-----BEGIN PGP SIGNED MESSAGE-----

===========================================================================
             AUSCERT External Security Bulletin Redistribution

            ESB-2003.0267 -- Debian Security Advisory DSA 282-1
              New glibc packages fix arbitrary code execution
                               10 April 2003

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:                glibc
Vendor:                 Debian
Operating System:       Debian GNU/Linux 3.0
                        Debian GNU/Linux 2.2
                        Linux
Impact:                 Execute Arbitrary Code/Commands
                        Denial of Service
Access Required:        Remote
CVE Names:              CAN-2003-0028

Ref:                    AL-2003.03

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - --------------------------------------------------------------------------
Debian Security Advisory DSA 282-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
April 9th, 2003                         http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package        : glibc
Vulnerability  : integer overflow
Problem-Type   : remote
Debian-specific: no
CVE Id         : CAN-2003-0028
CERT advisory  : VU#516825 CA-2003-10

eEye Digital Security discovered an integer overflow in the
xdrmem_getbytes() function which is also present in GNU libc.  This
function is part of the XDR (external data representation)
encoder/decoder derived from Sun's RPC implementation.  Depending upon
the application, this vulnerability can cause buffer overflows and
could possibly be exploited to execute arbitray code.

For the stable distribution (woody) this problem has been
fixed in version 2.2.5-11.5.

For the old stable distribution (potato) this problem has been
fixed in version 2.1.3-25.

For the unstable distribution (sid) this problem has been
fixed in version 2.3.1-16.

We recommend that you upgrade your libc6 packages.


Upgrade Instructions
- - --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 2.2 alias potato
- - ---------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/g/glibc/glibc_2.1.3-24.dsc
      Size/MD5 checksum:     1060 56a209944950edd0e7bd154bb49a6ff0
    http://security.debian.org/pool/updates/main/g/glibc/glibc_2.1.3-24.diff.gz
      Size/MD5 checksum:   148278 ed41b49981c00c3c8799dc42c48563b1
    http://security.debian.org/pool/updates/main/g/glibc/glibc_2.1.3.orig.tar.gz
      Size/MD5 checksum:  6598238 aea1bb5c28f793013153d1b8f91eb746

  Architecture independent components:

    http://security.debian.org/pool/updates/main/g/glibc/glibc-doc_2.1.3-25_all.deb
      Size/MD5 checksum:  2189610 2de18b6bcac4404202be85090543bb87
    http://security.debian.org/pool/updates/main/g/glibc/i18ndata_2.1.3-25_all.deb
      Size/MD5 checksum:  1062446 fce8025de5390b19f589fe14288e1490

  Alpha architecture:

    http://security.debian.org/pool/updates/main/g/glibc/libc6.1_2.1.3-25_alpha.deb
      Size/MD5 checksum:  7199918 ce96f899259e0417372c668a170e18a1
    http://security.debian.org/pool/updates/main/g/glibc/libc6.1-dbg_2.1.3-25_alpha.deb
      Size/MD5 checksum:  2112200 ad2937b154f5e40068ceed8884a42356
    http://security.debian.org/pool/updates/main/g/glibc/libc6.1-dev_2.1.3-25_alpha.deb
      Size/MD5 checksum:  3046684 d33720e2c0fd326d21937f21ef1578b7
    http://security.debian.org/pool/updates/main/g/glibc/libc6.1-pic_2.1.3-25_alpha.deb
      Size/MD5 checksum:  1115488 5d0a8f7b4148800f107639b9d1d818cd
    http://security.debian.org/pool/updates/main/g/glibc/libc6.1-prof_2.1.3-25_alpha.deb
      Size/MD5 checksum:  1696222 31f623fc298ce12d933f62783c1583fc
    http://security.debian.org/pool/updates/main/g/glibc/libnss1-compat_2.1.3-25_alpha.deb
      Size/MD5 checksum:   208516 59815120c8589b8076f4525339f6118f
    http://security.debian.org/pool/updates/main/g/glibc/locales_2.1.3-25_alpha.deb
      Size/MD5 checksum:  2283954 e5fa51311b742dc3dc0e076d4857aae3
    http://security.debian.org/pool/updates/main/g/glibc/nscd_2.1.3-25_alpha.deb
      Size/MD5 checksum:   108820 bf71281f4ed4b96cbefc43324c1ba918

