Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2007.0322 -- [UNIX/Linux]
New qt4-x11 packages fix cross-site scripting vulnerability
16 May 2007
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: qt4-x11
Publisher: Debian
Operating System: Debian GNU/Linux
UNIX variants (UNIX, Linux, OSX)
Impact: Cross-site Scripting
Reduced Security
Access: Remote/Unauthenticated
CVE Names: CVE-2007-0242
Original Bulletin:
http://www.debian.org/security/2007/dsa-1292
http://www.trolltech.com/company/newsroom/announcements/press.2007-03-30.9172215350
Comment: This advisory references vulnerabilities in products which run on
platforms other than Debian. It is recommended that administrators
running QT4 check for an updated version of the software for
their operating system.
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - ------------------------------------------------------------------------
Debian Security Advisory DSA-1292-1 security@debian.org
http://www.debian.org/security/ Noah Meyerhans
May 15, 2007
- - ------------------------------------------------------------------------
Package : qt4-x11
Vulnerability : missing input validation
Problem type : local (remote)
Debian-specific: no
CVE Id(s) : CVE-2007-0242
BugTraq ID : 23269
Debian Bug : 417391
Andreas Nolden discovered a bug in the UTF8 decoding routines in
qt4-x11, a C++ GUI library framework, that could allow remote
attackers to conduct cross-site scripting (XSS) and directory
traversal attacks via long sequences that decode to dangerous
metacharacters.
For the stable distribution (etch), this problem has been fixed in version
4.2.1-2etch1
For the testing and unstable distribution (lenny and sid, respectively),
this problem has been fixed in version 4.2.2-2
We recommend that you upgrade your qt4-x11 package.
Upgrade instructions
- - --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian (stable)
- - ---------------
Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-x11_4.2.1-2etch1.dsc
Size/MD5 checksum: 1390 4c2ac9fc65dc3d31b90473d7ec038f1f
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-x11_4.2.1.orig.tar.gz
Size/MD5 checksum: 37069122 2ab1c88084f55b94809f025a8503bf18
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-x11_4.2.1-2etch1.diff.gz
Size/MD5 checksum: 22806 26c69455f8d09fffdfb9413a18f69174
Architecture independent packages:
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-doc_4.2.1-2etch1_all.deb
Size/MD5 checksum: 21219244 450031c80fd48650103cb7dfb72ea4d3
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.2.1-2etch1_alpha.deb
Size/MD5 checksum: 1275656 9881f80acbf96bd8279b1ea27bd01486
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.2.1-2etch1_alpha.deb
Size/MD5 checksum: 1382940 c69e58cc57b87c77332d21f9b8325f94
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.2.1-2etch1_alpha.deb
Size/MD5 checksum: 804814 bdda30be03d1c5cda09caf4c3b7e8803
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.2.1-2etch1_alpha.deb
Size/MD5 checksum: 354964 14a3d2e028391002861dc94d448880b4
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.2.1-2etch1_alpha.deb
Size/MD5 checksum: 99652 99eddea5a7be2cfccff4689955ebe7b4
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-debug_4.2.1-2etch1_alpha.deb
Size/MD5 checksum: 57674544 824c85f2ab97e6f480d60730e7244e13
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.2.1-2etch1_alpha.deb
Size/MD5 checksum: 4784924 76f7f0e56ad72818a905ce5f6eaf55f0
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.2.1-2etch1_alpha.deb
Size/MD5 checksum: 1105144 274482c1b490076e2f05c758ec4dc495
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.2.1-2etch1_alpha.deb
Size/MD5 checksum: 4983572 1805e33b31231fea005abf49c40f3f59
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.2.1-2etch1_amd64.deb
