-----BEGIN PGP SIGNED MESSAGE----- - ------------------------------------------------------------------------ Debian Security Advisory DSA-030-1 security@debian.org http://www.debian.org/security/ Wichert Akkerman February 12, 2001 - ------------------------------------------------------------------------ Package : xfree86-1 Vulnerability : buffer overflow, insecure tempfile handling, denial-of-service attack Debian-specific: no Chris Evans, Joseph S. Myers, Michal Zalewski, Alan Cox, and others have noted a number of problems in several components of the X Window System sample implementation (from which XFree86 is derived). While there are no known reports of real-world malicious exploits of any of these problems, it is nevertheless suggested that you upgrade your XFree86 packages immediately. The scope of this advisory is XFree86 3.3.6 only, since that is the version released with Debian GNU/Linux 2.2 ("potato"); Debian packages of XFree86 4.0 and later have not been released as part of a Debian distribution. Several people are responsible for authoring the fixes to these problems, including Aaron Campbell, Paulo Cesar Pereira de Andrade, Keith Packard, David Dawes, Matthieu Herrb, Trevor Johnson, Colin Phipps, and Branden Robinson. - - The X servers are vulnerable to a denial-of-service attack during XC-SECURITY protocol negotiation. Vulnerable: Debian 2.2, Debian 2.2r1, Debian 2.2r2 - - X clients based on Xlib (which is most of them) are subject to potential buffer overflows in the _XReply() and _XAsyncReply() functions if they connect to a maliciously-coded X server that places bogus data in its X protocol replies. NOTE: This is only an effective attack against X clients running with elevated privileges (setuid or setgid programs), and offers potential access only to the elevated privilege. For instance, the most common setuid X client is probably xterm. On many Unix systems, xterm is setuid root; in Debian 2.2, xterm is only setgid utmp, which means that an effective exploit is limited to corruption of the lastlog, utmp, and wtmp files -- *not* general root access. Also note that the attacker must already have sufficient privileges to start such an X client and successfully connect to the X server. Vulnerable: Debian 2.2, Debian 2.2r1, Debian 2.2r2 - - There is a buffer overflow (not stack-based) in xdm's XDMCP code. Vulnerable: Debian 2.2, Debian 2.2r1, Debian 2.2r2 - - There is a one-byte overflow in Xtrans.c. Vulnerable: Debian 2.2, Debian 2.2r1, Debian 2.2r2 - - Xtranssock.c is also subject to buffer overflow problems. Vulnerable: Debian 2.2, Debian 2.2r1, Debian 2.2r2 - - There is a buffer overflow with the -xkbmap X server flag. Vulnerable: Debian 2.2, Debian 2.2r1, Debian 2.2r2 - - The MultiSrc widget in the Athena widget library handle temporary files insecurely. Vulnerable: Debian 2.2, Debian 2.2r1, Debian 2.2r2 - - The imake program handles temporary files insecurely when executing install rules. Vulnerable: Debian 2.2, Debian 2.2r1, Debian 2.2r2 - - The ICE library is subject to buffer overflow attacks. Vulnerable: Debian 2.2, Debian 2.2r1, Debian 2.2r2 - - The xauth program handles temporary files insecurely. Vulnerable: Debian 2.2, Debian 2.2r1, Debian 2.2r2 - - The XauLock() function in the Xau library handles temporary files insecurely. Vulnerable: Debian 2.2, Debian 2.2r1, Debian 2.2r2 - - The gccmakedep and makedepend programs handle temporary files insecurely. Vulnerable: Debian 2.2, Debian 2.2r1, Debian 2.2r2 All of the above issues are resolved