Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2009.0586 -- [Debian] vlc: Multiple Vulnerabilities 19 June 2009 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: vlc Publisher: Debian Operating System: Debian GNU/Linux 4.0 Impact: Execute Arbitrary Code/Commands Increased Privileges Denial of Service Access: Remote/Unauthenticated CVE Names: CVE-2008-5032 CVE-2008-4686 CVE-2008-3794 CVE-2008-2430 CVE-2008-2147 CVE-2008-1881 CVE-2008-1769 CVE-2008-1768 Ref: AA-2008.0155 Original Bulletin: http://www.debian.org/security/2009/dsa-1819 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - ------------------------------------------------------------------------ Debian Security Advisory DSA-1819-1 security@debian.org http://www.debian.org/security/ Steffen Joeris June 18, 2009 http://www.debian.org/security/faq - - ------------------------------------------------------------------------ Package : vlc Vulnerability : several vulnerabilities Problem type : local (remote) Debian-specific: no CVE Ids : CVE-2008-1768 CVE-2008-1769 CVE-2008-1881 CVE-2008-2147 CVE-2008-2430 CVE-2008-3794 CVE-2008-4686 CVE-2008-5032 Debian Bugs : 478140 477805 489004 496265 503118 504639 480724 Several vulnerabilities have been discovered in vlc, a multimedia player and streamer. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-1768 Drew Yao discovered that multiple integer overflows in the MP4 demuxer, Real demuxer and Cinepak codec can lead to the execution of arbitrary code. CVE-2008-1769 Drew Yao discovered that the Cinepak codec is prone to a memory corruption, which can be triggered by a crafted Cinepak file. CVE-2008-1881 Luigi Auriemma discovered that it is possible to execute arbitrary code via a long subtitle in an SSA file. CVE-2008-2147 It was discovered that vlc is prone to a search path vulnerability, which allows local users to perform privilege escalations. CVE-2008-2430 Alin Rad Pop discovered that it is possible to execute arbitrary code when opening a WAV file containing a large fmt chunk. CVE-2008-3794 Pınar Yanardağ discovered that it is possible to execute arbitrary code when opening a crafted mmst link. CVE-2008-4686 Tobias Klein discovered that it is possible to execute arbitrary code when opening a crafted .ty file. CVE-2008-5032 Tobias Klein discovered that it is possible to execute arbitrary code when opening an invalid CUE image file with a crafted header. For the oldstable distribution (etch), these problems have been fixed in version 0.8.6-svn20061012.debian-5.1+etch3. For the stable distribution (lenny), these problems have been fixed in version 0.8.6.h-4+lenny2, which was already included in the lenny release. For the testing distribution (squeeze) and the unstable distribution (sid), these problems have been fixed in version 0.8.6.h-5. We recommend that you upgrade your vlc packages. Upgrade instructions - - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - - ------------------------------- Debian (oldstable) - - ------------------ Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian.orig.tar.gz Size/MD5 checksum: 15168393 30c18a2fdc4105606033ff6e6aeab81c http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch3.diff.gz Size/MD5 checksum: 2390010 aacfe6dc712b98ae872794d9d70fe1e3 http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch3.dsc Size/MD5 checksum: 2622 bc3a4f4ee0ecd699820b478e96beecad Architecture independent packages: http://security.debian.org/pool/updates/main/v/vlc/wxvlc_0.8.6-svn20061012.debian-5.1+etch3_all.deb Size/MD5 checksum: 778 62c36d9c3fe088478b442efec17b5b7e http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-alsa_0.8.6-svn20061012.debian-5.1+etch3_all.deb Size/MD5 checksum: 786 12f8c6ef696cb7c6b8b1e33b313f72f0 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch3_alpha.deb Size/MD5 checksum: 5028 1c44834297096fe893775a5d95d1913b http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch3_alpha.deb Size/MD5 checksum: 4444 ad948e7f91e08a0261a009a62bd2a76b http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch3_alpha.deb Size/MD5 checksum: 1157956 da37f9efbdef57c192781d775818e042 http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch3_alpha.deb Size/MD5 checksum: 40298 3c6639b6241c035f35508ed2b41e94b7 http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch3_alpha.deb