---

Home Security

Debian GNU/Linux Advisories: kdenetwork, kdepim, kdesdk, kdegames

By 

- --------------------------------------------------------------------------
Debian Security Advisory DSA 237-1                     [email protected]
http://www.debian.org/security/                             Martin Schulze
January 22nd, 2003                      http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : kdenetwork
Vulnerability  : several
Problem-type   : local, remote
Debian-specific: no
CVE Id         : CAN-2002-1393

The KDE team discovered several vulnerabilities in the K Desktop
Environment.  In some instances KDE fails to properly quote parameters
of instructions passed to a command shell for execution.  These
parameters may incorporate data such as URLs, filenames and e-mail
addresses, and this data may be provided remotely to a victim in an
e-mail, a webpage or files on a network filesystem or other untrusted
source.

By carefully crafting such data an attacker might be able to execute
arbitary commands on a vulnerable sytem using the victim's account and
privileges.  The KDE Project is not aware of any existing exploits of
these vulnerabilities.  The patches also provide better safe guards
and check data from untrusted sources more strictly in multiple
places.

For the current stable distribution (woody), these problems have been fixed
in version 2.2.2-14.6.

The old stable distribution (potato) does not contain KDE packages.

For the unstable distribution (sid), these problems will most probably
not be fixed but new packages for KDE 3.1 for sid are expected for
this year.

We recommend that you upgrade your KDE packages.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/k/kdenetwork/kdenetwork_2.2.2-14.6.dsc
      Size/MD5 checksum:      902 7d838dc381bb2ae2bd97f8942c4f4df4
    http://security.debian.org/pool/updates/main/k/kdenetwork/kdenetwork_2.2.2-14.6.diff.gz
      Size/MD5 checksum:    29614 54ba6afd41239d88c8978dad67824418
    http://security.debian.org/pool/updates/main/k/kdenetwork/kdenetwork_2.2.2.orig.tar.gz
      Size/MD5 checksum:  3319181 25fbfc5d2592937480c0d3796a2416e0

  Alpha architecture:

    http://security.debian.org/pool/updates/main/k/kdenetwork/kdict_2.2.2-14.6_alpha.deb
      Size/MD5 checksum:   231836 a73a1c7184121b4b47deb784ea511275
    http://security.debian.org/pool/updates/main/k/kdenetwork/kit_2.2.2-14.6_alpha.deb
      Size/MD5 checksum:   154678 6d1bcf5f5f2764c6f0ac09574bae0d47
    http://security.debian.org/pool/updates/main/k/kdenetwork/klisa_2.2.2-14.6_alpha.deb
      Size/MD5 checksum:   189188 c4e540b2a1e7cf55d529ce64752eebe9
    http://security.debian.org/pool/updates/main/k/kdenetwork/kmail_2.2.2-14.6_alpha.deb
      Size/MD5 checksum:   999084 05c2c7dd98f3f345ac049fe7a9872585
    http://security.debian.org/pool/updates/main/k/kdenetwork/knewsticker_2.2.2-14.6_alpha.deb
      Size/MD5 checksum:   439708 4a1583e539d407e9eab478ef0337519b
    http://security.debian.org/pool/updates/main/k/kdenetwork/knode_2.2.2-14.6_alpha.deb
      Size/MD5 checksum:  1287668 71e5ebd2c056767e8f77dff9cee9bf5f
    http://security.debian.org/pool/updates/main/k/kdenetwork/korn_2.2.2-14.6_alpha.deb
      Size/MD5 checksum:    98800 3ae8cc2a578439949a56c4e166536484
    http://security.debian.org/pool/updates/main/k/kdenetwork/kppp_2.2.2-14.6_alpha.deb
      Size/MD5 checksum:   573246 bda921e4dd5e40074bc6609dd6277fd4
    http://security.debian.org/pool/updates/main/k/kdenetwork/ksirc_2.2.2-14.6_alpha.deb
      Size/MD5 checksum:   616142 731fe0a8aaef46ce3e5658a9ff96ce7f
    http://security.debian.org/pool/updates/main/k/kdenetwork/ktalkd_2.2.2-14.6_alpha.deb
      Size/MD5 checksum:   132618 adbd43f6d1e0a262ae5d61e5292f5d5b
    http://security.debian.org/pool/updates/main/k/kdenetwork/libkdenetwork1_2.2.2-14.6_alpha.deb
      Size/MD5 checksum:   157132 e81bd1379fb9f174b69ea5dc31512600
    http://security.debian.org/pool/updates/main/k/kdenetwork/libmimelib-dev_2.2.2-14.6_alpha.deb
      Size/MD5 checksum:    61900 e97ac304b22480308e7ead1c7c1da156
    http://security.debian.org/pool/updates/main/k/kdenetwork/libmimelib1_2.2.2-14.6_alpha.deb
      Size/MD5 checksum:   100888 d1dbf97bdb8697c2c5cf1affa611072a

  ARM architecture:

    http://security.debian.org/pool/updates/main/k/kdenetwork/kdict_2.2.2-14.6_arm.deb
      Size/MD5 checksum:   212900 f4dbecadcddffce7adea7e967a0c0c35
    http://security.debian.org/pool/updates/main/k/kdenetwork/kit_2.2.2-14.6_arm.deb
      Size/MD5 checksum:   133916 ffd17d38112d9743b14182d327ad0b04
    http://security.debian.org/pool/updates/main/k/kdenetwork/klisa_2.2.2-14.6_arm.deb
      Size/MD5 checksum:   156042 79f9cbf33c510f73f47ceba2a29c2232
    http://security.debian.org/pool/updates/main/k/kdenetwork/kmail_2.2.2-14.6_arm.deb
      Size/MD5 checksum:   877500 79a4c589e60ad1b5e642850ca82cae02
    http://security.debian.org/pool/updates/main/k/kdenetwork/knewsticker_2.2.2-14.6_arm.deb
      Size/MD5 checksum:   396208 76fb7b77c751bf92288e215a96466265
    http://security.debian.org/pool/updates/main/k/kdenetwork/knode_2.2.2-14.6_arm.deb
      Size/MD5 checksum:  1124434 2e5337855dd0f9c4333a0325a13ca9d8
    http://security.debian.org/pool/updates/main/k/kdenetwork/korn_2.2.2-14.6_arm.deb
      Size/MD5 checksum:    76358 66f85cb5ff2a450da3ab675844e82640
    http://security.debian.org/pool/updates/main/k/kdenetwork/kppp_2.2.2-14.6_arm.deb
      Size/MD5 checksum:   510578 b42314870f6c5657abab6aa799401ff6
    http://security.debian.org/pool/updates/main/k/kdenetwork/ksirc_2.2.2-14.6_arm.deb
      Size/MD5 checksum:   565010 fab01c101f1626415ed0ab4322c7b231
    http://security.debian.org/pool/updates/main/k/kdenetwork/ktalkd_2.2.2-14.6_arm.deb
      Size/MD5 checksum:   114330 8a0d158c621db04df3487d15dcd73251
    http://security.debian.org/pool/updates/main/k/kdenetwork/libkdenetwork1_2.2.2-14.6_arm.deb
      Size/MD5 checksum:   138076 845ab476ff87e5d2995b7bca72b65658
    http://security.debian.org/pool/updates/main/k/kdenetwork/libmimelib-dev_2.2.2-14.6_arm.deb
      Size/MD5 checksum:    61922 38eb47003ba805faf4f14cfbc4413268
    http://security.debian.org/pool/updates/main/k/kdenetwork/libmimelib1_2.2.2-14.6_arm.deb
      Size/MD5 checksum:    83878 3c5d8b090d4ad557f0faa96acba9a596

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/k/kdenetwork/kdict_2.2.2-14.6_i386.deb
      Size/MD5 checksum:   216184 e0ba0895cd7c5dedc7714e8be24a3902
    http://security.debian.org/pool/updates/main/k/kdenetwork/kit_2.2.2-14.6_i386.deb
      Size/MD5 checksum:   131494 8867738970c584599c6e0137624ba84b
    http://security.debian.org/pool/updates/main/k/kdenetwork/klisa_2.2.2-14.6_i386.deb
      Size/MD5 checksum:   150478 085dae348c374ea8b829004cebaa8177
    http://security.debian.org/pool/updates/main/k/kdenetwork/kmail_2.2.2-14.6_i386.deb
      Size/MD5 checksum:   853876 de6f4270cb6fbdff12814557a515bb47
    http://security.debian.org/pool/updates/main/k/kdenetwork/knewsticker_2.2.2-14.6_i386.deb
      Size/MD5 checksum:   398380 a6173c81fce4a00900357ab4b18a7efd
    http://security.debian.org/pool/updates/main/k/kdenetwork/knode_2.2.2-14.6_i386.deb
      Size/MD5 checksum:  1119206 18760a35b1c3af5580987df061e2d2ed
    http://security.debian.org/pool/updates/main/k/kdenetwork/korn_2.2.2-14.6_i386.deb
      Size/MD5 checksum:    75516 adc4aca5134a83e26baf513b89b10939
    http://security.debian.org/pool/updates/main/k/kdenetwork/kppp_2.2.2-14.6_i386.deb
      Size/MD5 checksum:   505078 0645c73bc864fd14dc7b54a1b10be52d
    http://security.debian.org/pool/updates/main/k/kdenetwork/ksirc_2.2.2-14.6_i386.deb
      Size/MD5 checksum:   523192 50177531b5f4e4f219e3012ec14b79a3
    http://security.debian.org/pool/updates/main/k/kdenetwork/ktalkd_2.2.2-14.6_i386.deb
      Size/MD5 checksum:   113834 9d2338b3588f78d63eedb1435497648e
    http://security.debian.org/pool/updates/main/k/kdenetwork/libkdenetwork1_2.2.2-14.6_i386.deb
      Size/MD5 checksum:   132142 1931f6150ff10c8f930b51ed590c1aad
    http://security.debian.org/pool/updates/main/k/kdenetwork/libmimelib-dev_2.2.2-14.6_i386.deb
      Size/MD5 checksum:    61914 bc839140abfef89a69c785babf2e9243
    http://security.debian.org/pool/updates/main/k/kdenetwork/libmimelib1_2.2.2-14.6_i386.deb
      Size/MD5 checksum:    84324 4a0f4017e94cdfc2882b054967b132c9