by this security release. There are several other XFree86 security issues commonly discussed in conjunction with the above, to which an up-to-date Debian 2.2 system is *NOT* vulnerable: - - There are 4 distinct problems with Xlib's XOpenDisplay() function in which a maliciously coded X server could cause a denial-of-service attack or buffer overflow. As before, this is only an effective attack against X clients running with elevated privileges, and the attacker must already have sufficient privileges to start such an X client and successfully connect to the X server. Debian 2.2 and 2.2r1 are only vulnerable to one of these problems, because we applied patches to XFree86 3.3.6 to correct the other three. An additional patch applied for Debian 2.2r2 corrected the fourth. Vulnerable: Debian 2.2, Debian 2.2r1 - - The AsciiSrc widget in the Athena widget library handles temporary files insecurely. Debian 2.2r2 is not vulnerable to this problem because we applied a patch to correct it. Vulnerable: Debian 2.2, Debian 2.2r1 - - The imake program uses mktemp() instead of mkstemp(). This problem does not exist in XFree86 3.3.6, and therefore no release of Debian 2.2 is affected. These problems have been fixed in version 3.3.6-11potato32 and we recommand that you upgrade your X packages immediately. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. Debian GNU/Linux 2.2 alias potato - --------------------------------- Potato was released for alpha, arm, i386, m68k, powerpc and sparc. At this moment m68k packages are not available yet. Once they become available they will be announced on security.debian.org. Source archives: http://security.debian.org/dists/stable/updates/main/source/xfree86-1_3.3.6-11potato32.diff.gz MD5 checksum: 69cc55bd586d711c23c64e86f4a0a39a http://security.debian.org/dists/stable/updates/main/source/xfree86-1_3.3.6-11potato32.dsc MD5 checksum: 1865df3421c2f9f41d08b9848c5c866a http://security.debian.org/dists/stable/updates/main/source/xfree86-1_3.3.6.orig.tar.gz MD5 checksum: c4669bc60748021d9432e709286f6e4f Architecture indendent archives: http://security.debian.org/dists/stable/updates/main/binary-all/rstart_3.3.6-11potato32_all.deb MD5 checksum: c8b22fe902e1aa8a7a060e6583006687 http://security.debian.org/dists/stable/updates/main/binary-all/xbase_3.3.6-11potato32_all.deb MD5 checksum: 000d8ff1f045fb672011f6be512fa70a http://security.debian.org/dists/stable/updates/main/binary-all/xfree86-common_3.3.6-11potato32_all.deb MD5 checksum: ae0366e2ccfd3b67604639eb4a937a55 Alpha architecture: http://security.debian.org/dists/stable/updates/main/binary-alpha/rstartd_3.3.6-11potato32_alpha.deb MD5 checksum: 7016eb78b364e47dd060c51e7b068a47 http://security.debian.org/dists/stable/updates/main/binary-alpha/twm_3.3.6-11potato32_alpha.deb MD5 checksum: 6c7a7db332fc0bc1e6015c6f48a07354 http://security.debian.org/dists/stable/updates/main/binary-alpha/xbase-clients_3.3.6-11potato32_alpha.deb MD5 checksum: 133aaf41be70205abed442076afef7c4 http://security.debian.org/dists/stable/updates/main/binary-alpha/xdm_3.3.6-11potato32_alpha.deb MD5 checksum: 6b832ec44b17f0736d607d1a07fec93b http://security.debian.org/dists/stable/updates/main/binary-alpha/xext_3.3.6-11potato32_alpha.deb MD5 checksum: f83f3ee576eee40736810065c2981606 http://security.debian.org/dists/stable/updates/main/binary-alpha/xf86setup_3.3.6-11potato32_alpha.deb MD5 checksum: 13d82d3fa7b0fc08f1a8e121c7be5ae1 http://security.debian.org/dists/stable/updates/main/binary-alpha/xfs_3.3.6-11potato32_alpha.deb MD5 