CVE-2006-3467
CVSS7.5
发布时间 :2006-07-21 10:03:00
修订时间 :2016-08-30 21:59:08
NMCOP    

[原文]Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861.


[CNNVD]FreeType 处理PCF字体整数溢出漏洞(CNNVD-200607-351)

         FreeType是一个流行的字体函数库。
         FreeType在处理PCF字体时存在整数溢出,远程攻击者可能利用此漏洞在用户机器上执行任意指令。
         如果用户受骗使用链接到FreeType的应用程序加载了特制的字体文件的话,就会导致拒绝服务或执行任意代码。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CWE (弱点类目)

CWE-189 [数值错误]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:10673Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3467
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-3467
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200607-351
(官方数据源) CNNVD

- 其它链接及资源

ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U
(UNKNOWN)  SGI  20060701-01-U
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593
(UNKNOWN)  MISC  http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
(UNKNOWN)  APPLE  APPLE-SA-2009-02-12
http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html
(UNKNOWN)  SUSE  SUSE-SR:2007:021
http://lists.suse.com/archive/suse-security-announce/2006-Aug/0002.html
(UNKNOWN)  SUSE  SUSE-SA:2006:045
http://secunia.com/advisories/21062
(UNKNOWN)  SECUNIA  21062
http://security.gentoo.org/glsa/glsa-200609-04.xml
(UNKNOWN)  GENTOO  GLSA-200609-04
http://securitytracker.com/id?1016522
(UNKNOWN)  SECTRACK  1016522
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1
(UNKNOWN)  SUNALERT  102705
http://support.apple.com/kb/HT3438
(UNKNOWN)  CONFIRM  http://support.apple.com/kb/HT3438
http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm
(UNKNOWN)  CONFIRM  http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm
http://support.avaya.com/elmodocs2/security/ASA-2006-186.htm
(UNKNOWN)  CONFIRM  http://support.avaya.com/elmodocs2/security/ASA-2006-186.htm
http://support.avaya.com/elmodocs2/security/ASA-2006-284.htm
(UNKNOWN)  CONFIRM  http://support.avaya.com/elmodocs2/security/ASA-2006-284.htm
http://www.debian.org/security/2006/dsa-1178
(UNKNOWN)  DEBIAN  DSA-1178
http://www.debian.org/security/2006/dsa-1193
(UNKNOWN)  DEBIAN  DSA-1193
http://www.mandriva.com/security/advisories?name=MDKSA-2006:129
(UNKNOWN)  MANDRIVA  MDKSA-2006:129
http://www.mandriva.com/security/advisories?name=MDKSA-2006:148
(UNKNOWN)  MANDRIVA  MDKSA-2006:148
http://www.redhat.com/support/errata/RHSA-2006-0500.html
(VENDOR_ADVISORY)  REDHAT  RHSA-2006:0500
http://www.redhat.com/support/errata/RHSA-2006-0634.html
(VENDOR_ADVISORY)  REDHAT  RHSA-2006:0634
http://www.redhat.com/support/errata/RHSA-2006-0635.html
(VENDOR_ADVISORY)  REDHAT  RHSA-2006:0635
http://www.securityfocus.com/archive/1/archive/1/444318/100/0/threaded
(UNKNOWN)  BUGTRAQ  20060825 rPSA-2006-0157-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs
http://www.securityfocus.com/archive/1/archive/1/451404/100/0/threaded
(UNKNOWN)  BUGTRAQ  20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4
http://www.securityfocus.com/archive/1/archive/1/451417/100/200/threaded
(UNKNOWN)  BUGTRAQ  20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2
http://www.securityfocus.com/archive/1/archive/1/451419/100/200/threaded
(UNKNOWN)  BUGTRAQ  20061113 VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1
http://www.securityfocus.com/archive/1/archive/1/451426/100/200/threaded
(UNKNOWN)  BUGTRAQ  20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2
http://www.trustix.org/errata/2006/0052/
(UNKNOWN)  TRUSTIX  2006-0052
http://www.ubuntu.com/usn/usn-324-1
(UNKNOWN)  UBUNTU  USN-324-1
http://www.ubuntu.com/usn/usn-341-1
(UNKNOWN)  UBUNTU  USN-341-1
http://www.vmware.com/download/esx/esx-202-200610-patch.html
(UNKNOWN)  CONFIRM  http://www.vmware.com/download/esx/esx-202-200610-patch.html
http://www.vmware.com/download/esx/esx-213-200610-patch.html
(UNKNOWN)  CONFIRM  http://www.vmware.com/download/esx/esx-213-200610-patch.html
http://www.vmware.com/download/esx/esx-254-200610-patch.html
(UNKNOWN)  CONFIRM  http://www.vmware.com/download/esx/esx-254-200610-patch.html
http://www.vupen.com/english/advisories/2006/4502
(UNKNOWN)  VUPEN  ADV-2006-4502
http://www.vupen.com/english/advisories/2006/4522
(UNKNOWN)  VUPEN  ADV-2006-4522
http://www.vupen.com/english/advisories/2007/0381
(UNKNOWN)  VUPEN  ADV-2007-0381

- 漏洞信息

FreeType 处理PCF字体整数溢出漏洞
高危 数字错误
2006-07-21 00:00:00 2009-08-19 00:00:00
远程  
         FreeType是一个流行的字体函数库。
         FreeType在处理PCF字体时存在整数溢出,远程攻击者可能利用此漏洞在用户机器上执行任意指令。
         如果用户受骗使用链接到FreeType的应用程序加载了特制的字体文件的话,就会导致拒绝服务或执行任意代码。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        Sun Solaris 10.0
        Sun 119059-19
        http://sunsolve.sun.com/search/document.do?assetkey=1-26-102714-1&sear chclause
        Sun 119062-02
        http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21 -119062-02-1
        Sun 119812-02
        http://sunsolve.sun.com/
        Sun Solaris 8
        Sun 119067-04
        http://sunsolve.sun.com/search/document.do?assetkey=1-26-102714-1&sear chclause
        Sun 124420-01
        http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21 -124420-01-1
        Sun T124420-01
        http://sunsolve.sun.com/tpatches
        FreeType FreeType 0
        FreeType freetype-2.2.1.tar.bz2
        http://prdownloads.sourceforge.net/freetype/freetype-2.2.1.tar.bz2?dow nload
        FreeType FreeType 2.2
        FreeType freetype-2.2.1.tar.bz2
        http://prdownloads.sourceforge.net/freetype/freetype-2.2.1.tar.bz2?dow nload
        FreeType FreeType 1.3.1
        Mandriva libfreetype6-2.1.7-4.1.M20mdkmdk.i586.rpm
        Multi Network Firewall 2.0:
        http://wwwnew.mandriva.com/en/downloads
        FreeType FreeType 2.1.7
        Debian freetype2-demos_2.1.7-6_alpha.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/freetype/freetype2-demo s_2.1.7-6_alpha.deb
        Debian freetype2-demos_2.1.7-6_amd64.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/freetype/freetype2-demo s_2.1.7-6_amd64.deb
        Debian freetype2-demos_2.1.7-6_arm.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/freetype/freetype2-demo s_2.1.7-6_arm.deb
        Debian freetype2-demos_2.1.7-6_hppa.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/freetype/freetype2-demo s_2.1.7-6_hppa.deb
        Debian freetype2-demos_2.1.7-6_i386.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/freetype/freetype2-demo s_2.1.7-6_i386.deb
        Debian freetype2-demos_2.1.7-6_ia64.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/freetype/freetype2-demo s_2.1.7-6_ia64.deb
        Debian freetype2-demos_2.1.7-6_m68k.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/freetype/freetype2-demo s_2.1.7-6_m68k.deb
        Debian freetype2-demos_2.1.7-6_mips.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/freetype/freetype2-demo s_2.1.7-6_mips.deb
        Debian freetype2-demos_2.1.7-6_mipsel.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/freetype/freetype2-demo s_2.1.7-6_mipsel.deb
        Debian freetype2-demos_2.1.7-6_powerpc.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/freetype/freetype2-demo s_2.1.7-6_powerpc.deb
        Debian freetype2-demos_2.1.7-6_s390.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/freetype/
        http://securit y.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.1.7-6_s390 .deb
        Debian freetype2-demos_2.1.7-6_s390.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/freetype/
        http://securit y.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.1.7-6_s39 0.deb
        http://security.debian.org/pool/updates/main/f/freetype/freetype2 -demos_2.1.7-6_s390.deb
        Debian freetype2-demos_2.1.7-6_sparc.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/freetype/freetype2-demo s_2.1.7-6_sparc.deb
        Debian libfreetype6-dev_2.1.7-6_alpha.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-d ev_2.1.7-6_alpha.deb
        Debian libfreetype6-dev_2.1.7-6_amd64.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-d ev_2.1.7-6_amd64.deb
        Debian libfreetype6-dev_2.1.7-6_arm.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-d ev_2.1.7-6_arm.deb
        Debian libfreetype6-dev_2.1.7-6_hppa.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-d ev_2.1.7-6_hppa.deb
        

- 漏洞信息 (F52052)

VMware Security Advisory 2006-0008 (PacketStormID:F52052)
2006-11-14 00:00:00
VMware  vmware.com
advisory,vulnerability,python
CVE-2004-2069,CVE-2006-3403,CVE-2005-2177,CVE-2006-3467,CVE-2006-1056,CVE-2006-1342,CVE-2006-1343,CVE-2006-1864,CVE-2006-2071
[点击下载]

VMware Security Advisory - A new update has been released for VMware ESX 2.0.2 versions prior to upgrade patch 2. This patch addresses vulnerabilities in Openssh, samba, Python, ucd-snmp, XFree86, and more.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- - -------------------------------------------------------------------
                   VMware Security Advisory

Advisory ID:       VMSA-2006-0008
Synopsis:          VMware ESX Server 2.0.2 Upgrade Patch 2
Patch URL: http://www.vmware.com/download/esx/esx-202-200610-patch.html
Issue date:        2006-10-31
Updated on:        2006-11-13
CVE Names:         CAN-2004-2069 CVE-2006-3403 CVE-2005-2177
                   CVE-2006-3467 CVE-2006-1342 CVE-2006-1343
                   CVE-2006-1864 CVE-2006-2071
- - -------------------------------------------------------------------

1. Summary:

Updated package addresses several security issues.

2. Relevant releases:

VMware ESX 2.0.2 prior to upgrade patch 2

3. Problem description:

This patch addresses the following security issues:

Openssh -- A bug was found in the way the OpenSSH server handled the
MaxStartups and LoginGraceTime configuration variables. The Common
Vulnerabilities and Exposures project (cve.mitre.org) assigned the name
CAN-2004-2069 to this issue.

samba -- A denial of service bug was found in the way the smbd daemon
tracks active connections to shares. It was possible for a remote
attacker to cause the smbd daemon to consume a large amount of system
memory by sending carefully crafted smb requests. The Common
Vulnerabilities and Exposures project (cve.mitre.org) assigned the name
CVE-2006-3403 to this issue.

Python -- An integer overflow flaw was found in Python's PCRE library
that could be triggered by a maliciously crafted regular expression. On
systems that accept arbitrary regular expressions from untrusted users,
this could be exploited to execute arbitrary code with the privileges of
the application using the library. The Common Vulnerabilities and
Exposures project (cve.mitre.org) assigned the name CVE-2005-2491 to
this issue.

ucd-snmp -- A denial of service bug was found in the way ucd-snmp uses
network stream protocols. A remote attacker could send a ucd-snmp agent
a specially crafted packet which will cause the agent to crash. The
Common Vulnerabilities and Exposures project (cve.mitre.org) assigned
the name CAN-2005-2177 to this issue.

XFree86 -- An integer overflow flaw in the way the XFree86 server
processes PCF font files was discovered. A malicious authorized client
could exploit this issue to cause a denial of service (crash) or
potentially execute arbitrary code with root privileges on the XFree86
server. The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the name CVE-2006-3467 to this issue.

A minor info leak in socket name handling in the network code
(CVE-2006-1342).
A minor info leak in socket option handling in the network code
(CVE-2006-1343).
A directory traversal vulnerability in smbfs that allowed a local user
to escape chroot restrictions for an SMB-mounted filesystem via "..\\"
sequences (CVE-2006-1864).
A flaw in the mprotect system call that allowed to give write permission
to a readonly attachment of shared memory (CVE-2006-2071).

NOTE: AMD processers were not supported in the VMware ESX 2.0.2 release
so CVE-2006-1056 is not applicable to this version of the product.

The non-security-related fixes are documented on the patch download page.

4. Solution:

Upgrade to the latest update package for your release of ESX.
http://www.vmware.com/download/esx/

http://www.vmware.com/download/esx/esx-202-200610-patch.html

he md5 checksum output should match the following:
9e79d333ac9360122fb69bc8fc549405 esx-2.0.2-31924-upgrade.tar.gz

5. References:
http://www.vmware.com/download/esx/esx-202-200610-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2069
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3403
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2177
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3467
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1342
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1343
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1864
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2071
http://www.vmware.com/products/esx/
http://www.vmware.com/download/esx/

6. Contact:

http://www.vmware.com/security

VMware Security Response Policy
http://www.vmware.com/vmtn/technology/security/security_response.html

E-mail:  security@vmware.com

Copyright 2006 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFFWP5W6KjQhy2pPmkRCDVzAJ9O3O4zIUSmEW9i4NyvxKxd1xUMLwCfRrYT
PiCazE9ioHCf33AaY31k8mU=
=U+XZ
-----END PGP SIGNATURE-----
    

- 漏洞信息 (F52051)

VMware Security Advisory 2006-0007 (PacketStormID:F52051)
2006-11-14 00:00:00
VMware  vmware.com
advisory,vulnerability,python
CVE-2004-2069,CVE-2006-3403,CVE-2005-2177,CVE-2006-3467,CVE-2006-1056,CVE-2006-1342,CVE-2006-1343,CVE-2006-1864,CVE-2006-2071
[点击下载]

VMware Security Advisory - A new update has been released for VMware ESX 2.1.3 versions prior to upgrade patch 2. This patch addresses vulnerabilities in Openssh, samba, Python, ucd-snmp, XFree86, and more.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- - -------------------------------------------------------------------
                   VMware Security Advisory

Advisory ID:       VMSA-2006-0007
Synopsis:          VMware ESX Server 2.1.3 Upgrade Patch 2
Patch URL: http://www.vmware.com/download/esx/esx-213-200610-patch.html
Issue date:        2006-10-31
Updated on:        2006-11-13
CVE Names:         CAN-2004-2069 CVE-2006-3403 CVE-2005-2177
                   CVE-2006-3467 CVE-2006-1056 CVE-2006-1342
                   CVE-2006-1343 CVE-2006-1864 CVE-2006-2071
- - -------------------------------------------------------------------

1. Summary:

Updated package addresses several security issues.

2. Relevant releases:

VMware ESX 2.1.3 prior to upgrade patch 2

3. Problem description:

This patch addresses the following security issues:

Openssh -- A bug was found in the way the OpenSSH server handled the
MaxStartups and LoginGraceTime configuration variables. The Common
Vulnerabilities and Exposures project (cve.mitre.org) assigned the name
CAN-2004-2069 to this issue.

samba -- A denial of service bug was found in the way the smbd daemon
tracks active connections to shares. It was possible for a remote
attacker to cause the smbd daemon to consume a large amount of system
memory by sending carefully crafted smb requests. The Common
Vulnerabilities and Exposures project (cve.mitre.org) assigned the name
CVE-2006-3403 to this issue.

