lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20090311164654.GB23703@ngolde.de>
Date: Wed, 11 Mar 2009 17:46:54 +0100
From: Nico Golde <nion@...ian.org>
To: debian-security-announce@...ts.debian.org
Subject: [SECURITY] [DSA 1738-1] New curl packages fix
	arbitrary file access

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA-1738-1                    security@...ian.org
http://www.debian.org/security/                                 Nico Golde
March 11th, 2009                        http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : curl
Vulnerability  : arbitrary file access
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2009-0037
Debian Bug     : 518423
BugTraq ID     : 33962

David Kierznowski discovered that libcurl, a multi-protocol file transfer
library, when configured to follow URL redirects automatically, does not
question the new target location.  As libcurl also supports file:// and
scp:// URLs - depending on the setup - an untrusted server could use that
to expose local files, overwrite local files or even execute arbitrary
code via a malicious URL redirect.

This update introduces a new option called CURLOPT_REDIR_PROTOCOLS which by
default does not include the scp and file protocol handlers.


For the oldstable distribution (etch) this problem has been fixed in
version 7.15.5-1etch2.

For the stable distribution (lenny) this problem has been fixed in
version 7.18.2-8lenny2.

For the unstable distribution (sid) this problem has been fixed in
version 7.18.2-8.1.

We recommend that you upgrade your curl packages.


Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch
- -------------------------------

Debian (oldstable)
- ------------------

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

  http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2.dsc
    Size/MD5 checksum:      956 0a164bd43dbfb582a049fe3a737a375b
  http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5.orig.tar.gz
    Size/MD5 checksum:  1897973 61997c0d852d38c3a85b445f4fc02892
  http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2.diff.gz
    Size/MD5 checksum:    21635 47c30162c60f8192bce199f5fab0012d

Architecture independent packages:

  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dev_7.15.5-1etch2_all.deb
    Size/MD5 checksum:    22244 752d541336f513b3bfd0841e0868b472

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_alpha.deb
    Size/MD5 checksum:   166256 709d02b9dae8f4b0c7333d6f03c31628
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_alpha.deb
    Size/MD5 checksum:   816206 a36046c7827322a14d257bd3fb74010b
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_alpha.deb
    Size/MD5 checksum:   818778 967acf1522d86fdf56e84e1c5b22f147
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_alpha.deb
    Size/MD5 checksum:   809316 af0f20647d1a91d799dcbed6980428b7
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_alpha.deb
    Size/MD5 checksum:   181392 78c3b97fba2c35b5c5d1bf1eb5f1d908
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_alpha.deb
    Size/MD5 checksum:   174310 433c7e16f748f83db01989e8a249a101

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_amd64.deb
    Size/MD5 checksum:   164766 6f3f68c322aa54a5000975530ded729e
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_amd64.deb
    Size/MD5 checksum:   170058 f6fd6e8f7a3e030ca028a6750f666061
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_amd64.deb
    Size/MD5 checksum:   772142 5d3cdfcfdaf0604aeebfc395703d6df7
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_amd64.deb
    Size/MD5 checksum:   778626 490801518500a00caec9e45fb755c524
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_amd64.deb
    Size/MD5 checksum:   824964 a57398dfcbd49c33060a48671bed8a02
  http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_amd64.deb
    Size/MD5 checksum:   163446 7eaaea76d628e03e8ebdc580bff0b72b

arm architecture (ARM)

  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_arm.deb
    Size/MD5 checksum:   756884 8eed02667e02867ad3d130a40ad4f330
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_arm.deb
    Size/MD5 checksum:   762352 b5720175a10c9f7333a2e8a298aac91d
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_arm.deb
    Size/MD5 checksum:   783552 72af9664d85d8aa4ca0960da19554333
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_arm.deb
    Size/MD5 checksum:   160536 c9fb486fd46228488f391d57a9d6edc8
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_arm.deb
    Size/MD5 checksum:   165914 b1188bf4e4da054e04b77c4e8f27ca73
  http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_arm.deb
    Size/MD5 checksum:   162598 a60ef14833ef5f5bad0bffbda329e326

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_hppa.deb
    Size/MD5 checksum:   164866 73bdea9c0a854221204e7d232a464ad7
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_hppa.deb
    Size/MD5 checksum:   184262 c681c1b066c2210aa0d84f1763a14bdb
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_hppa.deb
    Size/MD5 checksum:   798798 29f2ee940a221a567c8f9568202f6f85
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_hppa.deb
    Size/MD5 checksum:   178932 76c87584e67d0e9957110bb805a15946
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_hppa.deb
    Size/MD5 checksum:   791220 9d0a1827c563e72951420d6e869a348f
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_hppa.deb
    Size/MD5 checksum:   815004 47b6884a2e5ce2224d64fdc9c5852325

