Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2009.0421 -- [UNIX/Linux][Debian]
freetype: Execute Arbitrary Code/Commands
1 May 2009
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: freetype
Publisher: Debian
Operating System: Debian GNU/Linux 4.0
Debian GNU/Linux 5.0
UNIX variants (UNIX, Linux, OSX)
Impact: Execute Arbitrary Code/Commands
Access: Remote/Unauthenticated
CVE Names: CVE-2009-0946
Original Bulletin: http://www.debian.org/security/2009/dsa-1784
Comment: This advisory references vulnerabilities in products which run on
platforms other than Debian. It is recommended that administrators
running freetype check for an updated version of the software for
their operating system.
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - --------------------------------------------------------------------------
Debian Security Advisory DSA-1784-1 security@debian.org
http://www.debian.org/security/ Nico Golde
April 30th, 2009 http://www.debian.org/security/faq
- - --------------------------------------------------------------------------
Package : freetype
Vulnerability : integer overflows
Problem type : local (remote)
Debian-specific: no
CVE ID : CVE-2009-0946
Tavis Ormandy discovered several integer overflows in FreeType, a library
to process and access font files, resulting in heap- or stack-based
buffer overflows leading to application crashes or the execution
of arbitrary code via a crafted font file.
For the oldstable distribution (etch), this problem has been fixed in
version 2.2.1-5+etch4.
For the stable distribution (lenny), this problem has been fixed in
version 2.3.7-2+lenny1.
For the testing distribution (squeeze), this problem will be fixed soon.
For the unstable distribution (sid), this problem has been fixed in
version 2.3.9-4.1.
We recommend that you upgrade your freetype packages.
Upgrade instructions
- - --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- - -------------------------------
Debian (oldstable)
- - ------------------
Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/f/freetype/freetype_2.2.1-5+etch4.dsc
Size/MD5 checksum: 806 64611cbb471628359be5e3add390481b
http://security.debian.org/pool/updates/main/f/freetype/freetype_2.2.1.orig.tar.gz
Size/MD5 checksum: 1451392 a584e84d617c6e7919b4aef9b5106cf4
http://security.debian.org/pool/updates/main/f/freetype/freetype_2.2.1-5+etch4.diff.gz
Size/MD5 checksum: 35460 355360a6157070ec1beed2a59b566053
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch4_alpha.udeb
Size/MD5 checksum: 279388 b3d4210547ecf4a04bf88c75494cc111
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch4_alpha.deb
Size/MD5 checksum: 385174 278d5134975a1dba703d98240ddc6a63
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch4_alpha.deb
Size/MD5 checksum: 728690 68737b103f329973ee7d7e9fff4e83c8
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch4_alpha.deb
Size/MD5 checksum: 169114 5133d57b21cc7cf44b5975b6527b4825
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch4_amd64.udeb
Size/MD5 checksum: 248282 fc8b4e8e3ffe15eeeb7bcfb162e4a9e1
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch4_amd64.deb
Size/MD5 checksum: 671298 61b8048d1cbc5275322ed0d730bdbea7
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch4_amd64.deb
Size/MD5 checksum: 355350 abee35456605685cb9c439363f800173
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch4_amd64.deb
Size/MD5 checksum: 149832 35ca786b9430666664982428ea773053
arm architecture (ARM)
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch4_arm.deb
Size/MD5 checksum: 334084 5fc9bbce9a35e23c111858aadbc789fd
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch4_arm.deb
Size/MD5 checksum: 646784 b3d8b2b22ab3afeb931d2aea821cae40
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch4_arm.udeb
Size/MD5 checksum: 227438 1752dce98655004ce337b2506da50676
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch4_arm.deb
Size/MD5 checksum: 134032 8adc7ae3f9469d351afbdfe2a4120d79
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch4_hppa.deb
Size/MD5 checksum: 367148 867febdc912d70e94522d9ce712149c9
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch4_hppa.deb
Size/MD5 checksum: 684936 3ba0531b968c737e6d2dd35096b828b6
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch4_hppa.udeb
Size/MD5 checksum: 260684 592acdba2d42293937b84a33a1b336ba
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch4_hppa.deb
Size/MD5 checksum: 150362 1a25c1494492e10337c8d21267b464de
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch4_i386.deb
Size/MD5 checksum: 644162 9eafc8843737666cba8d6108d4a15d7c
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch4_i386.deb
Size/MD5 checksum: 135884 348459f71c33c0a258a7dcce04f9cc3e
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch4_i386.udeb
Size/MD5 checksum: 236062 05007d69881d19521ad59dce79e1f23f
