From dzimi at pld.org.pl Sat May 3 14:44:31 2003 From: dzimi at pld.org.pl (Krzysiek Taraszka) Date: Tue Dec 20 11:03:11 2005 Subject: [PLDSA 28-1] New analog packages fix remote denial of service Message-ID: - -------------------------------------------------------------------------- PLD Security Advisory PLDSA 28-1 security@pld.org.pl http://www.pld.org.pl/security/ PLD Security Team 06 February 2003 http://www.pld.org.pl/security/faq - -------------------------------------------------------------------------- Package : prior to analog-5.22-1 Vulnerability : denial of service Problem-Type : remote PLD-specific : no Upstream URL : www.analog.cx/security5.html This advisory _only_ affects users who have installed the optional form interface to analog, anlgform.pl, and made it available to untrusted users. Please note that it's not usually a good idea to do this anyway. There are other obvious denial-of-service attacks available to untrusted users who can run CPU-intensive programs on your system, which this advisory cannot and does not attempt to address. anlgform.pl is the CGI front end to analog, allowing analog to be controlled from a web form. As a security precaution, anlgform refuses to pass on to analog certain commands which should not be available to untrusted users. The above problems have been fixed in version 5.31-1 for the current stable distribution (ra). We recommend that you upgrade your analog packages. wget -c url will fetch the file for you rpm -Uhv file(s)*.rpm will upgrade the referenced file. If you are using "poldek" - the package manager, use the line as given below for upgrade packages poldek --update will update the internal database poldek --upgrade 'analog*' will install corrected packages If you are using "apt" - the package manager, use the line as given below for upgrade packages apt-get update will update the internal database apt-get upgrade 'analog*' will install corrected packages PLD Linux 1.0 alias ra - -------------------- Source archives: ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/analog-5.31-1.src.rpm MD5 checksum: 4b755985594431a2080fb7b83e238510 I386 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/analog-5.31-1.i386.rpm MD5 checksum: 8c271729d104f25980ff6c7ccbec56c5 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/analog-form-5.31-1.i386.rpm MD5 checksum: 9dadbae5e7acc884d371076f0c563b6b I586 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/analog-5.31-1.i586.rpm MD5 checksum: 8100e2459cb28d41bbc9ad1fd8c10134 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/analog-form-5.31-1.i586.rpm MD5 checksum: ef0e14b8531a0bed9dc7aa01957b1b13 I686 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/analog-5.31-1.i686.rpm MD5 checksum: 8f01e96674b98a8164ee7fb1bb986df1 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/analog-form-5.31-1.i686.rpm MD5 checksum: cdf06b89fe6e814e686d8b98ffa0646b PowerPC Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/analog-5.31-1.ppc.rpm MD5 checksum: f81f9a054a6821db9170d85036fb8957 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/analog-form-5.31-1.ppc.rpm MD5 checksum: c76e286a82e76f8878ea4dcccf8ddf3d - -------------------------------------------------------------------------------- - If you are using poldek add this line to poldek.conf. If you are using apt-get add this line to sources.list. For i386 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security For i586 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security For i686 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security For ppc architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security From dzimi at pld.org.pl Sat May 3 14:45:59 2003 From: dzimi at pld.org.pl (Krzysiek Taraszka) Date: Tue Dec 20 11:03:11 2005 Subject: [PLDSA 30-1] New mrtg packages fix wrong persion Message-ID: - -------------------------------------------------------------------------- PLD Security Advisory PLDSA 30-1 security@pld.org.pl http://www.pld.org.pl/security/ PLD Security Team 14 February 2003 http://www.pld.org.pl/security/faq - -------------------------------------------------------------------------- Package : prior to mrtg-2.9.22-1 Vulnerability : wrong permision Problem-Type : local PLD-specific : yes The Multi Router Traffic Grapher (MRTG) is a tool to monitor the traffic load on network-links. PLD packages have got wrong permision to /etc/mrtg directory witch allow others to get snmp passwords. Permisions to /etc/mrtg directory should be - root only. The above problems have been fixed in version 2.9.25-2 for the current stable distribution (ra). We recommend that you upgrade your mrtg packages. wget -c url will fetch the file for you rpm -Uhv file(s)*.rpm will upgrade the referenced file. If you are using "poldek" - the package manager, use the line as given below for upgrade packages poldek --update will update the internal database poldek --upgrade 'mrtg*' will install corrected packages If you are using "apt" - the package manager, use the line as given below for upgrade packages apt-get update will update the internal database apt-get upgrade 'mrtg*' will install corrected packages PLD Linux 1.0 alias ra - -------------------- Source archives: ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/mrtg-2.9.25-2.src.rpm MD5 checksum: 52bd41a06ebae0185f6d15da77176316 I386 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/mrtg-2.9.25-2.i386.rpm MD5 checksum: 0581335b0744275ccb002f3e80d66c21 I586 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/mrtg-2.9.25-2.i586.rpm MD5 checksum: d496e4de1e749e37a5e49c60c4021671 I686 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/mrtg-2.9.25-2.i686.rpm MD5 checksum: 379930c010c052cd5bdf16474f10c3b8 PowerPC Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/mrtg-2.9.25-2.ppc.rpm MD5 checksum: d5fbf1d3f301d97ccc4e58ac8844332c - -------------------------------------------------------------------------------- - If you are using poldek add this line to poldek.conf. If you are using apt-get add this line to sources.list. For i386 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security For i586 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security For i686 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security For ppc architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security From dzimi at pld.org.pl Sat May 3 14:45:40 2003 From: dzimi at pld.org.pl (Krzysiek Taraszka) Date: Tue Dec 20 11:03:11 2005 Subject: [PLDSA 29-1] New openldap packages fix buffer overflows and remote exploit Message-ID: - -------------------------------------------------------------------------- PLD Security Advisory PLDSA 29-1 security@pld.org.pl http://www.pld.org.pl/security/ PLD Security Team 06 February 2003 http://www.pld.org.pl/security/faq - -------------------------------------------------------------------------- Package : prior to openldap-2.0.27-1 Vulnerability : buffer overflows and other bugs Problem-Type : local PLD-specific : no BugTraq ID : 6328 CVE references : CAN-2002-1378, CAN-2002-1379 The SuSE Security Team reviewed critical parts of openldap2, an implementation of the Lightweight Directory Access Protocol (LDAP) version 2 and 3, and found several buffer overflows and other bugs remote attackers could exploit to gain access on systems running vulnerable LDAP servers. In addition to these bugs, various local exploitable bugs within the OpenLDAP2 libraries have been fixed. The above problems have been fixed in version 2.0.27-3 for the current stable distribution (ra). We recommend that you upgrade your openldap packages. wget -c url will fetch the file for you rpm -Uhv file(s)*.rpm will upgrade the referenced file. If you are using "poldek" - the package manager, use the line as given below for upgrade packages poldek --update will update the internal database poldek --upgrade 'openldap*' will install corrected packages If you are using "apt" - the package manager, use the line as given below for upgrade packages apt-get update will update the internal database apt-get upgrade 'openldap*' will install corrected packages PLD Linux 1.0 alias ra - -------------------- Source archives: ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/openldap-2.0.27-3.src.rpm MD5 checksum: 217cda9e4326169ce5e0adf67f9fe260 I386 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/openldap-2.0.27-3.i386.rpm MD5 checksum: 0f98477da3fdf44425764f623c9f0733 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/openldap-devel-2.0.27-3.i386.rpm MD5 checksum: 6a7ef033405ef033f0ac290e55b91e86 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/openldap-servers-2.0.27-3.i386.rpm MD5 checksum: 817da79336c3cc719f419cad2418b0ee ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/openldap-static-2.0.27-3.i386.rpm MD5 checksum: 5b0f8829299c294f7f80b40c0b5adb3a I586 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/openldap-2.0.27-3.i586.rpm MD5 checksum: 9842e70fe68e67d5e4e89ae82281ef3a ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/openldap-devel-2.0.27-3.i586.rpm MD5 checksum: 31d3c2a1a7c8c02ef4a1ce215f01f0fd ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/openldap-servers-2.0.27-3.i586.rpm MD5 checksum: ec213f2cbb96b3b5678824f24deca27b ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/openldap-static-2.0.27-3.i586.rpm MD5 checksum: bd5bfcb660bf8661f19dc1cb08852bad I686 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/openldap-2.0.27-3.i686.rpm MD5 checksum: 9584e7e94a9b30a9f5ea7506ad017343 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/openldap-devel-2.0.27-3.i686.rpm MD5 checksum: 8f7ff3981f979eb42dc810178cc622b7 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/openldap-servers-2.0.27-3.i686.rpm MD5 checksum: da9f21bc6a2cca60882d3e84e1ed2264 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/openldap-static-2.0.27-3.i686.rpm MD5 checksum: a1a4f6ab63b5f3c6b29eec399bd67c1f PowerPC Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/openldap-2.0.27-3.ppc.rpm MD5 checksum: 19981378c5f076db65bb60ceb65d35e9 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/openldap-devel-2.0.27-3.ppc.rpm MD5 checksum: df9db3bfef2552d37adf05d63756f20f ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/openldap-servers-2.0.27-3.ppc.rpm MD5 checksum: 721d7b25f8f74b3ce162ae35f432074e ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/openldap-static-2.0.27-3.ppc.rpm MD5 checksum: 769331ab2d890c90b5505ff09edb2672 - -------------------------------------------------------------------------------- - If you are using poldek add this line to poldek.conf. If you are using apt-get add this line to sources.list. For i386 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security For i586 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security For i686 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security For ppc architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security From dzimi at pld.org.pl Sat May 3 14:46:14 2003 From: dzimi at pld.org.pl (Krzysiek Taraszka) Date: Tue Dec 20 11:03:11 2005 Subject: [PLDSA 31-1] New perl-CGI-Lite packages fix arbitrary code execution Message-ID: - -------------------------------------------------------------------------= - PLD Security Advisory PLDSA 31-1 security@pld.org.pl http://www.pld.org.pl/security/ PLD Security Team 05 March 2003=09 =09=09=09http://www.pld.org.pl/security/faq - -------------------------------------------------------------------------= - Package : prior to perl-CGI-Lite-2.0-5 Vulnerability : arbitrary command execution Problem-Type : remote PLD-specific : no The CGI::Lite::escape_dangerous_chars() function fails to escape the entire set of special characters that may have significance to the underlying shell command processor. =A0When the function is used from within a web CGI script which processes arbitrary user input from some HTML form, an attacker may be able to read and/or write some or all local files and may be able to obtain shell- level access to the attacked web server. The above problems have been fixed in version 2.001-1 for the current stable distribution (ra). We recommend that you upgrade your perl-CGI-Lite packages. wget -c url =09will fetch the file for you rpm -Uhv file(s)*.rpm will upgrade the referenced file. If you are using "poldek" - the package manager, use the line as given belo= w for upgrade packages poldek --update will update the internal database poldek --upgrade 'perl-CGI-Lite*' will install corrected packages If you are using "apt" - the package manager, use the line as given below for upgrade packages apt-get update will update the internal database apt-get upgrade 'perl-CGI-Lite*' will install corrected packages PLD Linux 1.0 alias ra - -------------------- Source archives: ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/perl-CGI-Lite-2.001-1.= src.rpm MD5 checksum: d39087a05988777cf08e18b7c91dc5cd I386 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/perl-CGI-Lite-2.001-1.n= oarch.rpm MD5 checksum: 3f021b77200bb26e7994e5d296688231 I586 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/perl-CGI-Lite-2.001-1.n= oarch.rpm MD5 checksum: f0917cb4e0ab2153cc1edbc69aed44eb I686 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/perl-CGI-Lite-2.001-1.n= oarch.rpm MD5 checksum: ed9e8a0c295c9558a40c575cbfdf4cac PowerPC Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/perl-CGI-Lite-2.001-1.no= arch.rpm MD5 checksum: 5693e6249d3e88fb3d64bff373d1374b - ---------------------------------------------------------------------------= ----- - If you are using poldek add this line to poldek.conf. If you are using apt-get add this line to sources.list. For i386 architecture poldek: source =3D ra-updates-security ftp://ftp.pld.org.pl/dists/r= a/updates/security/i386/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-sec= urity For i586 architecture poldek: source =3D ra-updates-security ftp://ftp.pld.org.pl/dists/r= a/updates/security/i586/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-sec= urity For i686 architecture poldek: source =3D ra-updates-security ftp://ftp.pld.org.pl/dists/r= a/updates/security/i686/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-sec= urity For ppc architecture poldek: source =3D ra-updates-security ftp://ftp.pld.org.pl/dists/r= a/updates/security/ppc/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-secu= rity From dzimi at pld.org.pl Sat May 3 14:46:36 2003 From: dzimi at pld.org.pl (Krzysiek Taraszka) Date: Tue Dec 20 11:03:11 2005 Subject: [PLDSA 32-1] New noffle packages fix buffer overflows Message-ID: - -------------------------------------------------------------------------- PLD Security Advisory PLDSA 32-1 security@pld.org.pl http://www.pld.org.pl/security/ PLD Security Team 05 March 2003 http://www.pld.org.pl/security/faq - -------------------------------------------------------------------------- Package : prior to noffle-1.0.1-1 Vulnerability : buffer overflows Problem-Type : remote PLD-specific : no CVE references : CAN-2003-0037 Dan Jacobson noticed a problem in noffle, an offline news server, that leads to a segmentation fault. It is not yet clear whether this problem is exploitable. However, if it is, a remote attacker could trigger arbitrary code execution under the user that calls noffle, probably news. The above problems have been fixed in version 1.0.1-2 for the current stable distribution (ra). We recommend that you upgrade your noffle packages. wget -c url will fetch the file for you rpm -Uhv file(s)*.rpm will upgrade the referenced file. If you are using "poldek" - the package manager, use the line as given below for upgrade packages poldek --update will update the internal database poldek --upgrade 'noffle*' will install corrected packages If you are using "apt" - the package manager, use the line as given below for upgrade packages apt-get update will update the internal database apt-get upgrade 'noffle*' will install corrected packages PLD Linux 1.0 alias ra - -------------------- Source archives: ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/noffle-1.0.1-2.src.rpm MD5 checksum: 3ff8ad8621f9d5e69cf079bfe775a82b I386 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/noffle-1.0.1-2.i386.rpm MD5 checksum: ce8078a792e4fb38d81173d4aadbf080 I586 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/noffle-1.0.1-2.i586.rpm MD5 checksum: 7b17156b26880e38487e41ce5894a5ec I686 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/noffle-1.0.1-2.i686.rpm MD5 checksum: 4eb58b09fbdd5ee4eb968a8449e0cf91 PowerPC Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/noffle-1.0.1-2.ppc.rpm MD5 checksum: 04811cbec36899eec63e52a01d4842cb - -------------------------------------------------------------------------------- - If you are using poldek add this line to poldek.conf. If you are using apt-get add this line to sources.list. For i386 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security For i586 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security For i686 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security For ppc architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security From dzimi at pld.org.pl Sat May 3 15:42:20 2003 From: dzimi at pld.org.pl (Krzysiek Taraszka) Date: Tue Dec 20 11:03:11 2005 Subject: [PLDSA 33-1] New gimp-print packages fix buffer overflow Message-ID: - -------------------------------------------------------------------------- PLD Security Advisory PLDSA 33-1 security@pld.org.pl http://www.pld.org.pl/security/ PLD Security Team 05 March 2003 http://www.pld.org.pl/security/faq - -------------------------------------------------------------------------- Package : prior to gimp-print-4.2.2-1 Vulnerability : overflowing command line Problem-Type : local PLD-specific : no Karol Wiesek and iDefense disovered vulnerability in in the escputil binary, which has a buffer overflow in the parsing of the --printer-name command line argument. This is only possible when esputil is suid or sgid. The above problems have been fixed in version 4.2.2-2 for the current stable distribution (ra). We recommend that you upgrade your gimp-print packages. wget -c url will fetch the file for you rpm -Uhv file(s)*.rpm will upgrade the referenced file. If you are using "poldek" - the package manager, use the line as given below for upgrade packages poldek --update will update the internal database poldek --upgrade 'gimp-print*' will install corrected packages If you are using "apt" - the package manager, use the line as given below for upgrade packages apt-get update will update the internal database apt-get upgrade 'gimp-print*' will install corrected packages PLD Linux 1.0 alias ra - -------------------- Source archives: ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/gimp-print-4.2.2-2.src.rpm MD5 checksum: a627e6b9439b5f2d7a6d27a49ec45b9b I386 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/gimp-print-4.2.2-2.i386.rpm MD5 checksum: bd605bdd3f003b24c2820a5bbae76f13 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/gimp-print-cups-4.2.2-2.i386.rpm MD5 checksum: 2fd0393c7d9a85538fea5e63663fb17a ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/gimp-print-devel-4.2.2-2.i386.rpm MD5 checksum: 3ba027eeaab7cfbe3cc9864ce9336321 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/gimp-print-ijs-4.2.2-2.i386.rpm MD5 checksum: 212cf81ba3ac6ca31d401fda0af3bf90 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/gimp-print-lib-4.2.2-2.i386.rpm MD5 checksum: 2c6d1a3619ec989c95ae34e2518c9396 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/gimp-print-samples-4.2.2-2.i386.rpm MD5 checksum: 97dd689ae37f6839bc8c212f46695fd0 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/gimp-print-static-4.2.2-2.i386.rpm MD5 checksum: 1c90bc50f785263d86e015306f97b060 I586 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/gimp-print-4.2.2-2.i586.rpm MD5 checksum: 03088c8939e71c9f3c0ae4b16ccb5192 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/gimp-print-cups-4.2.2-2.i586.rpm MD5 checksum: a69395296dd91f577ad6144aefd6b9fd ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/gimp-print-devel-4.2.2-2.i586.rpm MD5 checksum: 087e3fe7e51592f8c995369a22344b06 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/gimp-print-ijs-4.2.2-2.i586.rpm MD5 checksum: 5706e334ee71ee59477b6503a8079a7e ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/gimp-print-lib-4.2.2-2.i586.rpm MD5 checksum: 0d0865dc46c511336177b4b81d6d3145 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/gimp-print-samples-4.2.2-2.i586.rpm MD5 checksum: 4bcbc0f94b492696ebed8a33c546094d ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/gimp-print-static-4.2.2-2.i586.rpm MD5 checksum: d79af9fa771ac1c803c640a3cd63ba6e I686 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/gimp-print-4.2.2-2.i686.rpm MD5 checksum: f6ab63e83f9263a0f6532d3c1816d461 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/gimp-print-cups-4.2.2-2.i686.rpm MD5 checksum: e5714e4edc6084a044c95be698f9d23d ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/gimp-print-devel-4.2.2-2.i686.rpm MD5 checksum: 4df5e6ae87ab5963235572ee62c1ee78 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/gimp-print-ijs-4.2.2-2.i686.rpm MD5 checksum: b87af2e09967c10ebe4b60c05a4fc94b ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/gimp-print-lib-4.2.2-2.i686.rpm MD5 checksum: 98f1309b0c58386e666eff31707a55b3 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/gimp-print-samples-4.2.2-2.i686.rpm MD5 checksum: fb861af78a62590dc69453da11f61da6 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/gimp-print-static-4.2.2-2.i686.rpm MD5 checksum: c9474b93388f5ebc139c1290298adc10 PowerPC Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/gimp-print-4.2.2-2.ppc.rpm MD5 checksum: 2ce54dcbf1588897b90436e44b9b418a ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/gimp-print-cups-4.2.2-2.ppc.rpm MD5 checksum: 2e404c255c7602ffce4bf7d6ba6f9d0b ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/gimp-print-devel-4.2.2-2.ppc.rpm MD5 checksum: 356670459bfdf345b3532233191f812c ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/gimp-print-ijs-4.2.2-2.ppc.rpm MD5 checksum: 4c4b0605ea11fd72eaa2d9e421ab5999 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/gimp-print-lib-4.2.2-2.ppc.rpm MD5 checksum: d424fb121b21e0248eb89081948ff67a ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/gimp-print-samples-4.2.2-2.ppc.rpm MD5 checksum: f15166d4f871017d50e50d84f9051ca5 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/gimp-print-static-4.2.2-2.ppc.rpm MD5 checksum: f588e3dcb028bf5780c82340f57cb4a3 - -------------------------------------------------------------------------------- - If you are using poldek add this line to poldek.conf. If you are using apt-get add this line to sources.list. For i386 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security For i586 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security For i686 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security For ppc architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security From dzimi at pld.org.pl Sat May 3 15:42:36 2003 From: dzimi at pld.org.pl (Krzysiek Taraszka) Date: Tue Dec 20 11:03:11 2005 Subject: [PLDSA 34-1] New cyrus-imap packages fix remote command execution Message-ID: - -------------------------------------------------------------------------- PLD Security Advisory PLDSA 34-1 security@pld.org.pl http://www.pld.org.pl/security/ PLD Security Team 05 March 2003 http://www.pld.org.pl/security/faq - -------------------------------------------------------------------------- Package : prior to cyrus-imap-2.0.16-10 Vulnerability : buffer overflow Problem-Type : remote PLD-specific : no BugTraq ID : 4713 CVE references : CAN-2002-0379 CERT advisory : VU#740169 Timo Sirainen discovered a buffer overflow in the Cyrus IMAP server, which could be exploited by a remote attacker prior to logging in. A malicious user could craft a request to run commands on the server under the UID and GID of the cyrus server. The above problems have been fixed in version 2.0.17-1 for the current stable distribution (ra). We recommend that you upgrade your cyrus-imap packages. wget -c url will fetch the file for you rpm -Uhv file(s)*.rpm will upgrade the referenced file. If you are using "poldek" - the package manager, use the line as given below for upgrade packages poldek --update will update the internal database poldek --upgrade 'cyrus-imap*' will install corrected packages If you are using "apt" - the package manager, use the line as given below for upgrade packages apt-get update will update the internal database apt-get upgrade 'cyrus-imap*' will install corrected packages PLD Linux 1.0 alias ra - -------------------- Source archives: ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/cyrus-imapd-2.0.17-1.src.rpm MD5 checksum: 4b94f6349daf1f533dd9a6236321f90e I386 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/cyrus-imapd-2.0.17-1.i386.rpm MD5 checksum: 1048a67a57e83c4754da03b2ace505b2 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/cyrus-imapd-devel-2.0.17-1.i386.rpm MD5 checksum: 18d31e1159d5f9520ff18041a33466d1 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/cyrus-imapd-static-2.0.17-1.i386.rpm MD5 checksum: 541c5e4b10ff3ca18c8578f6ef6d5faa ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/perl-cyrus-imapd-2.0.17-1.i386.rpm MD5 checksum: f2bea18117260af08d6438cb7e52fb84 I586 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/cyrus-imapd-2.0.17-1.i586.rpm MD5 checksum: ed7747e0510b255dc7dce6b7b332c473 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/cyrus-imapd-devel-2.0.17-1.i586.rpm MD5 checksum: f3cf0b1874b06d5adcb23f08c7b81229 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/cyrus-imapd-static-2.0.17-1.i586.rpm MD5 checksum: 029e40a705a0bf75cc2ba1ce32f77ea1 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/perl-cyrus-imapd-2.0.17-1.i586.rpm MD5 checksum: a9d473e0d4c190700eeb5177c1c0cce0 I686 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/cyrus-imapd-2.0.17-1.i686.rpm MD5 checksum: 519bd80b564c00f13eb07ea651452990 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/cyrus-imapd-devel-2.0.17-1.i686.rpm MD5 checksum: 5a3236e3ce204c3db39326392dcdc48b ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/cyrus-imapd-static-2.0.17-1.i686.rpm MD5 checksum: b02c93ebd088b615feffee4252029832 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/perl-cyrus-imapd-2.0.17-1.i686.rpm MD5 checksum: c7ca3cf50f9628a3816645d773474b5f PowerPC Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/cyrus-imapd-2.0.17-1.ppc.rpm MD5 checksum: f3bd6e8a12f3692c7a80edc34f26d5bc ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/cyrus-imapd-devel-2.0.17-1.ppc.rpm MD5 checksum: 486865f3d12de893313aa2e40a1cf7cf ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/cyrus-imapd-static-2.0.17-1.ppc.rpm MD5 checksum: fbf0dcf0c797665c84cd47088542af6d ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/perl-cyrus-imapd-2.0.17-1.ppc.rpm MD5 checksum: b7685fe5c16dab3c8252aa5f432c7416 - -------------------------------------------------------------------------------- - If you are using poldek add this line to poldek.conf. If you are using apt-get add this line to sources.list. For i386 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security For i586 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security For i686 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security For ppc architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security From dzimi at pld.org.pl Sat May 3 15:42:50 2003 From: dzimi at pld.org.pl (Krzysiek Taraszka) Date: Tue Dec 20 11:03:11 2005 Subject: [PLDSA 35-1] New bind packages fix buffer overrun Message-ID: - -------------------------------------------------------------------------- PLD Security Advisory PLDSA 35-1 security@pld.org.pl http://www.pld.org.pl/security/ PLD Security Team 07 March 2003 http://www.pld.org.pl/security/faq - -------------------------------------------------------------------------- Package : prior to bind-9.2.1-11 Vulnerability : buffer overrun Problem-Type : remote PLD-specific : no ISC has discovered or has been notified of several bugs which can result in vulnerabilities of varying levels of severity in BIND as distributed by ISC. One of them is security problem witch cause remote buffer overrun. The above problems have been fixed in version 9.2.2-1 for the current stable distribution (ra). We recommend that you upgrade your bind packages. wget -c url will fetch the file for you rpm -Uhv file(s)*.rpm will upgrade the referenced file. If you are using "poldek" - the package manager, use the line as given below for upgrade packages poldek --update will update the internal database poldek --upgrade 'bind*' will install corrected packages If you are using "apt" - the package manager, use the line as given below for upgrade packages apt-get update will update the internal database apt-get upgrade 'bind*' will install corrected packages PLD Linux 1.0 alias ra - -------------------- Source archives: ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/bind-9.2.2-1.src.rpm MD5 checksum: 7924bfd544b6fc6a97133b52a237850e I386 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/bind-9.2.2-1.i386.rpm MD5 checksum: 86c90722b2b81d4727d9fff31882e652 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/bind-devel-9.2.2-1.i386.rpm MD5 checksum: 318c80cdbc74aa4e25aab09b73340d44 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/bind-libs-9.2.2-1.i386.rpm MD5 checksum: 363001d3c19ea7eed9f04d7f81cd5b23 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/bind-static-9.2.2-1.i386.rpm MD5 checksum: a926e4aa71cae24bc65f395241de1619 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/bind-utils-9.2.2-1.i386.rpm MD5 checksum: 7a25c0fda2b87152d80958d719d0f7ed I586 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/bind-9.2.2-1.i586.rpm MD5 checksum: 3be3c551a249b5fe5cf4672356b32753 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/bind-devel-9.2.2-1.i586.rpm MD5 checksum: 2dfad87f402662a06565253a945cdc86 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/bind-libs-9.2.2-1.i586.rpm MD5 checksum: fda936a102ddefd2bae6dd69d1498ce1 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/bind-static-9.2.2-1.i586.rpm MD5 checksum: c83f54cebe4c27523bd6f79ed75f2145 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/bind-utils-9.2.2-1.i586.rpm MD5 checksum: 277d1014897299d0c081c5dafac93e68 I686 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/bind-9.2.2-1.i686.rpm MD5 checksum: 9d69c3ad01c33848f7236ffe13de43e3 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/bind-devel-9.2.2-1.i686.rpm MD5 checksum: d42660753fced51a7f450c7068c2e697 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/bind-libs-9.2.2-1.i686.rpm MD5 checksum: 78c70a566922fa23e9303fed3eee88e4 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/bind-static-9.2.2-1.i686.rpm MD5 checksum: bc99e19b86caddc3b01f84d5b1b88e2c ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/bind-utils-9.2.2-1.i686.rpm MD5 checksum: e98b6da3e919aa24c02d703688bf9141 PowerPC Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/bind-9.2.2-1.ppc.rpm MD5 checksum: 597e1775a401a3c2cf978687e4bce634 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/bind-devel-9.2.2-1.ppc.rpm MD5 checksum: d7c1a0b08e6785e533d2adfe2921862e ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/bind-libs-9.2.2-1.ppc.rpm MD5 checksum: 3b3823ac3a1eb70d27ac796beff01c2f ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/bind-static-9.2.2-1.ppc.rpm MD5 checksum: aa4fe45a62a95cb4dac8f2b2e93ea424 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/bind-utils-9.2.2-1.ppc.rpm MD5 checksum: 27ec8a1e4db31cd0c573e8e59fe0d942 - -------------------------------------------------------------------------------- - If you are using poldek add this line to poldek.conf. If you are using apt-get add this line to sources.list. For i386 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security For i586 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security For i686 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security For ppc architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security From dzimi at pld.org.pl Sat May 3 15:43:01 2003 From: dzimi at pld.org.pl (Krzysiek Taraszka) Date: Tue Dec 20 11:03:11 2005 Subject: [PLDSA 36-1] New file packages fix buffer overflow Message-ID: - -------------------------------------------------------------------------- PLD Security Advisory PLDSA 36-1 security@pld.org.pl http://www.pld.org.pl/security/ PLD Security Team 07 March 2003 http://www.pld.org.pl/security/faq - -------------------------------------------------------------------------- Package : prior to file-3.39-1 Vulnerability : buffer overflow Problem-Type : local PLD-specific : no CVE references : CAN-2003-0102 iDEFENSE discovered a buffer overflow vulnerability in the ELF format parsing of the "file" command, one which can be used to execute arbitrary code with the privileges of the user running the command. The vulnerability can be exploited by crafting a special ELF binary which is then input to file. This could be accomplished by leaving the binary on the file system and waiting for someone to use file to identify it, or by passing it to a service that uses file to classify input. (For example, some printer filters run file to determine how to process input going to a printer.) The above problems have been fixed in version 3.41-1 for the current stable distribution (ra). We recommend that you upgrade your file packages. wget -c url will fetch the file for you rpm -Uhv file(s)*.rpm will upgrade the referenced file. If you are using "poldek" - the package manager, use the line as given below for upgrade packages poldek --update will update the internal database poldek --upgrade 'file*' will install corrected packages If you are using "apt" - the package manager, use the line as given below for upgrade packages apt-get update will update the internal database apt-get upgrade 'file*' will install corrected packages PLD Linux 1.0 alias ra - -------------------- Source archives: ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/file-3.41-1.src.rpm MD5 checksum: 434bb61edc719a52b891bc973bf34c71 I386 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/file-3.41-1.i386.rpm MD5 checksum: 852a0a42edf5f8b0693317775c45ae01 I586 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/file-3.41-1.i586.rpm MD5 checksum: 0b1145849bd15b8a83dd91792895df01 I686 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/file-3.41-1.i686.rpm MD5 checksum: 440d39924f3a658dc5f2f43a1777a277 PowerPC Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/file-3.41-1.ppc.rpm MD5 checksum: c3ddb468e7391125a4f65771ec847d7b - -------------------------------------------------------------------------------- - If you are using poldek add this line to poldek.conf. If you are using apt-get add this line to sources.list. For i386 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security For i586 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security For i686 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security For ppc architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security From dzimi at pld.org.pl Sat May 3 15:43:12 2003 From: dzimi at pld.org.pl (Krzysiek Taraszka) Date: Tue Dec 20 11:03:11 2005 Subject: [PLDSA 37-1] New zlib packages fix remote arbitrary code execution Message-ID: - -------------------------------------------------------------------------- PLD Security Advisory PLDSA 37-1 security@pld.org.pl http://www.pld.org.pl/security/ PLD Security Team 07 March 2003 http://www.pld.org.pl/security/faq - -------------------------------------------------------------------------- Package : prior to zlib-1.1.4-5 Vulnerability : arbitrary code execution Problem-Type : remote PLD-specific : no BugTraq ID : 6913 CVE references : CAN-2003--107 Richard Kettlewell discovered a buffer overflow vulnerability in the gzprintf() function provided by zlib. If a program passes unsafe data to this function (e.g. data from remote images or network traffic), it is possible for a remote attacker to execute arbitrary code or to cause a denial of service in such programs. The above problems have been fixed in version 1.1.4-6 for the current stable distribution (ra). We recommend that you upgrade your zlib packages. wget -c url will fetch the file for you rpm -Uhv file(s)*.rpm will upgrade the referenced file. If you are using "poldek" - the package manager, use the line as given below for upgrade packages poldek --update will update the internal database poldek --upgrade 'zlib*' will install corrected packages If you are using "apt" - the package manager, use the line as given below for upgrade packages apt-get update will update the internal database apt-get upgrade 'zlib*' will install corrected packages PLD Linux 1.0 alias ra - -------------------- Source archives: ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/zlib-1.1.4-6.src.rpm MD5 checksum: a9b5435fc088396475fe155ab2538be7 I386 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/zlib-1.1.4-6.i386.rpm MD5 checksum: da902e291e0f3819cc32e81eab500b61 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/zlib-devel-1.1.4-6.i386.rpm MD5 checksum: 7e9d770fb0b7fa6322af49fe9ca1f27d ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/zlib-static-1.1.4-6.i386.rpm MD5 checksum: 6d9e532d660b3aa9bb7f079adb7b24b9 I586 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/zlib-1.1.4-6.i586.rpm MD5 checksum: fe1b5727bfaccb3fb6f9b06436dc7555 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/zlib-devel-1.1.4-6.i586.rpm MD5 checksum: 4135bde71a8f5376cccb02c5249d8f68 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/zlib-static-1.1.4-6.i586.rpm MD5 checksum: 341f87bcf82c5dcf20ff50343d559ee2 I686 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/zlib-1.1.4-6.i686.rpm MD5 checksum: 4b59c00f7b2ea62c720c7130e2c0e34d ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/zlib-devel-1.1.4-6.i686.rpm MD5 checksum: 15287f6a116141d7ed276c45ce76eda0 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/zlib-static-1.1.4-6.i686.rpm MD5 checksum: 503fd81cf6259b479c7e0b2af2062f69 PowerPC Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/zlib-1.1.4-6.ppc.rpm MD5 checksum: 9e813c04ba856148c01a4489e63d006f ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/zlib-devel-1.1.4-6.ppc.rpm MD5 checksum: 9d63e226dfb397de6b0a5478702cdc86 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/zlib-static-1.1.4-6.ppc.rpm MD5 checksum: 2c0b782e73062758dd9507f9dbac9fe0 - -------------------------------------------------------------------------------- - If you are using poldek add this line to poldek.conf. If you are using apt-get add this line to sources.list. For i386 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security For i586 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security For i686 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security For ppc architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security From dzimi at pld.org.pl Sat May 3 15:43:24 2003 From: dzimi at pld.org.pl (Krzysiek Taraszka) Date: Tue Dec 20 11:03:11 2005 Subject: [PLDSA 38-1] New php packages fix buffer overflow Message-ID: - -------------------------------------------------------------------------- PLD Security Advisory PLDSA 38-1 security@pld.org.pl http://www.pld.org.pl/security/ PLD Security Team 08 March 2003 http://www.pld.org.pl/security/faq - -------------------------------------------------------------------------- Package : prior to php-4.2.3-8 Vulnerability : buffer overflow Problem-Type : remote PLD-specific : no CVE references : CAN-2002-1396 A heap-based buffer overflow was found in the wordwrap() function in PHP versions after 4.1.2 and before 4.3.0. If wordwrap() is used on user-supplied input this could allow remote attackers to cause a denial of service or execute arbitrary code. The above problems have been fixed in version 4.2.3-9 for the current stable distribution (ra). We recommend that you upgrade your php packages. wget -c url will fetch the file for you rpm -Uhv file(s)*.rpm will upgrade the referenced file. If you are using "poldek" - the package manager, use the line as given below for upgrade packages poldek --update will update the internal database poldek --upgrade 'php*' will install corrected packages If you are using "apt" - the package manager, use the line as given below for upgrade packages apt-get update will update the internal database apt-get upgrade 'php*' will install corrected packages PLD Linux 1.0 alias ra - -------------------- Source archives: ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/php-4.2.3-9.src.rpm MD5 checksum: 2dc1a5904f35481a00122d1d02a1dc02 I386 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-4.2.3-9.i386.rpm MD5 checksum: f3e072303ba0d2600bf7454021a0835a ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-bcmath-4.2.3-9.i386.rpm MD5 checksum: e2cea56db696baf6acff108652934295 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-bzip2-4.2.3-9.i386.rpm MD5 checksum: acd961c993b63b93df8c1ec1424ca511 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-calendar-4.2.3-9.i386.rpm MD5 checksum: c2859dc14c6115f1bb843698e2ea0e7c ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-cgi-4.2.3-9.i386.rpm MD5 checksum: 60ae0e71afe55cae4078c28685e7b91f ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-common-4.2.3-9.i386.rpm MD5 checksum: a4b74b101a061c0280abef16c7f16b02 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-cpdf-4.2.3-9.i386.rpm MD5 checksum: 72173b1e6a6b04a48ae9974f466307f9 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-crack-4.2.3-9.i386.rpm MD5 checksum: b90e76ed986c54b7de53ca0c8a50f9b0 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-ctype-4.2.3-9.i386.rpm MD5 checksum: 858f8b0ce8ec2e2365d6e0874f9258d0 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-curl-4.2.3-9.i386.rpm MD5 checksum: f01a10dfb1e45f9bcfa3a5ae6cd0c66a ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-dba-4.2.3-9.i386.rpm MD5 checksum: 8c7b6a09eb8efb2d405cc5bfd4ba53e5 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-dbase-4.2.3-9.i386.rpm MD5 checksum: 5e5f3a46254aa3c05ad00fbd2233c34f ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-dbx-4.2.3-9.i386.rpm MD5 checksum: 36a629ce344b257f5ffc68a757d7d17b ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-devel-4.2.3-9.i386.rpm MD5 checksum: c98aa9c60be9cd56ef148b65fae8a103 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-dio-4.2.3-9.i386.rpm MD5 checksum: ece1bd38a434eee5e4c7331538326fbf ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-doc-4.2.3-9.i386.rpm MD5 checksum: 38d41ff1a48688d47b7d306047a1fcfd ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-domxml-4.2.3-9.i386.rpm MD5 checksum: d7fc75a816d2a6d3019c9538376d9b1a ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-exif-4.2.3-9.i386.rpm MD5 checksum: 6ece041616708ba902dc1ec67aefd648 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-filepro-4.2.3-9.i386.rpm MD5 checksum: 51dab626674e553dc2ae390845812e8e ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-ftp-4.2.3-9.i386.rpm MD5 checksum: 1a74519aa5b83b2551861d755b6f5445 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-gd-4.2.3-9.i386.rpm MD5 checksum: 2311fe3ba4cefbc93ac9f166e0368761 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-gettext-4.2.3-9.i386.rpm MD5 checksum: 2ce6121cdc20dcaf8a2f867814c80f2e ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-gmp-4.2.3-9.i386.rpm MD5 checksum: 8d6685876c744062b56077bd6a8fc85a ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-hyperwave-4.2.3-9.i386.rpm MD5 checksum: 48cdf0b7baa4f948a59b2228582104ca ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-iconv-4.2.3-9.i386.rpm MD5 checksum: 479870660dbe509b72725fbc3531b28f ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-imap-4.2.3-9.i386.rpm MD5 checksum: 1b849baf58dbebbb2da8e6b4d1d407eb ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-ldap-4.2.3-9.i386.rpm MD5 checksum: 0e3aec404c9bfe01f068f80d35eafe9b ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-mbstring-4.2.3-9.i386.rpm MD5 checksum: 316d6bf9e87e9dd36ce633bc54b9473b ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-mcal-4.2.3-9.i386.rpm MD5 checksum: 60d0ba092637584a82ee6f61c81647b6 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-mcrypt-4.2.3-9.i386.rpm MD5 checksum: 7144ee92b5633c3d321d43a71af5ef76 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-mhash-4.2.3-9.i386.rpm MD5 checksum: a215872adb3e41b724d57aa174f42d8e ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-ming-4.2.3-9.i386.rpm MD5 checksum: 0dfc463efbd7333f465489c0b70d5569 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-mnogosearch-4.2.3-9.i386.rpm MD5 checksum: 3c33ae06567c9d2147f150e5882be111 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-msession-4.2.3-9.i386.rpm MD5 checksum: dd26ee71059771c1f0e0ed7822ae678b ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-mysql-4.2.3-9.i386.rpm MD5 checksum: b38278f465f7a2900c231cec793aa755 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-odbc-4.2.3-9.i386.rpm MD5 checksum: a8d78232984e7c9483929f5667d6936a ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-openssl-4.2.3-9.i386.rpm MD5 checksum: 8cf4691543099c57c26daa42ed85783c ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-overload-4.2.3-9.i386.rpm MD5 checksum: 76b79b05b81ffb21206fb680b6e32936 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-pcre-4.2.3-9.i386.rpm MD5 checksum: 2b155ee21fe9ae597a9fe55cc721fb7d ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-pdf-4.2.3-9.i386.rpm MD5 checksum: c197bbd3b2272c900be421e11a0223fa ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-pear-4.2.3-9.i386.rpm MD5 checksum: d4a48c6118f91627ac52ce29fb000a41 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-pear-additional_classes-4.2.3-9.i386.rpm MD5 checksum: 7a9087c68adeaa66e36e415b43f7d1a8 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-pear-devel-4.2.3-9.i386.rpm MD5 checksum: 0f44877dcabccce176007bb3717eb018 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-pgsql-4.2.3-9.i386.rpm MD5 checksum: ea52772b2fcbec181495ffe173b68011 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-posix-4.2.3-9.i386.rpm MD5 checksum: 44bc7d4cec3af505a4afb760233e482a ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-pspell-4.2.3-9.i386.rpm MD5 checksum: 0398a6d291837e49b645e134fc0ca3fc ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-recode-4.2.3-9.i386.rpm MD5 checksum: 4ba642f4c2f62d47f9a2035aba0a03ee ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-shmop-4.2.3-9.i386.rpm MD5 checksum: 8c64b35bdcb652482fa049c00587db4a ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-snmp-4.2.3-9.i386.rpm MD5 checksum: 6ab340d0f86f1d66edad8951cc45e359 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-sockets-4.2.3-9.i386.rpm MD5 checksum: bec9c7f8ac4db1b9709441b6d957b73c ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-sybase-ct-4.2.3-9.i386.rpm MD5 checksum: 1317e71dbf0bc105fb1ca9b24abdaa49 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-sysvsem-4.2.3-9.i386.rpm MD5 checksum: c1bcf957704af74c599f002b1f344bda ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-sysvshm-4.2.3-9.i386.rpm MD5 checksum: 7336ce57f10e1172ee548f2384bd4e4e ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-wddx-4.2.3-9.i386.rpm MD5 checksum: edd4ea5eb9bcdde8f79124c38e336e91 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-xml-4.2.3-9.i386.rpm MD5 checksum: f04205504707837576f10345a2453101 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-xmlrpc-4.2.3-9.i386.rpm MD5 checksum: 888c0b8fed389a72c38721590a33a71a ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-xslt-4.2.3-9.i386.rpm MD5 checksum: 06aabf1c317ba9f2aa039740b16b2fa2 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-yaz-4.2.3-9.i386.rpm MD5 checksum: 26020c6bf1ba69fc6a7acfff5f405799 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-yp-4.2.3-9.i386.rpm MD5 checksum: d413275193b04341698fb5532119b6a2 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-zip-4.2.3-9.i386.rpm MD5 checksum: e6ed6532999c686779bb5cf5aeb54ad6 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-zlib-4.2.3-9.i386.rpm MD5 checksum: f039e49d675e7b38602c3831d82a1554 I586 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-4.2.3-9.i586.rpm MD5 checksum: 5996733eafe1c850df864e4ed155e398 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-bcmath-4.2.3-9.i586.rpm MD5 checksum: 698c787d45f4862b5cda935665694158 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-bzip2-4.2.3-9.i586.rpm MD5 checksum: 646dff3a535c0c559f930f1119e22abf ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-calendar-4.2.3-9.i586.rpm MD5 checksum: 7c6f613d4aea75742ebf618fd7440c6a ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-cgi-4.2.3-9.i586.rpm MD5 checksum: edb29d12c413ac7e25376ebbc124a2c7 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-common-4.2.3-9.i586.rpm MD5 checksum: a4dd478455e3d62a57e82e66318dc289 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-cpdf-4.2.3-9.i586.rpm MD5 checksum: 2478a0b0db0a943865e8174748641bd3 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-crack-4.2.3-9.i586.rpm MD5 checksum: 1cece27bab819cbc62a1f9eccfc43103 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-ctype-4.2.3-9.i586.rpm MD5 checksum: 21efdece9671df34f9a0c9b8d68fda9b ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-curl-4.2.3-9.i586.rpm MD5 checksum: a6170e720a99aae1ea0ed44822988d92 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-dba-4.2.3-9.i586.rpm MD5 checksum: ad86146ed0da186382e4064928fd7fb7 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-dbase-4.2.3-9.i586.rpm MD5 checksum: ed771885fddefc2973183c31630bd5a2 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-dbx-4.2.3-9.i586.rpm MD5 checksum: 301e51e98f109bc963e67c9fe77879d1 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-devel-4.2.3-9.i586.rpm MD5 checksum: 9f33e6d10a38990818cbfedbe30f5282 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-dio-4.2.3-9.i586.rpm MD5 checksum: b29e0b16225311e3d214a01747ae804f ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-doc-4.2.3-9.i586.rpm MD5 checksum: 3d8affc791f349fa0ce7de5ccb63f996 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-domxml-4.2.3-9.i586.rpm MD5 checksum: 1161562d4be0ab475f265a9681b24aa5 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-exif-4.2.3-9.i586.rpm