Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2009.1156
New APR packages fix arbitrary code execution
10 August 2009
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: apr, apr-util
Publisher: Debian
Operating System: Debian GNU/Linux 4
Debian GNU/Linux 5
Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2009-2412
Reference: ESB-2009.1149
Original Bulletin:
http://www.debian.org/security/2009/dsa-1854
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - ------------------------------------------------------------------------
Debian Security Advisory DSA-1854-1 security@debian.org
http://www.debian.org/security/ Florian Weimer
August 08, 2009 http://www.debian.org/security/faq
- - ------------------------------------------------------------------------
Package : apr, apr-util
Vulnerability : heap buffer overflow
Debian-specific: no
CVE Id(s) : CVE-2009-2412
Matt Lewis discovered that the memory management code in the Apache
Portable Runtime (APR) library does not guard against a wrap-around
during size computations. This could cause the library to return a
memory area which smaller than requested, resulting a heap overflow
and possibly arbitrary code execution.
For the old stable distribution (etch), this problem has been fixed in
version 1.2.7-9 of the apr package, and version 1.2.7+dfsg-2+etch3 of
the apr-util package.
For the stable distribution (lenny), this problem has been fixed in
version 1.2.12-5+lenny1 of the apr package and version 1.2.12-5+lenny1
of the apr-util package.
For the unstable distribution (sid), this problem will be fixed soon.
We recommend that you upgrade your APR packages.
Upgrade instructions
- - --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- - -------------------------------
Source archives:
http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg.orig.tar.gz
Size/MD5 checksum: 643328 a3117be657f99e92316be40add59b9ff
http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg-2+etch3.dsc
Size/MD5 checksum: 1036 9dc256c005a7f544c4d5c410b226fb74
http://security.debian.org/pool/updates/main/a/apr/apr_1.2.7-9.diff.gz
Size/MD5 checksum: 26613 021ef3aa5b3a9fc021779a0b6a6a4ec9
http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg-2+etch3.diff.gz
Size/MD5 checksum: 21651 e090ebfd7174c90bae4e4935a3d3db15
http://security.debian.org/pool/updates/main/a/apr/apr_1.2.7.orig.tar.gz
Size/MD5 checksum: 1102370 aea926cbe588f844ad9e317157d60175
http://security.debian.org/pool/updates/main/a/apr/apr_1.2.7-9.dsc
Size/MD5 checksum: 856 89662625fd7a34ceb514087de869d918
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_alpha.deb
Size/MD5 checksum: 121726 df1e2d6e8bf9ed485ad417fe274eb0e3
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_alpha.deb
Size/MD5 checksum: 83690 b5873275f420b15f9868ea0dde699c60
http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_alpha.deb
Size/MD5 checksum: 371668 4e8bd42151f3cdf8cee91c49599aab42
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_alpha.deb
Size/MD5 checksum: 129158 5074639b4b0d9877ff29b96540fdfaec
http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_alpha.deb
Size/MD5 checksum: 185420 ddf84849ff3bee792dc187c6d21958bd
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_alpha.deb
Size/MD5 checksum: 148140 079cff06535a7e3f4e9a5d682d80bb1b
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_amd64.deb
Size/MD5 checksum: 72946 6b11e4b65bdf67981a091177d9644007
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_amd64.deb
Size/MD5 checksum: 126156 b420f555d02504e0497a0ba3c27e0cac
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_amd64.deb
Size/MD5 checksum: 127742 1606857f3291ccb10e038219f1f2eab3
http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_amd64.deb
Size/MD5 checksum: 187302 bb1a4aa5768fa012201ad1e72bc27e93
http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_amd64.deb
Size/MD5 checksum: 348120 b5d6b4e7c628dffe867159b54b6c82f1
http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_amd64.deb
Size/MD5 checksum: 111664 6b51dc29ea4defa975902d246188086f
arm architecture (ARM)
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_arm.deb
Size/MD5 checksum: 121504 3ba789c274f2ed7030aa286ea57dbb3d