checksum: fe9b269fe871f79f32ec5ed136341220 http://security.debian.org/dists/stable/updates/main/binary-alpha/xlib6g-dev_3.3.6-11potato32_alpha.deb MD5 checksum: d1c7bc79b308c640806d004450ee681f http://security.debian.org/dists/stable/updates/main/binary-alpha/xlib6g-static_3.3.6-11potato32_alpha.deb MD5 checksum: 1f610de0a57488210c863becde75c3b9 http://security.debian.org/dists/stable/updates/main/binary-alpha/xlib6g_3.3.6-11potato32_alpha.deb MD5 checksum: 8f966a797732527914e0c69c9ddccd2e http://security.debian.org/dists/stable/updates/main/binary-alpha/xmh_3.3.6-11potato32_alpha.deb MD5 checksum: 90791ebb652da5e8633e3f22173ee3ee http://security.debian.org/dists/stable/updates/main/binary-alpha/xnest_3.3.6-11potato32_alpha.deb MD5 checksum: 513b94c445752986a7af3cb2dbee69ec http://security.debian.org/dists/stable/updates/main/binary-alpha/xproxy_3.3.6-11potato32_alpha.deb MD5 checksum: c8149f37106daac11e3721ff189429c4 http://security.debian.org/dists/stable/updates/main/binary-alpha/xprt_3.3.6-11potato32_alpha.deb MD5 checksum: 7cba0fd69aa39934f1aa855103d5ab32 http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-3dlabs_3.3.6-11potato32_alpha.deb MD5 checksum: 9520a673ce7cb87eb0a84752d850dca3 http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-common_3.3.6-11potato32_alpha.deb MD5 checksum: 4faba513d9a29061378756ad491380b1 http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-fbdev_3.3.6-11potato32_alpha.deb MD5 checksum: 554faa5df6a7e7752bb41dbafaa13683 http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-i128_3.3.6-11potato32_alpha.deb MD5 checksum: b3c56c3140475ecd6f1f1ea90917731f http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-mach64_3.3.6-11potato32_alpha.deb MD5 checksum: ad5474c1b98263db4984433d1b2fe6cb http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-mono_3.3.6-11potato32_alpha.deb MD5 checksum: 3e3209f18e8fe3133976fbd34d10854a http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-p9000_3.3.6-11potato32_alpha.deb MD5 checksum: d79c01d56e54457e10c0db1e252abb11 http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-s3_3.3.6-11potato32_alpha.deb MD5 checksum: 9d8aaee346d92200dcfbac3fdeb5e849 http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-s3v_3.3.6-11potato32_alpha.deb MD5 checksum: 019093d1f6c099e7a314fd7c4db1825e http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-svga_3.3.6-11potato32_alpha.deb MD5 checksum: f749cf74f2de1e27de63440bd2aa9959 http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-tga_3.3.6-11potato32_alpha.deb MD5 checksum: 26b0f6107792962a38c5cb54e864a4ee http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-vga16_3.3.6-11potato32_alpha.deb MD5 checksum: 2e1160fcf14bd0b53e5ec05cdf9fb6e9 http://security.debian.org/dists/stable/updates/main/binary-alpha/xsm_3.3.6-11potato32_alpha.deb MD5 checksum: 2148c30c9281b206a7262a257f8a631a http://security.debian.org/dists/stable/updates/main/binary-alpha/xterm_3.3.6-11potato32_alpha.deb MD5 checksum: 4fd7f49556c10fa702b395affe32ca46 http://security.debian.org/dists/stable/updates/main/binary-alpha/xvfb_3.3.6-11potato32_alpha.deb MD5 checksum: b1d76c2437d0edd7579027bf98baa9ea ARM architecture: http://security.debian.org/dists/stable/updates/main/binary-arm/rstartd_3.3.6-11potato32_arm.deb MD5 checksum: a74f82bb54045973f66e5e8c2288bb67 http://security.debian.org/dists/stable/updates/main/binary-arm/twm_3.3.6-11potato32_arm.deb MD5 checksum: 20e9eadca43125ca5a7fbaf77e4401da http://security.debian.org/dists/stable/updates/main/binary-arm/xbase-clients_3.3.6-11potato32_arm.deb