Python -- An integer overflow flaw was found in Python's PCRE library
that could be triggered by a maliciously crafted regular expression. On
systems that accept arbitrary regular expressions from untrusted users,
this could be exploited to execute arbitrary code with the privileges of
the application using the library. The Common Vulnerabilities and
Exposures project (cve.mitre.org) assigned the name CVE-2005-2491 to
this issue.

ucd-snmp -- A denial of service bug was found in the way ucd-snmp uses
network stream protocols. A remote attacker could send a ucd-snmp agent
a specially crafted packet which will cause the agent to crash. The
Common Vulnerabilities and Exposures project (cve.mitre.org) assigned
the name CAN-2005-2177 to this issue.

XFree86 -- An integer overflow flaw in the way the XFree86 server
processes PCF font files was discovered. A malicious authorized client
could exploit this issue to cause a denial of service (crash) or
potentially execute arbitrary code with root privileges on the XFree86
server. The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the name CVE-2006-3467 to this issue.

An AMD fxsave/restore security vulnerability. The instructions fxsave
and fxrstor on AMD CPUs are used to save or restore the FPU registers
(FOP, FIP and FDP). On AMD Opteron processors, these instructions do not
save/restore some exception related registers unless an exception is
currently being serviced. This could allow a local attacker to partially
monitor the execution path of FPU processes, possibly allowing them to
obtain sensitive information being passed through those processes.  The
Common Vulnerabilities and Exposures project (cve.mitre.org) assigned
the name CVE-2006-1056 to this issue.

A minor info leak in socket name handling in the network code
(CVE-2006-1342).
A minor info leak in socket option handling in the network code
(CVE-2006-1343).
A directory traversal vulnerability in smbfs that allowed a local user
to escape chroot restrictions for an SMB-mounted filesystem via "..\\"
sequences (CVE-2006-1864).
A flaw in the mprotect system call that allowed to give write permission
to a readonly attachment of shared memory (CVE-2006-2071).

The non-security-related fixes are documented on the patch download page.

4. Solution:

Upgrade to the latest update package for your release of ESX.
http://www.vmware.com/download/esx/

http://www.vmware.com/download/esx/esx-213-200610-patch.html

The md5 checksum output should match the following:
c7057896ee275ce28b0b94a2186c1232 esx-2.1.3-24171-upgrade.tar.gz

5. References:
http://www.vmware.com/download/esx/esx-213-200610-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2069
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3403
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2177
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3467
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1056
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1342
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1343
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1864
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2071
http://www.vmware.com/products/esx/
http://www.vmware.com/download/esx/

6. Contact:

http://www.vmware.com/security

VMware Security Response Policy
http://www.vmware.com/vmtn/technology/security/security_response.html

E-mail:  security@vmware.com

Copyright 2006 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFFWP5M6KjQhy2pPmkRCGbTAJ9a4PnHLWO6HwHQKzVPj1VI9V0dVQCdETxH
ISqiyTar1d433nMH9q/JvxA=
=cesx
-----END PGP SIGNATURE-----
    

- 漏洞信息 (F52050)

VMware Security Advisory 2006-0006 (PacketStormID:F52050)
2006-11-14 00:00:00
VMware  vmware.com
advisory,vulnerability,python
CVE-2004-2069,CVE-2006-3403,CVE-2005-2177,CVE-2006-3467,CVE-2006-1056,CVE-2006-1342,CVE-2006-1343,CVE-2006-1864,CVE-2006-2071
[点击下载]

VMware Security Advisory - A new update has been released for VMware ESX versions 2.5.3 prior to upgrade patch 4. This patch addresses vulnerabilities in Openssh, samba, Python, ucd-snmp, XFree86, and more.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- - -------------------------------------------------------------------
                   VMware Security Advisory

Advisory ID:       VMSA-2006-0006
Synopsis:          VMware ESX Server 2.5.3 Upgrade Patch 4
Patch URL: http://www.vmware.com/download/esx/esx-253-200610-patch.html
Issue date:        2006-10-31
Updated on:        2006-11-13
CVE Names:         CAN-2004-2069 CVE-2006-3403 CVE-2005-2177
                   CVE-2006-3467 CVE-2006-1056 CVE-2006-1342
                   CVE-2006-1343 CVE-2006-1864 CVE-2006-2071
- - -------------------------------------------------------------------

1. Summary:

Updated package addresses several security issues.

2. Relevant releases:

VMware ESX 2.5.3 prior to upgrade patch 4

3. Problem description:

This patch addresses the following security issues:

Openssh -- A bug was found in the way the OpenSSH server handled the
MaxStartups and LoginGraceTime configuration variables. The Common
Vulnerabilities and Exposures project (cve.mitre.org) assigned the name
CAN-2004-2069 to this issue.

samba -- A denial of service bug was found in the way the smbd daemon
tracks active connections to shares. It was possible for a remote
attacker to cause the smbd daemon to consume a large amount of system
memory by sending carefully crafted smb requests. The Common
Vulnerabilities and Exposures project (cve.mitre.org) assigned the name
CVE-2006-3403 to this issue.

Python -- An integer overflow flaw was found in Python's PCRE library
that could be triggered by a maliciously crafted regular expression. On
systems that accept arbitrary regular expressions from untrusted users,
this could be exploited to execute arbitrary code with the privileges of
the application using the library. The Common Vulnerabilities and
Exposures project (cve.mitre.org) assigned the name CVE-2005-2491 to
this issue.

ucd-snmp -- A denial of service bug was found in the way ucd-snmp uses
network stream protocols. A remote attacker could send a ucd-snmp agent
a specially crafted packet which will cause the agent to crash. The
Common Vulnerabilities and Exposures project (cve.mitre.org) assigned
the name CAN-2005-2177 to this issue.

XFree86 -- An integer overflow flaw in the way the XFree86 server
processes PCF font files was discovered. A malicious authorized client
could exploit this issue to cause a denial of service (crash) or
potentially execute arbitrary code with root privileges on the XFree86
server. The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the name CVE-2006-3467 to this issue.

An AMD fxsave/restore security vulnerability. The instructions fxsave
and fxrstor on AMD CPUs are used to save or restore the FPU registers
(FOP, FIP and FDP). On AMD Opteron processors, these instructions do not
save/restore some exception related registers unless an exception is
currently being serviced. This could allow a local attacker to partially
monitor the execution path of FPU processes, possibly allowing them to
obtain sensitive information being passed through those processes.  The
Common Vulnerabilities and Exposures project (cve.mitre.org) assigned
the name CVE-2006-1056 to this issue.

A minor info leak in socket name handling in the network code
(CVE-2006-1342).
A minor info leak in socket option handling in the network code
(CVE-2006-1343).
A directory traversal vulnerability in smbfs that allowed a local user
to escape chroot restrictions for an SMB-mounted filesystem via "..\\"
sequences (CVE-2006-1864).
A flaw in the mprotect system call that allowed to give write permission
to a readonly attachment of shared memory (CVE-2006-2071).

The non-security-related fixes are documented on the patch download page.

4. Solution:

Upgrade to the latest update package for your release of ESX.
http://www.vmware.com/download/esx/

http://www.vmware.com/download/esx/esx-253-200610-patch.html

The md5 checksum output should match the following:
4852f5a00e29b5780d9d0fadc0d28f3e esx-2.5.3-32134-upgrade.tar.gz

Please DO NOT apply this patch on SunFire X4100 or X4200 servers.
For further details, please refer to knowledge base article 2085:
Installing ESX 2.5.3 on SunFire x4100 and x4200 Servers.
http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=2085

5. References:
http://www.vmware.com/download/esx/esx-253-200610-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2069
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3403
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2177
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3467
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1056
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1342
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1343
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1864
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2071
http://www.vmware.com/products/esx/
http://www.vmware.com/download/esx/

6. Contact:

http://www.vmware.com/security

VMware Security Response Policy
http://www.vmware.com/vmtn/technology/security/security_response.html

E-mail:  security@vmware.com

Copyright 2006 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFFWP476KjQhy2pPmkRCD9rAKC9xQ9ej+t23opBsZn5BY6w736lmQCfQ9WA
5PuJxKgAYF2RTeQoXM7lr1I=
=miw3
-----END PGP SIGNATURE-----
    

- 漏洞信息 (F52049)

VMware Security Advisory 2006-0005 (PacketStormID:F52049)
2006-11-14 00:00:00
VMware  vmware.com
advisory,vulnerability
CVE-2005-2177,CVE-2006-3467,CVE-2006-1056,CVE-2006-1342,CVE-2006-1343,CVE-2006-1864,CVE-2006-2071
[点击下载]

VMware Security Advisory - A new update has been released for VMware ESX versions 2.5.4 prior to upgrade patch 1. This patch addresses vulnerabilities in ucd-snmp, XFree86, an AMD fxsave/restore security flaw, some minor information leaks, and more.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- - -------------------------------------------------------------------
                   VMware Security Advisory

Advisory ID:       VMSA-2006-0005
Synopsis:          VMware ESX Server 2.5.4 Upgrade Patch 1
Patch URL: http://www.vmware.com/download/esx/esx-254-200610-patch.html
Issue date:        2006-10-31
Updated on:        2006-11-13
CVE Names:         CVE-2005-2177 CVE-2006-3467 CVE-2006-1056
                   CVE-2006-1342 CVE-2006-1343 CVE-2006-1864
                   CVE-2006-2071
- - -------------------------------------------------------------------

1. Summary:

Updated package addresses several security issues.

2. Relevant releases:

VMware ESX 2.5.4 prior to upgrade patch 1

3. Problem description:

This patch addresses the following security issues:

ucd-snmp -- A denial of service bug was found in the way ucd-snmp uses
network stream protocols. A remote attacker could send a ucd-snmp agent
a specially crafted packet which will cause the agent to crash. The
Common Vulnerabilities and Exposures project (cve.mitre.org) assigned
the name CAN-2005-2177 to this issue.

XFree86 -- An integer overflow flaw in the way the XFree86 server
processes PCF font files was discovered. A malicious authorized client
could exploit this issue to cause a denial of service (crash) or
potentially execute arbitrary code with root privileges on the XFree86
server. The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the name CVE-2006-3467 to this issue.

An AMD fxsave/restore security vulnerability. The instructions fxsave
and fxrstor on AMD CPUs are used to save or restore the FPU registers
(FOP, FIP and FDP). On AMD Opteron processors, these instructions do not
save/restore some exception related registers unless an exception is
currently being serviced. This could allow a local attacker to partially
monitor the execution path of FPU processes, possibly allowing them to
obtain sensitive information being passed through those processes.  The
Common Vulnerabilities and Exposures project (cve.mitre.org) assigned
the name CVE-2006-1056 to this issue.

A minor info leak in socket name handling in the network code
(CVE-2006-1342).
A minor info leak in socket option handling in the network code
(CVE-2006-1343).
A directory traversal vulnerability in smbfs that allowed a local user
to escape chroot restrictions for an SMB-mounted filesystem via "..\\"
sequences (CVE-2006-1864).
A flaw in the mprotect system call that allowed to give write permission
to a readonly attachment of shared memory (CVE-2006-2071).

The non-security-related fixes are documented on the patch download page.

4. Solution:

Upgrade to the latest update package for your release of ESX.
http://www.vmware.com/download/esx/

http://www.vmware.com/download/esx/esx-254-200610-patch.html

The md5 checksum output should match the following:
6bc66a5cdbfea08f762f375f2488998b esx-2.5.4-32461-upgrade.tar.gz

5. References:
http://www.vmware.com/download/esx/esx-254-200610-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2177
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3467
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1056
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1342
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1343
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1864
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2071
http://www.vmware.com/products/esx/
http://www.vmware.com/download/esx/

6. Contact:

http://www.vmware.com/security

VMware Security Response Policy
http://www.vmware.com/vmtn/technology/security/security_response.html

E-mail:  security@vmware.com

Copyright 2006 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFFWP4q6KjQhy2pPmkRCJLcAKC8hclWfRdKXjT8RfYEsLykp1lcOQCfZvve
Wm8ulAa7VayW5kYj/a75mcg=
=rbyq
-----END PGP SIGNATURE-----
    

- 漏洞信息 (F49806)

Ubuntu Security Notice 341-1 (PacketStormID:F49806)
2006-09-08 00:00:00
Ubuntu  security.ubuntu.com
advisory,overflow,arbitrary,root
linux,ubuntu
CVE-2006-3467
[点击下载]

Ubuntu Security Notice USN-341-1 - An integer overflow has been discovered in X.org's font handling library. By using a specially crafted font file, this could be exploited to crash the X server or execute arbitrary code with root privileges.

=========================================================== 
Ubuntu Security Notice USN-341-1         September 06, 2006
libxfont, xorg vulnerability
CVE-2006-3467
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 5.04
Ubuntu 5.10
Ubuntu 6.06 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 5.04:
  libfs6                                   6.8.2-10.3
  xserver-xorg                             6.8.2-10.3

Ubuntu 5.10:
  libxfont1                                1:0.99.0+cvs.20050909-1.1

Ubuntu 6.06 LTS:
  libxfont1                                1:1.0.0-0ubuntu3.1

After a standard system upgrade you need to reboot your computer to
effect the necessary changes.

Details follow:

An integer overflow has been discovered in X.org's font handling
library. By using a specially crafted font file, this could be
exploited to crash the X server or execute arbitrary code with root
privileges.