  ARM architecture:

    http://security.debian.org/pool/updates/main/g/glibc/libc6_2.1.3-25_arm.deb
      Size/MD5 checksum:  2023934 e6a514185544633a811f44b7c36ba3dc
    http://security.debian.org/pool/updates/main/g/glibc/libc6-dbg_2.1.3-25_arm.deb
      Size/MD5 checksum:  2334808 f7a24f185f1d8235d1bd30c2423203c9
    http://security.debian.org/pool/updates/main/g/glibc/libc6-dev_2.1.3-25_arm.deb
      Size/MD5 checksum:  2365074 917a9a8f2d788823cb09ee6c8cdd50b1
    http://security.debian.org/pool/updates/main/g/glibc/libc6-pic_2.1.3-25_arm.deb
      Size/MD5 checksum:   751958 3160ce39d3d4e8b3487a619f224ae134
    http://security.debian.org/pool/updates/main/g/glibc/libc6-prof_2.1.3-25_arm.deb
      Size/MD5 checksum:  1067736 17870d339d81bc1714c71a5b2261e883
    http://security.debian.org/pool/updates/main/g/glibc/locales_2.1.3-25_arm.deb
      Size/MD5 checksum:  2284744 fca6760d3066bf602cfcab6b720cd33e
    http://security.debian.org/pool/updates/main/g/glibc/nscd_2.1.3-25_arm.deb
      Size/MD5 checksum:    36982 5016bad86595811847c897c273aafbed

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/g/glibc/libc6_2.1.3-25_i386.deb
      Size/MD5 checksum:  1901232 019aca330943c17d314ae87464b654c6
    http://security.debian.org/pool/updates/main/g/glibc/libc6-dbg_2.1.3-25_i386.deb
      Size/MD5 checksum:  2441750 a9b73986fbb65ef2eec1335d13481bb6
    http://security.debian.org/pool/updates/main/g/glibc/libc6-dev_2.1.3-25_i386.deb
      Size/MD5 checksum:  2169958 3816e3c7fc581adf8868324a6503f22d
    http://security.debian.org/pool/updates/main/g/glibc/libc6-pic_2.1.3-25_i386.deb
      Size/MD5 checksum:   671274 8e3b1b42a5fc9953d248cac0b7146e20
    http://security.debian.org/pool/updates/main/g/glibc/libc6-prof_2.1.3-25_i386.deb
      Size/MD5 checksum:   935210 3adc57ffc755ab2d95d03e0f33c18de3
    http://security.debian.org/pool/updates/main/g/glibc/libnss1-compat_2.1.3-25_i386.deb
      Size/MD5 checksum:    38556 4281ff663459bdbf52024c594604f8c4
    http://security.debian.org/pool/updates/main/g/glibc/locales_2.1.3-25_i386.deb
      Size/MD5 checksum:  2284744 f22d70017e7537fcb161725ca68809bd
    http://security.debian.org/pool/updates/main/g/glibc/nscd_2.1.3-25_i386.deb
      Size/MD5 checksum:    36204 b64c7ef4d4ec2e2e2de0eb49ccbff267

