do not use
/etc/squid/errors for error messages. If you do not want to use the
default English error messages, you must set the error_directory in
your /etc/squid/squid.conf to the appropriate subdirectory of
/usr/share/squid/errors
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
402440397d0a352c5539cf99a1277ab7
SRPMS/squid-2.5.STABLE9-1.FC3.4.src.rpm
f41d841e3c2ad7cde69896f0efb9b243
x86_64/squid-2.5.STABLE9-1.FC3.4.x86_64.rpm
ceeb68cf5c12194835240059d08215db
x86_64/debug/squid-debuginfo-2.5.STABLE9-1.FC3.4.x86_64.rpm
8857ae1347c3592347fc7caef24baf56
i386/squid-2.5.STABLE9-1.FC3.4.i386.rpm
a08fb359713307d62edc738317dcd85c
i386/debug/squid-debuginfo-2.5.STABLE9-1.FC3.4.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the ‘up2date’ command.
Fedora Update Notification
FEDORA-2005-277
2005-03-30
Product : Fedora Core 2
Name : telnet
Version : 0.17
Release : 28.FC2.1
Summary : The client program for the telnet remote login
protocol.
Description :
Telnet is a popular protocol for logging into remote systems over
the Internet. The telnet package provides a command line telnet
client.
Update Information:
Two buffer overflow flaws were discovered in the way the telnet
client handles messages from a server. An attacker may be able to
execute arbitrary code on a victim’s machine if the victim can be
tricked into connecting to a malicious telnet server. The Common
Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the names
CAN-2005-0468 and CAN-2005-0469 to these issues.
Red Hat would like to thank iDEFENSE for their responsible
disclosure of this issue.
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
24aa5985deaa986141292837ba73249b
SRPMS/telnet-0.17-28.FC2.1.src.rpm
2fc2868d96e97260cfbae7f9b6557c02
x86_64/telnet-0.17-28.FC2.1.x86_64.rpm
536604c795642bdf90c1568a8c2db5a5
x86_64/telnet-server-0.17-28.FC2.1.x86_64.rpm
827d2014eacad235de5f0b7c0be5e716
x86_64/debug/telnet-debuginfo-0.17-28.FC2.1.x86_64.rpm
81b0c394c3d9fb8b852d3a847c11cf02
i386/telnet-0.17-28.FC2.1.i386.rpm
d1e36e266c88b50d0e1b4f879a981786
i386/telnet-server-0.17-28.FC2.1.i386.rpm
8fd31e10878d243a4b0f6d3e3e6d3b25
i386/debug/telnet-debuginfo-0.17-28.FC2.1.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the ‘up2date’ command.
Gentoo Linux Security Advisory GLSA 200503-35
Severity: High
Title: Smarty: Template vulnerability
Date: March 30, 2005
Bugs: #86488
ID: 200503-35
Smarty’s “Template security” feature can be bypassed,
potentially allowing a remote attacker to execute arbitrary PHP
code.
Smarty is a template engine for PHP. The “template security”
feature of Smarty is designed to help reduce the risk of a system
compromise when you have untrusted parties editing templates.
Package / Vulnerable / Unaffected
1 dev-php/smarty < 2.6.8 >= 2.6.8
A vulnerability has been discovered within the regex_replace
modifier of the Smarty templates when allowing access to untrusted
users.
This issue may allow a remote attacker to bypass the “template
security” feature of Smarty, and execute arbitrary PHP code.
Do not grant template access to untrusted users.
All Smarty users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-php/smarty-2.6.8"
[ 1 ] Smarty ChangeLog
http://smarty.php.net/misc/NEWS
This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200503-35.xml
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or
alternatively, you may file a bug at http://bugs.gentoo.org.
Copyright 2005 Gentoo Foundation, Inc; referenced text belongs
to its owner(s).
