Articles / Debian: New Kernel 2.4.27 p…

Debian: New Kernel 2.4.27 packages fix several vulnerabilities

Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. "Solar Designer" discovered that arithmetic computations in netfilter's do_replace() function can lead to a buffer overflow and the execution of arbitrary code. However, the operation requires CAP_NET_ADMIN privileges, which is only an issue in virtualization systems or fine grained access control systems. "Solar Designer" discovered a race condition in netfilter's do_add_counters() function, which allows information disclosure of kernel memory by exploiting a race condition. Intel EM64T systems were discovered to be susceptible to a local DoS due to an endless recursive fault related to a bad ELF entry ady declared die_if_kernel() function as "does never return" which could be exploited by a local attacker resulting in a kernel crash. AMD64 machines (and other 7th and 8th generation AuthenticAMD processors) were found to be vulnerable to sensitive information leakage, due to how they handle saving and restoring the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending. This allows a process to determine portions of the state of floating point instructions of other processes. Marco Ivaldi discovered that there was an unintended information disclosure allowing remote attackers to bypass protections against Idle Scans (nmap -sI) by abusing the ID field of IP packets and bypassing the zero IP ID in DF packet countermeasure. This was a result of the ip_push_pending_frames function improperly incremented the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets. Pavel Kankovsky reported the existance of a potential information leak resulting from the failure to initialize sin.sin_zero in the IPv4 socket code. Shaun Tancheff discovered a buffer overflow (boundry condition error) in the USB Gadget RNDIS implementation allowing remote attackers to cause a DoS. While creating a reply message, the driver allocated memory for the reply data, but not for the reply structure. The kernel fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. Attackers could crash the system, or possibly execute arbitrary machine code. Hugh Dickins discovered an issue in the madvise_remove() function wherein file and mmap restrictions are not followed, allowing local users to bypass IPC permissions and replace portions of readonly tmpfs files with zeroes. Alexandra Kossovsky reported a NULL pointer dereference condition in ip_route_input() that can be triggered by a local user by requesting a route for a multicast IP address, resulting in a denial of service (panic). Vlad Yasevich reported a data validation issue in the SCTP subsystem that may allow a remote user to overflow a buffer using a badly formatted HB-ACK chunk, resulting in a denial of service. Vlad Yasevich reported a bug in the bounds checking code in the SCTP subsystem that may allow a remote attacker to trigger a denial of service attack when rounded parameter lengths are used to calculate parameter lengths instead of the actual values. Mark Mosely discovered that chroots residing on an SMB share can be escaped with specially crafted "cd" sequences. The "Mu security team" discovered that carefully crafted ECNE chunks can cause a kernel crash by accessing incorrect state stable entries in the SCTP networking subsystem, which allows denial of service. The "Mu security team" discovered that fragmented SCTP control chunks can trigger kernel panics, which allows for denial of service attacks. It was discovered that SCTP packets with two initial bundled data packets can lead to infinite recursion, which allows for denial of service attacks. Fixed packages are available from security.debian.org.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1097-1                    security@debian.org
http://www.debian.org/security/                   Dann Frazier, Troy Heber
June 14th, 2006                         http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : kernel-source-2.4.27
Vulnerability  : several
Problem-Type   : local/remote
Debian-specific: no
CVE ID         : CVE-2006-0038 CVE-2006-0039 CVE-2006-0741 CVE-2006-0742
                CVE-2006-1056 CVE-2006-1242 CVE-2006-1343 CVE-2006-1368
                CVE-2006-1524 CVE-2006-1525 CVE-2006-1857 CVE-2006-1858
                CVE-2006-1864 CVE-2006-2271 CVE-2006-2272 CVE-2006-2274
Debian Bug     :

Several local and remote vulnerabilities have been discovered in the Linux
kernel that may lead to a denial of service or the execution of arbitrary
code. The Common Vulnerabilities and Exposures project identifies the
following problems:

CVE-2006-0038

   "Solar Designer" discovered that arithmetic computations in netfilter's
   do_replace() function can lead to a buffer overflow and the execution of
   arbitrary code. However, the operation requires CAP_NET_ADMIN privileges,
   which is only an issue in virtualization systems or fine grained access
   control systems.

CVE-2006-0039

   "Solar Designer" discovered a race condition in netfilter's
   do_add_counters() function, which allows information disclosure of
   kernel memory by exploiting a race condition. Like CVE-2006-0038,
   it requires CAP_NET_ADMIN privileges.