MD5 checksum: 96900a62fd61c2975746bb29133407b1 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-filepro-4.2.3-9.i586.rpm MD5 checksum: 04fa0a80a69016f7050e4dffdfb87bae ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-ftp-4.2.3-9.i586.rpm MD5 checksum: c91c02582bd3a3cad0ddd2f8b565e6d3 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-gd-4.2.3-9.i586.rpm MD5 checksum: cabeb47bcf2edfc0cff43e75cc860b18 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-gettext-4.2.3-9.i586.rpm MD5 checksum: bace135f963be80a621302b2b17ddd1f ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-gmp-4.2.3-9.i586.rpm MD5 checksum: c3ccc1603989295b087f87c6f5ee8de2 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-hyperwave-4.2.3-9.i586.rpm MD5 checksum: 2febe544cb42da4d6739ea41b347ecfe ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-iconv-4.2.3-9.i586.rpm MD5 checksum: 84acd01657a51f61bf36787afdbd39ff ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-imap-4.2.3-9.i586.rpm MD5 checksum: 4416f45afe42671e7c7875a8bf7031cb ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-ldap-4.2.3-9.i586.rpm MD5 checksum: 87941291ed3508dddb575746dece602f ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-mbstring-4.2.3-9.i586.rpm MD5 checksum: bc088505fa11eacce587dc70010dedf4 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-mcal-4.2.3-9.i586.rpm MD5 checksum: 6d9e7cea341612f8a3936d56917ffa21 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-mcrypt-4.2.3-9.i586.rpm MD5 checksum: 225e63196b0b90bb76db99d5d91192de ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-mhash-4.2.3-9.i586.rpm MD5 checksum: d485e0ee0112ff6b71a5b59338861eb8 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-ming-4.2.3-9.i586.rpm MD5 checksum: 81811b22379adfc29b7a89aefe63183f ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-mnogosearch-4.2.3-9.i586.rpm MD5 checksum: e3bc3a1af6435bfa30576f9cacf8d8c9 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-msession-4.2.3-9.i586.rpm MD5 checksum: a0ca542ecf907d5d67a914e090a605c7 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-mysql-4.2.3-9.i586.rpm MD5 checksum: 98e849233fca6f1e3da138fae27735e5 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-odbc-4.2.3-9.i586.rpm MD5 checksum: 3e62c484c89c568e03b5cae966bc9753 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-openssl-4.2.3-9.i586.rpm MD5 checksum: 5abb647f96b6caf26b3a3bff544e71e2 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-overload-4.2.3-9.i586.rpm MD5 checksum: 26d26ea8c723a283b243100d85877fec ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-pcre-4.2.3-9.i586.rpm MD5 checksum: 69b4e6253f6e6cbda2f5a1298f56f0b5 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-pdf-4.2.3-9.i586.rpm MD5 checksum: eb6ef2ec2485d8bb1f7060f76d2dd862 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-pear-4.2.3-9.i586.rpm MD5 checksum: e505f146da4f6a32677d45200d9b636c ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-pear-additional_classes-4.2.3-9.i586.rpm MD5 checksum: 880d6140c8e5c35034ceebe2b2e290e1 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-pear-devel-4.2.3-9.i586.rpm MD5 checksum: c5319fb1f58978e3740aa6c08bdbf37f ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-pgsql-4.2.3-9.i586.rpm MD5 checksum: ca17f106b5e1bfa593bab4ace2e781f8 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-posix-4.2.3-9.i586.rpm MD5 checksum: 32d7242b5a97cdd5a9a94105f7a524b8 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-pspell-4.2.3-9.i586.rpm MD5 checksum: 9cc36bc692c87781bb452c77987b209a ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-recode-4.2.3-9.i586.rpm MD5 checksum: b17e44300394e2eb1b2bd1ad6760525b ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-shmop-4.2.3-9.i586.rpm MD5 checksum: 46eee94bc5ec24e6ac255ec3fa14c327 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-snmp-4.2.3-9.i586.rpm MD5 checksum: 28e7e3a8f642d73abedd235f4d87700c ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-sockets-4.2.3-9.i586.rpm MD5 checksum: a5bbe5144743064b2b2dfa735655a941 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-sybase-ct-4.2.3-9.i586.rpm MD5 checksum: febdfe2322533d26667645b5dcb88ead ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-sysvsem-4.2.3-9.i586.rpm MD5 checksum: e565cfeefa7f92788f4b56310f4d9c23 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-sysvshm-4.2.3-9.i586.rpm MD5 checksum: 403e7c9d9c44f4bba06f16134007bc99 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-wddx-4.2.3-9.i586.rpm MD5 checksum: 0a7c2679534714b54bad4718c4b06b9c ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-xml-4.2.3-9.i586.rpm MD5 checksum: 07180dfd4d00653aeb1a2e8f4de7170c ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-xmlrpc-4.2.3-9.i586.rpm MD5 checksum: 5af3652f3fbda8d71ec2db8ec0fab1e4 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-xslt-4.2.3-9.i586.rpm MD5 checksum: 89800808edd52d9eec09baf4534b990b ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-yaz-4.2.3-9.i586.rpm MD5 checksum: 2080348f303e794d9d945cfa2749e5f9 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-yp-4.2.3-9.i586.rpm MD5 checksum: b03e8df4ba9cc200a8d983febc82e6c0 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-zip-4.2.3-9.i586.rpm MD5 checksum: d970a3f141d25349797940a56763b475 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-zlib-4.2.3-9.i586.rpm MD5 checksum: 21827135be09611e01b91491b4060367 I686 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-4.2.3-9.i686.rpm MD5 checksum: a9065420e86cca41a6e3fd0c1533786e ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-bcmath-4.2.3-9.i686.rpm MD5 checksum: d9d4f6127bd989ec0658f2cf61d93545 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-bzip2-4.2.3-9.i686.rpm MD5 checksum: cecf7212af7a3bf499d2b6eee5f736ba ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-calendar-4.2.3-9.i686.rpm MD5 checksum: d01b4ee422f4074641f7f82a47c4e956 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-cgi-4.2.3-9.i686.rpm MD5 checksum: 7696aa52f74b19b6cee3c53c18f8bb4a ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-common-4.2.3-9.i686.rpm MD5 checksum: b8f95521bdb65365598197443a5e9a12 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-cpdf-4.2.3-9.i686.rpm MD5 checksum: a676e7cdc1f3634cb0c4c83f7c3979ed ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-crack-4.2.3-9.i686.rpm MD5 checksum: 59a10b3e9370b3274f21329a9fd80b06 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-ctype-4.2.3-9.i686.rpm MD5 checksum: bc4e3650f463611a2ed8ead5e58afe12 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-curl-4.2.3-9.i686.rpm MD5 checksum: 57080fc0e9306806bc3892656e9cab2f ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-dba-4.2.3-9.i686.rpm MD5 checksum: e309317dbb9e39958dd8c0a0094b003a ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-dbase-4.2.3-9.i686.rpm MD5 checksum: d2522769272214fbb46c981978d60469 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-dbx-4.2.3-9.i686.rpm MD5 checksum: 6f0936b264b8db67f3db9e549aad93cc ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-devel-4.2.3-9.i686.rpm MD5 checksum: f3b0589b0dee6df160d260239b4489a2 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-dio-4.2.3-9.i686.rpm MD5 checksum: 42e1af15d3bb5a2e8cab5083b6cacda6 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-doc-4.2.3-9.i686.rpm MD5 checksum: 1681f1fb7d13f1ee730bb926db489c1e ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-domxml-4.2.3-9.i686.rpm MD5 checksum: 782b92c6311a825ee497367c720ecff1 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-exif-4.2.3-9.i686.rpm MD5 checksum: 5382b3d35e7de3c47daae796bac5b89d ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-filepro-4.2.3-9.i686.rpm MD5 checksum: 3be1ba01059090102c609157cf9822c9 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-ftp-4.2.3-9.i686.rpm MD5 checksum: 4f174ead03ce9ad9662eacaf3e149e6c ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-gd-4.2.3-9.i686.rpm MD5 checksum: 6c7b35b321ef515b9a3bace4e688ca13 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-gettext-4.2.3-9.i686.rpm MD5 checksum: 0a253cdb49d34a5113e302d65ee59500 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-gmp-4.2.3-9.i686.rpm MD5 checksum: 848a9b1950b9c95197fd65d6cdc112cc ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-hyperwave-4.2.3-9.i686.rpm MD5 checksum: 8788b9a95b871def0782e6e3fa62ded0 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-iconv-4.2.3-9.i686.rpm MD5 checksum: 877a5f4e70d6c54fccb72d06d9035146 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-imap-4.2.3-9.i686.rpm MD5 checksum: 6e1623f9d06784783dd09bf651270d02 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-ldap-4.2.3-9.i686.rpm MD5 checksum: 70941556e5ed92cd4540273f0fb35545 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-mbstring-4.2.3-9.i686.rpm MD5 checksum: ea294d6fa1f339f3de6572bc69936bf6 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-mcal-4.2.3-9.i686.rpm MD5 checksum: 5389aebbe7cfc73aee35f56838cfb14b ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-mcrypt-4.2.3-9.i686.rpm MD5 checksum: a46d2745ee4afe47340a18010e3228a1 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-mhash-4.2.3-9.i686.rpm MD5 checksum: b444c0c215b30df35601eb60bfab7c68 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-ming-4.2.3-9.i686.rpm MD5 checksum: 175fa265ad91285e972345d85e2f2c7c ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-mnogosearch-4.2.3-9.i686.rpm MD5 checksum: 559b9d69b72f74a97dbb8c2b22a85ce8 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-msession-4.2.3-9.i686.rpm MD5 checksum: 374f98fe646b38d8c2cc8502feff542e ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-mysql-4.2.3-9.i686.rpm MD5 checksum: 3a99b8958d5bf02e9e8fe4f10b945db9 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-odbc-4.2.3-9.i686.rpm MD5 checksum: 9c5c721fc48fe14a3cb4119283af114a ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-openssl-4.2.3-9.i686.rpm MD5 checksum: 74055184f72bd40336c3a23f9653c90f ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-overload-4.2.3-9.i686.rpm MD5 checksum: 6d5df16950285cb5135eee84fe367e2c ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-pcre-4.2.3-9.i686.rpm MD5 checksum: 709a1f8db177ab784909f7cfbcca2758 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-pdf-4.2.3-9.i686.rpm MD5 checksum: 031d072bbeace91cee1677fb9858f5b4 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-pear-4.2.3-9.i686.rpm MD5 checksum: 70b8a6a9d78e98d0f774c20bf961dd06 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-pear-additional_classes-4.2.3-9.i686.rpm MD5 checksum: 69415536844cbb129b5eb12b216c2a0a ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-pear-devel-4.2.3-9.i686.rpm MD5 checksum: 45c16b50460fe30a83d5ed59f37a5be2 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-pgsql-4.2.3-9.i686.rpm MD5 checksum: 43ac21cf87485bbdf3f0c3fa95910672 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-posix-4.2.3-9.i686.rpm MD5 checksum: b92b4f9ecef3a5ee1b9be8ef5180790b ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-pspell-4.2.3-9.i686.rpm MD5 checksum: de03d794346abc3433d6675b644d4005 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-recode-4.2.3-9.i686.rpm MD5 checksum: d076338d95956bf1fc4f1b37a78762c9 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-shmop-4.2.3-9.i686.rpm MD5 checksum: 8cff814f4906be2ae20cfb1651354c2f ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-snmp-4.2.3-9.i686.rpm MD5 checksum: 54728d9b06cc9c866f6e9b063ecfd321 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-sockets-4.2.3-9.i686.rpm MD5 checksum: 2c2a2940256224eb7111757aec04b91a ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-sybase-ct-4.2.3-9.i686.rpm MD5 checksum: 266af24c552847b68ccc8bcf92667457 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-sysvsem-4.2.3-9.i686.rpm MD5 checksum: 0d1ce8a6ab979899db54ece3c7dd9af9 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-sysvshm-4.2.3-9.i686.rpm MD5 checksum: cedab55fd2fa3966e18b8f018c4361be ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-wddx-4.2.3-9.i686.rpm MD5 checksum: 51ac990b7ba8a10ab1908f0e33b82e30 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-xml-4.2.3-9.i686.rpm MD5 checksum: d742dda6c93d5b6466cf25eae1ab89b5 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-xmlrpc-4.2.3-9.i686.rpm MD5 checksum: ecd720d4fde3cfb0156ab52d18f748b7 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-xslt-4.2.3-9.i686.rpm MD5 checksum: a8df5d3cd837799f5786130fc0ca5322 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-yaz-4.2.3-9.i686.rpm MD5 checksum: f9aeec64ad277c9da0c7ac0d4e2d8464 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-yp-4.2.3-9.i686.rpm MD5 checksum: a6b61e2789ff6ce95b23bef287c33479 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-zip-4.2.3-9.i686.rpm MD5 checksum: c06ca022ce89d1eacf8bfb2e24fb4507 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-zlib-4.2.3-9.i686.rpm MD5 checksum: 9e101b5b14f13d2b000c894c8d882622 PowerPC Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-4.2.3-9.ppc.rpm MD5 checksum: c1871b03806272fb038282de215b34c6 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-bcmath-4.2.3-9.ppc.rpm MD5 checksum: 6e2597d0525672cf0d23e0ba85a9506c ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-bzip2-4.2.3-9.ppc.rpm MD5 checksum: 24e12cb8dc6287d19cff4c32687b2d9f ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-calendar-4.2.3-9.ppc.rpm MD5 checksum: 5f2bf54a79e6ec48c1d2b412ae01b060 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-cgi-4.2.3-9.ppc.rpm MD5 checksum: 7da91f54b7a40ca840152845f81439e9 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-common-4.2.3-9.ppc.rpm MD5 checksum: 9987fb932cf80a01a06ef407283cc010 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-cpdf-4.2.3-9.ppc.rpm MD5 checksum: 0682be04e675686951ea05dd3073238a ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-crack-4.2.3-9.ppc.rpm MD5 checksum: 70dabe0336bf92c53ceda562d5b3fa7c ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-ctype-4.2.3-9.ppc.rpm MD5 checksum: 6b6155fa38de4d01703c06f8bddbcfbe ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-curl-4.2.3-9.ppc.rpm MD5 checksum: 33a7fb3b6b761fbb91151f7d34173237 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-dba-4.2.3-9.ppc.rpm MD5 checksum: 5530e0e17a0173afc9368b3c90922e8a ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-dbase-4.2.3-9.ppc.rpm MD5 checksum: fae87d5ca579c65d9c669513a7fdb358 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-dbx-4.2.3-9.ppc.rpm MD5 checksum: 2603900c607a61579f6c966790552a7e ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-devel-4.2.3-9.ppc.rpm MD5 checksum: bdfc989cfc7ff7a0fcb795056ed1b439 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-dio-4.2.3-9.ppc.rpm MD5 checksum: acf2fb57503a9b3c8da2dcdcb0b06ca2 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-doc-4.2.3-9.ppc.rpm MD5 checksum: 34140b8d40cfe59d05f5caa80263d6be ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-domxml-4.2.3-9.ppc.rpm MD5 checksum: 0e44e9e1cd4c8ea4df36dca9067a7088 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-exif-4.2.3-9.ppc.rpm MD5 checksum: 5a0a9ad5882893d43fcb5a52634f05c4 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-filepro-4.2.3-9.ppc.rpm MD5 checksum: d57867a0f6195482a5616d3b694f54f7 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-ftp-4.2.3-9.ppc.rpm MD5 checksum: b3ed356989860506190a47559fbc5733 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-gd-4.2.3-9.ppc.rpm MD5 checksum: 0df04c02b9f861b7fe97e7df2bd05a92 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-gettext-4.2.3-9.ppc.rpm MD5 checksum: 2cee7ebc0f720ad48d70ce7f0d32db3c ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-gmp-4.2.3-9.ppc.rpm MD5 checksum: fa174a62d571b069977464dafb387666 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-hyperwave-4.2.3-9.ppc.rpm MD5 checksum: 2bea648d3813fa6ee0aafa9f50318247 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-iconv-4.2.3-9.ppc.rpm MD5 checksum: e1f292b653c5478594d76c75d02586f7 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-imap-4.2.3-9.ppc.rpm MD5 checksum: 9538229b5dfc818ffc93692b69598683 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-ldap-4.2.3-9.ppc.rpm MD5 checksum: 3876d0d69e22bbee5a9fda42427f1185 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-mbstring-4.2.3-9.ppc.rpm MD5 checksum: ed6a8fb8982b03875c1489987a783128 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-mcal-4.2.3-9.ppc.rpm MD5 checksum: 2ad3af79a20d882a30fb705e041f135c ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-mcrypt-4.2.3-9.ppc.rpm MD5 checksum: 4cfb040a95ba43f60ae49c8a8847cbf7 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-mhash-4.2.3-9.ppc.rpm MD5 checksum: f6f72a9463c7899a1f85606a756ea1f9 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-ming-4.2.3-9.ppc.rpm MD5 checksum: 04642783c6651438a81f3feb57c2b5c7 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-mnogosearch-4.2.3-9.ppc.rpm MD5 checksum: e8be1d5ba0867c3c15c04cd997347406 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-mysql-4.2.3-9.ppc.rpm MD5 checksum: 9e59e9e1ac724270e7d6633745df2b96 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-odbc-4.2.3-9.ppc.rpm MD5 checksum: 7d7f512035b32900458148faa8ad5723 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-openssl-4.2.3-9.ppc.rpm MD5 checksum: 79ad49767e3540691bcd5fea74240c90 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-overload-4.2.3-9.ppc.rpm MD5 checksum: 21f7d2c026565c23f31781ada6e4ff9f ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-pcre-4.2.3-9.ppc.rpm MD5 checksum: ef0c89c5bfb625f429d16acff90df3ba ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-pdf-4.2.3-9.ppc.rpm MD5 checksum: c3825df7c9b64db938354560ce73bdf1 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-pear-4.2.3-9.ppc.rpm MD5 checksum: 1b93216fc03c03c4afae2bd03bd70be8 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-pear-additional_classes-4.2.3-9.ppc.rpm MD5 checksum: 4bac5a08e665f76d42cf4b17455092ce ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-pear-devel-4.2.3-9.ppc.rpm MD5 checksum: 5cde9775bf664860666e3abe30a77e6f ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-pgsql-4.2.3-9.ppc.rpm MD5 checksum: b42a4de76dc9e6e574cc50dd66712b30 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-posix-4.2.3-9.ppc.rpm MD5 checksum: 1f2c43c0d483682c3d037dc32f118175 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-pspell-4.2.3-9.ppc.rpm MD5 checksum: d4acc6628383243586d3efd6995ded34 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-recode-4.2.3-9.ppc.rpm MD5 checksum: 6408a900056bc381f82fd3c92e68a6e8 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-shmop-4.2.3-9.ppc.rpm MD5 checksum: a8f084b8dfd4ddb94ab3f4b3b62fa9f3 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-snmp-4.2.3-9.ppc.rpm MD5 checksum: d67cc2cd676625fb476f5bf1446edbba ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-sockets-4.2.3-9.ppc.rpm MD5 checksum: 244e85e7668113620311704d90f2eed5 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-sybase-ct-4.2.3-9.ppc.rpm MD5 checksum: b4150c75fbd61cfc7404a92b13ce3a5f ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-sysvsem-4.2.3-9.ppc.rpm MD5 checksum: 213ebaf14f093b2d2b11a0e7e3e9f52b ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-sysvshm-4.2.3-9.ppc.rpm MD5 checksum: ae2e08ff5bc680b501182ad5fd075e81 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-wddx-4.2.3-9.ppc.rpm MD5 checksum: 0a2afa507c110088059c494e80dbba2c ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-xml-4.2.3-9.ppc.rpm MD5 checksum: 859155a12b5ab4ad778a0f36c88d8235 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-xmlrpc-4.2.3-9.ppc.rpm MD5 checksum: 6b2c3c904362aa0e4fdfdec23489001f ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-xslt-4.2.3-9.ppc.rpm MD5 checksum: c7f08f75c8afdec1e9ae46ed0abdc0ae ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-yaz-4.2.3-9.ppc.rpm MD5 checksum: cc71e0f928eb35f8c49cf543e3237ab8 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-yp-4.2.3-9.ppc.rpm MD5 checksum: 1a8a26f42e796a21fa49cbe651018a36 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-zip-4.2.3-9.ppc.rpm MD5 checksum: 69cada9f53f874feadc05bebfcc27cde ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-zlib-4.2.3-9.ppc.rpm MD5 checksum: 6d18cb262b0aab797a27bf19d0e4dede - -------------------------------------------------------------------------------- - If you are using poldek add this line to poldek.conf. If you are using apt-get add this line to sources.list. For i386 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security For i586 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security For i686 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security For ppc architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security From dzimi at pld.org.pl Sat May 3 15:43:50 2003 From: dzimi at pld.org.pl (Krzysiek Taraszka) Date: Tue Dec 20 11:03:11 2005 Subject: [PLDSA 40-1] New docbook-utils packages fix default wrong options Message-ID: - -------------------------------------------------------------------------- PLD Security Advisory PLDSA 40-1 security@pld.org.pl http://www.pld.org.pl/security/ PLD Security Team 10 March 2003 http://www.pld.org.pl/security/faq - -------------------------------------------------------------------------- Package : prior to docbook-utils-0.6.12-1 Vulnerability : wrong options Problem-Type : local PLD-specific : yes docbook-utils is a group of little scripts allow to convert easily DocBook files to other formats (HTML, RTF, PostScript...), and to compare SGML files. Default configuration used use-id-as-filename in default stylesheet. It is potentially dangerous and shouldn't be set. If needed, one must use alternative stylesheet or enable it from command line (e.g. by -V'%use-id-as-filename%'). The above problems have been fixed in version 0.6.12-2 for the current stable distribution (ra). We recommend that you upgrade your docbook-utils packages. wget -c url will fetch the file for you rpm -Uhv file(s)*.rpm will upgrade the referenced file. If you are using "poldek" - the package manager, use the line as given below for upgrade packages poldek --update will update the internal database poldek --upgrade 'docbook-utils*' will install corrected packages If you are using "apt" - the package manager, use the line as given below for upgrade packages apt-get update will update the internal database apt-get upgrade 'docbook-utils*' will install corrected packages PLD Linux 1.0 alias ra - -------------------- Source archives: ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/docbook-utils-0.6.12-2.src.rpm MD5 checksum: 1023d3c596a2cebfe5eb68fa633d84a7 I386 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/docbook-utils-0.6.12-2.noarch.rpm MD5 checksum: 3755554aba0c6b3a507382c00f7b7cd0 I586 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/docbook-utils-0.6.12-2.noarch.rpm MD5 checksum: ab85e16be6ed68fb4b6eedf68a44cf00 I686 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/docbook-utils-0.6.12-2.noarch.rpm MD5 checksum: 462173e1d5eb482c3f4e9ae580e26fea PowerPC Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/docbook-utils-0.6.12-2.noarch.rpm MD5 checksum: a733ada5822962e2676d42f5581fef41 - -------------------------------------------------------------------------------- - If you are using poldek add this line to poldek.conf. If you are using apt-get add this line to sources.list. For i386 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security For i586 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security For i686 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security For ppc architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security From dzimi at pld.org.pl Sat May 3 15:43:38 2003 From: dzimi at pld.org.pl (Krzysiek Taraszka) Date: Tue Dec 20 11:03:11 2005 Subject: [PLDSA 39-1] New ethereal packages fix local arbitrary code execution Message-ID: - -------------------------------------------------------------------------- PLD Security Advisory PLDSA 39-1 security@pld.org.pl http://www.pld.org.pl/security/ PLD Security Team 10 March 2003 http://www.pld.org.pl/security/faq - -------------------------------------------------------------------------- Package : prior to ethereal-0.9.8-1 Vulnerability : arbitrary code execution Problem-Type : local PLD-specific : no Upstream URL : www.ethereal.com/appnotes/enpa-sa-00008.html It may be possible to make Ethereal crash or run arbitrary code by injecting a purposefully malformed packet onto the wire, or by convincing someone to read a malformed packet trace file. The above problems have been fixed in version 0.9.10-1 for the current stable distribution (ra). We recommend that you upgrade your ethereal packages. wget -c url will fetch the file for you rpm -Uhv file(s)*.rpm will upgrade the referenced file. If you are using "poldek" - the package manager, use the line as given below for upgrade packages poldek --update will update the internal database poldek --upgrade 'ethereal*' will install corrected packages If you are using "apt" - the package manager, use the line as given below for upgrade packages apt-get update will update the internal database apt-get upgrade 'ethereal*' will install corrected packages PLD Linux 1.0 alias ra - -------------------- Source archives: ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/ethereal-0.9.10-1.src.rpm MD5 checksum: 981cf88210f050a967d43521ceb5704d ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/tethereal-0.9.10-1.src.rpm MD5 checksum: 54643884708bcda19dcc311c12c44dd5 I386 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ethereal-0.9.10-1.i386.rpm MD5 checksum: 4f2903f2826a281140af69dd8a87171c ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ethereal-common-0.9.10-1.i386.rpm MD5 checksum: 0ecd5a9ec258b47a18f3c91ed543ef19 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ethereal-tools-0.9.10-1.i386.rpm MD5 checksum: 089a7dcedeafc8881eb5628426223e32 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/tethereal-0.9.10-1.i386.rpm MD5 checksum: 7bf9643292635b6bbf575083f6ad678a I586 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ethereal-0.9.10-1.i586.rpm MD5 checksum: ea9aaba4b67be1b55ec690945a300484 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ethereal-common-0.9.10-1.i586.rpm MD5 checksum: bca269bf8d74310f6f012865629f165c ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ethereal-tools-0.9.10-1.i586.rpm MD5 checksum: c7b174138440fba96cdffb87f9f26c8e ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/tethereal-0.9.10-1.i586.rpm MD5 checksum: 299b9a21570b11d02b2eb0f92d841196 I686 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ethereal-0.9.10-1.i686.rpm MD5 checksum: f2d1decbc8e510db60f6b9eae2c96c74 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ethereal-common-0.9.10-1.i686.rpm MD5 checksum: 67829b30c17193b09d9f842e3f7ee3af ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ethereal-tools-0.9.10-1.i686.rpm MD5 checksum: 524f1180453aafcf865519ce44136c12 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/tethereal-0.9.10-1.i686.rpm MD5 checksum: 2c80824d5c8349a08ae4306ce4d6bee0 PowerPC Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ethereal-0.9.10-1.ppc.rpm MD5 checksum: c68f8a9ce8071bfadee826d474c5f726 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ethereal-common-0.9.10-1.ppc.rpm MD5 checksum: 7af991d805a5035eb46801c259dc276d ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ethereal-tools-0.9.10-1.ppc.rpm MD5 checksum: 7d1099cd8b9c231e55a4c46f226ff2ab ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/tethereal-0.9.10-1.ppc.rpm MD5 checksum: e133202b6dc5e5e98ac7250d7a6048b6 - -------------------------------------------------------------------------------- - If you are using poldek add this line to poldek.conf. If you are using apt-get add this line to sources.list. For i386 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security For i586 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security For i686 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security For ppc architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security From dzimi at pld.org.pl Sat May 3 15:44:07 2003 From: dzimi at pld.org.pl (Krzysiek Taraszka) Date: Tue Dec 20 11:03:11 2005 Subject: [PLDSA 41-1] New mozilla packages fix several vulnerabilities Message-ID: - -------------------------------------------------------------------------- PLD Security Advisory PLDSA 41-1 security@pld.org.pl http://www.pld.org.pl/security/ PLD Security Team 10 March 2003 http://www.pld.org.pl/security/faq - -------------------------------------------------------------------------- Package : prior to mozilla-1.0-10 Vulnerability : several Problem-Type : remote PLD-specific : no Mozilla 1.0.2 contains stability and security improvements. 