Updated packages for Ubuntu 5.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xorg_6.8.2-10.3.diff.gz
      Size/MD5:  1786935 aa47440ea4a03e4986e8f4033b2c66d2
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xorg_6.8.2-10.3.dsc
      Size/MD5:     3422 c4e1d22e94d62fc1444d24717bbbcb40
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xorg_6.8.2.orig.tar.gz
      Size/MD5: 49471925 34cba217afe2c547e3a72657a3a27e37

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/pm-dev_6.8.2-10.3_all.deb
      Size/MD5:   167470 d18ee6199dd8c0dcecf6cdefe7a38453
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-dev_6.8.2-10.3_all.deb
      Size/MD5:   224308 536d1c21dbcf4087d59562fe8f573069
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/x-window-system_6.8.2-10.3_all.deb
      Size/MD5:   166762 5c1e2d84c557df93bb4ff503981ce132
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xfonts-100dpi-transcoded_6.8.2-10.3_all.deb
      Size/MD5:  8448302 0fdcac01809ee8aecae69e1ecc75e420
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xfonts-100dpi_6.8.2-10.3_all.deb
      Size/MD5:  4555576 908a6c66950a2e3cfb98ec556b6c6ec3
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xfonts-75dpi-transcoded_6.8.2-10.3_all.deb
      Size/MD5:  7341004 86de5c2f93d14047dfe4b7ef0d366f5a
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xfonts-75dpi_6.8.2-10.3_all.deb
      Size/MD5:  4044290 afc8adaca4e2b9f8629ad8039d9ab477
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xfonts-base-transcoded_6.8.2-10.3_all.deb
      Size/MD5:  1218644 f8f4977112a91c3383e76eae78a29103
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xfonts-base_6.8.2-10.3_all.deb
      Size/MD5:  5794084 a5b9189826249e831bd1e58f1cab5f8d
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xfonts-cyrillic_6.8.2-10.3_all.deb
      Size/MD5:   560118 5761b77f6c2fe12c8ac75e3e51a77a2f
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xfonts-scalable_6.8.2-10.3_all.deb
      Size/MD5:   539656 f0405b098470674cbd5d6a16e5e745bb
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xfree86-common_6.8.2-10.3_all.deb
      Size/MD5:   175644 0f6d0e31df57bea1d29ff08dd978bd07
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibmesa-dev_6.8.2-10.3_all.deb
      Size/MD5:   166678 726eee75690e0676e3e338d6cbee8bd0
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibmesa3-dbg_6.8.2-10.3_all.deb
      Size/MD5:   166696 18e7cae221317f5720df79b4bc76ac08
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-data_6.8.2-10.3_all.deb
      Size/MD5:   859864 998ba26af2c72da3b4925fdfdd97f7db
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-dbg_6.8.2-10.3_all.deb
      Size/MD5:   166746 feca7e679c4abacd73906be993876d72
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-dev_6.8.2-10.3_all.deb
      Size/MD5:   166746 1f8ec66a5bade13cc4342f3327d0bb12
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-pic_6.8.2-10.3_all.deb
      Size/MD5:   166656 50fc154459825da116711ea06c34e034
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs_6.8.2-10.3_all.deb
      Size/MD5:   482124 c98165eee6057c4c9d68e11f582a7946
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xorg-common_6.8.2-10.3_all.deb
      Size/MD5:   842202 787b12917d0e836e35587fd31e699186
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xspecs_6.8.2-10.3_all.deb
      Size/MD5:  5570998 f4caa0384243b00dd68568dfc81fdef7

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/lbxproxy_6.8.2-10.3_amd64.deb
      Size/MD5:   264098 1fee85f4128e0733e86af9f095b7ce7c
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libdmx-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   202018 460111ed8c895e6d0283e1d23c807438
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libdmx1-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:   206062 462e87a717a23dcc08a05ac2e59cc728
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libdmx1_6.8.2-10.3_amd64.deb
      Size/MD5:   179956 41229fcd14cc065c49af0e952ce82a3e
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libdps-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   375342 a5d59bed0576802fd5fe03e8972defc9
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libdps1-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:   807780 a497dca21eeaa80327988f2227403b70
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libdps1_6.8.2-10.3_amd64.deb
      Size/MD5:   307832 282d5d85813263aa6cb615b5254f29f9
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libfs-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   198366 33522def8aeda269c731812ba780699d
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libfs6-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:   266526 e11de2439d6550a64d68bf82c260f108
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libfs6_6.8.2-10.3_amd64.deb
      Size/MD5:   196460 2f98ebb338acb124e1b840dfb031e82d
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libice-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   220292 5a8f69e16d3e1c833f57ecff2e31f5a6
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libice6-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:   305166 2da92e7e41375d45a5e4544dd3f62bb9
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libice6_6.8.2-10.3_amd64.deb
      Size/MD5:   216092 9969a65c87fbb3919a7715d0be9364df
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libsm-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   186664 51635adc82597cc67daca80832e97735
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libsm6-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:   215982 c8dc9ba68723b2c5a4c2ef8924839f2b
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libsm6_6.8.2-10.3_amd64.deb
      Size/MD5:   191688 f59458910eba0b23988d559b83087b26
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libx11-6-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:  9745660 70b70da99fb2f92d5febfca62aaa8e7c
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libx11-6_6.8.2-10.3_amd64.deb
      Size/MD5:   762546 35d80f0282a92cabc178d6d3e35b9dde
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libx11-dev_6.8.2-10.3_amd64.deb
      Size/MD5:  1445736 c74068992fd2b4b8f2558958ee38084f
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxau-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   175562 4d4404549bcc654e505c386d20ffdc9c
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxau6-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:   188350 acc897a5397be04397b57f4e4c926f21
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxau6_6.8.2-10.3_amd64.deb
      Size/MD5:   178626 51b9b815e44ef3190cdcfe7c03e78dda
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxaw6-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:   914728 776a5cfcd72c77c03ea3d4131bee857b
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/libxaw6-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   455188 efaced6c490ac47ea464e5cf8840b27a
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxaw6_6.8.2-10.3_amd64.deb
      Size/MD5:   304302 6f5797ffdf7a30d103304df3c863c582
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxaw7-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:  1055258 5e18d6ab1aca1bd48aea86771f49f7a3
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxaw7-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   455094 9fe66f540dbec606bcecffcbc279d748
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxaw7_6.8.2-10.3_amd64.deb
      Size/MD5:   359806 ae691d1eb077131d6520b2c11de4b455
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxaw8-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:  1088908 47e071aeade97c697427386de502e544
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxaw8-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   455102 dd22e3db939e5f77e12b323a0c14e26d
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxaw8_6.8.2-10.3_amd64.deb
      Size/MD5:   362398 1e609ac0b6cde8250aa4c30a30b74421
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxcomposite-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   170670 0e05d835a8d10f54f725b607e0c22692
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxcomposite1-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:   203164 4bf81fd210668b7a2530f68434129a91
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxcomposite1_6.8.2-10.3_amd64.deb
      Size/MD5:   177860 f01ca965f11a5bdce5fd33fa6861b29d
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxdamage-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   171072 fcb9febc7053b083096965ec93550536
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxdamage1-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:   205802 75215e90bbb98b95f3ea16544523782c
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxdamage1_6.8.2-10.3_amd64.deb
      Size/MD5:   178064 363f520f9fc5e77c00544a4b05505974
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxdmcp-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   178306 ace84d1ddebc3b265d5d6050a1c07f6f
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxdmcp6-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:   194902 e0c9dc14722a25e4be9033199e9c4fe2
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxdmcp6_6.8.2-10.3_amd64.deb
      Size/MD5:   182618 d4e20232ab3e06bf417cf545d3c9a63f
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxevie-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   171732 8c7b150a87d5b2e2171407bd976b598d
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxevie1-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:   197048 c7d8c4d74274c7bf58de7f1b8e54e013
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxevie1_6.8.2-10.3_amd64.deb
      Size/MD5:   169194 03464883e15c644cae58a197bd5fc4d1
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxext-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   259764 bb82e1113832d4302c0abef3d97447eb
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxext6-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:   521436 f7ed33a4b63746b3a23da40943efb9c8
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxext6_6.8.2-10.3_amd64.deb
      Size/MD5:   199114 8b0de9765e2a07ec06f431600d7b98ba
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxfixes-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   179044 4b08cf377baebdf394f968bba6c4676e
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxfixes3-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:   304460 9c1206c4b282fb7473ced0a3cee725b9
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxfixes3_6.8.2-10.3_amd64.deb
      Size/MD5:   181286 5bec0c680207677cc62ccc82134d740f
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxi-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   240376 4774f11c782b6c7a980d73be79ee6b82
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxi6-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:  1177820 ced2f02cc087f5f93b199a6ec0ef6491
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxi6_6.8.2-10.3_amd64.deb
      Size/MD5:   188816 b0c51affe117ef431ade9937d29bb893
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxinerama-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   170738 0967f24b839ca96721f8897bd9974834
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxinerama1-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:   203210 31c8fbd08a453e4589936c38090e61a6
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxinerama1_6.8.2-10.3_amd64.deb
      Size/MD5:   177732 99df20ff3f8794b3e87d8de6ca5c643b
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxkbfile-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   271256 bfd41abac918c4852932b62976b7e46d
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxkbfile1-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:   571900 d59956f03b0e5c1fe228f1325e1eb760
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxkbfile1_6.8.2-10.3_amd64.deb
      Size/MD5:   239708 a7768afe4b3c7dd506b3aeaba58e82b4
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxkbui-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   172868 583fe9fc078e3dd6891d1b3a3a0d90b8
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxkbui1-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:   205338 c2fc629c6e7a42f46b2f81c94a5281dc
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxkbui1_6.8.2-10.3_amd64.deb
      Size/MD5:   180232 71dabbb5b5a75ff250a0d979f9937458
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxmu-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   234458 058133e1076f9bee0d941627445b5187
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxmu6-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:   673350 eab3e9644c50eaa5ea9407812be7aed4
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxmu6_6.8.2-10.3_amd64.deb
      Size/MD5:   220286 0b8a31fc507ebccfa506936437b43450
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxmuu-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   171468 c8a05ea27f1fe91732cbd47851999bfd
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxmuu1-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:   217070 7053260ad532110e64a24e1862499a86
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxmuu1_6.8.2-10.3_amd64.deb
      Size/MD5:   179958 dbea737b438b9a9cd3f972698165abaa
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxp-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   192864 200dc1b85e793b651f87d629cd3c283b
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxp6-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:   579138 0a15ded71949028fe861205896da4e3c
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxp6_6.8.2-10.3_amd64.deb
      Size/MD5:   188922 24252697bc8ddfa73adbad2a73a2698b
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxpm-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   206208 c7d77597dc00261d854ffb016e1c9d6e
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxpm4-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:   255808 b2fbd5428df2bc29dada4cfaec2c8632
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxpm4_6.8.2-10.3_amd64.deb
      Size/MD5:   205402 1208c60a87cc0fe0a6daa5e7499ac48d
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxrandr-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   180420 7d29244abaa6b1e623005695d0800e5a
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxrandr2-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:   209598 3a7ec23a064cd7823ffa07c9e999b486
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxrandr2_6.8.2-10.3_amd64.deb
      Size/MD5:   179984 2230c69c4a440a91cbe66c9f8a674730
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxres-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   171922 e133375ac8a53f1bb0ac1878f353f9c6
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxres1-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:   199054 ae3222a0d068a4f8bfa9d9f3b16f33ba
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxres1_6.8.2-10.3_amd64.deb
      Size/MD5:   177358 17997f5673f4e88d14f2ee816525f076
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxss-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   179000 f545842c644561d2d3f9d903951a0379
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxss1-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:   202084 94bc767043aa3e6c5004faf513c3ec11
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxss1_6.8.2-10.3_amd64.deb
      Size/MD5:   178468 fc9d58d373430e4b3dd970b2e8494a6f
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxt-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   652092 647fb08f7f0bf0d4a024098b2609ea97
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxt6-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:  1562946 70b2e9e013491892d88427af8f7521c4
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxt6_6.8.2-10.3_amd64.deb
      Size/MD5:   351868 c58d2558b1cf96e67a9fdf63ad5a58be
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxtrap-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   195154 bae7379ba179b7d72cebb23d92406b89
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxtrap6-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:   421550 820d4e06f353778136d6f662c74e4175
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxtrap6_6.8.2-10.3_amd64.deb
      Size/MD5:   190710 463f5d8fd34db59c442a2b8e3912eda9
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxtst-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   180360 7409f622296425ee092622b7e97e63cc
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxtst6-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:   242092 dc33c42cc77b5a3f9ecb172f95a46e78
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxtst6_6.8.2-10.3_amd64.deb
      Size/MD5:   184008 67e8c47c430c212b6c66e36987903882
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxv-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   199924 63900781d923b8b4d1e8e1b28c6f2600
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxv1-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:   212590 7595f7c0d7d546a27686255380d3396b
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxv1_6.8.2-10.3_amd64.deb
      Size/MD5:   181218 caeb517bffbee04e4d1d88865a12a4c1
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxvmc-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   202804 fe49f6e49127e852496372b004ccb63d
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxvmc1-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:   338328 89dc825b330e2b80a819b0ae721f4f7d
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxvmc1_6.8.2-10.3_amd64.deb
      Size/MD5:   208440 34c2d46474d9a63c74bbf5665830176d
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86dga-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   185624 cb1a13ad4201c031b8e5268bddbfafd9
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86dga1-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:   249856 7ace5c709d90bfe5ba5ec4019f37bc73
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86dga1_6.8.2-10.3_amd64.deb
      Size/MD5:   183664 5270c3eb5b134437ced8f71ec8cdd43d
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86misc-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   172160 4f91b1311e0f2f58e8c76970cccba45a
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86misc1-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:   202110 ce02d77590f975217094a4c9f28865b4
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86misc1_6.8.2-10.3_amd64.deb
      Size/MD5:   178982 9eee5d8a4d19abf7c512feabcf18708f
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86rush-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   170438 9257eb2e58d5d3b4061e8bea0c9c9875
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86rush1-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:   199456 81a8c995850724937ef09339cac385c2
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86rush1_6.8.2-10.3_amd64.deb
      Size/MD5:   177798 c6f0494432454d59b836e8afbda72a88
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86vm-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   182938 461151b0f2a9cb4dbc714470ef3c3bb7
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86vm1-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:   209148 9a54677c3ee14b0759134475f480d539
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86vm1_6.8.2-10.3_amd64.deb
      Size/MD5:   181488 531aee40c17cb14c66e2668960f9d649
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/proxymngr_6.8.2-10.3_amd64.deb
      Size/MD5:   191866 20580e0144e2115d1707e702c3d55153
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/twm_6.8.2-10.3_amd64.deb
      Size/MD5:   285448 38d53a73503e7d0a862ebb8f6625560a
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-core_6.8.2-10.3_amd64.deb
      Size/MD5:   166910 d5cfd73d2a6cbf2d712f9731ccbb4bdf
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   166986 0a27773e750f0de458d9a20156574f7d
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xbase-clients_6.8.2-10.3_amd64.deb
      Size/MD5:  1896950 807223e0b376a280cb9983b9d47a3039
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xdm_6.8.2-10.3_amd64.deb
      Size/MD5:   310444 638f8c4f7b381aac8319ce729a3ad2dc
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xdmx_6.8.2-10.3_amd64.deb
      Size/MD5:  1158938 a5fe12ac4722c6dfbecdf3d2d8145f29
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xfs_6.8.2-10.3_amd64.deb
      Size/MD5:   403156 b96855e8ba14f4f3ae8a62df96d00fc6
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xfwp_6.8.2-10.3_amd64.deb
      Size/MD5:   190492 c998badd11998374bc72f896837e96e9
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibmesa-dri-dbg_6.8.2-10.3_amd64.deb
      Size/MD5: 36986932 3e5881be555e14149cffe9c68d0a0ee2
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibmesa-dri_6.8.2-10.3_amd64.deb
      Size/MD5:  4860606 5c382415aece51e56acf6818459e1484
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibmesa-gl-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:  1962624 a1b8015fcaf094489c39157f6104cba3
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibmesa-gl-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   777996 612282f8b623aa14a0170d48f3af0606
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibmesa-gl_6.8.2-10.3_amd64.deb
      Size/MD5:   358898 51cc29f710419d4834ef1b65e16b1ee2
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibmesa-glu-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:  1176996 319d1884966559468a92d36ecfebb94e
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibmesa-glu-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   466862 c7ad33b3a93f39a771934e1a818f250a
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibmesa-glu_6.8.2-10.3_amd64.deb
      Size/MD5:   374790 f0793ca0a2b4a21a1d1ecb5677847040
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibmesa3_6.8.2-10.3_amd64.deb
      Size/MD5:   166708 b9ae44e0e9310bbfc24d4487152725f4
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibosmesa-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   885220 cd562fba7dd376931af0cc5c6c1a17ec
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibosmesa4-dbg_6.8.2-10.3_amd64.deb
      Size/MD5:  5889880 94e51697945f7de2873c8a4fc8a913af
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibosmesa4_6.8.2-10.3_amd64.deb
      Size/MD5:   768334 45802d3911edd02ba293b6dc868b9d7d
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-dev_6.8.2-10.3_amd64.deb
      Size/MD5:   506612 7100a660d1bcda14d8bc39d6a898effb
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-pic_6.8.2-10.3_amd64.deb
      Size/MD5:   245774 1e717bf372b0c296a13b8b02f95e0661
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xmh_6.8.2-10.3_amd64.deb
      Size/MD5:   244806 b2b5414565a2bf93782e1b8a01793d6c
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xnest_6.8.2-10.3_amd64.deb
      Size/MD5:  1589778 ece50a723937b5b1734e4ab49c80dc0b
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xprt_6.8.2-10.3_amd64.deb
      Size/MD5:  1900028 aff2536ab39d5ed54462af15e874ccc8
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-common_6.8.2-10.3_amd64.deb
      Size/MD5:   343424 7d1d0c204cc9cdb2a3cb471ed0711dd4
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-dbg_6.8.2-10.3_amd64.deb
      Size/MD5: 57632996 879707351d99164645d22d8d86714033
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg_6.8.2-10.3_amd64.deb
      Size/MD5:  5887928 97122c62eddea4e1bf5c7fda1aa51a8a
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xterm_6.8.2-10.3_amd64.deb
      Size/MD5:   527410 15f7c8f8174711f9504a01956752aceb
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xutils_6.8.2-10.3_amd64.deb
      Size/MD5:   927178 ef97f55596844b121474479b0637a249
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xvfb_6.8.2-10.3_amd64.deb
      Size/MD5:  1694918 ec5b5228eb6cc1309982a7cb9d551ba5