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_i386.deb
    Size/MD5 checksum:   163604 16def6f8c4d5068be2bba466f89dc329
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_i386.deb
    Size/MD5 checksum:   759150 613d3cfa2de22d73706c4158f45a9380
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_i386.deb
    Size/MD5 checksum:   766468 c32cd1d31c6078d4676b8046ddc56f07
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_i386.deb
    Size/MD5 checksum:   168800 1fc225d65db9eb6508481bf2e5985d5d
  http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_i386.deb
    Size/MD5 checksum:   163240 362b7152f99699f68c93ab89e821d8d0
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_i386.deb
    Size/MD5 checksum:   800506 984abe71ca0999c8a587ed1b0042299a

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_ia64.deb
    Size/MD5 checksum:   811254 1992183aa065d3782a2992ea98c22a5a
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_ia64.deb
    Size/MD5 checksum:   838550 350899a4e4f86a672aeb2c3a2d011e94
  http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_ia64.deb
    Size/MD5 checksum:   174484 ac0a064f867f61c30ebd1cd7da6ea845
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_ia64.deb
    Size/MD5 checksum:   217504 032debd42a9a3cc08f65ee17097fe9d7
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_ia64.deb
    Size/MD5 checksum:   225458 a6beeb5551ffe3d09341160b368bf4f6
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_ia64.deb
    Size/MD5 checksum:   848606 b339d6517e49af9a30b5bed9a42c9222

mips architecture (MIPS (Big Endian))

  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_mips.deb
    Size/MD5 checksum:   784292 439b960fc26cd382f86bbfb20478d7b0
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_mips.deb
    Size/MD5 checksum:   831916 dcfa7a779ae3cdac67cecf847dac0162
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_mips.deb
    Size/MD5 checksum:   792482 357d60661e80f1ee887d2345a119b547
  http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_mips.deb
    Size/MD5 checksum:   164020 c91e5b7e745e2179301d2e75be7d8ee2
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_mips.deb
    Size/MD5 checksum:   165474 eff09f808ce9a23ce659aeeffea398f1
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_mips.deb
    Size/MD5 checksum:   170646 650b55f89ad5530208e49e211f5aebeb

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_mipsel.deb
    Size/MD5 checksum:   164056 b2cbeec53d1eef3e9d0e29adf797548b
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_mipsel.deb
    Size/MD5 checksum:   792108 4fe7f7e85d02706503d1064895607831
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_mipsel.deb
    Size/MD5 checksum:   165674 500cb0c319ee13c14f8d010b3c4457cc
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_mipsel.deb
    Size/MD5 checksum:   811082 c61871a4ac26252046b4e161aeef2dd7
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_mipsel.deb
    Size/MD5 checksum:   784546 b8ba2732071c34bbfe5c10927317f589
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_mipsel.deb
    Size/MD5 checksum:   170522 0919591347253f65b44ddea61f49cbc7

powerpc architecture (PowerPC)

  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_powerpc.deb
    Size/MD5 checksum:   774490 f804de8b26ea6914f0283f79f71d72b2
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_powerpc.deb
    Size/MD5 checksum:   781844 b53e33260b02761cd26c8780b8e81f2b
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_powerpc.deb
    Size/MD5 checksum:   173906 edf0a2342f93af56ffb18a45a934ace3
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_powerpc.deb
    Size/MD5 checksum:   841666 5df4b820f0f196560bd5796d0ad1bad7
  http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_powerpc.deb
    Size/MD5 checksum:   165134 c62f63233f70e51a732c36492fd04ae9
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_powerpc.deb
    Size/MD5 checksum:   169130 44d2765d66141ceb6c6626750a098aaa

s390 architecture (IBM S/390)

  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_s390.deb
    Size/MD5 checksum:   836322 26db7bd743a5c2141c6aee251a9cede0
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_s390.deb
    Size/MD5 checksum:   179832 487db999849a4ac171d86d87d12d3f7f
  http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_s390.deb
    Size/MD5 checksum:   163182 7be52b66b1f79a0d0f76d0183da4104a
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_s390.deb
    Size/MD5 checksum:   768888 87b9a0f806f25692cd2f9a30bd0be9eb
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_s390.deb
    Size/MD5 checksum:   172444 3d9a0b971714e2f9f6c7d15ce387bc93
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_s390.deb
    Size/MD5 checksum:   774446 9c7cf8ac1154f4b8b71615ad8d48ed99

