Debian GNU/Linux
Debian Security Advisory DSA 1220-1 security@debian.org
http://www.debian.org/security/
Moritz Muehlenhoff
November 26th, 2006 http://www.debian.org/security/faq
Package : pstotext
Vulnerability : insecure file name quoting
Problem-Type : local(remote)
Debian-specific: no
CVE ID : CVE-2006-5869
Debian Bug : 356988
Brian May discovered that pstotext, a utility to extract plain
text from Postscript and PDF files, performs insufficient quoting
of file names, which allows execution of arbitrary shell
commands.
For the stable distribution (sarge) this problem has been fixed
in version 1.9-1sarge2. The build for the mipsel architecture is
not yet available due to technical problems with the build
host.
For the upcoming stable distribution (etch) this problem has
been fixed in version 1.9-4.
For the unstable distribution (sid) this problem has been fixed
in version 1.9-4.
We recommend that you upgrade your pstotext package.
Upgrade Instructions
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
Source archives:
http://security.debian.org/pool/updates/main/p/pstotext/pstotext_1.9-1sarge2.dsc
Size/MD5 checksum: 566
56e79abcf02e841e78267bda1faff734
http://security.debian.org/pool/updates/main/p/pstotext/pstotext_1.9-1sarge2.diff.gz
Size/MD5 checksum: 8857
4efb7277f17fca5ebd20573d93b11a83
http://security.debian.org/pool/updates/main/p/pstotext/pstotext_1.9.orig.tar.gz
Size/MD5 checksum: 37461
64576e8a10ff5514e285d98b3898ae78
Alpha architecture:
http://security.debian.org/pool/updates/main/p/pstotext/pstotext_1.9-1sarge2_alpha.deb
Size/MD5 checksum: 34218
57b121ba1a0f5d53412ab5587c611d68
AMD64 architecture:
http://security.debian.org/pool/updates/main/p/pstotext/pstotext_1.9-1sarge2_amd64.deb
Size/MD5 checksum: 33872
cc72441f0565d8225ae1e97a7df34a82
ARM architecture:
http://security.debian.org/pool/updates/main/p/pstotext/pstotext_1.9-1sarge2_arm.deb
Size/MD5 checksum: 32532
9a3cf4674a2632ac1742551cb27cbe39
HP Precision architecture:
http://security.debian.org/pool/updates/main/p/pstotext/pstotext_1.9-1sarge2_hppa.deb
Size/MD5 checksum: 34492
f8a9db92d0ad4d81d58fcc6e763faf47
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/p/pstotext/pstotext_1.9-1sarge2_i386.deb
Size/MD5 checksum: 32864
13c32d5164243e60e2ef00878c973c2f
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/p/pstotext/pstotext_1.9-1sarge2_ia64.deb
Size/MD5 checksum: 38038
dcfae670ad3dd9911d5085bcc177a8eb
Motorola 680×0 architecture:
http://security.debian.org/pool/updates/main/p/pstotext/pstotext_1.9-1sarge2_m68k.deb
Size/MD5 checksum: 31552
9dcd158543df00f1a13012647ec842bb
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/p/pstotext/pstotext_1.9-1sarge2_mips.deb
Size/MD5 checksum: 34404
32922b44fef79abce8ca78587eb55453
PowerPC architecture:
http://security.debian.org/pool/updates/main/p/pstotext/pstotext_1.9-1sarge2_powerpc.deb
Size/MD5 checksum: 33636
75f0beb7494479f926c19a1f7e2b8297
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/p/pstotext/pstotext_1.9-1sarge2_s390.deb
Size/MD5 checksum: 33218
096e0022136b767152d2da4a1563edc5
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/p/pstotext/pstotext_1.9-1sarge2_sparc.deb
Size/MD5 checksum: 33246
5e47a79b9092cae3878294f49bf211c2
These files will probably be moved into the stable distribution
on its next update.
For apt-get: deb http://security.debian.org/
stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security
dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>’ and http://packages.debian.org/<pkg>
Gentoo Linux
Gentoo Linux Security Advisory GLSA 200611-17
Severity: Normal
Title: fvwm: fvwm-menu-directory fvwm command injection
Date: November 23, 2006
Bugs: #155078
ID: 200611-17
Synopsis
A flaw in fvwm-menu-directory may permit a local attacker to
execute arbitrary commands with the privileges of another user.