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/g/glibc/libc6_2.1.3-25_m68k.deb
      Size/MD5 checksum:  1884776 f0323fc95c3eb4819f6c3f913eea5453
    http://security.debian.org/pool/updates/main/g/glibc/libc6-dbg_2.1.3-25_m68k.deb
      Size/MD5 checksum:  2446050 1809c359872b94018d7bd04131d04652
    http://security.debian.org/pool/updates/main/g/glibc/libc6-dev_2.1.3-25_m68k.deb
      Size/MD5 checksum:  2097998 cc8987d786bef19216338bb50299dea5
    http://security.debian.org/pool/updates/main/g/glibc/libc6-pic_2.1.3-25_m68k.deb
      Size/MD5 checksum:   576380 1f99e9eb9da988da48b059ff7c175b39
    http://security.debian.org/pool/updates/main/g/glibc/libc6-prof_2.1.3-25_m68k.deb
      Size/MD5 checksum:   844748 5bb29050d14341d69ecba8643eca8533
    http://security.debian.org/pool/updates/main/g/glibc/libnss1-compat_2.1.3-25_m68k.deb
      Size/MD5 checksum:    36832 5cff62892015c1c869e1f9c8583a0e60
    http://security.debian.org/pool/updates/main/g/glibc/locales_2.1.3-25_m68k.deb
      Size/MD5 checksum:  2270750 484df9fcf1bd58c6f7d7b125986f6c9a
    http://security.debian.org/pool/updates/main/g/glibc/nscd_2.1.3-25_m68k.deb
      Size/MD5 checksum:    35148 a179ad916fd453b1b6660c3023e22353

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/g/glibc/libc6_2.1.3-25_powerpc.deb
      Size/MD5 checksum:  2101592 8c099a7124ae32fcf1c1ea734aeb1f07
    http://security.debian.org/pool/updates/main/g/glibc/libc6-dbg_2.1.3-25_powerpc.deb
      Size/MD5 checksum:  2518230 fe1f796d18277e58c5f75f0019d8aac7
    http://security.debian.org/pool/updates/main/g/glibc/libc6-dev_2.1.3-25_powerpc.deb
      Size/MD5 checksum:  2380426 8467963a2af5595d795afd7119ad8f70
    http://security.debian.org/pool/updates/main/g/glibc/libc6-pic_2.1.3-25_powerpc.deb
      Size/MD5 checksum:   743210 70136f1f255a87b254e17f4144820e7c
    http://security.debian.org/pool/updates/main/g/glibc/libc6-prof_2.1.3-25_powerpc.deb
      Size/MD5 checksum:  1132696 168fcacf40eb78e99669ffd26d4ec5df
    http://security.debian.org/pool/updates/main/g/glibc/locales_2.1.3-25_powerpc.deb
      Size/MD5 checksum:  2284068 b8787c7b9029dd9dc021b60cf8262fba
    http://security.debian.org/pool/updates/main/g/glibc/nscd_2.1.3-25_powerpc.deb
      Size/MD5 checksum:    37652 181378af0b85dac729bca4436f354f49

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/g/glibc/libc6_2.1.3-25_sparc.deb
      Size/MD5 checksum:  2076574 32f74e27acada04b8b5344bfa7532f1c
    http://security.debian.org/pool/updates/main/g/glibc/libc6-dbg_2.1.3-25_sparc.deb
      Size/MD5 checksum:  2496670 d4a4d61cb5ba3c2d1dd3ebc1f0ec3ef1
    http://security.debian.org/pool/updates/main/g/glibc/libc6-dev_2.1.3-25_sparc.deb
      Size/MD5 checksum:  2355240 5596239d4bfbfeb711a4db522ad0e06a
    http://security.debian.org/pool/updates/main/g/glibc/libc6-pic_2.1.3-25_sparc.deb
      Size/MD5 checksum:   745926 a4e6e7ff040a259e649b3cab797e7d5c
    http://security.debian.org/pool/updates/main/g/glibc/libc6-prof_2.1.3-25_sparc.deb
      Size/MD5 checksum:  1055698 8049f65395dd312e1e201791e08f1063
    http://security.debian.org/pool/updates/main/g/glibc/locales_2.1.3-25_sparc.deb
      Size/MD5 checksum:  2270580 9edfe83f497ab6c0dde0c388ee3b4857
    http://security.debian.org/pool/updates/main/g/glibc/nscd_2.1.3-25_sparc.deb
      Size/MD5 checksum:    36926 a3fd355456bf9fc7a9cb29ab2798cf69


Debian GNU/Linux 3.0 alias woody
- - --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/g/glibc/glibc_2.2.5-11.5.dsc
      Size/MD5 checksum:     1358 2128dd49633cd5c3b1988cbfb97b7854
    http://security.debian.org/pool/updates/main/g/glibc/glibc_2.2.5-11.5.diff.gz
      Size/MD5 checksum:   398887 8dcf7e8e201645f9356aa94b2fa51e98
    http://security.debian.org/pool/updates/main/g/glibc/glibc_2.2.5.orig.tar.gz
      Size/MD5 checksum: 11370961 bf5653fdff22ee350bd7d48047cffab9

