-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                         ESB-2005.0978 -- [Debian]
             New curl packages fix potential security problem
                             13 December 2005

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           curl
Publisher:         Debian
Operating System:  Debian GNU/Linux 3.1
                   Debian GNU/Linux 3.0
Impact:            Execute Arbitrary Code/Commands
                   Denial of Service
                   Reduced Security
Access:            Remote/Unauthenticated
CVE Names:         CVE-2005-4077 CVE-2005-3185

Ref:               ESB-2005.0869
                   ESB-2005.0820
                   ESB-2005.0974

Original Bulletin: http://www.debian.org/security/2005/dsa-919

Comment: This advisory references vulnerabilities in products which run on
         platforms other than Debian. It is recommended that administrators
         running curl check for an updated version of the software for
         their operating system.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - --------------------------------------------------------------------------
Debian Security Advisory DSA 919-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
December 12th, 2005                     http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package        : curl
Vulnerability  : buffer overflow
Problem type   : local (remote)
Debian-specific: no
CVE ID         : CVE-2005-4077 CVE-2005-3185
BugTraq ID     : 15756 15102 15647
Debian Bug     : 342339 342696

Several problems were discovered in libcurl, a multi-protocol file
transfer library.  The Common Vulnerabilities and Exposures project
identifies the following problems:

CVE-2005-3185

    A vulnerability has been discovered a buffer overflow in libcurl
    that could allow the execution of arbitrary code.

CVE-2005-4077

    Stefan Esser discovered several off-by-one errors that allows
    local users to trigger a buffer overflow and cause a denial of
    service or bypass PHP security restrictions via certain URLs.

For the old stable distribution (woody) these problems have been fixed in
version 7.9.5-1woody1.

For the stable distribution (sarge) these problems have been fixed in
version 7.13.2-2sarge4.  This update also includes a bugfix against
data corruption.

For the unstable distribution (sid) these problems have been fixed in
version 7.15.1-1.

We recommend that you upgrade your libcurl packages.


Upgrade Instructions
- - --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- - --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/c/curl/curl_7.9.5-1woody1.dsc
      Size/MD5 checksum:      603 c7980d3b9589f2ef20390a70e0b4de74
    http://security.debian.org/pool/updates/main/c/curl/curl_7.9.5-1woody1.diff.gz
      Size/MD5 checksum:    16631 e35ec4ff7161fa158c04c8cbf716d159
    http://security.debian.org/pool/updates/main/c/curl/curl_7.9.5.orig.tar.gz
      Size/MD5 checksum:   682397 a4df6bb5aa8962c204e73c8f98077928

  Alpha architecture:

    http://security.debian.org/pool/updates/main/c/curl/curl_7.9.5-1woody1_alpha.deb
      Size/MD5 checksum:   118498 584184fdc57b0b302b1c16b293222492
    http://security.debian.org/pool/updates/main/c/curl/libcurl-dev_7.9.5-1woody1_alpha.deb
      Size/MD5 checksum:   195922 6a58bcdea99e866fdfbad573b3d6ef8d
    http://security.debian.org/pool/updates/main/c/curl/libcurl2_7.9.5-1woody1_alpha.deb
      Size/MD5 checksum:   116574 799b6ccd5c223cd8580c8e4fc610fef8

  ARM architecture:

    http://security.debian.org/pool/updates/main/c/curl/curl_7.9.5-1woody1_arm.deb
      Size/MD5 checksum:   114452 028489639e478d66a6223c7a2175cac9
    http://security.debian.org/pool/updates/main/c/curl/libcurl-dev_7.9.5-1woody1_arm.deb
      Size/MD5 checksum:   172978 ad531498826aaa48ec0e2eb5c2df7207
    http://security.debian.org/pool/updates/main/c/curl/libcurl2_7.9.5-1woody1_arm.deb
      Size/MD5 checksum:   101852 c7df9a970ef2f5a1ac11f6aae2c539be