Size/MD5 checksum: 5169476 7342181513646f6562051fe843dab946 http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch3_alpha.deb Size/MD5 checksum: 13048 63b8dfc325bf011cd9ab2762ac404da8 http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch3_alpha.deb Size/MD5 checksum: 20162 9fd790aaa1a58aaa7de59ca17eec2ea9 http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch3_alpha.deb Size/MD5 checksum: 1306476 230f2731958e3d9740198c66b7a14531 http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch3_alpha.deb Size/MD5 checksum: 6942 96f9d8b30b4c66b9d81a47e3f6141b7a amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch3_amd64.deb Size/MD5 checksum: 20226 73bbae9c7491cb8fb99ae3c9e3b34670 http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch3_amd64.deb Size/MD5 checksum: 11336 623ceac24cb2a59cbbdb96723c7feb4d http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch3_amd64.deb Size/MD5 checksum: 6054 99babdfe76e9ce755f36add0f01750bb http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch3_amd64.deb Size/MD5 checksum: 4667204 0304843fa1801c73ddd1b3e38cb66adf http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch3_amd64.deb Size/MD5 checksum: 951212 9b43d2bc0cbc149000e904d4251e05a0 http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch3_amd64.deb Size/MD5 checksum: 36766 db3ee54d447f07bf7baf12dd69ebba3f http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch3_amd64.deb Size/MD5 checksum: 4518 24bd15d1aa8f929e5e122130931a3bdd http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch3_amd64.deb Size/MD5 checksum: 4188 9c82be723419ef7c45c28fa850d8a006 http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch3_amd64.deb Size/MD5 checksum: 1144154 67bc1eb6d916e8fa6dd6f55e283f7c08 arm architecture (ARM) http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch3_arm.deb Size/MD5 checksum: 4206 41e5a43abe8480afefb61b0a539b7170 http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch3_arm.deb Size/MD5 checksum: 20124 41ef717a928b54131f6576645fb11aae http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch3_arm.deb Size/MD5 checksum: 6096 431cb2ba76f85a4fc8a2e12d3f0fbb7a http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch3_arm.deb Size/MD5 checksum: 998448 9f638f133362b620b1a25be555774f62 http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch3_arm.deb Size/MD5 checksum: 1262714 9aca627018c73b385c1585f67e611c85 http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch3_arm.deb Size/MD5 checksum: 33318 b34aa4d414f141614bf8e24a2fa7d1f5 http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch3_arm.deb Size/MD5 checksum: 4720770 6084cfde985ecc782d131d87376d5631 http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch3_arm.deb Size/MD5 checksum: 10810 05901b3cb763c6df7512e95b21ae3057 http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch3_arm.deb Size/MD5 checksum: 5582 089ffa3b5ab140334680b9d420f28fe2 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch3_hppa.deb Size/MD5 checksum: 6970 9f4a68eee0c5c64b3020417d4c94a2ea http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch3_hppa.deb Size/MD5 checksum: 7802 15eb78a9af99e4621e8e16c1db792a83 http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch3_hppa.deb Size/MD5 checksum: 5360 fd9392b53054be7cf8a875ead65b74ae http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch3_hppa.deb Size/MD5 checksum: 46662 231785bcf877904edc5689be92765764 http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch3_hppa.deb Size/MD5 checksum: 5241886 ecf4256f3266b72398d3102d778e0c0b http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch3_hppa.deb Size/MD5 checksum: 20090 7245b16edcd128fa86d6dbc25e9acdf3 http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch3_hppa.deb Size/MD5 checksum: 13752 5c113155b10404e94aa695346eec0437 http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch3_hppa.deb Size/MD5 checksum: 1083956 3b4c77690fbe73efe95ad664487edf3d http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch3_hppa.deb Size/MD5 checksum: 1374550 c09d8dc3870426212a7be03c49f77be3 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch3_i386.deb Size/MD5 checksum: 1137756 c55814ba9192c4c2c81a983bfb3b0b4d http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch3_i386.deb Size/MD5 checksum: 10714 