-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                              ESB-2009.1642.2
                 New expat packages fix denial of service
                              4 January 2010

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           expat
Publisher:         Debian
Operating System:  Debian GNU/Linux 4
Impact/Access:     Denial of Service -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2009-3560  

Reference:         ESB-2009.1604

Original Bulletin: 
   http://www.debian.org/security/2009/dsa-1953

Revision History:  January   4 2010: The expat updates released in DSA-1953-1 caused a regression
                   December 16 2009: Initial Release

- --------------------------BEGIN INCLUDED TEXT--------------------

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1953-2                  security@debian.org
http://www.debian.org/security/                           Stefan Fritsch
December 31, 2009                     http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : expat
Vulnerability  : denial of service
Problem type   : remote
Debian-specific: no
CVE Id         : CVE-2009-3560
Debian Bug     : 560901 561658

The expat updates released in DSA-1953-1 caused a regression: In some
cases, expat would abort with the message "error in processing external
entity reference".

For the old stable distribution (etch), this problem has been fixed in
version 1.95.8-3.4+etch3.

For the stable distribution (lenny), this problem has been fixed in
version 2.0.1-4+lenny3.

For the testing distribution (squeeze) and the unstable distribution
(sid), this problem will be fixed soon.

We recommend that you upgrade your expat packages.

For reference, the original advisory text is provided below.

Jan Lieskovsky discovered an error in expat, an XML parsing C library,
when parsing certain UTF-8 sequences, which can be exploited to crash an
application using the library.

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch (oldstable)
- -------------------------------------------

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

  http://security.debian.org/pool/updates/main/e/expat/expat_1.95.8-3.4+etch3.dsc
    Size/MD5 checksum:      703 dc4b1744126125076c101096cd8ee0ab
  http://security.debian.org/pool/updates/main/e/expat/expat_1.95.8.orig.tar.gz
    Size/MD5 checksum:   318349 aff487543845a82fe262e6e2922b4c8e
  http://security.debian.org/pool/updates/main/e/expat/expat_1.95.8-3.4+etch3.diff.gz
    Size/MD5 checksum:   413486 61974eddb0940c5fcbdc6c8e8c7d77ee

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/e/expat/libexpat1_1.95.8-3.4+etch3_alpha.deb
    Size/MD5 checksum:    69540 0dd4beb265a355059da5493e6e055358
  http://security.debian.org/pool/updates/main/e/expat/expat_1.95.8-3.4+etch3_alpha.deb
    Size/MD5 checksum:    22400 ced8d1aec911ac230d7b9316266e497e
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_1.95.8-3.4+etch3_alpha.deb
    Size/MD5 checksum:   143198 1cae2e63c8b6d23065b4e3bc1eddafad
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_1.95.8-3.4+etch3_alpha.udeb
    Size/MD5 checksum:    61242 32ddd8b14c7b53e8c8f24a3209854deb

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/e/expat/libexpat1_1.95.8-3.4+etch3_amd64.deb
    Size/MD5 checksum:    64742 3647c9e24678bdb2f67565b19343e182
  http://security.debian.org/pool/updates/main/e/expat/expat_1.95.8-3.4+etch3_amd64.deb
    Size/MD5 checksum:    21568 c374f70f56b491b2a433fb52cc0cd9c5
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_1.95.8-3.4+etch3_amd64.udeb
    Size/MD5 checksum:    56498 cb988b6a99abba9a4e83d94c87c67beb
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_1.95.8-3.4+etch3_amd64.deb
    Size/MD5 checksum:   134074 63d86aa6106c5e0ec60e0f271b69ccb8

arm architecture (ARM)

  http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_1.95.8-3.4+etch3_arm.udeb
    Size/MD5 checksum:    49436 fc58417fe2ed502fb479f29af596641b
  http://security.debian.org/pool/updates/main/e/expat/expat_1.95.8-3.4+etch3_arm.deb
    Size/MD5 checksum:    19860 eb5abe1650682c1a1d7a3f3af4d94321
  http://security.debian.org/pool/updates/main/e/expat/libexpat1_1.95.8-3.4+etch3_arm.deb
    Size/MD5 checksum:    57340 77f5c9b0f78ca6b19d76b2253bee0d59
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_1.95.8-3.4+etch3_arm.deb
    Size/MD5 checksum:   126218 0f9b91af3f1a4e4a36ff70e79c98d789