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/c/curl/curl_7.9.5-1woody1_i386.deb
      Size/MD5 checksum:   112954 55c016b60375a465dd139b25a9860e3b
    http://security.debian.org/pool/updates/main/c/curl/libcurl-dev_7.9.5-1woody1_i386.deb
      Size/MD5 checksum:   163696 c88d95d412ef529c8eebc9d21a5d6006
    http://security.debian.org/pool/updates/main/c/curl/libcurl2_7.9.5-1woody1_i386.deb
      Size/MD5 checksum:   100482 ca2e1ea6b2508888814e75101a9936bf

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/c/curl/curl_7.9.5-1woody1_ia64.deb
      Size/MD5 checksum:   122062 7476d36d7530caab9aa08c8c24bc7b17
    http://security.debian.org/pool/updates/main/c/curl/libcurl-dev_7.9.5-1woody1_ia64.deb
      Size/MD5 checksum:   210310 5ef9167039cdf11ba26f5380265e9f0e
    http://security.debian.org/pool/updates/main/c/curl/libcurl2_7.9.5-1woody1_ia64.deb
      Size/MD5 checksum:   139432 6c924348404f96a9d534485d231da013

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/c/curl/curl_7.9.5-1woody1_hppa.deb
      Size/MD5 checksum:   116424 a94545e972184368284431251dc81bc0
    http://security.debian.org/pool/updates/main/c/curl/libcurl-dev_7.9.5-1woody1_hppa.deb
      Size/MD5 checksum:   186366 a9ef087b21652930a452f9aa61e17040
    http://security.debian.org/pool/updates/main/c/curl/libcurl2_7.9.5-1woody1_hppa.deb
      Size/MD5 checksum:   112976 9f67b8e55d8578f97913aef8135251cc

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/c/curl/curl_7.9.5-1woody1_m68k.deb
      Size/MD5 checksum:   112776 246260a28117b2c1fc01d9754e4dc4fe
    http://security.debian.org/pool/updates/main/c/curl/libcurl-dev_7.9.5-1woody1_m68k.deb
      Size/MD5 checksum:   159130 3e9ce9d21bbdce3688ddbaf4f260ac2f
    http://security.debian.org/pool/updates/main/c/curl/libcurl2_7.9.5-1woody1_m68k.deb
      Size/MD5 checksum:    97160 01ce2ddf9d7a91373bc02086a0718225

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/c/curl/curl_7.9.5-1woody1_mips.deb
      Size/MD5 checksum:   115468 6e64a1534418bb425a1ad1dc2be0e1f9
    http://security.debian.org/pool/updates/main/c/curl/libcurl-dev_7.9.5-1woody1_mips.deb
      Size/MD5 checksum:   183938 5978db39fe8acd2a4042c6f184129211
    http://security.debian.org/pool/updates/main/c/curl/libcurl2_7.9.5-1woody1_mips.deb
      Size/MD5 checksum:   105234 2e48fba8ba1392918aa0c0ad95b0d237

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/c/curl/curl_7.9.5-1woody1_mipsel.deb
      Size/MD5 checksum:   115494 0c3bdfc2517c81dda03e999505711af5
    http://security.debian.org/pool/updates/main/c/curl/libcurl-dev_7.9.5-1woody1_mipsel.deb
      Size/MD5 checksum:   183856 aef61efcb299d750e575eb1e8cc0a500
    http://security.debian.org/pool/updates/main/c/curl/libcurl2_7.9.5-1woody1_mipsel.deb
      Size/MD5 checksum:   105328 830278f24a115bf4dfa2a57517507faa

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/c/curl/curl_7.9.5-1woody1_powerpc.deb
      Size/MD5 checksum:   115064 36a580ccb525717018023223252a2dad
    http://security.debian.org/pool/updates/main/c/curl/libcurl-dev_7.9.5-1woody1_powerpc.deb
      Size/MD5 checksum:   181490 7af33b2711cea9edd18a1e0bf76b7908
    http://security.debian.org/pool/updates/main/c/curl/libcurl2_7.9.5-1woody1_powerpc.deb
      Size/MD5 checksum:   106400 362227268352e1b6345d665e46cad9f4