Size/MD5 checksum: 1060908 d1132452139c18dd3d2ac96608a4c8f0
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.2.1-2etch1_amd64.deb
Size/MD5 checksum: 4450316 a4c5af2560005fe85390c54f26118364
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.2.1-2etch1_amd64.deb
Size/MD5 checksum: 1218820 98d8ef5491e28a96d4ce1e1392341819
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.2.1-2etch1_amd64.deb
Size/MD5 checksum: 4289826 072954140ccc4baa4869479f52a22d54
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.2.1-2etch1_amd64.deb
Size/MD5 checksum: 314114 3c4fbf8805f823cce3a19663749ce28f
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-debug_4.2.1-2etch1_amd64.deb
Size/MD5 checksum: 57719944 6623d3a7b981512c9ade3377d56f1293
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.2.1-2etch1_amd64.deb
Size/MD5 checksum: 1149424 77f92b9998c9e72cd55be91743a98b74
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.2.1-2etch1_amd64.deb
Size/MD5 checksum: 745864 777718c827eb9469d1b0d00e3c022f99
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.2.1-2etch1_amd64.deb
Size/MD5 checksum: 93040 617ba9729040e8e807de83a42c5faff5
arm architecture (ARM)
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.2.1-2etch1_arm.deb
Size/MD5 checksum: 1055018 c366aa156f8e69a474c48564bc62c961
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.2.1-2etch1_arm.deb
Size/MD5 checksum: 93776 7a9f2fe985d327054315b9395d9a2302
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.2.1-2etch1_arm.deb
Size/MD5 checksum: 1298716 e310e6d3f68b3d253a127c9568659bce
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.2.1-2etch1_arm.deb
Size/MD5 checksum: 4541218 ffd64eb36975ea6966fa97ccc475e876
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-debug_4.2.1-2etch1_arm.deb
Size/MD5 checksum: 56246534 31a36213f160a55ace99aae498e7365d
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.2.1-2etch1_arm.deb
Size/MD5 checksum: 1210244 bb4fac86e13a3517f2e44c86a9c27740
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.2.1-2etch1_arm.deb
Size/MD5 checksum: 4794816 6ed6b5646d239e646b5801c18b74acd2
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.2.1-2etch1_arm.deb
Size/MD5 checksum: 307298 a7b9d7864221d557ac0d5095e63dc4f8
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.2.1-2etch1_arm.deb
Size/MD5 checksum: 770368 8d6748f88f3a9351298e0e347f408a43
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.2.1-2etch1_hppa.deb
Size/MD5 checksum: 809216 1fe4fc9cdfe28bfad2414b4bec85af74
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.2.1-2etch1_hppa.deb
Size/MD5 checksum: 1128178 b8f54f880176fe7e12895ad9064c7c93
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.2.1-2etch1_hppa.deb
Size/MD5 checksum: 1340368 255976d3ae74ca14515472d488901e64
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-debug_4.2.1-2etch1_hppa.deb
Size/MD5 checksum: 58312188 d2f094e801e33e16a9446fe3572ca610
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.2.1-2etch1_hppa.deb
Size/MD5 checksum: 355658 a95ec7dcf56c20b954aee8ff10b0f173
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.2.1-2etch1_hppa.deb
Size/MD5 checksum: 4739266 4143c9da6aa61901a3625d77c5c3c153
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.2.1-2etch1_hppa.deb
Size/MD5 checksum: 96074 140da2f0044b74ad4383d25ed34fc468
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.2.1-2etch1_hppa.deb
Size/MD5 checksum: 5280406 781a99fd06622a1990eaabd07d2e2712
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.2.1-2etch1_hppa.deb
Size/MD5 checksum: 1465076 dbd19481eb0e288eb7feeb31166821b4
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.2.1-2etch1_i386.deb
Size/MD5 checksum: 94586 eb2c6657681088447e0a585adf983138
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.2.1-2etch1_i386.deb
