The OVAL Repository5.52015-09-03T06:54:13.191-04:00USN-810-3 -- NSS regressionUbuntu 9.04Ubuntu 8.10Ubuntu 8.04nssUSN-810-1 fixed vulnerabilities in NSS. Jozsef Kadlecsik noticed that
the new libraries on amd64 did not correctly set stack memory flags,
and caused applications using NSS (e.g. Firefox) to have an executable
stack. This reduced the effectiveness of some defensive security
protections. This update fixes the problem.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-855-1 -- libhtml-parser-perl vulnerabilityUbuntu 6.06Ubuntu 8.04Ubuntu 8.10Ubuntu 9.04Ubuntu 9.10libhtml-parser-perlMark Martinec discovered that HTML::Parser incorrectly handled strings with incomplete entities.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-700-1 -- libarchive-tar-perl, perl vulnerabilitiesUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10libarchive-tar-perlperlJonathan Smith discovered that the Archive::Tar Perl module did not correctly handle symlinks when extracting archives.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-698-2 -- nagios3 vulnerabilitiesUbuntu 8.10nagios3It was discovered that Nagios was vulnerable to a Cross-site request forgery (CSRF) vulnerability.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-672-1 -- clamav vulnerabilityUbuntu 8.10clamavMoritz Jodeit discovered that ClamAV did not correctly handle certain strings when examining a VBA project.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-679-1 -- linux, linux-source-2.6.15/22 vulnerabilitiesUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10linuxlinux-backports-modules-2.6.15linux-backports-modules-2.6.22linux-backports-modules-2.6.24linux-backports-modules-2.6.27linux-restricted-moduleslinux-restricted-modules-2.6.15linux-restricted-modules-2.6.22linux-restricted-modules-2.6.24linux-source-2.6.15linux-source-2.6.22linux-ubuntu-modules-2.6.22linux-ubuntu-modules-2.6.24It was discovered that the Xen hypervisor block driver did not correctly validate requests.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-684-1 -- clamav vulnerabilityUbuntu 8.10clamavIlja van Sprundel discovered that ClamAV did not handle recursive JPEG information.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-692-1 -- ekg, libgadu vulnerabilityUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10ekglibgaduIt was discovered that the Gadu library, used by some Instant Messaging clients, did not correctly verify certain packet sizes from the server.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-680-1 -- samba vulnerabilityUbuntu 8.10sambaIt was discovered that Samba did not properly perform bounds checking in certain operations.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-678-1 -- gnutls12, gnutls13, gnutls26 vulnerabilityUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10gnutls12gnutls13gnutls26Martin von Gagern discovered that GnuTLS did not properly verify certificate chains when the last certificate in the chain was self-signed.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-686-1 -- awstats vulnerabilityUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10awstatsMorgan Todd discovered that AWStats did not correctly strip quotes from certain parameters, allowing for an XSS attack when running as a CGI.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-685-1 -- net-snmp vulnerabilitiesUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10net-snmpWes Hardaker discovered that the SNMP service did not correctly validate HMAC authentication requests.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-668-1 -- mozilla-thunderbird, thunderbird vulnerabilitiesUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10mozilla-thunderbirdthunderbirdGeorgi Guninski, Michal Zalewsk and Chris Evans discovered that the same-origin check in Thunderbird could be bypassed.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-673-1 -- libxml2 vulnerabilitiesUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10libxml2Drew Yao discovered that libxml2 did not correctly handle certain corrupt XML documents.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-678-2 -- gnutls12, gnutls13, gnutls26 regressionUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10gnutls12gnutls13gnutls26USN-678-1 fixed a vulnerability in GnuTLS.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-689-1 -- vinagre vulnerabilityUbuntu 8.04Ubuntu 8.10vinagreAlfredo Ortega discovered a flaw in Vinagre's use of format strings.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-666-1 -- dovecot vulnerabilityUbuntu 8.10dovecotIt was discovered that certain email headers were not correctly handled by Dovecot.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-696-1 -- avahi vulnerabilitiesUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10avahiEmanuele Aina discovered that Avahi did not properly validate it's input when processing data over D-Bus.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-695-1 -- shadow vulnerabilityUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10shadowPaul Szabo discovered a race condition in login.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-662-1 -- linux vulnerabilityUbuntu 8.10linuxIt was discovered that the Linux kernel could be made to hang temporarily when mounting corrupted ext2/3 filesystems.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-690-1 -- firefox-3.0, xulrunner-1.9 vulnerabilitiesUbuntu 8.04Ubuntu 8.10firefox-3.0xulrunner-1.9Several flaws were discovered in the browser engine.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-677-1 -- openoffice.org, openoffice.org-amd64 vulnerabilitiesUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10openoffice.orgopenoffice.org-amd64Multiple memory overflow flaws were discovered in OpenOffice.org's handling of WMF and EMF files.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-667-1 -- firefox, firefox-3.0, xulrunner-1.9 vulnerabilitiesUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10firefoxfirefox-3.0xulrunner-1.9Liu Die Yu discovered an information disclosure vulnerability in Firefox when using saved .url shortcut files.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-663-1 -- system-tools-backends regressionUbuntu 8.10system-tools-backendsIt was discovered that passwords changed (or new users created) via the "Users and Groups" tool were created with 3DES hashing.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-693-1 -- LittleCMS vulnerabilityUbuntu 7.10Ubuntu 8.04Ubuntu 8.10lcmsIt was discovered that certain gamma operations in lcms were not correctly bounds-checked.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-683-1 -- imlib2 vulnerabilityUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10imlib2It was discovered that Imlib2 did not correctly handle certain malformed XPM images.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-688-1 -- compiz-fusion-plugins-main vulnerabilityUbuntu 7.10Ubuntu 8.04Ubuntu 8.10compiz-fusion-plugins-mainIt was discovered that the Expo plugin for Compiz did not correctly restrict the screensaver window from being moved with the mouse.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-694-1 -- libvirt vulnerabilityUbuntu 7.10Ubuntu 8.04Ubuntu 8.10libvirtIt was discovered that libvirt did not mark certain operations as read-only.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-687-1 -- nfs-utils vulnerabilityUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10nfs-utilsIt was discovered that nfs-utils did not properly enforce netgroup restrictions when using TCP Wrappers.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-661-1 -- linux regressionUbuntu 8.10linuxprocpsVersion 2.6.27 of the Linux kernel changed the order of options in TCP headers.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-670-1 -- vm-builder vulnerabilityUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10shadowvm-builderMathias Gug discovered that vm-builder improperly set the root password when creating virtual machines.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-691-1 -- ruby1.9 vulnerabilityUbuntu 8.10ruby1.9Laurent Gaffie discovered that Ruby did not properly check for memory allocation failures.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-676-1 -- webkit vulnerabilityUbuntu 8.10webkitIt was discovered that WebKit did not properly handle Cascading Style Sheet s (CSS) import statements.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-660-1 -- enscript vulnerabilityUbuntu 6.06Ubuntu 7.10Ubuntu 8.04Ubuntu 8.10enscriptUlf HE4rnhammar discovered multiple stack overflows in enscript's handling of special escape arguments.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-782-1 -- thunderbird vulnerabilitiesUbuntu 8.10Ubuntu 8.04Ubuntu 9.04thunderbirdSeveral flaws were discovered in the JavaScript engine of Thunderbird. If a user had JavaScript enabled and were tricked into viewing malicious web content, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Several flaws were discovered in the way Thunderbird processed malformed URI schemes. If a user were tricked into viewing a malicious website and had JavaScript and plugins enabled, a remote attacker could execute arbitrary JavaScript or steal private data. Cefn Hoile discovered Thunderbird did not adequately protect against embedded third-party stylesheets. If JavaScript were enabled, an attacker could exploit this to perform script injection attacks using XBL bindings. Shuo Chen, Ziqing Mao, Yi-Min Wang, and Ming Zhang discovered that Thunderbird did not properly handle error responses when connecting to a proxy server. If a user had JavaScript enabled while using Thunderbird to view websites and a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. It was discovered that Thunderbird could be made to run scripts with elevated privileges. If a user had JavaScript enabled while having certain non-default add-ons installed and were tricked into viewing a malicious website, an attacker could cause a chrome privileged object, such as the browser sidebar, to run arbitrary code via interactions with the attacker controlled websiteSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-831-1 -- openexr vulnerabilitiesUbuntu 8.10Ubuntu 8.04Ubuntu 9.04openexrDrew Yao discovered several flaws in the way OpenEXR handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that OpenEXR did not properly handle certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.04 LTSSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-702-1 -- samba vulnerabilityUbuntu 8.10sambaSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-724-1 -- squid vulnerabilityUbuntu 8.10squidJoshua Morin, Mikko Varpiola and Jukka Taimisto discovered that Squid did not properly validate the HTTP version when processing requests. A remote attacker could exploit this to cause a denial of service .SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-812-1 -- subversion vulnerabilityUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10subversionMatt Lewis discovered that Subversion did not properly sanitize its input when processing svndiff streams, leading to various integer and heap overflows. If a user or automated system processed crafted input, a remote attacker could cause a denial of service or potentially execute arbitrary code as the user processing the input.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-705-1 -- ntp vulnerabilityUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10ntpIt was discovered that NTP did not properly perform signature verification. A remote attacker could exploit this to bypass certificate validation via a malformed SSL/TLS signature.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-722-1 -- sudo vulnerabilityUbuntu 8.10Ubuntu 8.04sudoHarald Koenig discovered that sudo did not correctly handle certain privilege changes when handling groups. If a local attacker belonged to a group included in a "RunAs" list in the /etc/sudoers file, that user could gain root privileges. This was not an issue for the default sudoers file shipped with Ubuntu.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-840-1 -- openoffice.org vulnerabilitiesUbuntu 8.10Ubuntu 8.04Ubuntu 9.04openoffice.orgDyon Balding discovered flaws in the way OpenOffice.org handled tables. If a user were tricked into opening a specially crafted Word document, a remote attacker might be able to execute arbitrary code with user privileges. A memory overflow flaw was discovered in OpenOffice.org�s handling of EMF files. If a user were tricked into opening a specially crafted document, a remote attacker might be able to execute arbitrary code with user privilegesSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-857-1 -- qt4-x11 vulnerabilitiesUbuntu 8.10Ubuntu 9.04qt4-x11It was discovered that QtWebKit did not properly handle certain SVGPathList data structures. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. Several flaws were discovered in the QtWebKit browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that QtWebKit did not properly handle certain XSL stylesheets. If a user were tricked into viewing a malicious website, an attacker could exploit this to read arbitrary local files, and possibly files from different security zones. It was discovered that QtWebKit did not prevent the loading of local Java applets. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the programSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-861-1 -- libvorbis vulnerabilitiesUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 9.04libvorbisIt was discovered that libvorbis did not correctly handle ogg files with underpopulated Huffman trees. If a user were tricked into opening a specially crafted ogg file with an application that uses libvorbis, an attacker could cause a denial of service. It was discovered that libvorbis did not correctly handle certain malformed ogg files. If a user were tricked into opening a specially crafted ogg file with an application that uses libvorbis, an attacker could cause a denial of service or possibly execute arbitrary code with the user�s privilegesSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-779-1 -- firefox-3.0, xulrunner-1.9 vulnerabilitiesUbuntu 8.10Ubuntu 8.04Ubuntu 9.04firefox-3.0xulrunner-1.9Several flaws were discovered in the browser and JavaScript engines of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Pavel Cvrcek discovered that Firefox would sometimes display certain invalid Unicode characters as whitespace. An attacker could exploit this to spoof the location bar, such as in a phishing attack. Gregory Fleischer, Adam Barth and Collin Jackson discovered that Firefox would allow access to local files from resources loaded via the file: protocol. If a user were tricked into downloading then opening a malicious file, an attacker could steal potentially sensitive information. Shuo Chen, Ziqing Mao, Yi-Min Wang, and Ming Zhang discovered that Firefox did not properly handle error responses when connecting to a proxy server. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. Wladimir Palant discovered Firefox did not check content-loading policies when loading external script files into XUL documents. As a result, Firefox might load malicious content under certain circumstances. It was discovered that Firefox could be made to run scripts with elevated privileges. If a user were tricked into viewing a malicious website, an attacker could cause a chrome privileged object, such as the browser sidebar, to run arbitrary code via interactions with the attacker controlled websiteSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-799-1 -- dbus vulnerabilityUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10dbusIt was discovered that the D-Bus library did not correctly validate signatures. If a local user sent a specially crafted D-Bus key, they could spoof a valid signature and bypass security policies.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-704-1 -- openssl vulnerabilityUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10opensslIt was discovered that OpenSSL did not properly perform signature verification on DSA and ECDSA keys. If user or automated system connected to a malicious server or a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-827-1 -- dnsmasq vulnerabilitiesUbuntu 8.10Ubuntu 8.04Ubuntu 9.04dnsmasqIvAin Arce, Pablo HernAin Jorge, Alejandro Pablo Rodriguez, MartA­n Coco, Alberto SoliAto Testa and Pablo Annetta discovered that Dnsmasq did not properly validate its input when processing TFTP requests for files with long names. A remote attacker could cause a denial of service or execute arbitrary code with user privileges. Dnsmasq runs as the "dnsmasq" user by default on Ubuntu. Steve Grubb discovered that Dnsmasq could be made to dereference a NULL pointer when processing certain TFTP requests. A remote attacker could cause a denial of service by sending a crafted TFTP requestSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-754-1 -- clamav vulnerabilitiesUbuntu 8.10clamavIt was discovered that ClamAV did not properly verify its input when processing TAR archives. A remote attacker could send a specially crafted TAR file and cause a denial of service via infinite loop. It was discovered that ClamAV did not properly validate Portable Executable files. A remote attacker could send a crafted PE file and cause a denial of service .SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-723-1 -- git-core vulnerabilitiesUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10git-coreIt was discovered that Git did not properly handle long file paths. If a user were tricked into performing commands on a specially crafted Git repository, an attacker could possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that the Git web interface did not correctly handle shell metacharacters when processing certain commands. A remote attacker could send specially crafted commands to the Git server and execute arbitrary code with the privileges of the Git web server. This issue only applied to Ubuntu 7.10 and 8.04 LTS. It was discovered that the Git web interface did not properly restrict the diff.external configuration parameter. A local attacker could exploit this issue and execute arbitrary code with the privileges of the Git web server. This issue only applied to Ubuntu 8.04 LTS and 8.10SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-742-1 -- jasper vulnerabilitiesUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10jasperIt was discovered that JasPer did not correctly handle memory allocation when parsing certain malformed JPEG2000 images. If a user were tricked into opening a specially crafted image with an application that uses libjasper, an attacker could cause a denial of service and possibly execute arbitrary code with the user�s privileges. It was discovered that JasPer created temporary files in an insecure way. Local users could exploit a race condition and cause a denial of service in libjasper applications. It was discovered that JasPer did not correctly handle certain formatting operations. If a user were tricked into opening a specially crafted image with an application that uses libjasper, an attacker could cause a denial of service and possibly execute arbitrary code with the user�s privilegesSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-854-1 -- libgd2 vulnerabilitiesUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 6.06Ubuntu 9.04libgd2Tomas Hoger discovered that the GD library did not properly handle the number of colors in certain malformed GD images. If a user or automated system were tricked into processing a specially crafted GD image, an attacker could cause a denial of service or possibly execute arbitrary code. It was discovered that the GD library did not properly handle incorrect color indexes. An attacker could send specially crafted input to applications linked against libgd2 and cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 6.06 LTS. It was discovered that the GD library did not properly handle certain malformed GIF images. If a user or automated system were tricked into processing a specially crafted GIF image, an attacker could cause a denial of service. This issue only affected Ubuntu 6.06 LTS. It was discovered that the GD library did not properly handle large angle degree values. An attacker could send specially crafted input to applications linked against libgd2 and cause a denial of service. This issue only affected Ubuntu 6.06 LTSSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-800-1 -- irssi vulnerabilityUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10irssiIt was discovered that irssi did not properly check the length of strings when processing WALLOPS messages. If a user connected to an IRC network where an attacker had IRC operator privileges, a remote attacker could cause a denial of service.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-859-1 -- openjdk-6 vulnerabilitiesUbuntu 8.10Ubuntu 9.10Ubuntu 9.04openjdk-6Dan Kaminsky discovered that SSL certificates signed with MD2 could be spoofed given enough time. As a result, an attacker could potentially create a malicious trusted certificate to impersonate another site. This update handles this issue by completely disabling MD2 for certificate validation in OpenJDK. It was discovered that ICC profiles could be identified with ".." pathnames. If a user were tricked into running a specially crafted applet, a remote attacker could gain information about a local system. Peter Vreugdenhil discovered multiple flaws in the processing of graphics in the AWT library. If a user were tricked into running a specially crafted applet, a remote attacker could crash the application or run arbitrary code with user privileges. Multiple flaws were discovered in JPEG and BMP image handling. If a user were tricked into loading a specially crafted image, a remote attacker could crash the application or run arbitrary code with user privileges. Coda Hale discovered that HMAC-based signatures were not correctly validated. Remote attackers could bypass certain forms of authentication, granting unexpected access. Multiple flaws were discovered in ASN.1 parsing. A remote attacker could send a specially crafted HTTP stream that would exhaust system memory and lead to a denial of service. It was discovered that the graphics configuration subsystem did not correctly handle arrays. If a user were tricked into running a specially crafted applet, a remote attacker could exploit this to crash the application or execute arbitrary code with user privileges. It was discovered that loggers and Swing did not correctly handle certain sensitive objects. If a user were tricked into running a specially crafted applet, private information could be leaked to a remote attacker, leading to a loss of privacy. It was discovered that the ClassLoader did not correctly handle certain options. If a user were tricked into running a specially crafted applet, a remote attacker could execute arbitrary code with user privileges. It was discovered that time zone file loading could be used to determine the existence of files on the local system. If a user were tricked into running a specially crafted applet, private information could be leaked to a remote attacker, leading to a loss of privacySecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-870-1 -- pygresql vulnerabilityUbuntu 8.10Ubuntu 8.04pygresqlSteffen Joeris discovered that PyGreSQL 3.8 did not use PostgreSQL�s safe string and bytea functions in its own escaping functions. As a result, applications written to use PyGreSQL�s escaping functions are vulnerable to SQL injections when processing certain multi-byte character sequences. Because the safe functions require a database connection, to maintain backwards compatibility, pg.escape_string and pg.escape_bytea are still available, but applications will have to be adjusted to use the new pyobj.escape_string and pyobj.escape_bytea functions. For example, code containing: import pg connection = pg.connect escaped = pg.escape_string should be adjusted to use: import pg connection = pg.connect escaped = connection.escape_stringSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-817-1 -- thunderbird vulnerabilitiesUbuntu 8.10Ubuntu 8.04Ubuntu 9.04thunderbirdSeveral flaws were discovered in the rendering engine of Thunderbird. If Javascript were enabled, an attacker could exploit these flaws to crash Thunderbird.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDUSN-739-1 -- amarok vulnerabilitiesUbuntu 7.10Ubuntu 8.10Ubuntu 8.04amarokIt was discovered that Amarok did not correctly handle certain malformed tags in Audible Audio files. If a user were tricked into opening a crafted Audible Audio file, an attacker could execute arbitrary code with the privileges of the user invoking the program.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-760-1 -- cups, cupsys vulnerabilityUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10cupscupsysIt was discovered that CUPS did not properly check the height of TIFF images. If a user or automated system were tricked into opening a crafted TIFF image file, a remote attacker could cause a denial of service or possibly execute arbitrary code with user privileges. In Ubuntu 7.10, 8.04 LTS, and 8.10, attackers would be isolated by the AppArmor CUPS profile.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-816-1 -- fetchmail vulnerabilityUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10fetchmailMoxie Marlinspike discovered that fetchmail did not properly handle certificates with NULL characters in the certificate name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-792-1 -- openssl vulnerabilitiesUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10opensslIt was discovered that OpenSSL did not limit the number of DTLS records it would buffer when they arrived with a future epoch. A remote attacker could cause a denial of service via memory resource consumption by sending a large number of crafted requests. It was discovered that OpenSSL did not properly free memory when processing DTLS fragments. A remote attacker could cause a denial of service via memory resource consumption by sending a large number of crafted requests. It was discovered that OpenSSL did not properly handle certain server certificates when processing DTLS packets. A remote DTLS server could cause a denial of service by sending a message containing a specially crafted server certificate. It was discovered that OpenSSL did not properly handle a DTLS ChangeCipherSpec packet when it occured before ClientHello. A remote attacker could cause a denial of service by sending a specially crafted request. It was discovered that OpenSSL did not properly handle out of sequence DTLS handshake messages. A remote attacker could cause a denial of service by sending a specially crafted requestSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-813-1 -- apr vulnerabilityUbuntu 8.10Ubuntu 8.04Ubuntu 9.04aprMatt Lewis discovered that apr did not properly sanitize its input when allocating memory. If an application using apr processed crafted input, a remote attacker could cause a denial of service or potentially execute arbitrary code as the user invoking the application.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-815-1 -- libxml2 vulnerabilitiesUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10libxml2It was discovered that libxml2 did not correctly handle root XML document element DTD definitions. If a user were tricked into processing a specially crafted XML document, a remote attacker could cause the application linked against libxml2 to crash, leading to a denial of service. It was discovered that libxml2 did not correctly parse Notation and Enumeration attribute types. If a user were tricked into processing a specially crafted XML document, a remote attacker could cause the application linked against libxml2 to crash, leading to a denial of service. USN-644-1 fixed a vulnerability in libxml2. This advisory provides the corresponding update for Ubuntu 9.04. Original advisory details: It was discovered that libxml2 did not correctly handle long entity names. If a user were tricked into processing a specially crafted XML document, a remote attacker could execute arbitrary code with user privileges or cause the application linked against libxml2 to crash, leading to a denial of serviceSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-785-1 -- ipsec-tools vulnerabilitiesUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10ipsec-toolsIt was discovered that ipsec-tools did not properly handle certain fragmented packets. A remote attacker could send specially crafted packets to the server and cause a denial of service. It was discovered that ipsec-tools did not properly handle memory usage when verifying certificate signatures or processing nat-traversal keep-alive messages. A remote attacker could send specially crafted packets to the server and exhaust available memory, leading to a denial of serviceSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-738-1 -- glib2.0 vulnerabilityUbuntu 7.10Ubuntu 8.10Ubuntu 8.04glib2.0Diego Petten discovered that the Base64 encoding functions in GLib did not properly handle large strings. If a user or automated system were tricked into processing a crafted Base64 string, an attacker could possibly execute arbitrary code with the privileges of the user invoking the program.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-871-2 -- kde4libs vulnerabilitiesUbuntu 8.10Ubuntu 9.10Ubuntu 9.04kde4libsUSN-871-1 fixed vulnerabilities in KDE. This update provides the corresponding updates for KDE 4. This update also fixes a directory traversal flaw in KDE when processing help:// URLs. This issue only affected Ubuntu 8.10. Original advisory details: It was discovered that the KDE libraries could use KHTML to process an unknown MIME type. If a user or application linked against kdelibs were tricked into opening a crafted file, an attacker could potentially trigger XMLHTTPRequests to remote sites.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDUSN-826-1 -- mono vulnerabilitiesUbuntu 8.10Ubuntu 8.04Ubuntu 9.04monoIt was discovered that the XML HMAC signature system did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation. It was discovered that Mono did not properly escape certain attributes in the ASP.net class libraries which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain. This issue only affected Ubuntu 8.04 LTS. It was discovered that Mono did not properly filter CRLF injections in the query string. If a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, steal confidential data, or perform cross-site request forgeries. This issue only affected Ubuntu 8.04 LTSSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-755-1 -- krb5 vulnerabilitiesUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10krb5Multiple flaws were discovered in the Kerberos GSS-API and ASN.1 routines that did not correctly handle certain requests. An unauthenticated remote attacker could send specially crafted traffic to crash services using the Kerberos library, leading to a denial of service.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-707-1 -- cups, cupsys vulnerabilitiesUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10cupscupsysIt was discovered that CUPS didn�t properly handle adding a large number of RSS subscriptions. A local user could exploit this and cause CUPS to crash, leading to a denial of service. This issue only applied to Ubuntu 7.10, 8.04 LTS and 8.10. It was discovered that CUPS did not authenticate users when adding and cancelling RSS subscriptions. An unprivileged local user could bypass intended restrictions and add a large number of RSS subscriptions. This issue only applied to Ubuntu 7.10 and 8.04 LTS. It was discovered that the PNG filter in CUPS did not properly handle certain malformed images. If a user or automated system were tricked into opening a crafted PNG image file, a remote attacker could cause a denial of service or execute arbitrary code with user privileges. In Ubuntu 7.10, 8.04 LTS, and 8.10, attackers would be isolated by the AppArmor CUPS profile. It was discovered that the example pstopdf CUPS filter created log files in an insecure way. Local users could exploit a race condition to create or overwrite files with the privileges of the user invoking the program. This issue only applied to Ubuntu 6.06 LTS, 7.10, and 8.04 LTSSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-784-1 -- imagemagick vulnerabilityUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10imagemagickIt was discovered that ImageMagick did not properly verify the dimensions of TIFF files. If a user or automated system were tricked into opening a crafted TIFF file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-822-1 -- kde4libs, kdelibs vulnerabilitiesUbuntu 8.10Ubuntu 8.04Ubuntu 9.04kde4libskdelibsIt was discovered that KDE-Libs did not properly handle certain malformed SVG images. If a user were tricked into opening a specially crafted SVG image, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 9.04. It was discovered that the KDE JavaScript garbage collector did not properly handle memory allocation failures. If a user were tricked into viewing a malicious website, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that KDE-Libs did not properly handle HTML content in the head element. If a user were tricked into viewing a malicious website, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that KDE-Libs did not properly handle the Cascading Style Sheets attr function call. If a user were tricked into viewing a malicious website, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the programSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-780-1 -- cups, cupsys vulnerabilityUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10cupscupsysAnibal Sacco discovered that CUPS did not properly handle certain network operations. A remote attacker could exploit this flaw and cause the CUPS server to crash, resulting in a denial of service.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-759-1 -- poppler vulnerabilitiesUbuntu 8.04Ubuntu 6.06Ubuntu 8.10popplerWill Dormann, Alin Rad Pop, Braden Thomas, and Drew Yao discovered that poppler contained multiple security issues in its JBIG2 decoder. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-743-1 -- ghostscript, gs-gpl vulnerabilitiesUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10ghostscriptgs-gplIt was discovered that Ghostscript contained multiple integer overflows in its ICC color management library. If a user or automated system were tricked into opening a crafted Postscript file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. It was discovered that Ghostscript did not properly perform bounds checking in its ICC color management library. If a user or automated system were tricked into opening a crafted Postscript file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the programSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-758-1 -- udev vulnerabilitiesUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10udevSebastian Krahmer discovered that udev did not correctly validate netlink message senders. A local attacker could send specially crafted messages to udev in order to gain root privileges. Sebastian Krahmer discovered a buffer overflow in the path encoding routines in udev. A local attacker could exploit this to crash udev, leading to a denial of serviceSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-710-1 -- xine-lib vulnerabilitiesUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10xine-libIt was discovered that xine-lib did not correctly handle certain malformed Ogg and Windows Media files. If a user or automated system were tricked into opening a specially crafted Ogg or Windows Media file, an attacker could cause xine-lib to crash, creating a denial of service. This issue only applied to Ubuntu 6.06 LTS, 7.10, and 8.04 LTS. It was discovered that the MNG, MOD, and Real demuxers in xine-lib did not correctly handle memory allocation failures. If a user or automated system were tricked into opening a specially crafted MNG, MOD, or Real file, an attacker could crash xine-lib or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only applied to Ubuntu 6.06 LTS, 7.10, and 8.04 LTS. It was discovered that the QT demuxer in xine-lib did not correctly handle an invalid metadata atom size, resulting in a heap-based buffer overflow. If a user or automated system were tricked into opening a specially crafted MOV file, an attacker could execute arbitrary code as the user invoking the program. It was discovered that the Real, RealAudio, and Matroska demuxers in xine-lib did not correctly handle malformed files, resulting in heap-based buffer overflows. If a user or automated system were tricked into opening a specially crafted Real, RealAudio, or Matroska file, an attacker could execute arbitrary code as the user invoking the program. It was discovered that the MNG and QT demuxers in xine-lib did not correctly handle malformed files, resulting in integer overflows. If a user or automated system were tricked into opening a specially crafted MNG or MOV file, an attacker could execute arbitrary code as the user invoking the program. It was discovered that the Matroska, MOD, Real, and Real Audio demuxers in xine-lib did not correctly handle malformed files, resulting in integer overflows. If a user or automated system were tricked into opening a specially crafted Matroska, MOD, Real, or Real Audio file, an attacker could execute arbitrary code as the user invoking the program. This issue only applied to Ubuntu 6.06 LTS, 7.10, and 8.04 LTS. It was discovered that the input handlers in xine-lib did not correctly handle certain error codes, resulting in out-of-bounds reads and heap-based buffer overflows. If a user or automated system were tricked into opening a specially crafted file, stream, or URL, an attacker could execute arbitrary code as the user invoking the program. It was discovered that the Matroska and Real demuxers in xine-lib did not correctly handle memory allocation failures. If a user or automated system were tricked into opening a specially crafted Matroska or Real file, an attacker could crash xine-lib or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that the QT demuxer in xine-lib did not correctly handle an invalid metadata atom size in a compressed MOV file, resulting in an integer underflow. If a user or automated system were tricked into opening a specially crafted MOV file, an attacker could an attacker could cause xine-lib to crash, creating a denial of service. It was discovered that the Real demuxer in xine-lib did not correctly handle certain malformed files. If a user or automated system were tricked into opening a specially crafted Real file, an attacker could could cause xine-lib to crash, creating a denial of service. It was discovered that xine-lib did not correctly handle certain malformed AAC files. If a user or automated system were tricked into opening a specially crafted AAC file, an attacker could could cause xine-lib to crash, creating a denial of service. This issue only applied to Ubuntu 7.10, and 8.04 LTS. It was discovered that the id3 tag handler in xine-lib did not correctly handle malformed tags, resulting in heap-based buffer overflows. If a user or automated system were tricked into opening a media file containing a specially crafted id3 tag, an attacker could execute arbitrary code as the user invoking the program. This issue only applied to Ubuntu 6.06 LTS, 7.10, and 8.04 LTS. It was discovered that xine-lib did not correctly handle MP3 files with metadata consisting only of separators. If a user or automated system were tricked into opening a specially crafted MP3 file, an attacker could could cause xine-lib to crash, creating a denial of service. This issue only applied to Ubuntu 6.06 LTS, 7.10, and 8.04 LTS. It was discovered that the Matroska demuxer in xine-lib did not correctly handle an invalid track type. If a user or automated system were tricked into opening a specially crafted Matroska file, an attacker could could cause xine-lib to crash, creating a denial of service. It was discovered that the ffmpeg video decoder in xine-lib did not correctly handle media with certain image heights, resulting in a heap-based buffer overflow. If a user or automated system were tricked into opening a specially crafted video file, an attacker could crash xine-lib or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only applied to Ubuntu 7.10, 8.04 LTS, and 8.10. It was discovered that the ffmpeg audio decoder in xine-lib did not correctly handle malformed media, resulting in a integer overflow. If a user or automated system were tricked into opening a specially crafted media file, an attacker could crash xine-lib or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only applied to Ubuntu 8.10.