Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2008.1085 -- [Win][UNIX/Linux][Debian] New perl packages fix privilege escalation 22 December 2008 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: perl Publisher: Debian Operating System: Debian GNU/Linux 4.0 UNIX variants (UNIX, Linux, OSX) Windows Impact: Create Arbitrary Files Delete Arbitrary Files Access: Existing Account CVE Names: CVE-2008-5303 CVE-2008-5302 Original Bulletin: http://www.debian.org/security/2008/dsa-1678 Comment: This advisory references vulnerabilities in products which run on platforms other than Debian. It is recommended that administrators running perl check for an updated version of the software for their operating system. Revision History: December 22 2008: Debian re-released package to fix a regression issue December 4 2008: Initial Release - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - ------------------------------------------------------------------------ Debian Security Advisory DSA-1678-2 security@debian.org http://www.debian.org/security/ Florian Weimer December 21, 2008 http://www.debian.org/security/faq - - ------------------------------------------------------------------------ Package : perl Vulnerability : design flaws Problem type : local Debian-specific: no CVE Id(s) : CVE-2008-5302 CVE-2008-5303 Debian Bug : 286905 286922 479317 The perl update in DSA-1678-1 contains a regression which is triggered by some Perl scripts which have changed into the directory tree removed by File::Path::rmtree. In particular, this happens if File::Temp::tempdir is used. This new update corrects this regression. For the stable distribution (etch), this problem has been fixed in version 5.8.8-7etch6. For the unstable distribution (sid), this problem will be fixed soon. We recommend that you upgrade your perl packages. Upgrade instructions - - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - - ------------------------------- Source archives: http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6.diff.gz Size/MD5 checksum: 104841 38685bce67f7761753883e8e6073f5b7 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6.dsc Size/MD5 checksum: 742 f9545587e032939494a6a9b22abd112c http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8.orig.tar.gz Size/MD5 checksum: 12829188 b8c118d4360846829beb30b02a6b91a7 Architecture independent packages: http://security.debian.org/pool/updates/main/p/perl/perl-doc_5.8.8-7etch6_all.deb Size/MD5 checksum: 7377460 cf3c6b08cfa947eb989e5a376790c4c3 http://security.debian.org/pool/updates/main/p/perl/libcgi-fast-perl_5.8.8-7etch6_all.deb Size/MD5 checksum: 41276 f9e491829ef0ea295d2c5b88e48c895d http://security.debian.org/pool/updates/main/p/perl/perl-modules_5.8.8-7etch6_all.deb Size/MD5 checksum: 2328214 6d995effacda8ecc2a935dc4527ed342 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6_alpha.deb Size/MD5 checksum: 4150250 3c575d6d8e1b101066a89e1482f081cf http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch6_alpha.deb Size/MD5 checksum: 821806 8d3bd143f7b3d6243b42277c5c63a93f http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch6_alpha.deb Size/MD5 checksum: 880284 5636ce04377a056db7d369b7b8770428 http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch6_alpha.deb Size/MD5 checksum: 2928840 4d5717f310740a654eab999bc4993e5a http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch6_alpha.deb Size/MD5 checksum: 1010 9ccd001ddccacbf99510508937c9ca47 http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch6_alpha.deb Size/MD5 checksum: 36236 db6be7a7cf887edfefcb7c2c50b0a3db amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch6_amd64.deb Size/MD5 checksum: 1014 6222c5da15781a0191a162ee74e0f9a2 http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch6_amd64.deb Size/MD5 checksum: 806670 c654435b6632fb800929870df3f0daf8 http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch6_amd64.deb Size/MD5 checksum: 32780 bcc928299ffd2e4d97ee2d9d7fdb1512 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6_amd64.deb Size/MD5 checksum: 4249060 a10ee694a5d164b8ef12d0f566e4f02d http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch6_amd64.deb Size/MD5 checksum: 630778 