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/k/kdenetwork/kdict_2.2.2-14.6_ia64.deb
      Size/MD5 checksum:   271436 154bf262425f346f89ddf0f6b5e68ae0
    http://security.debian.org/pool/updates/main/k/kdenetwork/kit_2.2.2-14.6_ia64.deb
      Size/MD5 checksum:   195224 6027bf7bde4679bd39731fc03dc5840b
    http://security.debian.org/pool/updates/main/k/kdenetwork/klisa_2.2.2-14.6_ia64.deb
      Size/MD5 checksum:   211256 337ffb8ee94a0120aa79e04793d60550
    http://security.debian.org/pool/updates/main/k/kdenetwork/kmail_2.2.2-14.6_ia64.deb
      Size/MD5 checksum:  1312694 370ed0bfedd91d1504705e63adbba39b
    http://security.debian.org/pool/updates/main/k/kdenetwork/knewsticker_2.2.2-14.6_ia64.deb
      Size/MD5 checksum:   522170 340e62c9153b96d43dc3120e8108ba65
    http://security.debian.org/pool/updates/main/k/kdenetwork/knode_2.2.2-14.6_ia64.deb
      Size/MD5 checksum:  1361216 3cbb1631d19c17425a55343fd1b143a9
    http://security.debian.org/pool/updates/main/k/kdenetwork/korn_2.2.2-14.6_ia64.deb
      Size/MD5 checksum:   113906 617759b293daf39b1da6c81963c080b1
    http://security.debian.org/pool/updates/main/k/kdenetwork/kppp_2.2.2-14.6_ia64.deb
      Size/MD5 checksum:   640924 cdc00182929c61f7a7bcfb95e38381be
    http://security.debian.org/pool/updates/main/k/kdenetwork/ksirc_2.2.2-14.6_ia64.deb
      Size/MD5 checksum:   616218 03e2cc4c483d74918a6183a5c0b7d0ea
    http://security.debian.org/pool/updates/main/k/kdenetwork/ktalkd_2.2.2-14.6_ia64.deb
      Size/MD5 checksum:   145472 b46e9f24efe3a272480a2b5813c9417a
    http://security.debian.org/pool/updates/main/k/kdenetwork/libkdenetwork1_2.2.2-14.6_ia64.deb
      Size/MD5 checksum:   207342 a17a1026f2ef3ac17b34d629bce5d5e0
    http://security.debian.org/pool/updates/main/k/kdenetwork/libmimelib-dev_2.2.2-14.6_ia64.deb
      Size/MD5 checksum:    61906 7445697381854726a4a5deca6e11694a
    http://security.debian.org/pool/updates/main/k/kdenetwork/libmimelib1_2.2.2-14.6_ia64.deb
      Size/MD5 checksum:   121690 b50ef8326affc8f06bc80d09a2f12479

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/k/kdenetwork/kdict_2.2.2-14.6_hppa.deb
      Size/MD5 checksum:   244328 2742d6a243163c2dfb9a066b78a234f4
    http://security.debian.org/pool/updates/main/k/kdenetwork/kit_2.2.2-14.6_hppa.deb
      Size/MD5 checksum:   152326 fe5fb44e6d6801d7ceea7f2099b53fdd
    http://security.debian.org/pool/updates/main/k/kdenetwork/klisa_2.2.2-14.6_hppa.deb
      Size/MD5 checksum:   218234 7fe86ba9493e91d9e4bdb2865d4d817b
    http://security.debian.org/pool/updates/main/k/kdenetwork/kmail_2.2.2-14.6_hppa.deb
      Size/MD5 checksum:   978146 51bc19df2de13dac1a350ca74478dced
    http://security.debian.org/pool/updates/main/k/kdenetwork/knewsticker_2.2.2-14.6_hppa.deb
      Size/MD5 checksum:   443984 77efe55fd7033c5837273836d2a8430b
    http://security.debian.org/pool/updates/main/k/kdenetwork/knode_2.2.2-14.6_hppa.deb
      Size/MD5 checksum:  1253340 34af3fb4dc920c1063aa0e76106f0fb1
    http://security.debian.org/pool/updates/main/k/kdenetwork/korn_2.2.2-14.6_hppa.deb
      Size/MD5 checksum:    93262 b67c9cecd6279bc53ab8bbc38b5c1b17
    http://security.debian.org/pool/updates/main/k/kdenetwork/kppp_2.2.2-14.6_hppa.deb
      Size/MD5 checksum:   560932 29723fcef4e7d866c61e86665aa04602
    http://security.debian.org/pool/updates/main/k/kdenetwork/ksirc_2.2.2-14.6_hppa.deb
      Size/MD5 checksum:   581774 824394310517e3ea4101a8bd1f605f68
    http://security.debian.org/pool/updates/main/k/kdenetwork/ktalkd_2.2.2-14.6_hppa.deb
      Size/MD5 checksum:   137054 62f842326e82d6c082da1d44cf20ff06
    http://security.debian.org/pool/updates/main/k/kdenetwork/libkdenetwork1_2.2.2-14.6_hppa.deb
      Size/MD5 checksum:   169018 f04311de6903ebf1513c447e6fc6768b
    http://security.debian.org/pool/updates/main/k/kdenetwork/libmimelib-dev_2.2.2-14.6_hppa.deb
      Size/MD5 checksum:    61900 3cbf264fb46de4b5aa754b7980a67f24
    http://security.debian.org/pool/updates/main/k/kdenetwork/libmimelib1_2.2.2-14.6_hppa.deb
      Size/MD5 checksum:   116502 e2bd2cdfd9bf48c7b7cff3fb3ae9c494

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/k/kdenetwork/kdict_2.2.2-14.6_m68k.deb
      Size/MD5 checksum:   212306 cac8103fc062baa8ac66cf16f6ad5633
    http://security.debian.org/pool/updates/main/k/kdenetwork/kit_2.2.2-14.6_m68k.deb
      Size/MD5 checksum:   126056 8f05de74c39544e3a6ba9b11a2d6947d
    http://security.debian.org/pool/updates/main/k/kdenetwork/klisa_2.2.2-14.6_m68k.deb
      Size/MD5 checksum:   141672 34b54431fb1b2eb46c72241c0939649c
    http://security.debian.org/pool/updates/main/k/kdenetwork/kmail_2.2.2-14.6_m68k.deb
      Size/MD5 checksum:   813402 c899eb8d2226f1823f9712956e03dc4d
    http://security.debian.org/pool/updates/main/k/kdenetwork/knewsticker_2.2.2-14.6_m68k.deb
      Size/MD5 checksum:   392440 dc71c18befebd9248fad0bb988787796
    http://security.debian.org/pool/updates/main/k/kdenetwork/knode_2.2.2-14.6_m68k.deb
      Size/MD5 checksum:  1096866 9e485a248df221d198cb83d1ec4e591d
    http://security.debian.org/pool/updates/main/k/kdenetwork/korn_2.2.2-14.6_m68k.deb
      Size/MD5 checksum:    75488 9f3f8f69ef177deead6237aa02116121
    http://security.debian.org/pool/updates/main/k/kdenetwork/kppp_2.2.2-14.6_m68k.deb
      Size/MD5 checksum:   498576 41a9f4362222dba010181704cd7abd8a
    http://security.debian.org/pool/updates/main/k/kdenetwork/ksirc_2.2.2-14.6_m68k.deb
      Size/MD5 checksum:   552844 052206cccf78c81830bc6ea2c7d5fe63
    http://security.debian.org/pool/updates/main/k/kdenetwork/ktalkd_2.2.2-14.6_m68k.deb
      Size/MD5 checksum:   113064 e72618cbf8f2bb6b2ef4d6313891a4fc
    http://security.debian.org/pool/updates/main/k/kdenetwork/libkdenetwork1_2.2.2-14.6_m68k.deb
      Size/MD5 checksum:   129254 5f57c83aef6db5298cd829b7f6a7c7c4
    http://security.debian.org/pool/updates/main/k/kdenetwork/libmimelib-dev_2.2.2-14.6_m68k.deb
      Size/MD5 checksum:    61932 fb75ab48b23df01a25481463b6277525
    http://security.debian.org/pool/updates/main/k/kdenetwork/libmimelib1_2.2.2-14.6_m68k.deb
      Size/MD5 checksum:    83050 b1a994af0db825c734cbb3269c6e2b10