CVE-2006-0741

   Intel EM64T systems were discovered to be susceptible to a local
   DoS due to an endless recursive fault related to a bad ELF entry
   address.

CVE-2006-0742

   incorrectly declared die_if_kernel() function as "does never
   return" which could be exploited by a local attacker resulting in
   a kernel crash.

CVE-2006-1056

   AMD64 machines (and other 7th and 8th generation AuthenticAMD
   processors) were found to be vulnerable to sensitive information
   leakage, due to how they handle saving and restoring the FOP, FIP,
   and FDP x87 registers in FXSAVE/FXRSTOR when an exception is
   pending. This allows a process to determine portions of the state
   of floating point instructions of other processes.

CVE-2006-1242

   Marco Ivaldi discovered that there was an unintended information
   disclosure allowing remote attackers to bypass protections against
   Idle Scans (nmap -sI) by abusing the ID field of IP packets and
   bypassing the zero IP ID in DF packet countermeasure. This was a
   result of the ip_push_pending_frames function improperly
   incremented the IP ID field when sending a RST after receiving
   unsolicited TCP SYN-ACK packets.

CVE-2006-1343

   Pavel Kankovsky reported the existance of a potential information leak
   resulting from the failure to initialize sin.sin_zero in the IPv4 socket
   code.

CVE-2006-1368

   Shaun Tancheff discovered a buffer overflow (boundry condition
   error) in the USB Gadget RNDIS implementation allowing remote
   attackers to cause a DoS. While creating a reply message, the
   driver allocated memory for the reply data, but not for the reply
   structure. The kernel fails to properly bounds-check user-supplied
   data before copying it to an insufficiently sized memory
   buffer. Attackers could crash the system, or possibly execute
   arbitrary machine code.

CVE-2006-1524

   Hugh Dickins discovered an issue in the madvise_remove() function wherein
   file and mmap restrictions are not followed, allowing local users to
   bypass IPC permissions and replace portions of readonly tmpfs files with
   zeroes.

CVE-2006-1525

   Alexandra Kossovsky reported a NULL pointer dereference condition in
   ip_route_input() that can be triggered by a local user by requesting
   a route for a multicast IP address, resulting in a denial of service
   (panic).

CVE-2006-1857

   Vlad Yasevich reported a data validation issue in the SCTP subsystem
   that may allow a remote user to overflow a buffer using a badly formatted
   HB-ACK chunk, resulting in a denial of service.

CVE-2006-1858

   Vlad Yasevich reported a bug in the bounds checking code in the SCTP
   subsystem that may allow a remote attacker to trigger a denial of service
   attack when rounded parameter lengths are used to calculate parameter
   lengths instead of the actual values.

CVE-2006-1864

   Mark Mosely discovered that chroots residing on an SMB share can be
   escaped with specially crafted "cd" sequences.

CVE-2006-2271

   The "Mu security team" discovered that carefully crafted ECNE chunks can
   cause a kernel crash by accessing incorrect state stable entries in the
   SCTP networking subsystem, which allows denial of service.

CVE-2006-2272

   The "Mu security team" discovered that fragmented SCTP control
   chunks can trigger kernel panics, which allows for denial of
   service attacks.

CVE-2006-2274

   It was discovered that SCTP packets with two initial bundled data
   packets can lead to infinite recursion, which allows for denial of
   service attacks.



The following matrix explains which kernel version for which architecture
fix the problems mentioned above:

                                Debian 3.1 (sarge)
    Source                      2.4.27-10sarge3
    Alpha architecture          2.4.27-10sarge3
    ARM architecture            2.4.27-2sarge3
    Intel IA-32 architecture    2.4.27-10sarge3
    Intel IA-64 architecture    2.4.27-10sarge3
    Motorola 680x0 architecture 2.4.27-3sarge3
    Big endian MIPS             2.4.27-10.sarge3.040815-1
    Little endian MIPS          2.4.27-10.sarge3.040815-1
    PowerPC architecture        2.4.27-10sarge3
    IBM S/390 architecture      2.4.27-2sarge3
    Sun Sparc architecture      2.4.27-9sarge3

The following matrix lists additional packages that were rebuilt for
compatibility with or to take advantage of this update:

                                Debian 3.1 (sarge)
    fai-kernels                 1.9.1sarge2
    kernel-image-2.4.27-speakup 2.4.27-1.1sarge2
    mindi-kernel                2.4.27-2sarge2
    systemimager                3.2.3-6sarge2

We recommend that you upgrade your kernel package immediately and reboot
the machine. If you have built a custom kernel from the kernel source
package, you will need to rebuild to take advantage of these fixes.