Background
fvwm is a highly configurable virtual window manager for X11
desktops. fvwm-menu-directory allows fvwm users to browse
directories from within fvwm.
Affected packages
Package / Vulnerable / Unaffected
1 x11-wm/fvwm < 2.5.18-r1 >= 2.5.18-r1
Description
Tavis Ormandy of the Gentoo Linux Security Audit Team discovered
that fvwm-menu-directory does not sufficiently sanitise directory
names prior to generating menus.
Impact
A local attacker who can convince an fvwm-menu-directory user to
browse a directory they control could cause fvwm commands to be
executed with the privileges of the fvwm user. Fvwm commands can be
used to execute arbitrary shell commands.
Workaround
There is no known workaround at this time.
Resolution
All fvwm users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=x11-wm/fvwm-2.5.18-r1"
References
[ 1 ] CVE-2006-5969
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5969
Availability
This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200611-17.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or
alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs
to its owner(s).
The contents of this document are licensed under the Creative
Commons – Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Gentoo Linux Security Advisory GLSA 200611-18
Severity: Normal
Title: TIN: Multiple buffer overflows
Date: November 24, 2006
Bugs: #150229
ID: 200611-18
Synopsis
Multiple buffer overflows have been reported in TIN, possibly
leading to the execution of arbitrary code.
Background
TIN is a threaded NNTP and spool based UseNet newsreader for a
variety of platforms.
Affected packages
Package / Vulnerable / Unaffected
1 net-nntp/tin < 1.8.2 >= 1.8.2
Description
Urs Janssen and Aleksey Salow have reported multiple buffer
overflows in TIN. Additionally, the OpenPKG project has reported an
allocation off-by-one flaw which can lead to a buffer overflow.
Impact
An attacker could entice a TIN user to read a specially crafted
news article, and execute arbitrary code with the rights of the
user running TIN.
Workaround
There is no known workaround at this time.
Resolution
All TIN users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-nntp/tin-1.8.2"
References
[ 1 ] OpenPKG Advisory
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.005-tin.html
[ 2 ] CVE-2006-0804
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0804
Availability
This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200611-18.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or
alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs
to its owner(s).
The contents of this document are licensed under the Creative
Commons – Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Gentoo Linux Security Advisory GLSA 200611-19
Severity: Normal
Title: ImageMagick: PALM and DCM buffer overflows
Date: November 24, 2006
Bugs: #152672
ID: 200611-19
Synopsis
ImageMagick improperly handles PALM and DCM images, potentially
resulting in the execution of arbitrary code.
Background
ImageMagick is a software suite to create, edit, and compose
bitmap images, that can also read, write, and convert images in
many other formats.
Affected packages
Package / Vulnerable / Unaffected
1 media-gfx/imagemagick < 6.3.0.5 >= 6.3.0.5
Description
M. Joonas Pihlaja has reported that a boundary error exists
within the ReadDCMImage() function of coders/dcm.c, causing the
improper handling of DCM images. Pihlaja also reported that there
are several boundary errors in the ReadPALMImage() function of
coders/palm.c, similarly causing the improper handling of PALM
images.
Impact
An attacker could entice a user to open a specially crafted DCM
or PALM image with ImageMagick, and possibly execute arbitrary code
with the privileges of the user running ImageMagick.
Workaround
There is no known workaround at this time.
Resolution
All ImageMagick users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=media-gfx/imagemagick-6.3.0.5"
References
[ 1 ] CVE-2006-5456
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5456
Availability
This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200611-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or
alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs
to its owner(s).
The contents of this document are licensed under the Creative
Commons – Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Gentoo Linux Security Advisory GLSA 200611-20
Severity: Normal
Title: GNU gv: Stack overflow
Date: November 24, 2006
Bugs: #154573
ID: 200611-20
Synopsis
GNU gv improperly handles user-supplied data possibly allowing
for the execution of arbitrary code.
Background
GNU gv is a viewer for PostScript and PDF documents.
Affected packages
Package / Vulnerable / Unaffected
1 app-text/gv < 3.6.2-r1 >= 3.6.2-r1
Description
GNU gv does not properly boundary check user-supplied data
before copying it into process buffers.
Impact
An attacker could entice a user to open a specially crafted
document with GNU gv and execute arbitrary code with the rights of
the user on the system.
Workaround
There is no known workaround at this time.