The contents of this document are licensed under the Creative
Commons – Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.0
Mandrakelinux Security Update Advisory
Package name: krb5
Advisory ID: MDKSA-2005:061
Date: March 29th, 2005
Affected versions: 10.0, 10.1, Corporate 3.0, Corporate Server
2.1
Problem Description:
Two buffer overflow issues were discovered in the way telnet
clients handle messages from a server. Because of these issues, an
attacker may be able to execute arbitray code on the victim’s
machine if the victim can be tricked into connecting to a malicious
telnet server. The Kerberos package contains a telnet client and is
patched to deal with these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0468
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0469
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-001-telnet.txt
Updated Packages:
Mandrakelinux 10.0:
d216766af945b3213fa495721eed9457
10.0/RPMS/ftp-client-krb5-1.3-6.5.100mdk.i586.rpm
4655dcb4b78bbdb435b07647516197a6
10.0/RPMS/ftp-server-krb5-1.3-6.5.100mdk.i586.rpm
4875bd7e3527e46a14d03715981debd1
10.0/RPMS/krb5-server-1.3-6.5.100mdk.i586.rpm
a56ef2f2bdf568b60b1755edf5bf029d
10.0/RPMS/krb5-workstation-1.3-6.5.100mdk.i586.rpm
83810da26099bef4f9f62dda0bfaac25
10.0/RPMS/libkrb51-1.3-6.5.100mdk.i586.rpm
f8ddb6ad7c7c00b73705deb466ec6bd6
10.0/RPMS/libkrb51-devel-1.3-6.5.100mdk.i586.rpm
61d0f706174d181aa85c50e20f6fb5c8
10.0/RPMS/telnet-client-krb5-1.3-6.5.100mdk.i586.rpm
79e059ee2cc3d074a20b91ce7143ac81
10.0/RPMS/telnet-server-krb5-1.3-6.5.100mdk.i586.rpm
ec23fa86417932cf45135d0893f0c110
10.0/SRPMS/krb5-1.3-6.5.100mdk.src.rpm
Mandrakelinux 10.0/AMD64:
26c8933dd197c552b0f7ea1df7bae8a8
amd64/10.0/RPMS/ftp-client-krb5-1.3-6.5.100mdk.amd64.rpm
4bde97f1286a8dafa48ee43f4302f193
amd64/10.0/RPMS/ftp-server-krb5-1.3-6.5.100mdk.amd64.rpm
fdaa11624a29da312e3924016469eefc
amd64/10.0/RPMS/krb5-server-1.3-6.5.100mdk.amd64.rpm
33d0343e61194c4bb0229df79e6fed26
amd64/10.0/RPMS/krb5-workstation-1.3-6.5.100mdk.amd64.rpm
828b1af5ad010a37732e37f8007bbc47
amd64/10.0/RPMS/lib64krb51-1.3-6.5.100mdk.amd64.rpm
b3e0ecc91df33626c4122ab1fb3d0ea9
amd64/10.0/RPMS/lib64krb51-devel-1.3-6.5.100mdk.amd64.rpm
068087c8e22ebff7328b2a9ade91a9bc
amd64/10.0/RPMS/telnet-client-krb5-1.3-6.5.100mdk.amd64.rpm
a263757976186907b1a2645fbe315e0e
amd64/10.0/RPMS/telnet-server-krb5-1.3-6.5.100mdk.amd64.rpm
ec23fa86417932cf45135d0893f0c110
amd64/10.0/SRPMS/krb5-1.3-6.5.100mdk.src.rpm
Mandrakelinux 10.1:
819e71fe8e2830787b2e808455b02821
10.1/RPMS/ftp-client-krb5-1.3.4-2.2.101mdk.i586.rpm
3a48e58ff59a5712778242d376741386
10.1/RPMS/ftp-server-krb5-1.3.4-2.2.101mdk.i586.rpm
ba2b20121bc71355e6c8107c69cbf0d0
10.1/RPMS/krb5-server-1.3.4-2.2.101mdk.i586.rpm
f7aeec8d096cd901112e5d2200de456f
10.1/RPMS/krb5-workstation-1.3.4-2.2.101mdk.i586.rpm
29049325af00777f56ec2f28cd8db39a