Upgrade Instructions
- --------------------

wget url
       will fetch the file for you
dpkg -i file.deb
       will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
       will update the internal database
apt-get upgrade
       will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

 Source archives:

   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-s390_2.4.27-2sarge3.dsc
     Size/MD5 checksum:      831 fac953b669c78c37ea181597402b1c1b
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-i386_2.4.27-10sarge3.tar.gz
     Size/MD5 checksum:    98672 717a42fcf8a6b67690a756b9f3f00aa1
   http://security.debian.org/pool/updates/main/m/mindi-kernel/mindi-kernel_2.4.27-2sarge2.diff.gz
     Size/MD5 checksum:     3962 fc1912f815afb314558fbadae87e43fc
   http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge2.tar.gz
     Size/MD5 checksum:    26319 368860bca1219d5777ab12dbc0713985
   http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-powerpc-2.4.27_2.4.27-10sarge3.dsc
     Size/MD5 checksum:     1139 47ebcb365d37d7321eeee65b23920a29
   http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge2.dsc
     Size/MD5 checksum:      621 096115eaec61120211e0ba317b92def9
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-arm_2.4.27-2sarge3.tar.gz
     Size/MD5 checksum:    31646 1673537490a1af1a72ff1d65cd73139d
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-m68k_2.4.27-3sarge3.dsc
     Size/MD5 checksum:      876 2340c14db87e56a98e01dd17b095b7d4
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-sparc_2.4.27-9sarge3.tar.gz
     Size/MD5 checksum:    21264 932ad64503240eedef626a0856fe5665
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-ia64_2.4.27-10sarge3.dsc
     Size/MD5 checksum:     1143 60abbaf01fa8d0f6ac0992eb08cb965e
   http://security.debian.org/pool/updates/main/k/kernel-image-speakup-i386/kernel-image-speakup-i386_2.4.27-1.1sarge2.dsc
     Size/MD5 checksum:      732 738178383acc2853cf8bd8b15861dc52
   http://security.debian.org/pool/updates/main/s/systemimager/systemimager_3.2.3-6sarge2.tar.gz
     Size/MD5 checksum: 15975839 9d7e6b12846c71e4d530375aacd1390b
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-s390_2.4.27-2sarge3.tar.gz
     Size/MD5 checksum:     9362 52942076ea9989d63ec619d0be8f324c
   http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge3.dsc
     Size/MD5 checksum:      900 6a5fd70b803f4a0996b994d72d30c65e
   http://security.debian.org/pool/updates/main/m/mindi-kernel/mindi-kernel_2.4.27.orig.tar.gz
     Size/MD5 checksum:     9501 a4ad085824ade5641f1c839d945dd301
   http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-patch-2.4.27-mips_2.4.27-10.sarge3.040815-1.dsc
     Size/MD5 checksum:     1051 e28f324bd15f8825721c36d2ad685f8a
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-m68k_2.4.27-3sarge3.tar.gz
     Size/MD5 checksum:    11080 2813b0290efcd984fef6a69d9ca3c8e7
   http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-powerpc-2.4.27_2.4.27-10sarge3.tar.gz
     Size/MD5 checksum:  1463783 1df6018893f9772d156ccf8e3080fb2b
   http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-patch-2.4.27-mips_2.4.27-10.sarge3.040815-1.tar.+gz
     Size/MD5 checksum:   309066 ccf2db5585e30dd27b9eaf8d74285e70
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-arm_2.4.27-2sarge3.dsc
     Size/MD5 checksum:      839 2f9746e3d73001a774607a2e8460dec8
   http://security.debian.org/pool/updates/main/m/mindi-kernel/mindi-kernel_2.4.27-2sarge2.dsc
     Size/MD5 checksum:      750 621fb9f1f76dc3fae5ed69f393ded2cb
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-ia64_2.4.27-10sarge3.tar.gz
     Size/MD5 checksum:    54501 650afb6ddf33bd3c55d036c6e163f8d1
   http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge3.diff.gz
     Size/MD5 checksum:   741011 dc1085a42970fbb6f5174f8dae7f5bb2
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-i386_2.4.27-10sarge3.dsc
     Size/MD5 checksum:     1581 a0f54f9d6f61b4a31bdf49b2efa6a2ca
   http://security.debian.org/pool/updates/main/k/kernel-image-speakup-i386/kernel-image-speakup-i386_2.4.27-1.1sarge2.tar.gz
     Size/MD5 checksum:    17809 946929349518ac3d91c42825bfb6cabc
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-alpha_2.4.27-10sarge3.tar.gz
     Size/MD5 checksum:    31177 2d05a7a176dba04f37719199efa494b7
   http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27.orig.tar.gz
     Size/MD5 checksum: 38470181 56df34508cdc47a53d15bc02ffe4f42d
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-alpha_2.4.27-10sarge3.dsc
     Size/MD5 checksum:      831 4aa4330d08a7829fbe9a548d1d8bab2f
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-sparc_2.4.27-9sarge3.dsc
     Size/MD5 checksum:     1074 ef1ed7e19152004e160a48d320fed490
   http://security.debian.org/pool/updates/main/s/systemimager/systemimager_3.2.3-6sarge2.dsc
     Size/MD5 checksum:     1012 271d488ce319e95d567143228330e9a1