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_1.95.8-3.4+etch3_hppa.udeb
    Size/MD5 checksum:    64800 2ea496e98886dbb373009dbe15e423dd
  http://security.debian.org/pool/updates/main/e/expat/expat_1.95.8-3.4+etch3_hppa.deb
    Size/MD5 checksum:    22728 0b9d6affa1488fea43d2e1e4816139ce
  http://security.debian.org/pool/updates/main/e/expat/libexpat1_1.95.8-3.4+etch3_hppa.deb
    Size/MD5 checksum:    73062 fa2c9ca6ddb37a7fe058eccfff268b26
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_1.95.8-3.4+etch3_hppa.deb
    Size/MD5 checksum:   151940 a615081dba00562e1d2e9ac68c223276

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_1.95.8-3.4+etch3_i386.udeb
    Size/MD5 checksum:    54992 8b4d6a3739653d5158c527000eb08701
  http://security.debian.org/pool/updates/main/e/expat/libexpat1_1.95.8-3.4+etch3_i386.deb
    Size/MD5 checksum:    63194 b4ce5489fcb44555acba9aefc022d188
  http://security.debian.org/pool/updates/main/e/expat/expat_1.95.8-3.4+etch3_i386.deb
    Size/MD5 checksum:    21158 60ee653353eaedddc9390e9747b9d669
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_1.95.8-3.4+etch3_i386.deb
    Size/MD5 checksum:   130028 990eba22f2b6d8e05b61e0242a03a822

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/e/expat/libexpat1_1.95.8-3.4+etch3_ia64.deb
    Size/MD5 checksum:    95948 8bd3da491fe5eb8533acd702ab00946b
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_1.95.8-3.4+etch3_ia64.udeb
    Size/MD5 checksum:    87382 ba190b269289552760bbd8a5769a09c0
  http://security.debian.org/pool/updates/main/e/expat/expat_1.95.8-3.4+etch3_ia64.deb
    Size/MD5 checksum:    25128 16e932c435c7fa41ae1ed43c765694dd
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_1.95.8-3.4+etch3_ia64.deb
    Size/MD5 checksum:   165122 a53048245382e6459dd6879f6ea858ce

mips architecture (MIPS (Big Endian))

  http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_1.95.8-3.4+etch3_mips.udeb
    Size/MD5 checksum:    56622 804d770c7f404a30340b53085852a006
  http://security.debian.org/pool/updates/main/e/expat/expat_1.95.8-3.4+etch3_mips.deb
    Size/MD5 checksum:    21578 3eb622edc64bee8a47c8cff1a663f0c9
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_1.95.8-3.4+etch3_mips.deb
    Size/MD5 checksum:   139334 53593f0163eb99eb07e221e6f6de58db
  http://security.debian.org/pool/updates/main/e/expat/libexpat1_1.95.8-3.4+etch3_mips.deb
    Size/MD5 checksum:    64842 87194200f304a8ea3a666b81394e367c

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/e/expat/expat_1.95.8-3.4+etch3_mipsel.deb
    Size/MD5 checksum:    21704 e1079ae868512000f34aac19b699d7bb
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_1.95.8-3.4+etch3_mipsel.udeb
    Size/MD5 checksum:    56230 154329ee84d1c27f3e24a9eaefaed930
  http://security.debian.org/pool/updates/main/e/expat/libexpat1_1.95.8-3.4+etch3_mipsel.deb
    Size/MD5 checksum:    64416 8234823f366d484cb8f01ce02f75fa38
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_1.95.8-3.4+etch3_mipsel.deb
    Size/MD5 checksum:   139626 d35fe671e6a7a66a85ee3e26bfd8c443

powerpc architecture (PowerPC)

  http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_1.95.8-3.4+etch3_powerpc.deb
    Size/MD5 checksum:   148364 2256e210bd73511bcb55a2f5501e1cf6
  http://security.debian.org/pool/updates/main/e/expat/libexpat1_1.95.8-3.4+etch3_powerpc.deb
    Size/MD5 checksum:    67760 c967286260ce41de83970ac54cd0a274
  http://security.debian.org/pool/updates/main/e/expat/expat_1.95.8-3.4+etch3_powerpc.deb
    Size/MD5 checksum:    23006 2b94ca9cb2695d119da9c3579bed8c02
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_1.95.8-3.4+etch3_powerpc.udeb
    Size/MD5 checksum:    59506 029a1f7d15eea61e8e3f3bf570bc7277