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/lbxproxy_6.8.2-10.3_i386.deb
      Size/MD5:   249298 19486b420bbe97d76ca1a7de4288ee2e
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libdmx-dev_6.8.2-10.3_i386.deb
      Size/MD5:   201240 22036c883aaead9f3506979634143610
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libdmx1-dbg_6.8.2-10.3_i386.deb
      Size/MD5:   204906 17f5b199299c71bc3b10c309f09f8c19
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libdmx1_6.8.2-10.3_i386.deb
      Size/MD5:   179288 8f32d426edbe7d2f02cf8582754ba74f
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libdps-dev_6.8.2-10.3_i386.deb
      Size/MD5:   344324 d1a7277093d4e87294caaa32ba3af2cf
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libdps1-dbg_6.8.2-10.3_i386.deb
      Size/MD5:   785192 288ce948c24291e1f2795a7549bd44e6
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libdps1_6.8.2-10.3_i386.deb
      Size/MD5:   290434 623c9098417300f179101946439f4cbe
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libfs-dev_6.8.2-10.3_i386.deb
      Size/MD5:   194998 6a496b7f02bef9c83e2645cbd8042a4d
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libfs6-dbg_6.8.2-10.3_i386.deb
      Size/MD5:   264224 b70bdcb5adbb37e842d7f9c952dd29ac
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libfs6_6.8.2-10.3_i386.deb
      Size/MD5:   194740 ebaf23494fc8455210fac7db88d8f210
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libice-dev_6.8.2-10.3_i386.deb
      Size/MD5:   214374 2466e1f992316023f308ccfe2dddd759
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libice6-dbg_6.8.2-10.3_i386.deb
      Size/MD5:   300858 4deb4833ac0faf7929b3d384adbead56
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libice6_6.8.2-10.3_i386.deb
      Size/MD5:   213246 3f77db0fc1a07dd7f6f394915474b6a6
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libsm-dev_6.8.2-10.3_i386.deb
      Size/MD5:   184738 cf25161eb91522fe902f4ea96ba26ef8
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libsm6-dbg_6.8.2-10.3_i386.deb
      Size/MD5:   213244 05736daf09e66e4d712ac831d58eb15d
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libsm6_6.8.2-10.3_i386.deb
      Size/MD5:   189412 df713a2f49abb004ae156cd50bad98b1
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libx11-6-dbg_6.8.2-10.3_i386.deb
      Size/MD5:  9665734 138445e65ef2cda25e6b44a3209f9015
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libx11-6_6.8.2-10.3_i386.deb
      Size/MD5:   725428 1fa920d37f718accde4471c538706221
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libx11-dev_6.8.2-10.3_i386.deb
      Size/MD5:  1366754 4be9031d7a0a7a456a84a12b60227e21
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxau-dev_6.8.2-10.3_i386.deb
      Size/MD5:   174620 32aa813f27d8933ee8bd9a7163d53e0f
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxau6-dbg_6.8.2-10.3_i386.deb
      Size/MD5:   187522 77b3d624ddfb254cd468512c504131f5
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxau6_6.8.2-10.3_i386.deb
      Size/MD5:   178180 a845920eeca71bb1c771a7e6d67bb506
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxaw6-dbg_6.8.2-10.3_i386.deb
      Size/MD5:   896022 46c98bf8cb38c8b5926f0c349e54fcd4
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/libxaw6-dev_6.8.2-10.3_i386.deb
      Size/MD5:   420598 3b3da5187b32d520036770a73d2bf394
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxaw6_6.8.2-10.3_i386.deb
      Size/MD5:   290096 a76629712b7c0ffbfc26e75943e675ea
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxaw7-dbg_6.8.2-10.3_i386.deb
      Size/MD5:  1029510 6787dbf188f4f8fc0edeb8b4499d013c
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxaw7-dev_6.8.2-10.3_i386.deb
      Size/MD5:   420498 ef0b06075e755f090dfe33a396f33714
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxaw7_6.8.2-10.3_i386.deb
      Size/MD5:   341594 6f2c3cd3076ae8974a8ceb87956b4785
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxaw8-dbg_6.8.2-10.3_i386.deb
      Size/MD5:  1062846 534bf7f56748536054687362644e2c0f
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxaw8-dev_6.8.2-10.3_i386.deb
      Size/MD5:   420498 0944548d1b5fab5d7ffe80e77b500708
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxaw8_6.8.2-10.3_i386.deb
      Size/MD5:   343558 5cb16e18e73d85c62acba29a7c96f487
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxcomposite-dev_6.8.2-10.3_i386.deb
      Size/MD5:   170178 826c54d0301ad765d03c9da8bc34b36a
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxcomposite1-dbg_6.8.2-10.3_i386.deb
      Size/MD5:   202514 65059e3dbca357564991bd044d7b4d44
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxcomposite1_6.8.2-10.3_i386.deb
      Size/MD5:   177406 f02b500809aa9f85773ed2ceb1704de2
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxdamage-dev_6.8.2-10.3_i386.deb
      Size/MD5:   170664 53a087895bc1430cedfa3fe2ed9c542f
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxdamage1-dbg_6.8.2-10.3_i386.deb
      Size/MD5:   205278 c3a0e52ec5dfde4005b3397139ec9b0e
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxdamage1_6.8.2-10.3_i386.deb
      Size/MD5:   177700 a15202d24a19994115bcca88f72da6e7
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxdmcp-dev_6.8.2-10.3_i386.deb
      Size/MD5:   177274 8f1c390edd92415dc72810bfd9260564
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxdmcp6-dbg_6.8.2-10.3_i386.deb
      Size/MD5:   194266 baa58b9b6666960c088dcfe2bce8c2ed
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxdmcp6_6.8.2-10.3_i386.deb
      Size/MD5:   181466 c9c522b8f16c6f9dc9294b7db9f86ab1
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxevie-dev_6.8.2-10.3_i386.deb
      Size/MD5:   171482 a377bdd67fe74eb7d05fe3bc4b87d038
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxevie1-dbg_6.8.2-10.3_i386.deb
      Size/MD5:   196848 502ee686d9acacc024e1e374a66c0f3a
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxevie1_6.8.2-10.3_i386.deb
      Size/MD5:   168926 ca7aecca0b7e20995d0a7e001d12afdc
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxext-dev_6.8.2-10.3_i386.deb
      Size/MD5:   254396 204b66ad522fe5358bc6ec51f868489f
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxext6-dbg_6.8.2-10.3_i386.deb
      Size/MD5:   515514 cf90346f1fae867ca1533bc30c12194a
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxext6_6.8.2-10.3_i386.deb
      Size/MD5:   195824 9d113d96b50ded8b009109defb5b062d
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxfixes-dev_6.8.2-10.3_i386.deb
      Size/MD5:   177382 9f03cc800b04bb5f81cb5f033dd06a2a
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxfixes3-dbg_6.8.2-10.3_i386.deb
      Size/MD5:   302204 1352e62c73f2d29ef35d6ad95a77c010
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxfixes3_6.8.2-10.3_i386.deb
      Size/MD5:   180148 ac02af75c33a10f104bb5ec323ecd46d
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxi-dev_6.8.2-10.3_i386.deb
      Size/MD5:   237800 2329bf8f95999c742c0617d1162dfac1
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxi6-dbg_6.8.2-10.3_i386.deb
      Size/MD5:  1176002 c9940b1f46d2d8092446a914e0e5276f
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxi6_6.8.2-10.3_i386.deb
      Size/MD5:   187380 a428f9bd5f10a93e81d50ce32e2b432b
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxinerama-dev_6.8.2-10.3_i386.deb
      Size/MD5:   170444 5675ec567bf37c16600d652b979dfeb2
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxinerama1-dbg_6.8.2-10.3_i386.deb
      Size/MD5:   202658 0a7a8132032c2f8631cc62bc02b2dffd
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxinerama1_6.8.2-10.3_i386.deb
      Size/MD5:   177396 efa779182573a56b95518b42d02827dd
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxkbfile-dev_6.8.2-10.3_i386.deb
      Size/MD5:   262282 a6a8b57058039bb2996e5676c838e1b1
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxkbfile1-dbg_6.8.2-10.3_i386.deb
      Size/MD5:   567396 5cd6dad102be6fff9c297f93e964e2d4
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxkbfile1_6.8.2-10.3_i386.deb
      Size/MD5:   235050 9c064afc862603a728a42f989d7d0e6c
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxkbui-dev_6.8.2-10.3_i386.deb
      Size/MD5:   172286 f7686bc266425e92ab6cbf0212617f84
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxkbui1-dbg_6.8.2-10.3_i386.deb
      Size/MD5:   204624 80f5730c71fcfb8abe1fc4a12e8aacfb
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxkbui1_6.8.2-10.3_i386.deb
      Size/MD5:   179784 4d9b0edc3b3b919b52b65d2af170b483
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxmu-dev_6.8.2-10.3_i386.deb
      Size/MD5:   225118 fc2eef53abf0c0463c26eeb97bb268a4
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxmu6-dbg_6.8.2-10.3_i386.deb
      Size/MD5:   667992 1af6dcc9342e2256de0e4badaa8a9e85
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxmu6_6.8.2-10.3_i386.deb
      Size/MD5:   216872 646c4370f39c1a3e94c231eb9565da98
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxmuu-dev_6.8.2-10.3_i386.deb
      Size/MD5:   170898 b0b84896041b37ae14b940bdf216f6b9
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxmuu1-dbg_6.8.2-10.3_i386.deb
      Size/MD5:   216512 88b654e670661f9ebec1ce2728fdde2a
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxmuu1_6.8.2-10.3_i386.deb
      Size/MD5:   179544 debfbbe67ae33966546a6a8f01f51d80
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxp-dev_6.8.2-10.3_i386.deb
      Size/MD5:   190176 113efc469573f74fcb73d25b5d1ea32e
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxp6-dbg_6.8.2-10.3_i386.deb
      Size/MD5:   573912 c87c4db17a3d444ad0b3e26b5648a829
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxp6_6.8.2-10.3_i386.deb
      Size/MD5:   186988 b1a954479ff0db7039732f790fc37105
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxpm-dev_6.8.2-10.3_i386.deb
      Size/MD5:   200932 8e7fa5b11e2a1206c77575881c1423ca
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxpm4-dbg_6.8.2-10.3_i386.deb
      Size/MD5:   252316 4a1efd3f00224883e6c206f9c25a75c8
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxpm4_6.8.2-10.3_i386.deb
      Size/MD5:   202970 63a25024959f6fa8024bdf3191f8edfd
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxrandr-dev_6.8.2-10.3_i386.deb
      Size/MD5:   179644 62c4e17ebb6a4b6b67c00442f701501a
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxrandr2-dbg_6.8.2-10.3_i386.deb
      Size/MD5:   208642 22c958bc5a15796864213cbfad55f90c
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxrandr2_6.8.2-10.3_i386.deb
      Size/MD5:   179348 cff060a1b614e5b1ddda623f18bb1f2c
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxres-dev_6.8.2-10.3_i386.deb
      Size/MD5:   171632 2a33ecf6fa3d54349afd24de3e95a0b3
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxres1-dbg_6.8.2-10.3_i386.deb
      Size/MD5:   198640 fa90d9dff186a21da59f927eca9bd23a
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxres1_6.8.2-10.3_i386.deb
      Size/MD5:   177022 62250e739c2555bd9e0dda22d3c16cc9
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxss-dev_6.8.2-10.3_i386.deb
      Size/MD5:   178458 53fdb6742db132643751891e93b2ee25
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxss1-dbg_6.8.2-10.3_i386.deb
      Size/MD5:   201368 4145bc077a1ec273365372f62968fbbc
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxss1_6.8.2-10.3_i386.deb
      Size/MD5:   178032 bba637f7d7470e50de517ee771ef1fdf
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxt-dev_6.8.2-10.3_i386.deb
      Size/MD5:   615218 8c48793ddf9ad630297e748af63e5ab2
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxt6-dbg_6.8.2-10.3_i386.deb
      Size/MD5:  1534748 5450365f106d3a89cb3442446fa85a24
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxt6_6.8.2-10.3_i386.deb
      Size/MD5:   330818 5ba37945bdb3f7d17a55ebed8b6a127f
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxtrap-dev_6.8.2-10.3_i386.deb
      Size/MD5:   192420 7039de4ea9600c925d0b05d40eb6f2fd
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxtrap6-dbg_6.8.2-10.3_i386.deb
      Size/MD5:   417966 07341b5357bd6b46ab35598f1b065b1e
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxtrap6_6.8.2-10.3_i386.deb
      Size/MD5:   188374 6a09f806284e50a706d6da922edb37b0
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxtst-dev_6.8.2-10.3_i386.deb
      Size/MD5:   178658 535a8d1167784a020cff8fb34af1e1fd
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxtst6-dbg_6.8.2-10.3_i386.deb
      Size/MD5:   240676 70b21f3633de18e42c963b821a43d778
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxtst6_6.8.2-10.3_i386.deb
      Size/MD5:   182480 34834ec4c495156b8ac98073f6a122d8
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxv-dev_6.8.2-10.3_i386.deb
      Size/MD5:   198826 1dd1799724541255dbd5d927fc942bee
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxv1-dbg_6.8.2-10.3_i386.deb
      Size/MD5:   211150 dfe900cca5d1f8c4498e450bd514052f
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxv1_6.8.2-10.3_i386.deb
      Size/MD5:   180314 bd6fb76b4e2becb30bab28dad07e05e9
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxvmc-dev_6.8.2-10.3_i386.deb
      Size/MD5:   196882 f0f0503716b76be3eeb79be3549faeb2
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxvmc1-dbg_6.8.2-10.3_i386.deb
      Size/MD5:   334114 ca06d8af9d9abe3b46bfef38a5037d56
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxvmc1_6.8.2-10.3_i386.deb
      Size/MD5:   204134 dffaef23020949caec52b2fc5c1a8b6e
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86dga-dev_6.8.2-10.3_i386.deb
      Size/MD5:   184144 82db59e6c8052226d28c10fff49e80b6
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86dga1-dbg_6.8.2-10.3_i386.deb
      Size/MD5:   247712 ff0533f70d40d054a4b0bc31dfbfe705
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86dga1_6.8.2-10.3_i386.deb
      Size/MD5:   181986 804d09eb6d809764ed55d1cfa1290a8c
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86misc-dev_6.8.2-10.3_i386.deb
      Size/MD5:   171758 ffdc76a858a4b9728984c3d9715e0e13
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86misc1-dbg_6.8.2-10.3_i386.deb
      Size/MD5:   201284 37669396d56e2e134b78d7596696a1f0
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86misc1_6.8.2-10.3_i386.deb
      Size/MD5:   178458 d20e0f123feb0007dcf15d4c37ef5615
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86rush-dev_6.8.2-10.3_i386.deb
      Size/MD5:   169972 0d981bba314c5952ce71a8ad1e4ea279
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86rush1-dbg_6.8.2-10.3_i386.deb
      Size/MD5:   198670 40d2ccc2a73ddb1ef7a06989030c6afc
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86rush1_6.8.2-10.3_i386.deb
      Size/MD5:   177330 5e45f994fd46d97969e1842fac0ec258
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86vm-dev_6.8.2-10.3_i386.deb
      Size/MD5:   181716 796a74495547d7b78bb068a25d154793
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86vm1-dbg_6.8.2-10.3_i386.deb
      Size/MD5:   207846 0b3a6dc9e737c42d80169e1d4b7ee267
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86vm1_6.8.2-10.3_i386.deb
      Size/MD5:   180654 ce884b01898ac4191ea9f8874711bae3
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/proxymngr_6.8.2-10.3_i386.deb
      Size/MD5:   190670 4df8fbe05bbd508b30c542d1be5fabd4
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/twm_6.8.2-10.3_i386.deb
      Size/MD5:   269900 e2c4fa7fc3893672348f29f44d885f6a
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-core_6.8.2-10.3_i386.deb
      Size/MD5:   166912 e31b00ddb4ffb27a4e89b87a44d9f947
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-dev_6.8.2-10.3_i386.deb
      Size/MD5:   166990 420d78274ab5f07873ea874b99d14aa4
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xbase-clients_6.8.2-10.3_i386.deb
      Size/MD5:  1715426 5b44a005e1a248caa5fb15ccbeba3d1c
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xdm_6.8.2-10.3_i386.deb
      Size/MD5:   302666 7bf00f8a3135049f318ea6259045a616
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xdmx_6.8.2-10.3_i386.deb
      Size/MD5:  1026106 afdedd13e1e60a53f464a76676ee52f3
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xfs_6.8.2-10.3_i386.deb
      Size/MD5:   382774 1148d7390a6a2dc2fb08d3323f0ecb42
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xfwp_6.8.2-10.3_i386.deb
      Size/MD5:   188140 ab97824f406293e413ce133ebc301d4d
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibmesa-dri-dbg_6.8.2-10.3_i386.deb
      Size/MD5: 68187236 5ed0a5683e7a26cb46af85f3f2dcf90a
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibmesa-dri_6.8.2-10.3_i386.deb
      Size/MD5:  5656134 1ec90c6421a946e4515ee19f3f9784d4
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibmesa-gl-dbg_6.8.2-10.3_i386.deb
      Size/MD5:  1861562 b9987426bb517b34cf0e36e27e6d96cd
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibmesa-gl-dev_6.8.2-10.3_i386.deb
      Size/MD5:   748390 c37f9f6ef334bcdf03e152814c472af6
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibmesa-gl_6.8.2-10.3_i386.deb
      Size/MD5:   308280 83b628e896d19b4c0551da6d2b1844b0
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibmesa-glu-dbg_6.8.2-10.3_i386.deb
      Size/MD5:  1159308 60a70a059f6d064cba5bef087c7e8489
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibmesa-glu-dev_6.8.2-10.3_i386.deb
      Size/MD5:   435354 77a20ac01b819b257a65b2a0c56859fe
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibmesa-glu_6.8.2-10.3_i386.deb
      Size/MD5:   366856 b2118ea90852b5ff23bb8fb16cdea110
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibmesa3_6.8.2-10.3_i386.deb
      Size/MD5:   166710 3f5cb8b57f08aabdecd6ada0c97e14e7
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibosmesa-dev_6.8.2-10.3_i386.deb
      Size/MD5:   882146 d188dac655c554500226ffba60c5e204
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibosmesa4-dbg_6.8.2-10.3_i386.deb
      Size/MD5:  6038438 6c9b338e56ffc35c0d095bdc7341a253
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibosmesa4_6.8.2-10.3_i386.deb
      Size/MD5:   728348 d93ea4037573a022c2e8f4e8cc2c4cc7
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-dev_6.8.2-10.3_i386.deb
      Size/MD5:   481652 d6ec413e68c6cdcff9825d12d203f9bc
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-pic_6.8.2-10.3_i386.deb
      Size/MD5:   238252 82da6fcc069948596f958c766cc0b494
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xmh_6.8.2-10.3_i386.deb
      Size/MD5:   233296 e67162f2ef01aaaf20f60c23279758e9
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xnest_6.8.2-10.3_i386.deb
      Size/MD5:  1382056 31960e66d38ee4443815f29f87da9e58
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xprt_6.8.2-10.3_i386.deb
      Size/MD5:  1666710 456c5b56601930aa207f2d5c08fa2b7b
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-common_6.8.2-10.3_i386.deb
      Size/MD5:   342978 05e1db84c47bb98d42ac37cb23242ade
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-dbg_6.8.2-10.3_i386.deb
      Size/MD5: 60365696 265e2d523910a9f436015b4e1f69eea3
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg_6.8.2-10.3_i386.deb
      Size/MD5:  5451126 02e4ea42b0de6b648282dd81262ab65b
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xterm_6.8.2-10.3_i386.deb
      Size/MD5:   510508 71dda328f6e6e325077d33c1694c4797
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xutils_6.8.2-10.3_i386.deb
      Size/MD5:   871188 c24813f44758ea1f94aa0cba752856ba
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xvfb_6.8.2-10.3_i386.deb
      Size/MD5:  1479980 6edd60be669d99f08498cc94610c5e24