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-810-1 -- nss vulnerabilitiesUbuntu 8.10Ubuntu 8.04Ubuntu 9.04nssMoxie Marlinspike discovered that NSS did not properly handle regular expressions in certificate names. A remote attacker could create a specially crafted certificate to cause a denial of service or execute arbitrary code as the user invoking the program. Moxie Marlinspike and Dan Kaminsky independently discovered that NSS did not properly handle certificates with NULL characters in the certificate name. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. Dan Kaminsky discovered NSS would still accept certificates with MD2 hash signatures. As a result, an attacker could potentially create a malicious trusted certificate to impersonate another siteSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-820-1 -- pidgin vulnerabilityUbuntu 8.10Ubuntu 8.04Ubuntu 9.04pidginFederico Muttis discovered that Pidgin did not properly handle certain malformed messages in the MSN protocol handler. A remote attacker could send a specially crafted message and possibly execute arbitrary code with user privileges.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-727-1 -- network-manager-applet vulnerabilitiesUbuntu 7.10Ubuntu 8.10Ubuntu 8.04network-manager-appletIt was discovered that network-manager-applet did not properly enforce permissions when responding to dbus requests. A local user could perform dbus queries to view other users" network connection passwords and pre-shared keys. It was discovered that network-manager-applet did not properly enforce permissions when responding to dbus modify and delete requests. A local user could use dbus to modify or delete other users" network connections. This issue only applied to Ubuntu 8.10SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-790-1 -- cyrus-sasl2 vulnerabilityUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10cyrus-sasl2James Ralston discovered that the Cyrus SASL base64 encoding function could be used unsafely. If a remote attacker sent a specially crafted request to a service that used SASL, it could lead to a loss of privacy, or crash the application, resulting in a denial of service.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-773-1 -- pango1.0 vulnerabilityUbuntu 8.04Ubuntu 6.06Ubuntu 8.10pango1.0Will Drewry discovered that Pango incorrectly handled rendering text with long glyphstrings. If a user were tricked into displaying specially crafted data with applications linked against Pango, such as Firefox, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-825-1 -- libvorbis vulnerabilityUbuntu 8.10Ubuntu 8.04Ubuntu 9.04libvorbisIt was discovered that libvorbis did not correctly handle certain malformed ogg files. If a user were tricked into opening a specially crafted ogg file with an application that uses libvorbis, an attacker could execute arbitrary code with the user�s privileges. USN-682-1 provided updated libvorbis packages to fix multiple security vulnerabilities. The upstream security patch to fix CVE-2008-1420 introduced a regression when reading sound files encoded with libvorbis 1.0beta1. This update corrects the problem. Original advisory details: It was discovered that libvorbis did not correctly handle certain malformed sound files. If a user were tricked into opening a specially crafted sound file with an application that uses libvorbis, an attacker could execute arbitrary code with the user�s privilegesSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-839-1 -- samba vulnerabilitiesUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10sambaJ. David Hester discovered that Samba incorrectly handled users that lack home directories when the automated [homes] share is enabled. An authenticated user could connect to that share name and gain access to the whole filesystem. Tim Prouty discovered that the smbd daemon in Samba incorrectly handled certain unexpected network replies. A remote attacker could send malicious replies to the server and cause smbd to use all available CPU, leading to a denial of service. Ronald Volgers discovered that the mount.cifs utility, when installed as a setuid program, would not verify user permissions before opening a credentials file. A local user could exploit this to use or read the contents of unauthorized credential files. Reinhard Nißl discovered that the smbclient utility contained format string vulnerabilities in its file name handling. Because of security features in Ubuntu, exploitation of this vulnerability is limited. If a user or automated system were tricked into processing a specially crafted file name, smbclient could be made to crash, possibly leading to a denial of service. This only affected Ubuntu 8.10. Jeremy Allison discovered that the smbd daemon in Samba incorrectly handled permissions to modify access control lists when dos filemode is enabled. A remote attacker could exploit this to modify access control lists. This only affected Ubuntu 8.10 and Ubuntu 9.04SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-814-1 -- openjdk-6 vulnerabilitiesUbuntu 8.10Ubuntu 9.04openjdk-6It was discovered that the XML HMAC signature system did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation. It was discovered that certain variables could leak information. If a user were tricked into running a malicious Java applet, a remote attacker could exploit this gain access to private information and potentially run untrusted code. A flaw was discovered the OpenType checking. If a user were tricked into running a malicious Java applet, a remote attacker could bypass access restrictions. It was discovered that the XML processor did not correctly check recursion. If a user or automated system were tricked into processing a specially crafted XML, the system could crash, leading to a denial of service. It was discovered that the Java audio subsystem did not correctly validate certain parameters. If a user were tricked into running an untrusted applet, a remote attacker could read system properties. Multiple flaws were discovered in the proxy subsystem. If a user were tricked into running an untrusted applet, a remote attacker could discover local user names, obtain access to sensitive information, or bypass socket restrictions, leading to a loss of privacy. Flaws were discovered in the handling of JPEG images, Unpack200 archives, and JDK13Services. If a user were tricked into running an untrusted applet, a remote attacker could load a specially crafted file that would bypass local file access protections and run arbitrary code with user privilegesSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-729-1 -- python-crypto vulnerabilityUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10python-cryptoMike Wiacek discovered that the ARC2 implementation in Python Crypto did not correctly check the key length. If a user or automated system were tricked into processing a malicious ARC2 stream, a remote attacker could execute arbitrary code or crash the application using Python Crypto, leading to a denial of service.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-774-1 -- moin vulnerabilityUbuntu 8.10Ubuntu 9.04moinIt was discovered that MoinMoin did not properly sanitize its input when attaching files, resulting in cross-site scripting vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-721-1 -- fglrx-installer vulnerabilityUbuntu 8.10fglrx-installerMarko Lindqvist discovered that the fglrx installer created an unsafe LD_LIBRARY_PATH on 64bit systems. If a user were tricked into downloading specially crafted libraries and running commands in the same directory, a remote attacker could execute arbitrary code with user privileges.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDUSN-778-1 -- cron vulnerabilityUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10cronIt was discovered that cron did not properly check the return code of the setgid and initgroups system calls. A local attacker could use this to escalate group privileges. Please note that cron versions 3.0pl1-64 and later were already patched to address the more serious setuid check referred to by CVE-2006-2607.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-726-1 -- curl vulnerabilityUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10curlIt was discovered that curl did not enforce any restrictions when following URL redirects. If a user or automated system were tricked into opening a URL to an untrusted server, an attacker could use redirects to gain access to abitrary files. This update changes curl behavior to prevent following "file" URLs after a redirect.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-809-1 -- gnutls12, gnutls13, gnutls26 vulnerabilitiesUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10gnutls12gnutls13gnutls26Moxie Marlinspike and Dan Kaminsky independently discovered that GnuTLS did not properly handle certificates with NULL characters in the certificate name. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. Dan Kaminsky discovered GnuTLS would still accept certificates with MD2 hash signatures. As a result, an attacker could potentially create a malicious trusted certificate to impersonate another site. This issue only affected Ubuntu 6.06 LTS and Ubuntu 8.10. USN-678-1 fixed a vulnerability and USN-678-2 a regression in GnuTLS. The upstream patches introduced a regression when validating certain certificate chains that would report valid certificates as untrusted. This update fixes the problem, and only affected Ubuntu 6.06 LTS and Ubuntu 8.10 . In an effort to maintain a strong security stance and address all known regressions, this update deprecates X.509 validation chains using MD2 and MD5 signatures. To accomodate sites which must still use a deprected RSA-MD5 certificate, GnuTLS has been updated to stop looking when it has found a trusted intermediary certificate. This new handling of intermediary certificates is in accordance with other SSL implementations. Original advisory details: Martin von Gagern discovered that GnuTLS did not properly verify certificate chains when the last certificate in the chain was self-signed. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive informationSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-736-1 -- gst-plugins-good0.10 vulnerabilitiesUbuntu 7.10Ubuntu 8.10Ubuntu 8.04gst-plugins-good0.10It was discovered that GStreamer Good Plugins did not correctly handle malformed Composition Time To Sample atom data in Quicktime movie files. If a user were tricked into opening a crafted mov file, an attacker could execute arbitrary code with the privileges of the user invoking the program. It was discovered that GStreamer Good Plugins did not correctly handle malformed Sync Sample atom data in Quicktime movie files. If a user were tricked into opening a crafted mov file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that GStreamer Good Plugins did not correctly handle malformed Time-to-sample atom data in Quicktime movie files. If a user were tricked into opening a crafted mov file, an attacker could execute arbitrary code with the privileges of the user invoking the programSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-819-1 -- linux, linux-source-2.6.15 vulnerabilityUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10linuxlinux-source-2.6.15Tavis Ormandy and Julien Tinnes discovered that Linux did not correctly initialize certain socket operation function pointers. A local attacker could exploit this to gain root privileges. By default, Ubuntu 8.04 and later with a non-zero /proc/sys/vm/mmap_min_addr setting were not vulnerable.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-745-1 -- firefox, firefox-3.0, xulrunner-1.9 vulnerabilitiesUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10firefoxfirefox-3.0xulrunner-1.9It was discovered that Firefox did not properly perform XUL garbage collection. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.04 LTS and 8.10. A flaw was discovered in the way Firefox performed XSLT transformations. If a user were tricked into opening a crafted XSL stylesheet, an attacker could cause a denial of service or execute arbitrary code with the privileges of the user invoking the programSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-842-1 -- wget vulnerabilityUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10wgetIt was discovered that Wget did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-787-1 -- apache2 vulnerabilitiesUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10apache2Matthew Palmer discovered an underflow flaw in apr-util as included in Apache. An attacker could cause a denial of service via application crash in Apache using a crafted SVNMasterURI directive, .htaccess file, or when using mod_apreq2. This issue only affected Ubuntu 6.06 LTS. Sander de Boer discovered that mod_proxy_ajp would reuse connections when a client closed a connection without sending a request body. A remote attacker could exploit this to obtain sensitive response data. This issue only affected Ubuntu 9.04. Jonathan Peatfield discovered that Apache did not process Includes options correctly. With certain configurations of Options and AllowOverride, a local attacker could use an .htaccess file to override intended restrictions and execute arbitrary code via a Server-Side-Include file. This issue affected Ubuntu 8.04 LTS, 8.10 and 9.04. It was discovered that the XML parser did not properly handle entity expansion. A remote attacker could cause a denial of service via memory resource consumption by sending a crafted request to an Apache server configured to use mod_dav or mod_dav_svn. This issue only affected Ubuntu 6.06 LTS. C. Michael Pilato discovered an off-by-one buffer overflow in apr-util when formatting certain strings. For big-endian machines, a remote attacker could cause a denial of service or information disclosure leak. All other architectures for Ubuntu are not considered to be at risk. This issue only affected Ubuntu 6.06 LTSSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-833-1 -- kde4libs, kdelibs vulnerabilityUbuntu 8.10Ubuntu 8.04Ubuntu 9.04kde4libskdelibsIt was discovered that KDE did not properly handle certificates with NULL characters in the Subject Alternative Name field of X.509 certificates. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-717-1 -- firefox-3.0, xulrunner-1.9 vulnerabilitiesUbuntu 8.10Ubuntu 8.04firefox-3.0xulrunner-1.9Several flaws were discovered in the browser engine. These problems could allow an attacker to crash the browser and possibly execute arbitrary code with user privileges. A flaw was discovered in the JavaScript engine. An attacker could bypass the same-origin policy in Firefox by utilizing a chrome XBL method and execute arbitrary JavaScript within the context of another website. A flaw was discovered in the browser engine when restoring closed tabs. If a user were tricked into restoring a tab to a malicious website with form input controls, an attacker could steal local files on the user�s system. Wladimir Palant discovered that Firefox did not restrict access to cookies in HTTP response headers. If a user were tricked into opening a malicious web page, a remote attacker could view sensitive information. Paul Nel discovered that Firefox did not honor certain Cache-Control HTTP directives. A local attacker could exploit this to view private data in improperly cached pages of another userSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-719-1 -- libpam-krb5 vulnerabilitiesUbuntu 8.10Ubuntu 8.04libpam-krb5It was discovered that pam_krb5 parsed environment variables when run with setuid applications. A local attacker could exploit this flaw to bypass authentication checks and gain root privileges. Derek Chan discovered that pam_krb5 incorrectly handled refreshing existing credentials when used with setuid applications. A local attacker could exploit this to create or overwrite arbitrary files, and possibly gain root privilegesSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-750-1 -- openssl vulnerabilityUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10opensslIt was discovered that OpenSSL did not properly validate the length of an encoded BMPString or UniversalString when printing ASN.1 strings. If a user or automated system were tricked into processing a crafted certificate, an attacker could cause a denial of service via application crash in applications linked against OpenSSL.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-767-1 -- freetype vulnerabilityUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10freetypeTavis Ormandy discovered that FreeType did not correctly handle certain large values in font files. If a user were tricked into using a specially crafted font file, a remote attacker could execute arbitrary code with user privileges.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-747-1 -- icu vulnerabilityUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10icuIt was discovered that libicu did not correctly handle certain invalid encoded data. If a user or automated system were tricked into processing specially crafted data with applications linked against libicu, certain content filters could be bypassed.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-835-1 -- neon, neon27 vulnerabilitiesUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10neonneon27Joe Orton discovered that neon did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-728-1 -- firefox-3.0, xulrunner-1.9 vulnerabilitiesUbuntu 8.10Ubuntu 8.04firefox-3.0xulrunner-1.9Glenn Randers-Pehrson discovered that the embedded libpng in Firefox did not properly initialize pointers. If a user were tricked into viewing a malicious website with a crafted PNG file, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Martijn Wargers, Jesse Ruderman, Josh Soref, Gary Kwong, and Timothee Groleau discovered flaws in the browser engine. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. A flaw was discovered in Firefox�s garbage collection process. Under certain circumstances a remote attacker could exploit this to cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Georgi Guninski discovered a flaw when Firefox performed a cross-domain redirect. An attacker could bypass the same-origin policy in Firefox by utilizing nsIRDFService and steal private data from users authenticated to the redirected website. Masahiro Yamada discovered that Firefox did not display control characters in the location bar. An attacker could exploit this to spoof the location bar, such as in a phishing attackSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-804-1 -- pulseaudio vulnerabilityUbuntu 8.10Ubuntu 8.04Ubuntu 9.04pulseaudioTavis Ormandy and Yorick Koster discovered that PulseAudio did not safely re-execute itself. A local attacker could exploit this to gain root privileges.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-788-1 -- tomcat6 vulnerabilitiesUbuntu 8.10Ubuntu 9.04tomcat6Iida Minehiko discovered that Tomcat did not properly normalise paths. A remote attacker could send specially crafted requests to the server and bypass security restrictions, gaining access to sensitive content. Yoshihito Fukuyama discovered that Tomcat did not properly handle errors when the Java AJP connector and mod_jk load balancing are used. A remote attacker could send specially crafted requests containing invalid headers to the server and cause a temporary denial of service. D. Matscheko and T. Hackner discovered that Tomcat did not properly handle malformed URL encoding of passwords when FORM authentication is used. A remote attacker could exploit this in order to enumerate valid usernames. Deniz Cevik discovered that Tomcat did not properly escape certain parameters in the example calendar application which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain. Philippe Prados discovered that Tomcat allowed web applications to replace the XML parser used by other web applications. Local users could exploit this to bypass security restrictions and gain access to certain sensitive filesSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-810-2 -- nspr updateUbuntu 8.10Ubuntu 8.04Ubuntu 9.04nsprUSN-810-1 fixed vulnerabilities in NSS. This update provides the NSPR needed to use the new NSS. Original advisory details: Moxie Marlinspike discovered that NSS did not properly handle regular expressions in certificate names. A remote attacker could create a specially crafted certificate to cause a denial of service or execute arbitrary code as the user invoking the program. Moxie Marlinspike and Dan Kaminsky independently discovered that NSS did not properly handle certificates with NULL characters in the certificate name. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. Dan Kaminsky discovered NSS would still accept certificates with MD2 hash signatures. As a result, an attacker could potentially create a malicious trusted certificate to impersonate another siteSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-756-1 -- clamav vulnerabilityUbuntu 8.10clamavIt was discovered that ClamAV did not properly verify buffers when processing Upack files. A remote attacker could send a crafted file and cause a denial of service via application crash.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDUSN-848-1 -- zope3 vulnerabilitiesUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10zope3It was discovered that the Zope Object Database database server improperly filtered certain commands when a database is shared among multiple applications or application instances. A remote attacker could send malicious commands to the server and execute arbitrary code. It was discovered that the Zope Object Database database server did not handle authentication properly when a database is shared among multiple applications or application instances. A remote attacker could use this flaw to bypass security restrictions. It was discovered that Zope did not limit the number of new object ids a client could request. A remote attacker could use this flaw to consume a huge amount of resources, leading to a denial of serviceSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-761-1 -- php5 vulnerabilitiesUbuntu 8.04Ubuntu 6.06Ubuntu 8.10php5It was discovered that PHP did not sanitize certain error messages when display_errors is enabled, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain. It was discovered that PHP did not properly handle the mbstring.func_overload setting within .htaccess files when using virtual hosts. A virtual host administrator could use this flaw to cause settings to be applied to other virtual hosts on the same server. It was discovered that PHP did not properly handle certain malformed strings when being parsed by the json_decode function. A remote attacker could exploit this flaw and cause the PHP server to crash, resulting in a denial of service. This issue only affected Ubuntu 8.04 and 8.10SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-849-1 -- libsndfile vulnerabilitiesUbuntu 8.10Ubuntu 8.04Ubuntu 9.04libsndfileTobias Klein discovered a heap-based buffer overflow in libsndfile. If a user or automated system processed a crafted VOC file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. Erik de Castro Lopo discovered a similar heap-based buffer overflow when processing AIFF files. If a user or automated system processed a crafted AIFF file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the programSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-746-1 -- xine-lib vulnerabilityUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10xine-libIt was discovered that the 4xm demuxer in xine-lib did not correctly handle a large current_track value in a 4xm file, resulting in an integer overflow. If a user or automated system were tricked into opening a specially crafted 4xm movie file, an attacker could crash xine-lib or possibly execute arbitrary code with the privileges of the user invoking the program. USN-710-1 provided updated xine-lib packages to fix multiple security vulnerabilities. The security patch to fix CVE-2008-5239 introduced a regression causing some media files to be unplayable. This update corrects the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the input handlers in xine-lib did not correctly handle certain error codes, resulting in out-of-bounds reads and heap- based buffer overflows. If a user or automated system were tricked into opening a specially crafted file, stream, or URL, an attacker could execute arbitrary code as the user invoking the programSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-720-1 -- php5 vulnerabilitiesUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10php5It was discovered that PHP did not properly enforce php_admin_value and php_admin_flag restrictions in the Apache configuration file. A local attacker could create a specially crafted PHP script that would bypass intended security restrictions. This issue only applied to Ubuntu 6.06 LTS, 7.10, and 8.04 LTS. It was discovered that PHP did not correctly handle certain malformed font files. If a PHP application were tricked into processing a specially crafted font file, an attacker may be able to cause a denial of service and possibly execute arbitrary code with application privileges. It was discovered that PHP did not properly check the delimiter argument to the explode function. If a script passed untrusted input to the explode function, an attacker could cause a denial of service and possibly execute arbitrary code with application privileges. It was discovered that PHP, when used as FastCGI module, did not properly sanitize requests. By performing a request with multiple dots preceding the extension, an attacker could cause a denial of service. It was discovered that PHP did not properly handle Unicode conversion in the mbstring extension. If a PHP application were tricked into processing a specially crafted string containing an HTML entity, an attacker could execute arbitrary code with application privileges. It was discovered that PHP did not properly initialize the page_uid and page_gid global variables for use by the SAPI php_getuid function. An attacker could exploit this issue to bypass safe_mode restrictions. It was dicovered that PHP did not properly enforce error_log safe_mode restrictions when set by php_admin_flag in the Apache configuration file. A local attacker could create a specially crafted PHP script that would overwrite arbitrary files. It was discovered that PHP contained a flaw in the ZipArchive::extractTo function. If a PHP application were tricked into processing a specially crafted zip file that had filenames containing "..", an attacker could write arbitrary files within the filesystem. This issue only applied to Ubuntu 7.10, 8.04 LTS, and 8.10. USN-557-1 fixed a vulnerability in the GD library. When using the GD library, PHP did not properly handle the return codes that were added in the security update. An attacker could exploit this issue with a specially crafted image file and cause PHP to crash, leading to a denial of service. This issue only applied to Ubuntu 6.06 LTS, and 7.10SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-786-1 -- apr-util vulnerabilitiesUbuntu 8.10Ubuntu 8.04Ubuntu 9.04apr-utilMatthew Palmer discovered an underflow flaw in apr-util. An attacker could cause a denial of service via application crash in Apache using a crafted SVNMasterURI directive, .htaccess file, or when using mod_apreq2. Applications using libapreq2 are also affected. It was discovered that the XML parser did not properly handle entity expansion. A remote attacker could cause a denial of service via memory resource consumption by sending a crafted request to an Apache server configured to use mod_dav or mod_dav_svn. C. Michael Pilato discovered an off-by-one buffer overflow in apr-util when formatting certain strings. For big-endian machines, a remote attacker could cause a denial of service or information disclosure leak. All other architectures for Ubuntu are not considered to be at riskSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-811-1 -- firefox-3.0, xulrunner-1.9 vulnerabilityUbuntu 8.10Ubuntu 8.04Ubuntu 9.04firefox-3.0xulrunner-1.9Juan Pablo Lopez Yacubian discovered that Firefox did not properly display invalid URLs. If a user were tricked into accessing a malicious website, an attacker could exploit this to spoof the location bar, such as in a phishing attack. Furthermore, if the malicious website had a valid SSL certificate, Firefox would display the spoofed page as trusted.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-862-1 -- php5 vulnerabilitiesUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 6.06Ubuntu 9.04php5Maksymilian Arciemowicz discovered that PHP did not properly validate arguments to the dba_replace function. If a script passed untrusted input to the dba_replace function, an attacker could truncate the database. This issue only applied to Ubuntu 6.06 LTS, 8.04 LTS, and 8.10. It was discovered that PHP�s php_openssl_apply_verification_policy function did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. It was discovered that PHP did not properly handle certain malformed images when being parsed by the Exif module. A remote attacker could exploit this flaw and cause the PHP server to crash, resulting in a denial of service. Grzegorz Stachowiak discovered that PHP did not properly enforce restrictions in the tempnam function. An attacker could exploit this issue to bypass safe_mode restrictions. Grzegorz Stachowiak discovered that PHP did not properly enforce restrictions in the posix_mkfifo function. An attacker could exploit this issue to bypass open_basedir restrictions. Bogdan Calin discovered that PHP did not limit the number of temporary files created when handling multipart/form-data POST requests. A remote attacker could exploit this flaw and cause the PHP server to consume all available resources, resulting in a denial of service. ATTENTION: This update changes previous PHP behaviour by limiting the number of files in a POST request to 50. This may be increased by adding a "max_file_uploads" directive to the php.ini configuration file. It was discovered that PHP did not properly enforce restrictions in the proc_open function. An attacker could exploit this issue to bypass safe_mode_protected_env_vars restrictions and possibly execute arbitrary code with application privilegesSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-850-1 -- poppler vulnerabilitiesUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10popplerIt was discovered that poppler contained multiple security issues when parsing malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-762-1 -- apt vulnerabilitiesUbuntu 8.04Ubuntu 6.06Ubuntu 8.10aptAlexandre Martani discovered that the APT daily cron script did not check the return code of the date command. If a machine is configured for automatic updates and is in a time zone where DST occurs at midnight, under certain circumstances automatic updates might not be applied and could become permanently disabled. Michael Casadevall discovered that APT did not properly verify repositories signed with a revoked or expired key. If a repository were signed with only an expired or revoked key and the signature was otherwise valid, APT would consider the repository validSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-768-1 -- apport vulnerabilityUbuntu 8.10Ubuntu 8.04Ubuntu 9.04apportStephane Chazelas discovered that Apport did not safely remove files from its crash report directory. If Apport had been enabled at some point, a local attacker could remove arbitrary files from the system.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-791-1 -- moodle vulnerabilitiesUbuntu 8.10Ubuntu 8.04moodleThor Larholm discovered that PHPMailer, as used by Moodle, did not correctly escape email addresses. A local attacker with direct access to the Moodle database could exploit this to execute arbitrary commands as the web server user. Nigel McNie discovered that fetching https URLs did not correctly escape shell meta-characters. An authenticated remote attacker could execute arbitrary commands as the web server user, if curl was installed and configured. It was discovered that Smarty, did not correctly filter certain inputs. An authenticated remote attacker could exploit this to execute arbitrary PHP commands as the web server user. It was discovered that the unused SpellChecker extension in Moodle did not correctly handle temporary files. If the tool had been locally modified, it could be made to overwrite arbitrary local files via symlinks. Mike Churchward discovered that Moodle did not correctly filter Wiki page titles in certain areas. An authenticated remote attacker could exploit this to cause cross-site scripting, which could be used to modify or steal confidential data of other users within the same web domain. It was discovered that the HTML sanitizer, "Login as" feature, and logging in Moodle did not correctly handle certain inputs. An authenticated remote attacker could exploit this to generate XSS, which could be used to modify or steal confidential data of other users within the same web domain. It was discovered that the HotPot module in Moodle did not correctly filter SQL inputs. An authenticated remote attacker could execute arbitrary SQL commands as the moodle database user, leading to a loss of privacy or denial of service. Kevin Madura discovered that the forum actions and messaging settings in Moodle were not protected from cross-site request forgery. If an authenticated user were tricked into visiting a malicious website while logged into Moodle, a remote attacker could change the user�s configurations or forum content. Daniel Cabezas discovered that Moodle would leak usernames from the Calendar Export tool. A remote attacker could gather a list of users, leading to a loss of privacy. Christian Eibl discovered that the TeX filter in Moodle allowed any function to be used. An authenticated remote attacker could post a specially crafted TeX formula to execute arbitrary TeX functions, potentially reading any file accessible to the web server user, leading to a loss of privacy. Johannes Kuhn discovered that Moodle did not correctly validate user permissions when attempting to switch user accounts. An authenticated remote attacker could switch to any other Moodle user, leading to a loss of privacy. Hanno Boeck discovered that unconfigured Moodle instances contained XSS vulnerabilities. An unauthenticated remote attacker could exploit this to modify or steal confidential data of other users within the same web domain. Debbie McDonald, Mauno Korpelainen, Howard Miller, and Juan Segarra Montesinos discovered that when users were deleted from Moodle, their profiles and avatars were still visible. An authenticated remote attacker could exploit this to store information in profiles even after they were removed, leading to spam traffic. Lars Vogdt discovered that Moodle did not correctly filter certain inputs. An authenticated remote attacker could exploit this to generate XSS from which they could modify or steal confidential data of other users within the same web domain. It was discovered that Moodle did not correctly filter inputs for group creation, mnet, essay question, HOST param, wiki param, and others. An authenticated remote attacker could exploit this to generate XSS from which they could modify or steal confidential data of other users within the same web domain. It was discovered that Moodle did not correctly filter SQL inputs when performing a restore. An attacker authenticated as a Moodle administrator could execute arbitrary SQL commands as the moodle database user, leading to a loss of privacy or denial of serviceSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-796-1 -- pidgin vulnerabilityUbuntu 8.10Ubuntu 8.04Ubuntu 9.04pidginYuriy Kaminskiy discovered that Pidgin did not properly handle certain messages in the ICQ protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-880-1 -- gimp vulnerabilitiesUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 9.04gimpStefan Cornelius discovered that GIMP did not correctly handle certain malformed BMP files. If a user were tricked into opening a specially crafted BMP file, an attacker could execute arbitrary code with the user�s privileges. Stefan Cornelius discovered that GIMP did not correctly handle certain malformed PSD files. If a user were tricked into opening a specially crafted PSD file, an attacker could execute arbitrary code with the user�s privileges. This issue only applied to Ubuntu 8.10, 9.04 and 9.10SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-711-1 -- ktorrent vulnerabilitiesUbuntu 7.10Ubuntu 8.10Ubuntu 8.04ktorrentIt was discovered that KTorrent did not properly restrict access when using the web interface plugin. A remote attacker could use a crafted http request and upload arbitrary torrent files to trigger the start of downloads and seeding. It was discovered that KTorrent did not properly handle certain parameters when using the web interface plugin. A remote attacker could use crafted http requests to execute arbitrary PHP codeSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-726-2 -- curl regressionUbuntu 8.10curlUSN-726-1 fixed a vulnerability in curl. Due to an incomplete fix, a regression was introduced in Ubuntu 8.10 that caused certain types of URLs to fail. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that curl did not enforce any restrictions when following URL redirects. If a user or automated system were tricked into opening a URL to an untrusted server, an attacker could use redirects to gain access to arbitrary files. This update changes curl behavior to prevent following "file" URLs after a redirect.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-900-1 -- ruby1.9 vulnerabilitiesUbuntu 8.10Ubuntu 9.10Ubuntu 9.04ruby1.9Emmanouel Kellinis discovered that Ruby did not properly handle certain string operations. An attacker could exploit this issue and possibly execute arbitrary code with application privileges. Giovanni Pellerano, Alessandro Tanasi, and Francesco Ongaro discovered that Ruby did not properly sanitize data written to log files. An attacker could insert specially-crafted data into log files which could affect certain terminal emulators and cause arbitrary files to be overwritten, or even possibly execute arbitrary commands. It was discovered that Ruby did not properly handle string arguments that represent large numbers. An attacker could exploit this and cause a denial of service. This issue only affected Ubuntu 9.10SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-741-1 -- mozilla-thunderbird, thunderbird vulnerabilitiesUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10mozilla-thunderbirdthunderbirdSeveral flaws were discovered in the browser engine. If Javascript were enabled, an attacker could exploit these flaws to crash Thunderbird and possibly execute arbitrary code with user privileges. Jesse Ruderman and Gary Kwong discovered flaws in the browser engine. If a user had Javascript enabled, these problems could allow a remote attacker to cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Georgi Guninski discovered a flaw when Thunderbird performed a cross-domain redirect. If a user had Javascript enabled, an attacker could bypass the same-origin policy in Thunderbird by utilizing nsIRDFService and steal private data from users authenticated to the redirected websiteSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-847-1 -- devscripts vulnerabilityUbuntu 8.10Ubuntu 8.04Ubuntu 9.04devscriptsRaphael Geissert discovered that uscan, a part of devscripts, did not properly sanitize its input when processing pathnames. If uscan processed a crafted filename for a file on a remote server, an attacker could execute arbitrary code with the privileges of the user invoking the program.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-834-1 -- postgresql-8.1, postgresql-8.3 vulnerabilitiesUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10postgresql-8.1postgresql-8.3It was discovered that PostgreSQL could be made to unload and reload an already loaded module by using the LOAD command. A remote authenticated attacker could exploit this to cause a denial of service. This issue did not affect Ubuntu 6.06 LTS. Due to an incomplete fix for CVE-2007-6600, RESET ROLE and RESET SESSION AUTHORIZATION operations were allowed inside security-definer functions. A remote authenticated attacker could exploit this to escalate privileges within PostgreSQL. It was discovered that PostgreSQL did not properly perform LDAP authentication under certain circumstances. When configured to use LDAP with anonymous binds, a remote attacker could bypass authentication by supplying an empty password. This issue did not affect Ubuntu 6.06 LTSSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-838-1 -- dovecot vulnerabilitiesUbuntu 8.10Ubuntu 8.04Ubuntu 9.04dovecotIt was discovered that the ACL plugin in Dovecot would incorrectly handle negative access rights. An attacker could exploit this flaw to access the Dovecot server, bypassing the indended access restrictions. This only affected Ubuntu 8.04 LTS. It was discovered that the ManageSieve service in Dovecot incorrectly handled ".." in script names. A remote attacker could exploit this to read and modify arbitrary sieve files on the server. This only affected Ubuntu 8.10. It was discovered that the Sieve plugin in Dovecot incorrectly handled certain sieve scripts. An authenticated user could exploit this with a crafted sieve script to cause a denial of service or possibly execute arbitrary codeSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-802-2 -- apache2 regressionUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10apache2USN-802-1 fixed vulnerabilities in Apache. The upstream fix for CVE-2009-1891 introduced a regression that would cause Apache children to occasionally segfault when mod_deflate is used. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that mod_proxy_http did not properly handle a large amount of streamed data when used as a reverse proxy. A remote attacker could exploit this and cause a denial of service via memory resource consumption. This issue affected Ubuntu 8.04 LTS, 8.10 and 9.04. It was discovered that mod_deflate did not abort compressing large files when the connection was closed. A remote attacker could exploit this and cause a denial of service via CPU resource consumptionSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-765-1 -- firefox-3.0, xulrunner-1.9 vulnerabilitiesUbuntu 8.10Ubuntu 8.04Ubuntu 9.04firefox-3.0xulrunner-1.9It was discovered that the upstream security fixes in USN-764-1 introduced a regression which could cause the browser to crash. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-795-1 -- nagios2, nagios3 vulnerabilityUbuntu 8.10Ubuntu 8.04Ubuntu 9.04nagios2nagios3It was discovered that Nagios did not properly parse certain commands submitted using the WAP web interface. An authenticated user could exploit this flaw and execute arbitrary programs on the server.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-818-1 -- curl vulnerabilityUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10curlScott Cantor discovered that Curl did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-890-2 -- python2.5 vulnerabilitiesUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 9.04python2.5USN-890-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for the PyExpat module in Python 2.5. Original advisory details: Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly process malformed XML. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash. It was discovered that Expat did not properly process malformed UTF-8 sequences. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crashSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-706-1 -- bind9 vulnerabilityUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10bind9It was discovered that Bind did not properly perform certificate verification. When DNSSEC with DSA certificates are in use, a remote attacker could exploit this to bypass certificate validation to spoof DNS entries and poison DNS caches. Among other things, this could lead to misdirected email and web traffic.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-907-1 -- gnome-screensaver vulnerabilitiesUbuntu 8.10Ubuntu 9.10Ubuntu 9.04gnome-screensaverIt was discovered that gnome-screensaver did not correctly lock all screens when monitors get hotplugged. An attacker with physical access could use this flaw to gain access to a locked session. It was discovered that gnome-screensaver did not correctly handle keyboard grab when monitors get hotplugged. An attacker with physical access could use this flaw to gain access to a locked session. This issue only affected Ubuntu 9.10SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-793-1 -- linux, linux-source-2.6.15 vulnerabilitiesUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10linuxlinux-source-2.6.15Igor Zhbanov discovered that NFS clients were able to create device nodes even when root_squash was enabled. An authenticated remote attacker could create device nodes with open permissions, leading to a loss of privacy or escalation of privileges. Only Ubuntu 8.10 and 9.04 were affected. Dan Carpenter discovered that SELinux did not correctly handle certain network checks when running with compat_net=1. A local attacker could exploit this to bypass network checks. Default Ubuntu installations do not enable SELinux, and only Ubuntu 8.10 and 9.04 were affected. Shaohua Li discovered that memory was not correctly initialized in the AGP subsystem. A local attacker could potentially read kernel memory, leading to a loss of privacy. Benjamin Gilbert discovered that the VMX implementation of KVM did not correctly handle certain registers. An attacker in a guest VM could exploit this to cause a host system crash, leading to a denial of service. This only affected 32bit hosts. Ubuntu 6.06 was not affected. Thomas Pollet discovered that the Amateur Radio X.25 Packet Layer Protocol did not correctly validate certain fields. A remote attacker could exploit this to read kernel memory, leading to a loss of privacy. Trond Myklebust discovered that NFS did not correctly handle certain long filenames. An authenticated remote attacker could exploit this to cause a system crash, leading to a denial of service. Only Ubuntu 6.06 was affected. Oleg Nesterov discovered that the kernel did not correctly handle CAP_KILL. A local user could exploit this to send signals to arbitrary processes, leading to a denial of service. Daniel Hokka Zakrisson discovered that signal handling was not correctly limited to process namespaces. A local user could bypass namespace restrictions, possibly leading to a denial of service. Only Ubuntu 8.04 was affected. Pavel Emelyanov discovered that network namespace support for IPv6 was not correctly handled. A remote attacker could send specially crafted IPv6 traffic that would cause a system crash, leading to a denial of service. Only Ubuntu 8.10 and 9.04 were affected. Neil Horman discovered that the e1000 network driver did not correctly validate certain fields. A remote attacker could send a specially crafted packet that would cause a system crash, leading to a denial of service. Pavan Naregundi discovered that CIFS did not correctly check lengths when handling certain mount requests. A remote attacker could send specially crafted traffic to cause a system crash, leading to a denial of service. Simon Vallet and Frank Filz discovered that execute permissions were not correctly handled by NFSv4. A local user could bypass permissions and run restricted programs, possibly leading to an escalation of privileges. Jeff Layton and Suresh Jayaraman discovered buffer overflows in the CIFS client code. A malicious remote server could exploit this to cause a system crash or execute arbitrary code as root. Mikulas Patocka discovered that /proc/iomem was not correctly initialized on Sparc. A local attacker could use this file to crash the system, leading to a denial of service. Ubuntu 6.06 was not affected. Miklos Szeredi discovered that OCFS2 did not correctly handle certain splice operations. A local attacker could exploit this to cause a system hang, leading to a denial of service. Ubuntu 6.06 was not affectedSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-797-1 -- tiff vulnerabilityUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10tiffIt was discovered that the TIFF library did not correctly handle certain malformed TIFF images. If a user or automated system were tricked into processing a malicious image, a remote attacker could cause an application linked against libtiff to crash, leading to a denial of service.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-775-2 -- quagga regressionUbuntu 8.04Ubuntu 6.06Ubuntu 8.10quaggaUSN-775-1 fixed vulnerabilities in Quagga. The preventative fixes introduced in Quagga prior to Ubuntu 9.04 could result in BGP service failures. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the BGP service in Quagga did not correctly handle certain AS paths containing 4-byte ASNs. An authenticated remote attacker could exploit this flaw to cause bgpd to abort, leading to a denial of service.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDUSN-716-1 -- moin vulnerabilitiesUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10moinFernando Quintero discovered than MoinMoin did not properly sanitize its input when processing login requests, resulting in cross-site scripting vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain. This issue affected Ubuntu 7.10 and 8.04 LTS. Fernando Quintero discovered that MoinMoin did not properly sanitize its input when attaching files, resulting in cross-site scripting vulnerabilities. This issue affected Ubuntu 6.06 LTS, 7.10 and 8.04 LTS. It was discovered that MoinMoin did not properly sanitize its input when processing user forms. A remote attacker could submit crafted cookie values and overwrite arbitrary files via directory traversal. This issue affected Ubuntu 6.06 LTS, 7.10 and 8.04 LTS. It was discovered that MoinMoin did not properly sanitize its input when editing pages, resulting in cross-site scripting vulnerabilities. This issue only affected Ubuntu 6.06 LTS and 7.10. It was discovered that MoinMoin did not properly enforce access controls, which could allow a remoter attacker to view private pages. This issue only affected Ubuntu 6.06 LTS and 7.10. It was discovered that MoinMoin did not properly sanitize its input when attaching files and using the rename parameter, resulting in cross-site scripting vulnerabilities. It was discovered that MoinMoin did not properly sanitize its input when displaying error messages after processing spam, resulting in cross-site scripting vulnerabilitiesSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-843-1 -- backuppc vulnerabilityUbuntu 8.10Ubuntu 8.04Ubuntu 9.04backuppcIt was discovered that BackupPC did not restrict normal users from setting the ClientNameAlias parameter. An authenticated user could exploit this to gain access to unauthorized hosts. This update fixed the issue by preventing normal users from modifying the ClientNameAlias configuration parameter.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-911-1 -- moin vulnerabilitiesUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 6.06Ubuntu 9.04moinIt was discovered that several wiki actions and preference settings in MoinMoin were not protected from cross-site request forgery . If an authenticated user were tricked into visiting a malicious website while logged into MoinMoin, a remote attacker could change the user�s configuration or wiki content. It was discovered that MoinMoin did not properly sanitize its input when processing user preferences. An attacker could enter malicious content which when viewed by a user, could render in unexpected waysSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-808-1 -- bind9 vulnerabilityUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10bind9Micha Krause discovered that Bind did not correctly validate certain dynamic DNS update packets. An unauthenticated remote attacker could send specially crafted traffic to crash the DNS server, leading to a denial of service.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-852-1 -- linux, linux-source-2.6.15 vulnerabilitiesUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10linuxlinux-source-2.6.15Solar Designer discovered that the z90crypt driver did not correctly check capabilities. A local attacker could exploit this to shut down the device, leading to a denial of service. Only affected Ubuntu 6.06. Michael Buesch discovered that the SGI GRU driver did not correctly check the length when setting options. A local attacker could exploit this to write to the kernel stack, leading to root privilege escalation or a denial of service. Only affected Ubuntu 8.10 and 9.04. It was discovered that SELinux did not fully implement the mmap_min_addr restrictions. A local attacker could exploit this to allocate the NULL memory page which could lead to further attacks against kernel NULL-dereference vulnerabilities. Ubuntu 6.06 was not affected. Cagri Coltekin discovered that the UDP stack did not correctly handle certain flags. A local user could send specially crafted commands and traffic to gain root privileges or crash the systeam, leading to a denial of service. Only affected Ubuntu 6.06. Hiroshi Shimamoto discovered that monotonic timers did not correctly validate parameters. A local user could make a specially crafted timer request to gain root privileges or crash the system, leading to a denial of service. Only affected Ubuntu 9.04. Michael Buesch discovered that the HPPA ISA EEPROM driver did not correctly validate positions. A local user could make a specially crafted request to gain root privileges or crash the system, leading to a denial of service. Ulrich Drepper discovered that kernel signal stacks were not being correctly padded on 64-bit systems. A local attacker could send specially crafted calls to expose 4 bytes of kernel stack memory, leading to a loss of privacy. Jens Rosenboom discovered that the clone method did not correctly clear certain fields. A local attacker could exploit this to gain privileges or crash the system, leading to a denial of service. It was discovered that the MD driver did not check certain sysfs files. A local attacker with write access to /sys could exploit this to cause a system crash, leading to a denial of service. Ubuntu 6.06 was not affected. Mark Smith discovered that the AppleTalk stack did not correctly manage memory. A remote attacker could send specially crafted traffic to cause the system to consume all available memory, leading to a denial of service. Loïc Minier discovered that eCryptfs did not correctly handle writing to certain deleted files. A local attacker could exploit this to gain root privileges or crash the system, leading to a denial of service. Ubuntu 6.06 was not affected. It was discovered that the LLC, AppleTalk, IR, EConet, Netrom, and ROSE network stacks did not correctly initialize their data structures. A local attacker could make specially crafted calls to read kernel memory, leading to a loss of privacy. It was discovered that the randomization used for Address Space Layout Randomization was predictable within a small window of time. A local attacker could exploit this to leverage further attacks that require knowledge of userspace memory layouts. Eric Paris discovered that NFSv4 did not correctly handle file creation failures. An attacker with write access to an NFSv4 share could exploit this to create files with arbitrary mode bits, leading to privilege escalation or a loss of privacy. Bob Tracy discovered that the SCSI generic driver did not correctly use the right index for array access. A local attacker with write access to a CDR could exploit this to crash the system, leading to a denial of service. Only Ubuntu 9.04 was affected. Jan Kiszka discovered that KVM did not correctly validate certain hypercalls. A local unprivileged attacker in a virtual guest could exploit this to crash the guest kernel, leading to a denial of service. Ubuntu 6.06 was not affectedSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-703-1 -- xterm vulnerabilityUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10xtermPaul Szabo discovered that the DECRQSS escape sequences were not handled correctly by xterm. Additionally, window title operations were also not safely handled. If a user were tricked into viewing a specially crafted series of characters while in xterm, a remote attacker could execute arbitrary commands with user privilegesSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-924-1 -- krb5 vulnerabilitiesUbuntu 8.10Ubuntu 8.04Ubuntu 9.04krb5Sol Jerome discovered that the Kerberos kadmind service did not correctly free memory. An unauthenticated remote attacker could send specially crafted traffic to crash the kadmind process, leading to a denial of service. It was discovered that Kerberos did not correctly free memory in the GSSAPI library. If a remote attacker were able to manipulate an application using GSSAPI carefully, the service could crash, leading to a denial of service. It was discovered that Kerberos did not correctly free memory in the GSSAPI and kdb libraries. If a remote attacker were able to manipulate an application using these libraries carefully, the service could crash, leading to a denial of serviceSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-903-1 -- openoffice.org vulnerabilitiesUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 9.04openoffice.orgIt was discovered that the XML HMAC signature system did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation. Sebastian Apelt and Frank Reißner discovered that OpenOffice did not correctly import XPM and GIF images. If a user were tricked into opening a specially crafted image, an attacker could execute arbitrary code with user privileges. Nicolas Joly discovered that OpenOffice did not correctly handle certain Word documents. If a user were tricked into opening a specially crafted document, an attacker could execute arbitrary code with user privileges. It was discovered that OpenOffice did not correctly handle certain VBA macros correctly. If a user were tricked into opening a specially crafted document, an attacker could execute arbitrary macro commands, bypassing security controlsSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-888-1 -- bind9 vulnerabilitiesUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 6.06Ubuntu 9.04bind9It was discovered that Bind would incorrectly cache bogus NXDOMAIN responses. When DNSSEC validation is in use, a remote attacker could exploit this to cause a denial of service, and possibly poison DNS caches. USN-865-1 provided updated Bind packages to fix a security vulnerability. The upstream security patch to fix CVE-2009-4022 was incomplete and CVE-2010-0290 was assigned to the issue. This update corrects the problem. Original advisory details: Michael Sinatra discovered that Bind did not correctly validate certain records added to its cache. When DNSSEC validation is in use, a remote attacker could exploit this to spoof DNS entries and poison DNS caches. Among other things, this could lead to misdirected email and web traffic.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-781-1 -- pidgin vulnerabilitiesUbuntu 8.10Ubuntu 8.04Ubuntu 9.04pidginIt was discovered that Pidgin did not properly handle certain malformed messages when sending a file using the XMPP protocol handler. If a user were tricked into sending a file, a remote attacker could send a specially crafted response and cause Pidgin to crash, or possibly execute arbitrary code with user privileges. It was discovered that Pidgin did not properly handle certain malformed messages in the QQ protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash. This issue only affected Ubuntu 8.10 and 9.04. It was discovered that Pidgin did not properly handle certain malformed messages in the XMPP and Sametime protocol handlers. A remote attacker could send a specially crafted message and cause Pidgin to crash. It was discovered that Pidgin did not properly handle certain malformed messages in the MSN protocol handler. A remote attacker could send a specially crafted message and possibly execute arbitrary code with user privilegesSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-871-1 -- kdelibs vulnerabilityUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 9.04kdelibsA buffer overflow was found in the KDE libraries when converting a string to a floating point number. If a user or application linked against kdelibs were tricked into processing crafted input, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that the KDE libraries could use KHTML to process an unknown MIME type. If a user or application linked against kdelibs were tricked into opening a crafted file, an attacker could potentially trigger XMLHTTPRequests to remote sites.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-867-1 -- ntp vulnerabilityUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 6.06Ubuntu 9.04ntpRobin Park and Dmitri Vinokurov discovered a logic error in ntpd. A remote attacker could send a crafted NTP mode 7 packet with a spoofed IP address of an affected server and cause a denial of service via CPU and disk resource consumption.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-798-1 -- firefox-3.0, xulrunner-1.9 vulnerabilitiesUbuntu 8.10Ubuntu 8.04Ubuntu 9.04firefox-3.0xulrunner-1.9Several flaws were discovered in the Firefox browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Attila Suszter discovered a flaw in the way Firefox processed Flash content. If a user were tricked into viewing and navigating within a specially crafted Flash object, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that Firefox did not properly handle some SVG content. An attacker could exploit this to cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. A flaw was discovered in the JavaScript engine. If a user were tricked into viewing a malicious website, an attacker could exploit this perform cross-site scripting attacksSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-813-3 -- apr-util vulnerabilityUbuntu 8.10Ubuntu 8.04Ubuntu 9.04apr-utilUSN-813-1 fixed vulnerabilities in apr. This update provides the corresponding updates for apr-util. Original advisory details: Matt Lewis discovered that apr did not properly sanitize its input when allocating memory. If an application using apr processed crafted input, a remote attacker could cause a denial of service or potentially execute arbitrary code as the user invoking the application.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-776-1 -- kvm vulnerabilitiesUbuntu 8.10Ubuntu 8.04kvmAvi Kivity discovered that KVM did not correctly handle certain disk formats. A local attacker could attach a malicious partition that would allow the guest VM to read files on the VM host. Alfredo Ortega discovered that KVM�s VNC protocol handler did not correctly validate certain messages. A remote attacker could send specially crafted VNC messages that would cause KVM to consume CPU resources, leading to a denial of service. Jan Niehusmann discovered that KVM�s Cirrus VGA implementation over VNC did not correctly handle certain bitblt operations. A local attacker could exploit this flaw to potentially execute arbitrary code on the VM host or crash KVM, leading to a denial of service. It was discovered that KVM�s VNC password checks did not use the correct length. A remote attacker could exploit this flaw to cause KVM to crash, leading to a denial of serviceSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-864-1 -- linux, linux-source-2.6.15 vulnerabilitiesUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 6.06Ubuntu 9.04linuxlinux-source-2.6.15It was discovered that the AX.25 network subsystem did not correctly check integer signedness in certain setsockopt calls. A local attacker could exploit this to crash the system, leading to a denial of service. Ubuntu 9.10 was not affected. Jan Beulich discovered that the kernel could leak register contents to 32-bit processes that were switched to 64-bit mode. A local attacker could run a specially crafted binary to read register values from an earlier process, leading to a loss of privacy. Dave Jones discovered that the gdth SCSI driver did not correctly validate array indexes in certain ioctl calls. A local attacker could exploit this to crash the system or gain elevated privileges. Eric Dumazet and Jiri Pirko discovered that the TC and CLS subsystems would leak kernel memory via uninitialized structure members. A local attacker could exploit this to read several bytes of kernel memory, leading to a loss of privacy. Earl Chew discovered race conditions in pipe handling. A local attacker could exploit anonymous pipes via /proc/*/fd/ and crash the system or gain root privileges. Dave Jones and Francois Romieu discovered that the r8169 network driver could be made to leak kernel memory. A remote attacker could send a large number of jumbo frames until the system memory was exhausted, leading to a denial of service. Ubuntu 9.10 was not affected. Ben Hutchings discovered that the ATI Rage 128 video driver did not correctly validate initialization states. A local attacker could make specially crafted ioctl calls to crash the system or gain root privileges. Tomoki Sekiyama discovered that Unix sockets did not correctly verify namespaces. A local attacker could exploit this to cause a system hang, leading to a denial of service. J. Bruce Fields discovered that NFSv4 did not correctly use the credential cache. A local attacker using a mount with AUTH_NULL authentication could exploit this to crash the system or gain root privileges. Only Ubuntu 9.10 was affected. Alexander Zangerl discovered that the kernel keyring did not correctly reference count. A local attacker could issue a series of specially crafted keyring calls to crash the system or gain root privileges. Only Ubuntu 9.10 was affected. David Wagner discovered that KVM did not correctly bounds-check CPUID entries. A local attacker could exploit this to crash the system or possibly gain elevated privileges. Ubuntu 6.06 and 9.10 were not affected. Avi Kivity discovered that KVM did not correctly check privileges when accessing debug registers. A local attacker could exploit this to crash a host system from within a guest system, leading to a denial of service. Ubuntu 6.06 and 9.10 were not affected. Philip Reisner discovered that the connector layer for uvesafb, pohmelfs, dst, and dm did not correctly check capabilties. A local attacker could exploit this to crash the system or gain elevated privileges. Ubuntu 6.06 was not affected. Trond Myklebust discovered that NFSv4 clients did not robustly verify attributes. A malicious remote NFSv4 server could exploit this to crash a client or gain root privileges. Ubuntu 9.10 was not affected. Robin Getz discovered that NOMMU systems did not correctly validate NULL pointers in do_mmap_pgoff calls. A local attacker could attempt to allocate large amounts of memory to crash the system, leading to a denial of service. Only Ubuntu 6.06 and 9.10 were affected. Joseph Malicki discovered that the MegaRAID SAS driver had world-writable option files. A local attacker could exploit these to disrupt the behavior of the controller, leading to a denial of service. Roel Kluin discovered that the Hisax ISDN driver did not correctly check the size of packets. A remote attacker could send specially crafted packets to cause a system crash, leading to a denial of service. Lennert Buytenhek discovered that certain 802.11 states were not handled correctly. A physically-proximate remote attacker could send specially crafted wireless traffic that would crash the system, leading to a denial of service. Only Ubuntu 9.10 was affectedSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-829-1 -- qt4-x11 vulnerabilityUbuntu 8.10Ubuntu 8.04Ubuntu 9.04qt4-x11It was discovered that Qt did not properly handle certificates with NULL characters in the Subject Alternative Name field of X.509 certificates. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communicationsSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-735-1 -- gst-plugins-base0.10 vulnerabilityUbuntu 8.10gst-plugins-base0.10It was discovered that the Base64 decoding functions in GStreamer Base Plugins did not properly handle large images in Vorbis file tags. If a user were tricked into opening a specially crafted Vorbis file, an attacker could possibly execute arbitrary code with user privileges.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-789-1 -- gst-plugins-good0.10 vulnerabilityUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10gst-plugins-good0.10Tielei Wang discovered that GStreamer Good Plugins did not correctly handle malformed PNG image files. If a user were tricked into opening a crafted PNG image file with a GStreamer application, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-912-1 -- audiofile vulnerabilityUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 6.06Ubuntu 9.04audiofileIt was discovered that Audio File Library contained a heap-based buffer overflow. If a user or automated system processed a crafted WAV file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. The default compiler options for Ubuntu should reduce this vulnerability to a denial of service.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-763-1 -- xine-lib vulnerabilitiesUbuntu 8.04Ubuntu 6.06Ubuntu 8.10xine-libIt was discovered that the QT demuxer in xine-lib did not correctly handle a large count value in an STTS atom, resulting in a heap-based buffer overflow. If a user or automated system were tricked into opening a specially crafted MOV file, an attacker could execute arbitrary code as the user invoking the program. USN-746-1 provided updated xine-lib packages to fix multiple security vulnerabilities. The security patch to fix CVE-2009-0698 was incomplete. This update corrects the problem. Original advisory details: It was discovered that the 4xm demuxer in xine-lib did not correctly handle a large current_track value in a 4xm file, resulting in an integer overflow. If a user or automated system were tricked into opening a specially crafted 4xm movie file, an attacker could crash xine-lib or possibly execute arbitrary code with the privileges of the user invoking the programSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-807-1 -- linux, linux-source-2.6.15 vulnerabilitiesUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10linuxlinux-source-2.6.15Michael Tokarev discovered that the RTL8169 network driver did not correctly validate buffer sizes. A remote attacker on the local network could send specially traffic traffic that would crash the system or potentially grant elevated privileges. Julien Tinnes and Tavis Ormandy discovered that when executing setuid processes the kernel did not clear certain personality flags. A local attacker could exploit this to map the NULL memory page, causing other vulnerabilities to become exploitable. Ubuntu 6.06 was not affected. Matt T. Yourst discovered that KVM did not correctly validate the page table root. A local attacker could exploit this to crash the system, leading to a denial of service. Ubuntu 6.06 was not affected. Ramon de Carvalho Valle discovered that eCryptfs did not correctly validate certain buffer sizes. A local attacker could create specially crafted eCryptfs files to crash the system or gain elevated privileges. Ubuntu 6.06 was not affectedSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-931-2 -- ffmpeg, ffmpeg-debian regressionUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 9.04ffmpegffmpeg-debianUSN-931-1 fixed vulnerabilities in FFmpeg. The update introduced a regression when trying to play certain multimedia files. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that FFmpeg contained multiple security issues when handling certain multimedia files. If a user were tricked into opening a crafted multimedia file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDUSN-805-1 -- ruby1.8, ruby1.9 vulnerabilitiesUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10ruby1.8ruby1.9It was discovered that Ruby did not properly validate certificates. An attacker could exploit this and present invalid or revoked X.509 certificates. It was discovered that Ruby did not properly handle string arguments that represent large numbers. An attacker could exploit this and cause a denial of serviceSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-830-1 -- openssl vulnerabilityUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10opensslDan Kaminsky discovered OpenSSL would still accept certificates with MD2 hash signatures. As a result, an attacker could potentially create a malicious trusted certificate to impersonate another site. This update handles this issue by completely disabling MD2 for certificate validation.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-713-1 -- openjdk-6 vulnerabilitiesUbuntu 8.10openjdk-6It was discovered that Java did not correctly handle untrusted applets. If a user were tricked into running a malicious applet, a remote attacker could gain user privileges, or list directory contents. It was discovered that Kerberos authentication and RSA public key processing were not correctly handled in Java. A remote attacker could exploit these flaws to cause a denial of service. It was discovered that Java accepted UTF-8 encodings that might be handled incorrectly by certain applications. A remote attacker could bypass string filters, possible leading to other exploits. Overflows were discovered in Java JAR processing. If a user or automated system were tricked into processing a malicious JAR file, a remote attacker could crash the application, leading to a denial of service. It was discovered that Java calendar objects were not unserialized safely. If a user or automated system were tricked into processing a specially crafted calendar object, a remote attacker could execute arbitrary code with user privileges. It was discovered that the Java image handling code could lead to memory corruption. If a user or automated system were tricked into processing a specially crafted image, a remote attacker could crash the application, leading to a denial of service. It was discovered that temporary files created by Java had predictable names. If a user or automated system were tricked into processing a specially crafted JAR file, a remote attacker could overwrite sensitive informationSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-725-1 -- kdepim vulnerabilityUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10kdepimIt was discovered that Kmail did not adequately prevent execution of arbitrary code when a user clicked on a URL to an executable within an HTML mail. If a user clicked on a malicious URL and chose to execute the file, a remote attacker could execute arbitrary code with user privileges. This update changes KMail�s behavior to instead launch a helper program to view the file if the user chooses to execute such a link.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-771-1 -- libmodplug vulnerabilitiesUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10libmodplugIt was discovered that libmodplug did not correctly handle certain parameters when parsing MED media files. If a user or automated system were tricked into opening a crafted MED file, an attacker could execute arbitrary code with privileges of the user invoking the program. Manfred Tremmel and Stanislav Brabec discovered that libmodplug did not correctly handle long instrument names when parsing PAT sample files. If a user or automated system were tricked into opening a crafted PAT file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. This issue only affected Ubuntu 9.04SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-850-2 -- poppler regressionUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10popplerUSN-850-1 fixed vulnerabilities in poppler. The security fix for CVE-2009-3605 introduced a regression that would cause certain applications, such as Okular, to segfault when opening certain PDF files. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that poppler contained multiple security issues when parsing malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-837-1 -- newt vulnerabilityUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10newtMiroslav Lichvar discovered that Newt incorrectly handled rendering in a text box. An attacker could exploit this and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-824-1 -- php5 vulnerabilityUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10php5It was discovered that PHP did not properly handle certain malformed JPEG images when being parsed by the Exif module. A remote attacker could exploit this flaw and cause the PHP server to crash, resulting in a denial of service.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-764-1 -- firefox-3.0, xulrunner-1.9 vulnerabilitiesUbuntu 8.10Ubuntu 8.04Ubuntu 9.04firefox-3.0xulrunner-1.9Several flaws were discovered in the browser engine. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that Firefox displayed certain Unicode characters which could be visually confused with punctuation in valid web addresses in the location bar. An attacker could exploit this to spoof the location bar, such as in a phishing attack. Several flaws were discovered in the way Firefox processed malformed URI schemes. If a user were tricked into viewing a malicious website, a remote attacker could execute arbitrary JavaScript or steal private data. Cefn Hoile discovered Firefox did not adequately protect against embedded third-party stylesheets. An attacker could exploit this to perform script injection attacks using XBL bindings. Paolo Amadini discovered that Firefox would submit POST data when reloading an inner frame of a web page. If a user were tricked into viewing a malicious website, a remote attacker could steal private dataSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-856-1 -- cups, cupsys vulnerabilityUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 6.06Ubuntu 9.04cupscupsysAaron Sigel discovered that the CUPS web interface incorrectly protected against cross-site scripting and cross-site request forgery attacks. If an authenticated user were tricked into visiting a malicious website while logged into CUPS, a remote attacker could modify the CUPS configuration and possibly steal confidential data.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-928-1 -- sudo vulnerabilityUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 6.06Ubuntu 9.04sudoValerio Costamagna discovered that sudo did not properly validate the path for the "sudoedit" pseudo-command when the PATH contained only a dot. If secure_path and ignore_dot were disabled, a local attacker could exploit this to execute arbitrary code as root if sudo was configured to allow the attacker to use sudoedit. By default, secure_path is used and the sudoedit pseudo-command is not used in Ubuntu. This is a different but related issue to CVE-2010-0426.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-803-1 -- dhcp3 vulnerabilityUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10dhcp3It was discovered that the DHCP client as included in dhcp3 did not verify the length of certain option fields when processing a response from an IPv4 dhcp server. If a user running Ubuntu 6.06 LTS or 8.04 LTS connected to a malicious dhcp server, a remote attacker could cause a denial of service or execute arbitrary code as the user invoking the program, typically the "dhcp" user. For users running Ubuntu 8.10 or 9.04, a remote attacker should only be able to cause a denial of service in the DHCP client. In Ubuntu 9.04, attackers would also be isolated by the AppArmor dhclient3 profile.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-893-1 -- samba vulnerabilityUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 6.06Ubuntu 9.04sambaRonald Volgers discovered that the mount.cifs utility, when installed as a setuid program, suffered from a race condition when verifying user permissions. A local attacker could trick samba into mounting over arbitrary locations, leading to a root privilege escalation.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-794-1 -- libcompress-raw-zlib-perl, perl vulnerabilityUbuntu 8.10Ubuntu 8.04Ubuntu 9.04libcompress-raw-zlib-perlperlIt was discovered that the Compress::Raw::Zlib Perl module incorrectly handled certain zlib compressed streams. If a user or automated system were tricked into processing a specially crafted compressed stream or file, a remote attacker could crash the application, leading to a denial of service.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-889-1 -- gzip vulnerabilitiesUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 6.06Ubuntu 9.04gzipIt was discovered that gzip incorrectly handled certain malformed compressed files. If a user or automated system were tricked into opening a specially crafted gzip file, an attacker could cause gzip to crash or possibly execute arbitrary code with the privileges of the user invoking the program. Aki Helin discovered that gzip incorrectly handled certain malformed files compressed with the Lempel–Ziv–Welch algorithm. If a user or automated system were tricked into opening a specially crafted gzip file, an attacker could cause gzip to crash or possibly execute arbitrary code with the privileges of the user invoking the programSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-748-1 -- openjdk-6 vulnerabilitiesUbuntu 8.10openjdk-6It was discovered that font creation could leak temporary files. If a user were tricked into loading a malicious program or applet, a remote attacker could consume disk space, leading to a denial of service. It was discovered that the lightweight HttpServer did not correctly close files on dataless connections. A remote attacker could send specially crafted requests, leading to a denial of service. Certain 64bit Java actions would crash an application. A local attacker might be able to cause a denial of service. It was discovered that LDAP connections did not close correctly. A remote attacker could send specially crafted requests, leading to a denial of service. Java LDAP routines did not unserialize certain data correctly. A remote attacker could send specially crafted requests that could lead to arbitrary code execution. Java did not correctly check certain JAR headers. If a user or automated system were tricked into processing a malicious JAR file, a remote attacker could crash the application, leading to a denial of service. It was discovered that PNG and GIF decoding in Java could lead to memory corruption. If a user or automated system were tricked into processing a specially crafted image, a remote attacker could crash the application, leading to a denial of serviceSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-766-1 -- acpid vulnerabilityUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10acpidIt was discovered that acpid did not properly handle a large number of connections. A local user could exploit this and monopolize CPU resources, leading to a denial of service.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-860-1 -- apache2 vulnerabilitiesUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 6.06Ubuntu 9.04apache2Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user�s session. The flaw is with TLS renegotiation and potentially affects any software that supports this feature. Attacks against the HTTPS protocol are known, with the severity of the issue depending on the safeguards used in the web application. Until the TLS protocol and underlying libraries are adjusted to defend against this vulnerability, a partial, temporary workaround has been applied to Apache that disables client initiated TLS renegotiation. This update does not protect against server initiated TLS renegotiation when using SSLVerifyClient and SSLCipherSuite on a per Directory or Location basis. Users can defend againt server inititiated TLS renegotiation attacks by adjusting their Apache configuration to use SSLVerifyClient and SSLCipherSuite only on the server or virtual host level. It was discovered that mod_proxy_ftp in Apache did not properly sanitize its input when processing replies to EPASV and PASV commands. An attacker could use this to cause a denial of service in the Apache child process. Another flaw was discovered in mod_proxy_ftp. If Apache is configured as a reverse proxy, an attacker could send a crafted HTTP header to bypass intended access controls and send arbitrary commands to the FTP serverSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-753-1 -- postgresql-8.1, postgresql-8.3 vulnerabilityUbuntu 8.04Ubuntu 6.06Ubuntu 8.10postgresql-8.1postgresql-8.3It was discovered that PostgreSQL did not properly handle encoding conversion failures. An attacker could exploit this by sending specially crafted requests to PostgreSQL, leading to a denial of service.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-727-2 -- network-manager vulnerabilityUbuntu 8.10Ubuntu 6.06network-managerUSN-727-1 fixed vulnerabilities in network-manager-applet. This advisory provides the corresponding updates for NetworkManager. It was discovered that NetworkManager did not properly enforce permissions when responding to dbus requests. A local user could perform dbus queries to view system and user network connection passwords and pre-shared keys.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-877-1 -- firefox-3.0, xulrunner-1.9 regressionUbuntu 8.10Ubuntu 8.04Ubuntu 9.04firefox-3.0xulrunner-1.9USN-873-1 fixed vulnerabilities in Firefox and Xulrunner. The upstream changes introduced a regression when using NTLM authentication. This update fixes the problem and added additional stability fixes. We apologize for the inconvenience. Original advisory details: Jesse Ruderman, Josh Soref, Martijn Wargers, Jose Angel, Olli Pettay, and David James discovered several flaws in the browser and JavaScript engines of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Takehiro Takahashi discovered flaws in the NTLM implementation in Firefox. If an NTLM authenticated user visited a malicious website, a remote attacker could send requests to other applications, authenticated as the user. Jonathan Morgan discovered that Firefox did not properly display SSL indicators under certain circumstances. This could be used by an attacker to spoof an encrypted page, such as in a phishing attack. Jordi Chancel discovered that Firefox did not properly display invalid URLs for a blank page. If a user were tricked into accessing a malicious website, an attacker could exploit this to spoof the location bar, such as in a phishing attackSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-901-1 -- squid vulnerabilitiesUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 6.06Ubuntu 9.04squidIt was discovered that Squid incorrectly handled certain auth headers. A remote attacker could exploit this with a specially-crafted auth header and cause Squid to go into an infinite loop, resulting in a denial of service. This issue only affected Ubuntu 8.10, 9.04 and 9.10. It was discovered that Squid incorrectly handled certain DNS packets. A remote attacker could exploit this with a specially-crafted DNS packet and cause Squid to crash, resulting in a denial of serviceSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-865-1 -- bind9 vulnerabilityUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 6.06Ubuntu 9.04bind9Michael Sinatra discovered that Bind did not correctly validate certain records added to its cache. When DNSSEC validation is in use, a remote attacker could exploit this to spoof DNS entries and poison DNS caches. Among other things, this could lead to misdirected email and web traffic.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-925-1 -- moin vulnerabilitiesUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 6.06Ubuntu 9.04moinIt was discovered that MoinMoin did not properly sanitize its input when processing Despam actions, resulting in cross-site scripting vulnerabilities. If a privileged wiki user were tricked into performing the Despam action on a page with a crafted title, a remote attacker could exploit this to execute JavaScript code. It was discovered that the TextCha protection in MoinMoin could be bypassed by submitting a crafted form request. This issue only affected Ubuntu 8.10SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-906-1 -- cups, cupsys vulnerabilitiesUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 6.06Ubuntu 9.04cupscupsysIt was discovered that the CUPS scheduler did not properly handle certain network operations. A remote attacker could exploit this flaw and cause the CUPS server to crash, resulting in a denial of service. This issue only affected Ubuntu 8.04 LTS, 8.10, 9.04 and 9.10. Ronald Volgers discovered that the CUPS lppasswd tool could be made to load localized message strings from arbitrary files by setting an environment variable. A local attacker could exploit this with a format-string vulnerability leading to a root privilege escalation. The default compiler options for Ubuntu 8.10, 9.04 and 9.10 should reduce this vulnerability to a denial of serviceSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-922-1 -- libnss-db vulnerabilityUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 9.04libnss-dbStephane Chazelas discovered that libnss-db did not correctly set up a database environment. A local attacker could exploit this to read the first line of arbitrary files, leading to a loss of privacy and possibly privilege escalation.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-876-1 -- postgresql-8.1, postgresql-8.3, postgresql-8.4 vulnerabilitiesUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 6.06Ubuntu 9.04postgresql-8.1postgresql-8.3postgresql-8.4It was discovered that PostgreSQL did not properly handle certificates with NULL characters in the Common Name field of X.509 certificates. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. It was discovered that PostgreSQL did not properly manage session-local state. A remote authenticated user could exploit this to escalate priviliges within PostgreSQLSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-929-2 -- irssi regressionUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 9.04irssiUSN-929-1 fixed vulnerabilities in irssi. The upstream changes introduced a regression when using irssi with SSL and an IRC proxy. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that irssi did not perform certificate host validation when using SSL connections. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. Aurelien Delaitre discovered that irssi could be made to dereference a NULL pointer when a user left the channel. A remote attacker could cause a denial of service via application crash. This update also adds SSLv3 and TLSv1 support, while disabling the old, insecure SSLv2 protocol.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-931-1 -- ffmpeg, ffmpeg-debian vulnerabilitiesUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 9.04ffmpegffmpeg-debianIt was discovered that FFmpeg contained multiple security issues when handling certain multimedia files. If a user were tricked into opening a crafted multimedia file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-828-1 -- pam vulnerabilityUbuntu 8.10Ubuntu 9.04pamRussell Senior discovered that the system authentication module selection mechanism for PAM did not safely handle an empty selection. If an administrator had specifically removed the default list of modules or failed to chose a module when operating debconf in a very unlikely non-default configuration, PAM would allow any authentication attempt, which could lead to remote attackers gaining access to a system with arbitrary privileges. This did not affect default Ubuntu installations.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-915-1 -- thunderbird vulnerabilitiesUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 9.04thunderbirdSeveral flaws were discovered in the JavaScript engine of Thunderbird. If a user had JavaScript enabled and were tricked into viewing malicious web content, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Josh Soref discovered that the BinHex decoder used in Thunderbird contained a flaw. If a user were tricked into viewing malicious content, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that Thunderbird did not properly manage memory when using XUL tree elements. If a user were tricked into viewing malicious content, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Jesse Ruderman and Sid Stamm discovered that Thunderbird did not properly display filenames containing right-to-left override characters. If a user were tricked into opening a malicious file with a crafted filename, an attacker could exploit this to trick the user into opening a different file than the user expected. Takehiro Takahashi discovered flaws in the NTLM implementation in Thunderbird. If an NTLM authenticated user opened content containing links to a malicious website, a remote attacker could send requests to other applications, authenticated as the user. Ludovic Hirlimann discovered a flaw in the way Thunderbird indexed certain messages with attachments. A remote attacker could send specially crafted content and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the programSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-701-1 -- thunderbird vulnerabilitiesUbuntu 7.10Ubuntu 8.10Ubuntu 8.04thunderbirdSeveral flaws were discovered in the browser engine. If a user had Javascript enabled, these problems could allow an attacker to crash Thunderbird and possibly execute arbitrary code with user privileges. Boris Zbarsky discovered that the same-origin check in Thunderbird could be bypassed by utilizing XBL-bindings. If a user had Javascript enabled, an attacker could exploit this to read data from other domains. Marius Schilder discovered that Thunderbird did not properly handle redirects to an outside domain when an XMLHttpRequest was made to a same-origin resource. When Javascript is enabled, it�s possible that sensitive information could be revealed in the XMLHttpRequest response. Chris Evans discovered that Thunderbird did not properly protect a user�s data when accessing a same-domain Javascript URL that is redirected to an unparsable Javascript off-site resource. If a user were tricked into opening a malicious website and had Javascript enabled, an attacker may be able to steal a limited amount of private data. Chip Salzenberg, Justin Schuh, Tom Cross, and Peter William discovered Thunderbird did not properly parse URLs when processing certain control characters. Kojima Hajime discovered that Thunderbird did not properly handle an escaped null character. An attacker may be able to exploit this flaw to bypass script sanitization. Several flaws were discovered in the Javascript engine. If a user were tricked into opening a malicious website and had Javascript enabled, an attacker could exploit this to execute arbitrary Javascript code within the context of another website or with chrome privilegesSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-914-1 -- linux, linux-source-2.6.15 vulnerabilitiesUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 6.06Ubuntu 9.04linuxlinux-source-2.6.15Mathias Krause discovered that the Linux kernel did not correctly handle missing ELF interpreters. A local attacker could exploit this to cause the system to crash, leading to a denial of service. Marcelo Tosatti discovered that the Linux kernel�s hardware virtualization did not correctly handle reading the /dev/port special device. A local attacker in a guest operating system could issue a specific read that would cause the host system to crash, leading to a denial of service. Sebastian Krahmer discovered that the Linux kernel did not correctly handle netlink connector messages. A local attacker could exploit this to consume kernel memory, leading to a denial of service. Ramon de Carvalho Valle discovered that the Linux kernel did not correctly validate certain memory migration calls. A local attacker could exploit this to read arbitrary kernel memory or cause a system crash, leading to a denial of service. Jermome Marchand and Mikael Pettersson discovered that the Linux kernel did not correctly handle certain futex operations. A local attacker could exploit this to cause a system crash, leading to a denial of serviceSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-740-1 -- nss, firefox vulnerabilityUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10nssfirefoxThe MD5 algorithm is known not to be collision resistantSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-890-3 -- python2.4 vulnerabilitiesUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 6.06Ubuntu 9.04python2.4USN-890-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for the PyExpat module in Python 2.4. Original advisory details: Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly process malformed XML. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash. It was discovered that Expat did not properly process malformed UTF-8 sequences. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crashSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-885-1 -- libthai vulnerabilityUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 9.04libthaiTim Starling discovered that LibThai did not correctly handle long strings. A remote attacker could use specially-formed strings to execute arbitrary code with the user�s privileges.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-846-1 -- icu vulnerabilityUbuntu 8.10Ubuntu 8.04Ubuntu 9.04icuIt was discovered that ICU did not properly handle invalid byte sequences during Unicode conversion. If an application using ICU processed crafted data, content security mechanisms could be bypassed, potentially leading to cross-site scripting attacks.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-872-1 -- kdebase-runtime vulnerabilitiesUbuntu 8.10Ubuntu 9.10Ubuntu 9.04kdebase-runtimeIt was discovered that the KIO subsystem of KDE did not properly perform input validation when processing help:// URIs. If a user or KIO application processed a crafted help:// URI, an attacker could trigger JavaScript execution or access files via directory traversal.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDUSN-757-1 -- ghostscript, gs-esp, gs-gpl vulnerabilitiesUbuntu 8.04Ubuntu 6.06Ubuntu 8.10ghostscriptgs-espgs-gplIt was discovered that Ghostscript contained a buffer underflow in its CCITTFax decoding filter. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. It was discovered that Ghostscript contained a buffer overflow in the BaseFont writer module. If a user or automated system were tricked into opening a crafted Postscript file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. It was discovered that Ghostscript contained additional integer overflows in its ICC color management library. If a user or automated system were tricked into opening a crafted Postscript or PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. Alin Rad Pop discovered that Ghostscript contained a buffer overflow in the jbig2dec library. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. USN-743-1 provided updated ghostscript and gs-gpl packages to fix two security vulnerabilities. This update corrects the same vulnerabilities in the gs-esp package. Original advisory details: It was discovered that Ghostscript contained multiple integer overflows in its ICC color management library. If a user or automated system were tricked into opening a crafted Postscript file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. It was discovered that Ghostscript did not properly perform bounds checking in its ICC color management library. If a user or automated system were tricked into opening a crafted Postscript file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the programSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-894-1 -- linux, linux-source-2.6.15 vulnerabilitiesUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 6.06Ubuntu 9.04linuxlinux-source-2.6.15Amerigo Wang and Eric Sesterhenn discovered that the HFS and ext4 filesystems did not correctly check certain disk structures. If a user were tricked into mounting a specially crafted filesystem, a remote attacker could crash the system or gain root privileges. It was discovered that FUSE did not correctly check certain requests. A local attacker with access to FUSE mounts could exploit this to crash the system or possibly gain root privileges. Ubuntu 9.10 was not affected. It was discovered that KVM did not correctly decode certain guest instructions. A local attacker in a guest could exploit this to trigger high scheduling latency in the host, leading to a denial of service. Ubuntu 6.06 was not affected. It was discovered that the OHCI fireware driver did not correctly handle certain ioctls. A local attacker could exploit this to crash the system, or possibly gain root privileges. Ubuntu 6.06 was not affected. Tavis Ormandy discovered that the kernel did not correctly handle O_ASYNC on locked files. A local attacker could exploit this to gain root privileges. Only Ubuntu 9.04 and 9.10 were affected. Neil Horman and Eugene Teo discovered that the e1000 and e1000e network drivers did not correctly check the size of Ethernet frames. An attacker on the local network could send specially crafted traffic to bypass packet filters, crash the system, or possibly gain root privileges. It was discovered that "print-fatal-signals" reporting could show arbitrary kernel memory contents. A local attacker could exploit this, leading to a loss of privacy. By default this is disabled in Ubuntu and did not affect Ubuntu 6.06. Olli Jarva and Tuomo Untinen discovered that IPv6 did not correctly handle jumbo frames. A remote attacker could exploit this to crash the system, leading to a denial of service. Only Ubuntu 9.04 and 9.10 were affected. Florian Westphal discovered that bridging netfilter rules could be modified by unprivileged users. A local attacker could disrupt network traffic, leading to a denial of service. Al Viro discovered that certain mremap operations could leak kernel memory. A local attacker could exploit this to consume all available memory, leading to a denial of serviceSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-802-1 -- apache2 vulnerabilitiesUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10apache2It was discovered that mod_proxy_http did not properly handle a large amount of streamed data when used as a reverse proxy. A remote attacker could exploit this and cause a denial of service via memory resource consumption. This issue affected Ubuntu 8.04 LTS, 8.10 and 9.04. It was discovered that mod_deflate did not abort compressing large files when the connection was closed. A remote attacker could exploit this and cause a denial of service via CPU resource consumptionSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-844-1 -- mimetex vulnerabilitiesUbuntu 8.10Ubuntu 8.04Ubuntu 9.04mimetexChris Evans discovered that mimeTeX incorrectly handled certain long tags. An attacker could exploit this with a crafted mimeTeX expression and cause a denial of service or possibly execute arbitrary code. Chris Evans discovered that mimeTeX contained certain directives that may be unsuitable for handling untrusted user input. This update fixed the issue by disabling the \input and \counter tagsSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-881-1 -- krb5 vulnerabilityUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 6.06Ubuntu 9.04krb5It was discovered that Kerberos did not correctly handle invalid AES blocks. An unauthenticated remote attacker could send specially crafted traffic that would crash the KDC service, leading to a denial of service, or possibly execute arbitrary code with root privileges.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-715-1 -- linux vulnerabilitiesUbuntu 8.10linuxHugo Dias discovered that the ATM subsystem did not correctly manage socket counts. A local attacker could exploit this to cause a system hang, leading to a denial of service. It was discovered that the inotify subsystem contained watch removal race conditions. A local attacker could exploit this to crash the system, leading to a denial of service. Dann Frazier discovered that in certain situations sendmsg did not correctly release allocated memory. A local attacker could exploit this to force the system to run out of free memory, leading to a denial of service. Helge Deller discovered that PA-RISC stack unwinding was not handled correctly. A local attacker could exploit this to crash the system, leading do a denial of service. This did not affect official Ubuntu kernels, but was fixed in the source for anyone performing HPPA kernel builds. It was discovered that the ATA subsystem did not correctly set timeouts. A local attacker could exploit this to cause a system hang, leading to a denial of service. It was discovered that the ib700 watchdog timer did not correctly check buffer sizes. A local attacker could send a specially crafted ioctl to the device to cause a system crash, leading to a denial of serviceSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-895-1 -- firefox-3.0, xulrunner-1.9 vulnerabilitiesUbuntu 8.10Ubuntu 8.04Ubuntu 9.04firefox-3.0xulrunner-1.9Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Orlando Barrera II discovered a flaw in the Web Workers implementation of Firefox. If a user were tricked into posting to a malicious website, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Alin Rad Pop discovered that Firefox�s HTML parser would incorrectly free memory under certain circumstances. If the browser could be made to access these freed memory objects, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. Hidetake Jo discovered that the showModalDialog in Firefox did not always honor the same-origin policy. An attacker could exploit this to run untrusted JavaScript from other domains. Georgi Guninski discovered that the same-origin check in Firefox could be bypassed by utilizing a crafted SVG image. If a user were tricked into viewing a malicious website, an attacker could exploit this to read data from other domainsSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-890-1 -- expat vulnerabilitiesUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 6.06Ubuntu 9.04expatJukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly process malformed XML. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash. It was discovered that Expat did not properly process malformed UTF-8 sequences. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crashSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-923-1 -- openjdk-6 vulnerabilitiesUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 9.04openjdk-6Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user�s session. It was discovered that Loader-constraint table, Policy/PolicyFile, Inflater/Deflater, drag/drop access, and deserialization did not correctly handle certain sensitive objects. If a user were tricked into running a specially crafted applet, private information could be leaked to a remote attacker, leading to a loss of privacy. It was discovered that AtomicReferenceArray, System.arraycopy, InetAddress, and HashAttributeSet did not correctly handle certain situations. If a remote attacker could trigger specific error conditions, a Java application could crash, leading to a denial of service. It was discovered that Pack200, CMM readMabCurveData, ImagingLib, and the AWT library did not correctly check buffer lengths. If a user or automated system were tricked into handling specially crafted JAR files or images, a remote attacker could crash the Java application or possibly gain user privileges . It was discovered that applets did not correctly handle certain trust chains. If a user were tricked into running a specially crafted applet, a remote attacker could possibly run untrusted code with user privilegesSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-887-1 -- libthai vulnerabilityUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 9.04libthaiTim Starling discovered that LibThai did not correctly handle long strings. A remote attacker could use specially-formed strings to execute arbitrary code with the user�s privileges.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-744-1 -- lcms vulnerabilitiesUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10lcmsChris Evans discovered that LittleCMS did not properly handle certain error conditions, resulting in a large memory leak. If a user or automated system were tricked into processing an image with malicious ICC tags, a remote attacker could cause a denial of service. Chris Evans discovered that LittleCMS contained multiple integer overflows. If a user or automated system were tricked into processing an image with malicious ICC tags, a remote attacker could crash applications linked against liblcms1, leading to a denial of service, or possibly execute arbitrary code with user privileges. Chris Evans discovered that LittleCMS did not properly perform bounds checking, leading to a buffer overflow. If a user or automated system were tricked into processing an image with malicious ICC tags, a remote attacker could execute arbitrary code with user privilegesSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-732-1 -- dash vulnerabilityUbuntu 8.10Ubuntu 8.04dashWolfgang M. Reimer discovered that dash, when invoked as a login shell, would source .profile files from the current directory. Local users may be able to bypass security restrictions and gain root privileges by placing specially crafted .profile files where they might get sourced by other dash users.