Size/MD5 checksum: 1066694 0c65ef16a35d69e972071299e1d3a13e
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.2.1-2etch1_i386.deb
Size/MD5 checksum: 4550080 81753f24013af9c577c7eb771434afbc
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.2.1-2etch1_i386.deb
Size/MD5 checksum: 4199428 bbf899840ae7286865a92c9e17940291
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.2.1-2etch1_i386.deb
Size/MD5 checksum: 312216 48fc45a20df755a11f06e17b34800fa6
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-debug_4.2.1-2etch1_i386.deb
Size/MD5 checksum: 57201286 b3050cfaf7da40499b893a10d34303f0
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.2.1-2etch1_i386.deb
Size/MD5 checksum: 1251866 754eca55b5ff761ac5bcaf210561dd72
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.2.1-2etch1_i386.deb
Size/MD5 checksum: 746044 b488d7f7346dabef14ca25337efc5b94
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.2.1-2etch1_i386.deb
Size/MD5 checksum: 1166868 5c6e7224ac092a5d662c21348bab2faf
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-debug_4.2.1-2etch1_ia64.deb
Size/MD5 checksum: 60656170 7b72a4b2d98515ee515a7f10c9de1054
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.2.1-2etch1_ia64.deb
Size/MD5 checksum: 1157546 51a41ba4dbacde924848a945a1f81b21
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.2.1-2etch1_ia64.deb
Size/MD5 checksum: 5375122 f5650dc28f8d1904477f84fa002a53ff
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.2.1-2etch1_ia64.deb
Size/MD5 checksum: 1740530 5203ed92c63ece02d823fa33bba90f19
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.2.1-2etch1_ia64.deb
Size/MD5 checksum: 6199458 d80d3c0c99eedff63b6232e19c5251fa
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.2.1-2etch1_ia64.deb
Size/MD5 checksum: 462094 4dbedf485d1ec9b8f58da266dc8d401c
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.2.1-2etch1_ia64.deb
Size/MD5 checksum: 905070 433ea41ca28261e92f47f743963f1468
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.2.1-2etch1_ia64.deb
Size/MD5 checksum: 1546870 a689b021b507768cd7d0baeb2754934a
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.2.1-2etch1_ia64.deb
Size/MD5 checksum: 108218 fa39a4c25e8bda9df57226b85922ac14
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.2.1-2etch1_mips.deb
Size/MD5 checksum: 775224 97d4a39c282ca5a44ba10d74c6e1074d
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.2.1-2etch1_mips.deb
Size/MD5 checksum: 1267642 52a55aac3703510174eff514946e4621
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.2.1-2etch1_mips.deb
Size/MD5 checksum: 4575350 ee7acf7cc6cebaf05ddd3a31a1fadf27
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.2.1-2etch1_mips.deb
Size/MD5 checksum: 4509728 db94a4a237eaefa2bf447f94bc888ec9
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.2.1-2etch1_mips.deb
Size/MD5 checksum: 1093532 d0aa4bcf536d5d7989cd8071af33217c
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-debug_4.2.1-2etch1_mips.deb
Size/MD5 checksum: 60613590 1b0d386bcca8a00db87ca5a4e23e402a
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.2.1-2etch1_mips.deb
Size/MD5 checksum: 1180824 54c2a87fd8d67361ebf5c78270f6a66b
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.2.1-2etch1_mips.deb
Size/MD5 checksum: 320206 7789c807a1fe31b4864c0c7807d4726f
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.2.1-2etch1_mips.deb
Size/MD5 checksum: 89790 7d8dc360830c9e26886997b7d936f865
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-debug_4.2.1-2etch1_mipsel.deb
Size/MD5 checksum: 58682414 6ccf415d98066de8c88740f333650e75
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.2.1-2etch1_mipsel.deb
Size/MD5 checksum: 88984 f0d917896869a60c73d04143da8eb9ed
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.2.1-2etch1_mipsel.deb
Size/MD5 checksum: 4501958 e639d6d42ebcf1740d89aab3d0bb2349