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/lbxproxy_6.8.2-10.3_powerpc.deb
      Size/MD5:   261050 f8f96cede0c5a644cc442ffad8393557
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libdmx-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   201948 467c6be3277f4036a266ed4574f6013f
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libdmx1-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:   224588 e83f19cfa7a7801ffff254ef5b32856e
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libdmx1_6.8.2-10.3_powerpc.deb
      Size/MD5:   181312 23f789fe0dd8ca6170300c82a7f28403
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libdps-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   371602 cc363cdcf3cdfef40676f6300039cecc
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libdps1-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:  1143070 797b2ddaec924a19bfc3edc6a4ad1903
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libdps1_6.8.2-10.3_powerpc.deb
      Size/MD5:   304790 783145871f43ee56df489901278fd8f3
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libfs-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   198956 a2931ba4b693e31aa48aaa64775b1fc6
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libfs6-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:   427660 60566620deb3fd17f4c50b9b6eacfba0
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libfs6_6.8.2-10.3_powerpc.deb
      Size/MD5:   197374 35f73015745c6560d1756cd6f6ed6162
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libice-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   220664 af6b45504f686e6d957bca4cc0c6f3fc
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libice6-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:   424400 a452242bf83baa59df23c10b26ae6191
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libice6_6.8.2-10.3_powerpc.deb
      Size/MD5:   215420 7efe2c6cc091c27a741e7ff9cb7058a7
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libsm-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   186460 46620397e0804fd194ce48661883db78
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libsm6-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:   258566 5f0522cf6835a1d871ab35c2aa3350a6
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libsm6_6.8.2-10.3_powerpc.deb
      Size/MD5:   191062 bc7ecb4c15ab83af5f1dd7a7e0823bdd
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libx11-6-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5: 15365116 a921e9aff6661d8635eabe5d80c03c53
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libx11-6_6.8.2-10.3_powerpc.deb
      Size/MD5:   752234 4d962b0135c6af180a484546cb7e8467
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libx11-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:  1421554 72c74b038b7861089f7f512ead0747c1
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxau-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   175378 8dc194c0a6dad1dc8c6de1d5730be0ee
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxau6-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:   213242 90ce63f12f6454d8011de98cfa35b28f
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxau6_6.8.2-10.3_powerpc.deb
      Size/MD5:   180030 cf40734de25913c14c0242ed7b9c9ec9
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxaw6-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:  1347772 dd670f21ae42aa728db3fa821bd071cd
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/libxaw6-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   454946 019ea30b4c0129bf84b54ab0884acd62
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxaw6_6.8.2-10.3_powerpc.deb
      Size/MD5:   296692 dbfa78eb967658d51ede7d36bd764726
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxaw7-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:  1527498 2546d0d3f066d97680db2ba4734f3eb9
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxaw7-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   454864 0bbf2e2c1479768135d12043e246c967
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxaw7_6.8.2-10.3_powerpc.deb
      Size/MD5:   351642 1da7a751482a9a5e61eeb2ab0a993719
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxaw8-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:  1576214 bfea5588e6a2f463746910a698986e8b
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxaw8-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   454858 69f1ca700fb5e8e1b1175c771f77628a
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxaw8_6.8.2-10.3_powerpc.deb
      Size/MD5:   353724 799093d3c6ec4c8a99d0106966790a77
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxcomposite-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   170556 507a6c77bb7e127b756cd49e1ec05745
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxcomposite1-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:   221502 c24219bfc42726b4e78e9524e76ee6a2
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxcomposite1_6.8.2-10.3_powerpc.deb
      Size/MD5:   179156 c3bbebf27d7d745d4bb6b376c9c96657
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxdamage-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   171134 f58410f1f6cc8eab592c5c4b4d9a8746
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxdamage1-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:   225742 fd5594108e1b51d15c4ad7245b50f66b
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxdamage1_6.8.2-10.3_powerpc.deb
      Size/MD5:   179506 ffaa9127b2c83c55a8a3f6e065354bda
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxdmcp-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   177750 69a696b3315b7e73d9c6ffbd1f1e3f6b
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxdmcp6-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:   306518 b5cb1bd798537529cc96422498f5a798
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxdmcp6_6.8.2-10.3_powerpc.deb
      Size/MD5:   183926 324c667e5ca775b3373127fe97933296
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxevie-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   171732 3d8aa6c1163b975513488b5d6573e3e1
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxevie1-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:   215504 5e08febed82ae39674c9f16e4cc86af1
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxevie1_6.8.2-10.3_powerpc.deb
      Size/MD5:   170708 a4680b656050945d4d4dd7dc4dce451c
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxext-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   258098 e4f90ddb05dac91652c221b7b7704fc5
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxext6-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:   734220 399b6e8bd71fc6f3ddcfcfb41df9206e
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxext6_6.8.2-10.3_powerpc.deb
      Size/MD5:   198528 97b90e6cf2a67ba933fc5176ad174ea0
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxfixes-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   178178 d2fa045d571a6d56c66d57aa2bba9f58
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxfixes3-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:   385190 492234b89860e6b42eb6798b2517dc36
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxfixes3_6.8.2-10.3_powerpc.deb
      Size/MD5:   181808 fd1001376099853f88fd1d7cf7f69d29
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxi-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   239920 f45c32f8f7415b258e04ad6ff72f780a
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxi6-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:  1870120 9c4ffa03f9e5fa24fa86d93c6204080e
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxi6_6.8.2-10.3_powerpc.deb
      Size/MD5:   190090 f1781cdb5142ec409e77af0190dcb514
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxinerama-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   170666 e9829c34b0e62bce9be62288bf0bc3d9
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxinerama1-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:   221724 47f258ed648c0f1e1a7faeacf10d42ad
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxinerama1_6.8.2-10.3_powerpc.deb
      Size/MD5:   179112 790f3b3374e62fb8396ac1fa5433e5e8
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxkbfile-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   278130 061544c4a18a4272ac736f213e925b93
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxkbfile1-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:   793234 321e54c7e39d5ddceb54f4dd09f1f3bd
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxkbfile1_6.8.2-10.3_powerpc.deb
      Size/MD5:   241606 33c7b888204319bfcd79640b7e256f21
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxkbui-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   173324 56507f47007f7a3fbd6a265b71bd109e
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxkbui1-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:   222614 207a70a6f6fbd4bacd189e30a6fd2001
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxkbui1_6.8.2-10.3_powerpc.deb
      Size/MD5:   182552 6273d73edb8272447c336cc18c2b3aad
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxmu-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   233802 f8713132c99514a6451ec719ba50f827
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxmu6-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:  1018372 64044d5b070028144be796c3520c0c76
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxmu6_6.8.2-10.3_powerpc.deb
      Size/MD5:   219942 e5ca77835cc27edc39d13ab4c7209f7f
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxmuu-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   171690 5d24318fa1cf0a6e729a7ccd80c429a2
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxmuu1-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:   243278 106af2659c380ab0bb4b3aa8617765bd
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxmuu1_6.8.2-10.3_powerpc.deb
      Size/MD5:   181368 9495768c3a478333a806e30bc09cdb1a
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxp-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   192246 a25857cbbb8548a3195338cf8915aca6
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxp6-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:   840888 b5996461d8515da33d6b9da99485a056
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxp6_6.8.2-10.3_powerpc.deb
      Size/MD5:   189264 a0f66a50e67f07cc0e6464aac55b347d
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxpm-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   207186 243db862af75a48eaedc362721fef9f0
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxpm4-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:   473422 9a8ae5193277a4ea6ef822aa96b4f7fb
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxpm4_6.8.2-10.3_powerpc.deb
      Size/MD5:   207314 6d6865cc0ea398ac60ea6cad2a25a70c
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxrandr-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   180284 754bd725b66303e9f047814a6c977f3c
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxrandr2-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:   229926 d6e301e70c5b9121ce5fa8cda8b23489
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxrandr2_6.8.2-10.3_powerpc.deb
      Size/MD5:   181174 4d3a883cc5f65d9e62c098892be65844
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxres-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   171854 f0b7ad9255b56c89cb9b01f410e128a8
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxres1-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:   217388 9359f82910465cd87f8a91d0e397ca86
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxres1_6.8.2-10.3_powerpc.deb
      Size/MD5:   178718 dcd20dac4699b11764408e156fa800f0
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxss-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   178872 497cd6697e1b23da4461e4f218c57825
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxss1-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:   220130 d0ee6227f613cdc5dfae358b06455081
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxss1_6.8.2-10.3_powerpc.deb
      Size/MD5:   179828 377fd21769e20d529d0d055be493163b
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxt-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   653164 15d3f3d8ecfaf9cdefebd635f32e2af9
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxt6-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:  2261774 78e0fa9368dc11041fd441b151984553
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxt6_6.8.2-10.3_powerpc.deb
      Size/MD5:   342940 9bba9d821d4aea3e64189bf35b77f58d
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxtrap-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   194660 7b48662f3859cb057fee71f293b41828
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxtrap6-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:   563092 4011f05cebbe52a273fd27b351511743
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxtrap6_6.8.2-10.3_powerpc.deb
      Size/MD5:   190506 4fd7661c872401416dbd9067ce2e2155
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxtst-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   180354 fb2f698989266413e9bd08e29d2c9004
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxtst6-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:   282192 f91612ca5620790f3362fde17b735159
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxtst6_6.8.2-10.3_powerpc.deb
      Size/MD5:   185422 599ea5394496aac6204d144d633e40e9
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxv-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   199664 7332554e99db884ebc1e27ac1ce78d51
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxv1-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:   233382 3f558cb362d33a1412090348ee0d6421
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxv1_6.8.2-10.3_powerpc.deb
      Size/MD5:   182594 33edd86d0614a88b169ad8dfc177948c
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxvmc-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   205080 79503d651b8cf03a9988cfd30c28b351
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxvmc1-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:   422284 03811856962fabc57eb4a7a33a3a5155
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxvmc1_6.8.2-10.3_powerpc.deb
      Size/MD5:   211942 8ef20a03f9a66dab9d9d8fb05742ec5a
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86dga-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   185366 2801b7e08c51453c9d8fd5106dd13332
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86dga1-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:   291010 60723913ffdfe064d9bb6f769cfe552d
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86dga1_6.8.2-10.3_powerpc.deb
      Size/MD5:   184344 6795c6497ac318f84261dbe8f895f003
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86misc-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   171954 9dd4cb3300af61cd7fdf86de8e4a5c18
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86misc1-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:   219476 d741468284b2b5cf2b7195143d332ad9
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86misc1_6.8.2-10.3_powerpc.deb
      Size/MD5:   180066 48ba1eb0ec014cc65e656832a84dfd2a
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86rush-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   170206 00e30cab11cec16e787e404834c326a5
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86rush1-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:   217490 79b177850770a3329c29f08712869907
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86rush1_6.8.2-10.3_powerpc.deb
      Size/MD5:   179100 3e203cacd2e47ea632d6f8bc32d4e038
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86vm-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   183018 e8ff7357fc43c8610961c707b7f74669
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86vm1-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:   228908 983e07723f7e643084b8d3da6d3870cb
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/libxxf86vm1_6.8.2-10.3_powerpc.deb
      Size/MD5:   183284 b7b6dd11b91c8ef2b85996c4daeb9b40
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/proxymngr_6.8.2-10.3_powerpc.deb
      Size/MD5:   192472 b0544bc5a63801868eba7ce239b7aa20
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/twm_6.8.2-10.3_powerpc.deb
      Size/MD5:   281320 23b4f8a14b9c91eb80736a70ff8a26f8
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-core_6.8.2-10.3_powerpc.deb
      Size/MD5:   166912 b25500d855e453c39b0bf84f49a37ef0
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   166992 75a6be0298904cf97fdc462587ea83c2
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xbase-clients_6.8.2-10.3_powerpc.deb
      Size/MD5:  1927132 9252205587ab7f8565de7e65ab55aa25
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xdm_6.8.2-10.3_powerpc.deb
      Size/MD5:   308934 b2a884fe3887e5c2d870a82041ec5619
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xdmx_6.8.2-10.3_powerpc.deb
      Size/MD5:  1138200 890b9aeee23a3586b65c65d2e2d224d7
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xfs_6.8.2-10.3_powerpc.deb
      Size/MD5:   398620 04f55a7634dc2816f3a214ee46303f92
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xfwp_6.8.2-10.3_powerpc.deb
      Size/MD5:   190988 80f31af0b73bfb8acc995ab2b79c2e19
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibmesa-dri-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5: 56809486 c4d6453c33a80cbfc88d854a1a0d0a74
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibmesa-dri_6.8.2-10.3_powerpc.deb
      Size/MD5:  3510136 60b4d6abe2bc54d0958e95cbe93a15c4
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibmesa-gl-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:  2949888 b90468c380411cd44410b2bfb9c9bd21
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibmesa-gl-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   779672 92f535b3a49514cf5c2de35927be010e
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibmesa-gl_6.8.2-10.3_powerpc.deb
      Size/MD5:   331558 7a3a64b2b50aec97b8853d33c4ba1719
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibmesa-glu-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:  1706478 7890ff94da009d412c8d2e33d3ab723b
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibmesa-glu-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   474222 9e0c5de3db353b37f62dab5a7c205bf8
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibmesa-glu_6.8.2-10.3_powerpc.deb
      Size/MD5:   378948 0d4ce5a2c8885177b47b891bd5d04c53
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibmesa3_6.8.2-10.3_powerpc.deb
      Size/MD5:   166714 34b18bd6a90c75bb7880955b0615e30b
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibosmesa-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   931766 6a00e8871c5a540ceb190978361771c6
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibosmesa4-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5:  8830642 69f2518346aedc2c4396d5b404f8cc26
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibosmesa4_6.8.2-10.3_powerpc.deb
      Size/MD5:   768102 c62d022601a1ea7ac4f105b05b6ceae3
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-dev_6.8.2-10.3_powerpc.deb
      Size/MD5:   502296 d0cebc9e09d34e9eee3e85b1e622ec69
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-pic_6.8.2-10.3_powerpc.deb
      Size/MD5:   241762 8dd10b8e5fcaa68da81445347f19573d
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xmh_6.8.2-10.3_powerpc.deb
      Size/MD5:   241546 7fdb43df33a5bc9a208fc1ef7a01c6d4
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xnest_6.8.2-10.3_powerpc.deb
      Size/MD5:  1546666 d88f3844e5a6debb1e7cdd93ed071945
    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xprt_6.8.2-10.3_powerpc.deb
      Size/MD5:  1864394 e8b6df4808c2e02c82e674290176478b
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-common_6.8.2-10.3_powerpc.deb
      Size/MD5:   343300 75b1462614a1f96dcd3d5b3b2d2f5688
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-dbg_6.8.2-10.3_powerpc.deb
      Size/MD5: 51247940 37a02b42422d2476ed0992371b06a05b
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg_6.8.2-10.3_powerpc.deb
      Size/MD5:  5689334 ed5a97d8d2c09985f3cfc4b92e246b68
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xterm_6.8.2-10.3_powerpc.deb
      Size/MD5:   518448 4bd41822fc51e975da452a209e5be7d4
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xutils_6.8.2-10.3_powerpc.deb
      Size/MD5:   915242 12468aca5ccb154ae2b1e6685da82229
    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xvfb_6.8.2-10.3_powerpc.deb
      Size/MD5:  1652978 5efc59ce94193aabadb855878057654e