http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_arm.deb
Size/MD5 checksum: 175146 86ff258e9181fa424cb043dc22e2c0e0
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_arm.deb
Size/MD5 checksum: 117302 97d701c8f9d6746eb14448bfde8e8588
http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_arm.deb
Size/MD5 checksum: 104934 45a976662beb7ec3b15ee7c7a45f3de7
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_arm.deb
Size/MD5 checksum: 66110 09c54142359236f50654bd9c7b375781
http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_arm.deb
Size/MD5 checksum: 335520 14d06ecfb54247718b780c893df8f4cc
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_hppa.deb
Size/MD5 checksum: 126186 9494353aa42e983a245af2890dd2c6d7
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_hppa.deb
Size/MD5 checksum: 78668 60c87b0e86c1ed31deecddd88cdf5fa5
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_hppa.deb
Size/MD5 checksum: 133918 ae993c733053a326603c5b750505bee9
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_i386.deb
Size/MD5 checksum: 116052 6238f10eb5077bb53b9664b82b985c40
http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_i386.deb
Size/MD5 checksum: 338694 262cec472ec3aaeb1b4d38eebaa940c8
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_i386.deb
Size/MD5 checksum: 68854 78ab4f6425153d8b746b99842994d555
http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_i386.deb
Size/MD5 checksum: 109138 4aa254cacd4e95785ae823cedb1cce2f
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_i386.deb
Size/MD5 checksum: 122136 4a16475bb5780625902c79069681ae74
http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_i386.deb
Size/MD5 checksum: 180654 481471d06045a2e348b55de6dbdf5f94
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_ia64.deb
Size/MD5 checksum: 156562 52761fff3e82e21728e0c6a79bf4508f
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_ia64.deb
Size/MD5 checksum: 99446 3ad58d882e434e39be525e7aa41d9e93
http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_ia64.deb
Size/MD5 checksum: 141894 5b7351a6b4c3765e3d76b9d22e04cf0e
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_ia64.deb
Size/MD5 checksum: 118716 8c73712293cd4d9a5935aefd18a3e4c9
http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_ia64.deb
Size/MD5 checksum: 171514 f474001e4f852a44af517b5d6f737a65
http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_ia64.deb
Size/MD5 checksum: 385514 76d0bbda16c749f6a5b40fd6297a180a
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_mips.deb
Size/MD5 checksum: 188816 de1ecb467042d2c1891cc1d2f5db83d9
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_mips.deb
Size/MD5 checksum: 130394 fc34d9b137c080b63374d809c1d6bf8b
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_mips.deb
Size/MD5 checksum: 130492 4d7cdffabbef214eeea0c02a346d0eb8
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_mips.deb
Size/MD5 checksum: 70776 6fe66f5cb81c2a3af2fa0cd64a85cfd8
http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_mips.deb
Size/MD5 checksum: 357368 aab08f1596aead97cc48924ebf99c80e
http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_mips.deb
Size/MD5 checksum: 112644 9c6d720999259453daaa13e8ec3c8336
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_mipsel.deb
Size/MD5 checksum: 186464 5b2392a143ff8a173a771b819377ab47
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_mipsel.deb
Size/MD5 checksum: 128052 02e3c278190e92d7131c275aab5f5c44
http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_mipsel.deb
Size/MD5 checksum: 358010 480087a77642a8ff99a32bb323b62600
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_mipsel.deb
Size/MD5 checksum: 130712 50da703a75deb2ba87d4be171e80bd5b
http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_mipsel.deb
Size/MD5 checksum: 113352 d363370bcba834268202db5271b20aa3
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_mipsel.deb
Size/MD5 checksum: 70794 1f57c4362c286bd0d2df40d775690612
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_powerpc.deb
Size/MD5 checksum: 125106 92d5d46effd18aaa8e849254d9da8acd
http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_powerpc.deb