s390 architecture (IBM S/390)

  http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_1.95.8-3.4+etch3_s390.udeb
    Size/MD5 checksum:    56786 cb66f6f07153f0495fd14a61abea0ca2
  http://security.debian.org/pool/updates/main/e/expat/expat_1.95.8-3.4+etch3_s390.deb
    Size/MD5 checksum:    21478 237d2e85e9919b00541d235030466679
  http://security.debian.org/pool/updates/main/e/expat/libexpat1_1.95.8-3.4+etch3_s390.deb
    Size/MD5 checksum:    64988 229b084e5024dbadca4ad4c12eda7ed8
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_1.95.8-3.4+etch3_s390.deb
    Size/MD5 checksum:   132606 3fe7429e6a2d1e4c6214c972ae6b6b07

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/e/expat/expat_1.95.8-3.4+etch3_sparc.deb
    Size/MD5 checksum:    20452 2a29a1a2b01f6fccbf22b66c88f224be
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_1.95.8-3.4+etch3_sparc.deb
    Size/MD5 checksum:   128230 362c44585e31182d95dd50ae9a12174d
  http://security.debian.org/pool/updates/main/e/expat/libexpat1_1.95.8-3.4+etch3_sparc.deb
    Size/MD5 checksum:    59922 9355e8f7e28a6bb5e308544c469b3577
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_1.95.8-3.4+etch3_sparc.udeb
    Size/MD5 checksum:    51922 e4c3ad57069782044fbf914ba836df8f

Debian GNU/Linux 5.0 alias lenny (stable)
- -----------------------------------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

  http://security.debian.org/pool/updates/main/e/expat/expat_2.0.1.orig.tar.gz
    Size/MD5 checksum:   446456 ee8b492592568805593f81f8cdf2a04c
  http://security.debian.org/pool/updates/main/e/expat/expat_2.0.1-4+lenny3.diff.gz
    Size/MD5 checksum:   134076 538ad21eb6bdf5acc8328df18c4cf052
  http://security.debian.org/pool/updates/main/e/expat/expat_2.0.1-4+lenny3.dsc
    Size/MD5 checksum:     1438 ad2aa942056412be8b8da88604b39ab8

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/e/expat/expat_2.0.1-4+lenny3_alpha.deb
    Size/MD5 checksum:    24758 1a5b0b40e6f0549a6745814011a7a013
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_2.0.1-4+lenny3_alpha.udeb
    Size/MD5 checksum:    62908 e1f1c34f488d5075937225756006577c
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_2.0.1-4+lenny3_alpha.deb
    Size/MD5 checksum:   221376 d7835b9b1b0e189729ed36e11410a303
  http://security.debian.org/pool/updates/main/e/expat/libexpat1_2.0.1-4+lenny3_alpha.deb
    Size/MD5 checksum:   136010 5a3764a1767f11a3721a78924f15e0e5

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_2.0.1-4+lenny3_amd64.deb
    Size/MD5 checksum:   223666 60fe9f404fef81ce62c19ff552ff6aa2
  http://security.debian.org/pool/updates/main/e/expat/expat_2.0.1-4+lenny3_amd64.deb
    Size/MD5 checksum:    24036 368d4707dd082b6d85cddce63100a5b3
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_2.0.1-4+lenny3_amd64.udeb
    Size/MD5 checksum:    62884 ed501255c7d6690072f26a55f1126019
  http://security.debian.org/pool/updates/main/e/expat/libexpat1_2.0.1-4+lenny3_amd64.deb
    Size/MD5 checksum:   136658 230844421fe45a3e2df6c47448e4875f

arm architecture (ARM)

  http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_2.0.1-4+lenny3_arm.deb
    Size/MD5 checksum:   203682 2db3ccf7a4f9dca59afd8fcab27503d8
  http://security.debian.org/pool/updates/main/e/expat/libexpat1_2.0.1-4+lenny3_arm.deb
    Size/MD5 checksum:   116232 995d1242155b7ad3eee21179f4794c71
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_2.0.1-4+lenny3_arm.udeb
    Size/MD5 checksum:    52676 960c289152c08334c86c30c06d6692df
  http://security.debian.org/pool/updates/main/e/expat/expat_2.0.1-4+lenny3_arm.deb
    Size/MD5 checksum:    22244 c6b6f15dc51f706f3b4e657b546acbf7

armel architecture (ARM EABI)