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch4_i386.deb
Size/MD5 checksum: 342212 98511ff4ae4ae5f7fee332093a2e346d
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch4_ia64.deb
Size/MD5 checksum: 222234 8daeb88920829fbf27819b0e0ce5846a
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch4_ia64.deb
Size/MD5 checksum: 817176 17ad55179e15ad7e9f2de28ab7653c89
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch4_ia64.deb
Size/MD5 checksum: 489336 9f2723db4d62a1a5eef3fe3dd4612b58
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch4_ia64.udeb
Size/MD5 checksum: 383742 bce79315cd3fc65a9030c6fd15ff794a
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch4_mips.deb
Size/MD5 checksum: 347148 5f214cc776abbd81c889d2f2d7cca8fb
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch4_mips.udeb
Size/MD5 checksum: 241716 54b1cfa583a1b62346724307e00e56db
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch4_mips.deb
Size/MD5 checksum: 151494 2cc027ba3b4f90007f3be2762a907b08
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch4_mips.deb
Size/MD5 checksum: 680756 9277c822eabae2330d1878a7373a9294
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch4_mipsel.deb
Size/MD5 checksum: 347116 7d93b0b91240c48036eadaacfba42af1
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch4_mipsel.deb
Size/MD5 checksum: 680756 23fd50f0675447182fbc9aa3237a6ef1
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch4_mipsel.deb
Size/MD5 checksum: 150984 8eb5046e90be34e131305085221af10f
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch4_mipsel.udeb
Size/MD5 checksum: 241298 85629612fd8622e694de441736e1a789
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch4_powerpc.deb
Size/MD5 checksum: 146712 8ea5a32715a80160cb1cc2aa867b102c
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch4_powerpc.udeb
Size/MD5 checksum: 240750 091354c0ed2e1862deb0d9e6115d2180
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch4_powerpc.deb
Size/MD5 checksum: 661838 3c91577f699fe66b6071dda7c3a42dcb
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch4_powerpc.deb
Size/MD5 checksum: 346290 b559e4fb3e00fe5fcd588c40602bd910
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch4_s390.deb
Size/MD5 checksum: 356076 e48aa00adc24d97c93dd9fc2d5f4fd34
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch4_s390.udeb
Size/MD5 checksum: 250068 e13c662aa161403a864713023cb018e5
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch4_s390.deb
Size/MD5 checksum: 657196 295be8c03e50515aabdcfb1788156aeb
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch4_s390.deb
Size/MD5 checksum: 151346 854a1fe96587a70a6067f4a5affb0121
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch4_sparc.udeb
Size/MD5 checksum: 219912 7eeccf7c86fe05ca6d298936e6b10ab6
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch4_sparc.deb
Size/MD5 checksum: 130716 c6a1f315342ae245cbda46a84e90c433
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch4_sparc.deb
Size/MD5 checksum: 640902 f7ca045b251e70739392ec7ce8ab482e
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch4_sparc.deb
Size/MD5 checksum: 327038 bb3585c482b61149ce8263f41aae47e1
Debian GNU/Linux 5.0 alias lenny
- - --------------------------------
Debian (stable)
- - ---------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7-2+lenny1.dsc
Size/MD5 checksum: 1218 44b657bd7355ca8852b5f728220521ce
http://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7-2+lenny1.diff.gz
Size/MD5 checksum: 32714 61c850f28c09fe85dae75d4f1b99face
http://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7.orig.tar.gz
Size/MD5 checksum: 1567540 c1a9f44fde316470176fd6d66af3a0e8
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny1_alpha.deb
Size/MD5 checksum: 410964 cb1fe88aabd717639646ac801af81ee2
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny1_alpha.udeb
Size/MD5 checksum: 296580 9a038e74a937abc9e778983f0c29d34b
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny1_alpha.deb
Size/MD5 checksum: 773016 8bca0aa54bcf4ebae4fbac5d2187d227
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny1_alpha.deb
Size/MD5 checksum: 253016 e7d7396812a700bb5ed96267dfb9c688
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny1_amd64.deb
Size/MD5 checksum: 386078 4e02c0874f0d74024377d5ad0db011c2
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny1_amd64.udeb
Size/MD5 checksum: 269820 9b45623d31f65844ad61a94cef4ef247
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny1_amd64.deb
Size/MD5 checksum: 224982 0bf7345babe2902e3dbd7f3faea3e500
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny1_amd64.deb
Size/MD5 checksum: 716368 db2d36f34779db9ed2f4cc7696c4e63e
arm architecture (ARM)
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny1_arm.deb
Size/MD5 checksum: 357008 c75a4aef434efb7350d4fa61c970b49f