Size/MD5 checksum: 348504 2f4f96652c28e3f5f1cfae8e5265ec83
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_powerpc.deb
Size/MD5 checksum: 130380 dacdce767bcff6b0ecbe66add6838e8b
http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_powerpc.deb
Size/MD5 checksum: 189780 ae1e23e3080fbfe3ba26b8acf9561d6c
http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_powerpc.deb
Size/MD5 checksum: 113956 1e2ba4da9ee0775325b351887c182f52
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_powerpc.deb
Size/MD5 checksum: 72472 3a47c9eca3ec7b6f4e87609b3aca7f65
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_s390.deb
Size/MD5 checksum: 124802 cdd46922b57a51fedb25ae401d8dc753
http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_s390.deb
Size/MD5 checksum: 121978 71edc1d101933b1a43a9c395427a4aed
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_s390.deb
Size/MD5 checksum: 128570 f0f7d5dfecb61c6212e0803a325e8a01
http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_s390.deb
Size/MD5 checksum: 186320 cca313c55848e6161810ff16fb71390f
http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_s390.deb
Size/MD5 checksum: 349848 b9cbaa0a70b9bfa28d74ac4a6e107428
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_s390.deb
Size/MD5 checksum: 76668 f6b5e093ae1c3c5d4442e223115052de
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_sparc.deb
Size/MD5 checksum: 338056 ab06437e18c1cc36dab35779cc4102d8
http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_sparc.deb
Size/MD5 checksum: 103200 1c6f94d15f4e3052e9ed80fc232f96b5
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_sparc.deb
Size/MD5 checksum: 117840 5f0671d301a9e2ea8020d0dcaa71a42b
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_sparc.deb
Size/MD5 checksum: 66374 668815a44c99c366ae8e3f624613932e
http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_sparc.deb
Size/MD5 checksum: 167962 f338f71eeb38be58c67d1ac0fd92d1ff
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_sparc.deb
Size/MD5 checksum: 117510 63dd9c471f24472eb46a5fd9dcb92077
Debian GNU/Linux 5.0 alias lenny
- - --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/a/apr/apr_1.2.12.orig.tar.gz
Size/MD5 checksum: 1127522 020ea947446dca2d1210c099c7a4c837
http://security.debian.org/pool/updates/main/a/apr/apr_1.2.12-5+lenny1.diff.gz
Size/MD5 checksum: 12398 b407ff7dac7363278f4f060e121aa611
http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg.orig.tar.gz
Size/MD5 checksum: 658687 4ef3e41037fe0cdd3a0d107335a008eb
http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg-8+lenny4.dsc
Size/MD5 checksum: 1530 dccceaa89d58074be3b7b7738a99756b
http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg-8+lenny4.diff.gz
Size/MD5 checksum: 23138 a2222477de9ad92015416542a2c250ed
http://security.debian.org/pool/updates/main/a/apr/apr_1.2.12-5+lenny1.dsc
Size/MD5 checksum: 1284 4330306f892fd7c0950b1ccf2537b38d
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_alpha.deb
Size/MD5 checksum: 806236 3689d5ee779d3846fe67c9dad2f213dc
http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_alpha.deb
Size/MD5 checksum: 53204 92bb2e8a7c48e6f8437680e08607a3f7
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_alpha.deb
Size/MD5 checksum: 147658 edba141e93c382fbf0ab2bbec1dba899
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_alpha.deb
Size/MD5 checksum: 158060 b80ad32790c6c8d89f0007a69d9ce0b8
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_alpha.deb
Size/MD5 checksum: 90740 c715b55d060a2d4e8d7684477d0b9014
http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_alpha.deb
Size/MD5 checksum: 121774 565a4fdd123d04698907456e40d4df0b
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_amd64.deb
Size/MD5 checksum: 54232 3f23cc38f68bbf926b801b82b3fea917
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_amd64.deb
Size/MD5 checksum: 80046 f6158018f26ddd6369687b8f9f64aa75
http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_amd64.deb
Size/MD5 checksum: 114326 851cc08504589c09f08ec9e6efa52ef1
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_amd64.deb
Size/MD5 checksum: 147928 136a5a5c0d558d8f252d1ed44efed217
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_amd64.deb