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-919-1 -- emacs22, emacs23 vulnerabilityUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 9.04emacs22emacs23Dan Rosenberg discovered that the email helper in Emacs did not correctly check file permissions. A local attacker could perform a symlink race to read or append to another user�s mailbox if it was stored under a group-writable group-"mail" directory.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-853-1 -- firefox-3.0, firefox-3.5, xulrunner-1.9, xulrunner-1.9.1 vulnerabilitiesUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 9.04firefox-3.0firefox-3.5xulrunner-1.9xulrunner-1.9.1Alin Rad Pop discovered a heap-based buffer overflow in Firefox when it converted strings to floating point numbers. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Jeremy Brown discovered that the Firefox Download Manager was vulnerable to symlink attacks. A local attacker could exploit this to create or overwrite files with the privileges of the user invoking the program. Paul Stone discovered a flaw in the Firefox form history. If a user were tricked into viewing a malicious website, a remote attacker could access this data to steal confidential information. Orlando Berrera discovered that Firefox did not properly free memory when using web-workers. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 9.10. A flaw was discovered in the way Firefox processed Proxy Auto-configuration files. If a user configured the browser to use PAC files with certain regular expressions, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. A heap-based buffer overflow was discovered in Mozilla�s GIF image parser. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. A flaw was discovered in the JavaScript engine of Firefox. An attacker could exploit this to execute scripts from page content with chrome privileges. Gregory Fleischer discovered that the same-origin check in Firefox could be bypassed by utilizing the document.getSelection function. An attacker could exploit this to read data from other domains. Jesse Ruderman and Sid Stamm discovered that Firefox did not properly display filenames containing right-to-left override characters. If a user were tricked into downloading a malicious file with a crafted filename, an attacker could exploit this to trick the user into opening a different file than the user expected. Several flaws were discovered in third party media libraries. If a user were tricked into opening a crafted media file, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 9.10. Vladimir Vukicevic, Jesse Ruderman, Martijn Wargers, Daniel Banchero, David Keeler, Boris Zbarsky, Thomas Frederiksen, Marcia Knous, Carsten Book, Kevin Brosnan, David Anderson and Jeff Walden discovered various flaws in the browser and JavaScript engines of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the programSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-836-1 -- webkit vulnerabilitiesUbuntu 8.10Ubuntu 9.04webkitIt was discovered that WebKit did not properly handle certain SVGPathList data structures. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. Several flaws were discovered in the WebKit browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that WebKit did not prevent the loading of local Java applets. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the programSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-749-1 -- libsndfile vulnerabilityUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10libsndfileIt was discovered that libsndfile did not correctly handle description chunks in CAF audio files. If a user or automated system were tricked into opening a specially crafted CAF audio file, an attacker could execute arbitrary code with the privileges of the user invoking the program.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-777-1 -- ntp vulnerabilitiesUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10ntpA stack-based buffer overflow was discovered in ntpq. If a user were tricked into connecting to a malicious ntp server, a remote attacker could cause a denial of service in ntpq, or possibly execute arbitrary code with the privileges of the user invoking the program. Chris Ries discovered a stack-based overflow in ntp. If ntp was configured to use autokey, a remote attacker could send a crafted packet to cause a denial of service, or possible execute arbitrary codeSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-926-1 -- clamav vulnerabilitiesUbuntu 8.10Ubuntu 9.10Ubuntu 9.04clamavIt was discovered that ClamAV did not properly verify its input when processing CAB files. A remote attacker could send a specially crafted CAB file to evade malware detection. It was discovered that ClamAV did not properly verify its input when processing CAB files. A remote attacker could send a specially crafted CAB file and cause a denial of service via application crash.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-908-1 -- apache2 vulnerabilitiesUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 6.06Ubuntu 9.04apache2It was discovered that mod_proxy_ajp did not properly handle errors when a client doesn�t send a request body. A remote attacker could exploit this with a crafted request and cause a denial of service. This issue affected Ubuntu 8.04 LTS, 8.10, 9.04 and 9.10. It was discovered that Apache did not properly handle headers in subrequests under certain conditions. A remote attacker could exploit this with a crafted request and possibly obtain sensitive information from previous requestsSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-918-1 -- samba vulnerabilityUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 6.06Ubuntu 9.04sambaIt was discovered the Samba handled symlinks in an unexpected way when both "wide links" and "UNIX extensions" were enabled, which is the default. A remote attacker could create symlinks and access arbitrary files from the server.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-890-6 -- cmake vulnerabilitiesUbuntu 8.10Ubuntu 8.04Ubuntu 9.04cmakeUSN-890-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for CMake. Original advisory details: Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly process malformed XML. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash. It was discovered that Expat did not properly process malformed UTF-8 sequences. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crashSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-897-1 -- mysql-dfsg-5.0, mysql-dfsg-5.1 vulnerabilitiesUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 6.06Ubuntu 9.04mysql-dfsg-5.0mysql-dfsg-5.1It was discovered that MySQL could be made to overwrite existing table files in the data directory. An authenticated user could use the DATA DIRECTORY and INDEX DIRECTORY options to possibly bypass privilege checks. This update alters table creation behaviour by disallowing the use of the MySQL data directory in DATA DIRECTORY and INDEX DIRECTORY options. This issue only affected Ubuntu 8.10. It was discovered that MySQL contained a cross-site scripting vulnerability in the command-line client when the --html option is enabled. An attacker could place arbitrary web script or html in a database cell, which would then get placed in the html document output by the command-line tool. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04. It was discovered that MySQL could be made to overwrite existing table files in the data directory. An authenticated user could use symlinks combined with the DATA DIRECTORY and INDEX DIRECTORY options to possibly bypass privilege checks. This issue only affected Ubuntu 9.10. It was discovered that MySQL contained multiple format string flaws when logging database creation and deletion. An authenticated user could use specially crafted database names to make MySQL crash, causing a denial of service. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04. It was discovered that MySQL incorrectly handled errors when performing certain SELECT statements, and did not preserve correct flags when performing statements that use the GeomFromWKB function. An authenticated user could exploit this to make MySQL crash, causing a denial of service. It was discovered that MySQL incorrectly checked symlinks when using the DATA DIRECTORY and INDEX DIRECTORY options. A local user could use symlinks to create tables that pointed to tables known to be created at a later time, bypassing access restrictions. It was discovered that MySQL contained a buffer overflow when parsing ssl certificates. A remote attacker could send crafted requests and cause a denial of service or possibly execute arbitrary code. This issue did not affect Ubuntu 6.06 LTS and the default compiler options for affected releases should reduce the vulnerability to a denial of service. In the default installation, attackers would also be isolated by the AppArmor MySQL profileSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-892-1 -- fuse vulnerabilityUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 6.06Ubuntu 9.04fuseRonald Volgers discovered that FUSE did not correctly check mount locations. A local attacker, with access to use FUSE, could unmount arbitrary locations, leading to a denial of service.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-806-1 -- python2.4, python2.5 vulnerabilitiesUbuntu 8.04Ubuntu 6.06Ubuntu 8.10python2.4python2.5It was discovered that Python incorrectly handled certain arguments in the imageop module. If an attacker were able to pass specially crafted arguments through the crop function, they could execute arbitrary code with user privileges. For Python 2.5, this issue only affected Ubuntu 8.04 LTS. Multiple integer overflows were discovered in Python�s stringobject and unicodeobject expandtabs method. If an attacker were able to exploit these flaws they could execute arbitrary code with user privileges or cause Python applications to crash, leading to a denial of serviceSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-883-1 -- network-manager-applet vulnerabilitiesUbuntu 8.10Ubuntu 9.04network-manager-appletIt was discovered that NetworkManager did not ensure that the Certification Authority certificate file remained present when using WPA Enterprise or 802.1x networks. A remote attacker could use this flaw to spoof the identity of a wireless network and view sensitive information. It was discovered that the connection editor GUI would incorrectly export objects over D-Bus. A local user could read D-Bus signals to view other users" network connection passwords and pre-shared keysSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-730-1 -- libpng vulnerabilitiesUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10libpngIt was discovered that libpng did not properly perform bounds checking in certain operations. An attacker could send a specially crafted PNG image and cause a denial of service in applications linked against libpng. This issue only affected Ubuntu 8.04 LTS. Tavis Ormandy discovered that libpng did not properly initialize memory. If a user or automated system were tricked into opening a crafted PNG image, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. This issue did not affect Ubuntu 8.10. Harald van Dijk discovered an off-by-one error in libpng. An attacker could could cause an application crash in programs using pngtest. It was discovered that libpng did not properly NULL terminate a keyword string. An attacker could exploit this to set arbitrary memory locations to zero. Glenn Randers-Pehrson discovered that libpng did not properly initialize pointers. If a user or automated system were tricked into opening a crafted PNG file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the programSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-821-1 -- firefox-3.0, xulrunner-1.9 vulnerabilitiesUbuntu 8.10Ubuntu 8.04Ubuntu 9.04firefox-3.0xulrunner-1.9Several flaws were discovered in the Firefox browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Jesse Ruderman and Dan Kaminsky discovered that Firefox did not adequately inform users when security modules were added or removed via PKCS11. If a user visited a malicious website, an attacker could exploit this to trick the user into installing a malicious PKCS11 module. It was discovered that Firefox did not properly manage memory when using XUL tree elements. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Juan Pablo Lopez Yacubian discovered that Firefox did properly display certain Unicode characters in the location bar and other text fields when using a certain non-Ubuntu font. If a user configured Firefox to use this font, an attacker could exploit this to spoof the location bar, such as in a phishing attack. It was discovered that the BrowserFeedWriter in Firefox could be subverted to run JavaScript code from web content with elevated chrome privileges. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the programSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-841-1 -- glib2.0 vulnerabilityUbuntu 8.10Ubuntu 8.04Ubuntu 9.04glib2.0Arand Nash discovered that applications linked to GLib did not correctly copy symlinks. If a user copied symlinks with GLib, the symlink target files would become world-writable, allowing local attackers to gain access to potentially sensitive information.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-873-1 -- firefox-3.0, xulrunner-1.9 vulnerabilitiesUbuntu 8.10Ubuntu 8.04Ubuntu 9.04firefox-3.0xulrunner-1.9Jesse Ruderman, Josh Soref, Martijn Wargers, Jose Angel, Olli Pettay, and David James discovered several flaws in the browser and JavaScript engines of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Takehiro Takahashi discovered flaws in the NTLM implementation in Firefox. If an NTLM authenticated user visited a malicious website, a remote attacker could send requests to other applications, authenticated as the user. Jonathan Morgan discovered that Firefox did not properly display SSL indicators under certain circumstances. This could be used by an attacker to spoof an encrypted page, such as in a phishing attack. Jordi Chancel discovered that Firefox did not properly display invalid URLs for a blank page. If a user were tricked into accessing a malicious website, an attacker could exploit this to spoof the location bar, such as in a phishing attackSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-899-1 -- tomcat6 vulnerabilitiesUbuntu 8.10Ubuntu 9.10Ubuntu 9.04tomcat6It was discovered that Tomcat did not correctly validate WAR filenames or paths when deploying. A remote attacker could send a specially crafted WAR file to be deployed and cause arbitrary files and directories to be created, overwritten, or deleted.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-751-1 -- linux, linux-source-2.6.22 vulnerabilitiesUbuntu 7.10Ubuntu 8.10Ubuntu 8.04linuxlinux-source-2.6.22NFS did not correctly handle races between fcntl and interrupts. A local attacker on an NFS mount could consume unlimited kernel memory, leading to a denial of service. Ubuntu 8.10 was not affected. Sparc syscalls did not correctly check mmap regions. A local attacker could cause a system panic, leading to a denial of service. Ubuntu 8.10 was not affected. In certain situations, cloned processes were able to send signals to parent processes, crossing privilege boundaries. A local attacker could send arbitrary signals to parent processes, leading to a denial of service. The kernel keyring did not free memory correctly. A local attacker could consume unlimited kernel memory, leading to a denial of service. The SCTP stack did not correctly validate FORWARD-TSN packets. A remote attacker could send specially crafted SCTP traffic causing a system crash, leading to a denial of service. The eCryptfs filesystem did not correctly handle certain VFS return codes. A local attacker with write-access to an eCryptfs filesystem could cause a system crash, leading to a denial of service. The Dell platform device did not correctly validate user parameters. A local attacker could perform specially crafted reads to crash the system, leading to a denial of service. The page fault handler could consume stack memory. A local attacker could exploit this to crash the system or gain root privileges with a Kprobe registered. Only Ubuntu 8.10 was affected. Network interfaces statistics for the SysKonnect FDDI driver did not check capabilities. A local user could reset statistics, potentially interfering with packet accounting systems. The getsockopt function did not correctly clear certain parameters. A local attacker could read leaked kernel memory, leading to a loss of privacy. The ext4 filesystem did not correctly clear group descriptors when resizing. A local attacker could exploit this to crash the system, leading to a denial of service. The ext4 filesystem did not correctly validate certain fields. A local attacker could mount a malicious ext4 filesystem, causing a system crash, leading to a denial of service. The syscall interface did not correctly validate parameters when crossing the 64-bit/32-bit boundary. A local attacker could bypass certain syscall restricts via crafted syscalls. The shared memory subsystem did not correctly handle certain shmctl calls when CONFIG_SHMEM was disabled. Ubuntu kernels were not vulnerable, since CONFIG_SHMEM is enabled by default. The virtual consoles did not correctly handle certain UTF-8 sequences. A local attacker on the physical console could exploit this to cause a system crash, leading to a denial of serviceSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-913-1 -- libpng vulnerabilitiesUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 6.06Ubuntu 9.04libpngIt was discovered that libpng did not properly initialize memory when decoding certain 1-bit interlaced images. If a user or automated system were tricked into processing crafted PNG images, an attacker could possibly use this flaw to read sensitive information stored in memory. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04. It was discovered that libpng did not properly handle certain excessively compressed PNG images. If a user or automated system were tricked into processing a crafted PNG image, an attacker could possibly use this flaw to consume all available resources, resulting in a denial of serviceSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-769-1 -- libwmf vulnerabilityUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10libwmfTavis Ormandy discovered that libwmf incorrectly used memory after it had been freed when using its embedded GD library. If a user or automated system were tricked into opening a crafted WMF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-920-1 -- firefox-3.0, xulrunner-1.9 vulnerabilitiesUbuntu 8.10Ubuntu 8.04Ubuntu 9.04firefox-3.0xulrunner-1.9Martijn Wargers, Josh Soref, Jesse Ruderman, and Ehsan Akhgari discovered flaws in the browser engine of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that Firefox could be made to access previously freed memory. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Paul Stone discovered that Firefox could be made to change a mouse click into a drag and drop event. If the user could be tricked into performing this action twice on a crafted website, an attacker could execute arbitrary JavaScript with chrome privileges. It was discovered that the XMLHttpRequestSpy module as used by the Firebug add-on could be used to escalate privileges within the browser. If the user had the Firebug add-on installed and were tricked into viewing a malicious website, an attacker could potentially run arbitrary JavaScriptSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-875-1 -- redhat-cluster, redhat-cluster-suite vulnerabilitiesUbuntu 8.04Ubuntu 6.06Ubuntu 8.10redhat-clusterredhat-cluster-suiteMultiple insecure temporary file handling vulnerabilities were discovered in Red Hat Cluster. A local attacker could exploit these to overwrite arbitrary local files via symlinks. It was discovered that CMAN did not properly handle malformed configuration files. An attacker could cause a denial of service in a node if the attacker were able to modify the cluster configuration for the nodeSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-801-1 -- tiff vulnerabilityUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10tiffTielei Wang and Tom Lane discovered that the TIFF library did not correctly handle certain malformed TIFF images. If a user or automated system were tricked into processing a malicious image, an attacker could execute arbitrary code with the privileges of the user invoking the program.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-902-1 -- pidgin vulnerabilitiesUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 9.04pidginFabian Yamaguchi discovered that Pidgin incorrectly validated all fields of an incoming message in the MSN protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. Sadrul Habib Chowdhury discovered that Pidgin incorrectly handled certain nicknames in Finch group chat rooms. A remote attacker could use a specially crafted nickname and cause Pidgin to crash, leading to a denial of service. Antti Hayrynen discovered that Pidgin incorrectly handled large numbers of smileys. A remote attacker could send a specially crafted message and cause Pidgin to become unresponsive, leading to a denial of serviceSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-712-1 -- vim vulnerabilitiesUbuntu 7.10Ubuntu 8.04Ubuntu 6.06Ubuntu 8.10vimJan Minar discovered that Vim did not properly sanitize inputs before invoking the execute or system functions inside Vim scripts. If a user were tricked into running Vim scripts with a specially crafted input, an attacker could execute arbitrary code with the privileges of the user invoking the program. Ben Schmidt discovered that Vim did not properly escape characters when performing keyword or tag lookups. If a user were tricked into running specially crafted commands, an attacker could execute arbitrary code with the privileges of the user invoking the programSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-734-1 -- ffmpeg, ffmpeg-debian vulnerabilitiesUbuntu 7.10Ubuntu 8.10Ubuntu 8.04ffmpegffmpeg-debianIt was discovered that FFmpeg did not correctly handle certain malformed Ogg Media files. If a user were tricked into opening a crafted Ogg Media file, an attacker could cause the application using FFmpeg to crash, leading to a denial of service. It was discovered that FFmpeg did not correctly handle certain parameters when creating DTS streams. If a user were tricked into processing certain commands, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.10. It was discovered that FFmpeg did not correctly handle certain malformed DTS Coherent Acoustics files. If a user were tricked into opening a crafted DCA file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that FFmpeg did not correctly handle certain malformed 4X movie files. If a user were tricked into opening a crafted 4xm file, an attacker could execute arbitrary code with the privileges of the user invoking the programSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUbuntu 7.10 is installedUbuntu 7.10Ubuntu 7.10 is installedSecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDUSN-775-1 -- quagga vulnerabilityUbuntu 8.04Ubuntu 9.04Ubuntu 6.06Ubuntu 8.10quaggaIt was discovered that the BGP service in Quagga did not correctly handle certain AS paths containing 4-byte ASNs. An authenticated remote attacker could exploit this flaw to cause bgpd to abort, leading to a denial of service.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-909-1 -- dpkg vulnerabilityUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 6.06Ubuntu 9.04dpkgWilliam Grant discovered that dpkg-source did not safely apply diffs when unpacking source packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could modify files outside the target unpack directory, leading to a denial of service or potentially gaining access to the system.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-932-1 -- kdebase-workspace vulnerabilityUbuntu 8.10Ubuntu 9.10Ubuntu 9.04kdebase-workspaceSebastian Krahmer discovered a race condition in the KDE Display Manager . A local attacker could exploit this to change the permissions on arbitrary files, thus allowing privilege escalation.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-904-1 -- squid vulnerabilityUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 9.04squidIt was discovered that Squid incorrectly handled certain malformed packets received on the HTCP port. A remote attacker could exploit this with a specially-crafted packet and cause Squid to crash, resulting in a denial of service.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-886-1 -- pidgin vulnerabilitiesUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 9.04pidginIt was discovered that Pidgin did not properly handle certain topic messages in the IRC protocol handler. If a user were tricked into connecting to a malicious IRC server, an attacker could cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 8.04 LTS, Ubuntu 8.10 and Ubuntu 9.04. It was discovered that Pidgin did not properly enforce the "require TLS/SSL" setting when connecting to certain older Jabber servers. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. This issue only affected Ubuntu 8.04 LTS, Ubuntu 8.10 and Ubuntu 9.04. It was discovered that Pidgin did not properly handle certain SLP invite messages in the MSN protocol handler. A remote attacker could send a specially crafted invite message and cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 8.04 LTS, Ubuntu 8.10 and Ubuntu 9.04. It was discovered that Pidgin did not properly handle certain errors in the XMPP protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 8.10 and Ubuntu 9.04. It was discovered that Pidgin did not properly handle malformed contact-list data in the OSCAR protocol handler. A remote attacker could send specially crafted contact-list data and cause Pidgin to crash, leading to a denial of service. It was discovered that Pidgin did not properly handle custom smiley requests in the MSN protocol handler. A remote attacker could send a specially crafted filename in a custom smiley request and obtain arbitrary files via directory traversal. This issue only affected Ubuntu 8.10, Ubuntu 9.04 and Ubuntu 9.10. Pidgin for Ubuntu 8.04 LTS was also updated to fix connection issues with the MSN protocol. USN-675-1 and USN-781-1 provided updated Pidgin packages to fix multiple security vulnerabilities in Ubuntu 8.04 LTS. The security patches to fix CVE-2008-2955 and CVE-2009-1376 were incomplete. This update corrects the problem. Original advisory details: It was discovered that Pidgin did not properly handle file transfers containing a long filename and special characters in the MSN protocol handler. A remote attacker could send a specially crafted filename in a file transfer request and cause Pidgin to crash, leading to a denial of service. It was discovered that Pidgin did not properly handle certain malformed messages in the MSN protocol handler. A remote attacker could send a specially crafted message and possibly execute arbitrary code with user privilegesSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-882-1 -- php5 vulnerabilitiesUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 6.06Ubuntu 9.04php5Maksymilian Arciemowicz discovered that PHP did not properly handle the ini_restore function. An attacker could exploit this issue to obtain random memory contents or to cause the PHP server to crash, resulting in a denial of service. It was discovered that the htmlspecialchars function did not properly handle certain character sequences, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain. Stefan Esser discovered that PHP did not properly handle session data. An attacker could exploit this issue to bypass safe_mode or open_basedir restrictionsSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-891-1 -- lintian vulnerabilitiesUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 6.06Ubuntu 9.04lintianIt was discovered that lintian did not correctly validate certain filenames when processing input. If a user or an automated system were tricked into running lintian on a specially crafted set of files, a remote attacker could execute arbitrary code with user privileges.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-929-1 -- irssi vulnerabilitiesUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 9.04irssiIt was discovered that irssi did not perform certificate host validation when using SSL connections. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. Aurelien Delaitre discovered that irssi could be made to dereference a NULL pointer when a user left the channel. A remote attacker could cause a denial of service via application crash. This update also adds SSLv3 and TLSv1 support, while disabling the old, insecure SSLv2 protocol.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-884-1 -- openssl vulnerabilityUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 6.06Ubuntu 9.04opensslIt was discovered that OpenSSL did not correctly free unused memory in certain situations. A remote attacker could trigger this flaw in services that used SSL, causing the service to use all available system memory, leading to a denial of service.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-803-2 -- dhcp3 vulnerabilityUbuntu 8.10Ubuntu 9.10Ubuntu 9.04dhcp3USN-803-1 fixed a vulnerability in Dhcp. Due to an error, the patch to fix the vulnerability was not properly applied on Ubuntu 8.10 and higher. Even with the patch improperly applied, the default compiler options reduced the vulnerability to a denial of service. Additionally, in Ubuntu 9.04 and higher, users were also protected by the AppArmor dhclient3 profile. This update fixes the problem. Original advisory details: It was discovered that the DHCP client as included in dhcp3 did not verify the length of certain option fields when processing a response from an IPv4 dhcp server. If a user running Ubuntu 6.06 LTS or 8.04 LTS connected to a malicious dhcp server, a remote attacker could cause a denial of service or execute arbitrary code as the user invoking the program, typically the "dhcp" user. For users running Ubuntu 8.10 or 9.04, a remote attacker should only be able to cause a denial of service in the DHCP client. In Ubuntu 9.04, attackers would also be isolated by the AppArmor dhclient3 profile.SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-905-1 -- sudo vulnerabilitiesUbuntu 8.04Ubuntu 8.10Ubuntu 9.10Ubuntu 6.06Ubuntu 9.04sudoIt was discovered that sudo did not properly validate the path for the "sudoedit" pseudo-command. A local attacker could exploit this to execute arbitrary code as root if sudo was configured to allow the attacker to use sudoedit. The sudoedit pseudo-command is not used in the default installation of Ubuntu. It was discovered that sudo did not reset group permissions when the "runas_default" configuration option was used. A local attacker could exploit this to escalate group privileges if sudo was configured to allow the attacker to run commands under the runas_default account. The runas_default configuration option is not used in the default installation of Ubuntu. This issue affected Ubuntu 8.04 LTS, 8.10 and 9.04SecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUbuntu 6.06 is installedUbuntu 6.06Ubuntu 6.06 is installedSecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDUbuntu 8.10 is installedUbuntu 8.10Ubuntu 8.10 is installedSecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDUbuntu 8.04 is installedUbuntu 8.04Ubuntu 8.04 is installedSecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDUbuntu 9.10 is installedUbuntu 9.10Ubuntu 9.10 is installedSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUbuntu 9.04 is installedUbuntu 9.04Ubuntu 9.04 is installedSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDlibhtml-parser-perllibperl5.8libarchive-tar-perllinux-image-2.6.22-16-hppa32linux-image-2.6.22-16-sparc64linux-image-2.6.22-16-mckinleylinux-image-2.6.22-16-powerpclinux-image-2.6.24-22-lpialinux-image-2.6.24-22-386linux-image-2.6.24-22-xenlinux-image-2.6.24-22-itaniumlinux-image-2.6.15-53-powerpc64-smplinux-image-2.6.15-53-k7linux-image-2.6.15-53-serverlinux-image-2.6.22-16-umelinux-image-2.6.22-16-sparc64-smplinux-image-2.6.15-53-server-bigironlinux-image-2.6.24-22-hppa64linux-image-2.6.22-16-virtuallinux-image-2.6.15-53-686linux-image-2.6.24-22-mckinleylinux-image-2.6.15-53-sparc64-smplinux-image-2.6.15-53-hppa32-smplinux-image-2.6.15-53-amd64-xeonlinux-image-2.6.22-16-hppa64linux-image-2.6.22-16-lpiacompatlinux-image-2.6.24-22-lpiacompatlinux-image-2.6.24-22-powerpc64-smplinux-image-2.6.24-22-hppa32linux-image-2.6.22-16-powerpc64-smplinux-image-2.6.15-53-powerpclinux-image-2.6.24-22-sparc64linux-image-2.6.15-53-mckinleylinux-image-2.6.24-22-rtlinux-image-2.6.24-22-powerpc-smplinux-image-2.6.15-53-amd64-genericlinux-image-2.6.27-9-genericlinux-image-2.6.15-53-mckinley-smplinux-image-2.6.27-9-virtuallinux-image-2.6.22-16-serverlinux-image-2.6.15-53-amd64-serverlinux-image-2.6.15-53-hppa32linux-image-2.6.24-22-openvzlinux-image-2.6.24-22-genericlinux-image-2.6.22-16-rtlinux-image-2.6.27-9-serverlinux-image-2.6.24-22-sparc64-smplinux-image-2.6.15-53-386linux-image-2.6.15-53-hppa64linux-image-2.6.22-16-celllinux-image-2.6.15-53-sparc64linux-image-2.6.24-22-serverlinux-image-2.6.15-53-powerpc-smplinux-image-2.6.15-53-itaniumlinux-image-2.6.22-16-itaniumlinux-image-2.6.24-22-powerpclinux-image-2.6.22-16-powerpc-smplinux-image-2.6.22-16-xenlinux-image-2.6.15-53-amd64-k8linux-image-2.6.24-22-virtuallinux-image-2.6.15-53-itanium-smplinux-image-2.6.15-53-hppa64-smplinux-image-2.6.22-16-386linux-image-2.6.22-16-lpialinux-image-2.6.22-16-genericlibclamav5libgadu3sambaawstatslibsnmp9libsnmp15libsnmp10libsnmp-perlmozilla-thunderbirdthunderbirdlibxml2libgnutls26libgnutls13libgnutls12vinagredovecot-imapdavahi-daemonloginopenoffice.org-coreopenoffice.org-commonabrowserfirefox-3.0xulrunner-1.9firefoxsystem-tools-backendsliblcms1libimlib2compiz-fusion-plugins-mainlibvirt0nfs-kernel-serverlinux-image-2.6.27-7-genericlinux-image-2.6.27-7-virtualprocpslinux-image-2.6.27-7-serverpasswdpython-vm-builderruby1.9libwebkit-1.0-1enscriptlibopenexr-devopenexrlibopenexr6libopenexr2ldblpython2.4-subversionlibsvn0-devlibsvn-devlibsvn-javalibsvn-core-perllibsvn-javahllibsvn0subversionlibapache2-svnlibsvn-rubypython-subversion-dbglibsvn-perllibsvn1subversion-toolslibsvn-ruby1.8libsvn-docpython-subversionmonodoc-dbus-1-manuallibdbus-1-cillibdbus-glib-1-2libdbus-1-2python2.4-dbuslibdbus-glib-1-devdbuslibdbus-1-devdbus-x11dbus-1-doclibdbus-qt-1-1c2dbus-1-utilslibdbus-qt-1-devlibdbus-1-3dnsmasqdnsmasq-basegit-coregit-guigit-p4git-archgit-emailgit-docgit-daemon-rungitkgit-cvsgit-svngitweblibjasper-1.701-1libjasper1libjasper-runtimelibjasper-1.701-devlibjasper-devlibgd2libgd2-devlibgd2-xpmlibgd2-noxpm-devlibgd2-noxpmlibgd-toolslibgd2-xpm-devirssi-textpython-pygresql-dbgpython-pygresqlamarok-dbgamarok-engine-xineamarok-commonamarokamarok-xineamarok-engine-yauapamarok-enginesfetchmailfetchmailconflibapr1-dbglibapr1libapr1-devpython2.4-libxml2libxml2libxml2-dbglibxml2-docpython-libxml2-dbglibxml2-utilslibxml2-devlibxml2-udebpython-libxml2racoonipsec-toolsmono-1.0-runtimemono-1.0-gaclibmono-posix1.0-cillibmono-data2.0-cillibmono-mozilla0.1-cilmono-jitlibmono-system-runtime1.0-cillibmono0libmono-system-ldap2.0-cillibmono-relaxng2.0-cillibmono-db2-1.0-cillibmono-corlib2.0-cillibmono-system-messaging2.0-cillibmono-getoptions1.0-cillibmono-cscompmgd7.0-cillibmono-nunit2.2-cillibmono-winforms1.0-cillibmono-security2.0-cillibmono-data-tds1.0-cillibmono-webbrowser0.5-cillibmono-microsoft-build2.0-cillibmono-system-data1.0-cillibmono-posix2.0-cillibmono-sharpzip0.6-cilmono-gmcsprj2make-sharplibmono-accessibility2.0-cillibmono0-dbglibmono-system-data2.0-cillibmono-oracle1.0-cillibmono-microsoft7.0-cillibmono-cairo2.0-cillibmono-system1.0-cillibmono-accessibility1.0-cillibmono-system2.1-cillibmono-npgsql2.0-cillibmono-system-ldap1.0-cillibmono-ldap1.0-cillibmono-system2.0-cilmono-smcsmono-mcslibmono-system-web2.0-cillibmono-firebirdsql1.7-cillibmono-sharpzip2.6-cillibmono-winforms2.0-cilmono-2.0-servicelibmono-ldap2.0-cillibmono-system-runtime2.0-cillibmono-corlib2.1-cillibmono-getoptions2.0-cilmono-runtimemono-develmono-utilsmono-jaymono-mjsmono-jit-dbglibmono-data1.0-cillibmono-devlibmono-cscompmgd8.0-cillibmono2.0-cilmono-commonlibmono-peapi1.0-cillibmono-i18n2.0-cillibmono-peapi2.0-cillibmono-cairo1.0-cilmono-dbglibmono-mozilla0.2-cilmono-xbuildlibmono-sharpzip2.84-cillibmono-bytefx0.7.6.1-cillibmono-sharpzip0.84-cilmono-gaclibmono-npgsql1.0-cillibmono1.0-cilmono-2.0-runtimelibmono-oracle2.0-cillibmono-sqlite1.0-cilmono-1.0-servicelibmono-corlib1.0-cillibmono-i18n1.0-cillibmono-security1.0-cillibmono-sqlite2.0-cilmono-2.0-gaclibmono-c5-1.0-cillibmono-system-messaging1.0-cilmono-2.0-devellibmono-microsoft8.0-cillibmono-data-tds2.0-cillibmono-bytefx0.7.6.2-cillibmono-relaxng1.0-cillibmono-system-web1.0-cilmono-1.0-devellibmagickwand-devimagemagick-dbglibmagick++9c2alibmagick++10libmagickwand1libmagickcore1imagemagick-doclibmagickcore-devlibmagick++-devlibmagick10libmagick9-devlibmagick9perlmagickimagemagicklibmagick++1libmagick++9-devudev-udeblibvolume-id0udevvolumeidlibvolume-id-devlibsasl2-modules-gssapi-heimdallibsasl2libsasl2-modules-ldaplibsasl2-devlibsasl2-2libsasl2-modulescyrus-sasl2-dbgcyrus-sasl2-docsasl2-binlibsasl2-modules-sqllibsasl2-modules-gssapi-mitlibsasl2-modules-otplibpango1.0-devlibpango1.0-udeblibpango1.0-doclibpango1.0-commonlibpango1.0-0-dbglibpango1.0-0libvorbisfile3libvorbis0alibvorbis-devlibvorbisenc2python-cryptopython-crypto-dbgpython2.4-cryptofglrx-modaliasesxorg-driver-fglrxfglrx-amdccclefglrx-kernel-sourcelibamdxvba1xorg-driver-fglrx-devcronlibgnutls12libgnutls12-dbgguile-gnutlslibgnutls-devlibgnutlsxx13libgnutls13libgnutls26-dbggnutls-binlibgnutls13-dbglibgnutls26gnutls-docfirewire-core-