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/c/curl/curl_7.9.5-1woody1_s390.deb
      Size/MD5 checksum:   114380 e67536f6369452d7eb9c68a526b50acc
    http://security.debian.org/pool/updates/main/c/curl/libcurl-dev_7.9.5-1woody1_s390.deb
      Size/MD5 checksum:   167516 6a47b2681d358a72dd2da46cd282cde3
    http://security.debian.org/pool/updates/main/c/curl/libcurl2_7.9.5-1woody1_s390.deb
      Size/MD5 checksum:   104362 f48b9e5257fb2d933676f1bdedf65700

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/c/curl/curl_7.9.5-1woody1_sparc.deb
      Size/MD5 checksum:   114212 dcc862dfac0b145a85dd41ee26b8f68a
    http://security.debian.org/pool/updates/main/c/curl/libcurl-dev_7.9.5-1woody1_sparc.deb
      Size/MD5 checksum:   173280 9d4005552173802f517f84c7b7ff6e7c
    http://security.debian.org/pool/updates/main/c/curl/libcurl2_7.9.5-1woody1_sparc.deb
      Size/MD5 checksum:   107954 1bcfdf01ff3c281aca72220de9c36285


Debian GNU/Linux 3.1 alias sarge
- - --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/c/curl/curl_7.13.2-2sarge4.dsc
      Size/MD5 checksum:      810 da7861471f869f9a9ec5134d5fd38d19
    http://security.debian.org/pool/updates/main/c/curl/curl_7.13.2-2sarge4.diff.gz
      Size/MD5 checksum:   171255 d385dd607b786b7f850a9f24babcc65a
    http://security.debian.org/pool/updates/main/c/curl/curl_7.13.2.orig.tar.gz
      Size/MD5 checksum:  2201086 b3bd4a303f35f9a2a3ed3671cedf8329

  Alpha architecture:

    http://security.debian.org/pool/updates/main/c/curl/curl_7.13.2-2sarge4_alpha.deb
      Size/MD5 checksum:   150884 bd55a60b515ee8c2465fd17f7de29d50
    http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.13.2-2sarge4_alpha.deb
      Size/MD5 checksum:   251276 2f8cc5197eb54c78b18f25f63207d286
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.13.2-2sarge4_alpha.deb
      Size/MD5 checksum:  1010862 797c1b435ae57f09704840682615fed9
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-dev_7.13.2-2sarge4_alpha.deb
      Size/MD5 checksum:  1279412 1d9b9bcaeb4f55b4e1029ab24b74cb7f
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-gssapi_7.13.2-2sarge4_alpha.deb
      Size/MD5 checksum:   132164 b81c4278c3cbdf9c78266ca451110745

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/c/curl/curl_7.13.2-2sarge4_amd64.deb
      Size/MD5 checksum:   148002 b56233f49b100362e368b03e66218720
    http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.13.2-2sarge4_amd64.deb
      Size/MD5 checksum:   239260 d13d8eaecec3d63810e1ed73a6268ee2
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.13.2-2sarge4_amd64.deb
      Size/MD5 checksum:  1004100 712cffdd8bb0678bbd5372f8038bf743
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-dev_7.13.2-2sarge4_amd64.deb
      Size/MD5 checksum:  1237918 5b7ab2089d6c421223ab1d5bca45ccc8
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-gssapi_7.13.2-2sarge4_amd64.deb
      Size/MD5 checksum:   119332 a29338d6eebb002f76b64eb8db25669d

  ARM architecture:

    http://security.debian.org/pool/updates/main/c/curl/curl_7.13.2-2sarge4_arm.deb
      Size/MD5 checksum:   147036 4d7dd6a1e18101e9f82ca47bd71adee6
    http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.13.2-2sarge4_arm.deb
      Size/MD5 checksum:   232254 7e7aa0f0d63d809380c5cf16a7bd9998
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.13.2-2sarge4_arm.deb
      Size/MD5 checksum:  1006512 1b6bba8334374b9a0973834db013deec
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-dev_7.13.2-2sarge4_arm.deb
      Size/MD5 checksum:  1236324 d6e759826948dfc0b85100aa0721acbd
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-gssapi_7.13.2-2sarge4_arm.deb
      Size/MD5 checksum:   112850 6a4bb805155911126e0da34c9a69caba

