Operating System:

[Debian]

Published:

06 August 2007

Protect yourself against future threats.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                         ESB-2007.0587 -- [Debian]
        New xpdf and poppler packages fix arbitrary code execution
                               6 August 2007

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              xpdf
                      poppler
Publisher:            Debian
Operating System:     Debian GNU/Linux 4.0
                      Debian GNU/Linux 3.1
Impact:               Execute Arbitrary Code/Commands
Access:               Remote/Unauthenticated
CVE Names:            CVE-2007-3387

Ref:                  ESB-2007.0573

Original Bulletin:    http://www.debian.org/security/2007/dsa-1347
                      http://www.debian.org/security/2007/dsa-1348

Comment: This bulletin contains two separate Debian advisories, fixing
         the same PDF handling vulnerability in xpdf and poppler.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - --------------------------------------------------------------------------
Debian Security Advisory DSA 1347-1                    security@debian.org
http://www.debian.org/security/                         Moritz Muehlenhoff
August 4th, 2007                        http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package        : xpdf
Vulnerability  : integer overflow
Problem type   : local (remote)
Debian-specific: no
CVE ID         : CVE-2007-3387

It was discovered that an integer overflow in the xpdf PDF viewer may lead
to the execution of arbitrary code if a malformed PDF file is opened.

For the oldstable distribution (sarge) this problem has been fixed in
version 3.00-13.7.

For the stable distribution (etch) this problem has been fixed in
version 3.01-9etch1.

For the unstable distribution (sid) this problem will be fixed soon.

We recommend that you upgrade your xpdf packages.


Upgrade Instructions
- - --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge
- - --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.00-13.7.dsc
      Size/MD5 checksum:      781 0e263d3ecbd956af7d756e6b10b450b9
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.00-13.7.diff.gz
      Size/MD5 checksum:    51994 73102654c2dc695ba52153332cf6355e
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.00.orig.tar.gz
      Size/MD5 checksum:   534697 95294cef3031dd68e65f331e8750b2c2

  Architecture independent components:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-common_3.00-13.7_all.deb
      Size/MD5 checksum:    56612 3844dc954e1b076cedb1df334f1d9fee
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.00-13.7_all.deb
      Size/MD5 checksum:     1276 894fe92a845e0e211e0217c590bd59b8

  Alpha architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.7_alpha.deb
      Size/MD5 checksum:   803682 da21c5c482000a03a782310682a17c61
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.7_alpha.deb
      Size/MD5 checksum:  1528526 634bc43be530058b8df65cb8477add20

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.7_amd64.deb
      Size/MD5 checksum:   668656 7c5d4d69e1415bedc58ee5fea3c0ba4e
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.7_amd64.deb
      Size/MD5 checksum:  1275056 5b449abdea091655726bf3263d06c24b

  ARM architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.7_arm.deb
      Size/MD5 checksum:   675168 4c806b183382516f9b228fcb534a5fc2
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.7_arm.deb
      Size/MD5 checksum:  1280198 eccbbcb5fb6688685e6274d393d06c58

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.6_hppa.deb
      Size/MD5 checksum:   833234 53a85c49c0d0ed760da1ac5bd256cc1c
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.6_hppa.deb
      Size/MD5 checksum:  1581132 b830198ef741369f777e4a231c2b2352

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.7_i386.deb
      Size/MD5 checksum:   657156 69e930d035bf8e338da085162061f8f2
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.7_i386.deb
      Size/MD5 checksum:  1242988 208188fd587d1bf6d76ce0b83b2d14d1

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.7_ia64.deb
      Size/MD5 checksum:   951362 8a68c556f5cb892f22305d8be9906d63
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.7_ia64.deb
      Size/MD5 checksum:  1803002 4f339242fb23f7d564f6909db48d3b6e

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.7_m68k.deb
      Size/MD5 checksum:   586488 de9ba73580d4c5ae1d9587dee185c5f2
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.7_m68k.deb
      Size/MD5 checksum:  1117854 4c573f4e9433eeb2b07659c78dd34e8e

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.7_mips.deb
      Size/MD5 checksum:   808354 53efd66f685a4dbfc81548373c4c7b14
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.7_mips.deb
      Size/MD5 checksum:  1525936 f102ccb14e87431e7920f0856b46f896

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.7_mipsel.deb
      Size/MD5 checksum:   798650 d5f16d74b898d95480b3a7411328340f
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.7_mipsel.deb
      Size/MD5 checksum:  1504484 63e65bbdd21f3290f5ff7fe8f2605489