f318294099b5c0ae4469073988731f7f http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch6_amd64.deb Size/MD5 checksum: 2735120 21c2ed7bba2de01983156e720c4eea14 arm architecture (ARM) http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch6_arm.deb Size/MD5 checksum: 30346 1f51b45f45fd8a1bbc4732812c348b3a http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch6_arm.deb Size/MD5 checksum: 760238 a230824f93118e65af853c9a8448aeb5 http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch6_arm.deb Size/MD5 checksum: 562086 e7fc6a0323bc5898dd09ff7a9c937ac1 http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch6_arm.deb Size/MD5 checksum: 1010 9a67f67e98a45b6e02fe09aa50518794 http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch6_arm.deb Size/MD5 checksum: 2548186 91c5ccb36e82705931c07d8a14d95490 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6_arm.deb Size/MD5 checksum: 3410336 77df1024bf9e02b0cdce65423bc84eeb i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch6_i386.deb Size/MD5 checksum: 2492644 ebb57292ae6986f812c2233511565fb3 http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch6_i386.deb Size/MD5 checksum: 585446 bedf9d40486ebab6ef251101ed0d2402 http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch6_i386.deb Size/MD5 checksum: 762766 f667327e7cd4044ee6fb3c900b75a181 http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch6_i386.deb Size/MD5 checksum: 527166 8770a7e8302aaa2ef7c99b8339a1579e http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch6_i386.deb Size/MD5 checksum: 32104 53085baadd6fa2a16f5ca27dbcae5b72 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6_i386.deb Size/MD5 checksum: 3599182 6c141bd9447670a86b0691adafb51596 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch6_ia64.deb Size/MD5 checksum: 1154160 b640fe2f395f9161560fd9dd52532f85 http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch6_ia64.deb Size/MD5 checksum: 1006 62ffe7a5b8823f925b2537941fe48ae1 http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch6_ia64.deb Size/MD5 checksum: 51272 b93cfd432ead7fb85cab0acbe53c2994 http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch6_ia64.deb Size/MD5 checksum: 978108 7e50dafffed7382b35042ad86032b7a4 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6_ia64.deb Size/MD5 checksum: 4336650 fe46d1d4fa0b18770631f9d2a544d072 http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch6_ia64.deb Size/MD5 checksum: 3364466 15f332c898209c5c5cb8d864762cf445 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch6_mips.deb Size/MD5 checksum: 786168 5da358d316af22485a29c364afee453c http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch6_mips.deb Size/MD5 checksum: 1008 0c27fb854eabf1e73840bf2cc07b8b3c http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch6_mips.deb Size/MD5 checksum: 694016 78af4921744de0e03ba173d79d7f7d39 http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch6_mips.deb Size/MD5 checksum: 32220 fcd144768fee4a14664a962d0d1e4a55 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6_mips.deb Size/MD5 checksum: 3679064 cdd8810ba2b3e8c293df4acc06510fb7 http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch6_mips.deb Size/MD5 checksum: 2782124 a16a21e716647c74c24224b9752d56c2 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch6_mipsel.deb Size/MD5 checksum: 32326 55417bfc7195b2907c76a170ded4fb91 http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch6_mipsel.deb Size/MD5 checksum: 2730626 7d13f3931edcdd3b22ff6e851de332d5 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6_mipsel.deb Size/MD5 checksum: 3413592 f087bc2dcefcd3069ac7db96b84af4ab http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch6_mipsel.deb Size/MD5 checksum: 784946 a5b574a6e9e1bf919ab88bd1b5beb964 http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch6_mipsel.deb Size/MD5 checksum: 687508 90078c3c9692c6e50c5a5cb0fe25ece2 http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch6_mipsel.deb Size/MD5 checksum: 1016 10942b8d2f2c5441d0dd7d65afc83151 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch6_powerpc.deb Size/MD5 checksum: 811106 367dec1df2404742380c2c06e0809a20 http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch6_powerpc.deb Size/MD5 