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny1_arm.deb
Size/MD5 checksum: 686206 6e3e297e88ee26914783c6b5ac21ad86
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny1_arm.udeb
Size/MD5 checksum: 242328 7a9e43536fc66794183900c4fe55f71d
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny1_arm.deb
Size/MD5 checksum: 205088 29f58b85f53aaaa55dd7ee193b4d54eb
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny1_armel.deb
Size/MD5 checksum: 352880 86d4884de97fa6d8efd0e69bfcbe639a
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny1_armel.udeb
Size/MD5 checksum: 236650 a59f0476b2d47b8230ff73807c842c24
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny1_armel.deb
Size/MD5 checksum: 209746 1866c3d74ec811d6d817d64d12433037
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny1_armel.deb
Size/MD5 checksum: 682520 942a49f6a3a9f5a59942139b406b5ffc
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny1_hppa.deb
Size/MD5 checksum: 390162 cf7cd361dfbdb42d2ed322700eb64d9c
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny1_hppa.udeb
Size/MD5 checksum: 273886 186d424c56d93dbe83e92b7c85c4358c
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny1_hppa.deb
Size/MD5 checksum: 226784 4664ea025f33f37d3038a90531209d72
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny1_hppa.deb
Size/MD5 checksum: 724860 b53ea689c65363dd51583064caa53cb9
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny1_i386.udeb
Size/MD5 checksum: 254386 951df80ccc9bef3d07dedbbe17760d82
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny1_i386.deb
Size/MD5 checksum: 198880 46f5663ce579a51e18dc934109cc0645
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny1_i386.deb
Size/MD5 checksum: 685616 76c13ff85e98143d4e5fd52b69968784
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny1_i386.deb
Size/MD5 checksum: 371606 7e56c724b16e31ea9e2b42c54ec4a251
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny1_ia64.deb
Size/MD5 checksum: 530754 94cf9762bf27b1b9a4bd3d35ea6758a4
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny1_ia64.deb
Size/MD5 checksum: 332086 9a5888c8030cd330977a64a477a0a41b
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny1_ia64.deb
Size/MD5 checksum: 876300 7b32ce2b7ff8373de9f51cd192c023ca
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny1_ia64.udeb
Size/MD5 checksum: 415562 2b8999a2fc8880c2e4961e2e73841088
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny1_mips.deb
Size/MD5 checksum: 369352 36448c61e845aa19ad6faa289ea2197c
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny1_mips.deb
Size/MD5 checksum: 713460 06a964dd69eddcc3ca57d1407f2b5862
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny1_mips.deb
Size/MD5 checksum: 214692 8b8657d67b7fc506d58d81e6373b3ca4
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny1_mips.udeb
Size/MD5 checksum: 253888 b50c6cbcf39b19ded0e1eef2a02ce791
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny1_powerpc.deb
Size/MD5 checksum: 232708 7d465ffc5c11c8905504c46e8a84b4f1
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny1_powerpc.deb
Size/MD5 checksum: 704558 595985965b7457bad1736f29b824c6ee
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny1_powerpc.udeb
Size/MD5 checksum: 262760 b6acafdb4fe4027b06ccc2391f9f97a2
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny1_powerpc.deb
Size/MD5 checksum: 377576 6d0f0b5a2a591bafd311cb1fb9dbee92
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny1_s390.udeb
Size/MD5 checksum: 268096 5f407b3c65dfd595178dc613a1317723
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny1_s390.deb
Size/MD5 checksum: 698526 71f0ebec47a0849792b0fcde8cb303f7
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny1_s390.deb
Size/MD5 checksum: 383702 9a8756caba0dede5c29ddb6679d81c92
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny1_s390.deb
Size/MD5 checksum: 225100 035b81559e7890c37e1786b5ed5abb18
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny1_sparc.udeb
Size/MD5 checksum: 235404 bf3d981df44758a15b90cd112af49269
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny1_sparc.deb
Size/MD5 checksum: 200860 fd28ab28bf37b1b744ae1d355fc424eb
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny1_sparc.deb
Size/MD5 checksum: 679232 2fc951d4720997ab6c627145c75e942a
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny1_sparc.deb
Size/MD5 checksum: 351398 9cd398f6ba4b5431385746dc308e828e
These files will probably be moved into the stable distribution on
its next update.
- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkn56o0ACgkQHYflSXNkfP+LxwCfeB8LSnvY1M1gHbK5kmuB+HSI
RQgAnjRbK2kCvs6YRtAYJ53tn2MSLyue
=TgSx
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iD8DBQFJ+jmqNVH5XJJInbgRAnytAJ9hOM3X0IIxirv6ujcTL3wIVnaYjACfX5ZP
bugoJkUvug0pTdo/KsdS2ME=
=eXWQ
-----END PGP SIGNATURE-----