  Architecture independent components:

    http://security.debian.org/pool/updates/main/g/glibc/glibc-doc_2.2.5-11.5_all.deb
      Size/MD5 checksum:  2698954 a4b3499f4f86d31796017956595f18c2
    http://security.debian.org/pool/updates/main/g/glibc/locales_2.2.5-11.5_all.deb
      Size/MD5 checksum:  3391768 ccf4d44b92bc9d5d17f38a9f4e1f9e54

  Alpha architecture:

    http://security.debian.org/pool/updates/main/g/glibc/libc6.1_2.2.5-11.5_alpha.deb
      Size/MD5 checksum:  4557940 1a32112ed1286c8acb2a576d9123f151
    http://security.debian.org/pool/updates/main/g/glibc/libc6.1-dbg_2.2.5-11.5_alpha.deb
      Size/MD5 checksum:  1350992 069cdc00a62c8c06a5020a85506c1f4b
    http://security.debian.org/pool/updates/main/g/glibc/libc6.1-dev_2.2.5-11.5_alpha.deb
      Size/MD5 checksum:  2981174 929ab468024510f2078b36a5a4e1997f
    http://security.debian.org/pool/updates/main/g/glibc/libc6.1-pic_2.2.5-11.5_alpha.deb
      Size/MD5 checksum:  1321576 7336a7d74fa1e5d68fa650cc55d5c30f
    http://security.debian.org/pool/updates/main/g/glibc/libc6.1-prof_2.2.5-11.5_alpha.deb
      Size/MD5 checksum:  1538914 854241cd12a452ed8f04dcf66a531464
    http://security.debian.org/pool/updates/main/g/glibc/nscd_2.2.5-11.5_alpha.deb
      Size/MD5 checksum:    69640 1095af53ee6857b7a7592ec708fd153d

  ARM architecture:

    http://security.debian.org/pool/updates/main/g/glibc/libc6_2.2.5-11.5_arm.deb
      Size/MD5 checksum:  3686180 9547c339fdde263e06f9c9fb18d9ac05
    http://security.debian.org/pool/updates/main/g/glibc/libc6-dbg_2.2.5-11.5_arm.deb
      Size/MD5 checksum:  2767164 787a84cf5162546ac48a2e8a19707cfc
    http://security.debian.org/pool/updates/main/g/glibc/libc6-dev_2.2.5-11.5_arm.deb
      Size/MD5 checksum:  2863216 772ff3fe834e555803f84751fc1845c2
    http://security.debian.org/pool/updates/main/g/glibc/libc6-pic_2.2.5-11.5_arm.deb
      Size/MD5 checksum:  1182134 d104d8825db6427367db4d776071c8b5
    http://security.debian.org/pool/updates/main/g/glibc/libc6-prof_2.2.5-11.5_arm.deb
      Size/MD5 checksum:  1282574 3e3cc28c6ec11f334624156cd813ab2d
    http://security.debian.org/pool/updates/main/g/glibc/nscd_2.2.5-11.5_arm.deb
      Size/MD5 checksum:    59440 662fe182f46f986741e9461d241a8ad0

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/g/glibc/libc6_2.2.5-11.5_i386.deb
      Size/MD5 checksum:  3383242 88a2bbfffcc4125509cf78631b1d3a2f
    http://security.debian.org/pool/updates/main/g/glibc/libc6-dbg_2.2.5-11.5_i386.deb
      Size/MD5 checksum:  2433570 019e5dbe83388bfa12fdad4f48717ca9
    http://security.debian.org/pool/updates/main/g/glibc/libc6-dev_2.2.5-11.5_i386.deb
      Size/MD5 checksum:  2390800 5ced1e1586515842f2300c1cd140f67b
    http://security.debian.org/pool/updates/main/g/glibc/libc6-pic_2.2.5-11.5_i386.deb
      Size/MD5 checksum:   841732 50e4e73d3c7add8af88d4df27c872d85
    http://security.debian.org/pool/updates/main/g/glibc/libc6-prof_2.2.5-11.5_i386.deb
      Size/MD5 checksum:   935936 bd742abc5d56e19955c8794165b96504
    http://security.debian.org/pool/updates/main/g/glibc/nscd_2.2.5-11.5_i386.deb
      Size/MD5 checksum:    59142 505aed2356c75ea29148f90fd03f7432