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.7_powerpc.deb
      Size/MD5 checksum:   694722 08e6ef661dd969b992ed8e524860c6d0
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.7_powerpc.deb
      Size/MD5 checksum:  1313852 cc4faa2d9a6f34e0f2617150d0ed4983

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.7_s390.deb
      Size/MD5 checksum:   631070 af2bcecc6f6020ba4716446dc72b627b
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.7_s390.deb
      Size/MD5 checksum:  1199558 ce19e172165131f98d8b436849ba1c08

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.7_sparc.deb
      Size/MD5 checksum:   626964 eda25a6a10d0e69f51d686ea23a99480
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.7_sparc.deb
      Size/MD5 checksum:  1182548 6560c5dd893ce3fca7f0c86b022a818e


Debian GNU/Linux 4.0 alias etch
- - -------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9etch1.dsc
      Size/MD5 checksum:      968 d8dc0eef65699dd4ba038a096d2a81e4
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9etch1.diff.gz
      Size/MD5 checksum:    34901 b432feb9ba16a593df406baba307df1b
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01.orig.tar.gz
      Size/MD5 checksum:   599778 e004c69c7dddef165d768b1362b44268

  Architecture independent components:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-common_3.01-9etch1_all.deb
      Size/MD5 checksum:    61024 7c0fd8bfc7fc90bc5c17464700edb42f
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9etch1_all.deb
      Size/MD5 checksum:     1278 7e5c71c975f30e46a6cb50d3bbff5adc

  Alpha architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9etch1_alpha.deb
      Size/MD5 checksum:   905816 03bf81436242b6a3b9aaf3f0b2bb3164
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9etch1_alpha.deb
      Size/MD5 checksum:  1651508 3432db911ace408ae0f7dad55eac0f2b

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9etch1_amd64.deb
      Size/MD5 checksum:   794428 e24ed84c50324d45177ae0235db5a313
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9etch1_amd64.deb
      Size/MD5 checksum:  1455166 590fc7c28c6c70cacc043fd64473c4ef

  ARM architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9etch1_arm.deb
      Size/MD5 checksum:   787430 7eb238efc796199d130b295c62092cd0
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9etch1_arm.deb
      Size/MD5 checksum:  1429968 e238b03168bfede6bf830a304ff50620

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9etch1_i386.deb
      Size/MD5 checksum:   781640 c9d20758cf278db78638def045a863c5
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9etch1_i386.deb
      Size/MD5 checksum:  1423878 68bd5716e0f169d5086b2fd00e7d8f4a

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9etch1_ia64.deb
      Size/MD5 checksum:  1195858 cbbdd5d6d0414169145dbdf3fea12707
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9etch1_ia64.deb
      Size/MD5 checksum:  2165458 21e2ed7de71da57d66751757ef53342d

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9etch1_mips.deb
      Size/MD5 checksum:   944050 8c6990ce24678d320e2e867f4878a730
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9etch1_mips.deb
      Size/MD5 checksum:  1707498 be641af6c68aa385ac279915239749fc

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9etch1_mipsel.deb
      Size/MD5 checksum:   931700 41a0d5de1726aab65964ed65de106fa8
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9etch1_mipsel.deb
      Size/MD5 checksum:  1686070 9ed4f7c4d3f0a1a0a2606a76022c9bea

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9etch1_powerpc.deb
      Size/MD5 checksum:   833600 8f1e3926bb539d37386a9e614c5a8dda
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9etch1_powerpc.deb
      Size/MD5 checksum:  1520882 6000cb9a1adadcd8b150bb642fe1040f

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9etch1_s390.deb
      Size/MD5 checksum:   752384 9e58b3a148b490a0869a1b2ea6450157
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9etch1_s390.deb
      Size/MD5 checksum:  1363574 315e1ce79f6f2b8a7765cc453925bfc0

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9etch1_sparc.deb
      Size/MD5 checksum:   750250 e6d86666b4b9b2050ed1a144411f613f
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9etch1_sparc.deb
      Size/MD5 checksum:  1363236 a7ccb1bdcb2880c6e72387250e0f4c59


  These files will probably be moved into the stable distribution on
  its next update.

- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGtHcIXm3vHE4uyloRAv3iAKCkzmPesmHDYuafUZUYbC3LbImLrQCeP9z5
NV/iPAHAmQE7vlyD6mvn/Qg=
=QwZF
- -----END PGP SIGNATURE-----



- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - --------------------------------------------------------------------------
Debian Security Advisory DSA 1348-1                    security@debian.org
http://www.debian.org/security/                         Moritz Muehlenhoff
August 4th, 2007                        http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package        : poppler
Vulnerability  : integer overflow
Problem type   : local (remote)
Debian-specific: no
CVE ID         : CVE-2007-3387

It was discovered that an integer overflow in the xpdf PDF viewer may lead
to the execution of arbitrary code if a malformed PDF file is opened.

poppler includes a copy of the xpdf code and required an update as well.

The oldstable distribution (sarge) doesn't include poppler.

For the stable distribution (etch) this problem has been fixed in
version 0.4.5-5.1etch1.

For the unstable distribution (sid) this problem will be fixed soon.

We recommend that you upgrade your poppler packages.


Upgrade Instructions
- - --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch
- - -------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/p/poppler/poppler_0.4.5-5.1etch1.dsc
      Size/MD5 checksum:      749 b1346c2cb4aee0ae1ca33ba060094007
    http://security.debian.org/pool/updates/main/p/poppler/poppler_0.4.5-5.1etch1.diff.gz
      Size/MD5 checksum:   482690 2f989d0448c2692300bd751bf522f5bd
    http://security.debian.org/pool/updates/main/p/poppler/poppler_0.4.5.orig.tar.gz
      Size/MD5 checksum:   783752 2bb1c75aa3f9c42f0ba48b5492e6d32c

  Alpha architecture:

    http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.4.5-5.1etch1_alpha.deb
      Size/MD5 checksum:   773812 d76d764076316ae07e8087303cc30992
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.4.5-5.1etch1_alpha.deb
      Size/MD5 checksum:    55132 cb35ceb01b25cdfc3f79442b3448d02b
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.4.5-5.1etch1_alpha.deb
      Size/MD5 checksum:    33820 a4a9c2b76f3701a78a9b14e970bb5ba1
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2_0.4.5-5.1etch1_alpha.deb
      Size/MD5 checksum:   504252 a9026c228974e16e5d89a25042ad7318
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-glib_0.4.5-5.1etch1_alpha.deb
      Size/MD5 checksum:    42904 c9bdb4e29ddad178743b31e90713c000
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-qt_0.4.5-5.1etch1_alpha.deb
      Size/MD5 checksum:    30346 6955b6218af2165b20e231d25e804514
    http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.4.5-5.1etch1_alpha.deb
      Size/MD5 checksum:    86226 ec4c7750b60b527c1ffadcdccc2fc511

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.4.5-5.1etch1_amd64.deb
      Size/MD5 checksum:   611808 4cf7b4f5c7913c534e137cde3a02f48d
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.4.5-5.1etch1_amd64.deb
      Size/MD5 checksum:    45814 24824bf98843df51422173dd1420ffcd
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.4.5-5.1etch1_amd64.deb
      Size/MD5 checksum:    30766 9d5a8cac9a7c6988ed72134992cdad1b
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2_0.4.5-5.1etch1_amd64.deb
      Size/MD5 checksum:   456460 1efb9a77c4f2ac098e24d93adb45c9bf
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-glib_0.4.5-5.1etch1_amd64.deb
      Size/MD5 checksum:    41300 4b809ddb231c59b108002aac26b2478f
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-qt_0.4.5-5.1etch1_amd64.deb
      Size/MD5 checksum:    29528 5d0c79cd1b94df97d21ecce34e8fdfc3
    http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.4.5-5.1etch1_amd64.deb
      Size/MD5 checksum:    83972 e0e8cd89085e72d350fd43e56021ced9

  ARM architecture:

    http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.4.5-5.1etch1_arm.deb
      Size/MD5 checksum:   592632 63898117c4adef3f675f1b918d9aea82
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.4.5-5.1etch1_arm.deb
      Size/MD5 checksum:    44500 d5a82185b30a5e855a236a08395bcb21
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.4.5-5.1etch1_arm.deb
      Size/MD5 checksum:    30532 451a4ffa778a82ccd9dbe54f2f239c92
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2_0.4.5-5.1etch1_arm.deb
      Size/MD5 checksum:   437908 0a6689b9a291458d022f9369650b7e17
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-glib_0.4.5-5.1etch1_arm.deb
      Size/MD5 checksum:    39610 f2a40182a431d998a73a7c0dc40998a8
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-qt_0.4.5-5.1etch1_arm.deb
      Size/MD5 checksum:    29242 58097f3bd8ce4c571f162b50ddfcec06
    http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.4.5-5.1etch1_arm.deb
      Size/MD5 checksum:    82498 7d3d731f89241c00b3107a1f2ad74ce8