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/k/kdenetwork/kdict_2.2.2-14.6_mips.deb
      Size/MD5 checksum:   214370 346cf16ef281264d774f50d69aee1bd8
    http://security.debian.org/pool/updates/main/k/kdenetwork/kit_2.2.2-14.6_mips.deb
      Size/MD5 checksum:   138416 60d255917b415b77710e8a7a9973789a
    http://security.debian.org/pool/updates/main/k/kdenetwork/klisa_2.2.2-14.6_mips.deb
      Size/MD5 checksum:   143674 6af7e2daa34f8bfc0d8662898c7ed4c8
    http://security.debian.org/pool/updates/main/k/kdenetwork/kmail_2.2.2-14.6_mips.deb
      Size/MD5 checksum:   913566 a19bfb980f81a0586dfcc9b942658ba6
    http://security.debian.org/pool/updates/main/k/kdenetwork/knewsticker_2.2.2-14.6_mips.deb
      Size/MD5 checksum:   371450 2b91d22b3632e3e62707bb032dd1d14e
    http://security.debian.org/pool/updates/main/k/kdenetwork/knode_2.2.2-14.6_mips.deb
      Size/MD5 checksum:  1144668 5918ec223409c7ee3f6e0b4ff937b536
    http://security.debian.org/pool/updates/main/k/kdenetwork/korn_2.2.2-14.6_mips.deb
      Size/MD5 checksum:    89322 ee44fb7e9a49645184c582e387570f3c
    http://security.debian.org/pool/updates/main/k/kdenetwork/kppp_2.2.2-14.6_mips.deb
      Size/MD5 checksum:   538724 7e6de824a9400cc0630fbe373d210933
    http://security.debian.org/pool/updates/main/k/kdenetwork/ksirc_2.2.2-14.6_mips.deb
      Size/MD5 checksum:   479006 e2088e8c8baffc0bfeb6e5434cdd3809
    http://security.debian.org/pool/updates/main/k/kdenetwork/ktalkd_2.2.2-14.6_mips.deb
      Size/MD5 checksum:   116842 9a50bce76e75dd9594668dfc9fd2a33f
    http://security.debian.org/pool/updates/main/k/kdenetwork/libkdenetwork1_2.2.2-14.6_mips.deb
      Size/MD5 checksum:   125614 4e49f71e8ed43e023e6d96c1fdd68352
    http://security.debian.org/pool/updates/main/k/kdenetwork/libmimelib-dev_2.2.2-14.6_mips.deb
      Size/MD5 checksum:    61916 aaff2df593e6bf7e197a4d1edad04feb
    http://security.debian.org/pool/updates/main/k/kdenetwork/libmimelib1_2.2.2-14.6_mips.deb
      Size/MD5 checksum:    85964 7b380e1ce457bb10976b04c00f43d1c6

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/k/kdenetwork/kdict_2.2.2-14.6_mipsel.deb
      Size/MD5 checksum:   212518 49824bc93c95c622e362780633f4c324
    http://security.debian.org/pool/updates/main/k/kdenetwork/kit_2.2.2-14.6_mipsel.deb
      Size/MD5 checksum:   136960 51c4e76b0a3c3914d1901cca1d9e4c78
    http://security.debian.org/pool/updates/main/k/kdenetwork/klisa_2.2.2-14.6_mipsel.deb
      Size/MD5 checksum:   143672 8a1df98403b7149b3bf1be85f2f330b5
    http://security.debian.org/pool/updates/main/k/kdenetwork/kmail_2.2.2-14.6_mipsel.deb
      Size/MD5 checksum:   904380 24296745042511ceffec38c631ab7dde
    http://security.debian.org/pool/updates/main/k/kdenetwork/knewsticker_2.2.2-14.6_mipsel.deb
      Size/MD5 checksum:   367604 f246b1425437262867e3ff7da42ed51a
    http://security.debian.org/pool/updates/main/k/kdenetwork/knode_2.2.2-14.6_mipsel.deb
      Size/MD5 checksum:  1137392 0f3b541ca9bcd4655fbf9e7342d25e8d
    http://security.debian.org/pool/updates/main/k/kdenetwork/korn_2.2.2-14.6_mipsel.deb
      Size/MD5 checksum:    88406 2a5df0cf9fdfcea63f10c631dd53716d
    http://security.debian.org/pool/updates/main/k/kdenetwork/kppp_2.2.2-14.6_mipsel.deb
      Size/MD5 checksum:   536278 fe253aef2990895a037f235097dd72ec
    http://security.debian.org/pool/updates/main/k/kdenetwork/ksirc_2.2.2-14.6_mipsel.deb
      Size/MD5 checksum:   457184 f78f2099fb30b7808ea66434446a2884
    http://security.debian.org/pool/updates/main/k/kdenetwork/ktalkd_2.2.2-14.6_mipsel.deb
      Size/MD5 checksum:   117290 5a02888180cc2855f7ef81e85f00eebf
    http://security.debian.org/pool/updates/main/k/kdenetwork/libkdenetwork1_2.2.2-14.6_mipsel.deb
      Size/MD5 checksum:   124236 c1938f130add8c44ab38c326e6c534e6
    http://security.debian.org/pool/updates/main/k/kdenetwork/libmimelib-dev_2.2.2-14.6_mipsel.deb
      Size/MD5 checksum:    61902 0762e12b17fb629f132b2454d864c53b
    http://security.debian.org/pool/updates/main/k/kdenetwork/libmimelib1_2.2.2-14.6_mipsel.deb
      Size/MD5 checksum:    85692 9feed258211d74d31ee311565251c979