MD5 checksum: 57beb0497b91b06c009594d3d4413168 http://security.debian.org/dists/stable/updates/main/binary-arm/xdm_3.3.6-11potato32_arm.deb MD5 checksum: f1d7460483afaa5a84342367383a1d62 http://security.debian.org/dists/stable/updates/main/binary-arm/xext_3.3.6-11potato32_arm.deb MD5 checksum: a68db403ff21dab898574e8045d9e3fb http://security.debian.org/dists/stable/updates/main/binary-arm/xfs_3.3.6-11potato32_arm.deb MD5 checksum: aa8c6f3fd38c9cfed5b944484520ecb4 http://security.debian.org/dists/stable/updates/main/binary-arm/xlib6g-dev_3.3.6-11potato32_arm.deb MD5 checksum: 2e60e3a0434337457150a87afaba59b8 http://security.debian.org/dists/stable/updates/main/binary-arm/xlib6g-static_3.3.6-11potato32_arm.deb MD5 checksum: dd5b7bc5a4fee4b0fe6dea82b015a81f http://security.debian.org/dists/stable/updates/main/binary-arm/xlib6g_3.3.6-11potato32_arm.deb MD5 checksum: 5bd73196d5b95f08db7efb610346bec9 http://security.debian.org/dists/stable/updates/main/binary-arm/xmh_3.3.6-11potato32_arm.deb MD5 checksum: d5b03006576d3ff44f4d35ce9aacddf9 http://security.debian.org/dists/stable/updates/main/binary-arm/xnest_3.3.6-11potato32_arm.deb MD5 checksum: a0a0aee768ac07409e1d4a8b695734e9 http://security.debian.org/dists/stable/updates/main/binary-arm/xproxy_3.3.6-11potato32_arm.deb MD5 checksum: cc3d0d62836fb10d49aca83062188636 http://security.debian.org/dists/stable/updates/main/binary-arm/xprt_3.3.6-11potato32_arm.deb MD5 checksum: 7e074d0c074af762b017ffdd36f68bb2 http://security.debian.org/dists/stable/updates/main/binary-arm/xserver-common_3.3.6-11potato32_arm.deb MD5 checksum: 09216ab3689d30eb2b5ea6f3f1ddca17 http://security.debian.org/dists/stable/updates/main/binary-arm/xserver-fbdev_3.3.6-11potato32_arm.deb MD5 checksum: dec81f45cfca6c038427b312fed1405e http://security.debian.org/dists/stable/updates/main/binary-arm/xsm_3.3.6-11potato32_arm.deb MD5 checksum: 994637a3e1d8c6fd5e289d73fa717861 http://security.debian.org/dists/stable/updates/main/binary-arm/xterm_3.3.6-11potato32_arm.deb MD5 checksum: 6f51fa8caf5330af5710f77d6d335cc2 http://security.debian.org/dists/stable/updates/main/binary-arm/xvfb_3.3.6-11potato32_arm.deb MD5 checksum: 60a3cc66cbbe6e8cc921e6f8b0ce06f6 Intel ia32 architecture: http://security.debian.org/dists/stable/updates/main/binary-i386/rstartd_3.3.6-11potato32_i386.deb MD5 checksum: e3d0592e48eb3e312e5098b9b8fbd5bd http://security.debian.org/dists/stable/updates/main/binary-i386/twm_3.3.6-11potato32_i386.deb MD5 checksum: ad1b70c0e1c8ce5e7549831c8a661926 http://security.debian.org/dists/stable/updates/main/binary-i386/xbase-clients_3.3.6-11potato32_i386.deb MD5 checksum: 3a13e4b10c2ea0ed2a0cd200b5cf99aa http://security.debian.org/dists/stable/updates/main/binary-i386/xdm_3.3.6-11potato32_i386.deb MD5 checksum: 5c69e9f6cfd854fcc35bdcc28e842aac http://security.debian.org/dists/stable/updates/main/binary-i386/xext_3.3.6-11potato32_i386.deb MD5 checksum: eef72e739fa7b54a6dd5483d863ebe9a http://security.debian.org/dists/stable/updates/main/binary-i386/xf86setup_3.3.6-11potato32_i386.deb MD5 checksum: bebaddde2a877142d701959499341724 http://security.debian.org/dists/stable/updates/main/binary-i386/xfs_3.3.6-11potato32_i386.deb MD5 checksum: 4d74861bba07d483afccb8b82e75524e http://security.debian.org/dists/stable/updates/main/binary-i386/xlib6-altdev_3.3.6-11potato32_i386.deb MD5 checksum: 3857e5548b6b0ccf93548b5e12b9fb94 http://security.debian.org/dists/stable/updates/main/binary-i386/xlib6_3.3.6-11potato32_i386.deb MD5 checksum: 