Updated packages for Ubuntu 5.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_0.99.0+cvs.20050909-1.1.diff.gz
      Size/MD5:     5807 5c5f3b191361890b312a3ad29496d52d
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_0.99.0+cvs.20050909-1.1.dsc
      Size/MD5:      771 cd9a79ec4832b2e51e3b4ae6014148ba
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_0.99.0+cvs.20050909.orig.tar.gz
      Size/MD5:   788911 32b390bd94e4250475702e668b2bf243

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_0.99.0+cvs.20050909-1.1_amd64.deb
      Size/MD5:   297716 1add397c7e50ba9d5bee334aa9c48a88
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_0.99.0+cvs.20050909-1.1_amd64.deb
      Size/MD5:   377364 a71aa76c24762aba601663aa008dae7e
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_0.99.0+cvs.20050909-1.1_amd64.deb
      Size/MD5:   243234 acd64daaee5f18ed13e5629a57d13575

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_0.99.0+cvs.20050909-1.1_i386.deb
      Size/MD5:   275664 717ea3ef4944f810ebd574c5493626f2
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_0.99.0+cvs.20050909-1.1_i386.deb
      Size/MD5:   321266 5cfb30fbda377bc8c0c8adf18cce1a3d
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_0.99.0+cvs.20050909-1.1_i386.deb
      Size/MD5:   217562 821f76818df6d858200d3b1c411d20aa

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_0.99.0+cvs.20050909-1.1_powerpc.deb
      Size/MD5:   285688 890aec619f8153169f08b01d4512403d
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_0.99.0+cvs.20050909-1.1_powerpc.deb
      Size/MD5:   372802 63fb43614735ea103d42f6e9aa3f7e36
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_0.99.0+cvs.20050909-1.1_powerpc.deb
      Size/MD5:   237478 ae04e5e204690d9fd15ed3f9d7d51eff

  sparc architecture (Sun SPARC/UltraSPARC)

    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_0.99.0+cvs.20050909-1.1_sparc.deb
      Size/MD5:   294582 4863bc8e017a24e6266637157a12309b
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_0.99.0+cvs.20050909-1.1_sparc.deb
      Size/MD5:   323810 98710a2fe5ff46f347680c6a7183c686
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_0.99.0+cvs.20050909-1.1_sparc.deb
      Size/MD5:   232126 6273cb1cc009890f1281eaef1c984d05

Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.0.0-0ubuntu3.1.diff.gz
      Size/MD5:     6038 ce274a9eac5e27592eeca83790d57d66
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.0.0-0ubuntu3.1.dsc
      Size/MD5:      745 a4442bff756ba5819109650de06b1afb
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.0.0.orig.tar.gz
      Size/MD5:   816966 29c00c678d4ac9bea8ffe7ba264825d0

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.0.0-0ubuntu3.1_amd64.deb
      Size/MD5:   302528 05805c8cd750a15f8434e65883610be2
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.0.0-0ubuntu3.1_amd64.deb
      Size/MD5:   375524 cface707893a04afdfaebe0afa3cca64
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.0.0-0ubuntu3.1_amd64.deb
      Size/MD5:   242498 cecfc9955ac9c8db52356c81267016ce

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.0.0-0ubuntu3.1_i386.deb
      Size/MD5:   278666 7f6104e214dd85b0ecc83eb8b3e273b1
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.0.0-0ubuntu3.1_i386.deb
      Size/MD5:   320532 9fb7b579448032d00bdca8161510af96
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.0.0-0ubuntu3.1_i386.deb
      Size/MD5:   216174 b8376ca0e2b8bfe5b3e0753c60033e72

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.0.0-0ubuntu3.1_powerpc.deb
      Size/MD5:   290666 0dad0168805330df0fcc08cff3d141e1
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.0.0-0ubuntu3.1_powerpc.deb
      Size/MD5:   369606 97772045638db6b5d8d4722809f10bb3
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.0.0-0ubuntu3.1_powerpc.deb
      Size/MD5:   235158 665acdc374aae7f622d5b58ae2fa7432

  sparc architecture (Sun SPARC/UltraSPARC)

    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.0.0-0ubuntu3.1_sparc.deb
      Size/MD5:   297596 3ca88d43b04982ea2f7b3159b4be7596
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.0.0-0ubuntu3.1_sparc.deb
      Size/MD5:   321126 43b0ffdfdfa62ac906ea826410dace70
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.0.0-0ubuntu3.1_sparc.deb
      Size/MD5:   229494 c5d387628e28257a4be4db928b7ae915
    

- 漏洞信息 (F49468)

Mandriva Linux Security Advisory 2006.148 (PacketStormID:F49468)
2006-08-28 00:00:00
Mandriva  mandriva.com
advisory,overflow,arbitrary,root
linux,mandriva
CVE-2006-3467
[点击下载]

Mandriva Linux Security Advisory MDKSA-2006-148 - An integer overflow flaw was discovered in how xorg-x11/XFree86 handles PCF files. A malicious authorized client could exploit the issue to cause a DoS (crash) or potentially execute arbitrary code with root privileges on the xorg-x11/XFree86 server.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2006:148
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : xorg-x11
 Date    : August 24, 2006
 Affected: 2006.0, Corporate 3.0
 _______________________________________________________________________
 
 Problem Description:
 
 An integer overflow flaw was discovered in how xorg-x11/XFree86 handles
 PCF files.  A malicious authorized client could exploit the issue to
 cause a DoS (crash) or potentially execute arbitrary code with root
 privileges on the xorg-x11/XFree86 server.
 