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/k/kdenetwork/kdict_2.2.2-14.6_powerpc.deb
      Size/MD5 checksum:   211438 907af6a353d97aee9fa1aaf28cacda3a
    http://security.debian.org/pool/updates/main/k/kdenetwork/kit_2.2.2-14.6_powerpc.deb
      Size/MD5 checksum:   131064 f56cb6818afa9d72f445830acd7292fa
    http://security.debian.org/pool/updates/main/k/kdenetwork/klisa_2.2.2-14.6_powerpc.deb
      Size/MD5 checksum:   151886 6a053393575a454f038185b756a0abcb
    http://security.debian.org/pool/updates/main/k/kdenetwork/kmail_2.2.2-14.6_powerpc.deb
      Size/MD5 checksum:   873358 6353c681acb85c1e2c036070189a20cb
    http://security.debian.org/pool/updates/main/k/kdenetwork/knewsticker_2.2.2-14.6_powerpc.deb
      Size/MD5 checksum:   393652 3758bd4689c51ca95187c454d6cdb669
    http://security.debian.org/pool/updates/main/k/kdenetwork/knode_2.2.2-14.6_powerpc.deb
      Size/MD5 checksum:  1130932 dedcd1a94158e8a83634db058fce0cc9
    http://security.debian.org/pool/updates/main/k/kdenetwork/korn_2.2.2-14.6_powerpc.deb
      Size/MD5 checksum:    74434 1dd9cc41f9f330c0ee7d43eabe463691
    http://security.debian.org/pool/updates/main/k/kdenetwork/kppp_2.2.2-14.6_powerpc.deb
      Size/MD5 checksum:   506572 ebb4d4a173892a554b08fcbbfa6d7a47
    http://security.debian.org/pool/updates/main/k/kdenetwork/ksirc_2.2.2-14.6_powerpc.deb
      Size/MD5 checksum:   560830 8377840c00938fb08e668e6d5133e021
    http://security.debian.org/pool/updates/main/k/kdenetwork/ktalkd_2.2.2-14.6_powerpc.deb
      Size/MD5 checksum:   113496 e9007b7aeeacd7b79b96a207996994d7
    http://security.debian.org/pool/updates/main/k/kdenetwork/libkdenetwork1_2.2.2-14.6_powerpc.deb
      Size/MD5 checksum:   137836 20f6762dddf846a06c88aea8a9ee5748
    http://security.debian.org/pool/updates/main/k/kdenetwork/libmimelib-dev_2.2.2-14.6_powerpc.deb
      Size/MD5 checksum:    61904 40343628ec6b3bffc8488a9fab22aa9d
    http://security.debian.org/pool/updates/main/k/kdenetwork/libmimelib1_2.2.2-14.6_powerpc.deb
      Size/MD5 checksum:    86910 07cc717209d374e40471516f87cb0b57

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/k/kdenetwork/kdict_2.2.2-14.6_s390.deb
      Size/MD5 checksum:   226964 f92c1fd9cbf830102ee6d36740294476
    http://security.debian.org/pool/updates/main/k/kdenetwork/kit_2.2.2-14.6_s390.deb
      Size/MD5 checksum:   133072 709bf0d095d5545cad07b510aa6d9b07
    http://security.debian.org/pool/updates/main/k/kdenetwork/klisa_2.2.2-14.6_s390.deb
      Size/MD5 checksum:   147042 3b1d10fd8eddde2ce906405456802aa4
    http://security.debian.org/pool/updates/main/k/kdenetwork/kmail_2.2.2-14.6_s390.deb
      Size/MD5 checksum:   852926 67238ef8e9cf823bfb9c20e9eefc06d1
    http://security.debian.org/pool/updates/main/k/kdenetwork/knewsticker_2.2.2-14.6_s390.deb
      Size/MD5 checksum:   396676 11bd687afbb67950d8e887e4647de4f2
    http://security.debian.org/pool/updates/main/k/kdenetwork/knode_2.2.2-14.6_s390.deb
      Size/MD5 checksum:  1144594 134bdce931f7fb58b5f88a7291946080
    http://security.debian.org/pool/updates/main/k/kdenetwork/korn_2.2.2-14.6_s390.deb
      Size/MD5 checksum:    78694 207ccab147bbc66a5e36335454af504d
    http://security.debian.org/pool/updates/main/k/kdenetwork/kppp_2.2.2-14.6_s390.deb
      Size/MD5 checksum:   511258 e82ce22dfef75cf3f482dc38321d5186
    http://security.debian.org/pool/updates/main/k/kdenetwork/ksirc_2.2.2-14.6_s390.deb
      Size/MD5 checksum:   543418 f9a5c46bfebf028c6af911192f342212
    http://security.debian.org/pool/updates/main/k/kdenetwork/ktalkd_2.2.2-14.6_s390.deb
      Size/MD5 checksum:   118038 af8fde5de5acf89497aa437ab97c8c00
    http://security.debian.org/pool/updates/main/k/kdenetwork/libkdenetwork1_2.2.2-14.6_s390.deb
      Size/MD5 checksum:   141380 4e17f6758167e34bfed6fd817c8fa147
    http://security.debian.org/pool/updates/main/k/kdenetwork/libmimelib-dev_2.2.2-14.6_s390.deb
      Size/MD5 checksum:    61898 e536690ab66cf7ded30487145bdd10c3
    http://security.debian.org/pool/updates/main/k/kdenetwork/libmimelib1_2.2.2-14.6_s390.deb
      Size/MD5 checksum:    87666 9196a15126020e61144b3db4beddc756