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/g/glibc/libc6.1_2.2.5-11.5_ia64.deb
      Size/MD5 checksum:  4438298 4bea230883a4b96e2315984f885c5162
    http://security.debian.org/pool/updates/main/g/glibc/libc6.1-dbg_2.2.5-11.5_ia64.deb
      Size/MD5 checksum:  8369294 589c5c026edf5410aed18f8fb0865ce5
    http://security.debian.org/pool/updates/main/g/glibc/libc6.1-dev_2.2.5-11.5_ia64.deb
      Size/MD5 checksum:  3556560 022504d7f330daefb5298aedd6f03b88
    http://security.debian.org/pool/updates/main/g/glibc/libc6.1-pic_2.2.5-11.5_ia64.deb
      Size/MD5 checksum:  1365928 bab379b7a288decf813563f2c0d2a0dc
    http://security.debian.org/pool/updates/main/g/glibc/libc6.1-prof_2.2.5-11.5_ia64.deb
      Size/MD5 checksum:  1638180 7c3ccfd83eb009382c18fa561a058d14
    http://security.debian.org/pool/updates/main/g/glibc/nscd_2.2.5-11.5_ia64.deb
      Size/MD5 checksum:    69704 47978d0dcb743b86bb9b29b1fbe62b5d

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/g/glibc/libc6_2.2.5-11.5_hppa.deb
      Size/MD5 checksum:  4171184 8f780d2ac704c5e8b3468702cbfb0428
    http://security.debian.org/pool/updates/main/g/glibc/libc6-dbg_2.2.5-11.5_hppa.deb
      Size/MD5 checksum:  3060650 8d77b1e94bd87eb1f4a005908bcdac32
    http://security.debian.org/pool/updates/main/g/glibc/libc6-dev_2.2.5-11.5_hppa.deb
      Size/MD5 checksum:  2897378 9a06f0ea55d096be897b8e22f3f5b473
    http://security.debian.org/pool/updates/main/g/glibc/libc6-pic_2.2.5-11.5_hppa.deb
      Size/MD5 checksum:  1280628 630bdfa4d8865f29a7ec206be2823070
    http://security.debian.org/pool/updates/main/g/glibc/libc6-prof_2.2.5-11.5_hppa.deb
      Size/MD5 checksum:  1445686 1af3470215cb24f454394a6af687fece
    http://security.debian.org/pool/updates/main/g/glibc/nscd_2.2.5-11.5_hppa.deb
      Size/MD5 checksum:    62562 4b1a20714a54b034ca938f272f702c9c

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/g/glibc/libc6_2.2.5-11.5_m68k.deb
      Size/MD5 checksum:  3505802 e3a4f018e815abf9667178065abdca9e
    http://security.debian.org/pool/updates/main/g/glibc/libc6-dbg_2.2.5-11.5_m68k.deb
      Size/MD5 checksum:  2430342 f087e51e37cc299f7417eb7d728f846a
    http://security.debian.org/pool/updates/main/g/glibc/libc6-dev_2.2.5-11.5_m68k.deb
      Size/MD5 checksum:  2284984 31dd21b885ee48bd36af9a4ae3d2a98d
    http://security.debian.org/pool/updates/main/g/glibc/libc6-pic_2.2.5-11.5_m68k.deb
      Size/MD5 checksum:   731598 555c94e942e75e4caee44c6dabb69975
    http://security.debian.org/pool/updates/main/g/glibc/libc6-prof_2.2.5-11.5_m68k.deb
      Size/MD5 checksum:   838994 5e694f497bd3b0ed883d66b09cfffbb3
    http://security.debian.org/pool/updates/main/g/glibc/nscd_2.2.5-11.5_m68k.deb
      Size/MD5 checksum:    57994 720e10db51e651c92ce2233c956d9bb5