 Updated packages are patched to address this issue.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3467
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2006.0:
 e96690462ea6e57335b457d763e26b80  2006.0/RPMS/libxorg-x11-6.9.0-5.8.20060mdk.i586.rpm
 31f632a499f6a55459ce5446ad5871b5  2006.0/RPMS/libxorg-x11-devel-6.9.0-5.8.20060mdk.i586.rpm
 1c0eda1098546a703159832671e10e99  2006.0/RPMS/libxorg-x11-static-devel-6.9.0-5.8.20060mdk.i586.rpm
 5ac9c8c715cb5df656ccbacec5a87dae  2006.0/RPMS/X11R6-contrib-6.9.0-5.8.20060mdk.i586.rpm
 ac15309aaeb2a021658314afde737da4  2006.0/RPMS/xorg-x11-100dpi-fonts-6.9.0-5.8.20060mdk.i586.rpm
 f155986261ac4d70982f68b51a38c3dc  2006.0/RPMS/xorg-x11-6.9.0-5.8.20060mdk.i586.rpm
 1c7afcc1116ae6db0df1fbec846c552f  2006.0/RPMS/xorg-x11-75dpi-fonts-6.9.0-5.8.20060mdk.i586.rpm
 2273cbc4aac47f3060e39a5bebc69392  2006.0/RPMS/xorg-x11-cyrillic-fonts-6.9.0-5.8.20060mdk.i586.rpm
 f67859d61e75afe3bcc1e481e346c72c  2006.0/RPMS/xorg-x11-doc-6.9.0-5.8.20060mdk.i586.rpm
 f2685335f3b56d1e4d00f629fc4c4bad  2006.0/RPMS/xorg-x11-glide-module-6.9.0-5.8.20060mdk.i586.rpm
 dbb7aecf3aa04ebdd98ce07a2d8e7ba5  2006.0/RPMS/xorg-x11-server-6.9.0-5.8.20060mdk.i586.rpm
 bdb37de9d95ac078fa2e1a0e87de7a5e  2006.0/RPMS/xorg-x11-xauth-6.9.0-5.8.20060mdk.i586.rpm
 06022dee267d75d01ff580a9e7afa3d4  2006.0/RPMS/xorg-x11-Xdmx-6.9.0-5.8.20060mdk.i586.rpm
 483903328a38387fc0d0584e5478d474  2006.0/RPMS/xorg-x11-xfs-6.9.0-5.8.20060mdk.i586.rpm
 6c720d145e82cfa47b3ffabae2b5493a  2006.0/RPMS/xorg-x11-Xnest-6.9.0-5.8.20060mdk.i586.rpm
 bc7b594caa1d2142eb32f25e5a8bbf57  2006.0/RPMS/xorg-x11-Xprt-6.9.0-5.8.20060mdk.i586.rpm
 5861d29021e989dd2ebcc668c6620444  2006.0/RPMS/xorg-x11-Xvfb-6.9.0-5.8.20060mdk.i586.rpm
 5915dadb375c54be929c6f336b7c0231  2006.0/SRPMS/xorg-x11-6.9.0-5.8.20060mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 2f0e74defdcef7544d949eaef81051b7  x86_64/2006.0/RPMS/lib64xorg-x11-6.9.0-5.8.20060mdk.x86_64.rpm
 f9dca9d58a256e537586df14f0f3709b  x86_64/2006.0/RPMS/lib64xorg-x11-devel-6.9.0-5.8.20060mdk.x86_64.rpm
 ff60d844dbf4f376a2e7ec5468cd5701  x86_64/2006.0/RPMS/lib64xorg-x11-static-devel-6.9.0-5.8.20060mdk.x86_64.rpm
 3d7251620e95952a72708a25a9d6b9ad  x86_64/2006.0/RPMS/X11R6-contrib-6.9.0-5.8.20060mdk.x86_64.rpm
 ae47c639f87ca7238c54449e4dac06e4  x86_64/2006.0/RPMS/xorg-x11-100dpi-fonts-6.9.0-5.8.20060mdk.x86_64.rpm
 a9b1178ae4b51e0f04ca6ab305b7dd00  x86_64/2006.0/RPMS/xorg-x11-6.9.0-5.8.20060mdk.x86_64.rpm
 1c53adb504f5bdd86123e8cc470e2316  x86_64/2006.0/RPMS/xorg-x11-75dpi-fonts-6.9.0-5.8.20060mdk.x86_64.rpm
 49f3696276eb8d8db9894ad74aa300e7  x86_64/2006.0/RPMS/xorg-x11-cyrillic-fonts-6.9.0-5.8.20060mdk.x86_64.rpm
 f2b94e866eeafb9db914990f19ace8c7  x86_64/2006.0/RPMS/xorg-x11-doc-6.9.0-5.8.20060mdk.x86_64.rpm
 f31dd3184054ea253f98e9b628a835e4  x86_64/2006.0/RPMS/xorg-x11-glide-module-6.9.0-5.8.20060mdk.x86_64.rpm
 2f17814f669ec11941bf1a8d72213cfa  x86_64/2006.0/RPMS/xorg-x11-server-6.9.0-5.8.20060mdk.x86_64.rpm
 b55e6ba22af3d404d83a4e6c762620b1  x86_64/2006.0/RPMS/xorg-x11-xauth-6.9.0-5.8.20060mdk.x86_64.rpm
 130f98fbbbd53c49f1af4a174ce46d48  x86_64/2006.0/RPMS/xorg-x11-Xdmx-6.9.0-5.8.20060mdk.x86_64.rpm
 263baf4aa6f429af65a4f22c25b1f967  x86_64/2006.0/RPMS/xorg-x11-xfs-6.9.0-5.8.20060mdk.x86_64.rpm
 893c19c630ef1c6adcc189c7e87fd533  x86_64/2006.0/RPMS/xorg-x11-Xnest-6.9.0-5.8.20060mdk.x86_64.rpm
 9e83acc573420cebe10682e38e9435ac  x86_64/2006.0/RPMS/xorg-x11-Xprt-6.9.0-5.8.20060mdk.x86_64.rpm
 7d562d5dcccc236eee9e9b62e68297f4  x86_64/2006.0/RPMS/xorg-x11-Xvfb-6.9.0-5.8.20060mdk.x86_64.rpm
 5915dadb375c54be929c6f336b7c0231  x86_64/2006.0/SRPMS/xorg-x11-6.9.0-5.8.20060mdk.src.rpm

 Corporate 3.0:
 b8ec2f34a2de5dcce58c767d7acb9742  corporate/3.0/RPMS/libxfree86-4.3-32.6.C30mdk.i586.rpm
 17ef760371f3c6132ffbeb16b8cc334f  corporate/3.0/RPMS/libxfree86-devel-4.3-32.6.C30mdk.i586.rpm
 0dfdac241d26016477688c7cdafa9954  corporate/3.0/RPMS/libxfree86-static-devel-4.3-32.6.C30mdk.i586.rpm
 b3c9d0af6cd576695f42646b0e64823b  corporate/3.0/RPMS/X11R6-contrib-4.3-32.6.C30mdk.i586.rpm
 68c7ceffb72aa9962ff785470a4420eb  corporate/3.0/RPMS/XFree86-100dpi-fonts-4.3-32.6.C30mdk.i586.rpm
 f6c0dcbb55abfdb3fe731e7a02a516d7  corporate/3.0/RPMS/XFree86-4.3-32.6.C30mdk.i586.rpm
 691a6da2b476618b92410b54b2cc659e  corporate/3.0/RPMS/XFree86-75dpi-fonts-4.3-32.6.C30mdk.i586.rpm
 7d86c5eed71597a8ccb9615dbdcd203e  corporate/3.0/RPMS/XFree86-cyrillic-fonts-4.3-32.6.C30mdk.i586.rpm
 54890690be35fa07c24a153294b4f047  corporate/3.0/RPMS/XFree86-doc-4.3-32.6.C30mdk.i586.rpm
 ad22989ca3a580e832224a032ccb2e5f  corporate/3.0/RPMS/XFree86-glide-module-4.3-32.6.C30mdk.i586.rpm
 67f5e5000b538a5df6dd7d999acfaecd  corporate/3.0/RPMS/XFree86-server-4.3-32.6.C30mdk.i586.rpm
 db5ba130a18b93d416e781b77e48b752  corporate/3.0/RPMS/XFree86-xfs-4.3-32.6.C30mdk.i586.rpm
 2c09fd4d1a1b61a1170c6d50eb675979  corporate/3.0/RPMS/XFree86-Xnest-4.3-32.6.C30mdk.i586.rpm
 70b0c2ec881d07f1db12921d072b77d6  corporate/3.0/RPMS/XFree86-Xvfb-4.3-32.6.C30mdk.i586.rpm
 61d6302023daef2488822d0146d73baf  corporate/3.0/SRPMS/XFree86-4.3-32.6.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 40d18d307b0d7ebcc665559a31226c97  x86_64/corporate/3.0/RPMS/lib64xfree86-4.3-32.6.C30mdk.x86_64.rpm
 b482d0e7d223afeda7c15a78dc91f526  x86_64/corporate/3.0/RPMS/lib64xfree86-devel-4.3-32.6.C30mdk.x86_64.rpm
 4850377b6975c3b6747ced40f77fefda  x86_64/corporate/3.0/RPMS/lib64xfree86-static-devel-4.3-32.6.C30mdk.x86_64.rpm
 962df4b68d2ac9b94540b1f12b5daeb4  x86_64/corporate/3.0/RPMS/X11R6-contrib-4.3-32.6.C30mdk.x86_64.rpm
 a7ef4764f0e80e25f46d8118ea926eb0  x86_64/corporate/3.0/RPMS/XFree86-100dpi-fonts-4.3-32.6.C30mdk.x86_64.rpm
 93da80be668a3feeb55cbf418e9ca3ba  x86_64/corporate/3.0/RPMS/XFree86-4.3-32.6.C30mdk.x86_64.rpm
 cb6db58a236a35a6923f475b595426fa  x86_64/corporate/3.0/RPMS/XFree86-75dpi-fonts-4.3-32.6.C30mdk.x86_64.rpm
 5243dcbb796550a6c3cb6097ef0e8b93  x86_64/corporate/3.0/RPMS/XFree86-cyrillic-fonts-4.3-32.6.C30mdk.x86_64.rpm
 7212b487461c2f16c7b53adc6883bc9e  x86_64/corporate/3.0/RPMS/XFree86-doc-4.3-32.6.C30mdk.x86_64.rpm
 059398da9ef868e4c445a3c3963804d7  x86_64/corporate/3.0/RPMS/XFree86-server-4.3-32.6.C30mdk.x86_64.rpm
 7fa19747b99f4ddda0fa8bedc4e08e2b  x86_64/corporate/3.0/RPMS/XFree86-xfs-4.3-32.6.C30mdk.x86_64.rpm
 01fc36b3ec6878c51a61ec35f0e98328  x86_64/corporate/3.0/RPMS/XFree86-Xnest-4.3-32.6.C30mdk.x86_64.rpm
 be65abdd2513cf7e687542a12638e907  x86_64/corporate/3.0/RPMS/XFree86-Xvfb-4.3-32.6.C30mdk.x86_64.rpm
 61d6302023daef2488822d0146d73baf  x86_64/corporate/3.0/SRPMS/XFree86-4.3-32.6.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFE7dE5mqjQ0CJFipgRAkmJAJ987IPd2J7hufP3zvRBCAhRjADZHwCcDjYV
QXRKDea0qG0wZbb7c0ZIgsk=
=RU87
-----END PGP SIGNATURE-----

    

- 漏洞信息 (F48989)

SUSE-SA-2006-045.txt (PacketStormID:F48989)
2006-08-17 00:00:00
 
advisory
linux,suse
CVE-2006-3467
[点击下载]

SUSE Security Announcement SUSE-SA:2006:045 - This security update fixes crashes in the PCF handling of freetype2 which might be used to crash freetype2 using applications or even to execute code in them.

-----BEGIN PGP SIGNED MESSAGE-----

______________________________________________________________________________

                        SUSE Security Announcement

        Package:                freetype2
        Announcement ID:        SUSE-SA:2006:045
        Date:                   Tue, 01 Aug 2006 18:00:00 +0000
        Affected Products:      SLE SDK 10
                                SUSE LINUX 10.1
                                SUSE LINUX 10.0
                                SUSE LINUX 9.3
                                SUSE LINUX 9.2
                                SuSE Linux Desktop 1.0
                                SuSE Linux Enterprise Server 8
                                SUSE SLES 10
                                SUSE SLES 9
                                UnitedLinux 1.0
        Vulnerability Type:     possible code execution
        Severity (1-10):        8
        SUSE Default Package:   yes
        Cross-References:       CVE-2006-3467

    Content of This Advisory:
        1) Security Vulnerability Resolved:
             integer overflow
           Problem Description
        2) Solution or Work-Around
        3) Special Instructions and Notes
        4) Package Location and Checksums
        5) Pending Vulnerabilities, Solutions, and Work-Arounds:
        6) Authenticity Verification and Additional Information

______________________________________________________________________________

1) Problem Description and Brief Discussion

   This security update fixes crashes in the PCF handling of freetype2
   which might be used to crash freetype2 using applications or even
   to execude code in them.

2) Solution or Work-Around

   No work-around known.

3) Special Instructions and Notes

   Please restart all applications using libtiff. Desktop users should logout
   and re-login.
   On server systems you have to restart all server applications manually.

4) Package Location and Checksums

   The preferred method for installing security updates is to use the YaST
   Online Update (YOU) tool. YOU detects which updates are required and
   automatically performs the necessary steps to verify and install them.
   Alternatively, download the update packages for your distribution manually
   and verify their integrity by the methods listed in Section 6 of this
   announcement. Then install the packages using the command

     rpm -Fhv <file.rpm>

   to apply the update, replacing <file.rpm> with the filename of the
   downloaded RPM package.

   
   x86 Platform:
   
   SUSE LINUX 10.1:
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/freetype2-2.1.10-18.8.i586.rpm
          5b3f167cce62870117a4e2fa009bae4f
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/freetype2-devel-2.1.10-18.8.i586.rpm
          e927b989339e9f9bec00d1b9dcaf9a19
   
   SUSE LINUX 10.0:
   ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/freetype2-2.1.10-4.4.i586.rpm
          531f4629f8dc5a2875f9e1c9aec0b1b5
   ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/freetype2-devel-2.1.10-4.4.i586.rpm
          42dd4c6ca44ba52786519f59c83624b9
   
   SUSE LINUX 9.3:
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/freetype2-2.1.9-4.4.i586.rpm
          c4c0764be947a478d0b5583e50510903
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/freetype2-devel-2.1.9-4.4.i586.rpm
          3519d6e62b3d582bc47e5af1a2c774c6
   
   SUSE LINUX 9.2:
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/freetype2-2.1.9-3.4.i586.rpm
          146856628a74cb15457e11aa7337c31f
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/freetype2-devel-2.1.9-3.4.i586.rpm
          c416e6195fb1aa805e288526d54381af
   
   Power PC Platform:
   
   SUSE LINUX 10.1:
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/freetype2-2.1.10-18.8.ppc.rpm
          2fb95c4f2d717cf3813db084be206a9f
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/freetype2-devel-2.1.10-18.8.ppc.rpm
          e42b9fb058f7fc177a5923b76d43aa1d
   
   SUSE LINUX 10.0:
   ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/freetype2-2.1.10-4.4.ppc.rpm
          57edbb76b03b7ea2c4a0649549f2556f
   ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/freetype2-devel-2.1.10-4.4.ppc.rpm
          3e84a91d83f2723e4f1e9174bc744976
   
   x86-64 Platform:
   
   SUSE LINUX 10.1:
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/freetype2-2.1.10-18.8.x86_64.rpm
          b6e4eb912ae20cc5e2108918aa4223ce
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/freetype2-32bit-2.1.10-18.8.x86_64.rpm
          200e0497a3aba6400b95def9fd370743
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/freetype2-devel-2.1.10-18.8.x86_64.rpm
          0069a1143bda97ed5c65e37561b634a6
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/freetype2-devel-32bit-2.1.10-18.8.x86_64.rpm
          eadbd8ec95d26e0b377c41b0a4b81ce7
   
   SUSE LINUX 10.0:
   ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/freetype2-2.1.10-4.4.x86_64.rpm
          502ee9101176c8cabe74ffa96b9c86bf
   ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/freetype2-32bit-2.1.10-4.4.x86_64.rpm
          b3839f54586cb9250067b43e9c37ff4f
   ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/freetype2-devel-2.1.10-4.4.x86_64.rpm
          db9965909415db561e09bee9f6fbb445
   ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/freetype2-devel-32bit-2.1.10-4.4.x86_64.rpm
          e84c092650ccd5dee76edaa90cbb26b0
   
   SUSE LINUX 9.3:
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/freetype2-2.1.9-4.4.x86_64.rpm
          eef00de5d1a91266ed07285f4da34af2
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/freetype2-32bit-9.3-7.2.x86_64.rpm
          c906a892e78ffd90fcd96aba1d20f0f2
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/freetype2-devel-2.1.9-4.4.x86_64.rpm
          62c7a3e6baab5ea1276f4e1b6bc2ca69
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/freetype2-devel-32bit-9.3-7.2.x86_64.rpm
          e5d5670a23d190565c0c3691bcf6dba7
   
   SUSE LINUX 9.2:
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/freetype2-2.1.9-3.4.x86_64.rpm
          de7b9ea0e3aeae01c5fac30cc34a4e55
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/freetype2-32bit-9.2-200607282225.x86_64.rpm
          d2abe911c1b5147c1ac917c3f2704397
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/freetype2-devel-2.1.9-3.4.x86_64.rpm
          b5b7030ca22d70fad00bd1ed437906bb
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/freetype2-devel-32bit-9.2-200607282225.x86_64.rpm
          8d1c484d443d317fc05ee83f426c83fa
   
   Sources:
   
   SUSE LINUX 10.1:
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/freetype2-2.1.10-18.8.src.rpm
          0b6ab9aba01fb96057457dfa029075c6
   
   SUSE LINUX 10.0:
   ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/freetype2-2.1.10-4.4.src.rpm
          22d3bccb56fade850da7f816f1b482f2
   
   SUSE LINUX 9.3:
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/freetype2-2.1.9-4.4.src.rpm
          1535c2f49679dac17b60199e3f447121
   
   SUSE LINUX 9.2:
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/freetype2-2.1.9-3.4.src.rpm
          0a33023485fbdd877595ad66e541d06c
   
   Our maintenance customers are notified individually. The packages are
   offered for installation from the maintenance web:
   
   http://support.novell.com/cgi-bin/search/searchtid.cgi?psdb/f534b9ffd4b983d69bc74733530440a8.html
   http://support.novell.com/cgi-bin/search/searchtid.cgi?psdb/c5665912fca64d68365399f85b8dad06.html

______________________________________________________________________________

5) Pending Vulnerabilities, Solutions, and Work-Arounds:

   Please restart all applications using libtiff. Desktop users should logout
   and re-login.
   On server systems you have to restart all server applications manually.