modules-2.6.28-15-lpia-divirtio-modules-2.6.28-15-lpia-dilinux-image-2.6.28-15-serverlinux-image-2.6.28-15-lpiafat-modules-2.6.28-15-generic-difs-core-modules-2.6.28-15-generic-dinic-pcmcia-modules-2.6.28-15-lpia-dipcmcia-modules-2.6.28-15-lpia-dimd-modules-2.6.28-15-lpia-diserial-modules-2.6.28-15-lpia-difs-secondary-modules-2.6.28-15-generic-dinic-shared-modules-2.6.28-15-lpia-distorage-core-modules-2.6.28-15-generic-dilinux-headers-2.6.28-15-servernic-usb-modules-2.6.28-15-lpia-disata-modules-2.6.28-15-generic-dipcmcia-storage-modules-2.6.28-15-generic-difat-modules-2.6.28-15-lpia-diparport-modules-2.6.28-15-generic-difloppy-modules-2.6.28-15-generic-diirda-modules-2.6.28-15-generic-dinic-modules-2.6.28-15-generic-dimouse-modules-2.6.28-15-generic-difloppy-modules-2.6.28-15-lpia-dinic-modules-2.6.28-15-lpia-diusb-modules-2.6.28-15-lpia-dilinux-image-2.6.28-15-virtualstorage-core-modules-2.6.28-15-lpia-dinfs-modules-2.6.28-15-generic-dinfs-modules-2.6.28-15-lpia-dicrypto-modules-2.6.28-15-lpia-dikernel-image-2.6.28-15-generic-difs-secondary-modules-2.6.28-15-lpia-dippp-modules-2.6.28-15-lpia-diusb-modules-2.6.28-15-generic-discsi-modules-2.6.28-15-lpia-dimouse-modules-2.6.28-15-lpia-dicrypto-modules-2.6.28-15-generic-difb-modules-2.6.28-15-lpia-discsi-modules-2.6.28-15-generic-dilinux-headers-2.6.28-15-lpiasata-modules-2.6.28-15-lpia-diblock-modules-2.6.28-15-generic-diirda-modules-2.6.28-15-lpia-diblock-modules-2.6.28-15-lpia-dinic-usb-modules-2.6.28-15-generic-diplip-modules-2.6.28-15-generic-difirewire-core-modules-2.6.28-15-generic-diinput-modules-2.6.28-15-lpia-dipata-modules-2.6.28-15-generic-divirtio-modules-2.6.28-15-generic-dimd-modules-2.6.28-15-generic-dipcmcia-storage-modules-2.6.28-15-lpia-dikernel-image-2.6.28-15-lpia-dilinux-headers-2.6.28-15-genericinput-modules-2.6.28-15-generic-dilinux-image-2.6.28-15-genericparport-modules-2.6.28-15-lpia-dipcmcia-modules-2.6.28-15-generic-dilinux-headers-2.6.28-15message-modules-2.6.28-15-lpia-diserial-modules-2.6.28-15-generic-dipata-modules-2.6.28-15-lpia-diplip-modules-2.6.28-15-lpia-dippp-modules-2.6.28-15-generic-difb-modules-2.6.28-15-generic-difs-core-modules-2.6.28-15-lpia-dinic-shared-modules-2.6.28-15-generic-dimessage-modules-2.6.28-15-generic-dinic-pcmcia-modules-2.6.28-15-generic-diwget-udebwgetkdelibs5-dockdelibs5-datakdelibs5libplasma3kdelibs5-dbgkdelibs-binkdelibs5-devlibpam-krb5libfreetype6-devlibfreetype6freetype2-demoslibfreetype6-udeblibicu34libicu36-devlibicu34-devlibicu36libneon27-devlibneon27-dbglibneon27-gnutls-devlibneon27-gnutlslibneon25-devlibneon25libneon27libneon27-gnutls-dbglibneon25-dbgpulseaudio-module-x11-dbgpulseaudio-module-zeroconf-dbgpulseaudio-module-hal-dbglibpulsecore9-dbgpulseaudio-utilslibpulsecore9libpulse0pulseaudio-module-halpulseaudio-module-gconf-dbgpulseaudiopulseaudio-module-lircpulseaudio-dbglibpulse-devpulseaudio-module-lirc-dbgpulseaudio-module-zeroconflibpulse-browse0-dbgpulseaudio-module-x11pulseaudio-module-gconfpulseaudio-utils-dbglibpulse0-dbglibpulse-browse0libpulse-mainloop-glib0-dbglibpulsecore5-dbglibpulse-mainloop-glib0libpulsecore5pulseaudio-esound-compatpulseaudio-esound-compat-dbglibnspr4-0d-dbglibnspr4-0dlibnspr4-devlibclamav5python2.4-zopeinterfacezope3-docpython-zopeinterface-dbgzope3-dbgzope3python-zopeinterfacezope3-sandboxapt-docaptapt-utilsapt-transport-httpslibapt-pkg-devlibapt-pkg-docapport-qtapport-gtkpython-problem-reportapport-retracepython-apportapportmoodlegimp-pythonlibgimp2.0gimp-libcurlgimp-datagimp-gnomevfsgimp-dbglibgimp2.0-docgimplibgimp2.0-devktorrent-dbgktorrentmozilla-thunderbird-typeaheadfindmozilla-thunderbird-inspectordevscriptsdovecot-imapddovecot-devdovecot-postfixdovecot-pop3ddovecot-commonnagios2-commonnagios2-docnagios2nagios3-commonnagios2-dbgnagios3nagios3-docnagios3-dbglibcurl3-openssl-devlibcurl3-gnutls-devlibcurl3-devlibcurl3-dbglibcurl3-gnutlscurllibcurl4-gnutls-devlibcurl3libcurl4-openssl-devlibisc32libdns32gnome-screensaverfat-modules-2.6.28-13-lpia-dicrypto-modules-2.6.28-13-generic-dinic-usb-modules-2.6.28-13-lpia-diusb-modules-2.6.28-13-lpia-dilinux-image-2.6.28-13-servercrypto-modules-2.6.28-13-lpia-diblock-modules-2.6.28-13-lpia-difs-core-modules-2.6.28-13-generic-dinfs-modules-2.6.28-13-lpia-distorage-core-modules-2.6.28-13-generic-dinfs-modules-2.6.28-13-generic-diplip-modules-2.6.28-13-generic-divirtio-modules-2.6.28-13-generic-discsi-modules-2.6.28-13-lpia-difirewire-core-modules-2.6.28-13-lpia-dinic-shared-modules-2.6.28-13-lpia-disata-modules-2.6.28-13-lpia-difs-core-modules-2.6.28-13-lpia-dilinux-image-2.6.28-13-lpiaserial-modules-2.6.28-13-lpia-dinic-pcmcia-modules-2.6.28-13-generic-diserial-modules-2.6.28-13-generic-diparport-modules-2.6.28-13-lpia-dilinux-headers-2.6.28-13-serverpcmcia-modules-2.6.28-13-generic-diinput-modules-2.6.28-13-lpia-dimessage-modules-2.6.28-13-generic-difat-modules-2.6.28-13-generic-discsi-modules-2.6.28-13-generic-difs-secondary-modules-2.6.28-13-generic-dimd-modules-2.6.28-13-lpia-difb-modules-2.6.28-13-generic-difirewire-core-modules-2.6.28-13-generic-difs-secondary-modules-2.6.28-13-lpia-dikernel-image-2.6.28-13-generic-divirtio-modules-2.6.28-13-lpia-distorage-core-modules-2.6.28-13-lpia-dilinux-headers-2.6.28-13-genericirda-modules-2.6.28-13-generic-dipata-modules-2.6.28-13-lpia-dinic-usb-modules-2.6.28-13-generic-dippp-modules-2.6.28-13-lpia-dilinux-headers-2.6.28-13-lpiamessage-modules-2.6.28-13-lpia-dilinux-image-2.6.28-13-virtualnic-modules-2.6.28-13-lpia-disata-modules-2.6.28-13-generic-dipata-modules-2.6.28-13-generic-difb-modules-2.6.28-13-lpia-difloppy-modules-2.6.28-13-generic-dinic-pcmcia-modules-2.6.28-13-lpia-dipcmcia-storage-modules-2.6.28-13-lpia-diblock-modules-2.6.28-13-generic-diinput-modules-2.6.28-13-generic-dilinux-image-2.6.28-13-genericusb-modules-2.6.28-13-generic-dimouse-modules-2.6.28-13-lpia-dinic-shared-modules-2.6.28-13-generic-diplip-modules-2.6.28-13-lpia-dippp-modules-2.6.28-13-generic-dilinux-headers-2.6.28-13pcmcia-storage-modules-2.6.28-13-generic-dikernel-image-2.6.28-13-lpia-dinic-modules-2.6.28-13-generic-diirda-modules-2.6.28-13-lpia-dimouse-modules-2.6.28-13-generic-dipcmcia-modules-2.6.28-13-lpia-difloppy-modules-2.6.28-13-lpia-diparport-modules-2.6.28-13-generic-dimd-modules-2.6.28-13-generic-dibackuppccrypto-modules-2.6.27-15-generic-diplip-modules-2.6.27-15-generic-dilinux-image-2.6.27-15-virtualipv6-modules-2.6.27-15-generic-difs-core-modules-2.6.27-15-generic-dipata-modules-2.6.27-15-generic-dilinux-image-2.6.27-15-serverfb-modules-2.6.27-15-generic-dinic-pcmcia-modules-2.6.27-15-generic-dippp-modules-2.6.27-15-generic-difat-modules-2.6.27-15-generic-dilinux-headers-2.6.27-15-servermessage-modules-2.6.27-15-generic-difirewire-core-modules-2.6.27-15-generic-dinic-shared-modules-2.6.27-15-generic-disata-modules-2.6.27-15-generic-dinfs-modules-2.6.27-15-generic-disocket-modules-2.6.27-15-generic-diserial-modules-2.6.27-15-generic-discsi-modules-2.6.27-15-generic-diusb-modules-2.6.27-15-generic-diinput-modules-2.6.28-16-lpia-diinput-modules-2.6.27-15-generic-dimd-modules-2.6.27-15-generic-difs-secondary-modules-2.6.28-16-generic-dimd-modules-2.6.28-16-lpia-diirda-modules-2.6.24-25-powerpc64-smp-diirda-modules-2.6.28-16-generic-dipcmcia-modules-2.6.28-16-generic-dinfs-modules-2.6.28-16-generic-dimessage-modules-2.6.24-25-generic-dikernel-image-2.6.24-25-powerpc-dinic-pcmcia-modules-2.6.24-25-generic-dinic-usb-modules-2.6.24-25-386-dilinux-image-debug-2.6.24-25-386input-modules-2.6.24-25-powerpc-dilinux-headers-2.6.28-16-lpiappp-modules-2.6.28-16-lpia-dinfs-modules-2.6.24-25-386-dinic-usb-modules-2.6.27-15-generic-dimouse-modules-2.6.28-16-lpia-difb-modules-2.6.24-25-386-difloppy-modules-2.6.27-15-generic-dinic-usb-modules-2.6.24-25-powerpc64-smp-dilinux-headers-2.6.27-15-genericirda-modules-2.6.24-25-powerpc-dilinux-image-2.6.27-15-genericsata-modules-2.6.24-25-powerpc-disata-modules-2.6.28-16-lpia-dikernel-image-2.6.27-15-generic-dimd-modules-2.6.24-25-386-diirda-modules-2.6.24-25-386-dicrypto-modules-2.6.24-25-386-distorage-core-modules-2.6.28-16-lpia-difloppy-modules-2.6.24-25-powerpc64-smp-dilinux-headers-2.6.24-25-powerpc64-smplinux-image-debug-2.6.24-25-serveride-modules-2.6.24-25-386-dilinux-image-2.6.28-16-serverscsi-modules-2.6.24-25-powerpc-dinic-usb-modules-2.6.24-25-powerpc-dilinux-image-2.6.28-16-lpiasocket-modules-2.6.24-25-powerpc-dipcmcia-modules-2.6.24-25-powerpc-dikernel-image-2.6.28-16-lpia-diplip-modules-2.6.24-25-generic-diusb-modules-2.6.28-16-lpia-dippp-modules-2.6.24-25-powerpc64-smp-dicrypto-modules-2.6.28-16-lpia-dinic-shared-modules-2.6.28-16-generic-diparport-modules-2.6.24-25-powerpc64-smp-distorage-core-modules-2.6.28-16-generic-dilinux-headers-2.6.28-16block-modules-2.6.24-25-powerpc-dilinux-image-2.6.24-25-powerpc-smpplip-modules-2.6.28-16-lpia-diipv6-modules-2.6.24-25-powerpc-dilinux-headers-2.6.24-25-genericfat-modules-2.6.24-25-386-diserial-modules-2.6.24-25-generic-difloppy-modules-2.6.24-25-generic-disata-modules-2.6.24-25-powerpc64-smp-diserial-modules-2.6.24-25-powerpc-difat-modules-2.6.24-25-powerpc64-smp-diparport-modules-2.6.27-15-generic-dipata-modules-2.6.28-16-lpia-dilinux-image-2.6.28-16-genericlinux-image-2.6.24-25-xenserial-modules-2.6.24-25-386-dilinux-headers-2.6.24-25-serverscsi-modules-2.6.24-25-generic-dilinux-headers-2.6.24-25-386nfs-modules-2.6.24-25-powerpc-dilinux-image-2.6.24-25-powerpcacpi-modules-2.6.24-25-386-difirewire-core-modules-2.6.28-16-lpia-distorage-core-modules-2.6.24-25-powerpc64-smp-difs-core-modules-2.6.24-25-generic-dilinux-image-2.6.24-25-rtlinux-image-2.6.24-25-powerpc64-smpinput-modules-2.6.24-25-386-divirtio-modules-2.6.28-16-generic-diusb-modules-2.6.24-25-generic-dilinux-headers-2.6.24-25-xennic-modules-2.6.24-25-386-diparport-modules-2.6.28-16-lpia-dinic-shared-modules-2.6.24-25-powerpc64-smp-disata-modules-2.6.24-25-386-difloppy-modules-2.6.28-16-generic-difs-core-modules-2.6.24-25-powerpc64-smp-difb-modules-2.6.24-25-generic-diblock-modules-2.6.24-25-386-dinic-modules-2.6.24-25-powerpc64-smp-disocket-modules-2.6.24-25-386-diinput-modules-2.6.24-25-powerpc64-smp-dinic-usb-modules-2.6.24-25-generic-diserial-modules-2.6.28-16-lpia-disata-modules-2.6.28-16-generic-diparport-modules-2.6.24-25-powerpc-difs-secondary-modules-2.6.24-25-386-diblock-modules-2.6.27-15-generic-diusb-modules-2.6.24-25-powerpc-dilinux-image-2.6.24-25-genericstorage-core-modules-2.6.24-25-generic-dimessage-modules-2.6.24-25-powerpc-diplip-modules-2.6.24-25-powerpc-dilinux-headers-2.6.27-15nic-shared-modules-2.6.28-16-lpia-distorage-core-modules-2.6.24-25-powerpc-dipcmcia-storage-modules-2.6.24-25-generic-dippp-modules-2.6.24-25-386-dipcmcia-storage-modules-2.6.28-16-generic-dinic-pcmcia-modules-2.6.28-16-generic-dilinux-headers-2.6.28-16-serverlinux-headers-2.6.24-25-powerpcfb-modules-2.6.28-16-lpia-dipcmcia-modules-2.6.24-25-386-diacpi-modules-2.6.27-15-generic-dimd-modules-2.6.24-25-powerpc64-smp-dipcmcia-modules-2.6.24-25-generic-diirda-modules-2.6.24-25-generic-difb-modules-2.6.28-16-generic-difirewire-core-modules-2.6.24-25-386-diblock-modules-2.6.28-16-generic-dinic-modules-2.6.24-25-generic-difloppy-modules-2.6.24-25-386-dikernel-image-2.6.28-16-generic-dilinux-headers-2.6.24-25md-modules-2.6.24-25-generic-dipcmcia-storage-modules-2.6.24-25-powerpc64-smp-diinput-modules-2.6.24-25-generic-diblock-modules-2.6.24-25-generic-dimessage-modules-2.6.28-16-generic-diplip-modules-2.6.24-25-powerpc64-smp-diipv6-modules-2.6.24-25-generic-divirtio-modules-2.6.28-16-lpia-dilinux-image-2.6.24-25-386nic-modules-2.6.28-16-generic-divirtio-modules-2.6.27-15-generic-diserial-modules-2.6.24-25-powerpc64-smp-dinic-pcmcia-modules-2.6.28-16-lpia-diide-modules-2.6.24-25-powerpc-dilinux-headers-2.6.24-25-virtualpata-modules-2.6.24-25-386-dikernel-image-2.6.24-25-386-difat-modules-2.6.28-16-generic-diparport-modules-2.6.24-25-386-dilinux-headers-2.6.24-25-rtide-modules-2.6.24-25-generic-diusb-modules-2.6.24-25-386-difat-modules-2.6.24-25-generic-dicrypto-modules-2.6.24-25-powerpc-diplip-modules-2.6.24-25-386-discsi-modules-2.6.28-16-lpia-dinic-usb-modules-2.6.28-16-lpia-dinic-pcmcia-modules-2.6.24-25-powerpc64-smp-diinput-modules-2.6.28-16-generic-dimessage-modules-2.6.24-25-386-dicrypto-modules-2.6.24-25-powerpc64-smp-diusb-modules-2.6.28-16-generic-difloppy-modules-2.6.24-25-powerpc-difirewire-core-modules-2.6.24-25-generic-disata-modules-2.6.24-25-generic-dipata-modules-2.6.24-25-powerpc-discsi-modules-2.6.24-25-powerpc64-smp-distorage-core-modules-2.6.27-15-generic-dicrypto-modules-2.6.24-25-generic-dippp-modules-2.6.24-25-generic-dippp-modules-2.6.28-16-generic-diipv6-modules-2.6.24-25-386-dipcmcia-storage-modules-2.6.24-25-386-diblock-modules-2.6.28-16-lpia-difirewire-core-modules-2.6.28-16-generic-difat-modules-2.6.28-16-lpia-dilinux-headers-2.6.28-16-genericnfs-modules-2.6.24-25-powerpc64-smp-dinic-usb-modules-2.6.28-16-generic-dipcmcia-storage-modules-2.6.28-16-lpia-diserial-modules-2.6.28-16-generic-dinic-shared-modules-2.6.24-25-386-discsi-modules-2.6.28-16-generic-discsi-modules-2.6.24-25-386-difs-secondary-modules-2.6.24-25-powerpc-difs-secondary-modules-2.6.24-25-powerpc64-smp-difs-core-modules-2.6.28-16-generic-dimouse-modules-2.6.28-16-generic-dipcmcia-storage-modules-2.6.24-25-powerpc-diblock-modules-2.6.24-25-powerpc64-smp-dippp-modules-2.6.24-25-powerpc-dinic-shared-modules-2.6.24-25-generic-dinfs-modules-2.6.24-25-generic-dinic-shared-modules-2.6.24-25-powerpc-dimessage-modules-2.6.28-16-lpia-difirewire-core-modules-2.6.24-25-powerpc64-smp-difs-secondary-modules-2.6.28-16-lpia-dinic-modules-2.6.28-16-lpia-dilinux-image-debug-2.6.24-25-virtualacpi-modules-2.6.24-25-generic-dipcmcia-modules-2.6.24-25-powerpc64-smp-dilinux-image-2.6.24-25-serverfat-modules-2.6.24-25-powerpc-dilinux-image-2.6.24-25-openvzfs-core-modules-2.6.24-25-powerpc-difs-core-modules-2.6.24-25-386-dicrypto-modules-2.6.28-16-generic-dipata-modules-2.6.24-25-powerpc64-smp-dipata-modules-2.6.24-25-generic-dilinux-image-debug-2.6.24-25-genericide-modules-2.6.24-25-powerpc64-smp-dinic-pcmcia-modules-2.6.24-25-powerpc-dipcmcia-modules-2.6.27-15-generic-dilinux-image-2.6.28-16-virtualfs-secondary-modules-2.6.24-25-generic-diusb-modules-2.6.24-25-powerpc64-smp-dinic-pcmcia-modules-2.6.24-25-386-difs-core-modules-2.6.28-16-lpia-dinic-modules-2.6.27-15-generic-diirda-modules-2.6.27-15-generic-diparport-modules-2.6.24-25-generic-dimd-modules-2.6.28-16-generic-dimd-modules-2.6.24-25-powerpc-difirewire-core-modules-2.6.24-25-powerpc-dikernel-image-2.6.24-25-generic-dinfs-modules-2.6.28-16-lpia-diparport-modules-2.6.28-16-generic-dilinux-headers-2.6.24-25-powerpc-smpfs-secondary-modules-2.6.27-15-generic-dipcmcia-storage-modules-2.6.27-15-generic-dipcmcia-modules-2.6.28-16-lpia-dipata-modules-2.6.28-16-generic-dinic-modules-2.6.24-25-powerpc-distorage-core-modules-2.6.24-25-386-disocket-modules-2.6.24-25-powerpc64-smp-dimessage-modules-2.6.24-25-powerpc64-smp-dilinux-image-2.6.24-25-virtualplip-modules-2.6.28-16-generic-diipv6-modules-2.6.24-25-powerpc64-smp-diirda-modules-2.6.28-16-lpia-difloppy-modules-2.6.28-16-lpia-dikernel-image-2.6.24-25-powerpc64-smp-disocket-modules-2.6.24-25-generic-dilinux-headers-2.6.24-25-openvzxtermopenoffice.org-pdfimportopenoffice.org-style-oxygenopenoffice.org-presenter-consolelibuno-cli-types1.1-cillibuno-cli-oootypes1.0-cillibuno-cli-uretypes1.0-cilopenoffice.org-gcjopenoffice.org-officebeanopenoffice.org-style-crystalopenoffice.org-kabopenoffice.org-wiki-publisherlibuno-cli-basetypes1.0-cilopenoffice.org-gtklibuno-cli-ure1.0-cilopenoffice.org-dev-docure-dbglibuno-cilopenoffice.org-evolutionopenoffice.org-l10n-inureopenoffice.org-base-coreopenoffice.org-filter-binfilterttf-opensymbolopenoffice.org-report-builderopenoffice.org-style-humanopenoffice.org-drawopenoffice.org-presentation-minimizercli-uno-bridgeopenoffice.org-devopenoffice.org-writeropenoffice.org-gnomelibuno-cli-cppuhelper1.0-cilopenoffice.org-style-andromedabroffice.orgopenoffice.org-commonopenoffice.org-mathopenoffice.org-kdeopenoffice.org-style-galaxyopenoffice.org-emailmergeopenoffice.org-style-hicontrastopenoffice.org-qa-toolsopenoffice.org-style-tangoopenoffice.orgopenoffice.org-baseopenoffice.org-headlessopenoffice.org-l10n-zaopenoffice.org-corepython-unolibmythes-devmozilla-openoffice.orguno-libs3-dbguno-libs3openoffice.org-sdbc-postgresqlopenoffice.org-style-industrialopenoffice.org-dtd-officedocument1.0openoffice.org-impressopenoffice.org-calcopenoffice.org-qa-api-testsopenoffice.org-ogltransopenoffice.org-report-builder-binopenoffice.org-java-commonopenoffice.org-filter-mobiledevkdelibs4-dockdelibs4-devkdelibskdelibs-datakdelibs-dbgkdelibs4c2alibaprutil1-dbglibaprutil1libaprutil1-devkvmkvm-sourcenic-pcmcia-modules-2.6.28-17-lpia-discsi-modules-2.6.28-17-generic-dilinux-image-2.6.28-17-virtualnic-shared-modules-2.6.28-17-generic-dinic-modules-2.6.28-17-lpia-dipata-modules-2.6.28-17-lpia-dimouse-modules-2.6.28-17-lpia-difb-modules-2.6.28-17-generic-dilinux-image-2.6.28-17-lpiairda-modules-2.6.28-17-generic-distorage-core-modules-2.6.28-17-generic-difirewire-core-modules-2.6.28-17-lpia-difs-core-modules-2.6.28-17-generic-difb-modules-2.6.28-17-lpia-difloppy-modules-2.6.28-17-generic-dipcmcia-storage-modules-2.6.28-17-generic-difloppy-modules-2.6.28-17-lpia-dilinux-image-2.6.28-17-genericblock-modules-2.6.28-17-generic-dinic-modules-2.6.28-17-generic-diinput-modules-2.6.28-17-lpia-dicrypto-modules-2.6.28-17-lpia-dimd-modules-2.6.28-17-lpia-diserial-modules-2.6.28-17-lpia-dinfs-modules-2.6.28-17-generic-dimd-modules-2.6.28-17-generic-diparport-modules-2.6.28-17-lpia-difs-secondary-modules-2.6.28-17-generic-dimessage-modules-2.6.31-16-powerpc-dikernel-image-2.6.28-17-lpia-diplip-modules-2.6.31-16-powerpc64-smp-difat-modules-2.6.28-17-lpia-dimessage-modules-2.6.28-17-generic-dinfs-modules-2.6.28-17-lpia-dicrypto-modules-2.6.28-17-generic-dilinux-headers-2.6.28-17-servernic-shared-modules-2.6.28-17-lpia-diserial-modules-2.6.31-16-sparc64-dilinux-headers-2.6.28-17-genericparport-modules-2.6.31-16-powerpc64-smp-difat-modules-2.6.31-16-powerpc64-smp-difs-core-modules-2.6.31-16-sparc64-dippp-modules-2.6.31-16-powerpc-diirda-modules-2.6.31-16-powerpc-dippp-modules-2.6.31-16-sparc64-diblock-modules-2.6.31-16-powerpc64-smp-dilinux-headers-2.6.31-16-sparc64pcmcia-storage-modules-2.6.31-16-powerpc64-smp-discsi-modules-2.6.31-16-powerpc-dinic-modules-2.6.31-16-powerpc64-smp-dipata-modules-2.6.28-17-generic-dilinux-image-2.6.31-16-powerpcplip-modules-2.6.28-17-generic-diusb-modules-2.6.28-17-lpia-dippp-modules-2.6.31-16-powerpc64-smp-difat-modules-2.6.31-16-generic-dilinux-headers-2.6.31-16-powerpcstorage-core-modules-2.6.31-16-powerpc-disata-modules-2.6.31-16-powerpc64-smp-dinfs-modules-2.6.31-16-powerpc64-smp-dilinux-image-2.6.27-16-servermouse-modules-2.6.31-16-generic-distorage-core-modules-2.6.28-17-lpia-diinput-modules-2.6.28-17-generic-dilinux-headers-2.6.28-17-lpiasata-modules-2.6.31-16-sparc64-dicrypto-modules-2.6.31-16-powerpc64-smp-dipcmcia-storage-modules-2.6.31-16-powerpc-dinic-usb-modules-2.6.28-17-generic-difirewire-core-modules-2.6.28-17-generic-disata-modules-2.6.31-16-powerpc-dimessage-modules-2.6.31-16-powerpc64-smp-diusb-modules-2.6.31-16-powerpc-diusb-modules-2.6.28-17-generic-dinic-usb-modules-2.6.27-16-generic-disata-modules-2.6.31-16-generic-diinput-modules-2.6.31-16-powerpc-dinfs-modules-2.6.31-16-generic-difat-modules-2.6.28-17-generic-diirda-modules-2.6.28-17-lpia-difat-modules-2.6.31-16-sparc64-difirewire-core-modules-2.6.31-16-powerpc-difs-secondary-modules-2.6.31-16-powerpc64-smp-difirewire-core-modules-2.6.31-16-sparc64-dinic-pcmcia-modules-2.6.31-16-powerpc-dinic-pcmcia-modules-2.6.28-17-generic-distorage-core-modules-2.6.27-16-generic-difb-modules-2.6.27-16-generic-diparport-modules-2.6.31-16-generic-dippp-modules-2.6.31-16-generic-dinic-modules-2.6.24-26-powerpc64-smp-diparport-modules-2.6.24-26-powerpc-diplip-modules-2.6.31-16-sparc64-diblock-modules-2.6.28-17-lpia-dikernel-image-2.6.28-17-generic-dinic-modules-2.6.31-16-generic-dimouse-modules-2.6.31-16-sparc64-diusb-modules-2.6.31-16-powerpc64-smp-dilinux-image-2.6.28-17-serverplip-modules-2.6.27-16-generic-difirewire-core-modules-2.6.31-16-powerpc64-smp-dilinux-headers-2.6.31-16-powerpc-smpnic-modules-2.6.27-16-generic-diserial-modules-2.6.24-26-powerpc64-smp-disata-modules-2.6.28-17-generic-diserial-modules-2.6.27-16-generic-diparport-modules-2.6.28-17-generic-difb-modules-2.6.31-16-generic-dimd-modules-2.6.31-16-powerpc-dimessage-modules-2.6.28-17-lpia-discsi-modules-2.6.27-16-generic-diide-modules-2.6.24-26-powerpc64-smp-dilinux-headers-2.6.27-16-servernic-pcmcia-modules-2.6.31-16-powerpc64-smp-diinput-modules-2.6.31-16-powerpc64-smp-dicrypto-modules-2.6.31-16-sparc64-divirtio-modules-2.6.28-17-lpia-discsi-modules-2.6.31-16-sparc64-distorage-core-modules-2.6.31-16-generic-dippp-modules-2.6.27-16-generic-diserial-modules-2.6.31-16-generic-dilinux-image-2.6.31-16-virtualipv6-modules-2.6.27-16-generic-dilinux-image-2.6.31-16-sparc64pcmcia-modules-2.6.24-26-powerpc-dimessage-modules-2.6.31-16-sparc64-diinput-modules-2.6.31-16-generic-difs-core-modules-2.6.31-16-generic-divirtio-modules-2.6.28-17-generic-dinic-pcmcia-modules-2.6.24-26-powerpc64-smp-diplip-modules-2.6.28-17-lpia-diinput-modules-2.6.31-16-sparc64-dipcmcia-modules-2.6.28-17-lpia-diinput-modules-2.6.27-16-generic-disocket-modules-2.6.27-16-generic-discsi-modules-2.6.31-16-powerpc64-smp-dilinux-image-2.6.27-16-genericnic-pcmcia-modules-2.6.24-26-powerpc-dipata-modules-2.6.24-26-powerpc-difloppy-modules-2.6.31-16-powerpc-dipcmcia-modules-2.6.31-16-powerpc-dikernel-image-2.6.31-16-powerpc64-smp-dilinux-headers-2.6.24-26-powerpc-smpscsi-modules-2.6.31-16-generic-disata-modules-2.6.27-16-generic-diirda-modules-2.6.31-16-powerpc64-smp-dipata-modules-2.6.31-16-sparc64-dilinux-headers-2.6.24-26-powerpc64-smpnfs-modules-2.6.24-26-powerpc-dicrypto-modules-2.6.24-26-powerpc64-smp-dinfs-modules-2.6.31-16-sparc64-dinic-shared-modules-2.6.27-16-generic-diserial-modules-2.6.28-17-generic-diirda-modules-2.6.27-16-generic-diserial-modules-2.6.31-16-powerpc64-smp-diblock-modules-2.6.31-16-powerpc-difs-secondary-modules-2.6.28-17-lpia-dikernel-image-2.6.27-16-generic-dippp-modules-2.6.24-26-powerpc64-smp-diparport-modules-2.6.27-16-generic-difloppy-modules-2.6.31-16-powerpc64-smp-dilinux-headers-2.6.28-17parport-modules-2.6.31-16-sparc64-difs-secondary-modules-2.6.31-16-sparc64-diblock-modules-2.6.24-26-powerpc-dinic-pcmcia-modules-2.6.31-16-generic-diserial-modules-2.6.24-26-powerpc-discsi-modules-2.6.28-17-lpia-dilinux-headers-2.6.27-16-generickernel-image-2.6.31-16-generic-distorage-core-modules-2.6.24-26-powerpc64-smp-dinic-usb-modules-2.6.28-17-lpia-difirewire-core-modules-2.6.24-26-powerpc-diirda-modules-2.6.24-26-powerpc-dimd-modules-2.6.31-16-powerpc64-smp-difs-secondary-modules-2.6.31-16-powerpc-diusb-modules-2.6.31-16-generic-dilinux-headers-2.6.31-16-powerpc64-smpfs-secondary-modules-2.6.24-26-powerpc64-smp-difb-modules-2.6.24-26-386-dicrypto-modules-2.6.24-26-powerpc-dimd-modules-2.6.31-16-generic-difirewire-core-modules-2.6.31-16-generic-distorage-core-modules-2.6.31-16-powerpc64-smp-difs-secondary-modules-2.6.27-16-generic-dilinux-image-2.6.31-16-sparc64-smpstorage-core-modules-2.6.24-26-powerpc-dinic-modules-2.6.31-16-sparc64-discsi-modules-2.6.24-26-powerpc-difat-modules-2.6.24-26-powerpc-dippp-modules-2.6.24-26-powerpc-dippp-modules-2.6.28-17-generic-dinic-shared-modules-2.6.31-16-sparc64-diserial-modules-2.6.31-16-powerpc-divirtio-modules-2.6.31-16-generic-disata-modules-2.6.24-26-powerpc64-smp-dinic-usb-modules-2.6.31-16-powerpc64-smp-diblock-modules-2.6.27-16-generic-dimd-modules-2.6.24-26-powerpc-dipcmcia-storage-modules-2.6.24-26-powerpc-dicrypto-modules-2.6.31-16-powerpc-dipcmcia-storage-modules-2.6.31-16-generic-diusb-modules-2.6.31-16-sparc64-diusb-modules-2.6.27-16-generic-dipcmcia-storage-modules-2.6.27-16-generic-dilinux-headers-2.6.24-26-powerpcsocket-modules-2.6.24-26-powerpc-discsi-modules-2.6.24-26-powerpc64-smp-dimouse-modules-2.6.31-16-powerpc64-smp-diplip-modules-2.6.31-16-powerpc-dipata-modules-2.6.24-26-386-dipcmcia-storage-modules-2.6.24-26-386-difloppy-modules-2.6.27-16-generic-diinput-modules-2.6.24-26-powerpc64-smp-difs-core-modules-2.6.24-26-powerpc-dilinux-image-debug-2.6.24-26-virtualfirewire-core-modules-2.6.24-26-386-difirewire-core-modules-2.6.24-26-powerpc64-smp-disata-modules-2.6.24-26-powerpc-dilinux-image-2.6.24-26-genericcrypto-modules-2.6.24-26-386-dinfs-modules-2.6.31-16-powerpc-difat-modules-2.6.24-26-386-dipcmcia-modules-2.6.27-16-generic-dinic-pcmcia-modules-2.6.24-26-386-difirewire-core-modules-2.6.27-16-generic-difs-core-modules-2.6.31-16-powerpc64-smp-disocket-modules-2.6.24-26-386-dinfs-modules-2.6.27-16-generic-dilinux-image-2.6.24-26-openvzkernel-image-2.6.24-26-powerpc64-smp-dinic-usb-modules-2.6.24-26-powerpc-diirda-modules-2.6.31-16-generic-dilinux-image-2.6.24-26-rtlinux-image-2.6.24-26-virtuallinux-headers-2.6.24-26-386pata-modules-2.6.24-26-powerpc64-smp-dimouse-modules-2.6.28-17-generic-disata-modules-2.6.24-26-generic-dicrypto-modules-2.6.27-16-generic-diirda-modules-2.6.24-26-386-difs-core-modules-2.6.31-16-powerpc-diacpi-modules-2.6.24-26-386-dippp-modules-2.6.28-17-lpia-dipcmcia-storage-modules-2.6.28-17-lpia-difs-core-modules-2.6.24-26-powerpc64-smp-dicrypto-modules-2.6.31-16-generic-difat-modules-2.6.27-16-generic-dinic-modules-2.6.24-26-generic-dicrypto-modules-2.6.24-26-generic-dilinux-image-2.6.24-26-serverlinux-headers-2.6.24-26-serverinput-modules-2.6.24-26-386-dipata-modules-2.6.31-16-generic-difs-secondary-modules-2.6.24-26-386-dilinux-headers-2.6.31-16-generickernel-image-2.6.24-26-powerpc-dinic-modules-2.6.24-26-386-diplip-modules-2.6.24-26-powerpc64-smp-dilinux-headers-2.6.24-26-xennic-modules-2.6.24-26-powerpc-diusb-modules-2.6.24-26-generic-dipata-modules-2.6.27-16-generic-dinic-shared-modules-2.6.24-26-powerpc-dimd-modules-2.6.24-26-386-difloppy-modules-2.6.24-26-386-dipcmcia-modules-2.6.31-16-powerpc64-smp-dimd-modules-2.6.31-16-sparc64-dimessage-modules-2.6.24-26-386-dilinux-image-2.6.24-26-powerpc-smpnic-usb-modules-2.6.24-26-386-diblock-modules-2.6.24-26-386-dilinux-image-2.6.24-26-386nic-shared-modules-2.6.31-16-powerpc64-smp-diplip-modules-2.6.24-26-386-dimd-modules-2.6.24-26-powerpc64-smp-diparport-modules-2.6.31-16-powerpc-dimouse-modules-2.6.31-16-powerpc-dilinux-headers-2.6.27-16acpi-modules-2.6.24-26-generic-dilinux-headers-2.6.24-26-rtpata-modules-2.6.31-16-powerpc64-smp-dinfs-modules-2.6.24-26-powerpc64-smp-dichar-modules-2.6.31-16-generic-dilinux-headers-2.6.24-26-openvzscsi-modules-2.6.24-26-generic-diide-modules-2.6.24-26-386-difloppy-modules-2.6.24-26-generic-dilinux-headers-2.6.24-26-genericlinux-image-debug-2.6.24-26-serverirda-modules-2.6.24-26-generic-difs-core-modules-2.6.27-16-generic-dilinux-image-debug-2.6.24-26-386input-modules-2.6.24-26-generic-diusb-modules-2.6.24-26-386-dippp-modules-2.6.24-26-386-dipcmcia-modules-2.6.28-17-generic-diplip-modules-2.6.24-26-powerpc-diplip-modules-2.6.24-26-generic-difs-secondary-modules-2.6.31-16-generic-diipv6-modules-2.6.24-26-generic-diipv6-modules-2.6.24-26-powerpc64-smp-dilinux-image-2.6.31-16-genericmessage-modules-2.6.24-26-powerpc64-smp-difs-secondary-modules-2.6.24-26-generic-dinic-usb-modules-2.6.31-16-generic-diirda-modules-2.6.24-26-powerpc64-smp-dipata-modules-2.6.24-26-generic-dilinux-headers-2.6.31-16-sparc64-smplinux-image-2.6.31-16-powerpc-smpppp-modules-2.6.24-26-generic-distorage-core-modules-2.6.24-26-386-diparport-modules-2.6.24-26-generic-distorage-core-modules-2.6.24-26-generic-difat-modules-2.6.24-26-generic-dilinux-image-2.6.31-16-powerpc64-smpfat-modules-2.6.24-26-powerpc64-smp-diblock-modules-2.6.24-26-powerpc64-smp-difloppy-modules-2.6.24-26-powerpc64-smp-dimd-modules-2.6.27-16-generic-diblock-modules-2.6.24-26-generic-difloppy-modules-2.6.24-26-powerpc-dilinux-headers-2.6.31-16nic-modules-2.6.31-16-powerpc-difs-secondary-modules-2.6.24-26-powerpc-dipcmcia-modules-2.6.24-26-386-diblock-modules-2.6.31-16-sparc64-dipcmcia-modules-2.6.31-16-generic-dinic-shared-modules-2.6.31-16-generic-dilinux-image-2.6.24-26-powerpc64-smpide-modules-2.6.24-26-powerpc-dilinux-image-debug-2.6.24-26-genericnic-usb-modules-2.6.31-16-sparc64-dinfs-modules-2.6.24-26-386-difirewire-core-modules-2.6.24-26-generic-dipcmcia-modules-2.6.24-26-generic-dipata-modules-2.6.31-16-powerpc-dinic-shared-modules-2.6.24-26-386-diparport-modules-2.6.24-26-powerpc64-smp-dinic-usb-modules-2.6.24-26-generic-dinic-usb-modules-2.6.24-26-powerpc64-smp-dikernel-image-2.6.31-16-powerpc-dimessage-modules-2.6.31-16-generic-diipv6-modules-2.6.24-26-powerpc-difs-core-modules-2.6.28-17-lpia-diblock-modules-2.6.31-16-generic-diinput-modules-2.6.24-26-powerpc-dipcmcia-storage-modules-2.6.24-26-powerpc64-smp-diserial-modules-2.6.24-26-386-diserial-modules-2.6.24-26-generic-diide-modules-2.6.24-26-generic-difb-modules-2.6.24-26-generic-dikernel-image-2.6.31-16-sparc64-difs-core-modules-2.6.24-26-generic-dipcmcia-modules-2.6.24-26-powerpc64-smp-dilinux-image-2.6.24-26-powerpclinux-image-2.6.24-26-xenmd-modules-2.6.24-26-generic-difat-modules-2.6.31-16-powerpc-diacpi-modules-2.6.27-16-generic-disata-modules-2.6.28-17-lpia-dilinux-headers-2.6.24-26ipv6-modules-2.6.24-26-386-dimessage-modules-2.6.24-26-powerpc-discsi-modules-2.6.24-26-386-diparport-modules-2.6.24-26-386-dilinux-image-2.6.27-16-virtualsocket-modules-2.6.24-26-generic-difloppy-modules-2.6.31-16-generic-dinic-usb-modules-2.6.31-16-powerpc-diplip-modules-2.6.31-16-generic-dinic-shared-modules-2.6.31-16-powerpc-dilinux-headers-2.6.24-26-virtualstorage-core-modules-2.6.31-16-sparc64-dipcmcia-storage-modules-2.6.24-26-generic-diusb-modules-2.6.24-26-powerpc-divirtio-modules-2.6.27-16-generic-dinic-pcmcia-modules-2.6.27-16-generic-dimessage-modules-2.6.24-26-generic-diusb-modules-2.6.24-26-powerpc64-smp-dimessage-modules-2.6.27-16-generic-dinic-shared-modules-2.6.24-26-powerpc64-smp-dinfs-modules-2.6.24-26-generic-dinic-shared-modules-2.6.24-26-generic-disocket-modules-2.6.24-26-powerpc64-smp-dikernel-image-2.6.24-26-386-dinic-pcmcia-modules-2.6.24-26-generic-difs-core-modules-2.6.24-26-386-dikernel-image-2.6.24-26-generic-disata-modules-2.6.24-26-386-dilibqt4-xmlpatternsqt4-demos-dbglibqt4-devlibqt4-debuglibqt4-webkitlibqt4-sql-odbclibqt4-dev-dbglibqt4-dbglibqt4-opengl-devlibqt4-opengllibqt4-corelibqt4-sql-mysqlqt4-designerlibqt4-designerqt4-dev-tools-dbgqt4-doclibqt4-dbuslibqt4-assistantlibqt4-webkit-dbglibqt4-sql-sqliteqt4-demoslibqt4-xmlpatterns-dbgqt4-dev-toolslibqt4-networkqt4-qmakelibqt4-sql-psqlqt4-qtconfigqt4-doc-htmllibqt4-scripttoolslibqt4-qt3supportlibqt4-sql-sqlite2libqt4-xmllibqt4-sqllibqtcore4libqtgui4libqt4-testlibqt4-helplibqt4-scriptlibqt4-guilibqt4-svggstreamer0.10-alsalibgstreamer-plugins-base0.10-devgstreamer0.10-plugins-base-doclibgstreamer-plugins-base0.10-0gstreamer0.10-plugins-base-appsgstreamer0.10-gnomevfsgstreamer0.10-plugins-base-dbggstreamer0.10-xgstreamer0.10-plugins-basegstreamer0.10-pulseaudiogstreamer0.10-plugins-good-dbggstreamer0.10-plugins-goodgstreamer0.10-plugins-good-docgstreamer0.10-esdlibaudiofile-devlibaudiofile0-dbglibaudiofile0libxine1-binlibxine1-doclibxine1-xlibxine-devlibxine1-dbglibxine1-consolelibxine1-gnomelibxine1-misc-pluginslibxine1libxine1-ffmpeglibxine1-pluginslibxine1-all-pluginslibxine-main1scsi-modules-2.6.27-14-generic-dilinux-image-2.6.27-14-virtualnic-shared-modules-2.6.27-14-generic-dinic-usb-modules-2.6.27-14-generic-diplip-modules-2.6.27-14-generic-difirewire-core-modules-2.6.27-14-generic-diserial-modules-2.6.27-14-generic-disocket-modules-2.6.27-14-generic-dinic-pcmcia-modules-2.6.15-54-powerpc-diusb-modules-2.6.27-14-generic-diusb-storage-modules-2.6.15-54-powerpc-dinfs-modules-2.6.15-54-powerpc64-smp-difat-modules-2.6.27-14-generic-diloop-modules-2.6.15-54-powerpc64-smp-direiserfs-modules-2.6.15-54-powerpc-diacpi-modules-2.6.27-14-generic-dilinux-image-2.6.27-14-serverfat-modules-2.6.15-54-powerpc-diirda-modules-2.6.15-54-powerpc64-smp-dippp-modules-2.6.15-54-powerpc64-smp-dinfs-modules-2.6.27-14-generic-dihfs-modules-2.6.15-54-powerpc64-smp-diipv6-modules-2.6.15-54-powerpc-difat-modules-2.6.15-54-powerpc64-smp-dipcmcia-modules-2.6.15-54-powerpc64-smp-diserial-modules-2.6.15-54-powerpc64-smp-diide-modules-2.6.15-54-powerpc64-smp-dicdrom-core-modules-2.6.15-54-powerpc-dippp-modules-2.6.27-14-generic-dipcmcia-storage-modules-2.6.15-54-powerpc-diusb-modules-2.6.15-54-powerpc64-smp-dinic-shared-modules-2.6.15-54-powerpc-dipata-modules-2.6.27-14-generic-diirda-modules-2.6.15-54-powerpc-dicrc-modules-2.6.15-54-powerpc64-smp-difirewire-core-modules-2.6.15-54-powerpc64-smp-dilinux-image-2.6.15-54-powerpc-smpscsi-core-modules-2.6.15-54-386-difloppy-modules-2.6.15-54-powerpc-dinic-firmware-2.6.15-54-powerpc-dinic-modules-2.6.15-54-powerpc-dikernel-image-2.6.15-54-386-difb-modules-2.6.15-54-386-diufs-modules-2.6.15-54-powerpc-dipcmcia-modules-2.6.15-54-powerpc-dilinux-headers-2.6.15-54-server-bigironxfs-modules-2.6.15-54-386-diide-modules-2.6.15-54-powerpc-diusb-modules-2.6.15-54-powerpc-dinic-usb-modules-2.6.15-54-386-dinfs-modules-2.6.15-54-powerpc-dilinux-headers-2.6.15-54-powerpc-smppcmcia-storage-modules-2.6.15-54-386-dilinux-headers-2.6.15-54-386message-modules-2.6.27-14-generic-diide-modules-2.6.15-54-386-dinic-pcmcia-modules-2.6.15-54-386-dinic-pcmcia-modules-2.6.27-14-generic-dicdrom-core-modules-2.6.15-54-386-dinic-firmware-2.6.15-54-powerpc64-smp-dixfs-modules-2.6.15-54-powerpc-difb-modules-2.6.15-54-powerpc-dinic-pcmcia-modules-2.6.15-54-powerpc64-smp-dilinux-headers-2.6.27-14ext3-modules-2.6.15-54-386-diirda-modules-2.6.27-14-generic-discsi-modules-2.6.15-54-powerpc-dilinux-image-2.6.15-54-serverfloppy-modules-2.6.15-54-powerpc64-smp-dicdrom-modules-2.6.15-54-386-diipv6-modules-2.6.15-54-sparc64-disata-modules-2.6.15-54-powerpc-dicrypto-modules-2.6.27-14-generic-dikernel-image-2.6.15-54-powerpc64-smp-dilinux-image-2.6.15-54-686linux-headers-2.6.15-54-powerpcloop-modules-2.6.15-54-386-dippp-modules-2.6.15-54-powerpc-difs-common-modules-2.6.15-54-powerpc-diparport-modules-2.6.15-54-sparc64-dipcmcia-storage-modules-2.6.15-54-powerpc64-smp-dicdrom-core-modules-2.6.15-54-powerpc64-smp-dinic-modules-2.6.27-14-generic-dilinux-image-2.6.15-54-powerpc64-smpnic-shared-modules-2.6.15-54-powerpc64-smp-dinic-modules-2.6.15-54-sparc64-diinput-modules-2.6.15-54-386-dinic-shared-modules-2.6.15-54-386-diusb-storage-modules-2.6.15-54-386-diserial-modules-2.6.15-54-powerpc-dilinux-headers-2.6.28-14-lpiamd-modules-2.6.15-54-386-dimd-modules-2.6.15-54-powerpc64-smp-discsi-modules-2.6.15-54-powerpc64-smp-dimd-modules-2.6.15-54-powerpc-diplip-modules-2.6.15-54-386-dinic-modules-2.6.28-14-lpia-diusb-storage-modules-2.6.15-54-sparc64-difs-secondary-modules-2.6.28-14-lpia-dilinux-image-2.6.15-54-386fs-common-modules-2.6.15-54-powerpc64-smp-dinic-modules-2.6.15-54-386-difs-secondary-modules-2.6.27-14-generic-dilinux-image-2.6.15-54-k7md-modules-2.6.28-14-lpia-diext2-modules-2.6.15-54-sparc64-diext3-modules-2.6.15-54-powerpc64-smp-dipcmcia-modules-2.6.15-54-386-dilinux-image-2.6.15-54-server-bigironlinux-image-2.6.15-54-powerpcsocket-modules-2.6.15-54-powerpc64-smp-diblock-modules-2.6.27-14-generic-diusb-modules-2.6.15-54-386-dijfs-modules-2.6.15-54-386-diloop-modules-2.6.15-54-powerpc-difs-core-modules-2.6.28-14-lpia-dilinux-headers-2.6.15-54-sparc64jfs-modules-2.6.15-54-powerpc-diext3-modules-2.6.15-54-powerpc-diinput-modules-2.6.28-14-lpia-dijfs-modules-2.6.15-54-powerpc64-smp-divirtio-modules-2.6.27-14-generic-diaffs-modules-2.6.15-54-powerpc64-smp-dilinux-headers-2.6.15-54-powerpc64-smpreiserfs-modules-2.6.15-54-powerpc64-smp-distorage-core-modules-2.6.28-14-lpia-diipv6-modules-2.6.15-54-386-disata-modules-2.6.28-14-lpia-diparport-modules-2.6.27-14-generic-dipcmcia-modules-2.6.27-14-generic-diplip-modules-2.6.15-54-sparc64-disata-modules-2.6.15-54-powerpc64-smp-dinic-shared-modules-2.6.15-54-sparc64-dinic-modules-2.6.28-14-generic-dinic-usb-modules-2.6.15-54-powerpc64-smp-diusb-storage-modules-2.6.15-54-powerpc64-smp-dilinux-headers-2.6.15-54-k7linux-image-2.6.28-14-virtualfirewire-core-modules-2.6.15-54-powerpc-dilinux-headers-2.6.27-14-genericnfs-modules-2.6.28-14-generic-difat-modules-2.6.15-54-386-dipcmcia-modules-2.6.28-14-generic-dinic-modules-2.6.15-54-powerpc64-smp-dipata-modules-2.6.28-14-generic-difs-secondary-modules-2.6.24-24-powerpc-dicrc-modules-2.6.15-54-sparc64-diinput-modules-2.6.28-14-generic-dilinux-headers-2.6.28-14-serverlinux-headers-2.6.15-54-686scsi-modules-2.6.28-14-lpia-dilinux-headers-2.6.24-24-powerpcmd-modules-2.6.28-14-generic-diusb-modules-2.6.28-14-generic-dicrc-modules-2.6.15-54-powerpc-difb-modules-2.6.15-54-powerpc64-smp-disata-modules-2.6.24-24-powerpc64-smp-discsi-core-modules-2.6.15-54-powerpc-dinfs-modules-2.6.28-14-lpia-diext2-modules-2.6.15-54-powerpc64-smp-diufs-modules-2.6.15-54-386-dinfs-modules-2.6.15-54-386-diusb-modules-2.6.24-24-powerpc64-smp-dipcmcia-storage-modules-2.6.28-14-generic-dipata-modules-2.6.24-24-386-dinic-firmware-2.6.15-54-386-diipv6-modules-2.6.24-24-386-dilinux-headers-2.6.28-14-generickernel-image-2.6.15-54-powerpc-discsi-modules-2.6.28-14-generic-diparport-modules-2.6.15-54-386-dikernel-image-2.6.15-54-sparc64-diusb-modules-2.6.28-14-lpia-direiserfs-modules-2.6.15-54-386-diacpi-modules-2.6.24-24-386-diirda-modules-2.6.24-24-powerpc64-smp-difs-core-modules-2.6.24-24-powerpc-dicrc-modules-2.6.15-54-386-dilinux-headers-2.6.24-24-genericcdrom-core-modules-2.6.15-54-sparc64-discsi-modules-2.6.24-24-powerpc-dinic-pcmcia-modules-2.6.24-24-powerpc-dinic-firmware-2.6.15-54-sparc64-diide-modules-2.6.24-24-powerpc-dilinux-image-2.6.24-24-powerpc64-smpnic-usb-modules-2.6.15-54-powerpc-diipv6-modules-2.6.24-24-powerpc64-smp-dilinux-image-2.6.24-24-386virtio-modules-2.6.28-14-lpia-difs-secondary-modules-2.6.24-24-386-diparport-modules-2.6.24-24-powerpc64-smp-difs-secondary-modules-2.6.24-24-generic-dinic-shared-modules-2.6.28-14-lpia-disata-modules-2.6.24-24-generic-diserial-modules-2.6.15-54-386-dinfs-modules-2.6.24-24-powerpc-disata-modules-2.6.28-14-generic-disocket-modules-2.6.24-24-386-dilinux-image-2.6.28-14