checksum: 2710134 50f1c3ecb9f1023935f153c1d605aa41 http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch6_powerpc.deb Size/MD5 checksum: 1014 16877860b93d044bf7f914a857737fc0 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6_powerpc.deb Size/MD5 checksum: 3825218 b4f50f6735fc446fb22665cff53cd064 http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch6_powerpc.deb Size/MD5 checksum: 653450 92671c8bcd39e6f4a84b2a01401ef408 http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch6_powerpc.deb Size/MD5 checksum: 32904 adb2e70ca2b2f0cc809bcc2903036bdf s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6_s390.deb Size/MD5 checksum: 4100084 14bc00f090ce3dc1ba7bfacfa5b88218 http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch6_s390.deb Size/MD5 checksum: 33094 fb66e60a4fa21a647bc053920a842d5b http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch6_s390.deb Size/MD5 checksum: 633600 9df5a899f601a14ce3b0496df2bc116d http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch6_s390.deb Size/MD5 checksum: 823704 1b3f1afaef5fc0c5fb36048d82c1c3d6 http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch6_s390.deb Size/MD5 checksum: 2796566 83e073cf9d1f2a22f366483d250a95c0 http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch6_s390.deb Size/MD5 checksum: 1008 f983117eb556d27b343d6a64d5774cfd sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch6_sparc.deb Size/MD5 checksum: 594470 8bfdaa1611e2ce31f21dcb83714eed1f http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch6_sparc.deb Size/MD5 checksum: 31058 12713b89c5b12616fe4344c6e725b8a5 http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch6_sparc.deb Size/MD5 checksum: 2565978 b062a3274b40bf1524a9d02315c711cd http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch6_sparc.deb Size/MD5 checksum: 782402 5c2d4e8b4eb521aecac7c496591c1e7a http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch6_sparc.deb Size/MD5 checksum: 1010 0fde672bbaad262571d8646364b3c10a http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6_sparc.deb Size/MD5 checksum: 3813262 f1095b35b28e4d2eb80cba8b978d8119 These files will probably be moved into the stable distribution on its next update. - - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iQEcBAEBAgAGBQJJThLvAAoJEL97/wQC1SS+WSYIAI0vvTnjN/DDAhxatTQhcqft M4KlTjE5xLF1qtLH+9XWmCf9nPGQyOfrZk8lRyAVG3xyI4shuMrRIrZlgW70Z9rk C5p0ApU81yIWEMXQI/OIawbx0gXqg5O26KMQHWYNOflXfg7P/S3PrlVRgtJeG3ED QptsDATvJaIFOBN/QGENr0vpJ70kxlO8xB/YqiRXecBVDBywL4xK6mDg11q3ZEt5 2v+hn4by0mhd29xQz2rq0tG2K+xWidQd6UsbvekhAVBhzonH2fPgZX5YaqxT5m6i hAtwMXAnPIJXK1FWzEK0kdWuULkcNdXF5rKZnYgILF7opiXbzylPKwQmbK8biUA= =ttG8 - -----END PGP SIGNATURE----- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - ------------------------------------------------------------------------ Debian Security Advisory DSA-1678-1 security@debian.org http://www.debian.org/security/ Steffen Joeris December 03, 2008 http://www.debian.org/security/faq - - ------------------------------------------------------------------------ Package : perl Vulnerability : design flaws Problem type : local Debian-specific: no CVE Id(s) : CVE-2008-5302 CVE-2008-5303 Debian Bug : 286905 286922 Paul Szabo rediscovered a vulnerability in the File::Path::rmtree function of Perl. It was possible to exploit a race condition to create setuid binaries in a directory tree or remove arbitrary files when a process is deleting this tree. This issue was originally known as CVE-2005-0448 and CVE-2004-0452, which were addressed by DSA-696-1 and DSA-620-1. Unfortunately, they were reintroduced later. For the stable distribution (etch), these problems have been fixed in version 5.8.8-7etch5. For the unstable distribution (sid), these problems have been fixed in version 5.10.0-18 and will migrate to the testing distribution (lenny) shortly. We recommend that you upgrade your perl packages. Upgrade instructions - - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - - ------------------------------- Source archives: http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5.dsc Size/MD5 checksum: 750 a57837967b7420057558cab7efca9202 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8.orig.tar.gz Size/MD5 