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/k/kdenetwork/kdict_2.2.2-14.6_sparc.deb
      Size/MD5 checksum:   219960 689efc429f64f182a4ed5c272f6e0009
    http://security.debian.org/pool/updates/main/k/kdenetwork/kit_2.2.2-14.6_sparc.deb
      Size/MD5 checksum:   134240 95e4909dcfd383247f10d3e720bc7274
    http://security.debian.org/pool/updates/main/k/kdenetwork/klisa_2.2.2-14.6_sparc.deb
      Size/MD5 checksum:   151758 ab75a1798dccdee5f529c529a05b0e6f
    http://security.debian.org/pool/updates/main/k/kdenetwork/kmail_2.2.2-14.6_sparc.deb
      Size/MD5 checksum:   865630 68b7239deed831f96c93e3eb100505f4
    http://security.debian.org/pool/updates/main/k/kdenetwork/knewsticker_2.2.2-14.6_sparc.deb
      Size/MD5 checksum:   399598 78904b4ebe7961fe8b9f24315b2ae256
    http://security.debian.org/pool/updates/main/k/kdenetwork/knode_2.2.2-14.6_sparc.deb
      Size/MD5 checksum:  1143706 596c1e4691b07789777e8ab825fc3fa0
    http://security.debian.org/pool/updates/main/k/kdenetwork/korn_2.2.2-14.6_sparc.deb
      Size/MD5 checksum:    76430 cc2479f281d9eb1ca0e40e406c641447
    http://security.debian.org/pool/updates/main/k/kdenetwork/kppp_2.2.2-14.6_sparc.deb
      Size/MD5 checksum:   508160 f8c4dcce194273e3cd73e50036a1ce23
    http://security.debian.org/pool/updates/main/k/kdenetwork/ksirc_2.2.2-14.6_sparc.deb
      Size/MD5 checksum:   527222 3e9a7a5697b57d2dd20465af95e82a08
    http://security.debian.org/pool/updates/main/k/kdenetwork/ktalkd_2.2.2-14.6_sparc.deb
      Size/MD5 checksum:   119832 4801db0724ef320781099388ca580ef7
    http://security.debian.org/pool/updates/main/k/kdenetwork/libkdenetwork1_2.2.2-14.6_sparc.deb
      Size/MD5 checksum:   136430 766feb0dea63d719f4fd8521ebf38d33
    http://security.debian.org/pool/updates/main/k/kdenetwork/libmimelib-dev_2.2.2-14.6_sparc.deb
      Size/MD5 checksum:    61910 930618a4a494d8413a59bc6c4a544fe3
    http://security.debian.org/pool/updates/main/k/kdenetwork/libmimelib1_2.2.2-14.6_sparc.deb
      Size/MD5 checksum:    84570 8911783af202480210518a48e29c435a


  These files will probably be moved into the stable distribution on
  its next revision.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: [email protected]
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>;



- --------------------------------------------------------------------------
Debian Security Advisory DSA 238-1                     [email protected]
http://www.debian.org/security/                             Martin Schulze
January 23rd, 2003                      http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : kdepim
Vulnerability  : several
Problem-type   : local, remote
Debian-specific: no
CVE Id         : CAN-2002-1393

The KDE team discovered several vulnerabilities in the K Desktop
Environment.  In some instances KDE fails to properly quote parameters
of instructions passed to a command shell for execution.  These
parameters may incorporate data such as URLs, filenames and e-mail
addresses, and this data may be provided remotely to a victim in an
e-mail, a webpage or files on a network filesystem or other untrusted
source.

By carefully crafting such data an attacker might be able to execute
arbitary commands on a vulnerable sytem using the victim's account and
privileges.  The KDE Project is not aware of any existing exploits of
these vulnerabilities.  The patches also provide better safe guards
and check data from untrusted sources more strictly in multiple
places.

For the current stable distribution (woody), these problems have been fixed
in version 2.2.2-5.2.

The old stable distribution (potato) does not contain KDE packages.

For the unstable distribution (sid), these problems will most probably
not be fixed but new packages for KDE 3.1 for sid are expected for
this year.

We recommend that you upgrade your KDE packages.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/k/kdepim/kdepim_2.2.2-5.2.dsc
      Size/MD5 checksum:      817 3a9b6d07e71b4a78fff95f1e0d5f3df1
    http://security.debian.org/pool/updates/main/k/kdepim/kdepim_2.2.2-5.2.diff.gz
      Size/MD5 checksum:   104449 81c061d65307d74cb877766b57b22693
    http://security.debian.org/pool/updates/main/k/kdepim/kdepim_2.2.2.orig.tar.gz
      Size/MD5 checksum:  2426387 e090f1aad8ebd1a3ea1ecd42d51532f9

  Alpha architecture:

    http://security.debian.org/pool/updates/main/k/kdepim/kandy_2.2.2-5.2_alpha.deb
      Size/MD5 checksum:   109240 6c5235a3331c8d3a774f7830e048f3d8
    http://security.debian.org/pool/updates/main/k/kdepim/kdepim-dev_2.2.2-5.2_alpha.deb
      Size/MD5 checksum:    22648 3a055bcaee8f6f88afe80b30e6f2211d
    http://security.debian.org/pool/updates/main/k/kdepim/kdepim-libs_2.2.2-5.2_alpha.deb
      Size/MD5 checksum:   456832 578b1f4eac0aebac76e90fe4010fcfb9
    http://security.debian.org/pool/updates/main/k/kdepim/korganizer_2.2.2-5.2_alpha.deb
      Size/MD5 checksum:   716432 50b9d71558a64615f1392cbe93033355
    http://security.debian.org/pool/updates/main/k/kdepim/kpilot_2.2.2-5.2_alpha.deb
      Size/MD5 checksum:   824996 27aa213fa013720f5f5a926aed891845