fb4d96ed4c70d57410aa1b9a3686d04c http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-glide_0.8.6-svn20061012.debian-5.1+etch3_i386.deb Size/MD5 checksum: 4138 f137b88a817cc34f4ce3bece8f95d0b5 http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch3_i386.deb Size/MD5 checksum: 4652906 3321d798ec1146fea206b6e4120a0801 http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch3_i386.deb Size/MD5 checksum: 20104 5742bd41d213b498063e8070723361cf http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch3_i386.deb Size/MD5 checksum: 959380 1c496575c6b3966348595a2ee9b5b822 http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch3_i386.deb Size/MD5 checksum: 36190 82b82e147a2460780cfda4d67e27acc4 http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch3_i386.deb Size/MD5 checksum: 4820 2bf05cc5740357c059ca66feabf406b2 http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch3_i386.deb Size/MD5 checksum: 5842 48a4e79963b7da791c165c484fc11d76 http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch3_i386.deb Size/MD5 checksum: 4106 71906ef569dc94bbddbec713289ef3a8 http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-svgalib_0.8.6-svn20061012.debian-5.1+etch3_i386.deb Size/MD5 checksum: 4536 b02d59bd875bbd9b36c4dc54a16f1992 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch3_ia64.deb Size/MD5 checksum: 9096 fa4b850dadb0a697004617e968851d3a http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch3_ia64.deb Size/MD5 checksum: 5444 85afaf61e92a664c7b903031d169eb5a http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch3_ia64.deb Size/MD5 checksum: 17178 00ac774370b4016649ad172bc84667f2 http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch3_ia64.deb Size/MD5 checksum: 49096 e07daab8ac4e5ea3427fdbadfa671aba http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch3_ia64.deb Size/MD5 checksum: 5905658 164b7902e5e5d5f511305632b6f6a812 http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch3_ia64.deb Size/MD5 checksum: 6206 d0ae6c6462bdc873a845048ecb4fae4b http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch3_ia64.deb Size/MD5 checksum: 1459396 ea5d66259ff182a5c343dbf490274bbe http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch3_ia64.deb Size/MD5 checksum: 20130 3b611aaac099317e626c4b81d5ee9bc4 http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch3_ia64.deb Size/MD5 checksum: 1568890 d44cfd0dc33d34aaa3b106a79f806382 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch3_mips.deb Size/MD5 checksum: 12262 48790d9a97eab369ec9aa3529684f206 http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch3_mips.deb Size/MD5 checksum: 35552 a47c2e52b8f829383addd5f7fb286c5c http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch3_mips.deb Size/MD5 checksum: 6846 2b36dbc841cd22299aa175a4f1e65ca8 http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch3_mips.deb Size/MD5 checksum: 4492 4fc39c1471bca127f178856da0c8518e http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch3_mips.deb Size/MD5 checksum: 1113268 cfc2795f1ccaf23a35e9102345bf0c65 http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch3_mips.deb Size/MD5 checksum: 5962 df95686291e5fc52d130b4b4e425fe45 http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch3_mips.deb Size/MD5 checksum: 20126 4d8ef48d4fd233f1fe1bf3335022fb43 http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch3_mips.deb Size/MD5 checksum: 1005096 ab3c1942a9fa822091cee3c76660594c http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch3_mips.deb Size/MD5 checksum: 4974220 6d7b51e1122a376ff6f0a04a660e9ed6 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch3_mipsel.deb Size/MD5 checksum: 5916 dc0c51da2d60b705ae3938824c0a941e http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch3_mipsel.deb Size/MD5 checksum: 922780 d81949c76c6fdf1ea138961cbe0f36be http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch3_mipsel.deb Size/MD5 checksum: 6718 5530126155e75c9ed883ac2861c79b96 http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch3_mipsel.deb Size/MD5 checksum: 1005626 7fd2f06e879625a7121164353d65df6f http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch3_mipsel.deb Size/MD5 checksum: 11946 80eeb122e2bbf4c9b2e430f3513115cc http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch3_mipsel.deb Size/MD5 checksum: 34624 