Resolution
All gv users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/gv-3.6.2-r1"
References
[ 1 ] CVE-2006-5864
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5864
Availability
This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200611-20.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or
alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs
to its owner(s).
The contents of this document are licensed under the Creative
Commons – Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Mandriva Linux
Mandriva Linux Security Advisory MDKSA-2006:208-1
http://www.mandriva.com/security/
Package : openldap
Date : November 21, 2006
Affected: Corporate 4.0
Problem Description:
An unspecified vulnerability in OpenLDAP allows remote attackers
to cause a denial of service (daemon crash) via a certain
combination of SASL Bind requests that triggers an assertion
failure in libldap.
Packages have been patched to correct this issue.
Update:
Packages for Corp4 were built from the wrong src.rpm, breaking
Heimdal Kerboros and possibly other support. Updated packages are
being provided to correct this issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5779
Updated Packages:
Corporate 4.0:
272efe4fb9ea4dfd82bdf9dc396544f2
corporate/4.0/i586/libldap2.3_0-2.3.27-1.2.20060mlcs4.i586.rpm
c938570eaa2f35720e51c10f0229f046
corporate/4.0/i586/libldap2.3_0-devel-2.3.27-1.2.20060mlcs4.i586.rpm
725ae4b4369e685db80a05a98d25ce34
corporate/4.0/i586/libldap2.3_0-static-devel-2.3.27-1.2.20060mlcs4.i586.rpm
8f3ae006488a7f239c544e99cc32ff54
corporate/4.0/i586/openldap-2.3.27-1.2.20060mlcs4.i586.rpm
aff2fcffa4e1fdf341954531273a24b5
corporate/4.0/i586/openldap-clients-2.3.27-1.2.20060mlcs4.i586.rpm
30025ae0794372d1cf0b8f690d2437c0
corporate/4.0/i586/openldap-doc-2.3.27-1.2.20060mlcs4.i586.rpm
2caf9b165be747d47379de69cabb6c85
corporate/4.0/i586/openldap-servers-2.3.27-1.2.20060mlcs4.i586.rpm
a743b7e2980cc647a03c0b164d919056
corporate/4.0/SRPMS/openldap-2.3.27-1.2.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
e0e14d15ac3d5e3289741b7d9cdaf49b
corporate/4.0/x86_64/lib64ldap2.3_0-2.3.27-1.2.20060mlcs4.x86_64.rpm
cf663a417761ba7164459eaedfd9e70e
corporate/4.0/x86_64/lib64ldap2.3_0-devel-2.3.27-1.2.20060mlcs4.x86_64.rpm
ed535216119821e63473f6f0f349ba1a
corporate/4.0/x86_64/lib64ldap2.3_0-static-devel-2.3.27-1.2.20060mlcs4.x86_64.rpm
153411b3f4f39e77dd7e5c37de79217b
corporate/4.0/x86_64/openldap-2.3.27-1.2.20060mlcs4.x86_64.rpm
de2dbf35e5dd78ddcd4f9c38e3c2093a
corporate/4.0/x86_64/openldap-clients-2.3.27-1.2.20060mlcs4.x86_64.rpm
344c24cb39357180d333da9615862c16
corporate/4.0/x86_64/openldap-doc-2.3.27-1.2.20060mlcs4.x86_64.rpm
eb89fcde11209131b7eb0031aaabc5c2
corporate/4.0/x86_64/openldap-servers-2.3.27-1.2.20060mlcs4.x86_64.rpm
a743b7e2980cc647a03c0b164d919056
corporate/4.0/SRPMS/openldap-2.3.27-1.2.20060mlcs4.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.
All packages are signed by Mandriva for security. You can obtain
the GPG public key of the Mandriva Security Team by executing:
gpg –recv-keys –keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
Mandriva Linux Security Advisory MDKSA-2006:218
http://www.mandriva.com/security/
Package : apache-mod_auth_kerb
Date : November 23, 2006
Affected: Corporate 4.0
Problem Description:
An off-by-one error in the der_get_oid function in mod_auth_kerb
5.0 allows remote attackers to cause a denial of service (crash)
via a crafted Kerberos message that triggers a heap-based buffer
overflow in the component array.