1.0.2 also has fixes for standards support, UI correctness and polish, performance, and site compatibility. We recommend that you upgrade your mozilla packages. wget -c url will fetch the file for you rpm -Uhv file(s)*.rpm will upgrade the referenced file. If you are using "poldek" - the package manager, use the line as given below for upgrade packages poldek --update will update the internal database poldek --upgrade 'mozilla*' will install corrected packages If you are using "apt" - the package manager, use the line as given below for upgrade packages apt-get update will update the internal database apt-get upgrade 'mozilla*' will install corrected packages PLD Linux 1.0 alias ra - -------------------- Source archives: ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/mozilla-1.0.2-1.src.rpm MD5 checksum: 7b7a9d633cc8408b7f08ca375ed971d7 ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/nspr-4.2.2-2.src.rpm MD5 checksum: b6299299ee9cceb9bee388c9a4d922b0 ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/nss-3.6-1.src.rpm MD5 checksum: bad578ede5704db8bf5a2998141b8ca4 ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/galeon-1.2.7-2.src.rpm MD5 checksum: 1c3f8a8602f53caa3d1cb12a5daefe87 ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/light-1.4.12-2.src.rpm MD5 checksum: 9f7dee02f9637eac2fe7987c49c27e2d ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/skipstone-0.8.3-5.src.rpm MD5 checksum: b58630e40719e0f9b5b0e51ef8b9c510 I386 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/mozilla-1.0.2-1.i386.rpm MD5 checksum: 7c3575fd989b4706723d883cb9cf5f47 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/mozilla-devel-1.0.2-1.i386.rpm MD5 checksum: 1a5ba96c928ea7bbe725f1a8ab1ee0e6 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/mozilla-mailnews-1.0.2-1.i386.rpm MD5 checksum: 1662dc268fa59283aa8a3d50c9042193 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/nspr-4.2.2-2.i386.rpm MD5 checksum: f92bcd07927bee74cadd298488f9c8a6 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/nspr-devel-4.2.2-2.i386.rpm MD5 checksum: fbcddc08508bfa1c6b2bfbc51fab78e7 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/nspr-static-4.2.2-2.i386.rpm MD5 checksum: 20ea5fc760f8ecb669157e19472d77e6 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/nss-3.6-1.i386.rpm MD5 checksum: ee65ab5fb2b9cf3a5dfe4253761ad855 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/nss-devel-3.6-1.i386.rpm MD5 checksum: cfc5ff34f519d62e3796b0e98ac2c3e0 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/nss-static-3.6-1.i386.rpm MD5 checksum: 966cdaaea494e030b4d0f8492278b466 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/nss-tools-3.6-1.i386.rpm MD5 checksum: d8560f7d7475b24cce5430c7aedaf16f ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/galeon-1.2.7-2.i386.rpm MD5 checksum: 2bf9da74405d2b21cfa270735198e665 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/light-1.4.12-2.i386.rpm MD5 checksum: 2bcc35da1777f84809a97427a0c508bf ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/skipstone-0.8.3-5.i386.rpm MD5 checksum: c72932b27affc3a4fc495c7aa9245797 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/skipstone-plugins-0.8.3-5.i386.rpm MD5 checksum: 17db592152b17c60b892e96756bfcaa5 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/skipstone-plugins-gdkpixbuf-0.8.3-5.i386.rpm MD5 checksum: e7bb07044fa97bf4705c55d90000957c I586 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/mozilla-1.0.2-1.i586.rpm MD5 checksum: 192d53acb05d7fa9b9d8fafeff8a3d0f ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/mozilla-devel-1.0.2-1.i586.rpm MD5 checksum: a219410a9a7f154a64d62ec23a2845b7 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/mozilla-mailnews-1.0.2-1.i586.rpm MD5 checksum: 1c9901070ba575e3819ec9751c52abf3 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/nspr-4.2.2-2.i586.rpm MD5 checksum: d42bec022ab6e56bfea325ccd1e6d5cc ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/nspr-devel-4.2.2-2.i586.rpm MD5 checksum: 7298ba62a041cebb1f8b38742a859902 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/nspr-static-4.2.2-2.i586.rpm MD5 checksum: 97b9f25bd6283c1ba25424b7d3840d98 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/nss-3.6-1.i586.rpm MD5 checksum: dc005ccc0381a388629665d50f8266e3 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/nss-devel-3.6-1.i586.rpm MD5 checksum: 555a287df2ddd50b66f2078043790fab ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/nss-static-3.6-1.i586.rpm MD5 checksum: 2aef462930a524e43d92f0909b70f3d4 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/nss-tools-3.6-1.i586.rpm MD5 checksum: aaadcd04dcc471e78f497c5fc1d915f1 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/galeon-1.2.7-2.i586.rpm MD5 checksum: 68d28a36fae298c165c44b26754b40c0 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/light-1.4.12-2.i586.rpm MD5 checksum: 84eda3b2e127f4465161f268c59ba3b1 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/skipstone-0.8.3-5.i586.rpm MD5 checksum: 3136c69ffcdac1c17d4eb72a6c4af58a ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/skipstone-plugins-0.8.3-5.i586.rpm MD5 checksum: 9246016fc84137a260a66c3fb123d7c0 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/skipstone-plugins-gdkpixbuf-0.8.3-5.i586.rpm MD5 checksum: a9f1fc9d1870a95b561e0b0e1a252190 I686 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/mozilla-1.0.2-1.i686.rpm MD5 checksum: 27397534eb8c1c0f4e7e321e31999143 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/mozilla-devel-1.0.2-1.i686.rpm MD5 checksum: fde3455be89e79827fda3155b601b00a ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/mozilla-mailnews-1.0.2-1.i686.rpm MD5 checksum: d4a8a092def1faa6408326afc484d915 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/nspr-4.2.2-2.i686.rpm MD5 checksum: abdd5298d94e6cfd64d8135d269f4932 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/nspr-devel-4.2.2-2.i686.rpm MD5 checksum: ac0d738d77ed320c86cb73d1c897f214 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/nspr-static-4.2.2-2.i686.rpm MD5 checksum: e32cd5c556819a5079b2528597509b9f ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/nss-3.6-1.i686.rpm MD5 checksum: 5b562696f73341ff50e262b3c440626c ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/nss-devel-3.6-1.i686.rpm MD5 checksum: 38b07270c2134a7d12fc5b91708ba1ba ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/nss-static-3.6-1.i686.rpm MD5 checksum: aa4b19ab6aaff0c10477abcfa220c857 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/nss-tools-3.6-1.i686.rpm MD5 checksum: 853eb46d68624833dc7529874b11c3db ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/galeon-1.2.7-2.i686.rpm MD5 checksum: 82e0c81d8affdda843f77cafb884edfc ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/light-1.4.12-2.i686.rpm MD5 checksum: 33ebbd1c042fe629f75039913c2234b5 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/skipstone-0.8.3-5.i686.rpm MD5 checksum: fa2ae3f325e2572ecfdc51900e10357a ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/skipstone-plugins-0.8.3-5.i686.rpm MD5 checksum: 3666bfa441493125f3f530e96dc7e1c4 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/skipstone-plugins-gdkpixbuf-0.8.3-5.i686.rpm MD5 checksum: 68242ca5472c99a8490658ce06167417 PowerPC Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/mozilla-1.0.2-1.ppc.rpm MD5 checksum: df1a7dccb8c669255a53484a31b8a500 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/mozilla-devel-1.0.2-1.ppc.rpm MD5 checksum: 19f475adc4d75f7c8d67b19d61e19803 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/mozilla-mailnews-1.0.2-1.ppc.rpm MD5 checksum: 192024f4b7423a278c9d5e8f8b4cc6cb ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/nspr-4.2.2-2.ppc.rpm MD5 checksum: f36df7e298bfd285e1f87288b4933977 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/nspr-devel-4.2.2-2.ppc.rpm MD5 checksum: 48455790ace82c380e990dd034173a45 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/nspr-static-4.2.2-2.ppc.rpm MD5 checksum: 40bc7322f8e0085a8f02097ad6b76d49 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/nss-3.6-1.ppc.rpm MD5 checksum: 6ea1176aabc2939a3b177a82199967cb ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/nss-devel-3.6-1.ppc.rpm MD5 checksum: f6e3ed2d7d0aedc958bc04517be85ea9 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/nss-static-3.6-1.ppc.rpm MD5 checksum: 0555382f6eeca278e55e5b9d37cbd568 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/nss-tools-3.6-1.ppc.rpm MD5 checksum: 18da203d6131c15a809159c42e0bbdd8 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/galeon-1.2.7-2.ppc.rpm MD5 checksum: ac04cad0022b4a4c82a980de34b674c7 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/light-1.4.12-2.ppc.rpm MD5 checksum: 2864599ac19fe2c51cd0f1658555c49e ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/skipstone-0.8.3-5.ppc.rpm MD5 checksum: 8ea34d3ea402b1a0d1c27ace8ffdc73c ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/skipstone-plugins-0.8.3-5.ppc.rpm MD5 checksum: d8547892617f114b84d19db4c308a6c1 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/skipstone-plugins-gdkpixbuf-0.8.3-5.ppc.rpm MD5 checksum: 7c600ba99b11bdfe718525fc10f6bdbd - -------------------------------------------------------------------------------- - If you are using poldek add this line to poldek.conf. If you are using apt-get add this line to sources.list. For i386 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security For i586 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security For i686 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security For ppc architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security From dzimi at pld.org.pl Sat May 3 15:44:17 2003 From: dzimi at pld.org.pl (Krzysiek Taraszka) Date: Tue Dec 20 11:03:11 2005 Subject: [PLDSA 42-1] New w3m packages fix cookie information leak Message-ID: - -------------------------------------------------------------------------- PLD Security Advisory PLDSA 42-1 security@pld.org.pl http://www.pld.org.pl/security/ PLD Security Team 11 March 2003 http://www.pld.org.pl/security/faq - -------------------------------------------------------------------------- Package : prior to w3m-0.3.1-2 Vulnerability : missing HTML quoting Problem-Type : remote PLD-specific : no CVE references : CAN-2002-1335, CAN-2002-1348 Hironori Sakamoto, one of the w3m developers, found two security vulnerabilities in w3m and associated programs. The w3m browser does not properly escape HTML tags in frame contents and img alt attributes. A malicious HTML frame or img alt attribute may deceive a user to send his local cookies which are used for configuration. The information is not leaked automatically, though. The above problems have been fixed in version 0.3.1-3 for the current stable distribution (ra). We recommend that you upgrade your w3m packages. wget -c url will fetch the file for you rpm -Uhv file(s)*.rpm will upgrade the referenced file. If you are using "poldek" - the package manager, use the line as given below for upgrade packages poldek --update will update the internal database poldek --upgrade 'w3m*' will install corrected packages If you are using "apt" - the package manager, use the line as given below for upgrade packages apt-get update will update the internal database apt-get upgrade 'w3m*' will install corrected packages PLD Linux 1.0 alias ra - -------------------- Source archives: ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/w3m-0.3.1-3.src.rpm MD5 checksum: 867862e313ca0c22fc5db67236a927e5 I386 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/w3m-0.3.1-3.i386.rpm MD5 checksum: ddcc5f22b9b274d2bfbbbb43724b7148 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/w3m-imgdisplay-0.3.1-3.i386.rpm MD5 checksum: d94d236ce7d0fc6de53b55db760bbb88 I586 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/w3m-0.3.1-3.i586.rpm MD5 checksum: 455e1ebf9e0220e0cccda1cb801a97c6 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/w3m-imgdisplay-0.3.1-3.i586.rpm MD5 checksum: f8195ea5ddf5cade4877576fc62b1784 I686 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/w3m-0.3.1-3.i686.rpm MD5 checksum: bafc80fe0a404f9a05efea7d97d9a5a5 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/w3m-imgdisplay-0.3.1-3.i686.rpm MD5 checksum: 773fb5f1f775f063a1b3a8dd6c96f801 PowerPC Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/w3m-0.3.1-3.ppc.rpm MD5 checksum: 3bfcedf6a8ea3c90413b487618509430 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/w3m-imgdisplay-0.3.1-3.ppc.rpm MD5 checksum: 7ead2cf261753a060b0f36be15922210 - -------------------------------------------------------------------------------- - If you are using poldek add this line to poldek.conf. If you are using apt-get add this line to sources.list. For i386 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security For i586 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security For i686 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security For ppc architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security From dzimi at pld.org.pl Sat May 3 15:44:29 2003 From: dzimi at pld.org.pl (Krzysiek Taraszka) Date: Tue Dec 20 11:03:11 2005 Subject: [PLDSA 43-1] New man packages fix local arbitrary code execution Message-ID: - -------------------------------------------------------------------------- PLD Security Advisory PLDSA 43-1 security@pld.org.pl http://www.pld.org.pl/security/ PLD Security Team 12 March 2003 http://www.pld.org.pl/security/faq - -------------------------------------------------------------------------- Package : prior to man-1.5k-2 Vulnerability : arbitrary code execution Problem-Type : local PLD-specific : no Fixed a bug which results in arbitrary code execution upon reading a specially formatted man file. The basic problem is, upon finding a string with a quoting problem, the function my_xsprintf in util.c will return "unsafe" (rather than returning a string which could be interpreted by the shell). This return value is passed directly to system(3) - meaning if there is any program named `unsafe`, it will execute with the privs of the user. The above problems have been fixed in version 1.5l-2 for the current stable distribution (ra). We recommend that you upgrade your man packages. wget -c url will fetch the file for you rpm -Uhv file(s)*.rpm will upgrade the referenced file. If you are using "poldek" - the package manager, use the line as given below for upgrade packages poldek --update will update the internal database poldek --upgrade 'man*' will install corrected packages If you are using "apt" - the package manager, use the line as given below for upgrade packages apt-get update will update the internal database apt-get upgrade 'man*' will install corrected packages PLD Linux 1.0 alias ra - -------------------- Source archives: ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/man-1.5l-2.src.rpm MD5 checksum: 595606ee0a81dce6eacdf96ba717417c I386 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/man-1.5l-2.i386.rpm MD5 checksum: 2709f11b7d2ca8d1dbbd131261a83005 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/man-config-1.5l-2.i386.rpm MD5 checksum: dd7702e6f0598e789b6370c4bd20934b ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/man2html-1.5l-2.i386.rpm MD5 checksum: 378a3dc6d7219ba3201bcc211b56d786 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/man2html-cgi-1.5l-2.i386.rpm MD5 checksum: 586807b7f589145676186f1f86f53966 I586 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/man-1.5l-2.i586.rpm MD5 checksum: afd94a18e2a45c642242302b25a02f0c ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/man-config-1.5l-2.i586.rpm MD5 checksum: 53ede41c5fb67c4c7644b10696917844 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/man2html-1.5l-2.i586.rpm MD5 checksum: fcfa78a53b5ced56cefea0b17c4abe95 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/man2html-cgi-1.5l-2.i586.rpm MD5 checksum: 4114d258244dbef825225f6d3de58241 I686 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/man-1.5l-2.i686.rpm MD5 checksum: 7bb26abd0a97006583d17da13f961f44 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/man-config-1.5l-2.i686.rpm MD5 checksum: be1270911fcfe2d3e6aae42ecc778153 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/man2html-1.5l-2.i686.rpm MD5 checksum: 08726e20b0affac35ce75106d82b2f72 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/man2html-cgi-1.5l-2.i686.rpm MD5 checksum: b6c32e83ded4dbe3bd5e1f2736cd565e PowerPC Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/man-1.5l-2.ppc.rpm MD5 checksum: b8aecacc233f8947c7197adabe0dcad6 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/man-config-1.5l-2.ppc.rpm MD5 checksum: 2d392580575bed95d75d36dbbe3415f9 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/man2html-1.5l-2.ppc.rpm MD5 checksum: 55ad895178d5742211b724f04f2b2db4 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/man2html-cgi-1.5l-2.ppc.rpm MD5 checksum: 0120cca3bc155dc3b53aff47a7341be8 - -------------------------------------------------------------------------------- - If you are using poldek add this line to poldek.conf. If you are using apt-get add this line to sources.list. For i386 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security For i586 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security For i686 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security For ppc architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security From dzimi at pld.org.pl Sat May 3 15:44:40 2003 From: dzimi at pld.org.pl (Krzysiek Taraszka) Date: Tue Dec 20 11:03:11 2005 Subject: [PLDSA 44-1] New BitchX packages fix buffer overflow Message-ID: - -------------------------------------------------------------------------- PLD Security Advisory PLDSA 44-1 security@pld.org.pl http://www.pld.org.pl/security/ PLD Security Team 16 March 2003 http://www.pld.org.pl/security/faq - -------------------------------------------------------------------------- Package : prior to BitchX-1.0c19-1 Vulnerability : buffer overflow Problem-Type : remote PLD-specific : no Upstream URL : marc.theaimsgroup.com/?l=bugtraq&m=104766521328322&w=2 Timo Sirainen discovered a problem in the BitchX - attacker could do buffer overflow using sprintf(). There's multiple ways to exploit it by giving near-BIG_BUFFER_SIZE strings in various places. The above problems have been fixed in version 1.0c19-4 for the current stable distribution (ra). We recommend that you upgrade your BitchX packages. wget -c url will fetch the file for you rpm -Uhv file(s)*.rpm will upgrade the referenced file. If you are using "poldek" - the package manager, use the line as given below for upgrade packages poldek --update will update the internal database poldek --upgrade 'BitchX*' will install corrected packages If you are using "apt" - the package manager, use the line as given below for upgrade packages apt-get update will update the internal database apt-get upgrade 'BitchX*' will install corrected packages PLD Linux 1.0 alias ra - -------------------- Source archives: ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/BitchX-1.0c19-4.src.rpm MD5 checksum: 933809b3b43346813a7d8e9eb112878a I386 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/BitchX-1.0c19-4.i386.rpm MD5 checksum: a7b5049bd715b97590877bcb4de4b2b4 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/BitchX-europa-1.0c19-4.i386.rpm MD5 checksum: 430ff153569ee423aa87a3e57196b58a I586 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/BitchX-1.0c19-4.i586.rpm MD5 checksum: 2f809b070db031b0723e2944b8222898 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/BitchX-europa-1.0c19-4.i586.rpm MD5 checksum: d1d6d437c1835a2df5dc1a0ebe0ca720 I686 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/BitchX-1.0c19-4.i686.rpm MD5 checksum: 8350007ff501d22fbffd23086806694b ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/BitchX-europa-1.0c19-4.i686.rpm MD5 checksum: f5a152f88b970315b3eae613c7d20477 PowerPC Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/BitchX-1.0c19-4.ppc.rpm MD5 checksum: f7a8ac841a3adbc82500225e1fb73d3b ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/BitchX-europa-1.0c19-4.ppc.rpm MD5 checksum: ae8f48a7a02863f66c7d663dbf215f9a - -------------------------------------------------------------------------------- - If you are using poldek add this line to poldek.conf. If you are using apt-get add this line to sources.list. For i386 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security For i586 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security For i686 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security For ppc architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security From dzimi at pld.org.pl Sat May 3 15:45:02 2003 From: dzimi at pld.org.pl (Krzysiek Taraszka) Date: Tue Dec 20 11:03:11 2005 Subject: [PLDSA 46-1] New mutt packages fix arbitrary code execution Message-ID: - -------------------------------------------------------------------------- PLD Security Advisory PLDSA 46-1 security@pld.org.pl http://www.pld.org.pl/security/ PLD Security Team 22 March 2003 http://www.pld.org.pl/security/faq - -------------------------------------------------------------------------- Package : prior to mutt-1.4-4 Vulnerability : buffer overflow Problem-Type : remote PLD-specific : no CVE references : CAN-2003-0140 Byrial Jensen discovered a couple of off-by-one buffer overflow in the IMAP code of Mutt, a text-oriented mail reader supporting IMAP, MIME, GPG, PGP and threading. This problem could potentially allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafted mail folder. The above problems have been