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/c/curl/curl_7.13.2-2sarge4_i386.deb
      Size/MD5 checksum:   146622 b5c28b5df70be2f14ccc38ba76445184
    http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.13.2-2sarge4_i386.deb
      Size/MD5 checksum:   237394 deeefb82e0e50917d334cd58e941c703
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.13.2-2sarge4_i386.deb
      Size/MD5 checksum:  1003560 5a072f044f577601edf276a80eee1a16
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-dev_7.13.2-2sarge4_i386.deb
      Size/MD5 checksum:  1223642 101c390bd001489d4338f18b64c7564f
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-gssapi_7.13.2-2sarge4_i386.deb
      Size/MD5 checksum:   118476 0b34194348da0cf2e73833791321f8be

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/c/curl/curl_7.13.2-2sarge4_ia64.deb
      Size/MD5 checksum:   156700 c40c8b873384b31606d0f86f62f87d62
    http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.13.2-2sarge4_ia64.deb
      Size/MD5 checksum:   279198 15bb908f6a841d8ffab2051484691d6d
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.13.2-2sarge4_ia64.deb
      Size/MD5 checksum:  1014686 c515f26ae840693a7af303b939e533de
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-dev_7.13.2-2sarge4_ia64.deb
      Size/MD5 checksum:  1293752 a96384202ca09ebb218eb7ab0872da4d
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-gssapi_7.13.2-2sarge4_ia64.deb
      Size/MD5 checksum:   160754 e197fcb10908f1201b12105d6a4fe988

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/c/curl/curl_7.13.2-2sarge4_hppa.deb
      Size/MD5 checksum:   150516 e80d05b29994e4a4aa921a060f1aaa4a
    http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.13.2-2sarge4_hppa.deb
      Size/MD5 checksum:   251178 95c1f4a011dd7509e631326175c6f4ac
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.13.2-2sarge4_hppa.deb
      Size/MD5 checksum:  1002034 069328e53c666557d876adc4c7df762a
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-dev_7.13.2-2sarge4_hppa.deb
      Size/MD5 checksum:  1253588 66b90d2a50a329df1a6d2deb5db11caf
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-gssapi_7.13.2-2sarge4_hppa.deb
      Size/MD5 checksum:   132258 345e3389c3d58356d4324b6cb09b4ce1

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/c/curl/curl_7.13.2-2sarge4_m68k.deb
      Size/MD5 checksum:   144622 dcd9d447dc466637937f1390df4efe8c
    http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.13.2-2sarge4_m68k.deb
      Size/MD5 checksum:   227834 d354dcd599d04d9c592b8fdbbe833775
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.13.2-2sarge4_m68k.deb
      Size/MD5 checksum:   998522 83c7e2d7474f2bc623d3fa19db556c94
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-dev_7.13.2-2sarge4_m68k.deb
      Size/MD5 checksum:  1211958 a3e925c82c058b01971a781462d56fe9
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-gssapi_7.13.2-2sarge4_m68k.deb
      Size/MD5 checksum:   108658 c59d11114a8209e7fec2b5fd608e3864

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/c/curl/curl_7.13.2-2sarge4_mips.deb
      Size/MD5 checksum:   149912 722a66107541a6d2ae823f46b1459743
    http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.13.2-2sarge4_mips.deb
      Size/MD5 checksum:   237422 08c3c48899e33babbc9bc8f3d8b8d97d
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.13.2-2sarge4_mips.deb
      Size/MD5 checksum:  1007542 26b4bee9ab3ece84e1a2ef5bc0cfa815
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-dev_7.13.2-2sarge4_mips.deb
      Size/MD5 checksum:  1246952 ab4a46b14f124baad25a1c15e5f84f5d
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-gssapi_7.13.2-2sarge4_mips.deb
      Size/MD5 checksum:   118446 76a1ed48d045c6eec4ac3a9246adf369