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.2.1-2etch1_mipsel.deb
Size/MD5 checksum: 1244648 a61de73073314a993b1c496269f2386b
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.2.1-2etch1_mipsel.deb
Size/MD5 checksum: 1165558 56cdfe56228f4997fdb4d55de9fe69c7
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.2.1-2etch1_mipsel.deb
Size/MD5 checksum: 767872 12efd46d666b5bba92988f8978d9de2f
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.2.1-2etch1_mipsel.deb
Size/MD5 checksum: 1084962 c84ae262e8e990b023b983398c2fa264
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.2.1-2etch1_mipsel.deb
Size/MD5 checksum: 317962 86654f4e48815b73433cc490552bac34
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.2.1-2etch1_mipsel.deb
Size/MD5 checksum: 4458462 b7da275811d0876147c89679719e6bda
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.2.1-2etch1_powerpc.deb
Size/MD5 checksum: 1260698 434fe2dea53091d065a051ebdfd185df
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.2.1-2etch1_powerpc.deb
Size/MD5 checksum: 314962 62d1fc646a8c3bfb4088de4cf8eefd0c
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.2.1-2etch1_powerpc.deb
Size/MD5 checksum: 745092 1e2dbc6fcf92f9d7dd4dab742801b2b5
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.2.1-2etch1_powerpc.deb
Size/MD5 checksum: 92554 b8b238fa9a91213c282d6acb4a36c01a
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.2.1-2etch1_powerpc.deb
Size/MD5 checksum: 4305914 ec352d9fa9ba15e7ad8d3208a1f4e88f
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.2.1-2etch1_powerpc.deb
Size/MD5 checksum: 1091118 3adfc9ee772f23aa0d0d86be3ae7b701
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.2.1-2etch1_powerpc.deb
Size/MD5 checksum: 4613226 3d8e6ecb9ff861f444b04e5c0032f6d5
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-debug_4.2.1-2etch1_powerpc.deb
Size/MD5 checksum: 59534372 abe612c0bd5106df037b8d13773474b1
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.2.1-2etch1_powerpc.deb
Size/MD5 checksum: 1208706 80591ac1f934fc4586cf75c3f18a2ef9
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.2.1-2etch1_s390.deb
Size/MD5 checksum: 1293112 98d87330afadfceeb02a9485ae462f09
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.2.1-2etch1_s390.deb
Size/MD5 checksum: 755026 9f57b048c549abf1d5afbce1254c0866
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.2.1-2etch1_s390.deb
Size/MD5 checksum: 1234676 e0ebb9c25313368b191a1787abf45068
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.2.1-2etch1_s390.deb
Size/MD5 checksum: 334764 0c2bc32d9b9b556c36afd728ca611dd8
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-debug_4.2.1-2etch1_s390.deb
Size/MD5 checksum: 60276010 62f1448ae21529981eaf5c951e88934c
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.2.1-2etch1_s390.deb
Size/MD5 checksum: 84988 59d44e33d426d4c0cd33cc73d2408bfb
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.2.1-2etch1_s390.deb
Size/MD5 checksum: 4187694 c96e42864ad741ce3937df5b3d6a4859
http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.2.1-2etch1_s390.deb
Size/MD5 checksum: 1055562 c7991163a1460813235e40bedb1a09de
http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.2.1-2etch1_s390.deb
Size/MD5 checksum: 4604590 fb787e541f7e908a2de260a59c4273a3
These files will probably be moved into the stable distribution on
its next update.
- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGSjD1YrVLjBFATsMRAhqPAKCLTVNW1vNwOXnR0ENrd7gzJgN9EgCcCp5s
SJMfhwSAJKBoWF3cMS0E9ks=
=l3Xa
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBRkpI9Ch9+71yA2DNAQK13QP9Gg/lcD+XLGydbpl2dmfpDIGysAeD8YmV
5Wu6l+xM1Beul4HAKQmwW0dMkwUckOEWnyqxwA1QQaKJnqmmrUcW8uHtbna795Jl
jCkwUDD8Z8ypDrGCOpa4VXm8LNcL0Z5zb6O3PhrSvp8aVKuugKc4lIEmYvhFuV8w
1hpiBY/2Wdo=
=caes
-----END PGP SIGNATURE-----