  ARM architecture:

    http://security.debian.org/pool/updates/main/k/kdepim/kandy_2.2.2-5.2_arm.deb
      Size/MD5 checksum:    84314 8fbc92a65edc80b03d56629677366371
    http://security.debian.org/pool/updates/main/k/kdepim/kdepim-dev_2.2.2-5.2_arm.deb
      Size/MD5 checksum:    22646 7d035230f1ea1179e69ea25b167c7a96
    http://security.debian.org/pool/updates/main/k/kdepim/kdepim-libs_2.2.2-5.2_arm.deb
      Size/MD5 checksum:   362892 5261b05a017c810ec3a59aecb937f0b2
    http://security.debian.org/pool/updates/main/k/kdepim/korganizer_2.2.2-5.2_arm.deb
      Size/MD5 checksum:   620202 c638b1d0ff98cd9d78ca3bb8ddebabee
    http://security.debian.org/pool/updates/main/k/kdepim/kpilot_2.2.2-5.2_arm.deb
      Size/MD5 checksum:   724560 b4cb3ab202e12b3e4ce1180280b7b7c4

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/k/kdepim/kandy_2.2.2-5.2_i386.deb
      Size/MD5 checksum:    84642 1cde319e7dc3939d6de153ebf9128140
    http://security.debian.org/pool/updates/main/k/kdepim/kdepim-dev_2.2.2-5.2_i386.deb
      Size/MD5 checksum:    22638 072fc2043003c57ee1288b461fe5080e
    http://security.debian.org/pool/updates/main/k/kdepim/kdepim-libs_2.2.2-5.2_i386.deb
      Size/MD5 checksum:   359282 60abc8750287b7acd90aea5f96ad681c
    http://security.debian.org/pool/updates/main/k/kdepim/korganizer_2.2.2-5.2_i386.deb
      Size/MD5 checksum:   598284 3272ea2762c45f9a97c868433750bf6c
    http://security.debian.org/pool/updates/main/k/kdepim/kpilot_2.2.2-5.2_i386.deb
      Size/MD5 checksum:   718354 6195ea202df4bf7895e4ab1d4ea6599c

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/k/kdepim/kandy_2.2.2-5.2_ia64.deb
      Size/MD5 checksum:   127432 1e767af46b537f450c90b90a57838b75
    http://security.debian.org/pool/updates/main/k/kdepim/kdepim-dev_2.2.2-5.2_ia64.deb
      Size/MD5 checksum:    22638 03c37216be4a1abb7dafe8b2a50f03aa
    http://security.debian.org/pool/updates/main/k/kdepim/kdepim-libs_2.2.2-5.2_ia64.deb
      Size/MD5 checksum:   570572 f08e48aa1974ed09b0a6c47755ce67d0
    http://security.debian.org/pool/updates/main/k/kdepim/korganizer_2.2.2-5.2_ia64.deb
      Size/MD5 checksum:   835716 bec4be6dd27d531d6fb750dbbdb1c46b
    http://security.debian.org/pool/updates/main/k/kdepim/kpilot_2.2.2-5.2_ia64.deb
      Size/MD5 checksum:   934750 4e99292ff76e5a479493334e08fc9130

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/k/kdepim/kandy_2.2.2-5.2_m68k.deb
      Size/MD5 checksum:    83214 757f6ab819882d9e343d6ce0d89188ef
    http://security.debian.org/pool/updates/main/k/kdepim/kdepim-dev_2.2.2-5.2_m68k.deb
      Size/MD5 checksum:    22654 b5ed90d92e9b2c7129e63b37e62ef621
    http://security.debian.org/pool/updates/main/k/kdepim/kdepim-libs_2.2.2-5.2_m68k.deb
      Size/MD5 checksum:   358008 6f392d9a4d5b2023bd3e07d1f7b76c75
    http://security.debian.org/pool/updates/main/k/kdepim/korganizer_2.2.2-5.2_m68k.deb
      Size/MD5 checksum:   603922 607c929b8cef38dc36a80afb052b0c35
    http://security.debian.org/pool/updates/main/k/kdepim/kpilot_2.2.2-5.2_m68k.deb
      Size/MD5 checksum:   718006 daa16707658d414cfdca7fe733ef0d52

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/k/kdepim/kandy_2.2.2-5.2_mips.deb
      Size/MD5 checksum:    97910 31149d82dcb3083d01f8c7517b2015e5
    http://security.debian.org/pool/updates/main/k/kdepim/kdepim-dev_2.2.2-5.2_mips.deb
      Size/MD5 checksum:    22644 058da04155cde7131a7180a6a4344044
    http://security.debian.org/pool/updates/main/k/kdepim/kdepim-libs_2.2.2-5.2_mips.deb
      Size/MD5 checksum:   358636 515217cc3e833710e408ce48a72a60fb
    http://security.debian.org/pool/updates/main/k/kdepim/korganizer_2.2.2-5.2_mips.deb
      Size/MD5 checksum:   609670 67fd35ad1b2d52ba94a05857bb1db109
    http://security.debian.org/pool/updates/main/k/kdepim/kpilot_2.2.2-5.2_mips.deb
      Size/MD5 checksum:   753496 00c8309e2c0424ab3fa9d7cf1fc4ba4d