fixed in version 1.4.1-1 for the current stable distribution (ra). We recommend that you upgrade your mutt packages. wget -c url will fetch the file for you rpm -Uhv file(s)*.rpm will upgrade the referenced file. If you are using "poldek" - the package manager, use the line as given below for upgrade packages poldek --update will update the internal database poldek --upgrade 'mutt*' will install corrected packages If you are using "apt" - the package manager, use the line as given below for upgrade packages apt-get update will update the internal database apt-get upgrade 'mutt*' will install corrected packages PLD Linux 1.0 alias ra - -------------------- Source archives: ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/mutt-1.4.1-1.src.rpm MD5 checksum: 39807c578761d1bddfb3857efc8326cc I386 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/mutt-1.4.1-1.i386.rpm MD5 checksum: f2c659107cedba8e866cae417832ee19 I586 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/mutt-1.4.1-1.i586.rpm MD5 checksum: a6f1f5461a1988875187b1a3c6acab71 I686 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/mutt-1.4.1-1.i686.rpm MD5 checksum: 0f83100385c7bd9e6c06a509452930a3 PowerPC Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/mutt-1.4.1-1.ppc.rpm MD5 checksum: 3c6b9329f585c108463eb67923d2cdf2 - -------------------------------------------------------------------------------- - If you are using poldek add this line to poldek.conf. If you are using apt-get add this line to sources.list. For i386 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security For i586 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security For i686 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security For ppc architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security From dzimi at pld.org.pl Sat May 3 15:44:51 2003 From: dzimi at pld.org.pl (Krzysiek Taraszka) Date: Tue Dec 20 11:03:11 2005 Subject: [PLDSA 45-1] New glibc packages fix arbitrary code execution Message-ID: - -------------------------------------------------------------------------- PLD Security Advisory PLDSA 45-1 security@pld.org.pl http://www.pld.org.pl/security/ PLD Security Team 21 March 2003 http://www.pld.org.pl/security/faq - -------------------------------------------------------------------------- Package : prior to glibc-2.2.5-22 Vulnerability : integer overflow Problem-Type : remote PLD-specific : no CVE references : CAN-2003-0028 Upstream URL : www.eeye.com/html/Research/Advisories/AD20030318.html eEye Digital Security discovered an integer overflow in the xdrmem_getbytes() function which is also present in GNU libc. This function is part of the XDR (external data representation) encoder/decoder derived from Sun's RPC implementation. Depending upon the application, this vulnerability can cause buffer overflows and could possibly be exploited to execute arbitray code. The above problems have been fixed in version 2.2.5-23 for the current stable distribution (ra). We recommend that you upgrade your glibc packages. wget -c url will fetch the file for you rpm -Uhv file(s)*.rpm will upgrade the referenced file. If you are using "poldek" - the package manager, use the line as given below for upgrade packages poldek --update will update the internal database poldek --upgrade 'glibc*' will install corrected packages If you are using "apt" - the package manager, use the line as given below for upgrade packages apt-get update will update the internal database apt-get upgrade 'glibc*' will install corrected packages PLD Linux 1.0 alias ra - -------------------- Source archives: ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/glibc-2.2.5-23.src.rpm MD5 checksum: 6ac0e513502b649bf1d316040c527549 I386 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/glibc-2.2.5-23.i386.rpm MD5 checksum: c19612aaa515ef37568e8acc16fa8b2f ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/glibc-devel-2.2.5-23.i386.rpm MD5 checksum: 81892ef217fa760a0e3b413159a633b2 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/glibc-memusage-2.2.5-23.i386.rpm MD5 checksum: 3bf95e26d3aa2a278662e004d9118ac2 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/glibc-pic-2.2.5-23.i386.rpm MD5 checksum: a4e3604c7daeb3eb553c5d57bce7dde6 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/glibc-profile-2.2.5-23.i386.rpm MD5 checksum: a81e6214e05a691d12d89a7c368355a9 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/glibc-static-2.2.5-23.i386.rpm MD5 checksum: 24e5aaec4b3a14f8b2330a39bdfb7adf ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/iconv-2.2.5-23.i386.rpm MD5 checksum: 114bcea8e4bcc5e567c16a87f21f2db5 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/localedb-src-2.2.5-23.i386.rpm MD5 checksum: 6f634ce2b13d76ff1b906897249ce649 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/nscd-2.2.5-23.i386.rpm MD5 checksum: 3c05b547cfdf517a27cb993ea08df266 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/nss_compat-2.2.5-23.i386.rpm MD5 checksum: d55c320df19b70c124df3daf1e72a4d4 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/nss_hesiod-2.2.5-23.i386.rpm MD5 checksum: 8061c74ba2d2e0214eb88257e22cc2de ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/nss_nis-2.2.5-23.i386.rpm MD5 checksum: 3812db120712391d5e196a647ccaa449 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/nss_nisplus-2.2.5-23.i386.rpm MD5 checksum: 66aa50c5eefe29f85109da8a1af35713 I586 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/glibc-2.2.5-23.i586.rpm MD5 checksum: 0ffc2ebe5e5d24fa78603740ce330a30 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/glibc-devel-2.2.5-23.i586.rpm MD5 checksum: a4c87aa7d8d4cb1b787f082066e23261 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/glibc-memusage-2.2.5-23.i586.rpm MD5 checksum: 0a0244a2e9fc68fbd3d9e3b40a62e99e ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/glibc-pic-2.2.5-23.i586.rpm MD5 checksum: 94dd7ab0e2aca4ef878bd127fcca1d69 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/glibc-profile-2.2.5-23.i586.rpm MD5 checksum: 497892c4675c100ce06b04d45521440b ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/glibc-static-2.2.5-23.i586.rpm MD5 checksum: 991d9dc5443592e6fa48343f795194be ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/iconv-2.2.5-23.i586.rpm MD5 checksum: 86b7aed13367176e6d7fc5c3f765a72f ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/localedb-src-2.2.5-23.i586.rpm MD5 checksum: 080ed201963a74bcc0827f0b97521a9d ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/nscd-2.2.5-23.i586.rpm MD5 checksum: da0dc780390f2c38c409987573f03f26 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/nss_compat-2.2.5-23.i586.rpm MD5 checksum: 92cd00372b22d61c96f1db6a2ede16cd ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/nss_hesiod-2.2.5-23.i586.rpm MD5 checksum: a53bb57c02d06fe591dacdb71eb6d019 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/nss_nis-2.2.5-23.i586.rpm MD5 checksum: 99bab7b0d707bd21cc31f9c405b08c16 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/nss_nisplus-2.2.5-23.i586.rpm MD5 checksum: 9474b16ceb1ca1dbb629d1d41c47e329 I686 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/glibc-2.2.5-23.i686.rpm MD5 checksum: d620c555c931b96f9e438e46c1f2917a ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/glibc-devel-2.2.5-23.i686.rpm MD5 checksum: 267755365ee6988b15f8a49573a497f7 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/glibc-memusage-2.2.5-23.i686.rpm MD5 checksum: 77ecb6117fa6392916ae4d31df5029d1 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/glibc-pic-2.2.5-23.i686.rpm MD5 checksum: 5c940c95711c27b402043e3b13403b26 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/glibc-profile-2.2.5-23.i686.rpm MD5 checksum: 72ff7b8b15c00bc3f20b58a24ea08450 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/glibc-static-2.2.5-23.i686.rpm MD5 checksum: 9b4f3abfdbef2461e0b4e2d057f9d4da ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/iconv-2.2.5-23.i686.rpm MD5 checksum: fdaa9d6242fd4e79e9c78048a7f65b9c ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/localedb-src-2.2.5-23.i686.rpm MD5 checksum: 79963a3d281e9d3122f8bb5efe9eae81 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/nscd-2.2.5-23.i686.rpm MD5 checksum: 199aa0dcd364b0c7f67934c093749cfd ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/nss_compat-2.2.5-23.i686.rpm MD5 checksum: ad0ed44f56e15f157bdf6e0ffb4ac516 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/nss_hesiod-2.2.5-23.i686.rpm MD5 checksum: 3751b0c20ab0365565b59a57dacfa10e ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/nss_nis-2.2.5-23.i686.rpm MD5 checksum: 8f92e31761b3ddbd2ccf90c4ed532de5 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/nss_nisplus-2.2.5-23.i686.rpm MD5 checksum: 23c76b74ff4325678ed2778f693a5f1f PowerPC Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/glibc-2.2.5-23.ppc.rpm MD5 checksum: 292d58fd6d10b92d38640defa8a6560c ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/glibc-devel-2.2.5-23.ppc.rpm MD5 checksum: ce64306aeebeddd8490bb35383d3f49f ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/glibc-memusage-2.2.5-23.ppc.rpm MD5 checksum: bc899f83d6e3de2f48ce99bb31380b3e ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/glibc-pic-2.2.5-23.ppc.rpm MD5 checksum: 8dfc62d4cbed42721b9ba31a0b71bd35 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/glibc-profile-2.2.5-23.ppc.rpm MD5 checksum: 971ff04215bfedb55f7845fd3e4c3211 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/glibc-static-2.2.5-23.ppc.rpm MD5 checksum: 8aa301a739aecfea5a872eecb299e503 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/iconv-2.2.5-23.ppc.rpm MD5 checksum: e7e2625f2438ede3af668ec88bb32027 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/localedb-src-2.2.5-23.ppc.rpm MD5 checksum: ff082bc5d4f83364300c0d4402d2bd0c ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/nscd-2.2.5-23.ppc.rpm MD5 checksum: f8af9f968190667c800cbffeb830c1c7 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/nss_compat-2.2.5-23.ppc.rpm MD5 checksum: d28d6faa2f15bf90fb41416a98588794 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/nss_hesiod-2.2.5-23.ppc.rpm MD5 checksum: 4566c141052c49bfdb30bbb98433bf97 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/nss_nis-2.2.5-23.ppc.rpm MD5 checksum: 32731f66aad12ff7901e9845122634d8 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/nss_nisplus-2.2.5-23.ppc.rpm MD5 checksum: 7fb6f5310fbc6d4925f9255149ab4e7a - -------------------------------------------------------------------------------- - If you are using poldek add this line to poldek.conf. If you are using apt-get add this line to sources.list. For i386 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security For i586 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security For i686 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security For ppc architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security From dzimi at pld.org.pl Sat May 3 15:45:18 2003 From: dzimi at pld.org.pl (Krzysiek Taraszka) Date: Tue Dec 20 11:03:11 2005 Subject: [PLDSA 47-1] New rxvt packages fix various vulnerabilites Message-ID: - -------------------------------------------------------------------------- PLD Security Advisory PLDSA 47-1 security@pld.org.pl http://www.pld.org.pl/security/ PLD Security Team 29 March 2003 http://www.pld.org.pl/security/faq - -------------------------------------------------------------------------- Package : prior to rxvt-2.7.8-6 Vulnerability : dangerous interception of escape sequences Problem-Type : remote PLD-specific : no CVE references : CAN-2003-0022, CAN-2003-0023, CAN-2003-0066 Digital Defense Inc. released a paper detailing insecurities in various terminal emulators, including rxvt. Many of the features supported by these programs can be abused when untrusted data is displayed on the screen. This abuse can be anything from garbage data being displayed to the screen or a system compromise. The above problems have been fixed in version 2.7.10-1 for the current stable distribution (ra). We recommend that you upgrade your rxvt packages. wget -c url will fetch the file for you rpm -Uhv file(s)*.rpm will upgrade the referenced file. If you are using "poldek" - the package manager, use the line as given below for upgrade packages poldek --update will update the internal database poldek --upgrade 'rxvt*' will install corrected packages If you are using "apt" - the package manager, use the line as given below for upgrade packages apt-get update will update the internal database apt-get upgrade 'rxvt*' will install corrected packages PLD Linux 1.0 alias ra - -------------------- Source archives: ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/rxvt-2.7.10-1.src.rpm MD5 checksum: 1f761983e4e4808d830baeb7f48ea977 I386 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/rxvt-2.7.10-1.i386.rpm MD5 checksum: 6cb2b11e3612571bf78c9a22f92a2df0 I586 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/rxvt-2.7.10-1.i586.rpm MD5 checksum: b84a3a9bb90ff60a0aa3040333be4c52 I686 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/rxvt-2.7.10-1.i686.rpm MD5 checksum: a4229fb5ca589dcc960a83f98d4bb596 PowerPC Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/rxvt-2.7.10-1.ppc.rpm MD5 checksum: 79cc64fe8c711ebebccde6411d1a7fa8 - -------------------------------------------------------------------------------- - If you are using poldek add this line to poldek.conf. If you are using apt-get add this line to sources.list. For i386 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security For i586 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security For i686 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security For ppc architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security From dzimi at pld.org.pl Sat May 3 15:45:31 2003 From: dzimi at pld.org.pl (Krzysiek Taraszka) Date: Tue Dec 20 11:03:11 2005 Subject: [PLDSA 48-1] New sendmail packages fix denial of service Message-ID: - -------------------------------------------------------------------------- PLD Security Advisory PLDSA 48-1 security@pld.org.pl http://www.pld.org.pl/security/ PLD Security Team 30 March 2003 http://www.pld.org.pl/security/faq - -------------------------------------------------------------------------- Package : prior to sendmail-8.12.6-2 Vulnerability : char-to-int conversion Problem-Type : local PLD-specific : no CVE references : CAN-2003-0161 CERT advisory : VU#897604 CA-2003-12 Michal Zalewski discovered a buffer overflow, triggered by a char to int conversion, in the address parsing code in sendmail, a widely used powerful, efficient, and scalable mail transport agent. This problem is potentially remotely exploitable. The above problems have been fixed in version 8.12.9-1 for the current stable distribution (ra). We recommend that you upgrade your sendmail packages. wget -c url will fetch the file for you rpm -Uhv file(s)*.rpm will upgrade the referenced file. If you are using "poldek" - the package manager, use the line as given below for upgrade packages poldek --update will update the internal database poldek --upgrade 'sendmail*' will install corrected packages If you are using "apt" - the package manager, use the line as given below for upgrade packages apt-get update will update the internal database apt-get upgrade 'sendmail*' will install corrected packages PLD Linux 1.0 alias ra - -------------------- Source archives: ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/sendmail-8.12.9-1.src.rpm MD5 checksum: 6af9723af19412c1e9e0ed3f622a75b0 I386 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/sendmail-8.12.9-1.i386.rpm MD5 checksum: 572e50a6c5a3238919cb4651bdd576a9 I586 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/sendmail-8.12.9-1.i586.rpm MD5 checksum: 8d6973f92e63035c668e07a550443bcd I686 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/sendmail-8.12.9-1.i686.rpm MD5 checksum: 3402671812ffecb2dbe47b10ed9e3a4e PowerPC Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/sendmail-8.12.9-1.ppc.rpm MD5 checksum: 1226c736538574c3e0442b71c566d6f2 - -------------------------------------------------------------------------------- - If you are using poldek add this line to poldek.conf. If you are using apt-get add this line to sources.list. For i386 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security For i586 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security For i686 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security For ppc architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security From dzimi at pld.org.pl Sat May 3 15:45:45 2003 From: dzimi at pld.org.pl (Krzysiek Taraszka) Date: Tue Dec 20 11:03:11 2005 Subject: [PLDSA 49-1] New tcpdump packages fix denial of service vulnerability Message-ID: - -------------------------------------------------------------------------- PLD Security Advisory PLDSA 49-1 security@pld.org.pl http://www.pld.org.pl/security/ PLD Security Team 05 April 2003 http://www.pld.org.pl/security/faq - -------------------------------------------------------------------------- Package : prior to tcpdump-3.7.1-1 Vulnerability : infinite loop Problem-Type : remote PLD-specific : no CVE references : CAN-2003-0108 Andrew Griffiths and iDEFENSE Labs discovered a problem in tcpdump, a powerful tool for network monitoring and data acquisition. An attacker is able to send a specially crafted network packet which causes tcpdump to enter an infinite loop. In addition to the above problem the tcpdump developers discovered a potential infinite loop when parsing malformed BGP packets. They also discovered a buffer overflow that can be exploited with certain malformed NFS packets. The above problems have been fixed in version 3.7.2-1 for the current stable distribution (ra). We recommend that you upgrade your tcpdump packages. wget -c url will fetch the file for you rpm -Uhv file(s)*.rpm will upgrade the referenced file. If you are using "poldek" - the package manager, use the line as given below for upgrade packages poldek --update will update the internal database poldek --upgrade 'tcpdump*' will install corrected packages If you are using "apt" - the package manager, use the line as given below for upgrade packages apt-get update will update the internal database apt-get upgrade 'tcpdump*' will install corrected packages PLD Linux 1.0 alias ra - -------------------- Source archives: ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/tcpdump-3.7.2-1.src.rpm MD5 checksum: a030313b7358787e96b17b58a28452f1 I386 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/tcpdump-3.7.2-1.i386.rpm MD5 checksum: d329b88ab1c07f776c53918f173c27bd I586 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/tcpdump-3.7.2-1.i586.rpm MD5 checksum: 965f6ffcab644d6f99728968c22ff698 I686 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/tcpdump-3.7.2-1.i686.rpm MD5 checksum: 70d010357f4a18b3cc38b2d0ec319c6b PowerPC Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/tcpdump-3.7.2-1.ppc.rpm MD5 checksum: 5ee620f7cd1cebce2791d2cd951286b4 - -------------------------------------------------------------------------------- - If you are using poldek add this line to poldek.conf. If you are using apt-get add this line to sources.list. For i386 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security For i586 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security For i686 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security For ppc architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security From dzimi at pld.org.pl Sat May 3 15:46:05 2003 From: dzimi at pld.org.pl (Krzysiek Taraszka) Date: Tue Dec 20 11:03:11 2005 Subject: [PLDSA 51-1] New samba packages fix remote root exploit Message-ID: - -------------------------------------------------------------------------- PLD Security Advisory PLDSA 51-1 security@pld.org.pl http://www.pld.org.pl/security/ PLD Security Team 08 April 2003 http://www.pld.org.pl/security/faq - -------------------------------------------------------------------------- Package : prior to samba-2.2.7-1 Vulnerability : buffer overflow Problem-Type : remote PLD-specific : no CVE references : CAN-2003-0201, CAN-2003-0196 Samba is an Open Source/Free Software suite that provides seamless file and print services to SMB/CIFS clients. An anonymous user can gain remote root access due to a buffer overflow caused by a StrnCpy() into a char array (fname) using a non-constant length (namelen). The above problems have been fixed in version 2.2.8a-1 for the current stable distribution (ra). We recommend that you upgrade your samba packages. wget -c url will fetch the file for you rpm -Uhv file(s)*.rpm will upgrade the referenced file. If you are using "poldek" - the package manager, use the line as given below for upgrade packages poldek --update will update the internal database poldek --upgrade 'samba*' will install corrected packages If you are using "apt" - the package manager, use the line as given below for upgrade packages apt-get update will update the internal database apt-get upgrade 'samba*' will install corrected packages PLD Linux 1.0 alias ra - -------------------- Source archives: ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/samba-2.2.8a-1.src.rpm MD5 checksum: 45b933cf309ba9cd53f7d19a634532e0 I386 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/swat-2.2.8a-1.i386.rpm MD5 checksum: 40a1221018eccd325a58be1c0be693d3 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/samba-2.2.8a-1.i386.rpm MD5 checksum: 0d29ecd82d304be1e16619b62808553b ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/samba-client-2.2.8a-1.i386.rpm MD5 checksum: 3bac8102bd1d44db2d6ecbb3605b6021 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/samba-common-2.2.8a-1.i386.rpm MD5 checksum: b704e6f923e49af840e29c9d86f3a049 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/cups-backend-smb-2.2.8a-1.i386.rpm MD5 checksum: b99d883b219b794ffa370e6367576b41 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/libsmbclient-2.2.8a-1.i386.rpm MD5 checksum: bcdf881c487f6025a85ea99d7cb0885d ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/libsmbclient-devel-2.2.8a-1.i386.rpm MD5 checksum: 343f9e3dc99b26b01ffad057337ec9fd ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/pam-pam_smbpass-2.2.8a-1.i386.rpm MD5 checksum: ac41b71c1317ffb3ba5d2fb6bd13bfd1 I586 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/swat-2.2.8a-1.i586.rpm MD5 checksum: 8dedc3aefe3edb6c8c1e26bc227b8d65 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/samba-2.2.8a-1.i586.rpm MD5 checksum: 86eea82d0451a03d2281c19bdfcd0827 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/samba-client-2.2.8a-1.i586.rpm MD5 checksum: 85f0c7a20516c6245a7dd178d4d914c3 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/samba-common-2.2.8a-1.i586.rpm MD5 checksum: 36564eee7fed49102457fcc8dc2e3416 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/cups-backend-smb-2.2.8a-1.i586.rpm MD5 checksum: 914cc9ab7a74a86745c9b80478a41760 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/libsmbclient-2.2.8a-1.i586.rpm MD5 checksum: 6e81abf8bc0ab18c399f1372aefa23e9 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/libsmbclient-devel-2.2.8a-1.i586.rpm MD5 checksum: 1ef534b8f1c60235176158d237fbda9f ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/pam-pam_smbpass-2.2.8a-1.i586.rpm MD5 checksum: e63f2b0e7c6cd86c597c4fb34d221638 I686 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/swat-2.2.8a-1.i686.rpm MD5 checksum: 47da6a9230066f66fa17905c9500e865 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/samba-2.2.8a-1.i686.rpm MD5 checksum: d11ef730160a03ef8fc1e548eecde484 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/samba-client-2.2.8a-1.i686.rpm MD5 checksum: 0dfa260c170c2fd88f2a1afee50aa636 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/samba-common-2.2.8a-1.i686.rpm MD5 checksum: 57f425d4ab67937ff576974bcd38b2f6 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/cups-backend-smb-2.2.8a-1.i686.rpm MD5 checksum: 2a913f09cceb24e8cdf3c557c903e75f ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/libsmbclient-2.2.8a-1.i686.rpm MD5 checksum: 48a073691896c22b51b0aa39fe76a988 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/libsmbclient-devel-2.2.8a-1.i686.rpm MD5 checksum: b70d22766f8ea95b336d07a1d7ea62ec ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/pam-pam_smbpass-2.2.8a-1.i686.rpm MD5 checksum: bf911ff90e5d5726bf0b92e8d85daedc PowerPC Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/swat-2.2.8a-1.ppc.rpm MD5 checksum: e1f191b0c8deb0fe536663a72251383d ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/samba-2.2.8a-1.ppc.rpm MD5 checksum: fd0ce5df079cef0fb7fe95be002ab60d ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/samba-client-2.2.8a-1.ppc.rpm MD5 checksum: 9bd92a23e77a311cf5817503fb05c7b1 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/samba-common-2.2.8a-1.ppc.rpm MD5 checksum: 1c4baa6117fd7f793c3ff6331dd6857d ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/cups-backend-smb-2.2.8a-1.ppc.rpm MD5 checksum: 066bddee2b0a13b45805d69af9267215 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/libsmbclient-2.2.8a-1.ppc.rpm MD5 checksum: 00465c5e90a8cd87f8d41680edee6942 