checksum: 12829188 b8c118d4360846829beb30b02a6b91a7 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5.diff.gz Size/MD5 checksum: 105052 cfd4c3d27c5a7a342c441383867dae89 Architecture independent packages: http://security.debian.org/pool/updates/main/p/perl/libcgi-fast-perl_5.8.8-7etch5_all.deb Size/MD5 checksum: 41082 9dfa8758852aadcaadb2edbdfa17f942 http://security.debian.org/pool/updates/main/p/perl/perl-doc_5.8.8-7etch5_all.deb Size/MD5 checksum: 7378812 3baade38d4a703ae7db0e2f7d7b2df62 http://security.debian.org/pool/updates/main/p/perl/perl-modules_5.8.8-7etch5_all.deb Size/MD5 checksum: 2316518 dc45e7d6fbedf992db42f31326457df2 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5_alpha.deb Size/MD5 checksum: 4150162 345ac6cfebda2d2e6807a1dc0e14957c http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch5_alpha.deb Size/MD5 checksum: 1006 f010eb97c3f81b2958c7546ba69296eb http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch5_alpha.deb Size/MD5 checksum: 2928894 52f0aa7e688e63cd4d487a6492d9ee2e http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch5_alpha.deb Size/MD5 checksum: 36236 eb16c8490e1e164ef6444f4b7680fbc6 http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch5_alpha.deb Size/MD5 checksum: 821796 d48d9e6f1a07eafdc6acb6d990cf1fbc http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch5_alpha.deb Size/MD5 checksum: 880174 f32a7823fd919ada981b3eda1abe6a70 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch5_amd64.deb Size/MD5 checksum: 630776 4f134545671885f476770a9da3695301 http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch5_amd64.deb Size/MD5 checksum: 806610 02ed83b2872342eb732c0179daa52869 http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch5_amd64.deb Size/MD5 checksum: 32774 4db9f5a96272f4a561abadbc3a1ed175 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5_amd64.deb Size/MD5 checksum: 4248964 b09695271b26cb6b6245a791e9e7122d http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch5_amd64.deb Size/MD5 checksum: 2735132 c8bb2c571273b1ef47beb05874ae4277 http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch5_amd64.deb Size/MD5 checksum: 1010 4223d65b463272ca026ee7e7d7d0ff02 arm architecture (ARM) http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch5_arm.deb Size/MD5 checksum: 1008 fd5146b7fceeb55c7ba16831e95f0b4a http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch5_arm.deb Size/MD5 checksum: 562112 24fe7aacf39d42673555f228e6edd5d7 http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch5_arm.deb Size/MD5 checksum: 30338 57ce7264534de68fe870e72eaae6a186 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5_arm.deb Size/MD5 checksum: 3410084 382ee29a48541e9270cb20926ff2c58a http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch5_arm.deb Size/MD5 checksum: 760136 6939901d705dbdac94e959ebab73d32a http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch5_arm.deb Size/MD5 checksum: 2548202 07796362a684d112be9dbea0ff5a2ab5 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5_i386.deb Size/MD5 checksum: 3589118 bdcb99ed51d06b1639d98a661ce42d58 http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch5_i386.deb Size/MD5 checksum: 527162 c511226a2cbddb98a170c8f563d6670a http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch5_i386.deb Size/MD5 checksum: 585396 f3f34d325de643667d4c12f897a15f48 http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch5_i386.deb Size/MD5 checksum: 32070 59d70d1ee4f0e7584230095ca079ceb7 http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch5_i386.deb Size/MD5 checksum: 2491980 7149381d9862cc1ebd20092fae76dda9 http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch5_i386.deb Size/MD5 checksum: 762200 40254226d8ae5963a908661350816f0c ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch5_ia64.deb Size/MD5 checksum: 978092 e856d5880b7b4c26222a3e0a3e0e0610 http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch5_ia64.deb Size/MD5 checksum: 3364496 8248ac1db0819b45b0ea5bf2ba748f6f http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch5_ia64.deb Size/MD5 checksum: 1154060 3ff9faa1f05b380c486a86f79e7993a0 http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch5_ia64.deb Size/MD5 checksum: 