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_sparc.deb
    Size/MD5 checksum:   160204 433e751e98d9010f793cfacf4c809996
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_sparc.deb
    Size/MD5 checksum:   788794 2c4e9c34ccf365fa02bc1f1657e68f35
  http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_sparc.deb
    Size/MD5 checksum:   162412 1bab2e9e64b655babb5f1ef1b7271090
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_sparc.deb
    Size/MD5 checksum:   766110 cc724da5e7cc8b38376d1644d98a144e
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_sparc.deb
    Size/MD5 checksum:   165224 671413f03a06041a824630be23ded9e9
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_sparc.deb
    Size/MD5 checksum:   759596 2070bf93dadb3b3fe1aa387fb0f8e6c7

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Debian (stable)
- ---------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

  http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2.diff.gz
    Size/MD5 checksum:    27675 3cc8e00a5145e9f8f35823f89170ed4e
  http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2.dsc
    Size/MD5 checksum:     1418 02c706202a50b3358769c4c1e9f1a120
  http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2.orig.tar.gz
    Size/MD5 checksum:  2273077 4fe99398a64a34613c9db7bd61bf6e3c

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_alpha.deb
    Size/MD5 checksum:   211250 dcccf85073a2826d5af6e6d438f6c9f6
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_alpha.deb
    Size/MD5 checksum:   224420 33ead51af60c4e6ea8f08b16ebde1e06
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_alpha.deb
    Size/MD5 checksum:   985930 c90004e19361846cbded2fb615eb60ec
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_alpha.deb
    Size/MD5 checksum:  1150080 c3436b5c4979764699a7236674df93cf
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_alpha.deb
    Size/MD5 checksum:   241558 7d28ddb21b9a23f2e4b6302dea9ffc36
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_alpha.deb
    Size/MD5 checksum:   957810 49c87cfe63e61d4c905c2c481b1a88a2

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_amd64.deb
    Size/MD5 checksum:   214620 3d0a0aa6453df3486b5910e198275f84
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_amd64.deb
    Size/MD5 checksum:  1182662 c7a8138e99e78dd772758e4d1db098fe
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_amd64.deb
    Size/MD5 checksum:   230526 1d8262e5c8ce1baddb748a76b836ff79
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_amd64.deb
    Size/MD5 checksum:   951202 76dd51652be02ad2972cbb32df9cbe60
  http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_amd64.deb
    Size/MD5 checksum:   208912 e66d007bbedba4d7e838045e549c64b1
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_amd64.deb
    Size/MD5 checksum:   928736 6f66f5283ad91d0a2b4d56bd629e8305

armel architecture (ARM EABI)

  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_armel.deb
    Size/MD5 checksum:   223972 d139a82972490d1f706ec27cacddadac
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_armel.deb
    Size/MD5 checksum:   920298 d740b279b624e6a475cb7d391f7b2c10
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_armel.deb
    Size/MD5 checksum:   903750 c81c5db454d3263cd6ae51d16c933a6d
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_armel.deb
    Size/MD5 checksum:   209142 e9f8cea7ff20b90a27e1a72a523b3d47
  http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_armel.deb
    Size/MD5 checksum:   209082 a906ad9c5f72efd9cdd561aed4ca8dc9
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_armel.deb
    Size/MD5 checksum:  1151506 7c7546f135977a859ddc976f73b6542d

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_hppa.deb
    Size/MD5 checksum:   939250 04c83feddcf78eaca8136bd4b15bee90
  http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_hppa.deb
    Size/MD5 checksum:   209462 8e62f5740ba733a9a8cde83f045873e2
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_hppa.deb
    Size/MD5 checksum:   227528 9905b63e7ffb02e1b6da0443ad99bbf6
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_hppa.deb
    Size/MD5 checksum:   244642 f127b127e9783af96664f67fab940458
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_hppa.deb
    Size/MD5 checksum:   960844 5c3918da2bdb2bcb6e5775935d101600
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_hppa.deb
    Size/MD5 checksum:  1173380 ef0c131c585f50dd3b1d494be681ad4c

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_i386.deb
    Size/MD5 checksum:   903896 766d2afb93354dc6cfccc719ca5d3a32
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_i386.deb
    Size/MD5 checksum:   923838 54e2efa56e08277cd061ec142167b8f8
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_i386.deb
    Size/MD5 checksum:  1155810 b481158475101fe14cd7086dd09b00ba
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_i386.deb
    Size/MD5 checksum:   228434 806b581b9cb3e7b74b4c5b38d952d496
  http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_i386.deb
    Size/MD5 checksum:   208184 310da7a3545fdd174ae3f7cf7a05d84e
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_i386.deb
    Size/MD5 checksum:   210964 fde8c7b507ef8fca75b3b95557443568