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/libsmbclient-devel-2.2.8a-1.ppc.rpm MD5 checksum: 5487762457779ca0a945a83ee62ac00c ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/pam-pam_smbpass-2.2.8a-1.ppc.rpm MD5 checksum: 4c6f44cddb922dbcfcb3d65bef6a5357 - -------------------------------------------------------------------------------- - If you are using poldek add this line to poldek.conf. If you are using apt-get add this line to sources.list. For i386 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security For i586 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security For i686 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security For ppc architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security From dzimi at pld.org.pl Sat May 3 15:46:20 2003 From: dzimi at pld.org.pl (Krzysiek Taraszka) Date: Tue Dec 20 11:03:11 2005 Subject: [PLDSA 52-1] New apache-mod_ssl packages fix timing-based attack vulnerability Message-ID: - -------------------------------------------------------------------------- PLD Security Advisory PLDSA 52-1 security@pld.org.pl http://www.pld.org.pl/security/ PLD Security Team 09 April 2003 http://www.pld.org.pl/security/faq - -------------------------------------------------------------------------- Package : prior to apache-mod_ssl-2.8.12_1.3.27-1 Vulnerability : timing based attack Problem-Type : remote PLD-specific : no CVE references : CAN-2003-0147 Upstream URL : www.openssl.org/news/secadv_20030317.txt Researchers have discovered a timing attack on RSA keys, to which OpenSSL is generally vulnerable, unless RSA blinding has been turned on. The above problems have been fixed in version 2.8.14_1.3.27-1 for the current stable distribution (ra). We recommend that you upgrade your apache-mod_ssl packages. wget -c url will fetch the file for you rpm -Uhv file(s)*.rpm will upgrade the referenced file. If you are using "poldek" - the package manager, use the line as given below for upgrade packages poldek --update will update the internal database poldek --upgrade 'apache-mod_ssl*' will install corrected packages If you are using "apt" - the package manager, use the line as given below for upgrade packages apt-get update will update the internal database apt-get upgrade 'apache-mod_ssl*' will install corrected packages PLD Linux 1.0 alias ra - -------------------- Source archives: ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/apache-mod_ssl-2.8.14_1.3.27-1.src.rpm MD5 checksum: 890ea3d363838b77b89ab0d8a238aae9 I386 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/apache-mod_ssl-2.8.14_1.3.27-1.i386.rpm MD5 checksum: f1661d44657893cdc64234a5e20d00de ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/apache-mod_sxnet-2.8.14_1.3.27-1.i386.rpm MD5 checksum: 2f684d19f8f77d134d5abe27f9d88f81 I586 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/apache-mod_ssl-2.8.14_1.3.27-1.i586.rpm MD5 checksum: b8f76ff708607e3dabc33791ebfb06fe ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/apache-mod_sxnet-2.8.14_1.3.27-1.i586.rpm MD5 checksum: 7845ab5095a815d09017573657c7a42b I686 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/apache-mod_ssl-2.8.14_1.3.27-1.i686.rpm MD5 checksum: 7769155637db47f3391d993fad89afc2 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/apache-mod_sxnet-2.8.14_1.3.27-1.i686.rpm MD5 checksum: 1de87d32ec4ec8b5bd2e8233dcea7f92 PowerPC Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/apache-mod_ssl-2.8.14_1.3.27-1.ppc.rpm MD5 checksum: e4bd94554409f7569ac61a977be2e47a ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/apache-mod_sxnet-2.8.14_1.3.27-1.ppc.rpm MD5 checksum: 0aefa00d9f33e5c9b0cd6ec1081115bc - -------------------------------------------------------------------------------- - If you are using poldek add this line to poldek.conf. If you are using apt-get add this line to sources.list. For i386 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security For i586 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security For i686 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security For ppc architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security From dzimi at pld.org.pl Sat May 3 15:45:56 2003 From: dzimi at pld.org.pl (Krzysiek Taraszka) Date: Tue Dec 20 11:03:12 2005 Subject: [PLDSA 50-1] New kernel packages fix several vulnerabilities Message-ID: - -------------------------------------------------------------------------= - PLD Security Advisory PLDSA 50-1 security@pld.org.pl http://www.pld.org.pl/security/ PLD Security Team 06 April 2003=09=09=09=09http://www.pld.org.pl/security/faq - -------------------------------------------------------------------------= - Package : prior to kernel-2.2.22-6 Vulnerability : several Problem-Type : local PLD-specific : no CVE references : CAN-2003-0127, CAN-2003-0001, CAN-2002-1380 A bug in the kernel module loader code allows a local user to gain root=20 privileges. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0127 to this issue. Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets. =A0The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0001 to this issue. The Linux 2.2 kernel allows local users to cause a denial of service (crash) by using the mmap() function with a PROT_READ parameter to access non-readable memory pages through the /proc/pid/mem interface. =A0The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2002-1380 to this issue. The above problems have been fixed in version 2.2.25-2 for the current stable distribution (ra). We recommend that you upgrade your kernel packages. wget -c url =09will fetch the file for you rpm -Uhv file(s)*.rpm will upgrade the referenced file. If you are using "poldek" - the package manager, use the line as given belo= w for upgrade packages poldek --update will update the internal database poldek --upgrade 'kernel*' will install corrected packages If you are using "apt" - the package manager, use the line as given below for upgrade packages apt-get update will update the internal database apt-get upgrade 'kernel*' will install corrected packages PLD Linux 1.0 alias ra - -------------------- Source archives: ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/kernel-2.2.25-2.src.rp= m MD5 checksum: 6ece50ae448ad35f3147c528eb4f4a46 ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/kernel-eplip-0.5.6-5@2= =2E2.25_2.src.rpm MD5 checksum: bfbd706d306f214b35e23e39a9906540 ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/kernel-misc-noptrace-0= =2E1-2@2.2.25_2.src.rpm MD5 checksum: 0169db4a15691299d661f8e704ba49c6 ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/kernel-net-3c90x-1.0.2= -7@2.2.25_2.src.rpm MD5 checksum: 2f5eb28326d4a07b7a55f6a57e4c8d14 ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/kernel-net-3c990-1.0.0= a-10@2.2.25_2.src.rpm MD5 checksum: e2b45c4f4724376b877a24ddcb648d8e ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/kernel-net-bcm4400-1.0= =2E1-2@2.2.25_2.src.rpm MD5 checksum: 9d0d891fc9940ba34532326fc28284d7 ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/kernel-net-bcm5700-2.2= =2E19-2@2.2.25_2.src.rpm MD5 checksum: b9e873299073d6385a73ae7b119e29df ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/kernel-net-e100-2.1.15= -4@2.2.25_2.src.rpm MD5 checksum: d7e0aa16f49c4167ed3d42c6286bcf56 ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/kernel-net-e1000-4.3.1= 5-4@2.2.25_2.src.rpm MD5 checksum: f892e3725383b90d0d9a911e8474f6a0 ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/kernel-net-ip_masq_gg-= 1.0-0.pre3.2@2.2.25_2.src.rpm MD5 checksum: 8f1b388351847ce65188cacb66963a57 ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/kernel-net-ip_masq_h32= 3-2.2.20-11@2.2.25_2.src.rpm MD5 checksum: b6e5cce6b204bd693d104bb624809d8e ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/kernel-net-ip_masq_icq= -0.56-13@2.2.25_2.src.rpm MD5 checksum: 83d27205057f9cb35afa20ead4b96797 ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/kernel-net-ip_wccp-0.1= -12@2.2.25_2.src.rpm MD5 checksum: 35840617344c0bf1c9fe36123e3afb1b ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/kernel-net-sundance-1.= 01d-8@2.2.25_2.src.rpm MD5 checksum: 4c9defc8e6c8d9d862a56492dbcd7dab ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/kernel-plustek-sane-0.= 45.5-1.src.rpm MD5 checksum: 592e7be66e2746adbc0dbdecc0444afd ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/kernel-sound-au88xx-1.= 1.2-11@2.2.25_2.src.rpm MD5 checksum: 76fc1c4682ac157722f89f318e68ad75 ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/kernel-video-Device3Df= x-2.3-14@2.2.25_2.src.rpm MD5 checksum: ac263dc7b25819846a160ac104ec1f4c ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/kernel-video-nvidia-1.= 0.4191-2@2.2.25_2.src.rpm MD5 checksum: 6536859f9c011db723453c61c204be6e ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/kernel-video-quickcam-= 0.40c-6@2.2.25_2.src.rpm MD5 checksum: d615d776efaded4aa56a540acf8265cc ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/kernel-video-tdfxdrm-1= =2E0-10@2.2.25_2.src.rpm MD5 checksum: ef4cacef4ccbf86eed83f2190558bce4 ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/alsa-driver-0.5.12a-18= =2Esrc.rpm MD5 checksum: 172f7626b930b47adacc6c73ff9a6b04 ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/capsel-2.0-rc1.8.src.r= pm MD5 checksum: e14cd5d05aae40c57295d0a3aa0c085f ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/cipe-1.5.2-13.src.rpm MD5 checksum: 7fe2f29faee37ef794df9955dc55c59b ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/ians-1.7.65-3.src.rpm MD5 checksum: 6298588d8c2bc460d919cec4681999f7 ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/lirc-0.6.6-1.src.rpm MD5 checksum: 8f2db3beb864d4a7d8998790e083b5c4 ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/lm_sensors-2.6.4-9.src= =2Erpm MD5 checksum: 845f2b669c0f707833bc317ac54c1af2 ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/pcmcia-cs-3.1.30-18.sr= c.rpm MD5 checksum: f29fb26bf372647626ecec2e0ae329f0 ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/svgalib-1.9.17-1.src.r= pm MD5 checksum: d1fe57550b34d810ef40de90a6f103e0 I386 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-2.2.25-2.i386.rp= m MD5 checksum: 1e417a2c0d85e248b09cc55efea39f46 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-BOOT-2.2.25-2.i3= 86.rpm MD5 checksum: 33c1a9779cc4b6b2d35ffcc2facb817e ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-char-lirc-parall= el-0.6.6-1@2.2.25_2.i386.rpm MD5 checksum: 5e7a98599581b867b4b2cf9bf815bb59 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-char-lirc-serial= -0.6.6-1@2.2.25_2.i386.rpm MD5 checksum: 81e1770e451fe534d1b935278263b421 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-char-lirc-sir-0.= 6.6-1@2.2.25_2.i386.rpm MD5 checksum: 860efdb2010996300a38712ebaaf6f14 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-char-plustek-0.4= 5.5-1@2.2.25_2.i386.rpm MD5 checksum: 592e7be66e2746adbc0dbdecc0444afd ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-cipe-1.5.2-13@2.= 2.25_2.i386.rpm MD5 checksum: 0ce989fda70c01396ee0f77c003957bf ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-doc-2.2.25-2.i38= 6.rpm MD5 checksum: acf0770a0f3567a77f00b104d548b64c ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-eplip-0.5.6-5@2.= 2.25_2.i386.rpm MD5 checksum: d208dad84a88e8887cfb4a11400d31f6 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-headers-2.2.25-2= =2Ei386.rpm MD5 checksum: e0548e62e43402cda2775ed9c7c7665e ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-misc-capsel-2.0-= 8@2.2.25_2.i386.rpm MD5 checksum: 337c7ff8fe7c9c737aba9ede091ef14d ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-misc-lm_sensors-= 2.6.4-9@2.2.25.i386.rpm MD5 checksum: 717ec0b2b5d167ff4fa18ab6bc3ac61c ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-misc-noptrace-0.= 1-2@2.2.25_2.i386.rpm MD5 checksum: f40d7a6ef40b5092c4e775ae788c0247 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-net-3c90x-1.0.2-= 7@2.2.25_2.i386.rpm MD5 checksum: 42340d5c36ba8791a72dbe1ca3cf6995 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-net-3c990-1.0.0a= -10@2.2.25_2.i386.rpm MD5 checksum: 62afbfbfb8fdfa6d68e01493a0a22133 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-net-bcm4400-1.0.= 1-2@2.2.25_2.i386.rpm MD5 checksum: 2c28a5344093c08578b380327dc1e534 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-net-bcm5700-2.2.= 19-2@2.2.25_2.i386.rpm MD5 checksum: e3a64f13428679288f542c676bbf3917 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-net-e100-2.1.15-= 4@2.2.25_2.i386.rpm MD5 checksum: 49df8924b2fd08197b6480b2638d9647 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-net-e1000-4.3.15= -4@2.2.25_2.i386.rpm MD5 checksum: af9752d948ebacefec6387de7d589b42 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-net-ians-1.7.65-= 3@2.2.25_2.i386.rpm MD5 checksum: 6b06c4fc87995590d3a3e8db4b3388e0 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-net-ip_masq_gg-1= =2E0-0.pre3.2@2.2.25_2.i386.rpm MD5 checksum: a3072f1a7e2706a3b52848793aeb2a3d ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-net-ip_masq_h323= -2.2.20-11@2.2.25_2.i386.rpm MD5 checksum: f65082492a8252f6e1cc3fa38bec992e ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-net-ip_masq_icq-= 0.56-13@2.2.25_2.i386.rpm MD5 checksum: 37c49de019020bd556d3e4982bf13582 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-net-ip_wccp-0.1-= 12@2.2.25_2.i386.rpm MD5 checksum: e05485b07221cbae4f581c9da61436e1 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-net-sundance-1.0= 1d-8@2.2.25_2.i386.rpm MD5 checksum: 9a3b2f92c712b8518ad0dd6c2f7e6795 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-pcmcia-cs-2.2.25= -2.i386.rpm MD5 checksum: 8fd388ef1c62ce0756d6a9e9c30e34af ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-pcmcia-wavelan2-= 3.1.30-18@2.2.25_2.i386.rpm MD5 checksum: de3640ec5b027943b2d0da33ba916ac5 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-smp-2.2.25-2.i38= 6.rpm MD5 checksum: 92095cb19e4a8d968a3c07ed5160480a ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-smp-char-lirc-se= rial-0.6.6-1@2.2.25_2.i386.rpm MD5 checksum: 16f1edae89b680b0d886cbe72057ec26 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-smp-char-lirc-si= r-0.6.6-1@2.2.25_2.i386.rpm MD5 checksum: be6a161789b1a35b6986627aa8b677b6 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-smp-char-plustek= -0.45.5-1@2.2.25_2.i386.rpm MD5 checksum: 94c399672141a347aaaf9896bead7596 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-smp-cipe-1.5.2-1= 3@2.2.25_2.i386.rpm MD5 checksum: 97aca1caa334baa874dce91a03c6cd3b ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-smp-eplip-0.5.6-= 5@2.2.25_2.i386.rpm MD5 checksum: a96e01bb9b873b4f37f0302b958c482f ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-smp-misc-capsel-= 2.0-8@2.2.25_2.i386.rpm MD5 checksum: ead72e0500b8b07dc0ae4e0b1245865d ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-smp-misc-lm_sens= ors-2.6.4-9@2.2.25.i386.rpm MD5 checksum: 4110833335c39acd15639c6825a97188 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-smp-misc-noptrac= e-0.1-2@2.2.25_2.i386.rpm MD5 checksum: 18f464a82795c0971972cf3ca10e0381 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-smp-net-3c90x-1.= 0.2-7@2.2.25_2.i386.rpm MD5 checksum: e7164df7beecaf2a0e1cff47f665a509 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-smp-net-3c990-1.= 0.0a-10@2.2.25_2.i386.rpm MD5 checksum: 0f5daa69e7c811ec7b07f062b870dfb2 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-smp-net-bcm4400-= 1.0.1-2@2.2.25_2.i386.rpm MD5 checksum: 83ad743a4164b7cd07980dbf7ed9dd88 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-smp-net-bcm5700-= 2.2.19-2@2.2.25_2.i386.rpm MD5 checksum: 1cb10eabf0219039510b61b10e10f52e ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-smp-net-e100-2.1= =2E15-4@2.2.25_2.i386.rpm MD5 checksum: 297706ef07c2042e185f64a46c02c16e ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-smp-net-e1000-4.= 3.15-4@2.2.25_2.i386.rpm MD5 checksum: 29f4f14bfe8fab4f5914fd7f8a738167 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-smp-net-ians-1.7= =2E65-3@2.2.25_2.i386.rpm MD5 checksum: 3333318272b72e4a16727de237eef58f ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-smp-net-ip_masq_= gg-1.0-0.pre3.2@2.2.25_2.i386.rpm MD5 checksum: 23e01c7c5ee44fc2fa9366883ba7a882 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-smp-net-ip_masq_= h323-2.2.20-11@2.2.25_2.i386.rpm MD5 checksum: 9c17da8774b920c17a5ed98625ccab62 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-smp-net-ip_masq_= icq-0.56-13@2.2.25_2.i386.rpm MD5 checksum: eb4215d02a811fe1b51253736d53d59f ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-smp-net-ip_wccp-= 0.1-12@2.2.25_2.i386.rpm MD5 checksum: 6e2f8ecdf6d7a26b967c3bec4322cf90 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-smp-net-sundance= -1.01d-8@2.2.25_2.i386.rpm MD5 checksum: 8774081bac2ae67a93bf77660b5406d1 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-smp-pcmcia-cs-2.= 2.25-2.i386.rpm MD5 checksum: b13fdd94cf8689d0a9782724ff0bbdeb ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-smp-sound-alsa-0= =2E5.12a-18@2.2.25_2.i386.rpm MD5 checksum: afa4cddffff9c065356d2dd101f94ba7 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-smp-sound-au88xx= -1.1.2-11@2.2.25_2.i386.rpm MD5 checksum: 91751e6793573d276382e84e5d085c33 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-smp-video-Device= 3Dfx-2.3-14@2.2.25_2.i386.rpm MD5 checksum: f2e102afd66c83b7cef131378b7addb2 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-smp-video-nvidia= -1.0.4191-2@2.2.25_2.i386.rpm MD5 checksum: d0df90d2702dbc472b82a6e9d741a09f ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-smp-video-quickc= am-0.40c-6@2.2.25_2.i386.rpm MD5 checksum: 5842428fd93794cff26c0b0ac452eb07 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-smp-video-svgali= b_helper-1.9.17-1@2.2.25_2.i386.rpm MD5 checksum: b7edd8bd7046943fc528cae73db787ee ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-smp-video-tdfxdr= m-1.0-10@2.2.25_2.i386.rpm MD5 checksum: 47033d8b40fb2a77d411785138d70368 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-sound-alsa-0.5.1= 2a-18@2.2.25_2.i386.rpm MD5 checksum: 4995fd7a021e804c0ba390ac17861e5b ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-sound-au88xx-1.1= =2E2-11@2.2.25_2.i386.rpm MD5 checksum: 771abad4ac54acf39b00d5604a52fe36 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-source-2.2.25-2.= i386.rpm MD5 checksum: c4c4643033380e53712750ea36a90b12 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-video-Device3Dfx= -2.3-14@2.2.25_2.i386.rpm MD5 checksum: b1c50132066b5fe31cd388f9a647e777 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-video-nvidia-1.0= =2E4191-2@2.2.25_2.i386.rpm MD5 checksum: e6ca67a522029a17f31588c49b4ebc05 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-video-quickcam-0= =2E40c-6@2.2.25_2.i386.rpm MD5 checksum: 9b47c859646e3b04cb516177c950d652 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-video-svgalib_he= lper-1.9.17-1@2.2.25_2.i386.rpm MD5 checksum: 8c9996ba735107178abcaa1d7d0a7903 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/kernel-video-tdfxdrm-1.= 0-10@2.2.25_2.i386.rpm MD5 checksum: ce7d8704c5cccf776d2bee422e8c9fb7 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/alsa-driver-devel-0.5.1= 2a-18.i386.rpm MD5 checksum: dafa2b2d6d3b8180377718f0b90884e3 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/capsel-2.0-rc1.8.i386.r= pm MD5 checksum: 0eb9929068987b0eb9bfbd186f03bc9f ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/cipe-1.5.2-13.i386.rpm MD5 checksum: 7128431f9568c59ee155390df9bb3ed2 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/cipe-pkcipe-client-1.5.= 2-13.i386.rpm MD5 checksum: 2363f456dfcfe3f46ad31847ba4f96e3 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/cipe-pkcipe-server-1.5.= 2-13.i386.rpm MD5 checksum: e04eee12f594f8889fdd305b975783e5 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ians-1.7.65-3.i386.rpm MD5 checksum: 2e858e8a5d66eec4e08a2f565d234a9d ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/lirc-0.6.6-1.i386.rpm MD5 checksum: 791eff05fc1f27b0212d13d3a0118482 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/lirc-X11-0.6.6-1.i386.r= pm MD5 checksum: c4fbc4165fb2d9c1dff8120c54bc8051 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/lirc-devel-0.6.6-1.i386= =2Erpm MD5 checksum: 51e52c51dbd2ba13c2f0257977247eea ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/lirc-libs-0.6.6-1.i386.= rpm MD5 checksum: 127f7ddd011fea101816cb0ce5c3f73a ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/lirc-static-0.6.6-1.i38= 6.rpm MD5 checksum: a022d18ebd4199a22f3d145ecd1cf993 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/lm_sensors-2.6.4-9.i386= =2Erpm MD5 checksum: 3ec778efe587cb66768b7a2719b7f842 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/lm_sensors-devel-2.6.4-= 9.i386.rpm MD5 checksum: 54b22d328fc2a28909127c287c304d38 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/lm_sensors-sensord-2.6.= 4-9.i386.rpm MD5 checksum: 1d4eebc7081c4239e8d0ccbf0f0648db ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/lm_sensors-static-2.6.4= -9.i386.rpm MD5 checksum: 0e188b660b428ff19babe33b74390765 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/pcmcia-cs-3.1.30-18.i38= 6.rpm MD5 checksum: d8bfe30f1e5084279a197b8821c5bafe ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/qce-qa-0.40c-6.i386.rpm MD5 checksum: 6213f7ff77af6f5a79ef1d1bee594d51 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/svgalib-1.9.17-1.i386.r= pm MD5 checksum: 4db60482fb2b9637d466145634f6ad7c ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/svgalib-devel-1.9.17-1.= i386.rpm MD5 checksum: 3faf689247aeb4b8cde9f7a9839f22a6 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/svgalib-static-1.9.17-1= =2Ei386.rpm MD5 checksum: a644a775e212216b37491680302e771b I586 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-2.2.25-2.i586.rp= m MD5 checksum: 17940b06e62b1df5c672c01b04797879 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-char-lirc-parall= el-0.6.6-1@2.2.25_2.i586.rpm MD5 checksum: 856439e9f3b63553ae806e5a2c16cdc0 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-char-lirc-serial= -0.6.6-1@2.2.25_2.i586.rpm MD5 checksum: 9f9d386a202d5e0247bbb2dc6d79bc23 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-char-lirc-sir-0.= 6.6-1@2.2.25_2.i586.rpm MD5 checksum: a22852fd51e1d6d7256a4e1a408d9de9 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-char-plustek-0.4= 5.5-1@2.2.25_2.i586.rpm MD5 checksum: 99d27203c017da5de279121faa77b0c1 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-cipe-1.5.2-13@2.= 2.25_2.i586.rpm MD5 checksum: 8d528b896cdc3bb7d6707f7971edee31 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-doc-2.2.25-2.i58= 6.rpm MD5 checksum: 726f8ce71490db4db25074d7964ce693 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-eplip-0.5.6-5@2.= 2.25_2.i586.rpm MD5 checksum: dfe4afeaabe1e9035c0b782aa61d15c9 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-headers-2.2.25-2= =2Ei586.rpm MD5 checksum: e976205f68b3bf8d1e175a1210ce170d ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-misc-capsel-2.0-= 8@2.2.25_2.i586.rpm MD5 checksum: 47b526fccef9bd68e3ccf0eb674c4506 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-misc-lm_sensors-= 2.6.4-9@2.2.25.i586.rpm MD5 checksum: ba75bb744ee314f6863a22eeffd67206 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-misc-noptrace-0.= 1-2@2.2.25_2.i586.rpm MD5 checksum: ae648419c304b1e9c7042e388cbad040 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-net-3c90x-1.0.2-= 7@2.2.25_2.i586.rpm MD5 checksum: 298b60bf7f0ad077acc5e1f5bdad04f9 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-net-3c990-1.0.0a= -10@2.2.25_2.i586.rpm MD5 checksum: 7eefedc4f815b5492d499f0764e2052d ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-net-bcm4400-1.0.= 1-2@2.2.25_2.i586.rpm MD5 checksum: fa31432ed9476d5cd8285d92db266b20 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-net-bcm5700-2.2.