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/g/glibc/libc6_2.2.5-11.5_mips.deb
      Size/MD5 checksum:  3864536 60e8e46396d13b5415f4e5110aeca6a5
    http://security.debian.org/pool/updates/main/g/glibc/libc6-dbg_2.2.5-11.5_mips.deb
      Size/MD5 checksum:  3846240 108d7042f8e2ae5e68b0820b0e4ce69b
    http://security.debian.org/pool/updates/main/g/glibc/libc6-dev_2.2.5-11.5_mips.deb
      Size/MD5 checksum:  2979598 fe7f138cdaf9c42121fbbc24157b2b51
    http://security.debian.org/pool/updates/main/g/glibc/libc6-pic_2.2.5-11.5_mips.deb
      Size/MD5 checksum:  1204054 f5d9a0ebfb33cc4e2acf955c3fbc9319
    http://security.debian.org/pool/updates/main/g/glibc/libc6-prof_2.2.5-11.5_mips.deb
      Size/MD5 checksum:  1358510 854c9a6368a0c390a6a9373e92da15ad
    http://security.debian.org/pool/updates/main/g/glibc/nscd_2.2.5-11.5_mips.deb
      Size/MD5 checksum:    61080 cf386c07d34d99674e73b16b2b8fe9e6

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/g/glibc/libc6_2.2.5-11.5_mipsel.deb
      Size/MD5 checksum:  3731790 7f14fa28975e1023bab01b019d32e3c5
    http://security.debian.org/pool/updates/main/g/glibc/libc6-dbg_2.2.5-11.5_mipsel.deb
      Size/MD5 checksum:  3753344 6760272aa32f5afb0402e9149abe54d8
    http://security.debian.org/pool/updates/main/g/glibc/libc6-dev_2.2.5-11.5_mipsel.deb
      Size/MD5 checksum:  2984884 05a09ecdfcdf0f2ee7589cf649d95a9f
    http://security.debian.org/pool/updates/main/g/glibc/libc6-pic_2.2.5-11.5_mipsel.deb
      Size/MD5 checksum:  1198332 a152c9a640c969828dfb0ef9ce806d93
    http://security.debian.org/pool/updates/main/g/glibc/libc6-prof_2.2.5-11.5_mipsel.deb
      Size/MD5 checksum:  1353506 a0127e7260805cfd20cf604ffde9c15b
    http://security.debian.org/pool/updates/main/g/glibc/nscd_2.2.5-11.5_mipsel.deb
      Size/MD5 checksum:    61056 468295bec5af9dcabf0f591719d659a4

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/g/glibc/libc6_2.2.5-11.5_powerpc.deb
      Size/MD5 checksum:  3980054 5b21b7902fc0240705358219791a2973
    http://security.debian.org/pool/updates/main/g/glibc/libc6-dbg_2.2.5-11.5_powerpc.deb
      Size/MD5 checksum:  2869772 70ddcfb567a6e0e96dcf80b7e3429213
    http://security.debian.org/pool/updates/main/g/glibc/libc6-dev_2.2.5-11.5_powerpc.deb
      Size/MD5 checksum:  2819998 ec855989ee52ac696f3555b6ae8a6304
    http://security.debian.org/pool/updates/main/g/glibc/libc6-pic_2.2.5-11.5_powerpc.deb
      Size/MD5 checksum:  1148640 ce2682dc94bd7918cfc5a5b2f9f90472
    http://security.debian.org/pool/updates/main/g/glibc/libc6-prof_2.2.5-11.5_powerpc.deb
      Size/MD5 checksum:  1343480 4f19534a5b36c5dc8697978b26753c4e
    http://security.debian.org/pool/updates/main/g/glibc/nscd_2.2.5-11.5_powerpc.deb
      Size/MD5 checksum:    60092 a86a046ffed960dabe01589d9b6846e7