1008 ce21fdde9f6a971ab9bb950d5a4f8846 http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch5_ia64.deb Size/MD5 checksum: 51272 85acec2cd9ad024ec30e00a5af6f5ccb http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5_ia64.deb Size/MD5 checksum: 4336594 d4756a2b2de75f43cdb2f8ff4ccc0566 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch5_mips.deb Size/MD5 checksum: 2782132 4999312ae9a1844b4d475f34d312d334 http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch5_mips.deb Size/MD5 checksum: 694018 e974c764d6a3350e7425cf5990f02201 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5_mips.deb Size/MD5 checksum: 3678988 94244c7432977a979063076fc67bbf29 http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch5_mips.deb Size/MD5 checksum: 32216 cacc1e6e5d2649606ddccc99a9f09ebd http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch5_mips.deb Size/MD5 checksum: 786110 1713743185beb6ddc6de091ed4a7a0e5 http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch5_mips.deb Size/MD5 checksum: 1008 905da3949be11e01942cb096f279cd63 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch5_powerpc.deb Size/MD5 checksum: 653440 4ccf1e83f3159d64262c9d30506e151a http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch5_powerpc.deb Size/MD5 checksum: 2710130 036b5620a814a6443d173a1a5f62a051 http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch5_powerpc.deb Size/MD5 checksum: 1012 3bf894f640eeb63b15a997dbb1e06a63 http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch5_powerpc.deb Size/MD5 checksum: 32908 bb7ccbed135a9625df993587576fbcf6 http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch5_powerpc.deb Size/MD5 checksum: 811032 6ea8cf13343916db0f3e46c759f448da http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5_powerpc.deb Size/MD5 checksum: 3824810 5864271ba481be6308ab9e704c2454c1 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch5_s390.deb Size/MD5 checksum: 823642 682e9f9fb581af9cc0aa9860c2747eba http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch5_s390.deb Size/MD5 checksum: 33108 311441a02f7965c21790d988b63879c6 http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch5_s390.deb Size/MD5 checksum: 2796658 3b4c21061de13bec62299cfda17c21a8 http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch5_s390.deb Size/MD5 checksum: 1008 201b45bdbf264748d665b789e501e2c9 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5_s390.deb Size/MD5 checksum: 4100050 c2348e4c49820501d30e3736bb60e442 http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch5_s390.deb Size/MD5 checksum: 633612 6d818da26553af14a4479a23731ea8b0 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch5_sparc.deb Size/MD5 checksum: 1014 bd9f92414f3d44f15efa2c8b25fd39d9 http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5_sparc.deb Size/MD5 checksum: 3796714 95538b186d68bd25eec0dd3a27fe1447 http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch5_sparc.deb Size/MD5 checksum: 783702 e07757e74203c7c8eec5f2db41051bc4 http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch5_sparc.deb Size/MD5 checksum: 31056 d0ead72ea7bb47971f638ef7aee22705 http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch5_sparc.deb Size/MD5 checksum: 2565984 253cc0540fbaead2b39bbcf9dda3ab96 http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch5_sparc.deb Size/MD5 checksum: 594486 85b2168a8092deadace3044f51ebd20a These files will probably be moved into the stable distribution on its next update. - - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iQEcBAEBAgAGBQJJNiNUAAoJEL97/wQC1SS+xTwH/0zeSjj1pMV/opCTwn43mJol fiGZ7O7Ng8o6Ps1fRuPZi+SdvaQxF3NbYWnyKikxY223AvLRlDQCPtbe0wZYf0bQ 6Cr9S+GaRTHd9UOg/4s2CE1clttlXRIzRQT9jTi/uycTr/JsAVUeWZ4LgrAq6P1l qxMxiZddeH6BRHJbFgMKT8nhnLkAOztAqSlmZjA4XBlq/LH4RyGhprJh39zuG2Aq U85a7vWzwwrH6EnfeYi4xS4i9kR5+YJUTvvgmdnYOfi6lOQl8Y3KG6Qeunmw/0gc GjB7KcH1bUyj8hiS0zoMCbFwwCsodt5zfoieD82VtvRGAv+PoaH4ZL4O8MfYS0o= =dFHH - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQCVAwUBSU7kZSh9+71yA2DNAQIQAgP/WfASAhoVT+WBu8eJqNVakM8mBG6a3QKx j+CzLJ1EtgxUSF6mDnx3A5FE3bCCPcad+udkQtEdcv/wlBvO0UU2YdPILl4LuUNM i+pYrrmp0+nArvDzN0GImv+94dcuZrqfOWd7fb2/QbkWhnMgoNwQ65kQG87upgJp p9h7x1Ui34Y= =KSUQ -----END PGP SIGNATURE-----