  http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_2.0.1-4+lenny3_armel.deb
    Size/MD5 checksum:   212558 95727f5705a886c434f35f3f3bcaefae
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_2.0.1-4+lenny3_armel.udeb
    Size/MD5 checksum:    54212 adf9e7072ba86a5fd9e631ea2ebcc1a7
  http://security.debian.org/pool/updates/main/e/expat/expat_2.0.1-4+lenny3_armel.deb
    Size/MD5 checksum:    22632 6ab54def8b3fd10bd1043e63f1f04c0d
  http://security.debian.org/pool/updates/main/e/expat/libexpat1_2.0.1-4+lenny3_armel.deb
    Size/MD5 checksum:   118622 f541932a5d3741cf8a5fc74e3eed3291

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/e/expat/expat_2.0.1-4+lenny3_hppa.deb
    Size/MD5 checksum:    24956 b74d5d349e09462cad66fd3914fe3d92
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_2.0.1-4+lenny3_hppa.deb
    Size/MD5 checksum:   263378 e1cce62bfa58bf23c08edb53a7181b8e
  http://security.debian.org/pool/updates/main/e/expat/libexpat1_2.0.1-4+lenny3_hppa.deb
    Size/MD5 checksum:   148796 a08d5a83c5c014e20f61e80af1f85934
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_2.0.1-4+lenny3_hppa.udeb
    Size/MD5 checksum:    69468 2c1f26a69352ab07ed2caeeac05b95fa

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/e/expat/libexpat1_2.0.1-4+lenny3_i386.deb
    Size/MD5 checksum:   132090 16f40a05b5e246cee5db23215e6f8b13
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_2.0.1-4+lenny3_i386.deb
    Size/MD5 checksum:   210830 913c65f97181c1960564743ed23361fe
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_2.0.1-4+lenny3_i386.udeb
    Size/MD5 checksum:    60870 25a3fb0e0b7e3e38ea75068c6225379d
  http://security.debian.org/pool/updates/main/e/expat/lib64expat1-dev_2.0.1-4+lenny3_i386.deb
    Size/MD5 checksum:   168566 60b34707f84117713ace944b333ed771
  http://security.debian.org/pool/updates/main/e/expat/expat_2.0.1-4+lenny3_i386.deb
    Size/MD5 checksum:    23472 4674856b3fe32f76468e66b6956ab3bd
  http://security.debian.org/pool/updates/main/e/expat/lib64expat1_2.0.1-4+lenny3_i386.deb
    Size/MD5 checksum:   136634 a845b4395000e0f4b565d32f482ae342

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_2.0.1-4+lenny3_ia64.udeb
    Size/MD5 checksum:    98294 214e48ccad054b29171b803fc1f46586
  http://security.debian.org/pool/updates/main/e/expat/expat_2.0.1-4+lenny3_ia64.deb
    Size/MD5 checksum:    27554 7874802938138a5fce2d2a9c53238a8d
  http://security.debian.org/pool/updates/main/e/expat/libexpat1_2.0.1-4+lenny3_ia64.deb
    Size/MD5 checksum:   206396 59a5815d13e1bc1f54baab8d5f5d8ee7
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_2.0.1-4+lenny3_ia64.deb
    Size/MD5 checksum:   292014 ae322be8a4e9777f0537a3220cc8f8f5

mips architecture (MIPS (Big Endian))

  http://security.debian.org/pool/updates/main/e/expat/expat_2.0.1-4+lenny3_mips.deb
    Size/MD5 checksum:    23944 d0b5b71a2332b557a4ae0773e3a098a1
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_2.0.1-4+lenny3_mips.udeb
    Size/MD5 checksum:    61226 cbcc50141de10a9bb0a097ec49b65f1e
  http://security.debian.org/pool/updates/main/e/expat/libexpat1_2.0.1-4+lenny3_mips.deb
    Size/MD5 checksum:   132944 fa7958232168bb5d31df4a8cda7a4d76
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_2.0.1-4+lenny3_mips.deb
    Size/MD5 checksum:   234614 6e7cc1122d737c19a8b231910dd91620