10.1/RPMS/libkrb53-1.3.4-2.2.101mdk.i586.rpm
2adb15276ecbf76e60d851999fab9a1d
10.1/RPMS/libkrb53-devel-1.3.4-2.2.101mdk.i586.rpm
caf892a19e7be7e745ef8e9aa75789c0
10.1/RPMS/telnet-client-krb5-1.3.4-2.2.101mdk.i586.rpm
7bc66dfe0330642b5d75fdd34f7b06e5
10.1/RPMS/telnet-server-krb5-1.3.4-2.2.101mdk.i586.rpm
10b2b7dbc3d5f8cc59c89603d295cfaf
10.1/SRPMS/krb5-1.3.4-2.2.101mdk.src.rpm
Mandrakelinux 10.1/X86_64:
23d8a6b17b39f9381e9b0dd7793ab7b8
x86_64/10.1/RPMS/ftp-client-krb5-1.3.4-2.2.101mdk.x86_64.rpm
a008345d73abf100b15cad0087f01072
x86_64/10.1/RPMS/ftp-server-krb5-1.3.4-2.2.101mdk.x86_64.rpm
18a341812ca08af8bd5c494db3ec5ff3
x86_64/10.1/RPMS/krb5-server-1.3.4-2.2.101mdk.x86_64.rpm
28714dcb521545d74438c91ab3794815
x86_64/10.1/RPMS/krb5-workstation-1.3.4-2.2.101mdk.x86_64.rpm
035cba17cbc35bd3d822d3758a2698dd
x86_64/10.1/RPMS/lib64krb53-1.3.4-2.2.101mdk.x86_64.rpm
fc77f44380cfdd2bd1819e8bd8492561
x86_64/10.1/RPMS/lib64krb53-devel-1.3.4-2.2.101mdk.x86_64.rpm
90f2d0b38cbf9af1d587972cc68d1d6d
x86_64/10.1/RPMS/telnet-client-krb5-1.3.4-2.2.101mdk.x86_64.rpm
826a853d8dc641bd8bfb28199bbaa64a
x86_64/10.1/RPMS/telnet-server-krb5-1.3.4-2.2.101mdk.x86_64.rpm
10b2b7dbc3d5f8cc59c89603d295cfaf
x86_64/10.1/SRPMS/krb5-1.3.4-2.2.101mdk.src.rpm
Corporate Server 2.1:
486bdb41d4354eed4fcf58eb52a82fa9
corporate/2.1/RPMS/ftp-client-krb5-1.2.5-1.9.C21mdk.i586.rpm
55cc181680ac84751723deb93719decc
corporate/2.1/RPMS/ftp-server-krb5-1.2.5-1.9.C21mdk.i586.rpm
c98550fca5f3eeeabf62a86ddbf92a07
corporate/2.1/RPMS/krb5-devel-1.2.5-1.9.C21mdk.i586.rpm
b8bb87ae54bdb56458c3388fecb63d6f
corporate/2.1/RPMS/krb5-libs-1.2.5-1.9.C21mdk.i586.rpm
b8763fea4c3c156938ba784a3edf51b9
corporate/2.1/RPMS/krb5-server-1.2.5-1.9.C21mdk.i586.rpm
e6a0318b748f65a0507f8c16bc23dc49
corporate/2.1/RPMS/krb5-workstation-1.2.5-1.9.C21mdk.i586.rpm
327c046ca43c40ab9794398f20a5b38f
corporate/2.1/RPMS/telnet-client-krb5-1.2.5-1.9.C21mdk.i586.rpm
a82c3b4f9eb67504899c5f3f281d9fe5
corporate/2.1/RPMS/telnet-server-krb5-1.2.5-1.9.C21mdk.i586.rpm
259065ab96525bc8d7b77d4c25e13f4b
corporate/2.1/SRPMS/krb5-1.2.5-1.9.C21mdk.src.rpm
Corporate Server 2.1/X86_64:
f6d4eff2a3feb87000460ca695bd51de
x86_64/corporate/2.1/RPMS/ftp-client-krb5-1.2.5-1.9.C21mdk.x86_64.rpm
255d0bc8c3244b27431d226d4999f6d6
x86_64/corporate/2.1/RPMS/ftp-server-krb5-1.2.5-1.9.C21mdk.x86_64.rpm
240f422fe36e908fcb26e90f9170fbc3
x86_64/corporate/2.1/RPMS/krb5-devel-1.2.5-1.9.C21mdk.x86_64.rpm
772fed2dada99bd8d2ac4643731cf739
x86_64/corporate/2.1/RPMS/krb5-libs-1.2.5-1.9.C21mdk.x86_64.rpm
26b555deaeced633f99b388c9e03e18b
x86_64/corporate/2.1/RPMS/krb5-server-1.2.5-1.9.C21mdk.x86_64.rpm
e2f5e23567066ef2546f7c2ce9e1cd8f
x86_64/corporate/2.1/RPMS/krb5-workstation-1.2.5-1.9.C21mdk.x86_64.rpm
45279cc9a731458a3720a38c99e6f4c3
x86_64/corporate/2.1/RPMS/telnet-client-krb5-1.2.5-1.9.C21mdk.x86_64.rpm