04ee5c0a5f5c5d1d5ec7c3fa1a8abb41 http://security.debian.org/dists/stable/updates/main/binary-i386/xlib6g-dev_3.3.6-11potato32_i386.deb MD5 checksum: 1e621013cff2ce5e684ff3dd6eed4ada http://security.debian.org/dists/stable/updates/main/binary-i386/xlib6g-static_3.3.6-11potato32_i386.deb MD5 checksum: a7190ee3a4316ae816b3c7b65e54e59f http://security.debian.org/dists/stable/updates/main/binary-i386/xlib6g_3.3.6-11potato32_i386.deb MD5 checksum: 11d0a291a25c25aea161bf93db38d5a1 http://security.debian.org/dists/stable/updates/main/binary-i386/xmh_3.3.6-11potato32_i386.deb MD5 checksum: e1eb815fc9a01da36d7444b3a2fd3fda http://security.debian.org/dists/stable/updates/main/binary-i386/xnest_3.3.6-11potato32_i386.deb MD5 checksum: f0a5ca51e123bf428f442f4a0664024e http://security.debian.org/dists/stable/updates/main/binary-i386/xproxy_3.3.6-11potato32_i386.deb MD5 checksum: 9f8625022de16d63f57d906f04fceced http://security.debian.org/dists/stable/updates/main/binary-i386/xprt_3.3.6-11potato32_i386.deb MD5 checksum: c3f23c39edf15bb8f11b4a54f079d7ca http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-3dlabs_3.3.6-11potato32_i386.deb MD5 checksum: f880d68af3d77c6052220885ea11ff17 http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-8514_3.3.6-11potato32_i386.deb MD5 checksum: be2effceaf52bea16f0f391495d9c03f http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-agx_3.3.6-11potato32_i386.deb MD5 checksum: e3635066c8e25bb4ad8f0051548b92cc http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-common_3.3.6-11potato32_i386.deb MD5 checksum: 623f2183d5f277fc363e74c22296a35e http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-fbdev_3.3.6-11potato32_i386.deb MD5 checksum: 5a17c8c2ea526f802bb83c6c3aa5e0d3 http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-i128_3.3.6-11potato32_i386.deb MD5 checksum: 6d5ca2b5e6fe1affc5a511bf6e436665 http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-mach32_3.3.6-11potato32_i386.deb MD5 checksum: 3bee6d80194df3c3904d841e16ff3d0f http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-mach64_3.3.6-11potato32_i386.deb MD5 checksum: 8bdf77a6e5dae42a6407a3688a4fc08a http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-mach8_3.3.6-11potato32_i386.deb MD5 checksum: 62daf60fcb82abdf56dae2fcb8eb707a http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-mono_3.3.6-11potato32_i386.deb MD5 checksum: 415e0317d76dd4f27c52f6c9e206c5d9 http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-p9000_3.3.6-11potato32_i386.deb MD5 checksum: 426751b7edd46e5968ecbb0ec9455fc7 http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-s3_3.3.6-11potato32_i386.deb MD5 checksum: e8bf157d04976c87ceacd0ddde068cf4 http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-s3v_3.3.6-11potato32_i386.deb MD5 checksum: 9caf08be5a7ea892f8dceb17ef8ea3b8 http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-svga_3.3.6-11potato32_i386.deb MD5 checksum: 0eb3ea2a3f381d1e9297b400ad908f79 http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-vga16_3.3.6-11potato32_i386.deb MD5 checksum: 5af1509c75304875f87b892b6f734484 http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-w32_3.3.6-11potato32_i386.deb MD5 checksum: 1eea9af440c79e1cf5c4354243ecc34d http://security.debian.org/dists/stable/updates/main/binary-i386/xsm_3.3.6-11potato32_i386.deb MD5 checksum: 6f45b950936530189f953bd28c0331c9 http://security.debian.org/dists/stable/updates/main/binary-i386/xterm_3.3.6-11potato32_i386.deb MD5 checksum: 95e542ddf4e994eb014e22f5bb77fb94 