Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2008.0743 -- [Debian]
New icedove packages fix several vulnerabilities
28 July 2008
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: icedove
Publisher: Debian
Operating System: Debian GNU/Linux 4.0
Impact: Execute Arbitrary Code/Commands
Provide Misleading Information
Increased Privileges
Read-only Data Access
Access: Remote/Unauthenticated
CVE Names: CVE-2008-2811 CVE-2008-2809 CVE-2008-2807
CVE-2008-2803 CVE-2008-2802 CVE-2008-2799
CVE-2008-2798 CVE-2008-2785 CVE-2008-0304
Ref: AA-2008.0158
Original Bulletin: http://www.debian.org/security/2008/dsa-1621
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - ------------------------------------------------------------------------
Debian Security Advisory DSA-1621-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
July 27, 2008 http://www.debian.org/security/faq
- - ------------------------------------------------------------------------
Package : icedove
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2008-0304 CVE-2008-2785 CVE-2008-2798 CVE-2008-2799 CVE-2008-2802 CVE-2008-2803 CVE-2008-2807 CVE-2008-2809 CVE-2008-2811
Several remote vulnerabilities have been discovered in the Icedove
mail client, an unbranded version of the Thunderbird client. The Common
Vulnerabilities and Exposures project identifies the following
problems:
CVE-2008-0304
It was discovered that a buffer overflow in MIME decoding can lead
to the execution of arbitrary code.
CVE-2008-2785
It was discovered that missing boundary checks on a reference
counter for CSS objects can lead to the execution of arbitrary code.
CVE-2008-2798
Devon Hubbard, Jesse Ruderman and Martijn Wargers discovered
crashes in the layout engine, which might allow the execution of
arbitrary code.
CVE-2008-2799
Igor Bukanov, Jesse Ruderman and Gary Kwong discovered crashes in
the Javascript engine, which might allow the execution of arbitrary code.
CVE-2008-2802
"moz_bug_r_a4" discovered that XUL documements can escalate
privileges by accessing the pre-compiled "fastload" file.
CVE-2008-2803
"moz_bug_r_a4" discovered that missing input sanitising in the
mozIJSSubScriptLoader.loadSubScript() function could lead to the
execution of arbitrary code. Iceweasel itself is not affected, but
some addons are.
CVE-2008-2807
Daniel Glazman discovered that a programming error in the code for
parsing .properties files could lead to memory content being
exposed to addons, which could lead to information disclosure.
CVE-2008-2809
John G. Myers, Frank Benkstein and Nils Toedtmann discovered that
alternate names on self-signed certificates were handled
insufficiently, which could lead to spoofings secure connections.
CVE-2008-2811
Greg McManus discovered discovered a crash in the block reflow
code, which might allow the execution of arbitrary code.
For the stable distribution (etch), these problems have been fixed in
version 1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1. Packages for
s390 are not yet available and will be provided later.
For the unstable distribution (sid), these problems have been fixed in
version 2.0.0.16-1.
We recommend that you upgrade your icedove package.
Upgrade instructions
- - --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- - -------------------------------
Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc and sparc.
Source archives:
http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1.dsc
Size/MD5 checksum: 1982 f3c2c78e178cc5d918727b6a9f4ca9fb
http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d.orig.tar.gz
Size/MD5 checksum: 34581452 4fb6289f43f89b04e5eda6844ae6c988
http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1.diff.gz
Size/MD5 checksum: 640682 66921d4b0aee62189770d0b1d9a27be3
Architecture independent packages:
http://security.debian.org/pool/updates/main/i/icedove/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_all.deb
Size/MD5 checksum: 29552 463f08cd0992af2e5f5226983533ad1c
http://security.debian.org/pool/updates/main/i/icedove/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_all.deb
Size/MD5 checksum: 29562 d19102f43c4938d796969c34952c0259
http://security.debian.org/pool/updates/main/i/icedove/thunderbird-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_all.deb
Size/MD5 checksum: 29560 75f70ee24e4fc0a2573151f80545f523
http://security.debian.org/pool/updates/main/i/icedove/thunderbird-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_all.deb
Size/MD5 checksum: 29546 afb54879e2c649e70328fe8096593197
http://security.debian.org/pool/updates/main/i/icedove/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_all.deb
Size/MD5 checksum: 29560 004cb74dea9c951be193df990c49f4be
http://security.debian.org/pool/updates/main/i/icedove/thunderbird-dbg_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_all.deb