305feab6d4ead93fd6d76239d05732b0 http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch3_mipsel.deb Size/MD5 checksum: 4668688 27f431fe153b7efee925ef04c1a9befe http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch3_mipsel.deb Size/MD5 checksum: 4480 a4684079cd594e316d62cf28e8c76adf http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch3_mipsel.deb Size/MD5 checksum: 20136 77fbce0f999345f0afdf0650a7794647 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch3_powerpc.deb Size/MD5 checksum: 1191316 b6ef4d881376ef204278456a57166236 http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch3_powerpc.deb Size/MD5 checksum: 5626 cdd05580d5e1c7653d13a07167274c45 http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch3_powerpc.deb Size/MD5 checksum: 1022198 8cdf75ed5cd61cf5e2ae7b297b7819e5 http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch3_powerpc.deb Size/MD5 checksum: 38260 b9681d0824ead229fa9c2a42c2516017 http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch3_powerpc.deb Size/MD5 checksum: 6910 d0bca6f30f15af804d044d666042d1ce http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch3_powerpc.deb Size/MD5 checksum: 7988 cfed8cf8c2c864be55373ce15e23d3f0 http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch3_powerpc.deb Size/MD5 checksum: 5116308 105e08206811fe472412382a85c811e1 http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch3_powerpc.deb Size/MD5 checksum: 13714 ae7ec3ac6f7d1fdfab774d54958965aa http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch3_powerpc.deb Size/MD5 checksum: 20270 d4c85cb0405292434d7537bd9e4b4494 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch3_s390.deb Size/MD5 checksum: 4300 eda9d5b506dd1a70ef73bb592b58c3ef http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch3_s390.deb Size/MD5 checksum: 6052 25aff1e5103edb5a9f734710d6b589b9 http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch3_s390.deb Size/MD5 checksum: 38336 08f2d6171ebb761babf664eb37ebe784 http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch3_s390.deb Size/MD5 checksum: 1019556 478a55d6631a2fba2267a8cd3dbd19f2 http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch3_s390.deb Size/MD5 checksum: 11412 a1e43e44ed1c20efd323adb4d48b90a6 http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch3_s390.deb Size/MD5 checksum: 4860616 92fef2c23dccb82e00bbc7c016d4dd21 http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch3_s390.deb Size/MD5 checksum: 20138 566c8573bef9cb08134ba1fe000b40a4 http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch3_s390.deb Size/MD5 checksum: 6322 67e8fd4b37cb84c6e59f5de27f21eb13 http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch3_s390.deb Size/MD5 checksum: 1172942 c30ffacd5c961e3b3f295b9e7ab175f2 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch3_sparc.deb Size/MD5 checksum: 33310 bc7e610c4085598763e056f255429873 http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch3_sparc.deb Size/MD5 checksum: 4683530 04cd5bf600eca4c872cb802d767deb0a http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch3_sparc.deb Size/MD5 checksum: 19924 4988a8da8b1e97514c747a6964f7f856 http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch3_sparc.deb Size/MD5 checksum: 5752 7584f5b967b245d7a0db7eb47fef5547 http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch3_sparc.deb Size/MD5 checksum: 4756 4526e8e7fceb344711f60ccaf3acfaa1 http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch3_sparc.deb Size/MD5 checksum: 1193282 76e99484e3d54569b80770a493ad2e49 http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch3_sparc.deb Size/MD5 checksum: 951186 2a21b9e1e6edd1d7a32a51abf3f782f3 http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch3_sparc.deb Size/MD5 checksum: 3920 ea9aff23630aa00dfcd37cb98df22408 http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch3_sparc.deb Size/MD5 checksum: 10404 d9ea8f6e0096234c4d9bdf9595eb5dbe These files will probably be moved into the stable distribution on its next update. - - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAko6POAACgkQ62zWxYk/rQdDbgCeIdp39CeLGY7/fFQxhl2MbiZf d3MAnAiZm53IHS7zrm8mPzJ4Q2T6eXrK =vgRk - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iD8DBQFKOuBUNVH5XJJInbgRAnKDAJ4npeSBovsNdVSsUn8Oj2mviwNynwCgiuEO wSlCm7c2OP1664cuKUgYHOQ= =7vZw -----END PGP SIGNATURE-----