http://security.debian.org/dists/stable/updates/main/binary-i386/xvfb_3.3.6-11potato32_i386.deb MD5 checksum: dfe890b03ea09cc4003681a187d24ede PowerPC architecture: http://security.debian.org/dists/stable/updates/main/binary-powerpc/rstartd_3.3.6-11potato32_powerpc.deb MD5 checksum: fea33d0dcf4a5199984cd4e4b3bdcc62 http://security.debian.org/dists/stable/updates/main/binary-powerpc/twm_3.3.6-11potato32_powerpc.deb MD5 checksum: f12a774751ea4a6f0f64745e95ba62fd http://security.debian.org/dists/stable/updates/main/binary-powerpc/xbase-clients_3.3.6-11potato32_powerpc.deb MD5 checksum: c8e531206440a3762cd08d08b69aecfb http://security.debian.org/dists/stable/updates/main/binary-powerpc/xdm_3.3.6-11potato32_powerpc.deb MD5 checksum: 320fa9aa9e7803ff444396350bc02961 http://security.debian.org/dists/stable/updates/main/binary-powerpc/xext_3.3.6-11potato32_powerpc.deb MD5 checksum: 415248c142cc892b72bde859d9cacde0 http://security.debian.org/dists/stable/updates/main/binary-powerpc/xfs_3.3.6-11potato32_powerpc.deb MD5 checksum: 6863f8f353e9592f0479ff95221e65e5 http://security.debian.org/dists/stable/updates/main/binary-powerpc/xlib6g-dev_3.3.6-11potato32_powerpc.deb MD5 checksum: d87dd3ba113feb97f72fb98548924d0d http://security.debian.org/dists/stable/updates/main/binary-powerpc/xlib6g-static_3.3.6-11potato32_powerpc.deb MD5 checksum: 7ae2d8e80616cd6bec528174f2fe98dc http://security.debian.org/dists/stable/updates/main/binary-powerpc/xlib6g_3.3.6-11potato32_powerpc.deb MD5 checksum: 1a2762def576884b64c5e662b61606de http://security.debian.org/dists/stable/updates/main/binary-powerpc/xmh_3.3.6-11potato32_powerpc.deb MD5 checksum: 640b1a3fecf20c87b49ed040db54d970 http://security.debian.org/dists/stable/updates/main/binary-powerpc/xnest_3.3.6-11potato32_powerpc.deb MD5 checksum: 4fa0e956b167274415c1e1512f94c227 http://security.debian.org/dists/stable/updates/main/binary-powerpc/xproxy_3.3.6-11potato32_powerpc.deb MD5 checksum: af6dd3f6cf611f3120628a415ed6df89 http://security.debian.org/dists/stable/updates/main/binary-powerpc/xprt_3.3.6-11potato32_powerpc.deb MD5 checksum: b9932da793b94c5281db77674d049c04 http://security.debian.org/dists/stable/updates/main/binary-powerpc/xserver-common_3.3.6-11potato32_powerpc.deb MD5 checksum: 1973982ddc3325de726623f248e1fcb4 http://security.debian.org/dists/stable/updates/main/binary-powerpc/xserver-fbdev_3.3.6-11potato32_powerpc.deb MD5 checksum: 9a1d0c986411ff763c4669f0b18fab67 http://security.debian.org/dists/stable/updates/main/binary-powerpc/xsm_3.3.6-11potato32_powerpc.deb MD5 checksum: 06d9ccd4c945b397b5e0d68cdbc2bc16 http://security.debian.org/dists/stable/updates/main/binary-powerpc/xterm_3.3.6-11potato32_powerpc.deb MD5 checksum: e7b71bbc8bf8a4fab1a32ea4afe34ea9 http://security.debian.org/dists/stable/updates/main/binary-powerpc/xvfb_3.3.6-11potato32_powerpc.deb MD5 checksum: c02c605c0149645a951448c6ff8cfbf5 Sun Sparc architecture: http://security.debian.org/dists/stable/updates/main/binary-sparc/rstartd_3.3.6-11potato32_sparc.deb MD5 checksum: 2ac68b7495bb6aa743dd4b88acd64b70 http://security.debian.org/dists/stable/updates/main/binary-sparc/twm_3.3.6-11potato32_sparc.deb MD5 checksum: cafda6b0358af420ef392822436058a3 http://security.debian.org/dists/stable/updates/main/binary-sparc/xbase-clients_3.3.6-11potato32_sparc.deb MD5 checksum: 6072f6e30a444b4cdbd49c85c7892131 http://security.debian.org/dists/stable/updates/main/binary-sparc/xdm_3.3.6-11potato32_sparc.deb MD5 checksum: 1874048ad3f397fbff1ead11f0e10cd0 http://security.debian.org/dists/stable/updates/main/binary-sparc/xext_3.3.6-11potato32_sparc.deb