Size/MD5 checksum: 29532 27605ca5220ba1fcc72392e6f1dc2387
http://security.debian.org/pool/updates/main/i/icedove/thunderbird-gnome-support_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_all.deb
Size/MD5 checksum: 29556 8b55d0217a91ea8a4687f904ca799fa9
http://security.debian.org/pool/updates/main/i/icedove/mozilla-thunderbird_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_all.deb
Size/MD5 checksum: 29540 14fdb36a83b334276d25b72052d57508
http://security.debian.org/pool/updates/main/i/icedove/thunderbird-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_all.deb
Size/MD5 checksum: 29538 34727cf9881337c6008ef858a694435c
http://security.debian.org/pool/updates/main/i/icedove/thunderbird_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_all.deb
Size/MD5 checksum: 29518 943247aaa34c1ee99d978da3dd808a87
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_alpha.deb
Size/MD5 checksum: 199850 4c11e28fd59e653b3eb658b61e2387f1
http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_alpha.deb
Size/MD5 checksum: 3961436 6ab569e6a44fdc98be141dfc28f5e514
http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_alpha.deb
Size/MD5 checksum: 13479948 e43c67c22b424d006b30f8177eff89da
http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_alpha.deb
Size/MD5 checksum: 52450056 38ad437d2112c5dc8b837fa29d3700a2
http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_alpha.deb
Size/MD5 checksum: 54012 66f8f15764fa5cfedc2e30067d90142c
http://security.debian.org/pool/updates/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_alpha.deb
Size/MD5 checksum: 64780 b76ba21a7891b910257aec92ff5f8ebe
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_amd64.deb
Size/MD5 checksum: 62014 e7976085b2877a5aa0f67e2f39f13acf
http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_amd64.deb
Size/MD5 checksum: 51546632 f71a5976ecb276f9e7185d096ba571dc
http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_amd64.deb
Size/MD5 checksum: 53060 39ee5c0d7973a479e0fec5de206445ec
http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_amd64.deb
Size/MD5 checksum: 12188986 5b5a722c065939a30ace6c86e4902291
http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_amd64.deb
Size/MD5 checksum: 3681364 9c9e3f9b7e5aeb16219d3d637ea5a0b3
http://security.debian.org/pool/updates/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_amd64.deb
Size/MD5 checksum: 196636 80a17a741ff4e0a6fa84217c84832c90
arm architecture (ARM)
http://security.debian.org/pool/updates/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_arm.deb
Size/MD5 checksum: 190508 b892bdbe503c1140b5ed96373764f315
http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_arm.deb
Size/MD5 checksum: 3925126 ca5c77ace501dc663abfa9a2581d0321
http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_arm.deb
Size/MD5 checksum: 47896 d623d4e1136ed42825e1cc35174b8f10
http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_arm.deb
Size/MD5 checksum: 10905516 9db335c210f30324296b88d3679db10a
http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_arm.deb
Size/MD5 checksum: 50902100 c0373e23fc224f274b9d9f0927ce6fc7
http://security.debian.org/pool/updates/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_arm.deb
Size/MD5 checksum: 59720 dba7b3f17729dda646170a579b6513db
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_hppa.deb
Size/MD5 checksum: 13663278 fdca35ec0058f78e82d03788892902af
http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_hppa.deb
Size/MD5 checksum: 3958520 8ff63b8cfd865e22517ac167ae5722ee
http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_hppa.deb
Size/MD5 checksum: 52367754 3437b821482cf35a579d210a713008b5
http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_hppa.deb
Size/MD5 checksum: 53614 7b94d83de91fc8f186e0cd7bc7bad832
http://security.debian.org/pool/updates/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_hppa.deb
Size/MD5 checksum: 199870 9ff9dd34f19070f1bcca39c1b480047f
http://security.debian.org/pool/updates/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_hppa.deb
Size/MD5 checksum: 65800 14938ff602d4644553d24d099c969e4a
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_i386.deb
Size/MD5 checksum: 48980 795870fd4758467f8e492140ac594ece
http://security.debian.org/pool/updates/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_i386.deb
Size/MD5 checksum: 59020 98e853ac8690f092f6487133a8204512
http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_i386.deb
Size/MD5 checksum: 3677854 2dfef77faa7628cc692bf541a0d22a78
http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_i386.deb
Size/MD5 checksum: 10916926 36349932631a29b67fe5fce24f9adf6a
http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_i386.deb
Size/MD5 checksum: 50802416 b37577565030cf995e473b0d3e20792c