 Architecture independent components:

   http://security.debian.org/pool/updates/main/s/systemimager/systemimager-client_3.2.3-6sarge2_all.deb
     Size/MD5 checksum:    30482 64658643dc4a9554a722ff1b724c916f
   http://security.debian.org/pool/updates/main/s/systemimager/systemimager-boot-i386-standard_3.2.3-6sarge2_all.deb
     Size/MD5 checksum:  4759092 15c5bd7f61d7291f1267c12733ffcb5b
   http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge3_all.deb
     Size/MD5 checksum: 31033502 47eb2bd29ad34555156eac2ec8160cd4
   http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-tree-2.4.27_2.4.27-10sarge3_all.deb
     Size/MD5 checksum:    26664 88c43bac04065e47b6486bed94692e9e
   http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-doc-2.4.27_2.4.27-10sarge3_all.deb
     Size/MD5 checksum:  3580108 9542a6368e1668c0b3dd5529ba9c80f0
   http://security.debian.org/pool/updates/main/s/systemimager/systemimager-server_3.2.3-6sarge2_all.deb
     Size/MD5 checksum:   116802 a73dc8e6bb5119c7679d97d13b94cbc8
   http://security.debian.org/pool/updates/main/s/systemimager/systemimager-common_3.2.3-6sarge2_all.deb
     Size/MD5 checksum:    30730 7cafd2b593e33cd0cb1ed5577a63142a
   http://security.debian.org/pool/updates/main/k/kernel-image-speakup-i386/kernel-doc-2.4.27-speakup_2.4.27-1.1sarge2_all.deb
     Size/MD5 checksum:  2419762 5e9e5072a78be7f12f2a499ee1116268
   http://security.debian.org/pool/updates/main/s/systemimager/systemimager-server-flamethrowerd_3.2.3-6sarge2_all.deb
     Size/MD5 checksum:    15944 00be5d0f60f2e89dec74ec2a76310638
   http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-patch-debian-2.4.27_2.4.27-10sarge3_all.deb
     Size/MD5 checksum:   689772 9054c12e58f6b8c6d7f6055e94e3e2b3
   http://security.debian.org/pool/updates/main/s/systemimager/systemimager-doc_3.2.3-6sarge2_all.deb
     Size/MD5 checksum:   631336 01476ba30e300b6b91a9a1a5d5c7f16b
   http://security.debian.org/pool/updates/main/s/systemimager/systemimager-boot-ia64-standard_3.2.3-6sarge2_all.deb
     Size/MD5 checksum:  9545000 c225981a19829b44b8b2e61beea177c2


 Alpha architecture:

   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-headers-2.4.27-3-generic_2.4.27-10sarge3_alpha.+deb
     Size/MD5 checksum:   272284 56ec516e9425c915a04a2a7184d15192
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-3-generic_2.4.27-10sarge3_alpha.de+b
     Size/MD5 checksum: 16521602 4975ec76eb158179d36de7746cab88ba
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-3-smp_2.4.27-10sarge3_alpha.deb      Size/MD5 checksum: 16966302 9bb2d088907ead2c2e689c139e945ef9
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-headers-2.4.27-3_2.4.27-10sarge3_alpha.deb
     Size/MD5 checksum:  4573588 ad755c6e0a640be87f44d0eeb3cb0b9d
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-build-2.4.27-3_2.4.27-10sarge3_alpha.deb
     Size/MD5 checksum:     6930 5af591a1a57ca5b7b5ce7af39d0c30f8
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-headers-2.4.27-3-smp_2.4.27-10sarge3_alpha.deb
     Size/MD5 checksum:   274064 b675644b9520620077d740f5033e311c