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.4.5-5.1etch1_i386.deb
      Size/MD5 checksum:   573554 725e3b628ecfb382bfd9d75049d24f84
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.4.5-5.1etch1_i386.deb
      Size/MD5 checksum:    44092 93d59749719868c9e8e855ba5be957c1
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.4.5-5.1etch1_i386.deb
      Size/MD5 checksum:    30104 d867bd597db2deb7a818780addad7c46
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2_0.4.5-5.1etch1_i386.deb
      Size/MD5 checksum:   443208 3c98ad946f941c338ce310c4dd58974f
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-glib_0.4.5-5.1etch1_i386.deb
      Size/MD5 checksum:    40564 1d30a6edbb90f4ce1c477ed5be4e66f0
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-qt_0.4.5-5.1etch1_i386.deb
      Size/MD5 checksum:    29336 ba2d26951c5f57b25319c00370f5d4d1
    http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.4.5-5.1etch1_i386.deb
      Size/MD5 checksum:    80734 4c162ed3aa37045dd23a9aaf97d62f7d

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.4.5-5.1etch1_ia64.deb
      Size/MD5 checksum:   808452 36eddb1c87e228a10e040e4aa810dd9f
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.4.5-5.1etch1_ia64.deb
      Size/MD5 checksum:    54684 ee6598a0976411bc0642a18fbac9ec9f
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.4.5-5.1etch1_ia64.deb
      Size/MD5 checksum:    33624 232ee172a92e67387fd0d2f0a85a44cc
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2_0.4.5-5.1etch1_ia64.deb
      Size/MD5 checksum:   613016 24b0da95fed8f02496f3bde2f16ff34d
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-glib_0.4.5-5.1etch1_ia64.deb
      Size/MD5 checksum:    47654 eb848894eda39ab7489a88cb31437ea1
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-qt_0.4.5-5.1etch1_ia64.deb
      Size/MD5 checksum:    32046 62595c13e89cff5556267b8d154f6549
    http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.4.5-5.1etch1_ia64.deb
      Size/MD5 checksum:   105128 ba70646ab595919bb3624431170e9384

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.4.5-5.1etch1_mips.deb
      Size/MD5 checksum:   672040 1461dead73436314eb88935df1ae9b13
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.4.5-5.1etch1_mips.deb
      Size/MD5 checksum:    49638 7ee217f6d2f57a2e788092f1dfc7f0a3
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.4.5-5.1etch1_mips.deb
      Size/MD5 checksum:    32002 90d28e7f4057ded75ca7cb7737cdce8e
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2_0.4.5-5.1etch1_mips.deb
      Size/MD5 checksum:   456562 fb22da4c7ea123176dcdb4021ed2dce4
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-glib_0.4.5-5.1etch1_mips.deb
      Size/MD5 checksum:    41234 c296d08bdf88d83c995f5051127b19ba
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-qt_0.4.5-5.1etch1_mips.deb
      Size/MD5 checksum:    29720 c31f5aa7cc55fc91efc83213e06791c9
    http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.4.5-5.1etch1_mips.deb
      Size/MD5 checksum:    86744 663cd6aa6d9ee644aa3274338f6e34e6

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.4.5-5.1etch1_mipsel.deb
      Size/MD5 checksum:   664562 a76a9ae04b3d9079316460dfd37541cf
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.4.5-5.1etch1_mipsel.deb
      Size/MD5 checksum:    49610 9c4bf1245c7b16b6b216bbcf621204b4
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.4.5-5.1etch1_mipsel.deb
      Size/MD5 checksum:    32034 fc77f927262ce430bcd065748b73ad66
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2_0.4.5-5.1etch1_mipsel.deb
      Size/MD5 checksum:   444222 1d2caa1d87e4d0b43418949153943187
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-glib_0.4.5-5.1etch1_mipsel.deb
      Size/MD5 checksum:    41046 070d0467544cb0581f0b3c133bad9d06
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-qt_0.4.5-5.1etch1_mipsel.deb
      Size/MD5 checksum:    29680 e37a2a5a6c24e9417cd67db9897fd486
    http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.4.5-5.1etch1_mipsel.deb
      Size/MD5 checksum:    86486 aef8e31c38421662f3a875eb10d686e5