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/k/kdepim/kandy_2.2.2-5.2_mipsel.deb
      Size/MD5 checksum:    96896 402ca43606d340cf3321a94427072907
    http://security.debian.org/pool/updates/main/k/kdepim/kdepim-dev_2.2.2-5.2_mipsel.deb
      Size/MD5 checksum:    22640 5a622f10523f96b078facae719331bff
    http://security.debian.org/pool/updates/main/k/kdepim/kdepim-libs_2.2.2-5.2_mipsel.deb
      Size/MD5 checksum:   354500 17d31d36e4df790f94807547423f80a9
    http://security.debian.org/pool/updates/main/k/kdepim/korganizer_2.2.2-5.2_mipsel.deb
      Size/MD5 checksum:   601432 f4f0895538784636439876e0e9d50c57
    http://security.debian.org/pool/updates/main/k/kdepim/kpilot_2.2.2-5.2_mipsel.deb
      Size/MD5 checksum:   747728 66a47df6ee7a6bd4c592daf5e27a98d7

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/k/kdepim/kandy_2.2.2-5.2_powerpc.deb
      Size/MD5 checksum:    83602 b4447af57694f46b4529e25d455d9adf
    http://security.debian.org/pool/updates/main/k/kdepim/kdepim-dev_2.2.2-5.2_powerpc.deb
      Size/MD5 checksum:    22646 97b6c879dac3dc6964ac824ef06f9eae
    http://security.debian.org/pool/updates/main/k/kdepim/kdepim-libs_2.2.2-5.2_powerpc.deb
      Size/MD5 checksum:   378898 1b6470873c9f4fd72f9cda1807b9eeb7
    http://security.debian.org/pool/updates/main/k/kdepim/korganizer_2.2.2-5.2_powerpc.deb
      Size/MD5 checksum:   619312 925ede2755bca091cbfa2d76f4fec7f2
    http://security.debian.org/pool/updates/main/k/kdepim/kpilot_2.2.2-5.2_powerpc.deb
      Size/MD5 checksum:   706400 e5a8766555d252c21ad05622a0dbb096

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/k/kdepim/kandy_2.2.2-5.2_s390.deb
      Size/MD5 checksum:    89224 bcbc4decf43c4abcb2342d5c9426358a
    http://security.debian.org/pool/updates/main/k/kdepim/kdepim-dev_2.2.2-5.2_s390.deb
      Size/MD5 checksum:    22646 667cd0dd6c8ddc215d217b9ae0bba217
    http://security.debian.org/pool/updates/main/k/kdepim/kdepim-libs_2.2.2-5.2_s390.deb
      Size/MD5 checksum:   381256 c93f67e2659bb26b3cff53d367cdb499
    http://security.debian.org/pool/updates/main/k/kdepim/korganizer_2.2.2-5.2_s390.deb
      Size/MD5 checksum:   630936 8caf19f27a5fd8eb8725c5fdb3d81d78
    http://security.debian.org/pool/updates/main/k/kdepim/kpilot_2.2.2-5.2_s390.deb
      Size/MD5 checksum:   722916 02c65a4811bf33d857537f42e32f6816

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/k/kdepim/kandy_2.2.2-5.2_sparc.deb
      Size/MD5 checksum:    85026 21d3784c9a950f51f66fd1443acb988f
    http://security.debian.org/pool/updates/main/k/kdepim/kdepim-dev_2.2.2-5.2_sparc.deb
      Size/MD5 checksum:    22642 26d51be237a50eb27143ff95e704eac0
    http://security.debian.org/pool/updates/main/k/kdepim/kdepim-libs_2.2.2-5.2_sparc.deb
      Size/MD5 checksum:   374682 0a2973a2b7d14f52b3e0a3b842b08115
    http://security.debian.org/pool/updates/main/k/kdepim/korganizer_2.2.2-5.2_sparc.deb
      Size/MD5 checksum:   619716 c99a61aa3e6479d3d59c631f1eb9aad8
    http://security.debian.org/pool/updates/main/k/kdepim/kpilot_2.2.2-5.2_sparc.deb
      Size/MD5 checksum:   714040 3a53cdeb21da38b61e8742a100456885


  These files will be moved into the stable distribution after new KDE
  packages fhave been uploaded into unstable (sid) and compiled for
  all architectures.  

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: [email protected]
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>;


- --------------------------------------------------------------------------
Debian Security Advisory DSA 239-1                     [email protected]
http://www.debian.org/security/                             Martin Schulze
January 23rd, 2003                      http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : kdesdk
Vulnerability  : several
Problem-type   : local, remote
Debian-specific: no
CVE Id         : CAN-2002-1393

The KDE team discovered several vulnerabilities in the K Desktop
Environment.  In some instances KDE fails to properly quote parameters
of instructions passed to a command shell for execution.  These
parameters may incorporate data such as URLs, filenames and e-mail
addresses, and this data may be provided remotely to a victim in an
e-mail, a webpage or files on a network filesystem or other untrusted
source.

By carefully crafting such data an attacker might be able to execute
arbitary commands on a vulnerable sytem using the victim's account and
privileges.  The KDE Project is not aware of any existing exploits of
these vulnerabilities.  The patches also provide better safe guards
and check data from untrusted sources more strictly in multiple
places.

For the current stable distribution (woody), these problems have been fixed
in version 2.2.2-3.2.

The old stable distribution (potato) does not contain KDE packages.

For the unstable distribution (sid), these problems will most probably
not be fixed but new packages for KDE 3.1 for sid are expected for
this year.

We recommend that you upgrade your KDE packages.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/k/kdesdk/kdesdk_2.2.2-3.2.dsc
      Size/MD5 checksum:      809 1e72a255b00079ba8e293a4ceb1c8eb3
    http://security.debian.org/pool/updates/main/k/kdesdk/kdesdk_2.2.2-3.2.diff.gz
      Size/MD5 checksum:     2645 1f41391569ee52599dc843687a03181e
    http://security.debian.org/pool/updates/main/k/kdesdk/kdesdk_2.2.2.orig.tar.gz
      Size/MD5 checksum:  1360120 27bc6f7baf89e6

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis

Must Read

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Our Brands

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.