 ARM architecture:

   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-riscpc_2.4.27-2sarge3_arm.deb
     Size/MD5 checksum:  3145470 0e5c53017bbb7a84d554c1b6e60a0f6a
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-riscstation_2.4.27-2sarge3_arm.deb
     Size/MD5 checksum:  3668438 2c00f060b5f4a599b1509e5625d766c1
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-netwinder_2.4.27-2sarge3_arm.deb
     Size/MD5 checksum:  7331276 8ded6d50afd88d04fd9b601586509d32
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-build-2.4.27_2.4.27-2sarge3_arm.deb
     Size/MD5 checksum:   465160 61a35d05b6e9617ea9cec7ecc3ada43c
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-bast_2.4.27-2sarge3_arm.deb
     Size/MD5 checksum:  1692044 73cb9319b752cc5eaca4849e20edf6ed
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-headers-2.4.27_2.4.27-2sarge3_arm.deb
     Size/MD5 checksum:  4658994 b790e6512cd56ac98a1d9b5539c9d5b6
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-lart_2.4.27-2sarge3_arm.deb
     Size/MD5 checksum:  1056874 a03e9282e21db6a8094c8f2432a88e09


 Intel IA-32 architecture:

   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-3-k7_2.4.27-10sarge3_i386.deb
     Size/MD5 checksum: 12087676 c53fd67452bade39a41a4d07b1ddbd26
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-3-386_2.4.27-10sarge3_i386+.deb
     Size/MD5 checksum:   268890 b867a4d295e544fff9f5f0aa2a660762
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-3-k6_2.4.27-10sarge3_i386.deb
     Size/MD5 checksum: 11713818 a039669989458b154e77063b9f2cd05e
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-3-686-smp_2.4.27-10sarge3_+i386.deb
     Size/MD5 checksum:   305120 bcbd70a2fc6c58ecf1ff373e398069bd
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-3-k7-smp_2.4.27-10sarge3_i386.deb      Size/MD5 checksum:   300776 cba2acbaa7a11221bf20476dec02cc2c
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-3-686_2.4.27-10sarge3_i386.deb
     Size/MD5 checksum: 12340196 bb4547bd7a55cf5a863faf0eb787af72
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-build-2.4.27-3_2.4.27-10sarge3_i386.deb
     Size/MD5 checksum:     9460 a52b72284e9b2ac4ea7249b9889dae97
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-3-k7_2.4.27-10sarge3_i386.+deb
     Size/MD5 checksum:   293320 0cfddb9db531337f9220c787e2916002
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-3-686_2.4.27-10sarge3_i386.deb      Size/MD5 checksum:   299132 cf2755d7c9628bf753d4f9fc59df37f6
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-3-686-smp_2.4.27-10sarge3_i386.deb
     Size/MD5 checksum: 12682330 64e091ae35b42450a3f0af1af1b1cc17
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-3-386_2.4.27-10sarge3_i386.deb      Size/MD5 checksum:   298354 03343347f66f3ebae64348769a8e7085
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-3-586tsc_2.4.27-10sarge3_i386.deb      Size/MD5 checksum:   298796 d5474dcad0aa041fa1bebffa5531a4cb
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-3-k6_2.4.27-10sarge3_i386.deb
     Size/MD5 checksum:   298168 29f6f0af6edcc6fdc7b34fd33b4b45a6
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-3-k7-smp_2.4.27-10sarge3_i+386.deb
     Size/MD5 checksum:   298236 251b20906cabdabc2689f8fad6238485
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-3-386_2.4.27-10sarge3_i386.deb
     Size/MD5 checksum: 11049672 7c1d176724d5af7ef5d92cf91a4b3a24
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-3-686-smp_2.4.27-10sarge3_i386.de+b
     Size/MD5 checksum:   300914 012fa2195bea70f63022c38ee8ece1b8
   http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge2_i386.deb
     Size/MD5 checksum: 11992030 37b9f69b34c25ffd7f79c3dccb1c2b86
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-3_2.4.27-10sarge3_i386.deb
     Size/MD5 checksum:  1824238 b412dad8e3fa8ffbb88f9e24b720682c
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-3-586tsc_2.4.27-10sarge3_i+386.deb
     Size/MD5 checksum:   293678 293d14c82e8f2dc12d75d9ffbf07a497
   http://security.debian.org/pool/updates/main/k/kernel-image-speakup-i386/kernel-headers-2.4.27-speakup_2.4.27-1.1sarge2_i386.de+b
     Size/MD5 checksum:  4771964 810af192d449f6437de9c7b92bfc8f70
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-3-k7-smp_2.4.27-10sarge3_i386.deb
     Size/MD5 checksum: 12420578 5699a644c8305231c6ff00ca615bc79a
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-3-k7_2.4.27-10sarge3_i386.deb
     Size/MD5 checksum:   299016 8269e91daebb2aca7b360c15a41fa060
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-3-586tsc_2.4.27-10sarge3_i386.deb
     Size/MD5 checksum: 12024800 595b16fd83e6ca0ca9b3b4df82934f72
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-3-k6_2.4.27-10sarge3_i386.+deb
     Size/MD5 checksum:   287484 80953396a754c47e76dc9c034fb2caab
   http://security.debian.org/pool/updates/main/m/mindi-kernel/mindi-kernel_2.4.27-2sarge2_i386.deb
     Size/MD5 checksum:  7766984 0f4f4f9d1a0bc59ae4a2bf51734cfdfa
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-3-686_2.4.27-10sarge3_i386+.deb
     Size/MD5 checksum:   299566 6165de4b3a2f79b3983d826f490f6c58
   http://security.debian.org/pool/updates/main/k/kernel-image-speakup-i386/kernel-image-2.4.27-speakup_2.4.27-1.1sarge2_i386.deb
     Size/MD5 checksum: 11303960 3519c2d9f88bcbbe6cd1a793bc21a092