214b7f27352dc9ebf55633422f9572cc
x86_64/corporate/2.1/RPMS/telnet-server-krb5-1.2.5-1.9.C21mdk.x86_64.rpm
259065ab96525bc8d7b77d4c25e13f4b
x86_64/corporate/2.1/SRPMS/krb5-1.2.5-1.9.C21mdk.src.rpm
Corporate 3.0:
28d851910a75805853c5c39cba4fffea
corporate/3.0/RPMS/ftp-client-krb5-1.3-6.5.C30mdk.i586.rpm
ac605c26e631edf484d62d8d97ddda69
corporate/3.0/RPMS/ftp-server-krb5-1.3-6.5.C30mdk.i586.rpm
c666ec50bdf3a3044ef0f7248ee8e56e
corporate/3.0/RPMS/krb5-server-1.3-6.5.C30mdk.i586.rpm
e7713877b0e4a4fa6ec709b9fd5e702b
corporate/3.0/RPMS/krb5-workstation-1.3-6.5.C30mdk.i586.rpm
bb77997163c45e09fc31b15d46139525
corporate/3.0/RPMS/libkrb51-1.3-6.5.C30mdk.i586.rpm
283c5da56f61674465641cfb354dc491
corporate/3.0/RPMS/libkrb51-devel-1.3-6.5.C30mdk.i586.rpm
405188eb42b03830b8b11c63e36cda97
corporate/3.0/RPMS/telnet-client-krb5-1.3-6.5.C30mdk.i586.rpm
0d4f11a5eb627b9e67781d0497cfadb4
corporate/3.0/RPMS/telnet-server-krb5-1.3-6.5.C30mdk.i586.rpm
c38d8569fd587baf9f7d45db41fe5c93
corporate/3.0/SRPMS/krb5-1.3-6.5.C30mdk.src.rpm
Corporate 3.0/X86_64:
405fd1d117ce34ce2ed7c19f3fc0f014
x86_64/corporate/3.0/RPMS/ftp-client-krb5-1.3-6.5.C30mdk.x86_64.rpm
e6b5b0dd59bc08bfd1459ce4857a7776
x86_64/corporate/3.0/RPMS/ftp-server-krb5-1.3-6.5.C30mdk.x86_64.rpm
22b5a0f8b3c83ddb3231ea7ce4fbc736
x86_64/corporate/3.0/RPMS/krb5-server-1.3-6.5.C30mdk.x86_64.rpm
1027fec85d3450f7b2144d1578f4b0f6
x86_64/corporate/3.0/RPMS/krb5-workstation-1.3-6.5.C30mdk.x86_64.rpm
96113ec9be72c272cdfeddcd6c2328ad
x86_64/corporate/3.0/RPMS/lib64krb51-1.3-6.5.C30mdk.x86_64.rpm
733bfb924f9f743d6c9a303e2d6b6ece
x86_64/corporate/3.0/RPMS/lib64krb51-devel-1.3-6.5.C30mdk.x86_64.rpm
5970d9cd024f5397d985acada35fffcd
x86_64/corporate/3.0/RPMS/telnet-client-krb5-1.3-6.5.C30mdk.x86_64.rpm
c856eeb8859708c5345a5a19506a3a89
x86_64/corporate/3.0/RPMS/telnet-server-krb5-1.3-6.5.C30mdk.x86_64.rpm
c38d8569fd587baf9f7d45db41fe5c93
x86_64/corporate/3.0/SRPMS/krb5-1.3-6.5.C30mdk.src.rpm
To upgrade automatically use MandrakeUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.
All packages are signed by Mandrakesoft for security. You can
obtain the GPG public key of the Mandrakelinux Security Team by
executing:
gpg –recv-keys –keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandrakelinux at:
http://www.mandrakesoft.com/security/advisories
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
<security linux-mandrake.com>
Web Webster has more than 20 years of writing and editorial experience in the tech sector. He’s written and edited news, demand generation, user-focused, and thought leadership content for business software solutions, consumer tech, and Linux Today, he edits and writes for a portfolio of tech industry news and analysis websites including webopedia.com, and DatabaseJournal.com.
LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.