-serverparport-modules-2.6.24-24-powerpc-difb-modules-2.6.24-24-386-difs-core-modules-2.6.24-24-386-dilinux-image-2.6.24-24-powerpc-smplinux-headers-2.6.24-24-powerpc-smpscsi-modules-2.6.15-54-386-dikernel-image-2.6.24-24-powerpc-diplip-modules-2.6.28-14-lpia-dinic-shared-modules-2.6.28-14-generic-diirda-modules-2.6.28-14-generic-dipcmcia-modules-2.6.24-24-386-dilinux-image-debug-2.6.24-24-virtualserial-modules-2.6.24-24-386-diext2-modules-2.6.15-54-powerpc-diinput-modules-2.6.15-54-powerpc-dilinux-headers-2.6.15-54-sparc64-smpfs-core-modules-2.6.27-14-generic-distorage-core-modules-2.6.24-24-powerpc64-smp-dimd-modules-2.6.24-24-386-diipv6-modules-2.6.27-14-generic-dimd-modules-2.6.24-24-generic-dippp-modules-2.6.24-24-generic-dinic-modules-2.6.24-24-powerpc64-smp-difat-modules-2.6.24-24-powerpc-difb-modules-2.6.28-14-lpia-dinic-pcmcia-modules-2.6.24-24-generic-dintfs-modules-2.6.15-54-386-diserial-modules-2.6.24-24-powerpc64-smp-dipcmcia-storage-modules-2.6.24-24-generic-dilinux-headers-2.6.24-24-serverparport-modules-2.6.24-24-386-diacpi-modules-2.6.15-54-386-dikernel-image-2.6.28-14-lpia-diusb-modules-2.6.24-24-generic-distorage-core-modules-2.6.24-24-386-dixfs-modules-2.6.15-54-powerpc64-smp-diide-modules-2.6.24-24-powerpc64-smp-dilinux-headers-2.6.24-24-rtlinux-image-2.6.24-24-genericlinux-image-2.6.27-14-genericsocket-modules-2.6.24-24-powerpc-dimessage-modules-2.6.24-24-powerpc-difb-modules-2.6.27-14-generic-dilinux-headers-2.6.24-24-powerpc64-smpfirewire-core-modules-2.6.28-14-lpia-dipcmcia-storage-modules-2.6.24-24-386-dimd-modules-2.6.15-54-sparc64-dimessage-modules-2.6.24-24-386-disata-modules-2.6.27-14-generic-diserial-modules-2.6.24-24-powerpc-difs-secondary-modules-2.6.28-14-generic-difs-secondary-modules-2.6.24-24-powerpc64-smp-diacpi-modules-2.6.24-24-generic-dimd-modules-2.6.24-24-powerpc-dikernel-image-2.6.27-14-generic-diblock-modules-2.6.24-24-powerpc-dikernel-image-2.6.24-24-386-dippp-modules-2.6.15-54-386-difat-modules-2.6.24-24-generic-disata-modules-2.6.15-54-386-dinic-pcmcia-modules-2.6.24-24-386-dinic-pcmcia-modules-2.6.28-14-lpia-dilinux-image-2.6.24-24-virtualmessage-modules-2.6.24-24-powerpc64-smp-dinfs-modules-2.6.24-24-powerpc64-smp-dippp-modules-2.6.24-24-powerpc64-smp-diufs-modules-2.6.15-54-powerpc64-smp-dipata-modules-2.6.24-24-generic-dilinux-image-2.6.24-24-openvzsocket-modules-2.6.15-54-powerpc-dicrypto-modules-2.6.24-24-generic-difat-modules-2.6.28-14-generic-diide-modules-2.6.15-54-sparc64-dilinux-image-debug-2.6.24-24-serverparport-modules-2.6.24-24-generic-discsi-core-modules-2.6.15-54-powerpc64-smp-dimessage-modules-2.6.28-14-lpia-dinic-usb-modules-2.6.24-24-386-difat-modules-2.6.24-24-powerpc64-smp-difirewire-core-modules-2.6.24-24-generic-dilinux-image-2.6.15-54-sparc64-smpnic-shared-modules-2.6.24-24-powerpc64-smp-discsi-modules-2.6.15-54-sparc64-distorage-core-modules-2.6.24-24-powerpc-disocket-modules-2.6.24-24-generic-dilinux-headers-2.6.15-54input-modules-2.6.24-24-powerpc-diblock-modules-2.6.28-14-lpia-difloppy-modules-2.6.28-14-lpia-diplip-modules-2.6.24-24-386-difb-modules-2.6.28-14-generic-disocket-modules-2.6.24-24-powerpc64-smp-distorage-core-modules-2.6.27-14-generic-dicrypto-modules-2.6.24-24-powerpc64-smp-dilinux-headers-2.6.24-24-virtualfs-core-modules-2.6.28-14-generic-dicrypto-modules-2.6.24-24-powerpc-dipcmcia-modules-2.6.24-24-powerpc-dimouse-modules-2.6.28-14-generic-dilinux-headers-2.6.15-54-serverpcmcia-storage-modules-2.6.24-24-powerpc-dinic-usb-modules-2.6.24-24-powerpc64-smp-dilinux-image-debug-2.6.24-24-386plip-modules-2.6.24-24-powerpc64-smp-dimd-modules-2.6.24-24-powerpc64-smp-difb-modules-2.6.24-24-generic-dinic-pcmcia-modules-2.6.28-14-generic-difat-modules-2.6.15-54-sparc64-difat-modules-2.6.28-14-lpia-diserial-modules-2.6.28-14-lpia-diblock-modules-2.6.24-24-powerpc64-smp-diusb-modules-2.6.24-24-386-dinic-usb-modules-2.6.24-24-powerpc-diipv6-modules-2.6.24-24-generic-diirda-modules-2.6.24-24-386-diparport-modules-2.6.28-14-generic-diinput-modules-2.6.24-24-generic-discsi-modules-2.6.24-24-powerpc64-smp-dilinux-headers-2.6.24-24-openvzsata-modules-2.6.24-24-powerpc-dippp-modules-2.6.24-24-386-dinic-shared-modules-2.6.24-24-generic-difat-modules-2.6.24-24-386-dinic-usb-modules-2.6.28-14-lpia-dipata-modules-2.6.24-24-powerpc-dipata-modules-2.6.24-24-powerpc64-smp-dinic-usb-modules-2.6.24-24-generic-discsi-modules-2.6.24-24-386-difirewire-core-modules-2.6.24-24-386-diirda-modules-2.6.15-54-386-dippp-modules-2.6.24-24-powerpc-diide-modules-2.6.24-24-386-difirewire-core-modules-2.6.28-14-generic-dimessage-modules-2.6.24-24-generic-dipcmcia-modules-2.6.24-24-powerpc64-smp-dilinux-image-2.6.28-14-genericext2-modules-2.6.15-54-386-diinput-modules-2.6.15-54-sparc64-diinput-modules-2.6.27-14-generic-difloppy-modules-2.6.28-14-generic-dinic-shared-modules-2.6.24-24-powerpc-dikernel-image-2.6.24-24-generic-dilinux-image-2.6.24-24-xenkernel-image-2.6.28-14-generic-dilinux-headers-2.6.24-24-xenserial-modules-2.6.24-24-generic-dipcmcia-modules-2.6.24-24-generic-diusb-modules-2.6.24-24-powerpc-diblock-modules-2.6.28-14-generic-diblock-modules-2.6.24-24-generic-dilinux-image-2.6.24-24-powerpcblock-modules-2.6.24-24-386-dipcmcia-storage-modules-2.6.24-24-powerpc64-smp-dinic-modules-2.6.24-24-generic-dilinux-image-2.6.24-24-rtscsi-modules-2.6.24-24-generic-dimd-modules-2.6.27-14-generic-difirewire-core-modules-2.6.15-54-386-diinput-modules-2.6.24-24-powerpc64-smp-difirewire-core-modules-2.6.24-24-powerpc-dinic-usb-modules-2.6.28-14-generic-difloppy-modules-2.6.24-24-powerpc64-smp-discsi-core-modules-2.6.15-54-sparc64-dicrypto-modules-2.6.28-14-generic-difloppy-modules-2.6.27-14-generic-direiserfs-modules-2.6.15-54-sparc64-dilinux-headers-2.6.24-24-386nic-modules-2.6.24-24-powerpc-distorage-core-modules-2.6.24-24-generic-difloppy-modules-2.6.24-24-generic-dilinux-image-debug-2.6.24-24-genericipv6-modules-2.6.24-24-powerpc-diusb-modules-2.6.15-54-sparc64-diplip-modules-2.6.24-24-generic-dippp-modules-2.6.28-14-lpia-dilinux-image-2.6.28-14-lpialinux-image-2.6.15-54-sparc64ide-modules-2.6.24-24-generic-dinic-modules-2.6.24-24-386-dimessage-modules-2.6.28-14-generic-diloop-modules-2.6.15-54-sparc64-dinfs-modules-2.6.24-24-386-dilinux-headers-2.6.24-24nic-pcmcia-modules-2.6.24-24-powerpc64-smp-difirewire-core-modules-2.6.24-24-powerpc64-smp-difs-core-modules-2.6.24-24-powerpc64-smp-dicrypto-modules-2.6.28-14-lpia-dippp-modules-2.6.15-54-sparc64-dippp-modules-2.6.28-14-generic-dipcmcia-storage-modules-2.6.28-14-lpia-dixfs-modules-2.6.15-54-sparc64-dipcmcia-storage-modules-2.6.27-14-generic-dilinux-headers-2.6.27-14-serverfloppy-modules-2.6.24-24-386-dilinux-image-2.6.24-24-servercrypto-modules-2.6.24-24-386-diirda-modules-2.6.24-24-generic-dinic-shared-modules-2.6.24-24-386-diserial-modules-2.6.28-14-generic-dihfs-modules-2.6.15-54-powerpc-dikernel-image-2.6.24-24-powerpc64-smp-diinput-modules-2.6.15-54-powerpc64-smp-diaffs-modules-2.6.15-54-powerpc-diipv6-modules-2.6.15-54-powerpc64-smp-diplip-modules-2.6.28-14-generic-disocket-modules-2.6.15-54-386-difloppy-modules-2.6.15-54-386-dinfs-modules-2.6.24-24-generic-dinfs-modules-2.6.15-54-sparc64-diparport-modules-2.6.28-14-lpia-difloppy-modules-2.6.24-24-powerpc-diext3-modules-2.6.15-54-sparc64-dimouse-modules-2.6.28-14-lpia-dipata-modules-2.6.28-14-lpia-distorage-core-modules-2.6.28-14-generic-diirda-modules-2.6.28-14-lpia-dipcmcia-modules-2.6.28-14-lpia-divirtio-modules-2.6.28-14-generic-diinput-modules-2.6.24-24-386-dilinux-headers-2.6.28-14plip-modules-2.6.24-24-powerpc-diirda-modules-2.6.24-24-powerpc-disata-modules-2.6.24-24-386-difs-core-modules-2.6.24-24-generic-dilibruby1.9libreadline-ruby1.9ri1.9libdbm-ruby1.9libruby1.8ruby1.8-elisplibtcltk-ruby1.9ruby1.8-devirb1.8ruby1.9-elisplibopenssl-ruby1.8ruby1.8libreadline-ruby1.8libtcltk-ruby1.8rdoc1.9ruby1.9ruby1.8-examplesirb1.9libopenssl-ruby1.9ri1.8rdoc1.8libgdbm-ruby1.9libgdbm-ruby1.8libruby1.8-dbglibruby1.9-dbgruby1.9-devruby1.9-exampleslibdbm-ruby1.8libksieve4ktimetrackerkjotslibkpgp4libmaildir4networkstatuslibkholidays4kdepim-strigi-pluginskdepim-wizardslibkdepim1-devlibkgantt0networkstatus-devkalarmlibkdepim4libmimelib4libktnef1karmlibkcal2-devkodekdepim-doc-htmllibktnef1-devkdepim-kfile-pluginskitchensynckdepimlibmimelib1c2akontactksynckmailcvtlibkdepim1aakregatorlibkpimexchange1-devkdepim-devkorganizerakonadi-kdeknodekaddressbooklibmimelib1-devlibkleopatra1-devlibkpimidentities1libkgantt0-devlibindex0libksieve0libkleopatra1kdepim-kio-pluginslibkleo4kdepim-dbglibkmime2ktneflibkpimexchange1knoteslibindex0-devkleopatrakdepim-kresourceskdepim-dockandykmaillibksieve0-devlibkcal2bkonsolekalendarkornkpilotlibmodplug-devlibmodplug0c2libpoppler-glib3libpoppler1libpoppler-glib2libpoppler4libpoppler1-gliblibpoppler-qt4-2libpoppler-qt4-devlibpoppler2libpoppler-glib-devlibpoppler-qt4-3libpoppler-qt-devlibpoppler-glib4poppler-utilslibpoppler3libpoppler1-qtpoppler-dbglibpoppler-devlibpoppler-qt2libnewt0.51libnewt-devlibnewt-picwhiptaillibnewt0.52python-newt-dbgpython-newtnewt-tcllibcompress-raw-zlib-perlperl-baselibperl-devperl-suidperl-debugperlperl-doclibperl5.10perl-moduleslibcgi-fast-perlgzipacpidnetwork-manager-dbgnetwork-manager-gnome-dbgnetwork-managerlibnm-glib0-dbglibnm-glib0libnm-util0-dbglibnm-util0libnm-util-devlibnm-glib-devnetwork-manager-devlibbind9-30libdns35libisc44libbind9-50libisccc30liblwres40liblwres30libisccc0libisc35libdns45libisccfg40libdns46libdns36libdns44libdns23libisccc40liblwres9libdns53libisccfg1libisccc50liblwres50libdns43lwresdbind9utilslibisc45libisc50libisccfg30libbind9-40dnsutilslibisc11libdns21libbind9-0bind9-hostlibdns50libisccfg50bind9-docbind9libbind-devpython2.4-moinmoinmoinmoin-commonpython-moinmoincupsddkcups-ppdccups-commonlibcupsmime1libcupscgi1libcupsppdc1libcupsmime1-devlibcupscgi1-devlibcupsys2-devcupscups-bsdcupsys-clientlibcupsys2-gnutls10libcupsdriver1libcupsimage2-devlibcupsppdc1-devcups-dbgcupsys-commonlibcupsdriver1-devlibcups2-devcups-clientcupsys-dbgcupsys-bsdlibcups2libcupsys2libcupsimage2cupsyslibnss-dbpostgresql-pltcl-8.1postgresql-contrib-8.1postgresql-8.1postgresql-pltcl-8.4postgresql-plpython-8.4libpq4postgresql-8.4libecpg5postgresql-plperl-8.1libecpg6postgresql-plpython-8.1postgresql-server-dev-8.4postgresql-client-8.4postgresql-server-dev-8.1postgresql-doc-8.4postgresql-plperl-8.4postgresql-client-8.1postgresql-plperl-8.3postgresql-doc-8.1libpq-devlibecpg-compat2postgresql-clientpostgresql-plpython-8.3postgresql-contrib-8.4libecpg-compat3postgresqlpostgresql-doc-8.3postgresql-contribpostgresql-docpostgresql-contrib-8.3libecpg-devlibpgtypes3postgresql-client-8.3libpq5postgresql-server-dev-8.3libpgtypes2postgresql-pltcl-8.3postgresql-8.3libavfilter-devlibavfilter0libavcodec52libpam-runtimelibpam-crackliblibpam-moduleslibpam0glibpam-doclibpam0g-devthunderbird-devmozilla-thunderbird-devmozilla-thunderbirdthunderbirdthunderbird-gnome-supportpcmcia-storage-modules-2.6.31-20-powerpc64-smp-diparport-modules-2.6.31-20-powerpc64-smp-diparport-modules-2.6.31-20-powerpc-dinic-usb-modules-2.6.31-20-powerpc-dicrypto-modules-2.6.31-20-sparc64-diplip-modules-2.6.31-20-powerpc64-smp-diinput-modules-2.6.31-20-generic-distorage-core-modules-2.6.31-20-sparc64-difs-secondary-modules-2.6.31-20-powerpc64-smp-discsi-modules-2.6.31-20-powerpc64-smp-dilinux-image-2.6.31-20-genericmd-modules-2.6.31-20-powerpc64-smp-difs-core-modules-2.6.31-20-powerpc64-smp-diirda-modules-2.6.31-20-powerpc64-smp-dinic-pcmcia-modules-2.6.31-20-powerpc64-smp-dipcmcia-storage-modules-2.6.31-20-generic-difloppy-modules-2.6.31-20-powerpc-diblock-modules-2.6.31-20-generic-difs-core-modules-2.6.31-20-generic-dinic-modules-2.6.31-20-sparc64-dinfs-modules-2.6.31-20-sparc64-disata-modules-2.6.31-20-powerpc64-smp-dinic-shared-modules-2.6.31-20-powerpc-dilinux-headers-2.6.31-20-powerpcusb-modules-2.6.31-20-powerpc64-smp-difs-secondary-modules-2.6.31-20-sparc64-difs-secondary-modules-2.6.31-20-powerpc-dipcmcia-modules-2.6.31-20-powerpc64-smp-diparport-modules-2.6.31-20-sparc64-dikernel-image-2.6.31-20-sparc64-difloppy-modules-2.6.31-20-generic-dikernel-image-2.6.31-20-powerpc-dimd-modules-2.6.31-20-powerpc-difat-modules-2.6.31-20-sparc64-dicrypto-modules-2.6.31-20-generic-dilinux-headers-2.6.31-20nic-modules-2.6.31-20-powerpc64-smp-diserial-modules-2.6.31-20-powerpc-dilinux-headers-2.6.31-20-genericfirewire-core-modules-2.6.31-20-powerpc-diserial-modules-2.6.31-20-powerpc64-smp-diplip-modules-2.6.31-20-sparc64-divirtio-modules-2.6.31-20-generic-diinput-modules-2.6.31-20-powerpc64-smp-difs-secondary-modules-2.6.31-20-generic-dilinux-headers-2.6.31-305-ec2ppp-modules-2.6.31-20-powerpc64-smp-disata-modules-2.6.31-20-generic-difs-core-modules-2.6.31-20-sparc64-distorage-core-modules-2.6.31-20-powerpc-dilinux-image-2.6.31-20-powerpcnfs-modules-2.6.31-20-generic-dinic-modules-2.6.31-20-generic-dilinux-headers-2.6.31-305linux-headers-2.6.31-20-powerpc-smpstorage-core-modules-2.6.31-20-generic-dinic-pcmcia-modules-2.6.31-20-generic-dimessage-modules-2.6.31-20-powerpc64-smp-difirewire-core-modules-2.6.31-20-generic-dippp-modules-2.6.31-20-powerpc-dilinux-image-2.6.31-20-sparc64pata-modules-2.6.31-20-powerpc-diblock-modules-2.6.31-20-sparc64-dippp-modules-2.6.31-20-sparc64-dimessage-modules-2.6.31-20-sparc64-disata-modules-2.6.31-20-sparc64-discsi-modules-2.6.31-20-sparc64-dinic-modules-2.6.31-20-powerpc-dicrypto-modules-2.6.31-20-powerpc-difat-modules-2.6.31-20-powerpc-dinic-pcmcia-modules-2.6.31-20-powerpc-difat-modules-2.6.31-20-powerpc64-smp-discsi-modules-2.6.31-20-powerpc-diusb-modules-2.6.31-20-powerpc-dipcmcia-modules-2.6.31-20-generic-dilinux-headers-2.6.31-20-sparc64scsi-modules-2.6.31-20-generic-dinic-usb-modules-2.6.31-20-sparc64-dicrypto-modules-2.6.31-20-powerpc64-smp-dipata-modules-2.6.31-20-generic-dipata-modules-2.6.31-20-sparc64-dipcmcia-storage-modules-2.6.31-20-powerpc-diparport-modules-2.6.31-20-generic-dipata-modules-2.6.31-20-powerpc64-smp-difirewire-core-modules-2.6.31-20-powerpc64-smp-difirewire-core-modules-2.6.31-20-sparc64-dimouse-modules-2.6.31-20-powerpc64-smp-dichar-modules-2.6.31-20-generic-dimd-modules-2.6.31-20-sparc64-dinfs-modules-2.6.31-20-powerpc64-smp-dimouse-modules-2.6.31-20-generic-dimessage-modules-2.6.31-20-generic-dinfs-modules-2.6.31-20-powerpc-difs-core-modules-2.6.31-20-powerpc-diblock-modules-2.6.31-20-powerpc-difb-modules-2.6.31-20-generic-diinput-modules-2.6.31-20-sparc64-dimessage-modules-2.6.31-20-powerpc-diusb-modules-2.6.31-20-generic-dilinux-image-2.6.31-20-virtualmd-modules-2.6.31-20-generic-diusb-modules-2.6.31-20-sparc64-dilinux-image-2.6.31-20-sparc64-smpirda-modules-2.6.31-20-generic-dinic-usb-modules-2.6.31-20-powerpc64-smp-diplip-modules-2.6.31-20-generic-distorage-core-modules-2.6.31-20-powerpc64-smp-dinic-shared-modules-2.6.31-20-powerpc64-smp-diinput-modules-2.6.31-20-powerpc-dikernel-image-2.6.31-20-generic-dilinux-image-2.6.31-20-powerpc-smpnic-shared-modules-2.6.31-20-sparc64-dilinux-image-2.6.31-20-powerpc64-smppcmcia-modules-2.6.31-20-powerpc-diirda-modules-2.6.31-20-powerpc-diblock-modules-2.6.31-20-powerpc64-smp-dimouse-modules-2.6.31-20-sparc64-disata-modules-2.6.31-20-powerpc-dippp-modules-2.6.31-20-generic-dilinux-headers-2.6.31-20-sparc64-smpkernel-image-2.6.31-20-powerpc64-smp-diserial-modules-2.6.31-20-generic-difloppy-modules-2.6.31-20-powerpc64-smp-dilinux-image-2.6.31-305-ec2mouse-modules-2.6.31-20-powerpc-difat-modules-2.6.31-20-generic-diserial-modules-2.6.31-20-sparc64-dinic-usb-modules-2.6.31-20-generic-dilinux-headers-2.6.31-20-powerpc64-smpplip-modules-2.6.31-20-powerpc-dinic-shared-modules-2.6.31-20-generic-dilibnss-devlibnspr4libnss3-0dmozilla-firefox-devlibnss3firefox-dbglibnss3-devlibnss3-1d-dbglibnss3-1dlibnss3-toolslibnss3-0d-dbglibnspr-devlib32icu38libicu38libicu-devicu-doclibicu38-dbglib32icu-devphonon-backend-xinekhelpcenterplasma-scriptengine-javascriptkdebase-runtimekdebase-runtime-dbgkdebase-runtime-bin-kde4kdebase-runtime-data-commonkdebase-runtime-datakde-icons-oxygenkhelpcenter4ghostscriptghostscript-docgs-commongs-esp-xgslibgs-esp-devgs-gplgs-aladdinlibgs8ghostscript-xlibgs-devgs-espirda-modules-2.6.28-18-lpia-dinic-shared-modules-2.6.28-18-lpia-difat-modules-2.6.28-18-lpia-dikernel-image-2.6.28-18-lpia-difb-modules-2.6.28-18-lpia-difs-secondary-modules-2.6.28-18-lpia-dilinux-image-2.6.28-18-virtualinput-modules-2.6.28-18-lpia-dimd-modules-2.6.28-18-lpia-dimouse-modules-2.6.28-18-lpia-diplip-modules-2.6.28-18-lpia-disata-modules-2.6.28-18-generic-difs-core-modules-2.6.28-18-lpia-dilinux-doc-2.6.28pcmcia-modules-2.6.28-18-generic-dimessage-modules-2.6.28-18-generic-dihfs-modules-2.6.15-55-powerpc64-smp-diide-modules-2.6.15-55-powerpc64-smp-dinic-usb-modules-2.6.28-18-generic-dipcmcia-storage-modules-2.6.15-55-powerpc-difirewire-core-modules-2.6.28-18-generic-difat-modules-2.6.28-18-generic-discsi-modules-2.6.28-18-lpia-dinic-pcmcia-modules-2.6.15-55-powerpc64-smp-dinic-modules-2.6.15-55-powerpc64-smp-diipv6-modules-2.6.15-55-powerpc-difirewire-core-modules-2.6.28-18-lpia-disocket-modules-2.6.15-55-powerpc64-smp-diirda-modules-2.6.28-18-generic-difloppy-modules-2.6.28-18-lpia-discsi-modules-2.6.15-55-powerpc64-smp-divirtio-modules-2.6.28-18-lpia-dinic-shared-modules-2.6.28-18-generic-dinfs-modules-2.6.28-18-generic-diparport-modules-2.6.28-18-lpia-dicrypto-modules-2.6.28-18-generic-dilinux-image-2.6.15-55-powerpc64-smpstorage-core-modules-2.6.28-18-lpia-dikernel-image-2.6.15-55-powerpc-dipcmcia-storage-modules-2.6.28-18-generic-dipcmcia-modules-2.6.15-55-powerpc64-smp-dimd-modules-2.6.28-18-generic-dinic-shared-modules-2.6.15-55-powerpc64-smp-difloppy-modules-2.6.28-18-generic-diusb-storage-modules-2.6.15-55-powerpc-dikernel-image-2.6.28-18-generic-dinic-firmware-2.6.15-55-powerpc64-smp-diusb-modules-2.6.15-55-powerpc64-smp-diusb-storage-modules-2.6.15-55-powerpc64-smp-dinfs-modules-2.6.15-55-powerpc64-smp-difs-common-modules-2.6.15-55-powerpc64-smp-dihfs-modules-2.6.15-55-powerpc-dimd-modules-2.6.15-55-powerpc-diinput-modules-2.6.15-55-powerpc64-smp-dilinux-headers-2.6.15-55-powerpcreiserfs-modules-2.6.15-55-powerpc-diloop-modules-2.6.15-55-386-difirewire-core-modules-2.6.15-55-powerpc-dippp-modules-2.6.28-18-generic-dinfs-modules-2.6.15-55-386-disocket-modules-2.6.15-55-powerpc-difat-modules-2.6.15-55-386-dicdrom-core-modules-2.6.15-55-386-dinic-usb-modules-2.6.15-55-powerpc-dicrc-modules-2.6.15-55-powerpc64-smp-diusb-modules-2.6.15-55-386-diusb-modules-2.6.28-18-lpia-dipcmcia-modules-2.6.28-18-lpia-dippp-modules-2.6.15-55-powerpc-difb-modules-2.6.15-55-386-dilinux-headers-2.6.15-55-serverinput-modules-2.6.15-55-386-dicrypto-modules-2.6.28-18-lpia-dinic-firmware-2.6.15-55-sparc64-dinic-modules-2.6.28-18-generic-dippp-modules-2.6.28-18-lpia-dinic-modules-2.6.15-55-powerpc-diserial-modules-2.6.15-55-powerpc64-smp-diext2-modules-2.6.15-55-powerpc64-smp-dilinux-image-2.6.15-55-386ide-modules-2.6.15-55-386-dilinux-headers-2.6.15-55-sparc64-smpnic-pcmcia-modules-2.6.28-18-generic-diext2-modules-2.6.15-55-powerpc-dilinux-headers-2.6.15-55-k7affs-modules-2.6.15-55-powerpc64-smp-diusb-modules-2.6.28-18-generic-dinic-shared-modules-2.6.15-55-powerpc-difb-modules-2.6.15-55-powerpc-dicdrom-modules-2.6.15-55-386-dicrc-modules-2.6.15-55-386-dipcmcia-modules-2.6.15-55-386-dixfs-modules-2.6.15-55-386-dippp-modules-2.6.15-55-powerpc64-smp-diufs-modules-2.6.15-55-powerpc64-smp-diipv6-modules-2.6.15-55-386-dipata-modules-2.6.28-18-lpia-diloop-modules-2.6.15-55-sparc64-diserial-modules-2.6.15-55-powerpc-difb-modules-2.6.15-55-powerpc64-smp-dilinux-headers-2.6.15-55-powerpc-smpscsi-modules-2.6.28-18-generic-dinfs-modules-2.6.15-55-sparc64-dippp-modules-2.6.15-55-sparc64-dilinux-image-2.6.15-55-powerpcacpi-modules-2.6.15-55-386-distorage-core-modules-2.6.28-18-generic-diipv6-modules-2.6.15-55-powerpc64-smp-diblock-modules-2.6.31-19-powerpc-dilinux-headers-2.6.28-18loop-modules-2.6.15-55-powerpc64-smp-diinput-modules-2.6.15-55-sparc64-dinic-usb-modules-2.6.15-55-powerpc64-smp-diplip-modules-2.6.15-55-386-direiserfs-modules-2.6.15-55-sparc64-disata-modules-2.6.15-55-powerpc64-smp-disata-modules-2.6.15-55-powerpc-dicrc-modules-2.6.15-55-powerpc-disocket-modules-2.6.15-55-386-difirewire-core-modules-2.6.31-19-powerpc64-smp-dimessage-modules-2.6.31-19-powerpc64-smp-dinic-shared-modules-2.6.15-55-sparc64-diplip-modules-2.6.15-55-sparc64-difirewire-core-modules-2.6.15-55-powerpc64-smp-dinic-shared-modules-2.6.15-55-386-diserial-modules-2.6.31-19-powerpc64-smp-diext2-modules-2.6.15-55-sparc64-dippp-modules-2.6.15-55-386-dipcmcia-storage-modules-2.6.15-55-powerpc64-smp-dilinux-image-2.6.15-55-k7nfs-modules-2.6.15-55-powerpc-dipcmcia-storage-modules-2.6.15-55-386-dilinux-headers-2.6.15-55-server-bigironsata-modules-2.6.31-19-powerpc-dimd-modules-2.6.15-55-powerpc64-smp-dimouse-modules-2.6.31-19-powerpc-dinic-pcmcia-modules-2.6.31-19-powerpc-dinic-usb-modules-2.6.28-18-lpia-diinput-modules-2.6.31-19-powerpc64-smp-discsi-core-modules-2.6.15-55-powerpc-diirda-modules-2.6.15-55-386-dinic-modules-2.6.31-19-powerpc64-smp-dipcmcia-modules-2.6.15-55-powerpc-dijfs-modules-2.6.15-55-powerpc64-smp-distorage-core-modules-2.6.31-19-powerpc64-smp-diide-modules-2.6.15-55-powerpc-dijfs-modules-2.6.15-55-powerpc-dimessage-modules-2.6.28-18-lpia-dilinux-headers-2.6.31-19-powerpcjfs-modules-2.6.15-55-386-difirewire-core-modules-2.6.31-19-powerpc-dipcmcia-storage-modules-2.6.28-18-lpia-dilinux-doc-2.6.15fs-secondary-modules-2.6.31-19-sparc64-dixfs-modules-2.6.15-55-powerpc64-smp-discsi-modules-2.6.15-55-sparc64-diinput-modules-2.6.31-19-sparc64-dipcmcia-modules-2.6.31-19-powerpc64-smp-diplip-modules-2.6.28-18-generic-dimessage-modules-2.6.31-19-powerpc-dinic-pcmcia-modules-2.6.15-55-386-dipata-modules-2.6.31-19-powerpc-disata-modules-2.6.15-55-386-difloppy-modules-2.6.15-55-386-dinic-modules-2.6.31-19-powerpc-difirewire-core-modules-2.6.31-19-sparc64-dipcmcia-storage-modules-2.6.31-19-powerpc-dicrypto-modules-2.6.31-19-powerpc-diparport-modules-2.6.15-55-386-diblock-modules-2.6.28-18-generic-distorage-core-modules-2.6.31-19-powerpc-dimouse-modules-2.6.28-18-generic-dinic-modules-2.6.15-55-sparc64-diplip-modules-2.6.31-19-powerpc64-smp-dikernel-image-2.6.15-55-sparc64-dicdrom-core-modules-2.6.15-55-powerpc64-smp-dikernel-image-2.6.31-19-generic-dicdrom-core-modules-2.6.15-55-sparc64-dilinux-headers-2.6.15-55scsi-modules-2.6.15-55-powerpc-dilinux-headers-2.6.31-19-powerpc64-smpppp-modules-2.6.31-19-sparc64-dinic-modules-2.6.31-19-generic-difat-modules-2.6.15-55-powerpc64-smp-dinfs-modules-2.6.31-19-powerpc-discsi-core-modules-2.6.15-55-386-difs-core-modules-2.6.28-18-generic-dipata-modules-2.6.31-19-powerpc64-smp-dilinux-image-2.6.31-19-sparc64-smpnic-firmware-2.6.15-55-386-dinic-usb-modules-2.6.31-19-powerpc-dinic-usb-modules-2.6.15-55-386-diufs-modules-2.6.15-55-powerpc-diblock-modules-2.6.31-19-generic-dixfs-modules-2.6.15-55-powerpc-dilinux-image-2.6.15-55-sparc64-smplinux-image-2.6.31-19-sparc64linux-image-2.6.15-55-686floppy-modules-2.6.31-19-powerpc-difat-modules-2.6.31-19-powerpc64-smp-difs-core-modules-2.6.31-19-powerpc64-smp-dilinux-image-2.6.31-19-powerpc64-smpfs-secondary-modules-2.6.31-19-powerpc-dikernel-image-2.6.31-19-sparc64-dilinux-image-2.6.15-55-sparc64sata-modules-2.6.28-18-lpia-difat-modules-2.6.15-55-powerpc-difs-secondary-modules-2.6.28-18-generic-diserial-modules-2.6.28-18-generic-divirtio-modules-2.6.28-18-generic-direiserfs-modules-2.6.15-55-powerpc64-smp-diusb-modules-2.6.31-19-sparc64-discsi-modules-2.6.31-19-generic-difat-modules-2.6.15-55-sparc64-dinic-pcmcia-modules-2.6.27-17-generic-dilinux-headers-2.6.15-55-powerpc64-smpfb-modules-2.6.27-17-generic-dikernel-image-2.6.15-55-powerpc64-smp-dippp-modules-2.6.31-19-powerpc-difloppy-modules-2.6.15-55-powerpc64-smp-difloppy-modules-2.6.27-17-generic-dilinux-headers-2.6.31-304-ec2linux-headers-2.6.31-19firewire-core-modules-2.6.15-55-386-diparport-modules-2.6.28-18-generic-diusb-storage-modules-2.6.15-55-386-dimessage-modules-2.6.31-19-generic-dimouse-modules-2.6.31-19-sparc64-dimessage-modules-2.6.27-17-generic-dikernel-image-2.6.27-17-generic-diinput-modules-2.6.31-19-generic-dilinux-image-2.6.24-27-powerpcplip-modules-2.6.31-19-sparc64-dippp-modules-2.6.27-17-generic-diinput-modules-2.6.31-19-powerpc-dicrypto-modules-2.6.31-19-powerpc64-smp-dipcmcia-storage-modules-2.6.27-17-generic-dintfs-modules-2.6.15-55-386-diacpi-modules-2.6.27-17-generic-dinic-firmware-2.6.15-55-powerpc-dilinux-image-2.6.27-17-genericchar-modules-2.6.31-19-generic-diirda-modules-2.6.31-19-powerpc64-smp-diplip-modules-2.6.31-19-powerpc-dinic-usb-modules-2.6.31-19-sparc64-dimd-modules-2.6.31-19-generic-dimd-modules-2.6.31-19-powerpc-disata-modules-2.6.31-19-generic-diusb-modules-2.6.31-19-powerpc-difs-secondary-modules-2.6.24-27-powerpc64-smp-distorage-core-modules-2.6.27-17-generic-diusb-modules-2.6.24-27-powerpc64-smp-dimd-modules-2.6.24-27-powerpc-dimd-modules-2.6.27-17-generic-dipata-modules-2.6.31-19-generic-diirda-modules-2.6.15-55-powerpc64-smp-difs-core-modules-2.6.31-19-generic-dicrypto-modules-2.6.31-19-sparc64-dilinux-headers-2.6.27-17-genericparport-modules-2.6.31-19-powerpc-diipv6-modules-2.6.24-27-powerpc-dippp-modules-2.6.31-19-generic-disata-modules-2.6.24-27-powerpc64-smp-diblock-modules-2.6.31-19-powerpc64-smp-dilinux-image-2.6.28-18-genericufs-modules-2.6.15-55-386-difloppy-modules-2.6.24-27-powerpc64-smp-dimouse-modules-2.6.31-19-generic-distorage-core-modules-2.6.31-19-sparc64-diparport-modules-2.6.24-27-powerpc64-smp-difb-modules-2.6.31-19-generic-dilinux-headers-2.6.31-19-sparc64input-modules-2.6.28-18-generic-dimd-modules-2.6.15-55-sparc64-diserial-modules-2.6.24-27-powerpc64-smp-dicrc-modules-2.6.15-55-sparc64-diinput-modules-2.6.27-17-generic-dilinux-headers-2.6.28-18-genericcrypto-modules-2.6.27-17-generic-dilinux-headers-2.6.27-17linux-image-2.6.28-18-serverusb-modules-2.6.31-19-generic-disata-modules-2.6.31-19-sparc64-discsi-modules-2.6.24-27-powerpc-disocket-modules-2.6.27-17-generic-dicrypto-modules-2.6.24-27-386-dinfs-modules-2.6.31-19-powerpc64-smp-difirewire-core-modules-2.6.31-19-generic-dipata-modules-2.6.31-19-sparc64-dimessage-modules-2.6.24-27-powerpc-dilinux-headers-2.6.24-27-openvznic-usb-modules-2.6.31-19-powerpc64-smp-diirda-modules-2.6.24-27-generic-diext3-modules-2.6.15-55-powerpc-dilinux-image-debug-2.6.24-27-virtuallinux-headers-2.6.24-27-386crypto-modules-2.6.31-19-generic-diusb-modules-2.6.24-27-powerpc-dinfs-modules-2.6.24-27-powerpc64-smp-divirtio-modules-2.6.31-19-generic-difs-core-modules-2.6.24-27-powerpc64-smp-discsi-core-modules-2.6.15-55-powerpc64-smp-distorage-core-modules-2.6.24-27-386-dilinux-headers-2.6.31-19-genericlinux-image-2.6.15-55-server-bigironpcmcia-storage-modules-2.6.24-27-386-dicrypto-modules-2.6.24-27-generic-discsi-modules-2.6.31-19-powerpc-difat-modules-2.6.24-27-powerpc64-smp-dinic-modules-2.6.24-27-powerpc-diblock-modules-2.6.24-27-386-dipcmcia-storage-modules-2.6.31-19-powerpc64-smp-distorage-core-modules-2.6.24-27-powerpc64-smp-dilinux-headers-2.6.31-19-sparc64-smpppp-modules-2.6.24-27-386-diinput-modules-2.6.15-55-powerpc-diserial-modules-2.6.31-19-powerpc-discsi-modules-2.6.31-19-powerpc64-smp-difirewire-core-modules-2.6.24-27-powerpc64-smp-dilinux-image-2.6.24-27-genericirda-modules-2.6.15-55-powerpc-dimd-modules-2.6.31-19-powerpc64-smp-discsi-modules-2.6.15-55-386-dinfs-modules-2.6.28-18-lpia-difirewire-core-modules-2.6.24-27-generic-dicrypto-modules-2.6.24-27-powerpc-distorage-core-modules-2.6.31-19-generic-direiserfs-modules-2.6.15-55-386-dilinux-headers-2.6.31-304socket-modules-2.6.24-27-powerpc-diserial-modules-2.6.28-18-lpia-diparport-modules-2.6.27-17-generic-dinic-pcmcia-modules-2.6.28-18-lpia-difs-common-modules-2.6.15-55-powerpc-dilinux-ec2-doclinux-image-2.6.28-18-lpiasata-modules-2.6.24-27-powerpc-dilinux-headers-2.6.28-18-lpiasata-modules-2.6.27-17-generic-diusb-modules-2.6.27-17-generic-dinfs-modules-2.6.24-27-powerpc-difirewire-core-modules-2.6.27-17-generic-dilinux-headers-2.6.24-27-powerpc-smplinux-image-2.6.24-27-serverserial-modules-2.6.24-27-powerpc-difs-core-modules-2.6.24-27-powerpc-diirda-modules-2.6.24-27-powerpc-diblock-modules-2.6.27-17-generic-dixfs-modules-2.6.15-55-sparc64-dilinux-image-2.6.31-19-powerpc-smpnic-usb-modules-2.6.24-27-386-dikernel-image-2.6.15-55-386-dilinux-image-2.6.27-17-virtualfloppy-modules-2.6.24-27-386-dipata-modules-2.6.24-27-powerpc-dilinux-docplip-modules-2.6.24-27-generic-dipcmcia-storage-modules-2.6.24-27-generic-dinic-modules-2.6.28-18-lpia-diblock-modules-2.6.28-18-lpia-dinic-modules-2.6.27-17-generic-dinic-modules-2.6.15-55-386-diserial-modules-2.6.27-17-generic-dimouse-modules-2.6.31-19-powerpc64-smp-diserial-modules-2.6.15-55-386-dilinux-headers-2.6.28-18-serverlinux-image-debug-2.6.24-27-386nic-usb-modules-2.6.24-27-powerpc64-smp-diext2-modules-2.6.15-55-386-dilinux-ec2-source-2.6.31pcmcia-modules-2.6.31-19-generic-dilinux-headers-2.6.24-27-powerpcacpi-modules-2.6.24-27-386-dippp-modules-2.6.31-19-powerpc64-smp-dinic-shared-modules-2.6.27-17-generic-dilinux-headers-2.6.24-27-genericlinux-source-2.6.31linux-image-debug-2.6.24-27-serversata-modules-2.6.31-19-powerpc64-smp-difb-modules-2.6.28-18-generic-dinic-pcmcia-modules-2.6.15-55-powerpc-dilinux-headers-2.6.15-55-sparc64scsi-modules-2.6.31-19-sparc64-discsi-modules-2.6.24-27-generic-dilinux-image-2.6.15-55-powerpc-smppata-modules-2.6.28-18-generic-dilinux-headers-2.6.24-27-xenlinux-image-2.6.24-27-xenpcmcia-modules-2.6.24-27-powerpc64-smp-difs-core-modules-2.6.24-27-386-difirewire-core-modules-2.6.24-27-powerpc-diaffs-modules-2.6.15-55-powerpc-dilinux-source-2.6.28storage-core-modules-2.6.24-27-generic-diinput-modules-2.6.24-27-generic-diusb-modules-2.6.15-55-powerpc-dinic-usb-modules-2.6.24-27-powerpc-diipv6-modules-2.6.15-55-sparc64-discsi-modules-2.6.24-27-386-dinic-shared-modules-2.6.24-27-powerpc64-smp-diinput-modules-2.6.24-27-powerpc-diext3-modules-2.6.15-55-powerpc64-smp-dicdrom-core-modules-2.6.15-55-powerpc-diipv6-modules-2.6.24-27-generic-diloop-modules-2.6.15-55-powerpc-dilinux-headers-2.6.27-17-serveride-modules-2.6.15-55-sparc64-dilinux-image-2.6.24-27-powerpc64-smpfloppy-modules-2.6.15-55-powerpc-diserial-modules-2.6.31-19-generic-dinic-modules-2.6.24-27-powerpc64-smp-dinic-pcmcia-modules-2.6.24-27-powerpc-dipcmcia-modules-2.6.27-17-generic-difb-modules-2.6.24-27-386-difs-core-modules-2.6.31-19-sparc64-dikernel-image-2.6.24-27-386-difs-core-modules-2.6.27-17-generic-diplip-modules-2.6.24-27-386-dilinux-image-debug-2.6.24-27-genericlinux-image-2.6.31-19-powerpcext3-modules-2.6.15-55-sparc64-diirda-modules-2.6.24-27-powerpc64-smp-dipata-modules-2.6.27-17-generic-difat-modules-2.6.31-19-powerpc-dimessage-modules-2.6.24-27-generic-diipv6-modules-2.6.27-17-generic-dilinux-image-2.6.15-55-serverfs-secondary-modules-2.6.31-19-generic-dilinux-headers-2.6.15-55-386linux-image-2.6.24-27-386fs-secondary-modules-2.6.24-27-generic-diusb-storage-modules-2.6.15-55-sparc64-dinic-pcmcia-modules-2.6.31-19-generic-dinic-pcmcia-modules-2.6.31-19-powerpc64-smp-dilinux-headers-2.6.24-27-virtualnic-shared-modules-2.6.31-19-powerpc-dimd-modules-2.6.15-55-386-difloppy-modules-2.6.31-19-powerpc64-smp-dinic-shared-modules-2.6.31-19-sparc64-dipcmcia-modules-2.6.31-19-powerpc-dipcmcia-modules-2.6.24-27-powerpc-diblock-modules-2.6.24-27-generic-disata-modules-2.6.24-27-386-dilinux-headers-2.6.15-55-686usb-modules-2.6.31-19-powerpc64-smp-dilinux-source-2.6.15fs-secondary-modules-2.6.24-27-386-diext3-modules-2.6.15-55-386-difs-core-modules-2.6.31-19-powerpc-diusb-modules-2.6.15-55-sparc64-dippp-modules-2.6.24-27-generic-dinic-usb-modules-2.6.31-19-generic-diparport-modules-2.6.31-19-sparc64-dicrypto-modules-2.6.24-27-powerpc64-smp-dilinux-image-2.6.24-27-openvzparport-modules-2.6.24-27-generic-diserial-modules-2.6.24-27-386-discsi-core-modules-2.6.15-55-sparc64-diparport-modules-2.6.15-55-sparc64-difs-core-modules-2.6.24-27-generic-divirtio-modules-2.6.27-17-generic-disocket-modules-2.6.24-27-generic-disata-modules-2.6.24-27-generic-difloppy-modules-2.6.24-27-powerpc-dinic-modules-2.6.24-27-386-dilinux-image-2.6.31-19-genericserial-modules-2.6.24-27-generic-dimd-modules-2.6.24-27-powerpc64-smp-dilinux-headers-2.6.24-27-powerpc64-smpsocket-modules-2.6.24-27-powerpc64-smp-diirda-modules-2.6.24-27-386-diblock-modules-2.6.24-27-powerpc64-smp-dimd-modules-2.6.24-27-generic-dinic-pcmcia-modules-2.6.24-27-generic-dinfs-modules-2.6.27-17-generic-diusb-modules-2.6.24-27-generic-difb-modules-2.6.24-27-generic-dilinux-headers-2.6.24-27-rtide-modules-2.6.24-27-386-diide-modules-2.6.24-27-generic-diirda-modules-2.6.31-19-powerpc-diinput-modules-2.6.24-27-386-dimd-modules-2.6.24-27-386-dilinux-headers-2.6.24-27-serveripv6-modules-2.6.24-27-powerpc64-smp-dipcmcia-modules-2.6.24-27-386-difat-modules-2.6.27-17-generic-diblock-modules-2.6.31-19-sparc64-diblock-modules-2.6.24-27-powerpc-dilinux-image-2.6.24-27-virtualkernel-image-2.6.31-19-powerpc-dipcmcia-storage-modules-2.6.24-27-powerpc64-smp-dikernel-image-2.6.24-27-powerpc-diparport-modules-2.6.31-19-powerpc64-smp-dipata-modules-2.6.24-27-386-dilinux-headers-2.6.31-19-powerpc-smpusb-modules-2.6.24-27-386-difat-modules-2.6.24-27-powerpc-diparport-modules-2.6.24-27-powerpc-diparport-modules-2.6.24-27-386-dinic-modules-2.6.31-19-sparc64-dinic-shared-modules-2.6.24-27-powerpc-difat-modules-2.6.31-19-sparc64-dinfs-modules-2.6.24-27-386-dilinux-headers-2.6.24-27irda-modules-2.6.31-19-generic-dinfs-modules-2.6.31-19-generic-dinic-shared-modules-2.6.24-27-386-difs-secondary-modules-2.6.31-19-powerpc64-smp-dinic-shared-modules-2.6.31-19-powerpc64-smp-difat-modules-2.6.31-19-generic-diparport-modules-2.6.31-19-generic-dikernel-image-2.6.31-19-powerpc64-smp-difat-modules-2.6.24-27-386-dimessage-modules-2.6.31-19-sparc64-diserial-modules-2.6.31-19-sparc64-dinic-pcmcia-modules-2.6.24-27-powerpc64-smp-dinic-shared-modules-2.6.31-19-generic-difirewire-core-modules-2.6.24-27-386-dinfs-modules-2.6.24-27-generic-diplip-modules-2.6.27-17-generic-dinfs-modules-2.6.31-19-sparc64-dipata-modules-2.6.24-27-generic-dimd-modules-2.6.31-19-sparc64-dilinux-image-2.6.31-304-ec2message-modules-2.6.24-27-386-diplip-modules-2.6.31-19-generic-difloppy-modules-2.6.31-19-generic-dippp-modules-2.6.24-27-powerpc-diinput-modules-2.6.24-27-powerpc64-smp-dipcmcia-storage-modules-2.6.24-27-powerpc-difs-secondary-modules-2.6.27-17-generic-dipcmcia-storage-modules-2.6.31-19-generic-dilinux-image-2.6.24-27-powerpc-smpnic-modules-2.6.24-27-generic-dinic-usb-modules-2.6.27-17-generic-discsi-modules-2.6.24-27-powerpc64-smp-difloppy-modules-2.6.24-27-generic-dimessage-modules-2.6.24-27-powerpc64-smp-dinic-pcmcia-modules-2.6.24-27-386-dilinux-image-2.6.31-19-virtualscsi-modules-2.6.27-17-generic-diplip-modules-2.6.24-27-powerpc-dilinux-image-2.6.27-17-serverirda-modules-2.6.27-17-generic-distorage-core-modules-2.6.24-27-powerpc-difs-secondary-modules-2.6.24-27-powerpc-dikernel-image-2.6.24-27-powerpc64-smp-diipv6-modules-2.6.24-27-386-dippp-modules-2.6.24-27-powerpc64-smp-dikernel-image-2.6.24-27-generic-diide-modules-2.6.24-27-powerpc64-smp-difat-modules-2.6.24-27-generic-diide-modules-2.6.24-27-powerpc-dipata-modules-2.6.24-27-powerpc64-smp-diacpi-modules-2.6.24-27-generic-disocket-modules-2.6.24-27-386-dinic-usb-modules-2.6.24-27-generic-diplip-modules-2.6.24-27-powerpc64-smp-dilinux-image-2.6.24-27-rtnic-shared-modules-2.6.24-27-generic-dipcmcia-modules-2.6.24-27-generic-diapache2mimetexlibk5crypto3libkrb5-3libkadm5clnt6libkadm55libkadm5srv6libkrb53krb5-rsh-serverkrb5-kdc-ldaplibgssapi-krb5-2krb5-userlibkdb5-4libgssrpc4krb5-pkinitkrb5-admin-serverlibkrb5-dbglibkrb5support0krb5-ftpdkrb5-clientskrb5-telnetdkrb5-doclibkrb5-devkrb5-kdclibexpat1-udeblib64expat1lib64expat1-devlibexpat1-devexpatlibexpat1icedtea-6-jre-cacaoopenjdk-6-source-filesopenjdk-6-dbgicedtea6-pluginopenjdk-6-docopenjdk-6-jreopenjdk-6-jre-libopenjdk-6-jdkopenjdk-6-jre-zeroopenjdk-6-demoopenjdk-6-sourceopenjdk-6-jre-headlesslibthai-doclibthai-datalibthai0libthai-devliblcms1liblcms-utilspython-liblcmsliblcms1-devdashashemacs23-noxemacs23emacs23-elemacs22-elemacs22emacs23-lucidemacs22-bin-commonemacs22-noxemacs22-commonemacs23-commonemacs23-bin-commonemacs22-gtkemacsxulrunner-1.9.1xulrunner-1.9.1-devfirefox-3.5-brandingfirefox-3.5-dbgabrowser-3.5abrowser-3.1-brandingfirefox-3.1-dbgxulrunner-1.9.1-dbgabrowser-3.1firefox-3.5firefox-3.5-gnome-supportfirefox-3.1-gnome-supportabrowser-3.5-brandingxulrunner-1.9.1-testsuite-devfirefox-3.1-devxulrunner-1.9.1-gnome-supportfirefox-3.1abrowser-3.0xulrunner-1.9.1-testsuitefirefox-3.5-devfirefox-3.1-brandinglibwebkit-1.0-1libwebkit-devlibwebkit-1.0-1-dbglibsndfile1-devlibsndfile1sndfile-programsntp-simplentp-serverntp-docntp-refclockntpdatentpclamav-baseclamav-daemonclamav-freshclamclamav-dbglibclamav6libclamav-devclamav-milterclamav-docsclamavclamav-testfilesapache2.2-binapache2-mpm-itklibapr0-devlibapr0apache2-utilsapache2-suexecapache2-mpm-preforkapache2-prefork-devmahara-apache2apache2.2-commonapache2-srcapache2-mpm-workerapache2-mpm-eventapache2-threaded-devapache2-docapache2-mpm-perchildapache2-commonapache2-suexec-custompython2.4-sambasamba-common-binsamba-docsamba-commonsambawinbindlibwbclient0smbclientsamba-toolslibpam-smbpasssmbfslibsmbclient-devlibsmbclientsamba-dbgswatsamba-doc-pdfcmakecmake-guilibmysqld-piclibmysqlclient16libmysqlclient16-devmysql-client-5.1libmysqlclient-devlibmysqld-devmysql-clientlibmysqlclient15offmysql-server-5.1mysql-server-core-5.1mysql-client-5.0mysql-commonlibmysqlclient15-devmysql-server-5.0mysql-servermysql-server-core-5.0fuse-utils-udebfuse-sourcelibfuse2-udeblibfuse-devlibfuse2fuse-utilspython2.5-minimalpython2.4-tkpython2.5python2.5-examplesidle-python2.5python2.5-dbgpython2.5-docpython2.4-dbgidle-python2.4python2.4-minimalpython2.4-gdbmpython2.4python2.4-devpython2.5-devpython2.4-examplespython2.4-docnetwork-manager-gnomelibglib2.0-0libglib2.0-datalibglib2.0-devlibgio-famlibglib2.0-udeblibglib2.0-0-dbglibglib2.0-docfirefox-gnome-supportfirefoxtomcat6-commonlibservlet2.5-java-doctomcat6tomcat6-examplestomcat6-userlibservlet2.5-javatomcat6-docstomcat6-adminlibtomcat6-javastorage-core-modules-2.6.24-23-386-diserial-modules-2.6.24-23-powerpc64-smp-dinic-shared-modules-2.6.24-23-powerpc64-smp-difirewire-core