 Intel IA-64 architecture:

   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-3-mckinley-smp_2.4.27-10sarge3_ia+64.deb
     Size/MD5 checksum:   241990 1de0bc8938c45fdc763edc8b5be16dbb
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-3-mckinley_2.4.27-10sarge3_ia64.d+eb
     Size/MD5 checksum:   240416 d711a15e48958eaf0b0cffdb9afbe33b
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-3-mckinley_2.4.27-10sarge3_ia64.deb      Size/MD5 checksum: 16623356 6f87ed371e352b5ef736eeb9aea9b1e3
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-3-itanium-smp_2.4.27-10sarge3_ia64.+deb
     Size/MD5 checksum: 17020414 9748928c4403f7d1f708e4f1659ee56b
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-3-itanium-smp_2.4.27-10sarge3_ia6+4.deb
     Size/MD5 checksum:   241792 3f041268f31bbc7c13bb41f4b9b254d5
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-3-mckinley-smp_2.4.27-10sarge3_ia64+.deb
     Size/MD5 checksum: 16980154 c21794a39eae3611d166574bc4d6c946
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4-mckinley-smp_2.4.27-10sarge3_ia64.deb
     Size/MD5 checksum:     6188 510517c085a54b7f62b21fa549a28254
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4-itanium-smp_2.4.27-10sarge3_ia64.deb
     Size/MD5 checksum:     6154 0ffa2668983b76eb117180f4127f443f
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-3-itanium_2.4.27-10sarge3_ia64.deb
     Size/MD5 checksum: 16670542 5a5fc027a7ed1ea22de65134816ac27e
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-build-2.4.27-3_2.4.27-10sarge3_ia64.deb
     Size/MD5 checksum:     6372 9091687f1ccdd0a95238d4d8bf7a36b4
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4-itanium_2.4.27-10sarge3_ia64.deb
     Size/MD5 checksum:     6150 6862682a204020d9be7c3c7a24b58022
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-3_2.4.27-10sarge3_ia64.deb
     Size/MD5 checksum:  4688294 fec3cf9e850845e1339b39eaadbfe411
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-3-itanium_2.4.27-10sarge3_ia64.de+b
     Size/MD5 checksum:   240852 525e38de6f834e7112097c26da92b929
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4-mckinley_2.4.27-10sarge3_ia64.deb
     Size/MD5 checksum:     6178 c756f53c98ab21e53f097b2859433591


 Motorola 680x0 architecture:

   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-mvme16x_2.4.27-3sarge3_m68k.deb
     Size/MD5 checksum:  2395830 74f11a8ca02e8a1cc776bf950e1d346b
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-mac_2.4.27-3sarge3_m68k.deb
     Size/MD5 checksum:  2476584 4baad67d5c9bac3ee608a1f5b1d4dce0
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-amiga_2.4.27-3sarge3_m68k.deb
     Size/MD5 checksum:  2638370 76fcbcdc52016ae4feeafa765a3fc761
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-q40_2.4.27-3sarge3_m68k.deb
     Size/MD5 checksum:  2261274 baacace88b258a02d89ee5158269dc90
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-mvme147_2.4.27-3sarge3_m68k.deb
     Size/MD5 checksum:  2324432 202215777ec6ddca992a02551578bd20
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-atari_2.4.27-3sarge3_m68k.deb
     Size/MD5 checksum:  2543516 00b54f06d0e048692fec00cc8f888cf3
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-bvme6000_2.4.27-3sarge3_m68k.deb      Size/MD5 checksum:  2395344 9326ce159e507c20e26fc4aa4ec9fa61


 Big endian MIPS architecture:

   http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r5k-ip22_2.4.27-10.sarge3.040815-1_+mips.deb
     Size/MD5 checksum:  3852294 0b6ccfb76fed8400f453953d7421c2a6
   http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r4k-ip22_2.4.27-10.sarge3.040815-1_+mips.deb
     Size/MD5 checksum:  3849540 57d70bee7ad3a52c2e41296a4b660748
   http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-headers-2.4.27_2.4.27-10.sarge3.040815-1_mips.de+b
     Size/MD5 checksum:  4681678 76bfca90e34781e213f64d92e412f7d2
   http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-sb1-swarm-bn_2.4.27-10.sarge3.04081+5-1_mips.deb
     Size/MD5 checksum:  7177648 16b29faa543ea16b0f0b1e4b79bcca92
   http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge3.040815-1_mips.deb
     Size/MD5 checksum:    19330 f81dbe5f0089f55ccffdb5160fc14529


 Little endian MIPS architecture:


   http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-sb1-swarm-bn_2.4.27-10.sarge3.04081+5-1_mipsel.deb
     Size/MD5 checksum:  7040154 219d79c89034cc245aaedcc09c077253
   http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge3.040815-1_mipsel.deb
     Size/MD5 checksum:    19372 f882ee84e76926b99370922778731da6
   http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r3k-kn02_2.4.27-10.sarge3.040815-1_+mipsel.deb
     Size/MD5 checksum:  3031408 2e21dc55f4e6c7d8e31485cab88b52a9
   http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r4k-kn04_2.4.27-10.sarge3.040815-1_+mipsel.deb
     Size/MD5 checksum:  2991822 83720b4706c20d32513fdc764e19a3db
   http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-headers-2.4.27_2.4.27-10.sarge3.040815-1_mipsel.+deb
     Size/MD5 checksum:  4686362 1e70d957d920f262ad64af693ead756d
   http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r5k-cobalt_2.4.27-10.sarge3.040815-+1_mipsel.deb
     Size/MD5 checksum:  4102944 4dcc900ca58f7d7e69f0020bb3237dda
   http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r5k-lasat_2.4.27-10.sarge3.040815-1+_mipsel.deb
     Size/MD5 checksum:  2137112 45fe0699fea23090cc4bc9368c6060e9
   http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-xxs1500_2.4.27-10.sarge3.040815-1_m+ipsel.deb
     Size/MD5 checksum:  4670600 64746373b5c99a31c486fb360ec9048c


 PowerPC architecture:

   http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-powerpc_2.4.27-10sarge3_powerpc.+deb
     Size/MD5 checksum:   155366 c357bb9b9fe6ce282b9bba63a0bdaec4
   http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-powerpc_2.4.27-10sarge3_powerpc.+deb
     Size/MD5 checksum: 13478728 3e7a96afb9b6bb0618a69d490d3df3e6
   http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-headers-2.4.27-powerpc_2.4.27-10sarge3_powerp+c.deb
     Size/MD5 checksum:  4800960 668fb5a82d4ac36e66da1abff65e531f
   http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-powerpc-small_2.4.27-10sarge3_po+werpc.deb
     Size/MD5 checksum: 12750476 7f6aa3d1cc7c8990cf5ca2d8f5d5c128
   http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-2.4.27-powerpc_2.4.27-10sarge3_powerpc.+deb
     Size/MD5 checksum:     9868 61edb2922c82b932b5a51aabd4e3e962
   http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-2.4.27-apus_2.4.27-10sarge3_powerpc.deb      Size/MD5 checksum:    66712 0f1a666913413ccac067b519949b64be
   http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-headers-2.4.27-apus_2.4.27-10sarge3_powerpc.d+eb
     Size/MD5 checksum:  4683234 1dc1ed36b3052d676aece64519c79067
   http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-nubus_2.4.27-10sarge3_powerpc.de+b
     Size/MD5 checksum:   141276 627427945710a84e25f9a6e81cf52871
   http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-nubus_2.4.27-10sarge3_powerpc.de+b
     Size/MD5 checksum:  1817290 168aae93e0888603a192acfb55c17ea4
   http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-apus_2.4.27-10sarge3_powerpc.deb      Size/MD5 checksum:  2499398 6c3464992e5fd4f0c76bd6e456603b69
   http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-powerpc-smp_2.4.27-10sarge3_powe+rpc.deb
     Size/MD5 checksum:   155380 29ef8c314e3ff4ad80a159e336f30cdd
   http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-apus_2.4.27-10sarge3_powerpc.deb      Size/MD5 checksum:   141508 23beb8633e1bc6c71cd7c85549ddc547
   http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-headers-2.4.27-nubus_2.4.27-10sarge3_powerpc.+deb
     Size/MD5 checksum:  4693350 489de2e942db258045c9a759940ae7a7
   http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-2.4.27-nubus_2.4.27-10sarge3_powerpc.de+b
     Size/MD5 checksum:     9944 b5f469592bb45ae907c251aa762e5cdb
   http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-powerpc-smp_2.4.27-10sarge3_powe+rpc.deb
     Size/MD5 checksum: 13785644 b44ad17d6469962e8ad89a36e0069b0a
   http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-powerpc-small_2.4.27-10sarge3_po+werpc.deb
     Size/MD5 checksum:   155614 df66fe84dfcd04edc663ecfc295d5a60


 IBM S/390 architecture:

   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-3-s390-tape_2.4.27-2sarge3_s390.deb      Size/MD5 checksum:   993502 707589c970f190bed95035dad442b9d3
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-headers-2.4.27-3_2.4.27-2sarge3_s390.deb
     Size/MD5 checksum:  4578888 53c705bdfebbd3e6985807f041e94612
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-3-s390x_2.4.27-2sarge3_s390.deb
     Size/MD5 checksum:  2970498 9c2e84a24bb629db2544929cf19f2087
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-3-s390_2.4.27-2sarge3_s390.deb
     Size/MD5 checksum:  2778530 d7d6115aa9292ff635476cd2b17bf499


 Sun Sparc architecture:

   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-3_2.4.27-9sarge3_sparc.deb
     Size/MD5 checksum:  2024732 192d85db979604781d849025a1f44ef2
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-3-sparc64-smp_2.4.27-9sarge3_sparc+.deb
     Size/MD5 checksum:  6546074 5865128021dbbc98f9a6c20e6fc574d9
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-3-sparc64_2.4.27-9sarge3_sparc.deb      Size/MD5 checksum:  6379672 b308de13ac8b140e4a4d06ccd500b9e6
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-3-sparc32-smp_2.4.27-9sarge3_sparc+.deb
     Size/MD5 checksum:  3787334 543e98f2a917fbc57bf8a02c580491eb
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-3-sparc32-smp_2.4.27-9sarge3_spa+rc.deb
     Size/MD5 checksum:   165654 db2c3fd02eb51afbc1ccc98152a25784
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-3-sparc64_2.4.27-9sarge3_sparc.d+eb
     Size/MD5 checksum:   202328 7df862f501733bef8450ba2bacc97b2a
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-3-sparc64-smp_2.4.27-9sarge3_spa+rc.deb
     Size/MD5 checksum:   203806 5f0bc79951ced443e6ef009010b679f2
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-3-sparc32_2.4.27-9sarge3_sparc.d+eb
     Size/MD5 checksum:   163860 ccb65e6e653600dfdbe81fb9f0839789
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-build-2.4.27-3_2.4.27-9sarge3_sparc.deb
     Size/MD5 checksum:     9496 00a3aaa8a2c3cb84274e1155d0663fd1
   http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-3-sparc32_2.4.27-9sarge3_sparc.deb      Size/MD5 checksum:  3601802 050ad637bd78c94c8819e553a50b51ae


 These files will probably be moved into the stable distribution on
 its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEkE03Xm3vHE4uyloRAgWkAKCizwMprLUoRTgrm24rKhy0Aq2KBgCfXUZW
VtJv32nxyaV0CN7g+A8yj7o=
=Y5TI
-----END PGP SIGNATURE-----

Screenshot

Project Spotlight

Kigo Video Converter Ultimate for Mac

A tool for converting and editing videos.

Screenshot

Project Spotlight

Kid3

An efficient tagger for MP3, Ogg/Vorbis, and FLAC files.