______________________________________________________________________________

6) Authenticity Verification and Additional Information

  - Announcement authenticity verification:

    SUSE security announcements are published via mailing lists and on Web
    sites. The authenticity and integrity of a SUSE security announcement is
    guaranteed by a cryptographic signature in each announcement. All SUSE
    security announcements are published with a valid signature.

    To verify the signature of the announcement, save it as text into a file
    and run the command

      gpg --verify <file>

    replacing <file> with the name of the file where you saved the
    announcement. The output for a valid signature looks like:

      gpg: Signature made <DATE> using RSA key ID 3D25D3D9
      gpg: Good signature from "SuSE Security Team <security@suse.de>"

    where <DATE> is replaced by the date the document was signed.

    If the security team's key is not contained in your key ring, you can
    import it from the first installation CD. To import the key, use the
    command

      gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc

  - Package authenticity verification:

    SUSE update packages are available on many mirror FTP servers all over the
    world. While this service is considered valuable and important to the free
    and open source software community, the authenticity and the integrity of
    a package needs to be verified to ensure that it has not been tampered
    with.

    There are two verification methods that can be used independently from
    each other to prove the authenticity of a downloaded file or RPM package:

    1) Using the internal gpg signatures of the rpm package
    2) MD5 checksums as provided in this announcement

    1) The internal rpm package signatures provide an easy way to verify the
       authenticity of an RPM package. Use the command

        rpm -v --checksig <file.rpm>

       to verify the signature of the package, replacing <file.rpm> with the
       filename of the RPM package downloaded. The package is unmodified if it
       contains a valid signature from build@suse.de with the key ID 9C800ACA.

       This key is automatically imported into the RPM database (on
       RPMv4-based distributions) and the gpg key ring of 'root' during
       installation. You can also find it on the first installation CD and at
       the end of this announcement.

    2) If you need an alternative means of verification, use the md5sum
       command to verify the authenticity of the packages. Execute the command

         md5sum <filename.rpm>

       after you downloaded the file from a SUSE FTP server or its mirrors.
       Then compare the resulting md5sum with the one that is listed in the
       SUSE security announcement. Because the announcement containing the
       checksums is cryptographically signed (by security@suse.de), the
       checksums show proof of the authenticity of the package if the
       signature of the announcement is valid. Note that the md5 sums
       published in the SUSE Security Announcements are valid for the
       respective packages only. Newer versions of these packages cannot be
       verified.

  - SUSE runs two security mailing lists to which any interested party may
    subscribe:

    suse-security@suse.com
        -   General Linux and SUSE security discussion.
            All SUSE security announcements are sent to this list.
            To subscribe, send an e-mail to
                <suse-security-subscribe@suse.com>.

    suse-security-announce@suse.com
        -   SUSE's announce-only mailing list.
            Only SUSE's security announcements are sent to this list.
            To subscribe, send an e-mail to
                <suse-security-announce-subscribe@suse.com>.

    For general information or the frequently asked questions (FAQ),
    send mail to <suse-security-info@suse.com> or
    <suse-security-faq@suse.com>.

    =====================================================================
    SUSE's security contact is <security@suse.com> or <security@suse.de>.
    The <security@suse.de> public key is listed below.
    =====================================================================
______________________________________________________________________________

    The information in this advisory may be distributed or reproduced,
    provided that the advisory is not modified in any way. In particular, the
    clear text signature should show proof of the authenticity of the text.

    SUSE Linux Products GmbH provides no warranties of any kind whatsoever
    with respect to the information contained in this security advisory.

Type Bits/KeyID     Date       User ID
pub  2048R/3D25D3D9 1999-03-06 SuSE Security Team <security@suse.de>
pub  1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build@suse.de>

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.2 (GNU/Linux)

mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA
BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz
JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh
1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U
P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+
cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg
VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b
yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7
tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ
xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63
Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo
choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI
BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u
v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+
x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0
Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq
MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2
saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o
L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU
F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS
FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW
tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It
Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF
AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+
3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk
YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP
+Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR
8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U
8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S
cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh
ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB
UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo
AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n
KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi
BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro
nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg
KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx
yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn
B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV
wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh
UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF
5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3
D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu
zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd
9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi
a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13
CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp
271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE
t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG
B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw
rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt
IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL
rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H
RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa
g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA
CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO
=ypVs
- -----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux)

iQEVAwUBRM+C7ney5gA9JdPZAQFWygf/ZL4PuZjp5DEvaE8mZlXWRNjUWZisVP0g
5UbJ9WKx/YaWKQOaVDo1nMgK2xoIU0mwx0pSy5kB8Cn9GYaBorLSkJhcOh3EHoQO
Rr8MuceRVgrp6T5NKJgvtmc2rUXCuTiz62Q7GxZpZit9gFWfryhzRD/ip1aHf3mQ
7hjtQMQnPMGZm/WEnD5GtlKM4NZHxnElP9nYa/p+5z5pdXupGE+cxVlSQn0yr8TU
CyPvbeRpuPZf/96roDN2yjO2jI12/mX1tAbryAhfCy6slLIQFWHllsOXHz3MIqyP
03xQosCnAoJago0WYxDeEDcpX4gfPnMAH/iJy/kettOq0RMH9Ww7Nw==
=Wk5Z
-----END PGP SIGNATURE-----
    

- 漏洞信息 (F48762)

OpenPKG Security Advisory 2006.17 (PacketStormID:F48762)
2006-08-03 00:00:00
OpenPKG Foundation  openpkg.org
advisory
CVE-2006-3467,CVE-2006-2661,CVE-2006-2493,CVE-2006-0747
[点击下载]

OpenPKG Security Advisory OpenPKG-SA-2006.017 - Multiple security issues exist in the FreeType font rendering library before version 2.2.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

OpenPKG Security Advisory                            The OpenPKG Project
http://www.openpkg.org/security/                  http://www.openpkg.org
openpkg-security@openpkg.org                         openpkg@openpkg.org
OpenPKG-SA-2006.017                                          28-Jul-2006
________________________________________________________________________

Package:             freetype
Vulnerability:       denial of service, arbitrary code execution
OpenPKG Specific:    no

Affected Releases:   Affected Packages:       Corrected Packages:
OpenPKG CURRENT      N.A.                     N.A.
OpenPKG 2-STABLE     N.A.                     N.A.
OpenPKG 2.5-RELEASE  <= freetype-2.1.10-2.5.0 >= freetype-2.1.10-2.5.1

Description:
  Multiple security issues exist in the FreeType [1] font rendering
  library before version 2.2:

  An integer overflow allows remote attackers to cause a Denial of
  Service (DoS) and possibly execute arbitrary code via unknown vectors,
  as demonstrated by the Red Hat "bad1.pcf" test file, due to a partial
  fix of CVE-2006-1861. The Common Vulnerabilities and Exposures (CVE)
  project assigned the id CVE-2006-3467 [2] to the problem.

  Remote attackers can cause a Denial of Service (DoS) via a specially
  crafted font file that triggers a NULL dereference. The Common
  Vulnerabilities and Exposures (CVE) project assigned the id
  CVE-2006-2661 [3] to the problem.

  Multiple integer overflows allow remote attackers to cause a
  Denial of Service (DoS) and possibly execute arbitrary code. The
  Common Vulnerabilities and Exposures (CVE) project assigned the
  id CVE-2006-1861 [4] to the problem. Parts of this issue the
  Common Vulnerabilities and Exposures (CVE) project assigned the id
  CVE-2006-2493, which is now rejected.

  Integer underflow allows remote attackers to cause a Denial of Service
  (DoS) via a specially crafted font file with an odd number of "blue"
  values, which causes the underflow when decrementing by 2 in a context
  that assumes an even number of values. The Common Vulnerabilities
  and Exposures (CVE) project assigned the id CVE-2006-0747 [5] to the
  problem.

  An additional flaw causes some programs to go into an infinite loop
  and this way cause a Denial of Service (DoS) when dealing with fonts
  that don't have a properly sorted kerning sub-table.
________________________________________________________________________

References:
  [1] http://www.freetype.org/
  [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3467
  [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2661
  [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1861
  [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0747
________________________________________________________________________

For security reasons, this advisory was digitally signed with the
OpenPGP public key "OpenPKG <openpkg@openpkg.org>" (ID 63C4CB9F) of the
OpenPKG project which you can retrieve from http://pgp.openpkg.org and
hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org
for details on how to verify the integrity of this advisory.
________________________________________________________________________

-----BEGIN PGP SIGNATURE-----
Comment: OpenPKG <openpkg@openpkg.org>

iD8DBQFEyfw3gHWT4GPEy58RAiB1AKDKGX5q6ovQuoQXjnV9KY3jvCLJNgCgxCdg
difG4d5DnORPqstdPAUejm8=
=hbbe
-----END PGP SIGNATURE-----
    

- 漏洞信息 (F48451)

Mandriva Linux Security Advisory 2006.129 (PacketStormID:F48451)
2006-07-24 00:00:00
Mandriva  mandriva.com
advisory,overflow,arbitrary
linux,mandriva
CVE-2006-3467,CVE-2006-1861
[点击下载]

Mandriva Linux Security Advisory MDKSA-2006-129 - An additional overflow, similar to those corrected by patches for CVE-2006-1861 was found in libfreetype. If a user loads a carefully crafted font file with a program linked against FreeType, it could cause the application to crash or execute arbitrary code as the user.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2006:129
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : freetype2
 Date    : July 20, 2006
 Affected: 2006.0, Corporate 3.0, Multi Network Firewall 2.0
 _______________________________________________________________________
 
 Problem Description:
 
 An additional overflow, similar to those corrected by patches for 
 CVE-2006-1861 was found in libfreetype.  If a user loads a carefully 
 crafted font file with a program linked against FreeType, it could cause 
 the application to crash or execute arbitrary code as the user. 
 
 Updated packages have been patched to correct this issue.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3467
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2006.0:
 58610d57ba81e18fd281de0723377d15  2006.0/RPMS/libfreetype6-2.1.10-9.4.20060mdk.i586.rpm
 acc57dee23d472c2dd67a7dfd4f31178  2006.0/RPMS/libfreetype6-devel-2.1.10-9.4.20060mdk.i586.rpm
 0cb439096b7c68f7b087494f460733ef  2006.0/RPMS/libfreetype6-static-devel-2.1.10-9.4.20060mdk.i586.rpm
 21644362815c06ab64672919b74d4482  2006.0/SRPMS/freetype2-2.1.10-9.4.20060mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 bc9d61266c643afb4c621b69fe773d1f  x86_64/2006.0/RPMS/lib64freetype6-2.1.10-9.4.20060mdk.x86_64.rpm
 7b2e091d9d451c0ca78bc1a30ca65abe  x86_64/2006.0/RPMS/lib64freetype6-devel-2.1.10-9.4.20060mdk.x86_64.rpm
 98930009ac9bc59a90045801db3e9884  x86_64/2006.0/RPMS/lib64freetype6-static-devel-2.1.10-9.4.20060mdk.x86_64.rpm
 58610d57ba81e18fd281de0723377d15  x86_64/2006.0/RPMS/libfreetype6-2.1.10-9.4.20060mdk.i586.rpm
 acc57dee23d472c2dd67a7dfd4f31178  x86_64/2006.0/RPMS/libfreetype6-devel-2.1.10-9.4.20060mdk.i586.rpm
 0cb439096b7c68f7b087494f460733ef  x86_64/2006.0/RPMS/libfreetype6-static-devel-2.1.10-9.4.20060mdk.i586.rpm
 21644362815c06ab64672919b74d4482  x86_64/2006.0/SRPMS/freetype2-2.1.10-9.4.20060mdk.src.rpm

 Corporate 3.0:
 a178787bfed2fb14fa946da97a617cc3  corporate/3.0/RPMS/libfreetype6-2.1.7-4.3.C30mdk.i586.rpm
 1635f5556cadc0cac6d069face4456a2  corporate/3.0/RPMS/libfreetype6-devel-2.1.7-4.3.C30mdk.i586.rpm
 445a95dba634a31197305bc82a87879d  corporate/3.0/RPMS/libfreetype6-static-devel-2.1.7-4.3.C30mdk.i586.rpm
 aae2d49840b8ceed17dd373ecaf1edc3  corporate/3.0/SRPMS/freetype2-2.1.7-4.3.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 8a7688a1f8ab362b8994cf15babb6a26  x86_64/corporate/3.0/RPMS/lib64freetype6-2.1.7-4.3.C30mdk.x86_64.rpm
 0590279a78710bf68de62333f594ec83  x86_64/corporate/3.0/RPMS/lib64freetype6-devel-2.1.7-4.3.C30mdk.x86_64.rpm
 42fedd6e54d1f483e5f8655b7e1607b2  x86_64/corporate/3.0/RPMS/lib64freetype6-static-devel-2.1.7-4.3.C30mdk.x86_64.rpm
 a178787bfed2fb14fa946da97a617cc3  x86_64/corporate/3.0/RPMS/libfreetype6-2.1.7-4.3.C30mdk.i586.rpm
 aae2d49840b8ceed17dd373ecaf1edc3  x86_64/corporate/3.0/SRPMS/freetype2-2.1.7-4.3.C30mdk.src.rpm

 Multi Network Firewall 2.0:
 1a19681d0cbdcf910097685bd6ea4f49  mnf/2.0/RPMS/libfreetype6-2.1.7-4.3.M20mdk.i586.rpm
 e8d868b0dfc94e945d096896b8b9e0ec  mnf/2.0/SRPMS/freetype2-2.1.7-4.3.M20mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFEv2f7mqjQ0CJFipgRAh4KAJ9Zh4S5ATdPwUBE4P8eTH4qvIoA4wCfWT5p
1068arET28g/esaIHIzlrP4=
=Zo9b
-----END PGP SIGNATURE-----

    

- 漏洞信息

27255
FreeType read_lwfn() Function Integer Overflow
Local Access Required Denial of Service, Input Manipulation
Loss of Integrity, Loss of Availability
Exploit Public Vendor Verified

- 漏洞描述

Unknown or Incomplete

- 时间线

2006-06-11 Unknow
2006-06-11 Unknow

- 解决方案

Upgrade to version 2.2.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站