-modules-2.6.24-23-powerpc-distorage-core-modules-2.6.24-23-powerpc-diipv6-modules-2.6.24-23-powerpc64-smp-disata-modules-2.6.24-23-powerpc-dinfs-modules-2.6.24-23-powerpc64-smp-dipcmcia-storage-modules-2.6.24-23-powerpc-dinic-pcmcia-modules-2.6.24-23-powerpc-dippp-modules-2.6.24-23-386-diserial-modules-2.6.24-23-386-diirda-modules-2.6.24-23-powerpc-difirewire-core-modules-2.6.24-23-powerpc64-smp-difat-modules-2.6.24-23-powerpc64-smp-dimd-modules-2.6.24-23-powerpc64-smp-diirda-modules-2.6.24-23-386-dicrypto-modules-2.6.24-23-powerpc64-smp-difloppy-modules-2.6.24-23-powerpc-dipcmcia-modules-2.6.24-23-powerpc-dipcmcia-storage-modules-2.6.24-23-386-dilinux-image-debug-2.6.24-23-virtualusb-modules-2.6.24-23-386-diplip-modules-2.6.24-23-powerpc64-smp-diblock-modules-2.6.24-23-powerpc-dilinux-headers-2.6.24-23-powerpclinux-image-2.6.24-23-powerpc-smpnic-shared-modules-2.6.24-23-powerpc-dinic-usb-modules-2.6.24-23-powerpc-dipata-modules-2.6.24-23-386-dinic-pcmcia-modules-2.6.24-23-powerpc64-smp-dikernel-image-2.6.24-23-powerpc64-smp-difs-core-modules-2.6.24-23-powerpc-difs-secondary-modules-2.6.24-23-powerpc64-smp-dilinux-image-2.6.24-23-powerpc64-smpfat-modules-2.6.24-23-386-dinic-usb-modules-2.6.24-23-386-difirewire-core-modules-2.6.24-23-386-diblock-modules-2.6.24-23-powerpc64-smp-difloppy-modules-2.6.24-23-386-dinic-modules-2.6.24-23-powerpc-diparport-modules-2.6.24-23-generic-distorage-core-modules-2.6.24-23-generic-difs-core-modules-2.6.24-23-powerpc64-smp-dimd-modules-2.6.24-23-386-dimd-modules-2.6.24-23-powerpc-difs-core-modules-2.6.24-23-generic-dinic-modules-2.6.24-23-386-dilinux-image-2.6.24-23-genericide-modules-2.6.24-23-powerpc-diplip-modules-2.6.24-23-powerpc-dikernel-image-2.6.24-23-powerpc-disocket-modules-2.6.24-23-powerpc-diide-modules-2.6.24-23-generic-difb-modules-2.6.24-23-386-diparport-modules-2.6.24-23-386-dinfs-modules-2.6.24-23-generic-diinput-modules-2.6.24-23-powerpc64-smp-dilinux-headers-2.6.24-23-genericide-modules-2.6.24-23-powerpc64-smp-dilinux-headers-2.6.24-23-powerpc64-smpnfs-modules-2.6.24-23-386-dipcmcia-storage-modules-2.6.24-23-powerpc64-smp-diipv6-modules-2.6.24-23-generic-diblock-modules-2.6.24-23-386-dipata-modules-2.6.24-23-powerpc64-smp-dipcmcia-storage-modules-2.6.24-23-generic-diserial-modules-2.6.24-23-generic-dippp-modules-2.6.24-23-powerpc-dicrypto-modules-2.6.24-23-powerpc-dilinux-headers-2.6.24-23-386parport-modules-2.6.24-23-powerpc64-smp-dicrypto-modules-2.6.27-11-generic-dilinux-source-2.6.24md-modules-2.6.24-23-generic-disata-modules-2.6.24-23-386-dinfs-modules-2.6.24-23-powerpc-diacpi-modules-2.6.24-23-386-dilinux-headers-2.6.24-23-xenlinux-headers-2.6.24-23-serverlinux-image-2.6.24-23-powerpcipv6-modules-2.6.24-23-powerpc-diserial-modules-2.6.24-23-powerpc-diusb-modules-2.6.24-23-powerpc64-smp-dilinux-headers-2.6.27-11-serverstorage-core-modules-2.6.24-23-powerpc64-smp-dipcmcia-modules-2.6.24-23-powerpc64-smp-dilinux-source-2.6.27plip-modules-2.6.27-11-generic-divirtio-modules-2.6.27-11-generic-diparport-modules-2.6.27-11-generic-dipcmcia-modules-2.6.27-11-generic-diserial-modules-2.6.22-16-cell-diirda-modules-2.6.22-16-cell-dipata-modules-2.6.24-23-generic-diblock-modules-2.6.27-11-generic-diipv6-modules-2.6.24-23-386-dilinux-image-2.6.24-23-xenfs-secondary-modules-2.6.22-16-cell-diinput-modules-2.6.22-16-powerpc-dilinux-headers-2.6.24-23-virtualusb-modules-2.6.24-23-generic-dimessage-modules-2.6.22-16-powerpc-dilinux-headers-2.6.22-16-powerpc-smpfs-secondary-modules-2.6.22-16-powerpc64-smp-diinput-modules-2.6.24-23-386-dicrypto-modules-2.6.22-16-386-dinic-modules-2.6.27-11-generic-dinic-pcmcia-modules-2.6.22-16-powerpc64-smp-discsi-modules-2.6.22-16-cell-dilinux-image-debug-2.6.22-16-386pata-modules-2.6.24-23-powerpc-dinic-pcmcia-modules-2.6.22-16-cell-discsi-modules-2.6.24-23-386-diipv6-modules-2.6.22-16-cell-diplip-modules-2.6.22-16-powerpc64-smp-difs-secondary-modules-2.6.24-23-386-discsi-modules-2.6.24-23-powerpc64-smp-dimessage-modules-2.6.22-16-386-dikernel-image-2.6.22-16-powerpc64-smp-diirda-modules-2.6.22-16-powerpc64-smp-dinic-modules-2.6.24-23-powerpc64-smp-diblock-modules-2.6.22-16-386-dinic-usb-modules-2.6.22-16-powerpc64-smp-difirewire-core-modules-2.6.24-23-generic-dikernel-image-2.6.27-11-generic-dilinux-image-2.6.22-16-powerpc64-smplinux-headers-2.6.24-23-powerpc-smplinux-image-debug-2.6.22-16-virtualpata-modules-2.6.22-16-386-difb-modules-2.6.27-11-generic-diblock-modules-2.6.22-16-powerpc64-smp-dilinux-headers-2.6.24-23-rtnic-pcmcia-modules-2.6.22-16-386-dilinux-image-2.6.27-11-serverirda-modules-2.6.24-23-generic-disata-modules-2.6.22-16-powerpc-diide-modules-2.6.22-16-powerpc-dinic-usb-modules-2.6.27-11-generic-dinic-modules-2.6.22-16-powerpc64-smp-diparport-modules-2.6.22-16-generic-dicrypto-modules-2.6.22-16-powerpc64-smp-dippp-modules-2.6.22-16-powerpc64-smp-difb-modules-2.6.24-23-generic-difs-secondary-modules-2.6.22-16-386-difloppy-modules-2.6.24-23-generic-dilinux-image-2.6.22-16-powerpcstorage-core-modules-2.6.22-16-cell-dicrypto-modules-2.6.22-16-powerpc-dilinux-doc-2.6.27crypto-modules-2.6.24-23-386-dilinux-headers-2.6.22-16-umeppp-modules-2.6.24-23-generic-difs-core-modules-2.6.22-16-386-dipcmcia-storage-modules-2.6.22-16-generic-dilinux-image-2.6.24-23-openvzfs-secondary-modules-2.6.22-16-generic-dimd-modules-2.6.22-16-cell-dipcmcia-storage-modules-2.6.27-11-generic-difat-modules-2.6.22-16-powerpc64-smp-diserial-modules-2.6.22-16-386-dinic-shared-modules-2.6.24-23-generic-dicrypto-modules-2.6.24-23-generic-difs-secondary-modules-2.6.24-23-powerpc-dilinux-image-debug-2.6.24-23-genericlinux-image-2.6.22-16-umelinux-image-2.6.22-16-servermessage-modules-2.6.27-11-generic-diusb-modules-2.6.27-11-generic-diserial-modules-2.6.22-16-powerpc-dilinux-image-2.6.24-23-virtualcdrom-modules-2.6.22-16-generic-difs-secondary-modules-2.6.27-11-generic-dimessage-modules-2.6.22-16-generic-dippp-modules-2.6.22-16-386-dilinux-headers-2.6.22-16-powerpclinux-doc-2.6.22fs-secondary-modules-2.6.24-23-generic-diacpi-modules-2.6.24-23-generic-dikernel-image-2.6.22-16-cell-dilinux-doc-2.6.24ide-modules-2.6.22-16-powerpc64-smp-dipata-modules-2.6.22-16-powerpc64-smp-dicrypto-modules-2.6.22-16-cell-dipcmcia-storage-modules-2.6.22-16-386-diide-modules-2.6.22-16-386-dipcmcia-storage-modules-2.6.22-16-cell-dilinux-headers-2.6.24-23-openvzipv6-modules-2.6.22-16-powerpc-diplip-modules-2.6.24-23-generic-dicdrom-modules-2.6.22-16-386-disocket-modules-2.6.24-23-386-diusb-modules-2.6.22-16-386-dinic-shared-modules-2.6.27-11-generic-dipcmcia-modules-2.6.24-23-386-diusb-modules-2.6.22-16-cell-difloppy-modules-2.6.22-16-386-dimd-modules-2.6.22-16-powerpc-diblock-modules-2.6.22-16-generic-dinic-modules-2.6.22-16-cell-dinfs-modules-2.6.22-16-cell-dinic-usb-modules-2.6.24-23-generic-dimessage-modules-2.6.24-23-powerpc64-smp-disocket-modules-2.6.22-16-powerpc-dippp-modules-2.6.24-23-powerpc64-smp-dipcmcia-modules-2.6.24-23-generic-dipcmcia-modules-2.6.22-16-386-diirda-modules-2.6.22-16-powerpc-dipata-modules-2.6.22-16-generic-distorage-core-modules-2.6.22-16-powerpc-dilinux-image-2.6.27-11-genericnic-modules-2.6.24-23-generic-diacpi-modules-2.6.22-16-generic-dikernel-image-2.6.22-16-powerpc-diinput-modules-2.6.22-16-powerpc64-smp-diparport-modules-2.6.24-23-powerpc-diblock-modules-2.6.24-23-generic-dilinux-headers-2.6.27-11-genericsata-modules-2.6.24-23-generic-dippp-modules-2.6.27-11-generic-dipata-modules-2.6.27-11-generic-dikernel-image-2.6.22-16-386-diusb-modules-2.6.24-23-powerpc-dilinux-image-2.6.24-23-386sata-modules-2.6.22-16-generic-distorage-core-modules-2.6.22-16-powerpc64-smp-diusb-modules-2.6.22-16-powerpc64-smp-diparport-modules-2.6.22-16-cell-dilinux-headers-2.6.22-16scsi-modules-2.6.24-23-generic-diparport-modules-2.6.22-16-powerpc-dinfs-modules-2.6.22-16-powerpc-diusb-modules-2.6.22-16-generic-dilinux-headers-2.6.24-23scsi-modules-2.6.22-16-powerpc64-smp-difloppy-modules-2.6.22-16-generic-difs-core-modules-2.6.22-16-powerpc64-smp-difirewire-core-modules-2.6.22-16-cell-dinic-pcmcia-modules-2.6.22-16-generic-distorage-core-modules-2.6.22-16-386-disocket-modules-2.6.22-16-cell-dilinux-headers-2.6.22-16-powerpc64-smpplip-modules-2.6.22-16-cell-difat-modules-2.6.22-16-cell-dinic-modules-2.6.22-16-generic-difat-modules-2.6.22-16-generic-dilinux-headers-2.6.22-16-xenscsi-modules-2.6.24-23-powerpc-diipv6-modules-2.6.22-16-386-dipcmcia-modules-2.6.22-16-cell-difloppy-modules-2.6.22-16-powerpc64-smp-dinic-shared-modules-2.6.22-16-powerpc-dilinux-image-2.6.22-16-genericnfs-modules-2.6.22-16-powerpc64-smp-disocket-modules-2.6.22-16-generic-diirda-modules-2.6.22-16-386-dimessage-modules-2.6.24-23-386-disata-modules-2.6.22-16-386-dilinux-image-2.6.22-16-cellserial-modules-2.6.27-11-generic-dikernel-image-2.6.24-23-386-dilinux-libc-devfirewire-core-modules-2.6.22-16-386-difloppy-modules-2.6.27-11-generic-dilinux-headers-2.6.27-11serial-modules-2.6.22-16-powerpc64-smp-difat-modules-2.6.22-16-powerpc-dipcmcia-modules-2.6.22-16-powerpc64-smp-dinic-pcmcia-modules-2.6.24-23-386-dinic-shared-modules-2.6.22-16-386-difloppy-modules-2.6.24-23-powerpc64-smp-dippp-modules-2.6.22-16-cell-disata-modules-2.6.22-16-powerpc64-smp-dinic-pcmcia-modules-2.6.24-23-generic-dimd-modules-2.6.27-11-generic-dilinux-image-2.6.24-23-serverscsi-modules-2.6.27-11-generic-diipv6-modules-2.6.22-16-generic-dinic-usb-modules-2.6.24-23-powerpc64-smp-dikernel-image-2.6.22-16-generic-dinic-pcmcia-modules-2.6.27-11-generic-difb-modules-2.6.22-16-generic-dimessage-modules-2.6.24-23-powerpc-dilinux-source-2.6.22fs-core-modules-2.6.22-16-cell-dinic-usb-modules-2.6.22-16-generic-disata-modules-2.6.22-16-cell-dilinux-headers-2.6.22-16-virtualcrypto-modules-2.6.22-16-generic-diide-modules-2.6.22-16-generic-dilinux-image-debug-2.6.22-16-genericirda-modules-2.6.24-23-powerpc64-smp-dimessage-modules-2.6.24-23-generic-disocket-modules-2.6.24-23-powerpc64-smp-disata-modules-2.6.24-23-powerpc64-smp-dippp-modules-2.6.22-16-powerpc-diinput-modules-2.6.24-23-generic-diacpi-modules-2.6.22-16-386-diplip-modules-2.6.24-23-386-dinic-modules-2.6.22-16-386-dinfs-modules-2.6.27-11-generic-dinic-usb-modules-2.6.22-16-cell-difirewire-core-modules-2.6.22-16-powerpc64-smp-diide-modules-2.6.22-16-cell-diparport-modules-2.6.22-16-powerpc64-smp-dinic-shared-modules-2.6.22-16-cell-dilinux-image-debug-2.6.24-23-serverfs-core-modules-2.6.22-16-powerpc-difs-secondary-modules-2.6.22-16-powerpc-diparport-modules-2.6.22-16-386-diacpi-modules-2.6.27-11-generic-dimessage-modules-2.6.22-16-powerpc64-smp-discsi-modules-2.6.22-16-generic-diinput-modules-2.6.22-16-cell-dimd-modules-2.6.22-16-powerpc64-smp-dipcmcia-storage-modules-2.6.22-16-powerpc64-smp-diinput-modules-2.6.22-16-386-difat-modules-2.6.24-23-powerpc-difs-core-modules-2.6.24-23-386-difs-core-modules-2.6.27-11-generic-difirewire-core-modules-2.6.22-16-generic-dilinux-headers-2.6.22-16-386block-modules-2.6.22-16-powerpc-dinic-usb-modules-2.6.22-16-powerpc-diinput-modules-2.6.27-11-generic-disata-modules-2.6.27-11-generic-difloppy-modules-2.6.22-16-cell-dimessage-modules-2.6.22-16-cell-diplip-modules-2.6.22-16-powerpc-dilinux-image-2.6.22-16-powerpc-smpnic-usb-modules-2.6.22-16-386-dilinux-image-2.6.22-16-xenpata-modules-2.6.22-16-cell-dinic-shared-modules-2.6.22-16-generic-diplip-modules-2.6.22-16-386-dilinux-image-2.6.22-16-rtirda-modules-2.6.27-11-generic-dinfs-modules-2.6.22-16-386-difat-modules-2.6.22-16-386-dimd-modules-2.6.22-16-generic-diinput-modules-2.6.24-23-powerpc-difloppy-modules-2.6.22-16-powerpc-dinic-pcmcia-modules-2.6.22-16-powerpc-discsi-modules-2.6.22-16-386-disocket-modules-2.6.24-23-generic-difirewire-core-modules-2.6.22-16-powerpc-dilinux-headers-2.6.22-16-serverppp-modules-2.6.22-16-generic-diipv6-modules-2.6.22-16-powerpc64-smp-dimd-modules-2.6.22-16-386-dilinux-headers-2.6.22-16-cellide-modules-2.6.24-23-386-diirda-modules-2.6.22-16-generic-dinfs-modules-2.6.22-16-generic-dikernel-image-2.6.24-23-generic-diipv6-modules-2.6.27-11-generic-difat-modules-2.6.24-23-generic-diinput-modules-2.6.22-16-generic-dinic-shared-modules-2.6.22-16-powerpc64-smp-dinic-shared-modules-2.6.24-23-386-dilinux-image-debug-2.6.24-23-386linux-image-2.6.22-16-386linux-headers-2.6.22-16-rtsocket-modules-2.6.27-11-generic-dilinux-image-2.6.24-23-rtstorage-core-modules-2.6.22-16-generic-dipcmcia-modules-2.6.22-16-powerpc-difirewire-core-modules-2.6.27-11-generic-difs-core-modules-2.6.22-16-generic-distorage-core-modules-2.6.27-11-generic-discsi-modules-2.6.22-16-powerpc-difat-modules-2.6.27-11-generic-dilinux-image-debug-2.6.22-16-serverpcmcia-modules-2.6.22-16-generic-disocket-modules-2.6.22-16-386-dilinux-image-2.6.27-11-virtualblock-modules-2.6.22-16-cell-dinic-modules-2.6.22-16-powerpc-dilinux-kernel-develusb-modules-2.6.22-16-powerpc-dipata-modules-2.6.22-16-powerpc-dipcmcia-storage-modules-2.6.22-16-powerpc-disocket-modules-2.6.22-16-powerpc64-smp-difb-modules-2.6.22-16-386-dilinux-image-2.6.22-16-virtuallinux-headers-2.6.22-16-genericserial-modules-2.6.22-16-generic-diplip-modules-2.6.22-16-generic-dilibpng12-0-udeblibpng12-devlibpng12-0libpng3libwmf0.2-7libwmf-binlibwmf0.2-7-gtklibwmf-doclibwmf-devabrowser-3.0-brandingfirefox-libthaifirefox-3.0-brandingfirefox-trunk-devfirefox-3.0-dom-inspectorfirefox-devfirefox-trunkfirefox-granparadiso-dom-inspectorxulrunner-1.9-venkmanxulrunner-1.9-dom-inspectorfirefox-dom-inspectorfirefox-trunk-gnome-supportfirefox-granparadiso-gnome-supportmozilla-firefoxfirefox-3.0-devfirefox-3.0-gnome-supportxulrunner-1.9xulrunner-1.9-gnome-supportfirefox-3.0-venkmanfirefox-trunk-dom-inspectorfirefox-trunk-venkmanabrowserxulrunner-devfirefox-3.0firefox-granparadisofirefox-granparadiso-devmozilla-firefox-gnome-supportxulrunner-1.9-devlibccs3ccslibdlm1libccs-perllibcman1libiddev-devlibdlm3redhat-cluster-suite-sourcelibdlm-devlibdlmcontrol3gfs-toolslibdlm2magmalibcman3libgulm1magma-pluginslibdlmcontrol-devredhat-cluster-suitegfs2-toolslibmagma-devlibccs-devlibgulm-devlibcman-devfencefence-gnbdrgmanagergnbd-servergnbd-clientlibfence-devlibmagma1libfence3libcman2gulmredhat-cluster-sourcecmanlibtiff4-devlibtiff-opengllibtiff-toolslibtiff4libtiff-doclibtiffxx0c2vim-dbgvim-rubyvim-docvim-gnomevim-tclvim-gtkvim-tinyvimvim-noxvim-fullvim-gui-commonvim-commonvim-perlvim-runtimevim-pythonlibavdevice-devlibswscale0ffmpeg-dbglibavutil1dlibavutil49ffmpeg-doclibavdevice52libpostproc51libavutil-devlibpostproc1dlibavformat52libswscale1dlibavcodec-devlibpostproc-devlibavformat-devlibavcodec51libavcodec1dffmpeglibswscale-devlibavformat1dquaggaquagga-docdpkgdselectdpkg-devlibplasma-devplasma-widgets-workspaceplasma-scriptengine-qedjekdebase-workspace-wallpaperslibkdecorations4kdebase-workspace-devkdebase-workspace-kgreet-pluginssystemsettingsplasma-scriptengine-webkitkwinkdebase-workspace-libs4+5plasma-dataengines-workspaceplasma-scriptengine-rubyplasma-scriptengine-pythonpython-plasma-examplesplasma-scriptenginesksysguardklipperksysguarddlibplasma2libkwineffects1python-plasmakde-window-managerkdebase-workspace-dbgkdmkdebase-workspace-binkdebase-workspacekdebase-workspace-datasquidsquidclientsquid-cgisquid-commonpidginpidgin-devpidgin-dbglibpurple-devgaimlibpurple0pidgin-datalibpurple-binfinch-devfinchphp5-pgsqlphp5-sybasephp5-mhashphp5-odbcphp5-devphp5-sqlitephp5-dbgphp5-xslphp5-pspellphp5-tidyphp5-recodephp5-snmpphp5libapache2-mod-php5filterphp5-xmlrpcphp5-cliphp5-mysqliphp5-curlphp5-commonphp-pearlibapache2-mod-php5php5-ldapphp5-cgiphp5-gdphp5-gmpphp5-mysqllintianirssiirssi-devlibssl0.9.8-dbglibssl0.9.8libssl-devopenssl-doclibcrypto0.9.8-udebopenssldhcp-clientdhcp3-serverdhcp3-server-ldapdhcp3-devdhcp3-relaydhcp3-clientdhcp3-commondhcp3-client-udeb/etclsb-release^.*Ubuntu.*\nDISTRIB_RELEASE=(\d{1,2}\.\d{1,2})$1sudo-ldapsudo0:3.12.3.1-0ubuntu0.8.10.20:3.12.3.1-0ubuntu0.8.04.20:3.12.3.1-0ubuntu0.9.04.20:3.56-1ubuntu0.10:3.48-1ubuntu0.10:3.61-1ubuntu0.10:3.59-1ubuntu1.10:3.56-1ubuntu2.10:1.36-1ubuntu0.10:1.26-2ubuntu0.10:5.10.0-11.1ubuntu2.20:5.8.8-12ubuntu0.30:5.8.7-10ubuntu1.20:5.8.8-7ubuntu3.40:1.31-1ubuntu0.10:3.0.2-1ubuntu1.10:0.94.dfsg.1-1ubuntu0.10:2.6.27-9.190:2.6.24-22.450:2.6.15-53.740:2.6.22-16.600:0.94.dfsg.2-1ubuntu0.11:1.8.0+r592-1ubuntu0.11:1.6+20051103-1ubuntu1.11:1.7~rc2-2ubuntu0.7.10.11:1.7~rc2-2ubuntu0.8.04.12:3.2.3-1ubuntu3.30:1.2.9-2ubuntu1.30:2.0.4-1ubuntu2.20:1.6.3-1ubuntu0.20:2.4.1-1ubuntu0.10:6.5-1ubuntu1.30:6.7.dfsg-5ubuntu0.10:6.6+dfsg-1ubuntu0.10:6.7.dfsg-1ubuntu0.10:5.4.1~dfsg-7.1ubuntu6.10:5.2.1.2-4ubuntu2.30:5.3.1-6ubuntu2.20:5.4.1~dfsg-4ubuntu4.20:2.0.0.18+nobinonly-0ubuntu0.7.10.10:1.5.0.13+1.5.0.15~prepatch080614h-0ubuntu0.6.06.10:2.0.0.18+nobinonly-0ubuntu0.8.04.10:2.0.0.18+nobinonly-0ubuntu0.8.10.10:2.6.32.dfsg-4ubuntu1.10:2.6.30.dfsg-2ubuntu1.40:2.6.31.dfsg-2ubuntu1.30:2.6.24.dfsg-1ubuntu1.40:2.0.4-1ubuntu2.30:2.4.1-1ubuntu0.20:1.6.3-1ubuntu0.30:1.2.9-2ubuntu1.40:2.24.1-0ubuntu1.10:0.5.1-0ubuntu1.11:1.1.4-0ubuntu1.20:0.6.22-2ubuntu4.10:0.6.20-2ubuntu3.40:0.6.23-2ubuntu2.10:0.6.10-0ubuntu3.51:4.0.18.1-9ubuntu0.21:4.0.13-7ubuntu3.41:4.1.1-1ubuntu1.21:4.0.18.2-1ubuntu2.20:2.6.27-7.160:3.0.5+nobinonly-0ubuntu0.8.04.10:1.9.0.5+nobinonly-0ubuntu0.8.10.10:1.9.0.5+nobinonly-0ubuntu0.8.04.10:3.0.5+nobinonly-0ubuntu0.8.10.11:2.3.0-1ubuntu5.50:2.0.2-2ubuntu12.7-21:2.4.1-11ubuntu2.11:2.4.1-1ubuntu2.10:1.9.0.4+nobinonly-0ubuntu0.8.10.10:3.0.4+nobinonly-0ubuntu0.8.10.10:3.0.4+nobinonly-0ubuntu0.8.04.10:1.5.dfsg+1.5.0.15~prepatch080614h-0ubuntu10:1.9.0.4+nobinonly-0ubuntu0.8.04.10:2.0.0.18+nobinonly-0ubuntu0.7.100:2.6.0-1ubuntu1.10:1.16-10ubuntu0.10:1.16-7ubuntu1.10:1.16-5ubuntu3.10:1.4.0-1ubuntu1.10:1.3.0.0debian1-4ubuntu0.10:1.2.1-2ubuntu0.30:1.4.0-1.1ubuntu1.10:0.7.8-0ubuntu2.20:0.5.2+git20070928-0ubuntu2.20:0.7.4-0ubuntu6.20:0.4.0-2ubuntu8.10:0.3.0-0ubuntu2.10:0.4.4-3ubuntu3.11:1.1.2-2ubuntu2.21:1.1.2-4ubuntu1.11:1.0.7-3ubuntu2.11:1.1.1~git-20070709-3ubuntu1.11:3.2.7-9ubuntu2.10:2.6.27-7.151:4.0.18.2-1ubuntu2.11:4.0.18.1-9ubuntu0.11:4.1.1-1ubuntu1.11:4.0.13-7ubuntu3.30:0.9-0ubuntu3.10:1.9.0.2-7ubuntu1.10:1.0.1-2ubuntu0.10:1.6.4-7ubuntu0.20:1.6.4-12ubuntu0.8.10.10:1.6.4-12ubuntu0.8.04.10:1.6.4-11ubuntu0.20:2.0.0.22+build1+nobinonly-0ubuntu0.8.04.10:2.0.0.22+build1+nobinonly-0ubuntu0.9.04.10:2.0.0.22+build1+nobinonly-0ubuntu0.8.10.10:1.6.1-3ubuntu1.8.10.10:1.6.1-3ubuntu1.9.04.10:1.2.2-4.4ubuntu1.10:2:3.2.3-1ubuntu3.40:2.7.STABLE3-1ubuntu2.10:1.3.1-3ubuntu1.20:1.5.1dfsg1-1ubuntu2.10:1.5.4dfsg1-1ubuntu2.10:1.4.6dfsg1-2ubuntu1.10:1:4.2.0a+stable-8.1ubuntu6.10:1:4.2.4p4+dfsg-3ubuntu2.10:1:4.2.4p4+dfsg-6ubuntu2.20:1:4.2.4p0+dfsg-1ubuntu2.10:1.6.9p17-1ubuntu2.10:1.6.9p10-1ubuntu3.40:1:1.0.2+OOo2.4.1-1ubuntu2.20:1:0.7.6+OOo3.0.1-9ubuntu3.10:1:0.7.5+OOo2.4.1-1ubuntu2.20:1:1.1.13.0+OOo2.4.1-11ubuntu2.20:1:0.3.2+OOo3.0.1-9ubuntu3.10:1:1.0.5+OOo3.0.1-9ubuntu3.10:1:1.0.13.0+OOo2.4.1-11ubuntu2.20:1:1.0.12.0+OOo3.0.1-9ubuntu3.10:1:1.0+OOo2.4.1-11ubuntu2.20:1:0.7.5+OOo2.4.1-11ubuntu2.20:1:1.0.1.0+OOo3.0.1-9ubuntu3.10:1:1.4+OOo2.4.1-1ubuntu2.20:1:1.0.15.0+OOo3.0.1-9ubuntu3.10:1:1.4.1+OOo3.0.1-9ubuntu3.10:1:1.0+OOo2.4.1-1ubuntu2.20:1:1.0+OOo3.0.1-9ubuntu3.10:1:1.0.10.0+OOo2.4.1-11ubuntu2.20:1:1.0.2+OOo2.4.1-11ubuntu2.20:1:2.4.1-1ubuntu2.20:1:3.0.1-9ubuntu3.10:1:1.4+OOo2.4.1-11ubuntu2.20:1:2.4.1-11ubuntu2.20:4.4.3-0ubuntu1.40:4.5.0-0ubuntu4.30:1.2.0.dfsg-2ubuntu0.30:1.2.0.dfsg-6ubuntu0.10:1.2.0.dfsg-3.1ubuntu0.8.10.20:1.2.0.dfsg-3.1ubuntu0.9.04.20:1.9.0.11+build2+nobinonly-0ubuntu0.9.04.10:1.9.0.11+build2+nobinonly-0ubuntu0.8.10.20:3.0.11+build2+nobinonly-0ubuntu0.8.04.10:3.0.11+build2+nobinonly-0ubuntu0.8.10.10:3.0.11+build2+nobinonly-0ubuntu0.9.04.10:1.9.0.11+build2+nobinonly-0ubuntu0.8.04.10:1.2.4-0ubuntu1.10:1.1.20-1ubuntu3.30:0.60-6ubuntu8.40:1.2.12-0ubuntu2.10:0.9.8e-5ubuntu3.30:0.9.8a-7ubuntu0.60:0.9.8g-10.1ubuntu2.10:0.9.8g-4ubuntu3.40:2.41-2ubuntu2.20:2.47-3ubuntu0.10:2.45-1ubuntu1.10:0.94.dfsg.2-1ubuntu0.20:1:1.5.6.3-1.1ubuntu2.10:1.1.3-1ubuntu1.10:1:1.5.4.3-1ubuntu2.10:1:1.5.2.5-2ubuntu0.10:1.900.1-3ubuntu0.8.04.10:1.701.0-2ubuntu0.6.06.10:1.900.1-5ubuntu0.10:1.900.1-3ubuntu0.7.10.10:2.0.33-2ubuntu5.40:2.0.35.dfsg-3ubuntu2.10:2.0.36~rc1~dfsg-3ubuntu1.8.10.10:2.0.36~rc1~dfsg-3ubuntu1.9.04.10:2.0.36~rc1~dfsg-3ubuntu1.9.10.10:0.8.12-6ubuntu1.10:0.8.12-3ubuntu3.10:0.8.12-4ubuntu2.10:0.8.10-1ubuntu1.10:6b16-1.6.1-3ubuntu10:6b14-1.4.1-0ubuntu120:6b12-0ubuntu6.60:1:3.8.1-2ubuntu0.10:1:3.8.1-3ubuntu0.10:2.0.0.23+build1+nobinonly-0ubuntu0.8.10.10:2.0.0.23+build1+nobinonly-0ubuntu0.9.04.10:2.0.0.23+build1+nobinonly-0ubuntu0.8.04.10:2:1.4.9.1-0ubuntu3.20:2:1.4.10-0ubuntu3.10:2:1.4.7-0ubuntu3.20:1.3.7-1ubuntu3.40:1.2.2-0ubuntu0.6.06.130:1.3.9-2ubuntu9.10:1.3.2-1ubuntu7.100:6.3.9~rc2-4ubuntu1.10:6.3.8-10ubuntu1.10:6.3.8-11ubuntu3.10:6.3.2-2ubuntu2.30:0.9.8g-15ubuntu3.20:0.9.8g-10.1ubuntu2.40:0.9.8g-4ubuntu3.70:0.9.8a-7ubuntu0.90:1.2.12-4ubuntu0.10:1.2.11-1ubuntu0.10:1.2.12-5ubuntu0.10:2.6.24.dfsg-1ubuntu1.50:2.6.32.dfsg-4ubuntu1.20:2.6.31.dfsg-2ubuntu1.40:2.6.32.dfsg-5ubuntu4.20:1:0.7-2.1ubuntu1.9.04.10:1:0.7-2.1ubuntu1.8.10.10:1:0.6.7-1.1ubuntu1.20:1:0.6.5-4ubuntu1.30:2.14.1-1ubuntu1.10:2.18.2-0ubuntu2.10:2.16.6-0ubuntu1.10:4:4.3.2-0ubuntu7.20:4:4.1.4-0ubuntu1~intrepid1.50:4:4.2.2-0ubuntu5.40:2.0.1-4ubuntu0.10:1.9.1+dfsg-4ubuntu2.10:1.2.6+dfsg-6ubuntu3.10:1.4.3-5ubuntu0.80:1.6.dfsg.3~beta1-2ubuntu1.10:1.6.dfsg.4~beta1-3ubuntu0.10:1.6.dfsg.1-7ubuntu0.20:1.3.2-1ubuntu7.90:1.3.9-2ubuntu6.10:1.3.7-1ubuntu3.30:1.2.2-0ubuntu0.6.06.120:6:6.2.4.5-0.6ubuntu0.90:7:6.3.7.9.dfsg1-2ubuntu1.10:7:6.4.5.4.dfsg1-1ubuntu3.10:7:6.3.7.9.dfsg1-2ubuntu3.10:4:4.2.2-0ubuntu5.10:4:4.1.4-0ubuntu1~intrepid1.20:4:3.5.10.dfsg.1-1ubuntu8.10:4:3.5.10-0ubuntu6.10:4:3.5.10-0ubuntu1~hardy1.20:1.2.2-0ubuntu0.6.06.140:1.3.7-1ubuntu3.50:1.3.9-2ubuntu9.20:1.3.9-17ubuntu3.10:0.8.7-1ubuntu0.20:0.5.1-0ubuntu7.50:0.6.4-1ubuntu3.20:8.61.dfsg.1~svn8187-0ubuntu3.50:8.63.dfsg.1-0ubuntu6.30:8.15-4ubuntu3.20:8.61.dfsg.1-1ubuntu3.10:079-0ubuntu35.10:117-8ubuntu0.20:124-9ubuntu0.20:113-0ubuntu17.20:1.1.1+ubuntu2-7.100:1.1.11.1-1ubuntu3.20:1.1.7-1ubuntu1.40:1.1.15-0ubuntu3.10:3.12.3.1-0ubuntu0.9.04.10:3.12.3.1-0ubuntu0.8.10.10:3.12.3.1-0ubuntu0.8.04.10:1:2.5.5-1ubuntu8.40:1:2.5.2-0ubuntu1.40:1:2.4.1-1ubuntu2.60:0.6.6-0ubuntu3.10:0.7~~svn20081020t000444-0ubuntu1.8.10.20:0.6.5-0ubuntu11~7.10.10:2.1.19.dfsg1-0.1ubuntu3.10:2.1.22.dfsg1-21ubuntu2.10:2.1.22.dfsg1-18ubuntu2.10:2.1.22.dfsg1-23ubuntu3.10:1.22.2-0ubuntu1.10:1.20.5-0ubuntu1.10:1.12.3-0ubuntu3.10:1.2.0.dfsg-3.1ubuntu0.8.10.10:1.2.0.dfsg-3.1ubuntu0.9.04.10:1.2.0.dfsg-2ubuntu0.20:2:3.2.3-1ubuntu3.60:3.0.28a-1ubuntu4.90:2:3.3.2-1ubuntu3.20:3.0.22-1ubuntu3.90:6b14-1.4.1-0ubuntu110:6b12-0ubuntu6.50:2.0.1+dfsg1-2.1ubuntu1.10:2.0.1+dfsg1-2ubuntu1.10:2.0.1+dfsg1-2.3ubuntu0.10:2.0.1+dfsg1-1ubuntu1.10:1.8.2-2ubuntu2.10:1.7.1-1ubuntu1.20:2:8.543-0ubuntu4.10:3.0pl1-104+ubuntu5.10:3.0pl1-100ubuntu2.10:3.0pl1-105ubuntu1.10:3.0pl1-92ubuntu1.10:7.18.0-1ubuntu2.10:7.18.2-1ubuntu4.10:7.15.1-1ubuntu3.10:7.16.4-2ubuntu1.10:2.4.1-1ubuntu0.40:1.2.9-2ubuntu1.70:2.0.4-1ubuntu2.60:2.4.2-6ubuntu0.10:0.10.10.4-1ubuntu1.10:0.10.6-0ubuntu4.20:0.10.7-3ubuntu0.20:2.6.27-14.390:2.6.15-54.790:2.6.28-15.490:2.6.24-24.590:1.9.0.8+nobinonly-0ubuntu0.8.10.10:1.firefox1.5.dfsg+1.5.0.15~prepatch080614l-0ubuntu10:1.9.0.8+nobinonly-0ubuntu0.8.04.10:2.0.0.21~tb.21.308+nobinonly-0ubuntu0.7.10.10:1.5.dfsg+1.5.0.15~prepatch080614l-0ubuntu10:3.0.8+nobinonly-0ubuntu0.8.04.20:3.0.8+nobinonly-0ubuntu0.8.10.20:1.11.4-2ubuntu1.10:1.10.2-1ubuntu1.10:1.11.4-1ubuntu1.10:1.10.2-3ubuntu1.10:2.0.55-4ubuntu2.50:2.2.8-1ubuntu0.80:2.2.11-2ubuntu2.10:2.2.9-7ubuntu3.10:4:3.5.10.dfsg.1-1ubuntu8.20:4:3.5.10-0ubuntu1~hardy1.30:4:3.5.10-0ubuntu6.20:4:4.2.2-0ubuntu5.20:4:4.1.4-0ubuntu1~intrepid1.30:3.0.6+nobinonly-0ubuntu0.8.10.10:3.0.6+nobinonly-0ubuntu0.8.04.10:1.9.0.6+nobinonly-0ubuntu0.8.04.10:1.9.0.6+nobinonly-0ubuntu0.8.10.10:3.10-1ubuntu0.8.04.10:3.10-1ubuntu0.8.10.10:0.9.8g-4ubuntu3.50:0.9.8e-5ubuntu3.40:0.9.8g-10.1ubuntu2.20:0.9.8a-7ubuntu0.70:2.1.10-1ubuntu2.60:2.3.7-2ubuntu1.10:2.3.9-4ubuntu0.10:2.3.5-1ubuntu4.8.04.20:3.4.1a-1ubuntu1.6.06.20:3.8.1-2ubuntu0.10:3.6-3ubuntu0.20:3.8-6ubuntu0.10:0.28.2-2ubuntu0.10:0.28.2-6.1ubuntu0.10:0.27.2-1ubuntu0.10:0.25.5.dfsg-5ubuntu0.10:1.9.0.7+nobinonly-0ubuntu0.8.04.10:3.0.7+nobinonly-0ubuntu0.8.04.10:3.0.7+nobinonly-0ubuntu0.8.10.10:1.9.0.7+nobinonly-0ubuntu0.8.10.10:0.9.10-2ubuntu9.40:1:0.9.14-0ubuntu20.20:0.9.10-1ubuntu1.10:6.0.18-0ubuntu6.10:6.0.18-0ubuntu3.20:4.7.5-0ubuntu0.8.04.10:4.7.5-0ubuntu0.8.10.10:4.7.5-0ubuntu0.9.04.10:0.94.dfsg.2-1ubuntu0.30:3.2.1-1ubuntu1.20:3.3.1-7ubuntu0.20:3.3.1-5ubuntu2.20:3.4.0-0ubuntu3.30:5.2.6-2ubuntu4.20:5.1.2-1ubuntu3.140:5.2.4-2ubuntu5.60:1.0.17-4ubuntu0.8.04.20:1.0.17-4ubuntu1.10:1.0.17-4ubuntu0.8.10.20:1.1.7-1ubuntu1.50:1.1.15-0ubuntu3.20:1.1.1+ubuntu2-7.110:1.1.11.1-1ubuntu3.30:5.2.3-1ubuntu6.50:5.1.2-1ubuntu3.130:5.2.6-2ubuntu4.10:5.2.4-2ubuntu5.50:1.2.12+dfsg-7ubuntu0.10:1.2.12+dfsg-8ubuntu0.10:1.2.12+dfsg-3ubuntu0.10:1.9.0.13+nobinonly-0ubuntu0.8.10.10:3.0.13+nobinonly-0ubuntu0.8.04.10:3.0.13+nobinonly-0ubuntu0.8.10.10:1.9.0.13+nobinonly-0ubuntu0.9.04.10:3.0.13+nobinonly-0ubuntu0.9.04.10:1.9.0.13+nobinonly-0ubuntu0.8.04.10:5.2.10.dfsg.1-2ubuntu6.30:5.2.6.dfsg.1-3ubuntu4.40:5.1.2-1ubuntu3.170:5.2.6-2ubuntu4.50:5.2.4-2ubuntu5.90:0.8.7-1ubuntu0.40:0.10.5-1ubuntu2.40:0.5.1-0ubuntu7.60:0.6.4-1ubuntu3.30:0.7.9ubuntu17.2-00:0.7.14ubuntu6.1-00:0.6.43.3ubuntu3.1-00:0.119.2-00:1.0-0ubuntu5.20:0.108.4-00:1.8.2-1.2ubuntu2.10:1.8.2-1ubuntu4.20:1:2.4.1-1ubuntu2.50:1:2.5.5-1ubuntu8.30:1:2.5.2-0ubuntu1.30:2.6.7-1ubuntu1.10:2.6.1-1ubuntu3.10:2.4.5-1ubuntu2.10:2.6.6-0ubuntu1.10:3.1.2+dfsg.1-0ubuntu2.10:2.2.5-0ubuntu1.10:2.2.1-0ubuntu3.10:7.18.2-1ubuntu4.30:1.9.0.2-9ubuntu1.20:1.9.0.5-1ubuntu1.20:1.9.0.2-7ubuntu1.30:2.0.0.21+nobinonly-0ubuntu0.8.04.10:2.0.0.21+nobinonly-0ubuntu0.7.10.10:2.0.0.21+nobinonly-0ubuntu0.8.10.10:1.5.0.13+1.5.0.15~prepatch080614k-0ubuntu0.6.06.10:2.10.39ubuntu7.1-00:2.10.26ubuntu15.2-00:2.10.11ubuntu5.8.04.4-00:8.1.18-0ubuntu0.6.060:8.3.8-0ubuntu8.100:8.3.8-0ubuntu8.040:8.3.8-0ubuntu9.040:1:1.0.10-1ubuntu5.20:1:1.1.4-0ubuntu1.30:1:1.1.11-0ubuntu4.10:2.2.9-7ubuntu3.30:2.2.11-2ubuntu2.30:2.0.55-4ubuntu2.80:2.2.8-1ubuntu0.110:1.9.0.10+nobinonly-0ubuntu0.8.10.10:1.9.0.10+nobinonly-0ubuntu0.8.04.10:3.0.10+nobinonly-0ubuntu0.8.10.10:3.0.10+nobinonly-0ubuntu0.9.04.10:3.0.10+nobinonly-0ubuntu0.8.04.10:1.9.0.10+nobinonly-0ubuntu0.9.04.10:2.11-1ubuntu1.50:3.0.6-2ubuntu1.10:3.0.2-1ubuntu1.20:7.18.2-8ubuntu4.10:7.15.1-1ubuntu3.20:7.18.2-1ubuntu4.40:7.18.0-1ubuntu2.20:2.5.2-2ubuntu6.10:2.5.4-1ubuntu6.10:2.5.4-1ubuntu4.10:2.5.2-11.1ubuntu1.10:1:9.5.0.dfsg.P2-1ubuntu3.10:1:9.4.1-P1-3ubuntu2.10:1:9.3.2-2ubuntu1.60:1:9.4.2.dfsg.P2-2ubuntu0.10:2.28.0-0ubuntu3.50:2.24.0-0ubuntu2.10:2.24.0-0ubuntu6.10:2.6.27-14.350:2.6.15-54.770:2.6.28-13.450:2.6.24-24.550:3.8.2-7ubuntu3.20:3.8.2-11ubuntu0.9.04.10:3.8.2-11ubuntu0.8.10.10:3.7.4-1ubuntu3.40:0.99.2-1ubuntu3.60:0.99.9-2ubuntu1.30:0.99.9-6ubuntu0.20:1.5.7-3ubuntu2.10:1.7.1-1ubuntu1.10:1.5.2-1ubuntu2.40:1.5.8-5.1ubuntu2.20:3.0.0-4ubuntu1.10:3.1.0-4ubuntu1.10:3.1.0-3ubuntu2.10:1.5.8-5.1ubuntu2.30:1.8.2-2ubuntu2.20:1.7.1-1ubuntu1.30:1.5.2-1ubuntu2.50:1.8.4-1ubuntu1.10:1:9.5.0.dfsg.P2-1ubuntu3.20:1:9.4.2.dfsg.P2-2ubuntu0.20:1:9.3.2-2ubuntu1.70:1:9.5.1.dfsg.P2-1ubuntu0.10:2.6.27-15.430:2.6.15-55.800:2.6.28-16.550:2.6.24-25.630:229-1ubuntu0.10:208-3.1ubuntu3.10:229-1ubuntu1.10:235-1ubuntu1.10:1.6.dfsg.3~beta1-2ubuntu1.40:1.6.dfsg.4~beta1-5ubuntu2.30:1.6.dfsg.4~beta1-3ubuntu0.40:1:0.3.2+OOo3.0.1-9ubuntu3.20:1:0.7.6+OOo3.0.1-9ubuntu3.20:1:1.0.2+OOo2.4.1-11ubuntu2.30:1:1.1.13.0+OOo2.4.1-11ubuntu2.30:1:1.0.17.0+OOo3.1.1-5ubuntu1.10:1:1.0+OOo2.4.1-11ubuntu2.30:1:1.0.10.0+OOo2.4.1-11ubuntu2.30:1:1.0.2+OOo2.4.1-1ubuntu2.30:1:1.0.3.0+OOo3.1.1-5ubuntu1.10:1:1.4+OOo2.4.1-11ubuntu2.30:1:0.7.6+OOo3.1.1-5ubuntu1.10:1:1.0.1.0+OOo3.0.1-9ubuntu3.20:1:1.0.15.0+OOo3.0.1-9ubuntu3.20:1:1.0+OOo3.1.1-5ubuntu1.10:1:1.0.14.0+OOo3.1.1-5ubuntu1.10:1:1.0.12.0+OOo3.0.1-9ubuntu3.20:1:0.7.5+OOo2.4.1-1ubuntu2.30:1:1.0.5+OOo3.0.1-9ubuntu3.20:1:1.4+OOo2.4.1-1ubuntu2.30:1:1.1.0+OOo3.1.1-5ubuntu1.10:1:1.0+OOo2.4.1-1ubuntu2.30:1:1.0+OOo3.0.1-9ubuntu3.20:1:1.0.13.0+OOo2.4.1-11ubuntu2.30:1:1.5.1+OOo3.1.1-5ubuntu1.10:1:1.4.1+OOo3.0.1-9ubuntu3.20:1:0.7.5+OOo2.4.1-11ubuntu2.30:1:2.4.1-1ubuntu2.30:1:3.0.1-9ubuntu3.20:1:3.1.1-5ubuntu1.10:1:2.4.1-11ubuntu2.30:1:9.5.1.dfsg.P2-1ubuntu0.40:1:9.4.2.dfsg.P2-2ubuntu0.50:1:9.3.2-2ubuntu1.110:1:9.6.1.dfsg.P1-3ubuntu0.30:1:9.5.0.dfsg.P2-1ubuntu3.50:1:2.5.2-0ubuntu1.20:1:2.5.5-1ubuntu8.10:1:2.4.1-1ubuntu2.40:4:3.5.10.dfsg.1-2ubuntu7.20:4:3.5.10-0ubuntu6.40:4:3.5.10.dfsg.1-1ubuntu8.40:4:3.5.10-0ubuntu1~hardy1.50:1:4.2.0a+stable-8.1ubuntu6.30:1:4.2.4p6+dfsg-1ubuntu5.10:1:4.2.4p4+dfsg-6ubuntu2.40:1:4.2.4p4+dfsg-7ubuntu5.20:1:4.2.4p4+dfsg-3ubuntu2.30:1.9.0.12+build1+nobinonly-0ubuntu0.8.10.20:1.9.0.12+build1+nobinonly-0ubuntu0.9.04.10:3.0.12+build1+nobinonly-0ubuntu0.9.04.10:3.0.12+build1+nobinonly-0ubuntu0.8.10.10:3.0.12+build1+nobinonly-0ubuntu0.8.04.10:1.9.0.12+build1+nobinonly-0ubuntu0.8.04.10:1.2.12+dfsg-3ubuntu0.20:1.2.12+dfsg-8ubuntu0.30:1.2.12+dfsg-7ubuntu0.30:72+dfsg-1ubuntu6.10:62+dfsg-0ubuntu8.10:2.6.28-17.580:2.6.15-55.810:2.6.31-16.520:2.6.27-16.440:2.6.24-26.640:4.3.4-0ubuntu3.10:4.5.0-0ubuntu4.20:4.4.3-0ubuntu1.30:0.10.21-3ubuntu0.10:0.10.10.4-1ubuntu1.20:0.10.7-3ubuntu0.30:0.10.3-0ubuntu4.20:0.10.14-1ubuntu0.10:0.2.6-7ubuntu1.9.04.10:0.2.6-7ubuntu1.8.04.10:0.2.6-7ubuntu1.8.10.10:0.2.6-7ubuntu2.10:0.2.6-6ubuntu1.10:1.1.15-0ubuntu3.30:1.1.11.1-1ubuntu3.40:1.1.1+ubuntu2-7.120:2.6.27-14.370:2.6.15-54.780:2.6.28-14.470:2.6.24-24.570:3:0.cvs20070307-5ubuntu7.50:3:0.svn20090303-1ubuntu6.20:3:0.svn20080206-12ubuntu3.30:4:0.5+svn20090706-2ubuntu2.20:1.8.4-1ubuntu1.70:1.8.7.72-3ubuntu0.10:1.8.7.72-1ubuntu0.20:1.9.0.2-7ubuntu1.20:1.9.0.2-9ubuntu1.10:1.8.6.111-2ubuntu1.30:0.9.8g-10.1ubuntu2.50:0.9.8g-4ubuntu3.80:0.9.8a-7ubuntu0.100:0.9.8g-15ubuntu3.30:6b12-0ubuntu6.10:4:4.1.4-0ubuntu1~intrepid2.10:4:3.5.2-0ubuntu6.10:4:3.5.10-0ubuntu1~hardy3.10:4:3.5.7enterprise20070926-0ubuntu2.20:1:0.7-5ubuntu0.6.06.20:1:0.7-7ubuntu0.8.10.10:1:0.7-7ubuntu0.8.04.10:1:0.8.4-3ubuntu1.10:0.8.7-1ubuntu0.50:0.5.1-0ubuntu7.70:0.6.4-1ubuntu3.40:0.10.5-1ubuntu2.50:0.52.2-11.3ubuntu1.10:0.52.2-11.3ubuntu3.10:0.52.2-11.2ubuntu1.10:0.51.6-31ubuntu1.10:5.2.6.dfsg.1-3ubuntu4.20:5.2.4-2ubuntu5.70:5.2.6-2ubuntu4.30:5.1.2-1ubuntu3.150:1.9.0.9+nobinonly-0ubuntu0.8.04.10:1.9.0.9+nobinonly-0ubuntu0.9.04.10:1.9.0.9+nobinonly-0ubuntu0.8.10.10:3.0.9+nobinonly-0ubuntu0.9.04.10:3.0.9+nobinonly-0ubuntu0.8.04.10:3.0.9+nobinonly-0ubuntu0.8.10.10:1.2.2-0ubuntu0.6.06.150:1.3.7-1ubuntu3.60:1.3.9-17ubuntu3.40:1.4.1-5ubuntu2.10:1.3.9-2ubuntu9.30:1.6.9p10-1ubuntu3.70:1.6.8p12-1ubuntu6.20:1.6.9p17-1ubuntu3.20:1.6.9p17-1ubuntu2.30:1.7.0-1ubuntu2.20:3.1.1-5ubuntu8.10:3.0.3-6ubuntu7.10:3.0.6.dfsg-1ubuntu9.10:3.1.1-1ubuntu2.10:2:3.4.0-3ubuntu5.40:3.0.28a-1ubuntu4.100:3.0.22-1ubuntu3.100:2:3.3.2-1ubuntu3.30:2:3.2.3-1ubuntu3.70:2.015-1ubuntu0.10:2.011-2ubuntu0.10:2.008-1ubuntu0.10:5.10.0-11.1ubuntu2.30:5.10.0-19ubuntu1.10:1.3.12-8ubuntu1.10:1.3.5-12ubuntu0.30:1.3.12-6ubuntu2.8.10.10:1.3.12-3.2ubuntu0.10:1.3.12-6ubuntu2.9.04.10:6b12-0ubuntu6.40:1.0.4-1ubuntu11.20:1.0.4-5ubuntu9.30:1.0.6-9ubuntu4.8.10.20:1.0.6-9ubuntu4.9.04.20:2.2.11-2ubuntu2.50:2.2.8-1ubuntu0.140:2.0.55-4ubuntu2.90:2.2.12-1ubuntu2.10:2.2.9-7ubuntu3.50:8.3.7-0ubuntu8.10.10:8.3.7-0ubuntu8.04.10:8.1.17-0ubuntu0.6.06.10:0.6.2-0ubuntu7.10:0.7~~svn20081018t105859-0ubuntu1.8.10.20:1.9.0.17+nobinonly-0ubuntu0.8.04.10:1.9.0.17+nobinonly-0ubuntu0.9.04.10:1.9.0.17+nobinonly-0ubuntu0.8.10.10:3.0.17+nobinonly-0ubuntu0.8.10.10:3.0.17+nobinonly-0ubuntu0.9.04.10:3.0.17+nobinonly-0ubuntu0.8.04.10:2.5.12-4ubuntu2.50:2.7.STABLE3-4.1ubuntu1.10:2.7.STABLE6-2ubuntu2.10:2.6.18-1ubuntu3.10:2.7.STABLE3-1ubuntu2.20:1:9.4.2.dfsg.P2-2ubuntu0.40:1:9.6.1.dfsg.P1-3ubuntu0.20:1:9.5.1.dfsg.P2-1ubuntu0.30:1:9.3.2-2ubuntu1.90:1:9.5.0.dfsg.P2-1ubuntu3.40:1.8.2-2ubuntu2.30:1.5.2-1ubuntu2.60:1.5.8-5.1ubuntu2.40:1.8.4-1ubuntu1.20:1.7.1-1ubuntu1.50:1.3.9-17ubuntu3.60:1.4.1-5ubuntu2.40:1.3.9-2ubuntu9.50:1.2.2-0ubuntu0.6.06.170:1.3.7-1ubuntu3.80:2.2.3pre1-3ubuntu1.8.04.20:2.2.3pre1-3ubuntu3.9.10.20:2.2.3pre1-3ubuntu1.8.10.20:2.2.3pre1-3ubuntu3.9.04.20:8.4.2-0ubuntu9.100:8.3.9-0ubuntu8.040:8.3.9-0ubuntu9.040:8.1.19-0ubuntu0.6.060:8.3.9-0ubuntu8.100:0.8.14-1ubuntu1.20:0.8.12-6ubuntu1.30:0.8.12-3ubuntu3.30:0.8.12-4ubuntu2.30:0.svn20080206-12ubuntu3.20:0.cvs20070307-5ubuntu7.40:0.svn20090303-1ubuntu6.10:0.5+svn20090706-2ubuntu2.10:1.0.1-9ubuntu1.10:1.0.1-4ubuntu5.60:2.0.0.24+build1+nobinonly-0ubuntu0.9.04.10:2.0.0.24+build1+nobinonly-0ubuntu0.8.10.10:2.0.0.24+build1+nobinonly-0ubuntu0.8.04.10:2.0.0.24+build1+nobinonly-0ubuntu0.9.10.10:2.0.0.19+nobinonly-0ubuntu0.8.10.10:2.0.0.19+nobinonly-0ubuntu0.7.10.10:2.0.0.19+nobinonly-0ubuntu0.8.04.10:2.6.28-18.600:2.6.31-305.130:2.6.15-55.830:2.6.31-20.580:2.6.27-17.460:2.6.24-27.680:3.12.0.3-0ubuntu5.8.10.10:3.12.0.3-0ubuntu0.8.04.50:1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu20:3.11.5-3ubuntu0.7.10.20:1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu20:2.4.3-0ubuntu6.40:2.4.5-1ubuntu4.30:2.4.5-5ubuntu1.20:2.4.6-1ubuntu3.2.9.04.10:2.4.6-1ubuntu3.2.9.10.10:3.8.1-3ubuntu1.10:3.8.1-2ubuntu0.20:3.8-6ubuntu0.20:4:4.2.2-0ubuntu1.10:4:4.1.4-0ubuntu1~intrepid1.20:4:4.3.2-0ubuntu4.10:8.15.2.dfsg.0ubuntu1-0ubuntu1.20:8.15-4ubuntu3.30:8.63.dfsg.1-0ubuntu6.40:8.61.dfsg.1-1ubuntu3.20:2.6.28-18.590:2.6.15-55.820:2.6.31-304.100:2.6.31-19.560:2.6.27-17.450:2.6.24-27.650:2.2.11-2ubuntu2.20:2.2.8-1ubuntu0.100:2.2.9-7ubuntu3.20:2.0.55-4ubuntu2.60:1.50-1ubuntu0.9.04.10:1.50-1ubuntu0.8.10.10:1.50-1ubuntu0.8.04.10:1.6.dfsg.3~beta1-2ubuntu1.30:1.4.3-5ubuntu0.100:1.6.dfsg.4~beta1-3ubuntu0.30:1.6.dfsg.4~beta1-5ubuntu2.20:1.7dfsg~beta3-1ubuntu0.30:2.6.27-11.270:1.9.0.18+build1+nobinonly-0ubuntu0.8.10.10:3.0.18+build1+nobinonly-0ubuntu0.9.04.10:1.9.0.18+build1+nobinonly-0ubuntu0.9.04.10:3.0.18+build1+nobinonly-0ubuntu0.8.04.10:1.9.0.18+build1+nobinonly-0ubuntu0.8.04.10:3.0.18+build1+nobinonly-0ubuntu0.8.10.10:2.0.1-0ubuntu1.10:2.0.1-4ubuntu1.10:2.0.1-4ubuntu0.8.10.10:2.0.1-4ubuntu0.9.04.10:1.95.8-3ubuntu0.10:6b14-1.4.1-0ubuntu130:6b16-1.6.1-3ubuntu30:6b12-0ubuntu6.70:6b11-2ubuntu2.20:0.1.9-1ubuntu0.20:0.1.9-4ubuntu0.9.04.20:0.1.12-1ubuntu0.20:0.1.9-4ubuntu0.8.10.20:1.16-7ubuntu1.20:1.16-5ubuntu3.20:1.13-1ubuntu0.20:1.16-10ubuntu0.20:0.5.4-9ubuntu1.10:0.5.4-8ubuntu1.10:22.1-0ubuntu10.20:22.2-0ubuntu2.9.04.10:22.2-0ubuntu2.8.10.10:23.1+1-4ubuntu3.20:22.2-0ubuntu6.20:23.1+1-4ubuntu2+22.2+0ubuntu6.20:3.0.15+nobinonly-0ubuntu0.9.04.10:1.9.1.4+nobinonly-0ubuntu0.9.10.10:1.9.0.15+nobinonly-0ubuntu0.8.04.10:1.9.0.15+nobinonly-0ubuntu0.9.04.10:1.9.0.15+nobinonly-0ubuntu0.8.10.10:3.0.15+nobinonly-0ubuntu0.8.04.10:3.5.4+nobinonly-0ubuntu0.9.10.10:3.0.15+nobinonly-0ubuntu0.8.10.10:1.0.1-4ubuntu0.10:1.0.1-2ubuntu0.20:1.0.17-4ubuntu0.7.10.10:1.0.12-3ubuntu1.10:1.0.17-4ubuntu0.8.04.10:1.0.17-4ubuntu0.8.10.10:1:4.2.4p4+dfsg-7ubuntu5.10:1:4.2.4p4+dfsg-3ubuntu2.20:1:4.2.4p4+dfsg-6ubuntu2.30:1:4.2.0a+stable-8.1ubuntu6.20:0.95.3+dfsg-1ubuntu0.09.04.10:0.95.3+dfsg-1ubuntu0.09.04~intrepid30:0.95.3+dfsg-1ubuntu0.09.10.10:2.2.8-1ubuntu0.150:2.2.12-1ubuntu2.20:2.2.11-2ubuntu2.60:2.0.55-4ubuntu2.100:2.2.9-7ubuntu3.60:1:3.4.0-3ubuntu5.60:3.0.28a-1ubuntu4.110:3.0.22-1ubuntu3.110:1:3.2.3-1ubuntu3.80:1:3.3.2-1ubuntu3.40:2.6.2-1ubuntu1.10:2.4.7-1ubuntu0.10:2.6.0-4ubuntu2.10:5.0.51a-3ubuntu5.50:5.0.67-0ubuntu6.10:5.1.37-1ubuntu5.10:5.0.22-0ubuntu6.06.120:5.1.30really5.0.75-0ubuntu10.30:2.7.3-4ubuntu2.10:2.4.2-0ubuntu3.10:2.7.4-1.1ubuntu4.30:2.7.4-1.1ubuntu4.0.9.04.10:2.7.2-1ubuntu2.10:2.4.5-1ubuntu4.20:2.5.2-2ubuntu60:2.4.3-0ubuntu6.30:2.4.5-5ubuntu1.10:0.7~~svn20081020t000444-0ubuntu1.8.10.30:0.7.1~rc4.1-0ubuntu2.10:1.2.15~beta5-2ubuntu0.20:1.2.27-1ubuntu0.10:1.2.15~beta5-3ubuntu0.10:1.2.8rel-5ubuntu0.40:1.9.0.14+build2+nobinonly-0ubuntu0.8.10.10:1.9.0.14+build2+nobinonly-0ubuntu0.9.04.10:3.0.14+build2+nobinonly-0ubuntu0.8.10.10:1.9.0.14+build2+nobinonly-0ubuntu0.8.04.10:3.0.14+build2+nobinonly-0ubuntu0.9.04.10:3.0.14+build2+nobinonly-0ubuntu0.8.04.10:2.18.2-0ubuntu2.20:2.20.1-0ubuntu2.10:2.16.6-0ubuntu1.20:1.9.0.16+nobinonly-0ubuntu0.8.04.10:1.9.0.16+nobinonly-0ubuntu0.8.10.10:3.0.16+nobinonly-0ubuntu0.8.10.10:3.0.16+nobinonly-0ubuntu0.8.04.10:3.0.16+nobinonly-0ubuntu0.9.04.10:1.9.0.16+nobinonly-0ubuntu0.9.04.10:6.0.18-0ubuntu3.30:6.0.18-0ubuntu6.20:6.0.20-2ubuntu2.10:2.6.24-23.520:2.6.27-11.310:2.6.22-16.620:1.2.27-1ubuntu0.20:1.2.8rel-5ubuntu0.50:1.2.27-2ubuntu2.10:1.2.37-1ubuntu0.10:1.2.15~beta5-3ubuntu0.20:0.2.8.4-6ubuntu1.10:0.2.8.4-6ubuntu0.8.04.10:0.2.8.3-3.1ubuntu0.20:0.2.8.4-6ubuntu0.8.10.10:1.9.0.19+nobinonly-0ubuntu0.9.04.10:3.0.19+nobinonly-0ubuntu0.9.04.10:1.9.0.19+nobinonly-0ubuntu0.8.04.10:3.0.19+nobinonly-0ubuntu0.8.10.10:3.0.19+nobinonly-0ubuntu0.8.04.10:1.9.0.19+nobinonly-0ubuntu0.8.10.10:1.20060222-0ubuntu6.30:2.20080826-0ubuntu1.30:2.20080227-0ubuntu1.30:3.8.2-7ubuntu3.40:3.8.2-11ubuntu0.8.10.30:3.8.2-11ubuntu0.9.04.30:3.7.4-1ubuntu3.60:1:2.5.5-1ubuntu8.60:1:2.6.2-1ubuntu7.20:1:2.4.1-1ubuntu2.90:1:2.5.2-0ubuntu1.70:1:6.4-006+2ubuntu6.20:1:7.1-138+1ubuntu3.10:1:7.1.314-3ubuntu3.10:1:7.1-056+2ubuntu2.17.100:3:0.svn20080206-12ubuntu3.10:3:0.cvs20070307-5ubuntu4.20:3:0.cvs20070307-5ubuntu7.30:0.99.2-1ubuntu3.50:0.99.9-2ubuntu1.20:0.99.9-6ubuntu0.10:0.99.11-1ubuntu0.10:1.14.16.6ubuntu4.1-00:1.15.4ubuntu2.1-00:1.13.11ubuntu7.1-00:1.14.24ubuntu1.1-00:1.14.20ubuntu6.3-00:4:4.2.2-0ubuntu2.10:4:4.3.2-0ubuntu7.20:4:4.1.4-0ubuntu1~intrepid3.20:2.7.STABLE6-2ubuntu2.20:2.7.STABLE3-1ubuntu2.30:2.6.18-1ubuntu3.20:2.7.STABLE3-4.1ubuntu1.20:1:2.6.2-1ubuntu7.10:1:2.4.1-1ubuntu2.80:1:2.5.5-1ubuntu8.50:1:2.5.2-0ubuntu1.60:5.2.6.dfsg.1-3ubuntu4.50:5.2.4-2ubuntu5.100:5.1.2-1ubuntu3.180:5.2.10.dfsg.1-2ubuntu6.40:5.2.6-2ubuntu4.60:2.2.5ubuntu1.1-00:1.23.16ubuntu2.1-00:1.23.46ubuntu0.1-00:2.2.17ubuntu1.1-00:1.24.3ubuntu0.1-00:0.8.12-6ubuntu1.20:0.8.14-1ubuntu1.10:0.8.12-3ubuntu3.20:0.8.12-4ubuntu2.20:0.9.8g-15ubuntu3.40:0.9.8g-4ubuntu3.90:0.9.8g-10.1ubuntu2.60:0.9.8a-7ubuntu0.110:0.9.8g-16ubuntu3.10:3.1.2-1ubuntu7.10:3.1.1-5ubuntu8.20:3.1.1-1ubuntu2.26.068.108.049.109.04lpia0:1.7.0-1ubuntu2.10:1.6.9p17-1ubuntu2.20:1.6.9p10-1ubuntu3.60:1.6.8p12-1ubuntu6.10:1.6.9p17-1ubuntu3.1sparcppci686x86-64