Packages have been patched to correct this issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5989
Updated Packages:
Corporate 4.0:
8ce7379b083881bad524a8f2c0f14e26
corporate/4.0/i586/apache-mod_auth_kerb-5.0-2.1.20060mlcs4.i586.rpm
7b3c02468f28a21609fa86c53af50951
corporate/4.0/SRPMS/apache-mod_auth_kerb-5.0-2.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
0200c4ac02a6217d22edc05c74db3378
corporate/4.0/x86_64/apache-mod_auth_kerb-5.0-2.1.20060mlcs4.x86_64.rpm
7b3c02468f28a21609fa86c53af50951
corporate/4.0/SRPMS/apache-mod_auth_kerb-5.0-2.1.20060mlcs4.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.
All packages are signed by Mandriva for security. You can obtain
the GPG public key of the Mandriva Security Team by executing:
gpg –recv-keys –keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
Ubuntu
Ubuntu Security Notice USN-381-1 November 16, 2006
firefox vulnerabilities
CVE-2006-5462, CVE-2006-5463, CVE-2006-5464, CVE-2006-5747,
CVE-2006-5748
A security issue affects the following Ubuntu releases:
Ubuntu 5.10
Ubuntu 6.06 LTS
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 5.10:
firefox | 1.5.dfsg+1.5.0.8-0ubuntu0.5.10 |
firefox-dev | 1.5.dfsg+1.5.0.8-0ubuntu0.5.10 |
Ubuntu 6.06 LTS:
firefox | 1.5.dfsg+1.5.0.8-0ubuntu0.6.06 |
firefox-dev | 1.5.dfsg+1.5.0.8-0ubuntu0.6.06 |
libnspr-dev | 1.5.dfsg+1.5.0.8-0ubuntu0.6.06 |
libnspr4 | 1.5.dfsg+1.5.0.8-0ubuntu0.6.06 |
libnss-dev | 1.5.dfsg+1.5.0.8-0ubuntu0.6.06 |
libnss3 | 1.5.dfsg+1.5.0.8-0ubuntu0.6.06 |
After a standard system upgrade you need to restart Firefox to
effect the necessary changes.
Details follow:
USN-351-1 fixed a flaw in the verification of PKCS certificate
signatures. Ulrich Kuehn discovered a variant of the original
attack which the original fix did not cover. (CVE-2006-5462)
Various flaws have been reported that allow an attacker to
execute arbitrary code with user privileges by tricking the user
into opening a malicious web page containing JavaScript.
(CVE-2006-5463, CVE-2006-5464, CVE-2006-5747, CVE-2006-5748)
Updated packages for Ubuntu 5.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.5.10.diff.gz
Size/MD5: 177335
10b377fae580ae8f70363ffd70e47269
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.5.10.dsc
Size/MD5: 1056
5db441b8802f27c49571095404b73bb7
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8.orig.tar.gz
Size/MD5: 44080423
9716c747d634997ec34dbf5f2e9ed80f
Architecture independent packages:
Size/MD5: 49586
9c0480fccb28d05f504b4b07811bccc1
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/mozilla-firefox_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_all.deb
Size/MD5: 50476
ad8be2b891ceb1884c64b04057201418
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
Size/MD5: 82786
7c57efcd467f65b5fddb99045f368cde
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_amd64.deb
Size/MD5: 10228966
98741e95215a819e389680e91f18e72e
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_amd64.deb
Size/MD5: 3152342
e0ab77c6e143bb59b43fd92d34b68900
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_amd64.deb
Size/MD5: 216484
8c13b0af86b6f83f5ee92e6367a887d7
i386 architecture (x86 compatible Intel/AMD)
Size/MD5: 210022
38257be6e6a43928bb10802118a264af
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_i386.deb
Size/MD5: 75156
0d8a65e5fa64cb0e4230e85e975a05d7
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_i386.deb
Size/MD5: 3152316
f4b306a5bf76d7788c581ae969a754d0
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_i386.deb
Size/MD5: 8651302
6f375546f6d948932f4a1652b3569e70
powerpc architecture (Apple Macintosh G3/G4/G5)
Size/MD5: 3152444
7293cd7542ea90e41823b76b822a6e8b
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_powerpc.deb
Size/MD5: 213430
b274f35517ffb38ce880679d79764a52
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_powerpc.deb
Size/MD5: 78406
41578a0497fce59bee796ff4fcdaab3c
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_powerpc.deb
Size/MD5: 9831168
0aabf7e840fef774adc05edef039caad
sparc architecture (Sun SPARC/UltraSPARC)
Size/MD5: 76784
d69cac5024601a5ea20074e9964e288e
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_sparc.deb
Size/MD5: 9166628
27f5d52e3c828c8b1604b0982dda7cc3
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_sparc.deb
Size/MD5: 210978
4a5ffba99714c584ca8e349b988c4400
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_sparc.deb
Size/MD5: 3152400