Size/MD5 checksum: 133850 6b71ac477650c688863ef33fc58216a0
http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_amd64.deb
Size/MD5 checksum: 825740 bf80dbc726c5b691b023e96e463ba88c
arm architecture (ARM)
http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_arm.deb
Size/MD5 checksum: 818438 8e6c8a9964650a793e4a0e5ec51a8619
http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_arm.deb
Size/MD5 checksum: 54912 a853d8175d2bee56c6f37aada02fc2ca
http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_arm.deb
Size/MD5 checksum: 107790 85e0815ff8f340d99052a9c9f604cccd
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_arm.deb
Size/MD5 checksum: 71112 20a4c9fd130c188166c0ebc6ceff5fcf
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_arm.deb
Size/MD5 checksum: 138982 c84f95cff9713ed403fae7b712456ade
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_arm.deb
Size/MD5 checksum: 124090 c4fc3663255a416725a69818e3523731
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_armel.deb
Size/MD5 checksum: 109676 e26ebffcc101ffc87963c9a65b3543f6
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_armel.deb
Size/MD5 checksum: 124626 4c34337eb3d1d55900a067f2c8412abc
http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_armel.deb
Size/MD5 checksum: 821990 19c68f5f904bb3bbdfd44349f8544e83
http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_armel.deb
Size/MD5 checksum: 55820 f39b0928bc4b91fb60bd6259c6ae6e02
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_armel.deb
Size/MD5 checksum: 70086 1d3032e0879ed1ea6fa2f04c34af1782
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_armel.deb
Size/MD5 checksum: 139434 e802e42577998c62fadfc335edb3b81a
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_hppa.deb
Size/MD5 checksum: 83668 3c8893214d7375303eaf1eec6e27212b
http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_hppa.deb
Size/MD5 checksum: 827762 2fd0d8dd54c92c828e42100bb8816b00
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_hppa.deb
Size/MD5 checksum: 142916 14e1e2f8fa50b0eb1772f1e4bbc26e50
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_hppa.deb
Size/MD5 checksum: 140872 7fef63f2cd282e44c51b5e69d94d8706
http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_hppa.deb
Size/MD5 checksum: 113954 926b8c39fee1787a94b3d6cc1c6d420b
http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_hppa.deb
Size/MD5 checksum: 54332 18751dc2275828a126b2dbe568678f32
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_i386.deb
Size/MD5 checksum: 73814 2ef03972ed5b2232fe5782c4960bc362
http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_i386.deb
Size/MD5 checksum: 54582 edc98ca59cebd14195602929def1da31
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_i386.deb
Size/MD5 checksum: 141438 5a54e1cac30640ca5e9922586d9983a8
http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_i386.deb
Size/MD5 checksum: 108882 075f37cd43e483d27ff0b94ad01f2d08
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_i386.deb
Size/MD5 checksum: 121138 fc2411e049936d12702713c82377c9e5
http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_i386.deb
Size/MD5 checksum: 809460 a5648e0404f1cb4244c156cf85bfe0f5
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_ia64.deb
Size/MD5 checksum: 135404 8f7a4964b22e5e9e5297380c15d8818d
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_ia64.deb
Size/MD5 checksum: 170110 412b51e1e3c1ed4e309459dd17844e68
http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_ia64.deb
Size/MD5 checksum: 154362 2fc1441f28ef4f90446464627c8ef36d
http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_ia64.deb
Size/MD5 checksum: 837496 6862607faf59e42525f5205d8a967818
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_ia64.deb
Size/MD5 checksum: 111140 12f0bf9e6264cc9c170c2b8365428cc0
http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_ia64.deb
Size/MD5 checksum: 53428 a6a55d644fb58a0f7ea6a9b509cb71d0
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_mips.deb
Size/MD5 checksum: 110932 feb666e4f402bcb1954bc194c37496d7
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_mips.deb
Size/MD5 checksum: 147482 e2508cc75520518ccbe4c3a5cf0cc50c