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_ia64.deb
    Size/MD5 checksum:   274076 a242056cc5928023e19189e0dad47a54
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_ia64.deb
    Size/MD5 checksum:  1165456 63a88f4853c990bf6a26744b25ffcd65
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_ia64.deb
    Size/MD5 checksum:   991418 a81c668fb270734005c855f77fbaa1b2
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_ia64.deb
    Size/MD5 checksum:   296182 959638d94a18a01ee393a5388af95e9a
  http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_ia64.deb
    Size/MD5 checksum:   222326 8f7d1012c7920a818ff3387fd672582b
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_ia64.deb
    Size/MD5 checksum:  1019228 f1ee83304b03f4e168a3077577aee4ca

mips architecture (MIPS (Big Endian))

  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_mips.deb
    Size/MD5 checksum:  1193134 69792abd2ebb8ae27741fd5380a15c7d
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_mips.deb
    Size/MD5 checksum:   227940 f59a95b1a51411e2df9f7646166b8bb0
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_mips.deb
    Size/MD5 checksum:   212670 38196676b77101edb8d75e050ccdfa83
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_mips.deb
    Size/MD5 checksum:   950332 3d0b559a946b285580c626796bd79619
  http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_mips.deb
    Size/MD5 checksum:   208940 c4b370ba4637c34fb90b7241d94ad26e
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_mips.deb
    Size/MD5 checksum:   929246 a3250ee1c064f637f4f8b80fe67cc126

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_mipsel.deb
    Size/MD5 checksum:   208632 8e7b0faa4d0fcf82d4832c88040644a4
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_mipsel.deb
    Size/MD5 checksum:  1169800 fec90115dd8a0a4159eb0b32f9d2f547
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_mipsel.deb
    Size/MD5 checksum:   949916 4c476dd885c52cc5de342bf739d84f65
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_mipsel.deb
    Size/MD5 checksum:   212332 d9cccbe468c2228b96c662fab496a06e
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_mipsel.deb
    Size/MD5 checksum:   928636 b3e28a026e7deb8cce632c63b2a7a140
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_mipsel.deb
    Size/MD5 checksum:   227638 75ad8b0dd97c093ff56338d856df7383

powerpc architecture (PowerPC)

  http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_powerpc.deb
    Size/MD5 checksum:   941020 0f242ff442fea24f03c33af08d9e6c75
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_powerpc.deb
    Size/MD5 checksum:  1179540 551daec15eb2ce16e000b2201dba167c
  http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_powerpc.deb
    Size/MD5 checksum:   212734 57c377e5cbef3618e283a1e187045598
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_powerpc.deb
    Size/MD5 checksum:   238114 440e40511e414c3a0c3a4f4bfd479a41
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_powerpc.deb
    Size/MD5 checksum:   922274 73c54c0b54c83950728f60d8cc1727ea
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_powerpc.deb
    Size/MD5 checksum:   222642 74220c8c71a4a5d9af54694d9777a9b0

s390 architecture (IBM S/390)

  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_s390.deb
    Size/MD5 checksum:   223330 8c5ca7bc3655a68e2fc33d11ecc06865
  http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_s390.deb
    Size/MD5 checksum:   209294 e28839caee56080274e61541e035af52
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_s390.deb
    Size/MD5 checksum:  1190688 bd391c517d8ec4b5179f753ef73825a9
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_s390.deb
    Size/MD5 checksum:   931312 dc473f1db5201689c7cb15f41929f780
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_s390.deb
    Size/MD5 checksum:   239904 5f08a1a17220525e249e6dec32a21bfb
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_s390.deb
    Size/MD5 checksum:   912728 368e5d51de6826fce49b35e728a52dda

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_sparc.deb
    Size/MD5 checksum:   207660 84f75b95a33d19a1027b281c136f38ca
  http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_sparc.deb
    Size/MD5 checksum:   208576 4ac3ac2bb012ba68a1872620cc90e3a3
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_sparc.deb
    Size/MD5 checksum:  1134708 3403c94f0c0c32c1e964364337132456
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_sparc.deb
    Size/MD5 checksum:   222562 990364878bde2699a2af470013f90fce
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_sparc.deb
    Size/MD5 checksum:   902436 8f221c8abaab29401bd0434b9add83c8
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_sparc.deb
    Size/MD5 checksum:   918590 2d0b3f1dc2882cc2446ed708c2f2b55e


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@...ts.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkm36v4ACgkQHYflSXNkfP/PaQCfe6xmnRhMoAmhLaEsVrOEwCD2
OKIAoKxDcy9wTjQb4jLMoZ1tAqSuS9jr
=eSVR
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