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/e/expat/libexpat1_2.0.1-4+lenny3_mipsel.deb
    Size/MD5 checksum:   131794 d55703db361b51a7256c07fa7766483a
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_2.0.1-4+lenny3_mipsel.udeb
    Size/MD5 checksum:    60640 187badd5d787e2ffeca09c5c5319aa57
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_2.0.1-4+lenny3_mipsel.deb
    Size/MD5 checksum:   224284 dbb538208e0cb04408f5ce8fa640902e
  http://security.debian.org/pool/updates/main/e/expat/expat_2.0.1-4+lenny3_mipsel.deb
    Size/MD5 checksum:    23962 11121782a8ec5eda91991d2f16ce7703

powerpc architecture (PowerPC)

  http://security.debian.org/pool/updates/main/e/expat/expat_2.0.1-4+lenny3_powerpc.deb
    Size/MD5 checksum:    26946 c5519033b6e4b61ad7182e01c8a5ee3e
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_2.0.1-4+lenny3_powerpc.udeb
    Size/MD5 checksum:    65030 f68132531320f8cc7f589851f674e2c6
  http://security.debian.org/pool/updates/main/e/expat/lib64expat1_2.0.1-4+lenny3_powerpc.deb
    Size/MD5 checksum:   144086 632f3155d0425028d384d1a05ada6448
  http://security.debian.org/pool/updates/main/e/expat/libexpat1_2.0.1-4+lenny3_powerpc.deb
    Size/MD5 checksum:   140634 2b113edb6f97f4829b6970ee4151680f
  http://security.debian.org/pool/updates/main/e/expat/lib64expat1-dev_2.0.1-4+lenny3_powerpc.deb
    Size/MD5 checksum:   156886 f34f44a58f848f666ff850f4629f0263
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_2.0.1-4+lenny3_powerpc.deb
    Size/MD5 checksum:   280566 dbd6730ca071ce2c082aa1c20d8140b8

s390 architecture (IBM S/390)

  http://security.debian.org/pool/updates/main/e/expat/lib64expat1_2.0.1-4+lenny3_s390.deb
    Size/MD5 checksum:   134684 a6102b9af5ebd27e473d8a783a6a56f1
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_2.0.1-4+lenny3_s390.deb
    Size/MD5 checksum:   220416 e790866b2a575d3930b170e792af7920
  http://security.debian.org/pool/updates/main/e/expat/lib64expat1-dev_2.0.1-4+lenny3_s390.deb
    Size/MD5 checksum:   173454 eae43312ae4f09009d488f93b09e38b2
  http://security.debian.org/pool/updates/main/e/expat/libexpat1_2.0.1-4+lenny3_s390.deb
    Size/MD5 checksum:   134704 29bd6a26215bfe4645903f753efe23df
  http://security.debian.org/pool/updates/main/e/expat/expat_2.0.1-4+lenny3_s390.deb
    Size/MD5 checksum:    24342 8f0247bbed18cf5c4f104ed03ddf0ead
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_2.0.1-4+lenny3_s390.udeb
    Size/MD5 checksum:    61968 386065abe715c0d7f6eb03efbe587e69

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/e/expat/libexpat1_2.0.1-4+lenny3_sparc.deb
    Size/MD5 checksum:   125782 f46be4cacab03227c5bac78f693b364e
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_2.0.1-4+lenny3_sparc.udeb
    Size/MD5 checksum:    57678 b35c350f3164b69e1be69da712e487da
  http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_2.0.1-4+lenny3_sparc.deb
    Size/MD5 checksum:   216822 74a3023a185d9bb46b7cb581beadffb7
  http://security.debian.org/pool/updates/main/e/expat/lib64expat1_2.0.1-4+lenny3_sparc.deb
    Size/MD5 checksum:   133782 2e228b1379c728f868e1e6be711d525c
  http://security.debian.org/pool/updates/main/e/expat/lib64expat1-dev_2.0.1-4+lenny3_sparc.deb
    Size/MD5 checksum:   172028 d51e13c7f5c2420b37f26b0313c55346
  http://security.debian.org/pool/updates/main/e/expat/expat_2.0.1-4+lenny3_sparc.deb
    Size/MD5 checksum:    23292 572596331f0b2ecb3686e5c144a82bde


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

If you believe that your computer system has been compromised or attacked in 
any way, we encourage you to let us know by completing the secure National IT 
Incident Reporting Form at:

        http://www.auscert.org.au/render.html?it=3192

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iD8DBQFLQRu0NVH5XJJInbgRAjfbAJwLVV6lLqvftcYGtkM/Pzn35Ml/ZwCfbbhY
OquTvi89UGmyhNdNo1JFd60=
=wjIF
-----END PGP SIGNATURE-----