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/c/curl/curl_7.13.2-2sarge4_mipsel.deb
      Size/MD5 checksum:   150000 68e58cb1e4a76411d44f0cc28bed3dac
    http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.13.2-2sarge4_mipsel.deb
      Size/MD5 checksum:   237988 53b75c49f88e29ea3b0615a33d1d179f
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.13.2-2sarge4_mipsel.deb
      Size/MD5 checksum:  1010926 a31f246e13a31e422d6abd4637e7d79f
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-dev_7.13.2-2sarge4_mipsel.deb
      Size/MD5 checksum:  1247194 ae4a7ceb8e33c0f6d6e0ea017c1fd5a7
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-gssapi_7.13.2-2sarge4_mipsel.deb
      Size/MD5 checksum:   118908 499638c1e407f837d438eb3ee25b71c5

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/c/curl/curl_7.13.2-2sarge4_powerpc.deb
      Size/MD5 checksum:   150630 9d498e220cf3f1ea0bed9eba37895994
    http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.13.2-2sarge4_powerpc.deb
      Size/MD5 checksum:   243434 e115acf14a63f9c2a19d42b1963ca7a0
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.13.2-2sarge4_powerpc.deb
      Size/MD5 checksum:  1640952 fa15696dc540f1615672417c997761b3
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-dev_7.13.2-2sarge4_powerpc.deb
      Size/MD5 checksum:  1245276 db89abb638e975cdbcc0381b4123ea10
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-gssapi_7.13.2-2sarge4_powerpc.deb
      Size/MD5 checksum:   124126 78380f53d3d3656f87ea7d407e0ecd37

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/c/curl/curl_7.13.2-2sarge4_s390.deb
      Size/MD5 checksum:   148600 4660101e4a8bd44eb68ef9ea80d95502
    http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.13.2-2sarge4_s390.deb
      Size/MD5 checksum:   246602 de14f2625c352dc0f96981759b7ae94d
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.13.2-2sarge4_s390.deb
      Size/MD5 checksum:  1025394 ea2821337cbbefffa7833cc8f2f73aae
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-dev_7.13.2-2sarge4_s390.deb
      Size/MD5 checksum:  1240726 1942bd69e7d06c8fa4f0aefda94a2b54
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-gssapi_7.13.2-2sarge4_s390.deb
      Size/MD5 checksum:   127424 a7412a250bd42c0cfe74d054a76e4352

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/c/curl/curl_7.13.2-2sarge4_sparc.deb
      Size/MD5 checksum:   147624 92c2113d31613a17dad62bf4585bb96d
    http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.13.2-2sarge4_sparc.deb
      Size/MD5 checksum:   236962 defcd15ad18e2110105685aa592c36cb
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.13.2-2sarge4_sparc.deb
      Size/MD5 checksum:   996594 515599851d6c7bc75edd4bd2a85e1b22
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-dev_7.13.2-2sarge4_sparc.deb
      Size/MD5 checksum:  1232322 4680ad497ca64e90d3a8cfc10f134ca7
    http://security.debian.org/pool/updates/main/c/curl/libcurl3-gssapi_7.13.2-2sarge4_sparc.deb
      Size/MD5 checksum:   117968 8b50fcf2af77f3f5b075797c3f5db265


  These files will probably be moved into the stable distribution on
  its next update.

- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD4DBQFDnXUzW5ql+IAeqTIRAmxbAJji1JPfzDpUQi+smmNU5/TsirpDAJ40kBPm
yi4IyEbiGOj4PQSTFUBrog==
=w5uH
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

If you believe that your computer system has been compromised or attacked in 
any way, we encourage you to let us know by completing the secure National IT 
Incident Reporting Form at:

        http://www.auscert.org.au/render.html?it=3192

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================

-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQCVAwUBQ54LcSh9+71yA2DNAQKW5wP/cRrXY+r9AjNLHJ2OT3FdU/Xmp+pHrX7f
YI6U7D9WTZb3IcnOer6vaITh7LK6Si37IMpIilF0BvTE7aUPYOYJ4mKXkUh43Vmo
n+2R5jTVC3rY22CxKp92o1xx7U4z4J5D+55xzAqI4IfHqub99d7aLIKQo0poh3Rz
A0F+Efh9frA=
=Bunj
-----END PGP SIGNATURE-----