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.4.5-5.1etch1_powerpc.deb
      Size/MD5 checksum:   651526 05cf43f123f3e547456cd8ab4469c609
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.4.5-5.1etch1_powerpc.deb
      Size/MD5 checksum:    47968 bfa6208065b64793934a43132c1421e3
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.4.5-5.1etch1_powerpc.deb
      Size/MD5 checksum:    31240 4d570e4ed7ee00fcc509b211cc06cfa1
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2_0.4.5-5.1etch1_powerpc.deb
      Size/MD5 checksum:   472044 5468d5759aab624d75a5ae5ec8f80ea3
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-glib_0.4.5-5.1etch1_powerpc.deb
      Size/MD5 checksum:    42980 588a81cdeaf6331b5bdd03b72039aea8
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-qt_0.4.5-5.1etch1_powerpc.deb
      Size/MD5 checksum:    31274 1e1dbc0e4eda9c8f69ff370110d1c294
    http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.4.5-5.1etch1_powerpc.deb
      Size/MD5 checksum:    89146 475c8547c2286342097e71ca8be5e8f9

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.4.5-5.1etch1_s390.deb
      Size/MD5 checksum:   621210 ed5404bd2125854397cbd66d833122ca
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.4.5-5.1etch1_s390.deb
      Size/MD5 checksum:    46662 f136bcbde244026bd7a5cb382909cf00
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.4.5-5.1etch1_s390.deb
      Size/MD5 checksum:    30396 48b3fdfa120eb49bb55fbb4dd61386cb
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2_0.4.5-5.1etch1_s390.deb
      Size/MD5 checksum:   453426 267940fd3f7e641db873334b5bacc1fe
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-glib_0.4.5-5.1etch1_s390.deb
      Size/MD5 checksum:    41518 c32030d7252d0e5b0a40988723e36239
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-qt_0.4.5-5.1etch1_s390.deb
      Size/MD5 checksum:    29298 dd5bd8caf52912a5b5e4ebc3f1b1833f
    http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.4.5-5.1etch1_s390.deb
      Size/MD5 checksum:    80530 897b5056de7468e496e225668055d58a

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.4.5-5.1etch1_sparc.deb
      Size/MD5 checksum:   582952 c2d24c1f0036704fe390e629d679c56a
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.4.5-5.1etch1_sparc.deb
      Size/MD5 checksum:    44374 27e3b0f740919f3519f8cd1146b18f96
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.4.5-5.1etch1_sparc.deb
      Size/MD5 checksum:    30458 faccd537766990407a2720fe72ad437e
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2_0.4.5-5.1etch1_sparc.deb
      Size/MD5 checksum:   443556 38ec6210f11c0c2e55c5b8d47dd5c17e
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-glib_0.4.5-5.1etch1_sparc.deb
      Size/MD5 checksum:    40288 3af24912658ddecae77870cba99d7ca6
    http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-qt_0.4.5-5.1etch1_sparc.deb
      Size/MD5 checksum:    29122 00d80797d532b53164c3a6b62f78fc43
    http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.4.5-5.1etch1_sparc.deb
      Size/MD5 checksum:    78120 5106a5323bfcf84b61ed6d0cc8203a27


  These files will probably be moved into the stable distribution on
  its next update.

- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGtHkBXm3vHE4uyloRAuynAKCgWW4OTcuG40TFb8C60YtthFWl1ACfccAZ
Y0s6KFcUQrACYB7XloHUbwA=
=IkSZ
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

If you believe that your computer system has been compromised or attacked in 
any way, we encourage you to let us know by completing the secure National IT 
Incident Reporting Form at:

        http://www.auscert.org.au/render.html?it=3192

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================

-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQCVAwUBRrZ5hih9+71yA2DNAQJokgP9HoLGPqy75XBZZGlxwQEcznOyZavIaJER
Z7hwNoN6O8pz85WPKl9jJL7pKjODcVcHG3mwUO/O02WsDXgK9AUsTbEDip6jFZqD
yO8n626Jgbb9sGsCKwN4xL1ArWJQ3IblMKMlyKddOP2ptO9I3zgWxRX3yCz50XYq
C7KeCXEoKr4=
=Fwav
-----END PGP SIGNATURE-----