http://security.debian.org/pool/updates/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_i386.deb
Size/MD5 checksum: 191610 e59fad8c9711e5accf576c1f841989a7
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_ia64.deb
Size/MD5 checksum: 205674 539dc88338b19d01637ec3afbd4fde20
http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_ia64.deb
Size/MD5 checksum: 16573824 00750603608ecb0d33350c7b04d1238a
http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_ia64.deb
Size/MD5 checksum: 3730216 79018f5828e4965b7323b8e632d0be83
http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_ia64.deb
Size/MD5 checksum: 51844298 1466152deb275dd5582f6a905489c3f2
http://security.debian.org/pool/updates/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_ia64.deb
Size/MD5 checksum: 75038 23a5cdf5762bb0dbef4a00ce4d0473d7
http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_ia64.deb
Size/MD5 checksum: 60392 4be2576cda9e1f5c828f5da7b4f8f9d1
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_mips.deb
Size/MD5 checksum: 3950320 f0ab200f288ab06ca52fa3717d91ebc6
http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_mips.deb
Size/MD5 checksum: 11620928 fdd43e5db08db0d202f0ad47ac1219d2
http://security.debian.org/pool/updates/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_mips.deb
Size/MD5 checksum: 193508 9187a8e2616da652b8a75d549c3bd077
http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_mips.deb
Size/MD5 checksum: 48738 0b51bfd611db7d28eeda296967b54483
http://security.debian.org/pool/updates/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_mips.deb
Size/MD5 checksum: 59216 b48b446110f5d48df4b7f99ff77fc337
http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_mips.deb
Size/MD5 checksum: 53174806 f37efd01e3733135acb4a0a90a4e223f
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_mipsel.deb
Size/MD5 checksum: 51738000 11a6dc26b73f4e2b3aa7060e3b5d864d
http://security.debian.org/pool/updates/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_mipsel.deb
Size/MD5 checksum: 192936 36f6670e7045beae00ade70e9f71ce3d
http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_mipsel.deb
Size/MD5 checksum: 11368146 d7fbd31e25b50de4c6daf5f28a95d5f5
http://security.debian.org/pool/updates/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_mipsel.deb
Size/MD5 checksum: 59606 2a552e82279ecf9f291341dcf37a6228
http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_mipsel.deb
Size/MD5 checksum: 49918 ca4d8ba417208cfe7bca37b30dd4c625
http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_mipsel.deb
Size/MD5 checksum: 3685232 135701696c633f2171591b38406f0e32
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_powerpc.deb
Size/MD5 checksum: 193688 344e8c0d6c9b69c5377c5521e994ceff
http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_powerpc.deb
Size/MD5 checksum: 11818840 bd2c329c7ad8895f1adbc5da401a0cdb
http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_powerpc.deb
Size/MD5 checksum: 3680394 373f1fc16a30ac3fc206e134d2f874b2
http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_powerpc.deb
Size/MD5 checksum: 50538 c48cda9801366960ebe3a51568adb177
http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_powerpc.deb
Size/MD5 checksum: 53345336 845557409c6f0a88bebddc1d5f69c77a
http://security.debian.org/pool/updates/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_powerpc.deb
Size/MD5 checksum: 61378 63e5f8580b9e72d5ac6af1125791bca5
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_sparc.deb
Size/MD5 checksum: 50694834 44c3b9706f65e089c4e1ae836471c674
http://security.debian.org/pool/updates/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_sparc.deb
Size/MD5 checksum: 59040 33096f950a885fe57779db8d7838faae
http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_sparc.deb
Size/MD5 checksum: 3675032 1f82018e9aa522b5bc6585e42ad98cac
http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_sparc.deb
Size/MD5 checksum: 49044 70d8353f8fc8a6b3d7ec415870c227e6
http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_sparc.deb
Size/MD5 checksum: 11125910 4def9751172a0041a02e135bf8fa3184
http://security.debian.org/pool/updates/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1_sparc.deb
Size/MD5 checksum: 191136 26ba8ae4cebcc84756f36817a67c2e2b
These files will probably be moved into the stable distribution on
its next update.
- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkiM6qkACgkQXm3vHE4uylrLBgCeIrxfVjWZ+qFWfMCFYWLtV/kK
eGcAn1OnHqrZkT2n7ea/BJS384iqBnXS
=/r7q
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBSI0YQyh9+71yA2DNAQKsCwQAh71gsv6AD5QkULbUf9o5FYDJHYwntIkn
aB6MBii3SpM+G/Kk9/7yUhlYRUgEakOnUf4cbPPB2647rmRlIVkoxjEqqWzNQ7E9
3td9AKBRpvl/IAIIPe4f/1LmaxmRJnSAMPL/2VR6QuCC824l0dVM1wjMARwTSXf2
9s0JCnn7fIk=
=KZp3
-----END PGP SIGNATURE-----