http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_mips.deb
Size/MD5 checksum: 56582 5134a012017e629239cc543fedf4edf3
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_mips.deb
Size/MD5 checksum: 74584 2fbb1b76079126fd701f32e45a9cf7f0
http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_mips.deb
Size/MD5 checksum: 792650 126585d9fe0def77f7632f9d098eb11d
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_mips.deb
Size/MD5 checksum: 136438 ae62dc1d5a32fac11615f4b67cfa4a6b
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_mipsel.deb
Size/MD5 checksum: 56414 ecca7e3643ccb91fc962b886bdddbc0e
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_mipsel.deb
Size/MD5 checksum: 136390 d45f956c14ea9fe22b77bce3810c32b7
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_mipsel.deb
Size/MD5 checksum: 144740 05411f88615592531468cdd89bb4b5d0
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_mipsel.deb
Size/MD5 checksum: 74366 a15e15331a62f33d33481b7e53f07b48
http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_mipsel.deb
Size/MD5 checksum: 792762 dc1e4748e106c82e9f8bf6c3ecce4a38
http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_mipsel.deb
Size/MD5 checksum: 110974 a5dd28b5c9b3106da8e4c81abea6777d
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_powerpc.deb
Size/MD5 checksum: 82512 f8a18fb94a4ef3cabec01c288a26eef5
http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_powerpc.deb
Size/MD5 checksum: 55708 555d64273f15c6ebd503b7cb84f0fb29
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_powerpc.deb
Size/MD5 checksum: 132338 66e77820b5b9d2a05d6df5c4ec2c76b0
http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_powerpc.deb
Size/MD5 checksum: 116238 1a291989c32ea21ac8eef9ca51831fc5
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_powerpc.deb
Size/MD5 checksum: 147180 cc9f274b349dbbb9ce9b69b0d0edf493
http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_powerpc.deb
Size/MD5 checksum: 821948 fc3acf3dec16223caf6f932e8b7c0c01
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_s390.deb
Size/MD5 checksum: 126058 474bddd0f3c5a69cc21fc2d403fe90f6
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_s390.deb
Size/MD5 checksum: 148614 89cc7bb2619f28e5e6e9d0042050a924
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_s390.deb
Size/MD5 checksum: 133044 fb35625937e6fae551d97df283a32dd9
http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_s390.deb
Size/MD5 checksum: 787872 2dc32425bfbd17b841218064599d80ed
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_s390.deb
Size/MD5 checksum: 85496 c41f2fdebd22ec066815211768dcdc3a
http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_s390.deb
Size/MD5 checksum: 54414 c36fa2538d8077a8ef09842e07bd989a
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_sparc.deb
Size/MD5 checksum: 814624 613a70f3443404f5939e91e229d01d25
http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_sparc.deb
Size/MD5 checksum: 54370 4c12839718c73a2b96b607d77fcbc583
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_sparc.deb
Size/MD5 checksum: 131706 5c2ad3da38aaaab8ac2c14656602c532
http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_sparc.deb
Size/MD5 checksum: 108712 c1f66be9c2daa447d5bfbd1f7639aada
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_sparc.deb
Size/MD5 checksum: 72738 ec558ed4277ca676f07e3181ffad0335
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_sparc.deb
Size/MD5 checksum: 124976 22385c13d934c3877ce2f9eeaa4584e3
These files will probably be moved into the stable distribution on
its next update.
- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iQEcBAEBAgAGBQJKfcqtAAoJEL97/wQC1SS+6T4IAJxpIZ7AUOwmDtuOk/WQzlzv
U1nz6YhC9nhf/QdjbmAe0+ClaGwP5FZOacfEK6t64DBJ/81qgLtHlh6hlbm2+9wD
vIddGlXmdKjEcHXVbt5rwEoc9pk6ma954Fziu2yUVxhP40SBLWlfEQ5w1LxjNHAI
UKokX2+4C3Lk+6hJd8AqnvyfqP8h990HzFqT11hh8OlKVrvHmAiZWbSMmLvkKsPf
F5mNDGVKluNfpAhwo6eLN2ayRDEKAeuejF2jQtb/MXQN3kJpPri2JhalhMra371l
RmpmVNUOtKKJz/3gHSLjQNh6D5G4kj/I9RcHFA68Pv14kXh0xgtQlKGGLaPo/3M=
=704P
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iD8DBQFKf4/wNVH5XJJInbgRApa+AJ9giuvbAnpaakoal+qWYCvaJw+0eQCgg2R3
uq2mxhC1JjE8o38ZHadchNo=
=uGR9
-----END PGP SIGNATURE-----