= 19-2@2.2.25_2.i586.rpm MD5 checksum: 4bc58ce660b00b708c5fa7f07126a0ef ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-net-e100-2.1.15-= 4@2.2.25_2.i586.rpm MD5 checksum: a62e4206b793a93471027aed9980bf2d ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-net-e1000-4.3.15= -4@2.2.25_2.i586.rpm MD5 checksum: c452c10dee40bb40ebad4fc9db8155a8 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-net-ians-1.7.65-= 3@2.2.25_2.i586.rpm MD5 checksum: 890d064be038c23102c15b020045da2c ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-net-ip_masq_gg-1= =2E0-0.pre3.2@2.2.25_2.i586.rpm MD5 checksum: fa770a9661217b844b6ead1a5dc93976 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-net-ip_masq_h323= -2.2.20-11@2.2.25_2.i586.rpm MD5 checksum: 766539eb702d84e8f2908f1a0b8f250d ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-net-ip_masq_icq-= 0.56-13@2.2.25_2.i586.rpm MD5 checksum: d6e20f38721c05fdd79fa15ea55f5f43 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-net-ip_wccp-0.1-= 12@2.2.25_2.i586.rpm MD5 checksum: 7ec613343c5b358e98f13c4879fa21cc ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-net-sundance-1.0= 1d-8@2.2.25_2.i586.rpm MD5 checksum: ba9bce13cc9e7abb09df9054f19e89ba ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-pcmcia-cs-2.2.25= -2.i586.rpm MD5 checksum: 5fbfec88363c3f3b349daa71aba293be ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-pcmcia-wavelan2-= 3.1.30-18@2.2.25_2.i586.rpm MD5 checksum: 94df76d3fcc50db6f3fba4bf0eadc342 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-smp-2.2.25-2.i58= 6.rpm MD5 checksum: 09cdbe143ba0fc5dc97955b4c0094637 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-smp-char-lirc-se= rial-0.6.6-1@2.2.25_2.i586.rpm MD5 checksum: 5f612543f6c4f0bf00f487359df68e8c ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-smp-char-lirc-si= r-0.6.6-1@2.2.25_2.i586.rpm MD5 checksum: 57b016b6713102f47610791e4b742e1f ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-smp-char-plustek= -0.45.5-1@2.2.25_2.i586.rpm MD5 checksum: 745a9a510169bb3bbfeb95faed6f479a ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-smp-cipe-1.5.2-1= 3@2.2.25_2.i586.rpm MD5 checksum: 80f22fd4f42bad4145252c8de29f3c42 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-smp-eplip-0.5.6-= 5@2.2.25_2.i586.rpm MD5 checksum: 7afbbaeccbd047dc99da96719e5267f7 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-smp-misc-capsel-= 2.0-8@2.2.25_2.i586.rpm MD5 checksum: 684465b36d13c72bad3457b7e69ffda4 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-smp-misc-lm_sens= ors-2.6.4-9@2.2.25.i586.rpm MD5 checksum: c419fe6d571f3bffcec17c5410dab067 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-smp-misc-noptrac= e-0.1-2@2.2.25_2.i586.rpm MD5 checksum: d93c4c5f35831d13d991dbc92f1d1f5b ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-smp-net-3c90x-1.= 0.2-7@2.2.25_2.i586.rpm MD5 checksum: 736ae57ecb5e5b5179b45aba1f4ff487 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-smp-net-3c990-1.= 0.0a-10@2.2.25_2.i586.rpm MD5 checksum: 779eaaa9f42b4d68cf96623636ea1910 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-smp-net-bcm4400-= 1.0.1-2@2.2.25_2.i586.rpm MD5 checksum: 2d7e960c4b94cb513b054c074f0fec09 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-smp-net-bcm5700-= 2.2.19-2@2.2.25_2.i586.rpm MD5 checksum: d49f6f5b9b41a4e158e0e6aeb2948e36 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-smp-net-e100-2.1= =2E15-4@2.2.25_2.i586.rpm MD5 checksum: 841aabb1b3116f013567e7bb68a36eac ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-smp-net-e1000-4.= 3.15-4@2.2.25_2.i586.rpm MD5 checksum: 44871662ba79847a7216639eca84eb82 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-smp-net-ians-1.7= =2E65-3@2.2.25_2.i586.rpm MD5 checksum: 86e337e0449a2f7e43379b6970b0ac12 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-smp-net-ip_masq_= gg-1.0-0.pre3.2@2.2.25_2.i586.rpm MD5 checksum: 48d6f0221e004f22b00515ccf60c6ab9 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-smp-net-ip_masq_= h323-2.2.20-11@2.2.25_2.i586.rpm MD5 checksum: 2d965e5c5ad50aa09ac54f9390dbf70c ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-smp-net-ip_masq_= icq-0.56-13@2.2.25_2.i586.rpm MD5 checksum: c07097fc2d669a765a8b2108045a5b3a ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-smp-net-ip_wccp-= 0.1-12@2.2.25_2.i586.rpm MD5 checksum: bdfb046f2f62fe3b8e6807b642b1e614 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-smp-net-sundance= -1.01d-8@2.2.25_2.i586.rpm MD5 checksum: abe81a0c35d3fca33539b1ca1d6497f2 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-smp-pcmcia-cs-2.= 2.25-2.i586.rpm MD5 checksum: 9ab813bd0578303a0fce2ef82b9a850e ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-smp-sound-alsa-0= =2E5.12a-18@2.2.25_2.i586.rpm MD5 checksum: e312a5af60e9b9810750bdf0a36b0482 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-smp-sound-au88xx= -1.1.2-11@2.2.25_2.i586.rpm MD5 checksum: a84ba024412ee8b84a6d4b5c96d7792c ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-smp-video-Device= 3Dfx-2.3-14@2.2.25_2.i586.rpm MD5 checksum: e211632349f2ca43a7fa3a4dd531eb57 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-smp-video-nvidia= -1.0.4191-2@2.2.25_2.i586.rpm MD5 checksum: a123bf23cffdeb1364204a319f2ab02f ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-smp-video-quickc= am-0.40c-6@2.2.25_2.i586.rpm MD5 checksum: 37a67885605e9d4cced67e0f647fb322 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-smp-video-svgali= b_helper-1.9.17-1@2.2.25_2.i586.rpm MD5 checksum: 891f797f9a123df9e2e14a01e406918d ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-smp-video-tdfxdr= m-1.0-10@2.2.25_2.i586.rpm MD5 checksum: 61da854028cbf18d013a317ef50603c8 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-sound-alsa-0.5.1= 2a-18@2.2.25_2.i586.rpm MD5 checksum: a8e8e84d9d70e9365e56a65abbee9de0 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-sound-au88xx-1.1= =2E2-11@2.2.25_2.i586.rpm MD5 checksum: 291778ea79126d919f1b04bdd2a1a915 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-source-2.2.25-2.= i586.rpm MD5 checksum: 86e0b331d9d72d7c10d54b718024624f ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-video-Device3Dfx= -2.3-14@2.2.25_2.i586.rpm MD5 checksum: a8e38c628aa2ad8a43463038e33ad3d ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-video-nvidia-1.0= =2E4191-2@2.2.25_2.i586.rpm MD5 checksum: d60fe8f0c54eca4f9cd02ca11c85c749 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-video-quickcam-0= =2E40c-6@2.2.25_2.i586.rpm MD5 checksum: 31d48662de71f881d4d4346999ed4561 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-video-svgalib_he= lper-1.9.17-1@2.2.25_2.i586.rpm MD5 checksum: 0b9b44025b7fcabbc3e16d542e4c2158 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/kernel-video-tdfxdrm-1.= 0-10@2.2.25_2.i586.rpm MD5 checksum: 133a9b5d62a40183b6340d811d66242b ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/alsa-driver-devel-0.5.1= 2a-18.i586.rpm MD5 checksum: b23775366c3cf95c82fa0ffa6e0e6723 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/capsel-2.0-rc1.8.i586.r= pm MD5 checksum: 947b967f0d1d7feb6e7c0bdb0253faf7 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/cipe-1.5.2-13.i586.rpm MD5 checksum: 5bb4cad8ab7cc5267c75ed692a82188c ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/cipe-pkcipe-client-1.5.= 2-13.i586.rpm MD5 checksum: a07c6371487f8ecdf5d94f2406d55d50 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/cipe-pkcipe-server-1.5.= 2-13.i586.rpm MD5 checksum: 0ab8e854d785b893ae179c6a070a8184 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ians-1.7.65-3.i586.rpm MD5 checksum: b7271da1df49c38e778324bf0cea18ce ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/lirc-0.6.6-1.i586.rpm MD5 checksum: af9c1829d8739580369902d1aced27eb ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/lirc-X11-0.6.6-1.i586.r= pm MD5 checksum: 4b216ad8bf793890d24c4b0bbf50a740 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/lirc-devel-0.6.6-1.i586= =2Erpm MD5 checksum: 30f81aece0f2607c19f11040ef440dda ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/lirc-libs-0.6.6-1.i586.= rpm MD5 checksum: 90bb1399c2565df67c41b8d4c669e06d ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/lirc-static-0.6.6-1.i58= 6.rpm MD5 checksum: 231a02186c1ec75890948b6bfe1a04a1 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/lm_sensors-2.6.4-9.i586= =2Erpm MD5 checksum: cce69f7157956757b15f46fc455777e1 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/lm_sensors-devel-2.6.4-= 9.i586.rpm MD5 checksum: 346fe8652d384e8bdb955767c13abd83 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/lm_sensors-sensord-2.6.= 4-9.i586.rpm MD5 checksum: 3adb0e51051ac2ca6959319aa5ac79f1 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/lm_sensors-static-2.6.4= -9.i586.rpm MD5 checksum: cb2e2d8a0ee4c03ad1c17daaac39acd2 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/pcmcia-cs-3.1.30-18.i58= 6.rpm MD5 checksum: 540713c6e7a2754b1eeaae16ff84fdd5 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/qce-qa-0.40c-6.i586.rpm MD5 checksum: fa7204a384d0cf9816cf47466ac154f4 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/svgalib-1.9.17-1.i586.r= pm MD5 checksum: 1c6c47d494eda30d6d19f38de217d420 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/svgalib-devel-1.9.17-1.= i586.rpm MD5 checksum: 1fef6c274e85fe5d30f94428f8034d1e ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/svgalib-static-1.9.17-1= =2Ei586.rpm MD5 checksum: 87b815827ee382b13326f685046bacfd I686 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-2.2.25-2.i686.rp= m MD5 checksum: 8d61d68b8ec92ca7058f43c9ef0ecb2d ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-char-lirc-parall= el-0.6.6-1@2.2.25_2.i686.rpm MD5 checksum: 1922d28aa7562ee5664ee138e86f7b64 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-char-lirc-serial= -0.6.6-1@2.2.25_2.i686.rpm MD5 checksum: 094db41f9a8a3db38d2d1dddbed2bc42 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-char-lirc-sir-0.= 6.6-1@2.2.25_2.i686.rpm MD5 checksum: 2f9d2fa213f03e1afedc914f982f5061 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-char-plustek-0.4= 5.5-1@2.2.25_2.i686.rpm MD5 checksum: 0484af762a6bda9579d6c11d25d422e3 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-cipe-1.5.2-13@2.= 2.25_2.i686.rpm MD5 checksum: 526004a89346c59ff0e5015ad9754906 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-doc-2.2.25-2.i68= 6.rpm MD5 checksum: 94318b7b76a158e788cea227f01baaaa ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-eplip-0.5.6-5@2.= 2.25_2.i686.rpm MD5 checksum: edf5a3817285395b88047e18af0d6c94 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-headers-2.2.25-2= =2Ei686.rpm MD5 checksum: bb799ddc5cc6489e6f733ae2a2041a20 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-misc-capsel-2.0-= 8@2.2.25_2.i686.rpm MD5 checksum: bbdf7dd4dfa0370c90a67dd9aae5223a ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-misc-lm_sensors-= 2.6.4-9@2.2.25.i686.rpm MD5 checksum: 31024cf6dc1d76a498e4d8aee8ee6121 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-misc-noptrace-0.= 1-2@2.2.25_2.i686.rpm MD5 checksum: 06a9245d288f46964045254ccfc994d4 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-net-3c90x-1.0.2-= 7@2.2.25_2.i686.rpm MD5 checksum: 16bff926d915f0075e0feb7ff30b8039 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-net-3c990-1.0.0a= -10@2.2.25_2.i686.rpm MD5 checksum: 3cd3079ad4cfae64fee2ef25807064fe ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-net-bcm4400-1.0.= 1-2@2.2.25_2.i686.rpm MD5 checksum: b3f60257942c36025451dc958c2a9a06 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-net-bcm5700-2.2.= 19-2@2.2.25_2.i686.rpm MD5 checksum: fe0b0f9eb7b5ae7e45aef42f52a21ae9 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-net-e100-2.1.15-= 4@2.2.25_2.i686.rpm MD5 checksum: 94346405b50fd210c809899bcb3a2992 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-net-e1000-4.3.15= -4@2.2.25_2.i686.rpm MD5 checksum: 146d7b9abcb3e0b0235e6338879515ee ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-net-ians-1.7.65-= 3@2.2.25_2.i686.rpm MD5 checksum: fc6428656a9463ffa7e4c843a1b011be ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-net-ip_masq_gg-1= =2E0-0.pre3.2@2.2.25_2.i686.rpm MD5 checksum: 0a0e1b4ef6f4100e18b78646c7b668c4 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-net-ip_masq_h323= -2.2.20-11@2.2.25_2.i686.rpm MD5 checksum: 6861e65ea5451722d174a1f647f56bec ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-net-ip_masq_icq-= 0.56-13@2.2.25_2.i686.rpm MD5 checksum: 8e678f6dbe670fe6868798bf58a63f55 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-net-ip_wccp-0.1-= 12@2.2.25_2.i686.rpm MD5 checksum: 67b45608ce52a5c72baa217063b8e7a1 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-net-sundance-1.0= 1d-8@2.2.25_2.i686.rpm MD5 checksum: 407dbd7e9af18f860054b0f36ea29f6c ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-pcmcia-cs-2.2.25= -2.i686.rpm MD5 checksum: 3b70f198de143f50726e9af9b311d7c2 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-pcmcia-wavelan2-= 3.1.30-18@2.2.25_2.i686.rpm MD5 checksum: 5b49b96fca4364e28a3593b422a16938 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-smp-2.2.25-2.i68= 6.rpm MD5 checksum: 8dbd41ffd6b6585ca1de9aaacdae42e4 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-smp-char-lirc-se= rial-0.6.6-1@2.2.25_2.i686.rpm MD5 checksum: ea3f1c842a1bd43c3f797215ef5ccddd ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-smp-char-lirc-si= r-0.6.6-1@2.2.25_2.i686.rpm MD5 checksum: 8d13057daece727a8d3f38fb5524e0a1 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-smp-char-plustek= -0.45.5-1@2.2.25_2.i686.rpm MD5 checksum: 6446d5f46c607330f504eec19da1c9f3 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-smp-cipe-1.5.2-1= 3@2.2.25_2.i686.rpm MD5 checksum: 1555ed45a3b7be0868c223835a120a12 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-smp-eplip-0.5.6-= 5@2.2.25_2.i686.rpm MD5 checksum: 1a7fc4daeaec3f915741fd5d7bb13730 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-smp-misc-capsel-= 2.0-8@2.2.25_2.i686.rpm MD5 checksum: 9bc91f3ac557b50a3b1187d0d110828a ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-smp-misc-lm_sens= ors-2.6.4-9@2.2.25.i686.rpm MD5 checksum: 988f209427fff9e4732d31f72cef1c8d ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-smp-misc-noptrac= e-0.1-2@2.2.25_2.i686.rpm MD5 checksum: f7e920a7b511a21689dded2076205b15 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-smp-net-3c90x-1.= 0.2-7@2.2.25_2.i686.rpm MD5 checksum: 2083d4f28d061017d4afc0b53b9d7149 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-smp-net-3c990-1.= 0.0a-10@2.2.25_2.i686.rpm MD5 checksum: 19fdb543708ec391a473858c02e5d72b ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-smp-net-bcm4400-= 1.0.1-2@2.2.25_2.i686.rpm MD5 checksum: 50865fb02a3cc3ae8b27d6b201ddadfa ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-smp-net-bcm5700-= 2.2.19-2@2.2.25_2.i686.rpm MD5 checksum: f9a686dff483d5807888e6bd888cf0e9 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-smp-net-e100-2.1= =2E15-4@2.2.25_2.i686.rpm MD5 checksum: b9e6df40d6963f70f35633624df26411 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-smp-net-e1000-4.= 3.15-4@2.2.25_2.i686.rpm MD5 checksum: 1757bc1ce3d09cdde14a11b97e860fdf ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-smp-net-ians-1.7= =2E65-3@2.2.25_2.i686.rpm MD5 checksum: 3e0a46ba9370882a242c6b2879d2e371 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-smp-net-ip_masq_= gg-1.0-0.pre3.2@2.2.25_2.i686.rpm MD5 checksum: ce7d2894ee301eb863a4cecc662f458a ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-smp-net-ip_masq_= h323-2.2.20-11@2.2.25_2.i686.rpm MD5 checksum: 7f1edc8383e90b788cc62646fdd18a40 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-smp-net-ip_masq_= icq-0.56-13@2.2.25_2.i686.rpm MD5 checksum: e2c42923bafd59446dd0949ea5052428 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-smp-net-ip_wccp-= 0.1-12@2.2.25_2.i686.rpm MD5 checksum: d3281f063309e96a388c68064a037ac9 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-smp-net-sundance= -1.01d-8@2.2.25_2.i686.rpm MD5 checksum: d9eef4c8e47355e5f2d3846f96ebda4c ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-smp-pcmcia-cs-2.= 2.25-2.i686.rpm MD5 checksum: eed0fcf0bd334090779b2ab01c4c23c0 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-smp-sound-alsa-0= =2E5.12a-18@2.2.25_2.i686.rpm MD5 checksum: fa4939751790db201208b5a65a3bd5a8 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-smp-sound-au88xx= -1.1.2-11@2.2.25_2.i686.rpm MD5 checksum: f914e43ad0e20762201d1bd07dc07145 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-smp-video-Device= 3Dfx-2.3-14@2.2.25_2.i686.rpm MD5 checksum: d7bb1ac130013822fa525a2ff6b00e6f ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-smp-video-nvidia= -1.0.4191-2@2.2.25_2.i686.rpm MD5 checksum: d452cf010291e2fb04d8684f0babc032 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-smp-video-quickc= am-0.40c-6@2.2.25_2.i686.rpm MD5 checksum: 3b6fea09c50bdd622f93a0e9e99adeae ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-smp-video-svgali= b_helper-1.9.17-1@2.2.25_2.i686.rpm MD5 checksum: 5f96247b89ee71cb1c46a21c495c0a52 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-smp-video-tdfxdr= m-1.0-10@2.2.25_2.i686.rpm MD5 checksum: 2a5641ae7a9d04bc1b5c674bb35c5cdf ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-sound-alsa-0.5.1= 2a-18@2.2.25_2.i686.rpm MD5 checksum: 101042d35e47cc2295c5e3573187fd31 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-sound-au88xx-1.1= =2E2-11@2.2.25_2.i686.rpm MD5 checksum: a9098c48a1e0f64fcbf723590e2444ca ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-source-2.2.25-2.= i686.rpm MD5 checksum: f09f680b767d459b8bc4467f01eaa6f8 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-video-Device3Dfx= -2.3-14@2.2.25_2.i686.rpm MD5 checksum: 14d0faaf69aa07c12ab86a3dff5884e4 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-video-nvidia-1.0= =2E4191-2@2.2.25_2.i686.rpm MD5 checksum: 297ddaf933ee8b32c09665d3810dd86d ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-video-quickcam-0= =2E40c-6@2.2.25_2.i686.rpm MD5 checksum: 0e3fc6bf65d6d43c275538d77e57daf4 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-video-svgalib_he= lper-1.9.17-1@2.2.25_2.i686.rpm MD5 checksum: 2d79d5131e60c7ef9abece57283187fe ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/kernel-video-tdfxdrm-1.= 0-10@2.2.25_2.i686.rpm MD5 checksum: a1b3417795b7e80868b28ef9e2d7fd4c ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/alsa-driver-devel-0.5.1= 2a-18.i686.rpm MD5 checksum: 623dcb36d38db5650be37f6d62a70d9b ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/capsel-2.0-rc1.8.i686.r= pm MD5 checksum: f2781a3107c5f7751ded7db4b705d587 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/cipe-1.5.2-13.i686.rpm MD5 checksum: 48cd7f6b3cb5adcd983a12f9f1277e78 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/cipe-pkcipe-client-1.5.= 2-13.i686.rpm MD5 checksum: ecd24c93787d1d17c7a92004e31c5100 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/cipe-pkcipe-server-1.5.= 2-13.i686.rpm MD5 checksum: 1e0feb2fcd07820d903f0a8b2a3c2202 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ians-1.7.65-3.i686.rpm MD5 checksum: a1696d72a969575be13847267b6ad24f ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/lirc-0.6.6-1.i686.rpm MD5 checksum: dfd2d54f514c8b3f4bc845e413f97338 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/lirc-X11-0.6.6-1.i686.r= pm MD5 checksum: a223fa72e7fe1ea2e10cdc593bb7f101 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/lirc-devel-0.6.6-1.i686= =2Erpm MD5 checksum: c17986a30e0a051af436dccd7340a424 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/lirc-libs-0.6.6-1.i686.= rpm MD5 checksum: 5c278dfa3c362c9fdab2f4989e127efb ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/lirc-static-0.6.6-1.i68= 6.rpm MD5 checksum: 69409079e424274c7fbd3f514a104fad ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/lm_sensors-2.6.4-9.i686= =2Erpm MD5 checksum: 92c210500c9f944f93c15ea0d3bb6167 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/lm_sensors-devel-2.6.4-= 9.i686.rpm MD5 checksum: 87c97d03d8db2e5b1b83dca6a5421e05 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/lm_sensors-sensord-2.6.= 4-9.i686.rpm MD5 checksum: 0410011907ea41e9ef798e2713c7eb38 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/lm_sensors-static-2.6.4= -9.i686.rpm MD5 checksum: f355784622a4d2c28fa3b041fe48425c ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/qce-qa-0.40c-6.i686.rpm MD5 checksum: 2a448bc335557b0044944a149f1c5c2e ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/svgalib-1.9.17-1.i686.r= pm MD5 checksum: e265ed452234cf4341eaf8fad1788d6e ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/svgalib-devel-1.9.17-1.= i686.rpm MD5 checksum: b58a10da9756d27ecd119b517e1b32c9 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/svgalib-static-1.9.17-1= =2Ei686.rpm MD5 checksum: 078f435c712144284bb5f254c8704a33 PowerPC Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-2.2.25-2.ppc.rpm MD5 checksum: ba730f698b67dbbfce36cb567031fa1a ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-char-lirc-paralle= l-0.6.6-1@2.2.25_2.ppc.rpm MD5 checksum: a932efc3f947203dd006f9c71528cca7 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-char-lirc-serial-= 0.6.6-1@2.2.25_2.ppc.rpm MD5 checksum: a26b4282b965b431486cf5979706d369 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-char-lirc-sir-0.6= =2E6-1@2.2.25_2.ppc.rpm MD5 checksum: 1a5f7a47ee0caaaa48eee0a54896f6ee ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-char-plustek-0.45= =2E5-1@2.2.25_2.ppc.rpm MD5 checksum: 89fb4eb192460a12ab8e9201c55e10ce ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-cipe-1.5.2-13@2.2= =2E25_2.ppc.rpm MD5 checksum: 218efb754c9bf6497461b78609e074bf ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-doc-2.2.25-2.ppc.= rpm MD5 checksum: b8990f2605dfe8f0a119e3c4d4542b30 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-headers-2.2.25-2.= ppc.rpm MD5 checksum: 3d32d87ed0b55abcc0bf35bda6f1609a ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-misc-capsel-2.0-8= @2.2.25_2.ppc.rpm MD5 checksum: daec09f7295393d743c2e82addef5dbd ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-misc-lm_sensors-2= =2E6.4-9@2.2.25.ppc.rpm MD5 checksum: 5d6784d3385bef1b0473be7dfa578ed1 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-misc-noptrace-0.1= -2@2.2.25_2.ppc.rpm MD5 checksum: 09883ff7a8db7cf076fefa0643b8c557 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-net-3c90x-1.0.2-7= @2.2.25_2.ppc.rpm MD5 checksum: 04afc1d4d42581d8f3629cd081b72289 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-net-3c990-1.0.0a-= 10@2.2.25_2.ppc.rpm MD5 checksum: b9be15e367add7df9351ace1fca2eafe ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-net-bcm4400-1.0.1= -2@2.2.25_2.ppc.rpm MD5 checksum: 6e337ccbced3d26e14f3c122bc10ed7b ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-net-bcm5700-2.2.1= 9-2@2.2.25_2.ppc.rpm MD5 checksum: 0f13777d674ddcf812fa124f7ab11520 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-net-e100-2.1.15-4= @2.2.25_2.ppc.rpm MD5 checksum: 63775dbd7143bae51b5862a4af874202 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-net-e1000-4.3.15-= 4@2.2.25_2.ppc.rpm MD5 checksum: f458f9726d3c619cf563f117ae450f74 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-net-ip_masq_gg-1.= 0-0.pre3.2@2.2.25_2.ppc.rpm MD5 checksum: 4f6f16b58c6dbcbb49f8fa1ed02ce531 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-net-ip_masq_h323-= 2.2.20-11@2.2.25_2.ppc.rpm MD5 checksum: e65142cab2ddcb0ff870c9daf926e10a ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-net-ip_masq_icq-0= =2E56-13@2.2.25_2.ppc.rpm MD5 checksum: 5a60aa1b76c9da7d9e3110b55beabea6 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-net-ip_wccp-0.1-1= 2@2.2.25_2.ppc.rpm MD5 checksum: b6378ed47137522f6ce4ce7a2611d5b1 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-net-sundance-1.01= d-8@2.2.25_2.ppc.rpm MD5 checksum: 8fdb561ec49574e5d9fdbfb54e4fae2e ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-pcmcia-cs-2.2.25-= 2.ppc.rpm MD5 checksum: cb0e4bd97b3308f01e561a50060ca565 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-smp-2.2.25-2.ppc.= rpm MD5 checksum: 715521b0add2f7b54fd041c1d06b5e55 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-smp-char-lirc-ser= ial-0.6.6-1@2.2.25_2.ppc.rpm MD5 checksum: b102932427e373929038b61f82f476f7 =20 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-smp-char-lirc-sir= -0.6.6-1@2.2.25_2.ppc.rpm MD5 checksum: 46987f3c0e5d24dfe2ab758717d273cd ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-smp-char-plustek-= 0.45.5-1@2.2.25_2.ppc.rpm MD5 checksum: 4ba9edb354ff5ec83077b710431c71f7 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-smp-cipe-1.5.2-13= @2.2.25_2.ppc.rpm MD5 checksum: 7d525c85ad08066536accb74e5883ab3 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-smp-misc-capsel-2= =2E0-8@2.2.25_2.ppc.rpm MD5 checksum: afddd422c929a3fd6cc50613e6d2faa9 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-smp-misc-lm_senso= rs-2.6.4-9@2.2.25.ppc.rpm MD5 checksum: 8af8c2375cdd9d8ee2f8259e12e0f025 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-smp-misc-noptrace= -0.1-2@2.2.25_2.ppc.rpm MD5 checksum: 38e273a3537ebfe61027a0c11d3b68fc ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-smp-net-3c90x-1.0= =2E2-7@2.2.25_2.ppc.rpm MD5 checksum: 30b472c9aeb1a434366bc8ea476c06f6 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-smp-net-3c990-1.0= =2E0a-10@2.2.25_2.ppc.rpm MD5 checksum: ac426dfc2882f2a38a7d5ad5a9d9c348 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-smp-net-bcm4400-1= =2E0.1-2@2.2.25_2.ppc.rpm MD5 checksum: 1003ec85ad69fa41df045870c43e7582 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-smp-net-bcm5700-2= =2E2.19-2@2.2.25_2.ppc.rpm MD5 checksum: fe57b33df3353a461917fbd92ea1e24a ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-smp-net-e100-2.1.= 15-4@2.2.25_2.ppc.rpm MD5 checksum: 1485371b296b09c7c2399c8298d5a662 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-smp-net-e1000-4.3= =2E15-4@2.2.25_2.ppc.rpm MD5 checksum: 1aff7e5436dd3c9e5b5d67acedd1b18d ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-smp-net-ip_masq_g= g-1.0-0.pre3.2@2.2.25_2.ppc.rpm MD5 checksum: 0dd3119a4250c4aef34e55a859535b80 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-smp-net-ip_masq_h= 323-2.2.20-11@2.2.25_2.ppc.rpm MD5 checksum: 00ffd47ad63cef5e7000c5cf30ff1a83 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-smp-net-ip_masq_i= cq-0.56-13@2.2.25_2.ppc.rpm MD5 checksum: 5caabe185c656999b4473d3f80110fb1 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-smp-net-ip_wccp-0= =2E1-12@2.2.25_2.ppc.rpm MD5 checksum: d0db68e7f19fcbf113a4e88b90ac3022 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-smp-net-sundance-= 1.01d-8@2.2.25_2.ppc.rpm MD5 checksum: df48feccc6d3eceeb54c979fc5a33ac3 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-smp-pcmcia-cs-2.2= =2E25-2.ppc.rpm MD5 checksum: c5d82d8e94a0294571e1ace248964fc0 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-smp-sound-alsa-0.