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/g/glibc/libc6_2.2.5-11.5_s390.deb
      Size/MD5 checksum:  3937044 cef155bc1380cedf6e1a04379ad69680
    http://security.debian.org/pool/updates/main/g/glibc/libc6-dbg_2.2.5-11.5_s390.deb
      Size/MD5 checksum:  1229072 077a044ce92840fbf1f27cf0704cf63c
    http://security.debian.org/pool/updates/main/g/glibc/libc6-dev_2.2.5-11.5_s390.deb
      Size/MD5 checksum:  2612750 c59fabc87136ebf25a7d240f98255eee
    http://security.debian.org/pool/updates/main/g/glibc/libc6-pic_2.2.5-11.5_s390.deb
      Size/MD5 checksum:  1108308 a5110bc5152b349ec8b07c15219fdb8d
    http://security.debian.org/pool/updates/main/g/glibc/libc6-prof_2.2.5-11.5_s390.deb
      Size/MD5 checksum:  1187274 2395e11b270c409e0a61965c9b43ede5
    http://security.debian.org/pool/updates/main/g/glibc/nscd_2.2.5-11.5_s390.deb
      Size/MD5 checksum:    61084 e85a53a12a4977648c689e94b9235ac0

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/g/glibc/libc6_2.2.5-11.5_sparc.deb
      Size/MD5 checksum:  3863234 2a6e1727718ad00a306354d2e8620074
    http://security.debian.org/pool/updates/main/g/glibc/libc6-dbg_2.2.5-11.5_sparc.deb
      Size/MD5 checksum:  2816434 7a20f9ec7b96ef6eed505d778ac2f61c
    http://security.debian.org/pool/updates/main/g/glibc/libc6-dev_2.2.5-11.5_sparc.deb
      Size/MD5 checksum:  2800138 0396a67a7d87f85a7ca1b353d59b92c8
    http://security.debian.org/pool/updates/main/g/glibc/libc6-dev-sparc64_2.2.5-11.5_sparc.deb
      Size/MD5 checksum:  1631874 8096a1edf9446b961adf4d6169317c9b
    http://security.debian.org/pool/updates/main/g/glibc/libc6-pic_2.2.5-11.5_sparc.deb
      Size/MD5 checksum:  1146550 147836fbf781cc0d675ca7642569ece5
    http://security.debian.org/pool/updates/main/g/glibc/libc6-prof_2.2.5-11.5_sparc.deb
      Size/MD5 checksum:  1258128 5bd59e0275a5507b8c1567e4c64f88db
    http://security.debian.org/pool/updates/main/g/glibc/libc6-sparc64_2.2.5-11.5_sparc.deb
      Size/MD5 checksum:  4184708 6fc94ccb2e7e6f880e45e40a94ca2e92
    http://security.debian.org/pool/updates/main/g/glibc/nscd_2.2.5-11.5_sparc.deb
      Size/MD5 checksum:    59990 b47df77ad5958347d6c5fba0b14ce678


  These files will probably be moved into the stable distribution on
  its next revision.

- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE+lAHlW5ql+IAeqTIRAoyJAJ9ollYSSLQBiFkVbCSgO12W7BYMtwCfYtHg
w3aKolALv9NlabgFa5EATjk=
=uLMo
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content.  The decision to use any or all of this information is
the responsibility of each user or organisation, and should be done so in
accordance with site policies and procedures.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

If you believe that your system has been compromised, contact AusCERT or
your representative in FIRST (Forum of Incident Response and Security
Teams).

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business 
                hours which are GMT+10:00 (AEST).  On call after hours 
                for member emergencies only.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
Comment: http://www.auscert.org.au/render.html?it=1967

iQCVAwUBPpVnEyh9+71yA2DNAQGSHAQAkQ6i6LrNYM2MwQf2T/nTOsc9UD/CpRN5
u55o/MbUgBjgEr3cGNqiWh52eM+nzjBGdrOVI5hJPBFmACT/YY+oEOUTQgLQkuST
jnBcydD4f86lGaVBSUSHZBPG4cOqyEnOh24KhaQHRJ5kRLp9h9YGjyy8RhyIffq2
/KekiLDLzGM=
=kpnh
-----END PGP SIGNATURE-----