65ee6a126404960525e73d7c32d587d7
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.6.06.diff.gz
Size/MD5: 175871
52f1c28309ee6c7ef8c2f1d43d963cf8
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.6.06.dsc
Size/MD5: 1113
cd1281da2de45441a5a3e6034a38ab13
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8.orig.tar.gz
Size/MD5: 44080423
9716c747d634997ec34dbf5f2e9ed80f
Architecture independent packages:
Size/MD5: 49602
ab797aec8733b6c3e2280cdb09b64d1a
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/mozilla-firefox_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_all.deb
Size/MD5: 50490
1b3e5005f5e3fa797b3682b200cc50d4
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
Size/MD5: 47328882
934c4351e36288e88e1168c041542f5a
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb
Size/MD5: 2798910
7ee44fb3180623ce8a3a1f9efeb0d419
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb
Size/MD5: 216552
92a1743a061e332e080a626dbd399570
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb
Size/MD5: 82776
7d4b77da6a355c5e9f0113aaba778b03
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb
Size/MD5: 9420500
dc95e234fc1c321b64073816aa347550
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb
Size/MD5: 219228
e12302edf6ea04accaf83a8879dff274
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb
Size/MD5: 162300
35187fec0d3be43ef0aa9bd83dfabd6b
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb
Size/MD5: 236150
c98d56050fe2e27e3915acf2662aa8d4
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb
Size/MD5: 757954
8ee38f642969b44e7d342d89e0c91dfd
i386 architecture (x86 compatible Intel/AMD)
Size/MD5: 43902878
41afd17ae29b433ff26e51ef80e04599
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb
Size/MD5: 2798856
219ca82f455cad14a0021c0f66d6e8c0
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb
Size/MD5: 209962
02b36bc31e994256b74dd3d84dba7254
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb
Size/MD5: 75136
388a11c39a72e0a9a1969a5a1c0a48f8
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb
Size/MD5: 7932082
d6b266569d4bf056aa04a760459b8fc8
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb
Size/MD5: 219220
38b33e647137f579876b9047657fe390
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb
Size/MD5: 146980
57afd15fd3b17f8d5bf53b72592889e4
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb
Size/MD5: 236146
3936122367330caea7cf573973bdb0a2
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb
Size/MD5: 670102
67a930f2102173f1c84dd0ddf751b388
powerpc architecture (Apple Macintosh G3/G4/G5)
Size/MD5: 48721788
ad5ed6cebb6c5c97521e8416cbb6ba06
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb
Size/MD5: 2798932
aa5d623d34acb2bea9e7a1dc21e891dc
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb
Size/MD5: 213390
0323fadebfa079e9724e1cf3e930b977
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb
Size/MD5: 78300
fda19c102717648e93f332314c0d8020
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb
Size/MD5: 9031548
360d013efe74f061ba266d4ae7ff9177
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb
Size/MD5: 219224
7385d32cb21f0b83933822c4495a6783
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb
Size/MD5: 159522
ee71fefedbaade594b3b0064524db684
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb
Size/MD5: 236156
8ea5d14656d349724f5b254e035dfc2f
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb
Size/MD5: 768836
19b4c155f8c00ccff6656590d4ffc3be
sparc architecture (Sun SPARC/UltraSPARC)
Size/MD5: 45291164
417432698e5e51ae96d59ac90cc8390a
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb
Size/MD5: 2798918
6d3cfdc63c80688263b567e06e876d74
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb
Size/MD5: 210898
d8884f2ae360e55fdcad1b1ef8b3e338
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb
Size/MD5: 76754
68db0c6ff37422083ed5f0a46103a723
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb
Size/MD5: 8425346
ea28be8619f1411eaff2f7fba07a47f5
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb
Size/MD5: 219232
a81a2dedef311f71a8c3ae1b96d7b9d1
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb
Size/MD5: 149470
08152c38d3129bc6bf3164d6f48727cc
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb
Size/MD5: 236140
3b742ce49bbb397b1de45a8371672828
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb
Size/MD5: 682188
d4155e8163fed88108c17a31d0320e69