MD5 checksum: 8199681a782a0609a7578dff15745d6a http://security.debian.org/dists/stable/updates/main/binary-sparc/xfs_3.3.6-11potato32_sparc.deb MD5 checksum: 151363a3590aa61dd42b62ccd95a37ac http://security.debian.org/dists/stable/updates/main/binary-sparc/xlib6g-dev_3.3.6-11potato32_sparc.deb MD5 checksum: adedf419e79f1bf7b4eefdc698d2c3f1 http://security.debian.org/dists/stable/updates/main/binary-sparc/xlib6g-static_3.3.6-11potato32_sparc.deb MD5 checksum: b50b401592e844b933b05fb0252a8308 http://security.debian.org/dists/stable/updates/main/binary-sparc/xlib6g_3.3.6-11potato32_sparc.deb MD5 checksum: 444875a9bebb02e38ebe7a2ddd132b85 http://security.debian.org/dists/stable/updates/main/binary-sparc/xmh_3.3.6-11potato32_sparc.deb MD5 checksum: 00e6656e19fa100359efb5647e1674bd http://security.debian.org/dists/stable/updates/main/binary-sparc/xnest_3.3.6-11potato32_sparc.deb MD5 checksum: 1faeb8494593c823117cd7ffed91b1ce http://security.debian.org/dists/stable/updates/main/binary-sparc/xproxy_3.3.6-11potato32_sparc.deb MD5 checksum: b08b12c3d791f664475865780adda576 http://security.debian.org/dists/stable/updates/main/binary-sparc/xprt_3.3.6-11potato32_sparc.deb MD5 checksum: 2e4837c71af32dea4179d4c76880c5eb http://security.debian.org/dists/stable/updates/main/binary-sparc/xserver-3dlabs_3.3.6-11potato32_sparc.deb MD5 checksum: f5681db32ef1d79e4ebadf94c3ad753f http://security.debian.org/dists/stable/updates/main/binary-sparc/xserver-common_3.3.6-11potato32_sparc.deb MD5 checksum: 8e40385ba47efee7fd026cfff90722c1 http://security.debian.org/dists/stable/updates/main/binary-sparc/xserver-fbdev_3.3.6-11potato32_sparc.deb MD5 checksum: 9755794983421183be1ec2c435870482 http://security.debian.org/dists/stable/updates/main/binary-sparc/xserver-mach64_3.3.6-11potato32_sparc.deb MD5 checksum: 9cd17f998483034fe1cc00cfc12f8e4e http://security.debian.org/dists/stable/updates/main/binary-sparc/xserver-xsun-mono_3.3.6-11potato32_sparc.deb MD5 checksum: 57b0453b9fa62b95db47125878b123d2 http://security.debian.org/dists/stable/updates/main/binary-sparc/xserver-xsun24_3.3.6-11potato32_sparc.deb MD5 checksum: 61abde1c3b361cb13e51da92078ffabb http://security.debian.org/dists/stable/updates/main/binary-sparc/xserver-xsun_3.3.6-11potato32_sparc.deb MD5 checksum: 4993edb405722fdffbde36c0a4106fe2 http://security.debian.org/dists/stable/updates/main/binary-sparc/xsm_3.3.6-11potato32_sparc.deb MD5 checksum: 2085a88b6a0955ec0dd41c5b9243a80d http://security.debian.org/dists/stable/updates/main/binary-sparc/xterm_3.3.6-11potato32_sparc.deb MD5 checksum: 2a0bc3d0e1da1c307015eacb6b0ce742 http://security.debian.org/dists/stable/updates/main/binary-sparc/xvfb_3.3.6-11potato32_sparc.deb MD5 checksum: bad17a61b6d07c6d5b004ab12d5ba56e These files will be moved into ftp://ftp.debian.org/debian/dists/stable/*/binary-$arch/ soon. For not yet released architectures please refer to the appropriate directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ . - -- - ---------------------------------------------------------------------------- apt-get: deb http://security.debian.org/ stable/updates main dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia Charset: noconv iQB1AwUBOogZWajZR/ntlUftAQEmYwMAt4C7DrMgi43gGuf1s5Y7YuCzTfzGVAZl vyIyT63sEYuO5Em+aUW1IGBCBMmatz5N90lwmCyh7mywBa//uT9rHucTL2U6atDH pHfWCJCc+arQyg0qmQucyOFiw29amEhj =ZpZX -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-security-announce-request@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org