= 5.12a-18@2.2.25_2.ppc.rpm MD5 checksum: 6ac9ef58fd09ab9ffa1a3fab5c366107 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-smp-video-quickca= m-0.40c-6@2.2.25_2.ppc.rpm MD5 checksum: a7a6342835d610a6d2f8bdb239d7f4fa ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-sound-alsa-0.5.12= a-18@2.2.25_2.ppc.rpm MD5 checksum: e5fc74e0ff223151b03d3aaa929cad0e ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-source-2.2.25-2.p= pc.rpm MD5 checksum: 38b6fa6b685c60991e7084ee5c280228 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/kernel-video-quickcam-0.= 40c-6@2.2.25_2.ppc.rpm MD5 checksum: da84527c42ec7a7697c057b28d3b298c ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/alsa-driver-devel-0.5.12= a-18.ppc.rpm MD5 checksum: 7eee32e6aec89238eee64a7b899a502e ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/capsel-2.0-rc1.8.ppc.rpm MD5 checksum: 35dca708e4b4bfbb96aa165616575883 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/cipe-1.5.2-13.ppc.rpm MD5 checksum: 21bf3acf6d02a97b5f25fe5056641a5b ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/cipe-pkcipe-client-1.5.2= -13.ppc.rpm MD5 checksum: 2ef8312517f510224a9d9157d4baac3a ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/cipe-pkcipe-server-1.5.2= -13.ppc.rpm MD5 checksum: f69f788fafeb8b273b2b26295b6ca3e8 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/lirc-0.6.6-1.ppc.rpm MD5 checksum: 105fbf4669fb36643883a0bcc2cb60d2 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/lirc-X11-0.6.6-1.ppc.rpm MD5 checksum: 35d026468c71f557c70f4768948eb233 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/lirc-devel-0.6.6-1.ppc.r= pm MD5 checksum: b077b5c650a29748d95e62f857758e01 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/lirc-libs-0.6.6-1.ppc.rp= m MD5 checksum: 412dad31df4286bf99a33f9da6103add ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/lirc-static-0.6.6-1.ppc.= rpm MD5 checksum: 2c4c17fac5a251d57c61df34a9d5b786 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/lm_sensors-2.6.4-9.ppc.r= pm MD5 checksum: df259eccf03b8482b79b02be97c868be ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/lm_sensors-devel-2.6.4-9= =2Eppc.rpm MD5 checksum: 8ef20993bb24dc054f8b658834431cd7 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/lm_sensors-sensord-2.6.4= -9.ppc.rpm MD5 checksum: 8ac136998c9ec1ad5eb8769892b1f770 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/lm_sensors-static-2.6.4-= 9.ppc.rpm MD5 checksum: 4a83af4a19c5f72f40aebae477d16210 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/pcmcia-cs-3.1.30-18.ppc.= rpm MD5 checksum: a1f13e827c1bdd9802c4339390bad44d ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/qce-qa-0.40c-6.ppc.rpm MD5 checksum: 52ff54f6f177f2fb4726399dff26b816 - ---------------------------------------------------------------------------= ----- - If you are using poldek add this line to poldek.conf. If you are using apt-get add this line to sources.list. For i386 architecture poldek: source =3D ra-updates-security ftp://ftp.pld.org.pl/dists/r= a/updates/security/i386/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-sec= urity For i586 architecture poldek: source =3D ra-updates-security ftp://ftp.pld.org.pl/dists/r= a/updates/security/i586/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-sec= urity For i686 architecture poldek: source =3D ra-updates-security ftp://ftp.pld.org.pl/dists/r= a/updates/security/i686/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-sec= urity For ppc architecture poldek: source =3D ra-updates-security ftp://ftp.pld.org.pl/dists/r= a/updates/security/ppc/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-secu= rity From dzimi at pld.org.pl Sat May 3 15:46:30 2003 From: dzimi at pld.org.pl (Krzysiek Taraszka) Date: Tue Dec 20 11:03:12 2005 Subject: [PLDSA 53-1] New openssl packages fix several vulnerabilities Message-ID: - -------------------------------------------------------------------------- PLD Security Advisory PLDSA 53-1 security@pld.org.pl http://www.pld.org.pl/security/ PLD Security Team 16 April 2003 http://www.pld.org.pl/security/faq - -------------------------------------------------------------------------- Package : prior to openssl-0.9.6g-1 Vulnerability : several vulnerabilities Problem-Type : remote PLD-specific : no CVE references : CAN-2003-0147, CAN-2003-0131 Researchers discovered two flaws in OpenSSL, a Secure Socket Layer (SSL) library and related cryptographic tools. Applications that are linked against this library are generally vulnerable to attacks that could leak the server's private key or make the encrypted session decryptable otherwise. The Common Vulnerabilities and Exposures (CVE) project identified the following vulnerabilities: CAN-2003-0147 OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key. CAN-2003-0131 The SSL and allow remote attackers to perform an unauthorized RSA private key operation that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext. The above problems have been fixed in version 0.9.6j-1 for the current stable distribution (ra). We recommend that you upgrade your openssl packages. wget -c url will fetch the file for you rpm -Uhv file(s)*.rpm will upgrade the referenced file. If you are using "poldek" - the package manager, use the line as given below for upgrade packages poldek --update will update the internal database poldek --upgrade 'openssl*' will install corrected packages If you are using "apt" - the package manager, use the line as given below for upgrade packages apt-get update will update the internal database apt-get upgrade 'openssl*' will install corrected packages PLD Linux 1.0 alias ra - -------------------- Source archives: ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/openssl-0.9.6j-1.src.rpm MD5 checksum: 6160f50bc16dd03866581a7a523d427f I386 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/openssl-0.9.6j-1.i386.rpm MD5 checksum: e6cf19ce0466300266bf2827127075b4 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/openssl-devel-0.9.6j-1.i386.rpm MD5 checksum: 877e4a11e6d2967172fde3f26a80b8a1 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/openssl-static-0.9.6j-1.i386.rpm MD5 checksum: a7003b95de7d191d80eaf8a894518afc ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/openssl-tools-0.9.6j-1.i386.rpm MD5 checksum: a9274549cb5b469c80bed23370ebe9dd ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/openssl-tools-perl-0.9.6j-1.i386.rpm MD5 checksum: 4679e6cc085e89c54cde2b0552fbfa87 ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/php-openssl-4.2.3-9.i386.rpm MD5 checksum: 8cf4691543099c57c26daa42ed85783c I586 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/openssl-0.9.6j-1.i586.rpm MD5 checksum: 56a7e1ffb7976238c56707f13e796e2b ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/openssl-devel-0.9.6j-1.i586.rpm MD5 checksum: d4ec1547468a7a3654f18e6f961463a0 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/openssl-static-0.9.6j-1.i586.rpm MD5 checksum: 162c44b3e7c99ca58ede39ce34253350 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/openssl-tools-0.9.6j-1.i586.rpm MD5 checksum: 9355d5397a3eef2580dfb481abbd91e8 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/openssl-tools-perl-0.9.6j-1.i586.rpm MD5 checksum: 7dd0d2511987ff3102812aa1ea38a662 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/php-openssl-4.2.3-9.i586.rpm MD5 checksum: 5abb647f96b6caf26b3a3bff544e71e2 I686 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/openssl-0.9.6j-1.i686.rpm MD5 checksum: 7b820adaa61dad536210e3d97eab523e ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/openssl-devel-0.9.6j-1.i686.rpm MD5 checksum: 8cd25487b7f5a6f329ed9ac936690ecf ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/openssl-static-0.9.6j-1.i686.rpm MD5 checksum: 9e6a30cb49d918f8a2a73c6f6af48071 ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/openssl-tools-0.9.6j-1.i686.rpm MD5 checksum: bcb0594a5e6fa7e23ae3f35ac26cd71a ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/openssl-tools-perl-0.9.6j-1.i686.rpm MD5 checksum: b457ac014f60c560645b2c034a1ad21e ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/php-openssl-4.2.3-9.i686.rpm MD5 checksum: 74055184f72bd40336c3a23f9653c90f PowerPC Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/openssl-0.9.6j-1.ppc.rpm MD5 checksum: 1af6acdb44790eb11ba163add902e611 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/openssl-devel-0.9.6j-1.ppc.rpm MD5 checksum: 5e2ffcacd25c942077d78f003afdea1d ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/openssl-static-0.9.6j-1.ppc.rpm MD5 checksum: 36a3d0ad76388d835142ef876ef64ef0 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/openssl-tools-0.9.6j-1.ppc.rpm MD5 checksum: 9351eedf729d061e7da36c317bb76393 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/openssl-tools-perl-0.9.6j-1.ppc.rpm MD5 checksum: 1daf3b6dc8b79d45fa85ac732f415616 ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/php-openssl-4.2.3-9.ppc.rpm MD5 checksum: 79ad49767e3540691bcd5fea74240c90 - -------------------------------------------------------------------------------- - If you are using poldek add this line to poldek.conf. If you are using apt-get add this line to sources.list. For i386 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security For i586 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security For i686 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security For ppc architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security From dzimi at pld.org.pl Sat May 3 15:46:39 2003 From: dzimi at pld.org.pl (Krzysiek Taraszka) Date: Tue Dec 20 11:03:12 2005 Subject: [PLDSA 54-1] New apache-mod_access_referer fix denial of service Message-ID: - -------------------------------------------------------------------------- PLD Security Advisory PLDSA 54-1 security@pld.org.pl http://www.pld.org.pl/security/ PLD Security Team 16 April 2003 http://www.pld.org.pl/security/faq - -------------------------------------------------------------------------- Package : prior to apache-mod_access_referer-1.0.2-5 Vulnerability : denial of service Problem-Type : remote PLD-specific : no apache-mod_access_referer is an module for the Apache HTTP Server that provides access control based on "Referer" HTTP header content. Niels Heinen discovered a security problem in apache-mod_access_referer. A vulnerability may possibly be used in denial of service attacks. The above problems have been fixed in version 1.0.2-6 for the current stable distribution (ra). We recommend that you upgrade your apache-mod_access_referer packages. wget -c url will fetch the file for you rpm -Uhv file(s)*.rpm will upgrade the referenced file. If you are using "poldek" - the package manager, use the line as given below for upgrade packages poldek --update will update the internal database poldek --upgrade 'apache-mod_access_referer*' will install corrected packages If you are using "apt" - the package manager, use the line as given below for upgrade packages apt-get update will update the internal database apt-get upgrade 'apache-mod_access_referer*' will install corrected packages PLD Linux 1.0 alias ra - -------------------- Source archives: ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/apache-mod_access_referer-1.0.2-6.src.rpm MD5 checksum: 1a25c36f660adea409edf415e10d9181 I386 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/apache-mod_access_referer-1.0.2-6.i386.rpm MD5 checksum: ff2f7f8edc7acd603ba31ca500b954ce I586 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/apache-mod_access_referer-1.0.2-6.i586.rpm MD5 checksum: c83b597bd6dc1cfa59cf5c7f1f05241a I686 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/apache-mod_access_referer-1.0.2-6.i686.rpm MD5 checksum: 089e917ed57cb706f5df5b2cddd68d40 PowerPC Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/apache-mod_access_referer-1.0.2-6.ppc.rpm MD5 checksum: 4ceeee010ec30b5409d385d33f91a01d - -------------------------------------------------------------------------------- - If you are using poldek add this line to poldek.conf. If you are using apt-get add this line to sources.list. For i386 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security For i586 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security For i686 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security For ppc architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security From dzimi at pld.org.pl Sat May 3 15:46:50 2003 From: dzimi at pld.org.pl (Krzysiek Taraszka) Date: Tue Dec 20 11:03:12 2005 Subject: [PLDSA 55-1] New snort packages fix remote root exploits Message-ID: - -------------------------------------------------------------------------- PLD Security Advisory PLDSA 55-1 security@pld.org.pl http://www.pld.org.pl/security/ PLD Security Team 16 April 2003 http://www.pld.org.pl/security/faq - -------------------------------------------------------------------------- Package : prior to snort-1.9.0-2 Vulnerability : multiple vulnerabilities Problem-Type : remote PLD-specific : no CVE references : CAN-2003-0029, CAN-2003-0033 CERT advisory : VU#139129, VU#916785 Upstream URLs : www.coresecurity.com/common/showdoc.php?idx=313&idxseccion=10 www.snort.org/advisories/snort-2003-04-16-1.txt www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21951 There are two vulnerabilities in the Snort Intrusion Detection System, each in a separate preprocessor module. Both vulnerabilities allow remote attackers to execute arbitrary code with the privileges of the user running Snort, typically root: CAN-2003-0029 Researchers at CORE Security Technologies have discovered a remotely exploitable heap overflow in the Snort "stream4" preprocessor module. This module allows Snort to reassemble TCP packet fragments for further analysis. CAN-2003-0033 Researchers at Internet Security Systems (ISS) have discovered a remotely exploitable buffer overflow in the Snort RPC preprocessor module. When the RPC decoder normalizes fragmented RPC records, it incorrectly checks the lengths of what is being normalized against the current packet size, leading to an overflow condition. The RPC preprocessor is enabled by default. The above problems have been fixed in version 2.0.0-2 for the current stable distribution (ra). We recommend that you upgrade your snort packages. wget -c url will fetch the file for you rpm -Uhv file(s)*.rpm will upgrade the referenced file. If you are using "poldek" - the package manager, use the line as given below for upgrade packages poldek --update will update the internal database poldek --upgrade 'snort*' will install corrected packages If you are using "apt" - the package manager, use the line as given below for upgrade packages apt-get update will update the internal database apt-get upgrade 'snort*' will install corrected packages PLD Linux 1.0 alias ra - -------------------- Source archives: ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/snort-2.0.0-2.src.rpm MD5 checksum: cc29d9fa5e8bd64f962a8dd9d6c9c4e6 I386 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/snort-2.0.0-2.i386.rpm MD5 checksum: 9c2ff5e448a55998a66238522450ed15 I586 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/snort-2.0.0-2.i586.rpm MD5 checksum: 1a02bf6c19619fc1a922923c1703724a I686 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/snort-2.0.0-2.i686.rpm MD5 checksum: eaef2d205ca6c2f4ae96ef174fc83f23 PowerPC Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/snort-2.0.0-2.ppc.rpm MD5 checksum: aa64f305bc351b483e519d1300db2464 - -------------------------------------------------------------------------------- - If you are using poldek add this line to poldek.conf. If you are using apt-get add this line to sources.list. For i386 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security For i586 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security For i686 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security For ppc architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security From dzimi at pld.org.pl Sat May 3 15:47:03 2003 From: dzimi at pld.org.pl (Krzysiek Taraszka) Date: Tue Dec 20 11:03:12 2005 Subject: [PLDSA 56-1] New ecartis packages fix password change vulnerability Message-ID: - -------------------------------------------------------------------------- PLD Security Advisory PLDSA 56-1 security@pld.org.pl http://www.pld.org.pl/security/ PLD Security Team 17 April 2003 http://www.pld.org.pl/security/faq - -------------------------------------------------------------------------- Package : prior to ecartis-1.0.0-20020718.1 Vulnerability : unauthorized password change Problem-Type : remote PLD-specific : no CVE references : CAN-2003-0162 A problem has been discovered in ecartis, a mailing list manager, formerly known as listar. This vulnerability enables an attacker to reset the password of any user defined on the list server, including the list admins. The above problems have been fixed in version 1.0.0-20030303.2 for the current stable distribution (ra). We recommend that you upgrade your ecartis packages. wget -c url will fetch the file for you rpm -Uhv file(s)*.rpm will upgrade the referenced file. If you are using "poldek" - the package manager, use the line as given below for upgrade packages poldek --update will update the internal database poldek --upgrade 'ecartis*' will install corrected packages If you are using "apt" - the package manager, use the line as given below for upgrade packages apt-get update will update the internal database apt-get upgrade 'ecartis*' will install corrected packages PLD Linux 1.0 alias ra - -------------------- Source archives: ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/ecartis-1.0.0-20030303.2.src.rpm MD5 checksum: feedc2714bc5bf72d7a2013cfe506cd7 I386 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ecartis-1.0.0-20030303.2.i386.rpm MD5 checksum: fbcb6f2d00375173d7d1260552d3085e ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ecartis-cgi-1.0.0-20030303.2.i386.rpm MD5 checksum: 9d57330ee337a3fecaabaf90abd0730e I586 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ecartis-1.0.0-20030303.2.i586.rpm MD5 checksum: 00f1f58848677fc02ffb3af5b9456d03 ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ecartis-cgi-1.0.0-20030303.2.i586.rpm MD5 checksum: 9ecb77a41d3a69006f42cefcd8c65762 I686 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ecartis-1.0.0-20030303.2.i686.rpm MD5 checksum: 70e83e00fb4ed57816692bed312c809e ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ecartis-cgi-1.0.0-20030303.2.i686.rpm MD5 checksum: 6a2b5282fba5d4e46bd062e3169a9f41 PowerPC Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ecartis-1.0.0-20030303.2.ppc.rpm MD5 checksum: f3f87e3d8525cf64e31475f220e8602c ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ecartis-cgi-1.0.0-20030303.2.ppc.rpm MD5 checksum: fe81e2133164990dd2d7e9a0a5ec0d66 - -------------------------------------------------------------------------------- - If you are using poldek add this line to poldek.conf. If you are using apt-get add this line to sources.list. For i386 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security For i586 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security For i686 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security For ppc architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security From dzimi at pld.org.pl Sat May 3 15:47:14 2003 From: dzimi at pld.org.pl (Krzysiek Taraszka) Date: Tue Dec 20 11:03:12 2005 Subject: [PLDSA 57-1] New xinetd packages fix information leak Message-ID: - -------------------------------------------------------------------------- PLD Security Advisory PLDSA 57-1 security@pld.org.pl http://www.pld.org.pl/security/ PLD Security Team 19 April 2003 http://www.pld.org.pl/security/faq - -------------------------------------------------------------------------- Package : prior to xinetd-2.3.9-1 Vulnerability : information leak Problem-Type : local PLD-specific : no CVE references : CAN-2003-0211 Steve Grubb discovered a problem in the xinetd - a memory leaks could lead to a denial of service. The above problems have been fixed in version 2.3.11-1 for the current stable distribution (ra). We recommend that you upgrade your xinetd packages. wget -c url will fetch the file for you rpm -Uhv file(s)*.rpm will upgrade the referenced file. If you are using "poldek" - the package manager, use the line as given below for upgrade packages poldek --update will update the internal database poldek --upgrade 'xinetd*' will install corrected packages If you are using "apt" - the package manager, use the line as given below for upgrade packages apt-get update will update the internal database apt-get upgrade 'xinetd*' will install corrected packages PLD Linux 1.0 alias ra - -------------------- Source archives: ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/xinetd-2.3.11-1.src.rpm MD5 checksum: 703485f1977fdfe7e3b39b24721235d5 I386 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/xinetd-2.3.11-1.i386.rpm MD5 checksum: b254b6d27aad1b58ce29eabc5e77c49e I586 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/xinetd-2.3.11-1.i586.rpm MD5 checksum: 1e15c75f068fd55bc7cf5eca64bbe6b9 I686 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/xinetd-2.3.11-1.i686.rpm MD5 checksum: 16a5dd3780a571f243c26b4f14e5e9aa PowerPC Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/xinetd-2.3.11-1.ppc.rpm MD5 checksum: de631fed4edae5eaab6ba1589cc47018 - -------------------------------------------------------------------------------- - If you are using poldek add this line to poldek.conf. If you are using apt-get add this line to sources.list. For i386 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security For i586 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security For i686 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security For ppc architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security From dzimi at pld.org.pl Sat May 3 15:47:32 2003 From: dzimi at pld.org.pl (Krzysiek Taraszka) Date: Tue Dec 20 11:03:12 2005 Subject: [PLDSA 58-1] New pptpd packages fix remote root exploit Message-ID: - -------------------------------------------------------------------------- PLD Security Advisory PLDSA 58-1 security@pld.org.pl http://www.pld.org.pl/security/ PLD Security Team 19 April 2003 http://www.pld.org.pl/security/faq - -------------------------------------------------------------------------- Package : prior to pptpd-1.1.3-1 Vulnerability : buffer overflow Problem-Type : remote PLD-specific : no Timo Sirainen discovered a problem in the pptpd - a remote buffer overflow. The exploit is capable of bruteforcing the RET address to find our buffer in the stack. Upon a successfull run it brings up a reverse shell with privileges of the pptpd daemon (typically root) on the victim server. The above problems have been fixed in version 1.1.4-1 for the current stable distribution (ra). We recommend that you upgrade your pptpd packages. wget -c url will fetch the file for you rpm -Uhv file(s)*.rpm will upgrade the referenced file. If you are using "poldek" - the package manager, use the line as given below for upgrade packages poldek --update will update the internal database poldek --upgrade 'pptpd*' will install corrected packages If you are using "apt" - the package manager, use the line as given below for upgrade packages apt-get update will update the internal database apt-get upgrade 'pptpd*' will install corrected packages PLD Linux 1.0 alias ra - -------------------- Source archives: ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/pptpd-1.1.4-1.src.rpm MD5 checksum: bc4d1d1455dba81b01af992af78d207e I386 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/pptpd-1.1.4-1.i386.rpm MD5 checksum: 03f144c742db05adeb5947d40d69c4d9 I586 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/pptpd-1.1.4-1.i586.rpm MD5 checksum: 7ede8f8fddca9abee9953b5b60746694 I686 Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/pptpd-1.1.4-1.i686.rpm MD5 checksum: 572fd8eb542e6b9f113361f0f77b560c PowerPC Architecture components: ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/pptpd-1.1.4-1.ppc.rpm MD5 checksum: 9db4e6e6c533c6262f847128f83bfb70 - -------------------------------------------------------------------------------- - If you are using poldek add this line to poldek.conf. If you are using apt-get add this line to sources.list. For i386 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security For i586 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security For i686 architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security For ppc architecture poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/ apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security